Home > mailing lists

Re: @(#) Mordred Labs advisory 0x0001: Buffer overflow in - Mailing list pgsql-hackers

From	Justin Clift
Subject	Re: @(#) Mordred Labs advisory 0x0001: Buffer overflow in
Date	August 20, 2002 00:51:50
Msg-id	3D61A0A7.54539102@postgresql.org Whole thread Raw
In response to	Re: @(#) Mordred Labs advisory 0x0001: Buffer overflow in ("Christopher Kings-Lynne" <chriskl@familyhealth.com.au>)
Responses	Re: @(#) Mordred Labs advisory 0x0001: Buffer overflow in (Bruce Momjian <pgman@candle.pha.pa.us>) Re: @(#) Mordred Labs advisory 0x0001: Buffer overflow in (Tom Lane <tgl@sss.pgh.pa.us>)
List	pgsql-hackers

Tree view

Christopher Kings-Lynne wrote:
> 
> > On Tue, 20 Aug 2002, Justin Clift wrote:
> >
> > > Vince,
> > >
> > > Do you reckon it's worth you responding to "Sir Mordred" and pointing
> > > out that he overstated the vulnerability?
> >
> > Not me.  Tom (pref) or Marc would be the proper respondent.
> 
> Has it actually been fixed?

The TODO list only mentions the cash_out(2) problem, whilst the email
archives mention them both.

From the info still around, this looks to mean that the cash_words()
problem was fixed, but the cash_out() problem was harder to fix.

Tom/Bruce, is that correct?

+ Justin
> Chris

-- 
"My grandfather once told me that there are two kinds of people: those
who work and those who take the credit. He told me to try to be in the
first group; there was less competition there."  - Indira Gandhi

pgsql-hackers by date:

From: "Christopher Kings-Lynne"
Date: 20 August 2002, 00:36:18
Subject: Re: @(#) Mordred Labs advisory 0x0001: Buffer overflow in

From: "Marc G. Fournier"
Date: 20 August 2002, 00:52:03
Subject: Re: Removing Libraries (Was: Re: Open 7.3 issues)

Re: @(#) Mordred Labs advisory 0x0001: Buffer overflow in - Mailing list pgsql-hackers

Previous

Next