Re: Not quite a security hole in internal_in - Mailing list pgsql-hackers

From Robert Haas
Subject Re: Not quite a security hole in internal_in
Date
Msg-id 603c8f070906091028g26065ff2q67be46e1a4fec3a2@mail.gmail.com
Whole thread Raw
In response to Re: Not quite a security hole in internal_in  ("Greg Sabino Mullane" <greg@turnstep.com>)
List pgsql-hackers
On Tue, Jun 9, 2009 at 12:41 PM, Greg Sabino Mullane<greg@turnstep.com> wrote:
>> Normally we would consider a pg_proc change as requiring a catversion
>> bump.  Since we are already past 8.4 beta we couldn't do that without
>> forcing an initdb for beta testers.
>
> I think a serious issue like this warrants a bump. It seems like you are
> saying that at any other time in the release cycle this would be
> an automatic bump, so let's keep a consistent policy and bump it.

I agree.  We don't want people who are running beta2 to think that
nothing has changed when that's actually not the case.  If someone is
really inconvenienced by it and wants to ignore this problem, they can
find a way to bypass the check.  I suspect there probably aren't very
many such people, though.

...Robert


pgsql-hackers by date:

Previous
From: Bruce Momjian
Date:
Subject: pgindent run coming
Next
From: Robert Haas
Date:
Subject: Re: [BUGS] Cursor with hold emits the same row more than once across commits in 8.3.7