Neil Conway <neilc@samurai.com> writes:
> Gaetano Mendola wrote:
>> Here http://www.sans.org/top20/#u9
>> are listed postgres vulnerability it's sad see that almost all
>> are related to third part components
> "Almost all"? By my count, 12 of the 17 vulnerabilities refer to
> legitimate problems in PostgreSQL, its RPM distribution, or the ODBC driver.
However, the ones that are still current (ie, something not fixed many
revs back) are mostly things outside our control. I think the only
really serious charge in the lot is buffer overflows inside the ODBC
driver.
regards, tom lane