Home > mailing lists

Re: postgres vulnerability - Mailing list pgsql-hackers

From	Tom Lane
Subject	Re: postgres vulnerability
Date	October 10, 2004 08:26:15
Msg-id	7350.1097382352@sss.pgh.pa.us Whole thread Raw
In response to	Re: postgres vulnerability (Neil Conway <neilc@samurai.com>)
List	pgsql-hackers

Tree view

Neil Conway <neilc@samurai.com> writes:
> Gaetano Mendola wrote:
>> Here  http://www.sans.org/top20/#u9
>> are listed postgres vulnerability it's sad see that almost all
>> are related to third part components

> "Almost all"? By my count, 12 of the 17 vulnerabilities refer to 
> legitimate problems in PostgreSQL, its RPM distribution, or the ODBC driver.

However, the ones that are still current (ie, something not fixed many
revs back) are mostly things outside our control.  I think the only
really serious charge in the lot is buffer overflows inside the ODBC
driver.
        regards, tom lane

pgsql-hackers by date:

From: Neil Conway
Date: 10 October 2004, 08:02:18
Subject: Re: postgres vulnerability

From: Gaetano Mendola
Date: 10 October 2004, 13:20:27
Subject: Re: postgres vulnerability

Re: postgres vulnerability - Mailing list pgsql-hackers

Previous

Next