Re: why was libpq.so's version number bumped? - Mailing list pgsql-hackers

From Florian Weimer
Subject Re: why was libpq.so's version number bumped?
Date
Msg-id 87smwaftea.fsf@Login.CERT.Uni-Stuttgart.DE
Whole thread Raw
In response to Re: why was libpq.so's version number bumped?  ("Neil Conway" <neilc@samurai.com>)
Responses Re: why was libpq.so's version number bumped?
List pgsql-hackers
"Neil Conway" <neilc@samurai.com> writes:

> Christopher Kings-Lynne said:
>> There have been HEAPS of security fixes between 7.2 and 7.3.
>
> That's only the case if your definition of a "security fix" is pretty fast
> and loose -- as yours seems to be.

Hmm?  On 7.2, an unpriviliged database user can read the more or less
the whole memory image of the server process.  On 7.3, this has been
fixed.

-- 
Florian Weimer                       Weimer@CERT.Uni-Stuttgart.DE
University of Stuttgart           http://CERT.Uni-Stuttgart.DE/people/fw/
RUS-CERT                          fax +49-711-685-5898


pgsql-hackers by date:

Previous
From: Joe Conway
Date:
Subject: targetlist functions proposals (was SETOF input parameters)
Next
From: Florian Weimer
Date:
Subject: Re: why was libpq.so's version number bumped?