Home > mailing lists

Re: Post-CVE Wishlist - Mailing list pgsql-hackers

From	Robert Haas
Subject	Re: Post-CVE Wishlist
Date	November 24, 2021 23:19:33
Msg-id	CA+TgmoaauW4abqkZ-zbmMu+3ALjjUcb0uYQmwV43nb7ZMRsFKg@mail.gmail.com Whole thread Raw
In response to	Re: Post-CVE Wishlist (Tom Lane <tgl@sss.pgh.pa.us>)
List	pgsql-hackers

Tree view

On Wed, Nov 24, 2021 at 3:14 PM Tom Lane <tgl@sss.pgh.pa.us> wrote:
> Robert Haas <robertmhaas@gmail.com> writes:
> > On Wed, Nov 24, 2021 at 2:53 PM Tom Lane <tgl@sss.pgh.pa.us> wrote:
> >> One other point to be made here is that it seems like a stretch to call
> >> these particular bugs "high-severity".
>
> > Well, I was referring to the CVSS score, which was in the "high" range.
>
> The server CVE is; the client CVE, not so much, precisely because we
> couldn't find exciting exploits.

Right, I understand that.

-- 
Robert Haas
EDB: http://www.enterprisedb.com

pgsql-hackers by date:

From: Tom Lane
Date: 24 November 2021, 23:14:03
Subject: Re: Post-CVE Wishlist

From: Chapman Flack
Date: 24 November 2021, 23:28:29
Subject: internal subtransactions, memory contexts, resource owners

Re: Post-CVE Wishlist - Mailing list pgsql-hackers

Previous

Next