Home > mailing lists

Re: Heartbleed Impact - Mailing list pgsql-general

From	Dev Kumkar
Subject	Re: Heartbleed Impact
Date	April 16, 2014 23:16:17
Msg-id	CALSLE1PdseUJa6YKdA_n3+A5fNi5BuC-xtfdjQ0CyY=g=haCnw@mail.gmail.com Whole thread Raw
In response to	Re: Heartbleed Impact (John R Pierce <pierce@hogranch.com>)
Responses	Re: Heartbleed Impact
List	pgsql-general

Tree view

On Thu, Apr 17, 2014 at 1:31 AM, John R Pierce <pierce@hogranch.com> wrote:

do you enable SSL and expose it to an insecure network ? if not, no exposure to the heartbleed bug.

No, SSL is not enabled in my case but also wanted to make sure there is no binary available which can later result into any potential issue.

AFAIK, the binary name is postgres.exe, from what I've read they are static linking openssl. the updated versions on the site linked in another message are fixed per the note on that page. http://www.enterprisedb.com/products-services-training/pgdownload

http://www.enterprisedb.com/products-services-training/pgbindownload also has the note added sometime back.

I was able to verify for Linux binaries looking at STRINGS of so file but was not sure about the windows side and hence was looking for confirmation.

Regards...

pgsql-general by date:

From: John R Pierce
Date: 16 April 2014, 23:02:19
Subject: Re: Heartbleed Impact

From: Andy Colson
Date: 17 April 2014, 00:14:56
Subject: Re: hot standby data folder bigger than primary

Re: Heartbleed Impact - Mailing list pgsql-general

Previous

Next