Re: Security Release - Mailing list pgsql-admin

From Lee Wu
Subject Re: Security Release
Date
Msg-id ECAB83AA52BCC043A0E24BBC00001024D2E6DF@mxhq-exch.corp.mxlogic.com
Whole thread Raw
In response to Security Release  ("Lee Wu" <Lwu@mxlogic.com>)
List pgsql-admin
Thanks,

I think I am clear now:
8.0.1, 7.4.7, 7.3.9, 7.2.7 are fixed versions,
while 8.0.0, 7.4.0-6, 7.3.0-8 and 7.2.0-6 are affected ones.
If, ie, my PG version is 7.4.3, I need to upgrade to 7.4.7.

-----Original Message-----
From: Magnus Hagander [mailto:mha@sollentuna.net]
Sent: Wednesday, March 30, 2005 11:58 AM
To: Alvaro Herrera; Lee Wu
Cc: pgsql-admin@postgresql.org
Subject: SV: [ADMIN] Security Release

>> 2.    Which versions does the security hole affect? (Back from 7.2
>> till 8.0?)
>>
>>       Link
>> http://archives.postgresql.org/pgsql-general/2005-02/msg00384.php
>> <http://archives.postgresql.org/pgsql-general/2005-02/msg00384.php>
>> says "Version(s): 8.0.1, 7.4.7, 7.3.9, 7.2.7",
>>       does that mean this security only occur in those versions?
>
>Releases previous to 7.2 are not supported, so no patch is
>produced even
>if they are affected.

It does, however, occur in 8.0.0, 7.4.0-6, 7.3.0-8 and 7.2.0-6. Not sure
if that's what the original question was about, but in case there is any
uncertainty about it...

It specifically does *not* occur in the versions listed in that
advisory, those are the fixed ones.

//Magnus

pgsql-admin by date:

Previous
From: "Magnus Hagander"
Date:
Subject: Re: Security Release
Next
From: Steven Erickson
Date:
Subject: Logging question