Home > mailing lists

Re: @(#)Mordred Labs advisory 0x0003: Buffer overflow in PostgreSQL (fwd) - Mailing list pgsql-hackers

From	Christopher Kings-Lynne
Subject	Re: @(#)Mordred Labs advisory 0x0003: Buffer overflow in PostgreSQL (fwd)
Date	August 21, 2002 00:49:49
Msg-id	GNELIHDDFBOCMGBFGEFOOEMMCDAA.chriskl@familyhealth.com.au Whole thread Raw
In response to	Re: @(#)Mordred Labs advisory 0x0003: Buffer overflow in PostgreSQL (fwd) (Neil Conway <neilc@samurai.com>)
Responses	Re: @(#)Mordred Labs advisory 0x0003: Buffer overflow in (Gavin Sherry <swm@linuxworld.com.au>)
List	pgsql-hackers

Tree view

> Should someone from the core team perhaps get in contact with this guy
> and ask if he could get in contact with the development team before
> publicizing any further security holes? AFAIK that is standard
> operating procedure in most cases...
>
> Second, it might be worth pushing a 7.2.2 release containing the fix
> for this bug, as well as the datetime problem. If that sounds
> reasonable to the people who have to do the most work on a new release
> (e.g. Marc), I can volunteer to backport a fix for the datetime
> problem.

It'd be better to contact the dude and get all his bugs out of him, fix them
all and issue a 7.2.2 with all the fixes.

I think this is now essential - people will be using 7.2 series for ages
even after the 7.3 release...

Chris

pgsql-hackers by date:

From: "Christopher Kings-Lynne"
Date: 21 August 2002, 00:43:43
Subject: Re: Proposal: make "opaque" obsolete

From: Gavin Sherry
Date: 21 August 2002, 01:12:46
Subject: Re: @(#)Mordred Labs advisory 0x0003: Buffer overflow in

Re: @(#)Mordred Labs advisory 0x0003: Buffer overflow in PostgreSQL (fwd) - Mailing list pgsql-hackers

Previous

Next