Home > mailing lists

Re: Zlib vulnerability heads-up. - Mailing list pgsql-hackers

From	Trond Eivind Glomsrød
Subject	Re: Zlib vulnerability heads-up.
Date	March 12, 2002 18:28:05
Msg-id	Pine.LNX.4.44.0203121522060.25530-100000@halden.devel.redhat.com Whole thread Raw
In response to	Re: Zlib vulnerability heads-up. (Greg Copeland <greg@CopelandConsulting.Net>)
Responses	Re: Zlib vulnerability heads-up. (Lamar Owen <lamar.owen@wgcr.org>)
List	pgsql-hackers

Tree view

On 12 Mar 2002, Greg Copeland wrote:

> IIRC, the issue here is that it was a double free and that it was ONLY
> of possible concern in the even that a specific sequence of calls were
> made AND a very cleaver hack was available to allow for
> uncontrolled/unvalidated input.
> 
> While it may be worth noting, I seriously doubt this is a security issue
> for PostgresSQL.

It's an easy DOS for things like mozilla, netscape. For postgres, using 
it internally? Nah.

-- 
Trond Eivind Glomsrød
Red Hat, Inc.

pgsql-hackers by date:

From: Greg Copeland
Date: 12 March 2002, 18:19:49
Subject: Re: Zlib vulnerability heads-up.

From: Lamar Owen
Date: 12 March 2002, 18:50:10
Subject: Re: Zlib vulnerability heads-up.

Re: Zlib vulnerability heads-up. - Mailing list pgsql-hackers

Previous

Next