On 12 Mar 2002, Greg Copeland wrote:
> IIRC, the issue here is that it was a double free and that it was ONLY
> of possible concern in the even that a specific sequence of calls were
> made AND a very cleaver hack was available to allow for
> uncontrolled/unvalidated input.
>
> While it may be worth noting, I seriously doubt this is a security issue
> for PostgresSQL.
It's an easy DOS for things like mozilla, netscape. For postgres, using
it internally? Nah.
--
Trond Eivind Glomsrød
Red Hat, Inc.