Thread: Typo in the description of CVE-2023-5870

Typo in the description of CVE-2023-5870

From

Pavel Luzanov

Date:

12 November 2023, 14:24:23

The description of CVE-2023-5870 mentions pg_cancel_backend role instead 
of pg_signal_backend. [1]

The release notes at this place are correct.

1. https://www.postgresql.org/support/security/CVE-2023-5870/

P.S. I'm not sure if this is the right list for such reporting.

-- 
Pavel Luzanov
Postgres Professional: https://postgrespro.com

Re: Typo in the description of CVE-2023-5870

From

"Jonathan S. Katz"

Date:

12 November 2023, 19:04:25

On 11/12/23 6:24 AM, Pavel Luzanov wrote:
> The description of CVE-2023-5870 mentions pg_cancel_backend role instead 
> of pg_signal_backend. [1]
> 
> The release notes at this place are correct.
> 
> 1. https://www.postgresql.org/support/security/CVE-2023-5870/

Fixed in the appropriate places. I believe I copied the text incorrectly 
from the CVE filing, so I'll work with upstream to correct that too.

Thanks for reporting!

Jonathan

Attachment

OpenPGP_signature.asc