| From: | Neil Conway <nconway(at)klamath(dot)dyndns(dot)org> |
|---|---|
| To: | Lamar Owen <lamar(dot)owen(at)wgcr(dot)org> |
| Cc: | Trond Eivind Glomsrød <teg(at)redhat(dot)com>, pgsql-hackers(at)postgresql(dot)org |
| Subject: | Re: Zlib vulnerability heads-up. |
| Date: | 2002-03-12 18:51:14 |
| Message-ID: | 1015959074.4927.30.camel@jiro |
| Views: | Raw Message | Whole Thread | Download mbox | Resend email |
| Thread: | |
| Lists: | pgsql-general pgsql-hackers |
On Tue, 2002-03-12 at 11:46, Lamar Owen wrote:
> On Tuesday 12 March 2002 11:24 am, Trond Eivind Glomsrød wrote:
> > Lamar Owen <lamar(dot)owen(at)wgcr(dot)org> writes:
> > > Updating zlib is strongly recommended by many sources, and a patch is
> > > available.
>
> > FWIW, I really doubt this is much of a problem for postgresql. It's
> > mainly a problem for applications dealing with untrusted, compressed
> > data (webbrowsers, imageviewers, programs with skins downloaded from
> > the Internet) etc.
>
> It's probably NOT a big problem; but it IS a bug in an underlying library.
Can we just add an item to the 7.2.1 release notes suggesting that zlib
1.1.4 or greater is installed? AFAICT that should be sufficient.
Cheers,
Neil
--
Neil Conway <neilconway(at)rogers(dot)com>
PGP Key ID: DB3C29FC
| From | Date | Subject | |
|---|---|---|---|
| Next Message | Serkan Bektaş | 2002-03-12 19:13:06 | Re: cannot initdb ; semget(key=1, num=17, 03600) failed , FreeBSD |
| Previous Message | Serkan Bektaş | 2002-03-12 18:47:52 | Re: cannot initdb |
| From | Date | Subject | |
|---|---|---|---|
| Next Message | Greg Copeland | 2002-03-12 20:18:02 | Re: Zlib vulnerability heads-up. |
| Previous Message | Luis Alberto Amigo Navarro | 2002-03-12 18:21:11 | again on bad performance |