| From: | Tom Lane <tgl(at)sss(dot)pgh(dot)pa(dot)us> |
|---|---|
| To: | pgsql-hackers(at)postgreSQL(dot)org |
| Subject: | More on the libxml2 update situation |
| Date: | 2015-12-11 15:55:40 |
| Message-ID: | 12837.1449849340@sss.pgh.pa.us |
| Views: | Raw Message | Whole Thread | Download mbox | Resend email |
| Thread: | |
| Lists: | pgsql-hackers |
So I did a routine software update on my RHEL6 workstation, and noticed
a security update for libxml2 go by. And guess what: now an XML-enabled
build of Postgres fails regression tests for me, just as previously
discussed in
http://www.postgresql.org/message-id/flat/CAFj8pRA4xJQFGNQCqMCYGx-umgMr3Stt3xFEUw7kBsOiOvGhkA(at)mail(dot)gmail(dot)com
A little bit of digging shows that the behavior we're unhappy about was
introduced as part of the official patch for CVE-2015-7499. This means
that, whether or not we can persuade Veillard that it was a bad idea and
he should undo it, the bogus behavior is likely to spread into mainstream
distributions a lot faster than any followup fix will :-(. Bugfix updates
just don't get accepted as quickly as security updates.
I'm starting to think that maybe we'd better knuckle under and provide
a variant expected file that matches this behavior. We're likely to be
seeing it in the wild for some time to come.
regards, tom lane
| From | Date | Subject | |
|---|---|---|---|
| Next Message | Tom Lane | 2015-12-11 15:58:38 | Re: [sqlsmith] Failed to generate plan on lateral subqueries |
| Previous Message | Andreas Seltenreich | 2015-12-11 15:47:17 | Re: [sqlsmith] Failed to generate plan on lateral subqueries |