| From: | Bruce Momjian <pgman(at)candle(dot)pha(dot)pa(dot)us> |
|---|---|
| To: | Dann Corbit <DCorbit(at)connx(dot)com> |
| Cc: | Neil Conway <neilc(at)samurai(dot)com>, Vince Vielhaber <vev(at)michvhf(dot)com>, pgsql-hackers(at)postgresql(dot)org |
| Subject: | Re: @(#)Mordred Labs advisory 0x0003: Buffer overflow in PostgreSQL |
| Date: | 2002-08-20 20:52:05 |
| Message-ID: | 200208202052.g7KKq5i03771@candle.pha.pa.us |
| Views: | Raw Message | Whole Thread | Download mbox | Resend email |
| Thread: | |
| Lists: | pgsql-hackers |
Dann Corbit wrote:
> > -----Original Message-----
> > From: Neil Conway [mailto:neilc(at)samurai(dot)com]
> > Sent: Tuesday, August 20, 2002 1:44 PM
> > To: Vince Vielhaber
> > Cc: pgsql-hackers(at)postgreSQL(dot)org
> > Subject: Re: [HACKERS] @(#)Mordred Labs advisory 0x0003:
> > Buffer overflow in PostgreSQL (fwd)
> >
> >
> > Vince Vielhaber <vev(at)michvhf(dot)com> writes:
> > > Here's yet another.
> >
> > Should someone from the core team perhaps get in contact with
> > this guy and ask if he could get in contact with the
> > development team before publicizing any further security
> > holes? AFAIK that is standard operating procedure in most cases...
>
> As long as we continue to find out about them, I would just let him work
> away.
> He is clearly an excellent tester, and if you had to hire him it would
> be very expensive.
>
> As long as he is producing results of such great value, I think it is
> wonderful.
Yea, someone please contact him and tell him to keep going.
--
Bruce Momjian | http://candle.pha.pa.us
pgman(at)candle(dot)pha(dot)pa(dot)us | (610) 359-1001
+ If your life is a hard drive, | 13 Roberts Road
+ Christ can be your backup. | Newtown Square, Pennsylvania 19073
| From | Date | Subject | |
|---|---|---|---|
| Next Message | Dann Corbit | 2002-08-20 20:53:39 | Re: @(#)Mordred Labs advisory 0x0003: Buffer overflow in PostgreSQL (fwd) |
| Previous Message | Bruce Momjian | 2002-08-20 20:50:46 | Re: @(#)Mordred Labs advisory 0x0003: Buffer overflow in PostgreSQL |