| From: | Tom Lane <tgl(at)sss(dot)pgh(dot)pa(dot)us> |
|---|---|
| To: | Douglas McNaught <doug(at)mcnaught(dot)org> |
| Cc: | pgsql-general(at)postgresql(dot)org |
| Subject: | Re: SECURITY RELEASES: 7.2.8 - 7.3.10 - 7.4.8 - 8.0.3 |
| Date: | 2005-05-11 13:23:04 |
| Message-ID: | 3165.1115817784@sss.pgh.pa.us |
| Views: | Raw Message | Whole Thread | Download mbox | Resend email |
| Thread: | |
| Lists: | pgsql-announce pgsql-general |
Douglas McNaught <doug(at)mcnaught(dot)org> writes:
> Tom Lane <tgl(at)sss(dot)pgh(dot)pa(dot)us> writes:
>> Also, note that that message was the zero-day-security-problem response
>> to the issue, and that we since figured out cleaner responses. If you
>> haven't yet implemented this in your own DBs, I would suggest following
>> the procedures given in the final release notes, eg
>> http://developer.postgresql.org/docs/postgres/release-7-4-8.html
> If we've already done the zero-day fix, is there any value in re-doing
> it the "cleaner" way?
Only if you care about allowing unprivileged users to create conversions
(which seems a bit useless to me, but it's in the regression tests...)
regards, tom lane
| From | Date | Subject | |
|---|---|---|---|
| Next Message | Thomas F.O'Connell | 2005-05-11 13:42:31 | Re: SECURITY RELEASES: 7.2.8 - 7.3.10 - 7.4.8 - 8.0.3 |
| Previous Message | Douglas McNaught | 2005-05-11 10:25:34 | Re: SECURITY RELEASES: 7.2.8 - 7.3.10 - 7.4.8 - 8.0.3 |
| From | Date | Subject | |
|---|---|---|---|
| Next Message | Thomas F.O'Connell | 2005-05-11 13:42:31 | Re: SECURITY RELEASES: 7.2.8 - 7.3.10 - 7.4.8 - 8.0.3 |
| Previous Message | Douglas McNaught | 2005-05-11 12:58:44 | Re: Fixing a too long column value in a before insert trigger or rule |