From: | Neil Conway <neilc(at)samurai(dot)com> |
---|---|
To: | "Marc G(dot) Fournier" <scrappy(at)postgresql(dot)org> |
Cc: | pgsql-general(at)postgresql(dot)org |
Subject: | Re: PostgreSQL Security Release(s) for 7.2, 7.3 and 7.4 |
Date: | 2004-10-24 07:19:42 |
Message-ID: | 417B578E.2000308@samurai.com |
Views: | Raw Message | Whole Thread | Download mbox | Resend email |
Thread: | |
Lists: | pgsql-announce pgsql-general |
Marc G. Fournier wrote:
> In order to address a recent security report from iDefence, we have
> released 3 new "point" releases: 7.2.6, 7.3.8 and 7.4.6
Assuming you're referring to the make_oidjoins_check bug, I don't think
it is accurate to bill these as "security releases". As the 7.4.6
release notes plainly state:
---
# Avoid using temp files in /tmp in make_oidjoins_check
This has been reported as a security issue, though it's hardly worthy of
concern since there is no reason for non-developers to use this script
anyway.
---
That said, the fix for the clog bug is reason enough to make the point
releases, and reason enough for users to upgrade.
-Neil
From | Date | Subject | |
---|---|---|---|
Next Message | Tom Lane | 2004-10-24 14:43:14 | Re: PostgreSQL Security Release(s) for 7.2, 7.3 and 7.4 |
Previous Message | Oliver Elphick | 2004-10-23 15:59:26 | Re: Slony-I 1.0.4 Released |
From | Date | Subject | |
---|---|---|---|
Next Message | Michael Glaesemann | 2004-10-24 07:25:28 | Re: '1 year' = '360 days' ???? |
Previous Message | Pierre-Frédéric Caillaud | 2004-10-24 07:13:14 | Re: '1 year' = '360 days' ???? |