From: | Dave Page <dpage(at)pgadmin(dot)org> |
---|---|
To: | "HEARNE, TIMOTHY S" <th1618(at)att(dot)com> |
Cc: | "pgadmin-support(at)postgresql(dot)org" <pgadmin-support(at)postgresql(dot)org> |
Subject: | Re: Impact of CVE-2014-2669 |
Date: | 2014-06-25 17:35:49 |
Message-ID: | CA+OCxoxfSazzNn6pPyJu=ERm152uXWWj68yvZ-oQAQK6P1_CgQ@mail.gmail.com |
Views: | Raw Message | Whole Thread | Download mbox | Resend email |
Thread: | |
Lists: | pgadmin-support |
On Wed, Jun 25, 2014 at 5:50 PM, HEARNE, TIMOTHY S <th1618(at)att(dot)com> wrote:
> We received notice of the following :
> advisory:
> 31864 postgresql92-postgresql security update
> http://www.securityfocus.com/advisories/31864
>
> Web Page:Bug 1082154 - (CVE-2014-2669) CVE-2014-2669 postgresql: multiple
> integer overflo
> https://bugzilla.redhat.com/show_bug.cgi?id=1082154
>
> From what I can tell in reading it, it impacts the database engine not the
> client tools such as pgAdmin III. I have the latest version installed on my
> PC, 1.18.1, yet my company is requesting me to update or remove the tool.
> As this is the current release, this is obviously not possible.
>
> Is pgAdmin III version 1.18.1 impacted by this threat?
>
> If release 1.18.1 is impacted, is there an estimate as to when a solution
> will be released?
This has nothing to do with pgAdmin, it is, as you say, a server bug.
--
Dave Page
Blog: http://pgsnake.blogspot.com
Twitter: @pgsnake
EnterpriseDB UK: http://www.enterprisedb.com
The Enterprise PostgreSQL Company
From | Date | Subject | |
---|---|---|---|
Next Message | Tim Uckun | 2014-06-26 01:54:03 | Create, Insert etc scripts |
Previous Message | HEARNE, TIMOTHY S | 2014-06-25 16:50:37 | Impact of CVE-2014-2669 |