| From: | "David G(dot) Johnston" <david(dot)g(dot)johnston(at)gmail(dot)com> |
|---|---|
| To: | Matthias Apitz <guru(at)unixarea(dot)de> |
| Cc: | Laurenz Albe <laurenz(dot)albe(at)cybertec(dot)at>, Subhash Udata <subhashudata(at)gmail(dot)com>, Adrian Klaver <adrian(dot)klaver(at)aklaver(dot)com>, 김주연 <mysylph(at)gmail(dot)com>, "pgsql-general(at)lists(dot)postgresql(dot)org" <pgsql-general(at)lists(dot)postgresql(dot)org> |
| Subject: | Re: CVE-2024-10979 Vulnerability Impact on PostgreSQL 11.10 |
| Date: | 2024-11-22 13:43:58 |
| Message-ID: | CAKFQuwZFPGLtMS4DS8AAm8iMQ7iu6fCxj5syL-DU9srcUmjQ6A@mail.gmail.com |
| Views: | Raw Message | Whole Thread | Download mbox | Resend email |
| Thread: | |
| Lists: | pgsql-general |
On Friday, November 22, 2024, Matthias Apitz <guru(at)unixarea(dot)de> wrote:
>
> Especially the version V7.2 (released in 2021) can't be updated on the
> client side, the cluster will be migrated to 16.5. I assume that
> CVE-2024-10979 affects the server side, and not the client side.
>
Yes, it is the server that executes procedural language code like plperl.
David J.
| From | Date | Subject | |
|---|---|---|---|
| Next Message | Laurenz Albe | 2024-11-22 15:52:46 | Re: CVE-2024-10979 Vulnerability Impact on PostgreSQL 11.10 |
| Previous Message | walther | 2024-11-22 12:57:45 | Re: Fwd: A million users |