On Wed, Dec 4, 2024 at 10:07 AM Mark Hill <Mark(dot)Hill(at)sas(dot)com> wrote:
> Does the CVE-2024-10979 affect Postgres that is NOT built with the
> --with-perl option?
>
>
It requires the attacker being able to write and get executed a PL function
in the server written in pl/perl. That is impossible if the server hasn't
been compiled using the --with-perl option.
David J.