| From: | Ron Johnson <ronljohnsonjr(at)gmail(dot)com> |
|---|---|
| To: | "pgsql-generallists(dot)postgresql(dot)org" <pgsql-general(at)lists(dot)postgresql(dot)org> |
| Subject: | Re: CVE-2024-10979 Vulnerability Impact on PostgreSQL 11.10 |
| Date: | 2024-11-22 09:18:02 |
| Message-ID: | CANzqJaDVzQu2-44WRW-8wSw9bP9CSjAwe34+PKdt9Q86vYr3Rg@mail.gmail.com |
| Views: | Raw Message | Whole Thread | Download mbox | Resend email |
| Thread: | |
| Lists: | pgsql-general |
On Fri, Nov 22, 2024 at 4:01 AM Achilleas Mantzios - cloud <
a(dot)mantzios(at)cloud(dot)gatewaynet(dot)com> wrote:
>
> On 11/22/24 10:00, Matthias Apitz wrote:
>
[snip]
>
> Why not decouple client libs from the server ? i.e. psql works great
> with many versions greater than its own. And certainly with same major
> versions. You could retain the same client libs and just upgrade the
> PgSQL server to the highest minor version of the major version that you
> support.
>
Small VARs that sell turnkey solutions would rather bundle everything
together. One application version, one database version, one OS version,
one set of hardware, all bundled up and sold to a tech-illiterate customer
that doesn't employ a DBA or SysAdmin. That way, when something
stops working, you aren't guessing if it's this patch, that patch, etc etc.
Not saying that Matthias works for such a VAR, but such companies
definitely exist.
--
Death to <Redacted>, and butter sauce.
Don't boil me, I'm still alive.
<Redacted> lobster!
| From | Date | Subject | |
|---|---|---|---|
| Next Message | hubert depesz lubaczewski | 2024-11-22 11:25:44 | Re: PostgreSQL Log Info |
| Previous Message | Matthias Apitz | 2024-11-22 09:10:29 | Re: CVE-2024-10979 Vulnerability Impact on PostgreSQL 11.10 |