| From: | Trond Eivind Glomsrød <teg(at)redhat(dot)com> |
|---|---|
| To: | Greg Copeland <greg(at)copelandconsulting(dot)net> |
| Cc: | Lamar Owen <lamar(dot)owen(at)wgcr(dot)org>, PostgresSQL Hackers Mailing List <pgsql-hackers(at)postgresql(dot)org> |
| Subject: | Re: Zlib vulnerability heads-up. |
| Date: | 2002-03-12 20:22:45 |
| Message-ID: | Pine.LNX.4.44.0203121522060.25530-100000@halden.devel.redhat.com |
| Views: | Raw Message | Whole Thread | Download mbox | Resend email |
| Thread: | |
| Lists: | pgsql-general pgsql-hackers |
On 12 Mar 2002, Greg Copeland wrote:
> IIRC, the issue here is that it was a double free and that it was ONLY
> of possible concern in the even that a specific sequence of calls were
> made AND a very cleaver hack was available to allow for
> uncontrolled/unvalidated input.
>
> While it may be worth noting, I seriously doubt this is a security issue
> for PostgresSQL.
It's an easy DOS for things like mozilla, netscape. For postgres, using
it internally? Nah.
--
Trond Eivind Glomsrød
Red Hat, Inc.
| From | Date | Subject | |
|---|---|---|---|
| Next Message | Lamar Owen | 2002-03-12 20:50:01 | Re: Zlib vulnerability heads-up. |
| Previous Message | Greg Copeland | 2002-03-12 20:18:02 | Re: Zlib vulnerability heads-up. |
| From | Date | Subject | |
|---|---|---|---|
| Next Message | Lamar Owen | 2002-03-12 20:50:01 | Re: Zlib vulnerability heads-up. |
| Previous Message | Greg Copeland | 2002-03-12 20:18:02 | Re: Zlib vulnerability heads-up. |