On Fri, Mar 05, 2021 at 12:32:43AM -0700, bchen90 wrote:
> NVD link:
>
> https://nvd.nist.gov/vuln/detail/CVE-2021-20229#vulnCurrentDescriptionTitle
This link includes incorrect information. CVE-2021-20229 is only a
problem in 13.0 and 13.1, fixed in 13.2. Please see for example here:
https://www.postgresql.org/support/security/
The commit that fixed the issue is c028faf, mentioning 9ce77d7 as the
origin point, a commit introduced in Postgres 13.
--
Michael