Re: CVE-2024-10979 Vulnerability Impact on PostgreSQL 11.10

El día viernes, noviembre 22, 2024 a las 11:01:29 +0200, Achilleas Mantzios - cloud escribió:

> > under development: V7.3-SP1 (we will not support 15.9 as cluster in SP1)
> > used ESQL/C 15.9 (i.e. PostgreSQL client side)
> > migrate the used cluster/database 'from' --> 'to'
> > 15.1 --> 16.5
> > 16.2 --> 16.5
> >
> > released: V7.3 (we will not support 15.9 as cluster in V7.3)
> > used ESQL/C 15.1 (i.e. PostgreSQL client side)
> > migrate the used cluster/database 'from' --> 'to'
> > 15.1 --> 16.5
> > 16.2 --> 16.5
> >
> > released: V7.2 (we will not support 15.9 as cluster in V7.2)
> > used ESQL/C 11.4 (i.e. PostgreSQL client side)
> > migrate the used cluster/database 'from' --> 'to'
> > 13.1 --> 16.5
> > 16.2 --> 16.5
>
> Why not decouple client libs from the server ? i.e. psql works great with
> many versions greater than its own. And certainly with same major versions.
> You could retain the same client libs and just upgrade the PgSQL server to
> the highest minor version of the major version that you support.
> ...

This is exactly the plan. For all the three versions the cluster will be
migrated to 16.5 and the client side will stay for the released version
with what they currently use (11.4 or 15.1). And for the version under
development 15.9

matthias

--
Matthias Apitz, ✉ guru(at)unixarea(dot)de, http://www.unixarea.de/ +49-176-38902045
Public GnuPG key: http://www.unixarea.de/key.pub

Annalena Baerbock: "We are fighting a war against Russia ..." (25.1.2023)

I, Matthias, I am not at war with Russia.
Я не воюю с Россией.
Ich bin nicht im Krieg mit Russland.