Quick Links

Re: Backport of CVE-2024-10978 fix to older pgsql versions (11, 9.6, and 9.4)

From:	Roberto C(dot) Sánchez <roberto(at)debian(dot)org>
To:	pgsql-hackers(at)lists(dot)postgresql(dot)org
Subject:	Re: Backport of CVE-2024-10978 fix to older pgsql versions (11, 9.6, and 9.4)
Date:	2024-12-30 21:50:12
Message-ID:	Z3MVlEHp3yNutuHH@localhost
Views:	Raw Message \| Whole Thread \| Download mbox \| Resend email
Thread:
Lists:	pgsql-hackers

On Sat, Dec 14, 2024 at 09:50:23PM -0500, Roberto C. Sánchez wrote:
> Greetings pgsql devs,
>
> I would appreciate a review of my strategy for backporting the commits
> related to CVE-2024-10978. (I am working with versions 11, 9.6, and 9.4,
> for some older Debian releases.)
>
> My conclusion is that of the two commits associated with CVE-2024-10978,
> both are required in 11 and 9.6, but only one is required in 9.4.
>
I wonder if someone might be able to look at my original message and
help validate my analysis.

Regards,

-Roberto

--
Roberto C. Sánchez

In response to

Backport of CVE-2024-10978 fix to older pgsql versions (11, 9.6, and 9.4) at 2024-12-15 02:50:23 from Roberto C. Sánchez

Responses

Re: Backport of CVE-2024-10978 fix to older pgsql versions (11, 9.6, and 9.4) at 2024-12-30 21:58:26 from Bruce Momjian

Browse pgsql-hackers by date

	From	Date	Subject
Next Message	Bruce Momjian	2024-12-30 21:58:26	Re: Backport of CVE-2024-10978 fix to older pgsql versions (11, 9.6, and 9.4)
Previous Message	Jim Nasby	2024-12-30 21:40:34	Re: PoC: history of recent vacuum/checkpoint runs (using new hooks)