| From: | Bruce Momjian <bruce(at)momjian(dot)us> |
|---|---|
| To: | minaketan(dot)sabar(at)gmail(dot)com, pgsql-bugs(at)lists(dot)postgresql(dot)org |
| Subject: | Re: BUG #18696: Compatibility Query for Updating zlib1.dll in PostgreSQL 10.2 to Address Security Vulnerabilities |
| Date: | 2024-11-19 03:47:39 |
| Message-ID: | ZzwKWzl31JKOgfKz@momjian.us |
| Views: | Raw Message | Whole Thread | Download mbox | Resend email |
| Thread: | |
| Lists: | pgsql-bugs |
On Thu, Nov 7, 2024 at 10:02:01AM +0000, PG Bug reporting form wrote:
> The following bug has been logged on the website:
>
> Bug reference: 18696
> Logged by: Minaketan Sabar
> Email address: minaketan(dot)sabar(at)gmail(dot)com
> PostgreSQL version: Unsupported/Unknown
> Operating system: Windows Server 2019 Standard
> Description:
>
> Hello Team,
>
> I’d like to share the details of an issue and seek guidance:
>
> Issue/Query: To address the security vulnerabilities “CVE-2022-37434,
> CVE-2023-45853,” we are planning to replace the zlib1.dll (currently version
> 1.2.8, default in PostgreSQL 10.2) with the latest zlib1.dll version 1.3.1.
> This version is included in PostgreSQL 16, and we intend to update by
> copying the file from the PostgreSQL 16 installation (PostgreSQL\16\bin
> folder).
You are running an unsupported version of Postgres, so I think zlib is
only a minor security issue compared to running PG 10.X --- and you
didn't even upgrade to the later minor versions of PG 10.
--
Bruce Momjian <bruce(at)momjian(dot)us> https://momjian.us
EDB https://enterprisedb.com
When a patient asks the doctor, "Am I going to die?", he means
"Am I going to die soon?"
| From | Date | Subject | |
|---|---|---|---|
| Next Message | Bing Xu | 2024-11-19 06:23:44 | RE: BUG #18635: " $libdir/adminpack could not be loaded" error with pg_upgrade to PostgreSQL17 |
| Previous Message | zengman | 2024-11-19 03:08:42 | Re: BUG #18710: "pg_get_viewdef" triggers assertions in special scenarios |