Hi All

I'm trying to understand the implications of the latest security fix to postgresql [1].

We have a setup were we in pg_hba.conf have limited the allowed IP addresses of the clients. But does anyone know if CVE-2013-1899 allows an arbitrary attacker to use the exploits described in [1]?

We are using PostgreSQL 8.4.

Best regards,

Mads

[1] http://www.postgresql.org/support/security/faq/2013-04-04/