We will do releases soon because of bug #4680; please help test
| От | Tom Lane |
|---|---|
| Тема | We will do releases soon because of bug #4680; please help test |
| Дата | |
| Msg-id | 17463.1236118080@sss.pgh.pa.us обсуждение исходный текст |
| Список | pgsql-hackers |
After some discussion the pgsql-security team has decided that we must treat this bug as a security issue: http://archives.postgresql.org/pgsql-bugs/2009-02/msg00172.php because an unprivileged user can crash his backend and thereby create a denial-of-service situation. There's no point in secrecy though, since the bug is already public. Rather, this just means that we will make a set of back-branch releases shortly, whereas we probably wouldn't have done new ones for awhile otherwise. The proposed fixes for the bug are already in CVS, but what we need now is for people to study and test the fixes. This is (at least) the third time we've gone back to re-address the area of crashes caused by failures in error message translation/conversion :-(. So even though I believe we got it right this time, it could definitely do with more eyeballs. Please take a look and see if you can break it. Also, if you've got pending fixes or bug reports for back branches, now's a good time to get them sent in. We have not set a release date yet but it'll likely happen in a week or so. regards, tom lane
В списке pgsql-hackers по дате отправления: