Re: Zlib vulnerability heads-up.
| От | teg@redhat.com (Trond Eivind Glomsrød) |
|---|---|
| Тема | Re: Zlib vulnerability heads-up. |
| Дата | |
| Msg-id | xuyk7sh3gb9.fsf@halden.devel.redhat.com обсуждение исходный текст |
| Ответ на | Zlib vulnerability heads-up. (Lamar Owen <lamar.owen@wgcr.org>) |
| Ответы |
Re: Zlib vulnerability heads-up.
|
| Список | pgsql-hackers |
Lamar Owen <lamar.owen@wgcr.org> writes: > As PostgreSQL uses the zlib library (for TOAST?), this is a headsup that a > bug has been found in the zlib library that could cause data corruption or a > security breach. > > See http://www.gzip.org/zlib/advisory-2002-03-11.txt for more details. > > Updating zlib is strongly recommended by many sources, and a patch is > available. > > I have only posted this to HACKERS; if a cross-post to GENERAL or ADMIN is > useful, that can be arranged. FWIW, I really doubt this is much of a problem for postgresql. It's mainly a problem for applications dealing with untrusted, compressed data (webbrowsers, imageviewers, programs with skins downloaded from the Internet) etc. -- Trond Eivind Glomsrød Red Hat, Inc.
В списке pgsql-hackers по дате отправления: