Re: Zlib vulnerability heads-up.

Jan Wieck <janwieck@yahoo.com> writes:

> Lamar Owen wrote:
> > On Tuesday 12 March 2002 11:34 am, Jan Wieck wrote:
> > > Lamar Owen wrote:
> > > [Charset iso-8859-15 unsupported, filtering to ASCII...]
> > > > As PostgreSQL uses the zlib library (for TOAST?), this is a headsup that
> > > > a bug has been found in the zlib library that could  cause data
> > > > corruption or a security breach.
> >
> > >     PostgreSQL  does  not  use  the  zlib  library for toast. The
> > >     algorithm used in toast is based on Adisak Pochanayon's  SLZ.
> >
> > Good.  I think.
> >
> > But what _does_ use zlib in PostgreSQL?
> 
>     On a quick search I can only see pg_backup using it.

I see many more, including the postmaster:

[teg@halden teg]$ ldd /usr/bin/postmaster libssl.so.2 => /lib/libssl.so.2 (0x4002e000)libcrypto.so.2 =>
/lib/libcrypto.so.2(0x4005c000)libkrb5.so.3 => /usr/kerberos/lib/libkrb5.so.3 (0x4011f000)libk5crypto.so.3 =>
/usr/kerberos/lib/libk5crypto.so.3(0x40176000)libcom_err.so.3 => /usr/kerberos/lib/libcom_err.so.3
(0x40186000)libz.so.1=> /usr/lib/libz.so.1 (0x40188000)libcrypt.so.1 => /lib/libcrypt.so.1 (0x40196000)libresolv.so.2
=>/lib/libresolv.so.2 (0x401c4000)libnsl.so.1 => /lib/libnsl.so.1 (0x401d5000)libdl.so.2 => /lib/libdl.so.2
(0x401ea000)libm.so.6=> /lib/i686/libm.so.6 (0x401ed000)libreadline.so.4 => /usr/lib/libreadline.so.4
(0x4020f000)libtermcap.so.2=> /lib/libtermcap.so.2 (0x40235000)libc.so.6 => /lib/i686/libc.so.6
(0x4023a000)/lib/ld-linux.so.2=> /lib/ld-linux.so.2 (0x40000000)
 
[teg@halden teg]$ 


-- 
Trond Eivind Glomsrød
Red Hat, Inc.