Security bugs

Started by Dhanaraj Mover 19 years ago3 messages

Dhanaraj.M@Sun.COM

over 19 years ago

I heard that 2 security bugs were fixed in 8.1.4.
Since I like to upgrade from 8.1.3, I like to know the bugs.
Can somebody give the description of those bugs?

Thanks
Dhanaraj

Michael Glaesemann

grzm@seespotcode.net

over 19 years ago

In reply to: Dhanaraj M (#1)

Re: Security bugs

On Jul 26, 2006, at 19:17 , Dhanaraj M wrote:

I heard that 2 security bugs were fixed in 8.1.4.
Since I like to upgrade from 8.1.3, I like to know the bugs.
Can somebody give the description of those bugs?

Following the "Security" link from the Postgres home page:

http://www.postgresql.org/support/security.html

You'll see a list of all security issues. The top two (CVE-2006-2314
and CVE-2006-2313) are probably the two you heard about.

Hope this helps.

Michael Glaesemann
grzm seespotcode net

Andrew Dunstan

andrew@dunslane.net

over 19 years ago

In reply to: Dhanaraj M (#1)

Re: Security bugs

Dhanaraj M wrote:

I heard that 2 security bugs were fixed in 8.1.4.
Since I like to upgrade from 8.1.3, I like to know the bugs.
Can somebody give the description of those bugs?

There is a list of the changes in each release in the Release Notes. In
this case, you want:
http://www.postgresql.org/docs/current/static/release.html#RELEASE-8-1-4

For this particular case there are also other docs: see
http://www.postgresql.org/docs/techdocs.48

Essentially the security issues are related to uses of multi-byte encodings.

cheers

andrew