Re: Zlib vulnerability heads-up.

Trond Eivind Glomsrød <teg@redhat.com>

From: Trond Eivind Glomsrød <teg@redhat.com>
To: Greg Copeland <greg@copelandconsulting.net>
Cc: Lamar Owen <lamar.owen@wgcr.org>, PostgresSQL Hackers Mailing List <pgsql-hackers@postgresql.org>
Date: 2002-03-12T20:22:45Z
Lists: pgsql-hackers, pgsql-general
On 12 Mar 2002, Greg Copeland wrote:

> IIRC, the issue here is that it was a double free and that it was ONLY
> of possible concern in the even that a specific sequence of calls were
> made AND a very cleaver hack was available to allow for
> uncontrolled/unvalidated input.
> 
> While it may be worth noting, I seriously doubt this is a security issue
> for PostgresSQL.

It's an easy DOS for things like mozilla, netscape. For postgres, using 
it internally? Nah.

-- 
Trond Eivind Glomsrød
Red Hat, Inc.