Re: Zlib vulnerability heads-up.
Trond Eivind Glomsrød <teg@redhat.com>
From: Trond Eivind Glomsrød <teg@redhat.com>
To: Greg Copeland <greg@copelandconsulting.net>
Cc: Lamar Owen <lamar.owen@wgcr.org>, PostgresSQL Hackers Mailing List <pgsql-hackers@postgresql.org>
Date: 2002-03-12T20:22:45Z
Lists: pgsql-hackers, pgsql-general
On 12 Mar 2002, Greg Copeland wrote: > IIRC, the issue here is that it was a double free and that it was ONLY > of possible concern in the even that a specific sequence of calls were > made AND a very cleaver hack was available to allow for > uncontrolled/unvalidated input. > > While it may be worth noting, I seriously doubt this is a security issue > for PostgresSQL. It's an easy DOS for things like mozilla, netscape. For postgres, using it internally? Nah. -- Trond Eivind Glomsrød Red Hat, Inc.