Re: [ANNOUNCE] CRITICAL RELEASE: Minor Releases to Fix DoS
| От | Simon Riggs |
|---|---|
| Тема | Re: [ANNOUNCE] CRITICAL RELEASE: Minor Releases to Fix DoS |
| Дата | |
| Msg-id | 1136798952.21025.344.camel@localhost.localdomain обсуждение исходный текст |
| Список | pgsql-www |
On Mon, 2006-01-09 at 02:33 -0400, Marc G. Fournier wrote: > PostgreSQL patch versions 8.1.2, 8.0.6, 7.4.11 and 7.3.13 are available > today. The fixes in the 8.1 and 8.0 branches are critical, especially for > Windows users, and users of these branches are urged to update at their > earliest opportunity. > > One critical fix repairs a denial-of-service vulnerability: on Windows > only, the postmaster will exit if too many connection requests arrive > simultaneously. This does not affect existing database connections, but > will prevent new connections from being established until the postmaster > is manually restarted. > The Common Vulnerabilities and Exposures (CVE) > project has assigned the name CVE-2006-0105 to this issue. No they haven't: there is no such CVE number assigned, nor is there one pending - I just checked. (The numbers don't go that high yet). [I was looking to update the Security page, but can't find the appropriate refs.] Best Regards, Simon Riggs
В списке pgsql-www по дате отправления: