Re: postgresql command line exploit found in the wild
От | Daniel Verite |
---|---|
Тема | Re: postgresql command line exploit found in the wild |
Дата | |
Msg-id | cd81d201-e9fa-4567-ac49-e3e762935747@mm обсуждение исходный текст |
Ответ на | postgresql command line exploit found in the wild (Merlin Moncure <mmoncure@gmail.com>) |
Ответы |
Re: postgresql command line exploit found in the wild
Re: postgresql command line exploit found in the wild |
Список | pgsql-general |
Merlin Moncure wrote: > if you have an internet facing database, patch it immediately! By the way: People running 9.1 on debian stable (squeeze) typically use this package: http://packages.debian.org/squeeze-backports/postgresql-9.1 Currently, it looks like the fix is only available in pre-compiled form for the amd64 architecture (see the bottom of the page). All other archs including the popular i386 are stuck at version: 9.1.7-1~bpo60+1 I find it problematic. One can always switch to the new apt.postgresql.org repository that has the latest versions, but how many people are going to not even notice the problem, trusting their normal upgrade path? Best regards, -- Daniel PostgreSQL-powered mail user agent and storage: http://www.manitou-mail.org
В списке pgsql-general по дате отправления: