Date: Thu, 25 Mar 2010 15:44:20 +0100 From: Gary Jennejohn <gary.jennejohn@freenet.de> To: Alexander Pyhalov <alp@rsu.ru> Cc: Freebsd Ports <FreeBSD-ports@freebsd.org> Subject: Re: postgres and CVE-2010-0442 Message-ID: <20100325154420.6c91a7b9@ernst.jennejohn.org> In-Reply-To: <4BAB6135.4030800@rsu.ru> References: <4BAB6135.4030800@rsu.ru>
next in thread | previous in thread | raw e-mail | index | archive | help
On Thu, 25 Mar 2010 16:12:21 +0300 Alexander Pyhalov <alp@rsu.ru> wrote: > Hello. > Could someone look at http://www.freebsd.org/cgi/query-pr.cgi?pr=144863 > ? There is quite serious security issue in postgres, which allow any > user to kill others' sessions. > It's only been a week since it was assigned to the maintainer (girgen@) to look at. It's too soon for a maintainer timeout, although I suppose if this is considered to be an enormous security risk it could be committed without waiting. I'd say that's a decision for portmgr@ to make. -- Gary Jennejohn
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?20100325154420.6c91a7b9>