Tom Lane wrote:
"Ferindo Middleton" <[EMAIL PROTECTED]> writes:
This bug report involves more than one proposed bug. I work at a federal
government agency. The information technology division at this agency
refuses to allow the database version 8.0.4 on their network because of
several security vulnerabilities they noticed when testing the software
application.
They obviously haven't "tested" anything --- they are merely reading the
CVE reports for old Postgres versions. All known CVE problems are
resolved in 8.0.4.
(If they were actually serious about security, they wouldn't be letting
you run Windows 2000 inside their network, but I digress.)
regards, tom lane
Thanks for your support with this. I had presented the IT support team
at this agency with the information you all provided that these
CVEs/bugs were resolved in previous versions to 8.0.4 and they suddenly
argued that it wasn’t the CVE’s that were the problem (without admitting
that they never really tested 8.0.4 in the first place)… I’m sorry if I
wasted anybody’s time or irritated anyone by assuming that these bugs
were actually valid in 8.0.4… I’m starting to get tied up in a bunch of
bureaucratic tape dealing with these people. I think their just scared
of having to deal with the support overhead they think they'll have to
assume if they introduce another DBMS on their network…
Thank you,
Ferindo Middleton
---------------------------(end of broadcast)---------------------------
TIP 1: if posting/reading through Usenet, please send an appropriate
subscribe-nomail command to [EMAIL PROTECTED] so that your
message can get through to the mailing list cleanly
