Hi Tomas,
Thanks for the feedback.
On Mon, Dec 24, 2018 at 08:47:55PM +, Tomas Bortoli wrote:
>Hi Robert,
>
>Your patch seems not to be definitive against CVE-2018-19518.
>This because checking for spaces won't be enough if an attacker uses some
>"bash trick" to get a space..
Hi,
On Thu, 20 Dec 2018 09:05:57 +0100
László Böszörményi (GCS) wrote:
> It's turned out to be an FTS3/FTS4 extension issue (that is, you are
> safe if you don't use it). Upstream confirmed it[1] and fix is
> available[2]. First fixed version is 3.25.3 but due to other security
> related fixes l
2 matches
Mail list logo
