; Cc: Gavin Sherry; Neil Conway; PostgreSQL Hackers
> > Subject: Re: [HACKERS] [GENERAL] PostgreSQL 7.2.2: Security Release
> >
> >
> > On Sun, 25 Aug 2002, Bruce Momjian wrote:
> >
> > >
> > > OK, I understand your point. What do we need to do now tha
iginal Message-
> From: [EMAIL PROTECTED]
> [mailto:[EMAIL PROTECTED]]On Behalf Of Marc G. Fournier
> Sent: Monday, 26 August 2002 10:17 AM
> To: Bruce Momjian
> Cc: Gavin Sherry; Neil Conway; PostgreSQL Hackers
> Subject: Re: [HACKERS] [GENERAL] PostgreSQL 7.2.2: Security Rele
On Sun, 25 Aug 2002, Bruce Momjian wrote:
>
> OK, I understand your point. What do we need to do now that the
> announcement has already been made?
I'm still slightly confused here ... from what Neil/Gavin have stated so
far, all it sounds like is that if I pass a wrong date/time string, it
wil
OK, I understand your point. What do we need to do now that the
announcement has already been made?
---
Gavin Sherry wrote:
> On Sat, 24 Aug 2002, Bruce Momjian wrote:
>
> >
> > The issue is data-provoked crashes vs. que
On Sat, 24 Aug 2002, Bruce Momjian wrote:
>
> The issue is data-provoked crashes vs. query-invoked crashes. Marc's
> point, and I think it was clear enough, is that you can't just poke at
> the TCP port and hope to do anything bad, which was the thrust of the
> argument, I think.
Bruce,
I am
