Michael Banck <michael.ba...@credativ.de> writes: > On Fri, Mar 05, 2021 at 04:38:17PM +0900, Michael Paquier wrote: >> This link includes incorrect information. CVE-2021-20229 is only a >> problem in 13.0 and 13.1, fixed in 13.2. Please see for example here: >> https://www.postgresql.org/support/security/
> Probably because the referenced Red Hat bugzilla bug claims it's > affecting all back branches and they scrapes that info from there: > https://bugzilla.redhat.com/show_bug.cgi?id=1925296 Indeed. Must have been some internal miscommunication in Red Hat, because we certainly gave them the right info when we filed for the CVE number. I've commented on that BZ entry, hopefully that'll be enough to get them to update things. regards, tom lane
