[EMAIL PROTECTED] wrote: > I work at Coverity where we make a static analysis tool to find bugs in > software at compile time. I think I found a security hole in > postgresql-7.4.1, but I don't want to just report it to a public list. I > sent email to [EMAIL PROTECTED], hoping that the address existed, > but I got no response. > > So where can I report a potential security hole?
I have replied to the detailed message on the core list and the security list (not sure who that is). We are researching it. >From my initial review, it is something that needs cleaning up, but is not a major security issue, I think. -- Bruce Momjian | http://candle.pha.pa.us [EMAIL PROTECTED] | (610) 359-1001 + If your life is a hard drive, | 13 Roberts Road + Christ can be your backup. | Newtown Square, Pennsylvania 19073 ---------------------------(end of broadcast)--------------------------- TIP 2: you can get off all lists at once with the unregister command (send "unregister YourEmailAddressHere" to [EMAIL PROTECTED])
