Re: Martin Pitt 2015-02-24 <[email protected]> > > How does this privilege leak not affect Debian? > > It does, but the upload you referenced was for Ubuntu 10.04 LTS. > Christopher now said that apparently he just happened to make the same > mistake for apt.postgresql.org, but that's still not "Debian".
In squeeze-lts, so in Debian. (OTOH, we haven't touched 8.4 in apt.pg.o since 8.4 is EOL.) > > I agree the patch is risky - I had a look at backporting it myself, > > and it's non-trivial. I wonder if someone familiar with the code > > will assist. > > I'd just ignore this for -8.4. It's really not that big of an issue > IMHO, it has been EOL upstream for a fair while, and Ubuntu 10.04 LTS > is going end-of-life in just two months. squeeze-lts will be around for one more year... Christoph -- [email protected] | http://www.df7cb.de/ _______________________________________________ Pkg-postgresql-public mailing list [email protected] http://lists.alioth.debian.org/cgi-bin/mailman/listinfo/pkg-postgresql-public
