Am 28. Mai 2017 16:11:47 MESZ schrieb Thorsten Alteholz :
>Hi Christoph,
>
>ok, thanks for the clarification.
>
>On Wed, 24 May 2017, Christoph Berg wrote:
>> postgresql-9.1 in wheezy is affected from my understanding of when
>> pg_user_mappings was introduced.
>
>Do you want
Hi Christoph,
ok, thanks for the clarification.
On Wed, 24 May 2017, Christoph Berg wrote:
postgresql-9.1 in wheezy is affected from my understanding of when
pg_user_mappings was introduced.
Do you want to do the wheezy-security upload for CVE-2017-7486, or shall
the LTS team take care of
Re: Ola Lundqvist 2017-05-21
Hi Thorsten
I had a look into this and I'm not sure both statements are correct for Jessie.
For CVE-2017-7486 I think the information in Jessie is wrong. The
patched code is definitely there in wheezy at least. But maybe it is
not triggered for some reason.
For CVE-2017-7484 the code do not
Hi Christoph,
CVE-2017-7486 and CVE-2017-7484 are marked as "not-affected" for
postgresql-9.1 in Jessie.
Can you please confirm that the same package in Wheezy is not affected as
well?
Do you also have an idea whether CVE-2017-7484 affects postgresql-8.4 in
Wheezy?
Thanks!
Thorsten