Re: [Secure-testing-commits] [Git][security-tracker-team/security-tracker][master] CVE-2018-1057: postgresql-10, postgresql-9.6, postgresql-9.4, postgresql-9.1

2018-03-07 Thread Christoph Berg
Re: Brian May 2018-03-07 <87a7vk9yhn@prune.linuxpenguins.xyz> > > jessie's postgresql-9.1 package is shipping a single binary package > > only, postgresql-plperl-9.1. (Check the jessie release notes for the > > rationale.) plperl is not affected by the changes as far as I can tell > > by

Re: [Secure-testing-commits] [Git][security-tracker-team/security-tracker][master] CVE-2018-1057: postgresql-10, postgresql-9.6, postgresql-9.4, postgresql-9.1

2018-03-06 Thread Brian May
Christoph Berg writes: > jessie's postgresql-9.1 package is shipping a single binary package > only, postgresql-plperl-9.1. (Check the jessie release notes for the > rationale.) plperl is not affected by the changes as far as I can tell > by inspecting src/pl/plperl's git log.

Re: [Secure-testing-commits] [Git][security-tracker-team/security-tracker][master] CVE-2018-1057: postgresql-10, postgresql-9.6, postgresql-9.4, postgresql-9.1

2018-03-06 Thread Christoph Berg
Re: Brian May 2018-03-04 <87tvtva5r4@prune.linuxpenguins.xyz> > Christoph Berg writes: > > > + [jessie] - postgresql-9.1 (postgresql-9.1 in jessie is > > PL/Perl only) > > Hello, > > What did you mean by "jessie is PL/Perl only"? Hi Brian, jessie's postgresql-9.1

Re: [Secure-testing-commits] [Git][security-tracker-team/security-tracker][master] CVE-2018-1057: postgresql-10, postgresql-9.6, postgresql-9.4, postgresql-9.1

2018-03-04 Thread Brian May
Christoph Berg writes: > + [jessie] - postgresql-9.1 (postgresql-9.1 in jessie is > PL/Perl only) Hello, What did you mean by "jessie is PL/Perl only"? I am not sure I see the connection between CVE-2018-1058 (was incorrectly labeled as CVE-2018-1057) which is for