postgres and CVE-2010-0442
Gary Jennejohn
gary.jennejohn at freenet.de
Thu Mar 25 14:44:26 UTC 2010
On Thu, 25 Mar 2010 16:12:21 +0300
Alexander Pyhalov <alp at rsu.ru> wrote:
> Hello.
> Could someone look at http://www.freebsd.org/cgi/query-pr.cgi?pr=144863
> ? There is quite serious security issue in postgres, which allow any
> user to kill others' sessions.
>
It's only been a week since it was assigned to the maintainer (girgen@)
to look at.
It's too soon for a maintainer timeout, although I suppose if this is
considered to be an enormous security risk it could be committed without
waiting.
I'd say that's a decision for portmgr@ to make.
--
Gary Jennejohn
More information about the freebsd-ports
mailing list