Received: from malur.postgresql.org ([217.196.149.56])
	by arkaria.postgresql.org with esmtps  (TLS1.3) tls TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384
	(Exim 4.94.2)
	(envelope-from <pgsql-general-owner+archive@lists.postgresql.org>)
	id 1tEM7D-006tTf-1q
	for pgsql-general@arkaria.postgresql.org; Fri, 22 Nov 2024 05:21:59 +0000
Received: from localhost ([127.0.0.1] helo=malur.postgresql.org)
	by malur.postgresql.org with esmtp (Exim 4.94.2)
	(envelope-from <pgsql-general-owner+archive@lists.postgresql.org>)
	id 1tEM7B-005T99-Ln
	for pgsql-general@arkaria.postgresql.org; Fri, 22 Nov 2024 05:21:57 +0000
Received: from magus.postgresql.org ([2a02:c0:301:0:ffff::29])
	by malur.postgresql.org with esmtps  (TLS1.3) tls TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384
	(Exim 4.94.2)
	(envelope-from <adrian.klaver@aklaver.com>)
	id 1tEM7B-005T90-AX
	for pgsql-general@lists.postgresql.org; Fri, 22 Nov 2024 05:21:57 +0000
Received: from fout-a8-smtp.messagingengine.com ([103.168.172.151])
	by magus.postgresql.org with esmtps  (TLS1.3) tls TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384
	(Exim 4.94.2)
	(envelope-from <adrian.klaver@aklaver.com>)
	id 1tEM78-003DvQ-LO
	for pgsql-general@lists.postgresql.org; Fri, 22 Nov 2024 05:21:56 +0000
Received: from phl-compute-04.internal (phl-compute-04.phl.internal [10.202.2.44])
	by mailfout.phl.internal (Postfix) with ESMTP id A9B1813802B9;
	Fri, 22 Nov 2024 00:21:52 -0500 (EST)
Received: from phl-mailfrontend-01 ([10.202.2.162])
  by phl-compute-04.internal (MEProxy); Fri, 22 Nov 2024 00:21:52 -0500
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=aklaver.com; h=
	cc:cc:content-transfer-encoding:content-type:content-type:date
	:date:from:from:in-reply-to:in-reply-to:message-id:mime-version
	:references:reply-to:subject:subject:to:to; s=fm3; t=1732252912;
	 x=1732339312; bh=Vy4EhUMhUeJ7IfbdHTZ14cNdoGqJRWmqhwbJoxtB81s=; b=
	P4lHvGf0wniQ8eodbhrcvyVa0YnyhFWtiOk1CWD1nrqB+N2mKj9CuZPsfVBVV689
	pHIFTZq4dvKxzjbluXRLqK3zkknFi7y6eqdChfeYj8AsqCuXIHg/oK1cHL59g56T
	X7K6jHjUHY4rt6I8SctYXwW9PTdwR+a0EzB+52yP36KhJce3aaxjDD7t90UMUEHc
	QYKzXxpRgL5U0fOcLrf8plKaRlTxqYeZyltMuEvh+5uNKPMTA269K/bARJypOLEO
	t7rsoHaFKrSV/RSOz1cJMsls0/q7/JZ94ZgwHBY7FB97Djx5CoaROUb92wpdF62c
	FygUz34BX1/4gvUu3TZOQg==
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=
	messagingengine.com; h=cc:cc:content-transfer-encoding
	:content-type:content-type:date:date:feedback-id:feedback-id
	:from:from:in-reply-to:in-reply-to:message-id:mime-version
	:references:reply-to:subject:subject:to:to:x-me-proxy
	:x-me-sender:x-me-sender:x-sasl-enc; s=fm1; t=1732252912; x=
	1732339312; bh=Vy4EhUMhUeJ7IfbdHTZ14cNdoGqJRWmqhwbJoxtB81s=; b=S
	pkC8R+2Z0DTZYzUDhWA6sahLrtn2syejsW9PTTDisuoKAuAQKTigl5OFKTwQKyii
	+WbUVAyx661nhJCgs7c2vTH13vIjX7l6DmOdjixyT4fFnHQ97DCS2Is3DOGgcK3M
	9LxBs3DnXY0TcreD5cccdq6nBuB7luWnEC9Yw8Zu6np1UO3Apf6N4eSW/DQ87Lu2
	jgTsj0MyVzgfIJMMKCi17m33HrNnJ1S04B/Fq1089hQEAYvh3NtMwz4VaHISPtea
	GNK/9kEKPSgd45z39lBLWeR3N+G1bSQef0ltAuMgKHytMippBtqCNlTq2ul6xQ6z
	LY6ZmwNlsph6SNnmGFc2g==
X-ME-Sender: <xms:8BRAZxQjEnQv14Hk4SLFmnfJrTsOgrCnz_mU8eiM42BwxPa6PRFUzA>
    <xme:8BRAZ6wDo63V-r96Z6peCurUuLUtTxSlCr16gFUsrvMiTeEVuEaVpAuFaE6XwPJ_2
    tSKn2iVznTSGOQ>
X-ME-Received: <xmr:8BRAZ21wpeXFwYz33gbQUH-TxiCenzja34JoZhKHIkO8wohBEgzMdm0pMt-nh-GW7uGIHbfdSF4IXFwlKZNr3Bu63lCYqjhk>
X-ME-Proxy-Cause: gggruggvucftvghtrhhoucdtuddrgeefuddrfeejgdektdcutefuodetggdotefrodftvf
    curfhrohhfihhlvgemucfhrghsthforghilhdpggftfghnshhusghstghrihgsvgdpuffr
    tefokffrpgfnqfghnecuuegrihhlohhuthemuceftddtnecusecvtfgvtghiphhivghnth
    hsucdlqddutddtmdenucfjughrpefkffggfgfuvfevfhfhjggtgfesthekredttddvjeen
    ucfhrhhomheptegurhhirghnucfmlhgrvhgvrhcuoegrughrihgrnhdrkhhlrghvvghrse
    grkhhlrghvvghrrdgtohhmqeenucggtffrrghtthgvrhhnpeefgeefieeutdfggfetgefg
    heekjeehteeileeigfetieekjedvieeviefgheevtdenucevlhhushhtvghrufhiiigvpe
    dtnecurfgrrhgrmhepmhgrihhlfhhrohhmpegrughrihgrnhdrkhhlrghvvghrsegrkhhl
    rghvvghrrdgtohhmpdhnsggprhgtphhtthhopeegpdhmohguvgepshhmthhpohhuthdprh
    gtphhtthhopegurghvihgurdhgrdhjohhhnhhsthhonhesghhmrghilhdrtghomhdprhgt
    phhtthhopehsuhgshhgrshhhuhgurghtrgesghhmrghilhdrtghomhdprhgtphhtthhope
    hmhihshihlphhhsehgmhgrihhlrdgtohhmpdhrtghpthhtohepphhgshhqlhdqghgvnhgv
    rhgrlheslhhishhtshdrphhoshhtghhrvghsqhhlrdhorhhg
X-ME-Proxy: <xmx:8BRAZ5A40tkewejdEUMWAuAAyQSkDFIXOaLIry9lbbiqQknqPixB6Q>
    <xmx:8BRAZ6g5V97VbqD1y5JLgfmsp3Mr55tXqGw8-UT4IFNibUMgzRWNbQ>
    <xmx:8BRAZ9oYt2AB1XzM7qiBsWYoSRhxbSuN6HDZTdzqx10OTsoCaCIV8Q>
    <xmx:8BRAZ1gC3xU0M8ZFZ-VyJKEVA_rz_KfYYBCl-M2xZL3CkJERIS0EFw>
    <xmx:8BRAZyeE3acrjlt73Jz1npQa-wWDyScXO5OZXu22LEjj7jUISKEVFpQp>
Feedback-ID: i76984098:Fastmail
Received: by mail.messagingengine.com (Postfix) with ESMTPA; Fri,
 22 Nov 2024 00:21:51 -0500 (EST)
Message-ID: <3aefd383-8f42-4f31-80a9-40f3d9bda7c3@aklaver.com>
Date: Thu, 21 Nov 2024 21:21:50 -0800
MIME-Version: 1.0
User-Agent: Mozilla Thunderbird
Subject: Re: CVE-2024-10979 Vulnerability Impact on PostgreSQL 11.10
To: "David G. Johnston" <david.g.johnston@gmail.com>
Cc: Subhash Udata <subhashudata@gmail.com>, =?UTF-8?B?6rmA7KO87Jew?=
 <mysylph@gmail.com>,
 "pgsql-general@lists.postgresql.org" <pgsql-general@lists.postgresql.org>
References: <CAONZJQkaLtHeNz3P5wO8-EWPjOJ1M5fgyp8x4Mc4bb_U9n9_6g@mail.gmail.com>
 <7b5846ac-c16e-48d3-b548-99a772a528c5@aklaver.com>
 <CAD=40Z3G8z6d1BMDmQVAAPWzCzK5kbU9wWTCZA58qmq8-L=eoA@mail.gmail.com>
 <CAKFQuwbW-5yyVPCjyTJ0uwZZvn9J94s1XzuFnoBbMXp3BC3XyQ@mail.gmail.com>
 <CAD=40Z2+84YNSM7oMb4QBpuAaadk=9XRw3PGEu5Ui_YsWpmtFA@mail.gmail.com>
 <dde2f686-a268-4564-95e7-70783595e2e7@aklaver.com>
 <CAKFQuwYkZjb2r6vaKiS8NODkkPY6=0gw9jj_-ZN1OuveNGObuw@mail.gmail.com>
Content-Language: en-US
From: Adrian Klaver <adrian.klaver@aklaver.com>
In-Reply-To: <CAKFQuwYkZjb2r6vaKiS8NODkkPY6=0gw9jj_-ZN1OuveNGObuw@mail.gmail.com>
Content-Type: text/plain; charset=UTF-8; format=flowed
Content-Transfer-Encoding: 8bit
List-Id: <pgsql-general.lists.postgresql.org>
List-Help: <https://lists.postgresql.org/manage/>
List-Subscribe: <https://lists.postgresql.org/manage/>
List-Post: <mailto:pgsql-general@lists.postgresql.org>
List-Owner: <mailto:pgsql-general-owner@lists.postgresql.org>
List-Archive: <https://www.postgresql.org/list/pgsql-general>
Archived-At: <https://www.postgresql.org/message-id/3aefd383-8f42-4f31-80a9-40f3d9bda7c3%40aklaver.com>
Precedence: bulk

On 11/21/24 20:53, David G. Johnston wrote:
> On Thursday, November 21, 2024, Adrian Klaver <adrian.klaver@aklaver.com 
> <mailto:adrian.klaver@aklaver.com>> wrote:
> 
>     On 11/21/24 20:31, Subhash Udata wrote:
> 
>         Thank you for your detailed response. I would like to clarify my
>         situation further to ensure I take the appropriate steps.
> 
>         Currently, my environment is running *PostgreSQL 15.0*. I
>         understand that version *15.9* contains the fix for
>         CVE-2024-10979, as mentioned in the release notes.
> 
> 
>     Whoa, I thought the topic of discussion from your first post and the
>     email subject was:
> 
>     "I am currently using PostgreSQL 11.10 and would like to know if the
>     CVE-2024-10979 vulnerability affects this version."
> 
> 
> No, I just think Subhash hijacked this thread.  At least the email 
> address of the OP is a different one.

Oops missed that, now it makes sense.

> 
> David J.
> 

-- 
Adrian Klaver
adrian.klaver@aklaver.com