Received: from malur.postgresql.org ([217.196.149.56]) by arkaria.postgresql.org with esmtps (TLS1.3) tls TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384 (Exim 4.94.2) (envelope-from ) id 1tE1OS-004eh0-Bw for pgsql-general@arkaria.postgresql.org; Thu, 21 Nov 2024 07:14:24 +0000 Received: from localhost ([127.0.0.1] helo=malur.postgresql.org) by malur.postgresql.org with esmtp (Exim 4.94.2) (envelope-from ) id 1tE1OQ-00DAFE-Pk for pgsql-general@arkaria.postgresql.org; Thu, 21 Nov 2024 07:14:22 +0000 Received: from magus.postgresql.org ([2a02:c0:301:0:ffff::29]) by malur.postgresql.org with esmtps (TLS1.3) tls TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384 (Exim 4.94.2) (envelope-from ) id 1tE1OQ-00DAF6-EQ for pgsql-general@lists.postgresql.org; Thu, 21 Nov 2024 07:14:22 +0000 Received: from mail-lj1-x231.google.com ([2a00:1450:4864:20::231]) by magus.postgresql.org with esmtps (TLS1.3) tls TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256 (Exim 4.94.2) (envelope-from ) id 1tE1ON-00348w-PY for pgsql-general@lists.postgresql.org; Thu, 21 Nov 2024 07:14:21 +0000 Received: by mail-lj1-x231.google.com with SMTP id 38308e7fff4ca-2ff5d2b8f0eso4698711fa.3 for ; Wed, 20 Nov 2024 23:14:19 -0800 (PST) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=gmail.com; s=20230601; t=1732173258; x=1732778058; darn=lists.postgresql.org; h=cc:to:subject:message-id:date:from:in-reply-to:references :mime-version:from:to:cc:subject:date:message-id:reply-to; bh=qC+GyrELiKVzIcLV1Hkk8sw8WmHl1Ytd3CxALU3sZgw=; b=PjcZnGDhYfK7rwpOcNMYa6z+UCwC88/QHqew8hIg/0GunWZGBVwyz5/+nMkxaEzMGQ qvM59zQesy5db5mAOcBVimKW4IWlyyEd93kT7+ya/2Ryc5M1ERQj4ZhIP/BWmyaz2EHc nRxxfG40MjAysDEKKskNwOECKysKr07j5HoHKNMsXLqN2VT5kc8tsocjeC4OriM/4p1Z ilcgBeKN6boi17Ac+4bPymzu9tJWsdO11/BO9k3iiHHWXEb/ZTKZoVM1pYv/FS2VcGNa 1qcnYsdtO1FoABHScL3XS6afq569K8XSloUAvwpPafMUWvt71K3N0HMftYUND+6L8y5b 7hhA== X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20230601; t=1732173258; x=1732778058; h=cc:to:subject:message-id:date:from:in-reply-to:references :mime-version:x-gm-message-state:from:to:cc:subject:date:message-id :reply-to; bh=qC+GyrELiKVzIcLV1Hkk8sw8WmHl1Ytd3CxALU3sZgw=; b=B5+Ntp/S6HLRRGgX98EZ65SV1sEJh0MbNaFnxzGY6SyZYjqR8KEF4GnV7qqkA7ae4q Y8MVvgQf1+OxDFH/pecO8ghMZkaXmj5iI1g8s6Oe0fFDbJjOt8Vlg7TzdZm2yTURCexG gMAE/VFop3U8ADTYp6B5VyXqVgDU4+klqt4oQ3uQt/SG4434Yu+gS6PXgHK57d8wpGKv Izol4LpIfVs+sV3RHHj/b7WI6qkbaLrdlOWCa5Zk2neKe25bQfqblkXUWKssyElc9hz1 nFvF6QeShuEWCE5dYLKST/Us041/JrW4GVNI378I/2n2xpp3Zl5amX4Zjqq0hrJzMN3H 419Q== X-Gm-Message-State: AOJu0Yx8TDjQahz4f4wuFfxz0U4a3LVxAltu4yjmrkl8uI+Se0FSogiL yRWZ85C6Q2fqi2eVDOu/Wt18su47p5CtoA6rFhpopmXK1byi1tCXuYD+3W/uShOaXkLik2uWTrv 7TaaBUsT2DFgHLWF++xMdybwa/LGx6A== X-Google-Smtp-Source: AGHT+IEuTNH2fPvUjPwCjyCheazXpspJE4ez1VBMu2cEMz4NyihF6wGS8M1RDwUS8pMCEFkGgaBGkPeEznzDYVChpLU= X-Received: by 2002:a2e:bd11:0:b0:2fb:5014:c939 with SMTP id 38308e7fff4ca-2ff8dd3c6a8mr29409791fa.41.1732173257961; Wed, 20 Nov 2024 23:14:17 -0800 (PST) MIME-Version: 1.0 References: <7b5846ac-c16e-48d3-b548-99a772a528c5@aklaver.com> In-Reply-To: <7b5846ac-c16e-48d3-b548-99a772a528c5@aklaver.com> From: =?UTF-8?B?6rmA7KO87Jew?= Date: Thu, 21 Nov 2024 16:14:06 +0900 Message-ID: Subject: Re: CVE-2024-10979 Vulnerability Impact on PostgreSQL 11.10 To: Adrian Klaver Cc: pgsql-general@lists.postgresql.org Content-Type: multipart/alternative; boundary="000000000000bafaf106276703f1" List-Id: List-Help: List-Subscribe: List-Post: List-Owner: List-Archive: Archived-At: Precedence: bulk --000000000000bafaf106276703f1 Content-Type: text/plain; charset="UTF-8" Content-Transfer-Encoding: quoted-printable Thank you for your response. 2024=EB=85=84 11=EC=9B=94 21=EC=9D=BC (=EB=AA=A9) =EC=98=A4=ED=9B=84 3:54, = Adrian Klaver =EB=8B=98=EC=9D=B4 =EC=9E=91=EC=84= =B1: > On 11/20/24 22:44, =EA=B9=80=EC=A3=BC=EC=97=B0 wrote: > > Hello, I am currently using PostgreSQL 11.10 and would like to know if > > the CVE-2024-10979 vulnerability affects this version. > > Postgres 11 is past EOL, see: > > https://www.postgresql.org/support/versioning/ > > > > If it does impact my version, I would like to know which version I > > should upgrade to. > > Any version from 13+. > > -- > Adrian Klaver > adrian.klaver@aklaver.com > > --000000000000bafaf106276703f1 Content-Type: text/html; charset="UTF-8" Content-Transfer-Encoding: quoted-printable
Thank you for your response.

2024=EB=85=84 11=EC=9B=94 21= =EC=9D=BC (=EB=AA=A9) =EC=98=A4=ED=9B=84 3:54, Adrian Klaver <adrian.klaver@aklaver.com>=EB=8B= =98=EC=9D=B4 =EC=9E=91=EC=84=B1:
On 11/20/24 22:44, =EA=B9=80=EC=A3=BC=EC=97=B0 wrote:
> Hello, I am currently using PostgreSQL 11.10 and would like to know if=
> the CVE-2024-10979 vulnerability affects this version.

Postgres 11 is past EOL, see:

https://www.postgresql.org/support/versioning/


> If it does impact my version, I would like to know which version I > should upgrade to.

Any version from 13+.

--
Adrian Klaver
adrian.klave= r@aklaver.com

--000000000000bafaf106276703f1--