Red Hat Bugzilla – Bug 152581
CAN-2002-1642 postgresql VACUUM DoS
Last modified: 2013-07-02 23:04:34 EDT
PostgreSQL 7.2.1 and 7.2.2 allows local users to delete transaction log
(pg_clog) data and cause a denial of service (data loss) via the VACUUM command.
Additional information is here:
Can you take a look at this issue and let me know if we're vulnerable. I've not
verified it one way of the other.
AFAIK Red Hat has never shipped Postgres 7.2.anything --- we went from 7.1.* to
7.3.*. Certainly 2.1AS is still using 7.1.3. (No, this issue doesn't apply to