Bugzilla will be upgraded to version 5.0. The upgrade date is tentatively scheduled for 2 December 2018, pending final testing and feedback.
Bug 152581 - CAN-2002-1642 postgresql VACUUM DoS
CAN-2002-1642 postgresql VACUUM DoS
Product: Red Hat Enterprise Linux 2.1
Classification: Red Hat
Component: postgresql (Show other bugs)
All Linux
medium Severity medium
: ---
: ---
Assigned To: Tom Lane
David Lawrence
: Security
Depends On:
  Show dependency treegraph
Reported: 2005-03-30 09:52 EST by Josh Bressers
Modified: 2013-07-02 23:04 EDT (History)
1 user (show)

See Also:
Fixed In Version:
Doc Type: Bug Fix
Doc Text:
Story Points: ---
Clone Of:
Last Closed: 2005-03-30 13:19:31 EST
Type: ---
Regression: ---
Mount Type: ---
Documentation: ---
Verified Versions:
Category: ---
oVirt Team: ---
RHEL 7.3 requirements from Atomic Host:
Cloudforms Team: ---

Attachments (Terms of Use)

  None (edit)
Description Josh Bressers 2005-03-30 09:52:21 EST
PostgreSQL 7.2.1 and 7.2.2 allows local users to delete transaction log
(pg_clog) data and cause a denial of service (data loss) via the VACUUM command.

Additional information is here:
Comment 1 Josh Bressers 2005-03-30 09:53:05 EST

Can you take a look at this issue and let me know if we're vulnerable.  I've not
verified it one way of the other.
Comment 2 Tom Lane 2005-03-30 13:19:31 EST
AFAIK Red Hat has never shipped Postgres 7.2.anything --- we went from 7.1.* to
7.3.*.  Certainly 2.1AS is still using 7.1.3.  (No, this issue doesn't apply to
PG 7.1.*.)

Note You need to log in before you can comment on or make changes to this bug.