postgres-8.1

To: backports-users@lists.backports.org
Subject: postgres-8.1
From: Chmouel Boudjnah <cboudjnah@squiz.net>
Date: Tue, 09 Jan 2007 11:49:37 +1100
Message-id: <[🔎] 87wt3xyqfy.fsf@paris.squiz.net>

Hi,

There is currently postgres 8.1.4 in the backports, 8.1.5 address this
security updates :

    * CVE-2006-5540: backend/parser/analyze.c in PostgreSQL 8.1.x
        allowed remote authenticated users to cause a denial of
        service (daemon crash) via certain aggregate functions in an
        UPDATE statement, which are not properly handled during a
        "MIN/MAX index optimization."
    * CVE-2006-5541: backend/parser/parse_coerce.c in PostgreSQL 7.4.1
      through 7.4.14, 8.0.x before 8.0.9, and 8.1.x before 8.1.5
      allows remote authenticated users to cause a denial of service
      (daemon crash) via a coercion of an unknown element to ANYARRAY.

    * CVE-2006-5542: backend/tcop/postgres.c in PostgreSQL 8.1.x
      before 8.1.5 allows remote authenticated users to cause a denial
      of service (daemon crash) related to duration logging of
      V3-protocol Execute messages for (1) COMMIT and (2) ROLLBACK SQL
      statements.

and 8.1.6 (just out today) address multiple bugfixes.

Is it possible to upgrade the backport to 8.1.6 ?

Cheers, Chmouel.

-- 
Chmouel Boudjnah - Head Sysadmin - Squiz.net

Reply to:

Follow-Ups:
- Re: postgres-8.1
  - From: Norbert Tretkowski <norbert@tretkowski.de>

Prev by Date: Re: [php-maint] php5-mysql in backports.org linked against libmysqlclient14?
Next by Date: Re: [php-maint] php5-mysql in backports.org linked against libmysqlclient14?
Previous by thread: Re: [php-maint] php5-mysql in backports.org linked against libmysqlclient14?
Next by thread: Re: postgres-8.1
Index(es):
- Date
- Thread