Accepted postgresql-7.4 1:7.4.16-1 (source i386 all)
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1
Format: 1.7
Date: Sun, 4 Feb 2007 20:05:24 +0100
Source: postgresql-7.4
Binary: postgresql-plpython-7.4 postgresql-client-7.4 postgresql-7.4 postgresql-contrib-7.4 postgresql-doc-7.4 postgresql-plperl-7.4 postgresql-server-dev-7.4 postgresql-pltcl-7.4
Architecture: source i386 all
Version: 1:7.4.16-1
Distribution: unstable
Urgency: high
Maintainer: Martin Pitt <mpitt@debian.org>
Changed-By: Martin Pitt <mpitt@debian.org>
Description:
postgresql-7.4 - object-relational SQL database, version 7.4 server
postgresql-client-7.4 - front-end programs for PostgreSQL 7.4
postgresql-contrib-7.4 - additional facilities for PostgreSQL
postgresql-doc-7.4 - documentation for the PostgreSQL database management system
postgresql-plperl-7.4 - PL/Perl procedural language for PostgreSQL 7.4
postgresql-plpython-7.4 - PL/Python procedural language for PostgreSQL 7.4
postgresql-pltcl-7.4 - PL/Tcl procedural language for PostgreSQL 7.4
postgresql-server-dev-7.4 - development files for PostgreSQL 7.4 server-side programming
Changes:
postgresql-7.4 (1:7.4.16-1) unstable; urgency=high
.
* New upstream security and bug fix release:
- Remove security vulnerability that allowed connected users to read
backend memory.
The vulnerability involves suppressing the normal check that a SQL
function returns the data type it's declared to, or changing the
data type of a table column used in a SQL function (CVE-2007-0555).
This error can easily be exploited to cause a backend crash, and in
principle might be used to read database content that the user
should not be able to access.
- Fix rare bug wherein btree index page splits could fail due to
choosing an infeasible split point.
- Fix for rare Assert() crash triggered by UNION.
- Tighten security of multi-byte character processing for UTF8
sequences over three bytes long.
* Urgency high: security relevant changes and critical bug fixes.
Files:
7135158da27d6a71b6e3fe122620a28e 1115 misc optional postgresql-7.4_7.4.16-1.dsc
afd2252219fcf2ddad35f34ffcf04da7 9998322 misc optional postgresql-7.4_7.4.16.orig.tar.gz
577aaa33fd8fb375a504e8724740af3b 32359 misc optional postgresql-7.4_7.4.16-1.diff.gz
47e64059a783ea879209972a04e69203 1271660 doc optional postgresql-doc-7.4_7.4.16-1_all.deb
1ffe1d6941b46c9954bf527458cf7f98 519452 libdevel optional postgresql-server-dev-7.4_7.4.16-1_all.deb
2bf03017c687bd9c06609aef9614d62d 3375244 misc optional postgresql-7.4_7.4.16-1_i386.deb
93e9464635c500d515b5e10ce88e05df 1075796 misc optional postgresql-client-7.4_7.4.16-1_i386.deb
b028933f07aae0d6a7e57d5ad3eef1b5 566120 misc optional postgresql-contrib-7.4_7.4.16-1_i386.deb
9b84857f83630cd457206fd828531d8f 117644 misc optional postgresql-plperl-7.4_7.4.16-1_i386.deb
c29d4359099b7ca3ccebe96b206bff1c 119918 misc optional postgresql-plpython-7.4_7.4.16-1_i386.deb
163304596a805d7c98bd70f674cf9fee 122042 misc optional postgresql-pltcl-7.4_7.4.16-1_i386.deb
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.1 (GNU/Linux)
iD8DBQFFxkGIDecnbV4Fd/IRAp1oAJ0cnYIvPjOWYjz92AgOEg2fU1aYQgCgzKeA
lKdOXP6LjxRolAw69finNHo=
=775U
-----END PGP SIGNATURE-----
Accepted:
postgresql-7.4_7.4.16-1.diff.gz
to pool/main/p/postgresql-7.4/postgresql-7.4_7.4.16-1.diff.gz
postgresql-7.4_7.4.16-1.dsc
to pool/main/p/postgresql-7.4/postgresql-7.4_7.4.16-1.dsc
postgresql-7.4_7.4.16-1_i386.deb
to pool/main/p/postgresql-7.4/postgresql-7.4_7.4.16-1_i386.deb
postgresql-7.4_7.4.16.orig.tar.gz
to pool/main/p/postgresql-7.4/postgresql-7.4_7.4.16.orig.tar.gz
postgresql-client-7.4_7.4.16-1_i386.deb
to pool/main/p/postgresql-7.4/postgresql-client-7.4_7.4.16-1_i386.deb
postgresql-contrib-7.4_7.4.16-1_i386.deb
to pool/main/p/postgresql-7.4/postgresql-contrib-7.4_7.4.16-1_i386.deb
postgresql-doc-7.4_7.4.16-1_all.deb
to pool/main/p/postgresql-7.4/postgresql-doc-7.4_7.4.16-1_all.deb
postgresql-plperl-7.4_7.4.16-1_i386.deb
to pool/main/p/postgresql-7.4/postgresql-plperl-7.4_7.4.16-1_i386.deb
postgresql-plpython-7.4_7.4.16-1_i386.deb
to pool/main/p/postgresql-7.4/postgresql-plpython-7.4_7.4.16-1_i386.deb
postgresql-pltcl-7.4_7.4.16-1_i386.deb
to pool/main/p/postgresql-7.4/postgresql-pltcl-7.4_7.4.16-1_i386.deb
postgresql-server-dev-7.4_7.4.16-1_all.deb
to pool/main/p/postgresql-7.4/postgresql-server-dev-7.4_7.4.16-1_all.deb
Reply to: