Hi Joey! Martin Schulze [2005-05-04 12:29 +0200]: > Martin Pitt wrote: > > Hi Martin! > > > > Martin Schulze [2005-05-04 7:53 +0200]: > > > Hi, > > > > > > have you checked whether Debian's posgresql packages need an update > > > to fix <http://www.postgresql.org/about/news.315> > > > > Yes, an update is required. I'm already at preparing updated packages, > > but it is a fairly complex update since I have to add code to the > > postinst which fixes the vulnerability in already existing database. > > > > > Since testing is frozen now, the update for sarge should go via > > > security. Since testing and sid share the same version, the > > > package would then migrate into sid as well. > > > > Hmm, as far as I understood, I could as well upload into sid and ask > > debian-release to push the package into sarge? Or would you prefer > > doing a security update, even if Sarge is not yet released? > > Let's decide this when the packages are ready. Officially security > support has started, hence via security. However, if the packages > will be available soon and the chances that they're built against > wrong libraries are low, they can go via sid as well. I just uploaded 7.4.7-6 into Sid with urgency=high. I tested the debs on my server which runs Sarge, they install fine and both the upgrade and a fresh installation do not have the vulnerabilities any more. The only difference between Sarge and Sid is now the security fix. For your interest, here is the changeset: http://arch.piware.de/cgi-bin/archzoom.cgi/pkg-postgresql-private@lists.alioth.debian.org--2005/postgresql--devel--1--patch-41?log Joey, Debian Release Team: Please let me know whether you can push the Sid version into Sarge, or you prefer a separate testing-security upload (which would differ only by the changelog version, though). Joey, I will prepare a woody upgrade later. Thanks, Martin -- Martin Pitt http://www.piware.de Ubuntu Developer http://www.ubuntulinux.org Debian Developer http://www.debian.org
Attachment:
signature.asc
Description: Digital signature