[Date Prev][Date Next] [Thread Prev][Thread Next] [Date Index] [Thread Index]

Bug#801317: wheezy-pu: package postgresql-9.1/9.1.19-0+deb7u1

Control: tags -1 + moreinfo

On Thu, 2015-10-08 at 17:21 +0200, Christoph Berg wrote:
> postgresql-9.1 (9.1.19-0+deb7u1) wheezy; urgency=medium
> 
>   * New upstream version.
> 
>     + Fix contrib/pgcrypto to detect and report too-short crypt() salts
>       (Josh Kupershmidt)
> 
>       Certain invalid salt arguments crashed the server or disclosed a few
>       bytes of server memory.  We have not ruled out the viability of attacks
>       that arrange for presence of confidential information in the disclosed
>       bytes, but they seem unlikely.  (CVE-2015-5288)

This appears to have been rejected by dak:

adsb@franck:~$ cat queue/reject/postgresql-9.1_9.1.19-0+deb7u1_source.changes.reason 

postgresql-9.1_9.1.19-0+deb7u1.dsc: Refers to non-existing file 'postgresql-9.1_9.1.19-0+deb7u1.debian.tar.gz'
Perhaps you need to include the file in your upload?

Regards,

Adam
Reply to: