Re: [SECURITY] [DSA 1087-1] New PostgreSQL packages fix encoding vulnerabilities
- To: debian-security@lists.debian.org, "Ross J. Reedstrom" <reedstrm@rice.edu>
- Subject: Re: [SECURITY] [DSA 1087-1] New PostgreSQL packages fix encoding vulnerabilities
- From: "Jennifer A. Drummond" <jenn@io.com>
- Date: Sun, 4 Jun 2006 18:57:19 -0500
- Message-id: <[🔎] 20060604235719.GA52667@io.com>
- In-reply-to: <20060604195236.GB4529@cooker> <20060603075206.27BE9FE3A@finlandia.infodrom.north.de>
- References: <20060602210616.GA74767@io.com> <20060603032906.GC25873@cooker> <20060604174027.GA38660@io.com> <20060604195236.GB4529@cooker> <20060603075206.27BE9FE3A@finlandia.infodrom.north.de>
> > On another another note: I'm alarmed by Chuck's report that the XSL
> > tranforms differ among our front ends. Isn't that a cnxml-package thing?
> > They all look the same as far as I can tell, whichever method I use.
>
> Because I fixed it. I didn't notice you were copied on Chuck's original
> note: I should have copied you on my reply. Depot and kissaki ( I think)
> were on 0.5.8.
Ack. There must be an overly-quiet failure mode in my new rollout scheme.
I'll check into it. Sorry. :/
> > On another note: how bad is this recent PostgreSQL vunerability, and
> > should we be looking at upgrading? I've got a long-standing to-do item of
> > working up a test suite that hits "just" the database functions.
>
> Hmm, which recent postgresql vulnerability?
See below. Seems to affect sites using multibyte encodings, though on
another look UTF-8 isn't actually affected. I doubt any of our databases
are sufficiently exposed to allow this kind of exploit anyway, but I
always feel better checking.
=-=-> Jenn
On Sat, Jun 03, 2006 at 09:52:06AM +0200, Martin Schulze wrote:
> -----BEGIN PGP SIGNED MESSAGE-----
> Hash: SHA1
>
> - --------------------------------------------------------------------------
> Debian Security Advisory DSA 1087-1 security@debian.org
> http://www.debian.org/security/ Martin Schulze
> June 3rd, 2006 http://www.debian.org/security/faq
> - --------------------------------------------------------------------------
>
> Package : postgresql
> Vulnerability : programming error
> Problem type : remote
> Debian-specific: no
> CVE IDs : CVE-2006-2313 CVE-2006-2314
>
> Several encoding problems have been discovered in PostgreSQL, a
> popular SQL database. The Common Vulnerabilities and Exposures
> project identifies the following problems:
>
> CVE-2006-2313
>
> Akio Ishida and Yasuo Ohgaki discovered a weakness in the handling
> of invalidly-encoded multibyte text data which could allow an
> attacker to inject arbitrary SQL commands.
>
> CVE-2006-2314
>
> A similar problem exists in client-side encodings (such as SJIS,
> BIG5, GBK, GB18030, and UHC) which contain valid multibyte
> characters that end with the backslash character. An attacker
> could supply a specially crafted byte sequence that is able to
> inject arbitrary SQL commands.
>
> This issue does not affect you if you only use single-byte (like
> SQL_ASCII or the ISO-8859-X family) or unaffected multibyte (like
> UTF-8) encodings.
>
> psycopg and python-pgsql use the old encoding for binary data and
> may have to be updated.
>
> The old stable distribution (woody) is affected by these problems but
> we're unable to correct the package.
>
> For the stable distribution (sarge) these problems have been fixed in
> version 7.4.7-6sarge2.
>
> For the unstable distribution (sid) these problems have been fixed in
> version 7.4.13-1.
>
> We recommend that you upgrade your postgresql packages.
>
>
> Upgrade Instructions
> - --------------------
>
> wget url
> will fetch the file for you
> dpkg -i file.deb
> will install the referenced file.
>
> If you are using the apt-get package manager, use the line for
> sources.list as given at the end of this advisory:
>
> apt-get update
> will update the internal database
> apt-get upgrade
> will install corrected packages
>
> You may use an automated update by adding the resources from the
> footer to the proper configuration.
>
>
> Debian GNU/Linux 3.1 alias sarge
> - --------------------------------
>
> Source archives:
>
> http://security.debian.org/pool/updates/main/p/postgresql/postgresql_7.4.7-6sarge2.dsc
> Size/MD5 checksum: 985 78d63a976c27999c86bbd57f70eae80d
> http://security.debian.org/pool/updates/main/p/postgresql/postgresql_7.4.7-6sarge2.diff.gz
> Size/MD5 checksum: 189611 577fb231aac4f86692e935b6a30eb1f4
> http://security.debian.org/pool/updates/main/p/postgresql/postgresql_7.4.7.orig.tar.gz
> Size/MD5 checksum: 9952102 d193c58aef02a745e8657c48038587ac
>
> Architecture independent components:
>
> http://security.debian.org/pool/updates/main/p/postgresql/postgresql-doc_7.4.7-6sarge2_all.deb
> Size/MD5 checksum: 2266882 86068a0b0bd5f3353746555933d29317
>
> Alpha architecture:
>
> http://security.debian.org/pool/updates/main/p/postgresql/libecpg-dev_7.4.7-6sarge2_alpha.deb
> Size/MD5 checksum: 239980 bb173b640c9f206c320d20b554d724fa
> http://security.debian.org/pool/updates/main/p/postgresql/libecpg4_7.4.7-6sarge2_alpha.deb
> Size/MD5 checksum: 104826 0d4a8d8aea91799bc70617f9e47b5b29
> http://security.debian.org/pool/updates/main/p/postgresql/libpgtcl_7.4.7-6sarge2_alpha.deb
> Size/MD5 checksum: 82408 f4a3dad48412573e5b993c4d9e7400f1
> http://security.debian.org/pool/updates/main/p/postgresql/libpgtcl-dev_7.4.7-6sarge2_alpha.deb
> Size/MD5 checksum: 61972 7cc403fea81613636d180358568638ca
> http://security.debian.org/pool/updates/main/p/postgresql/libpq3_7.4.7-6sarge2_alpha.deb
> Size/MD5 checksum: 139496 bede365b3e3505f79cb734747744fd5e
> http://security.debian.org/pool/updates/main/p/postgresql/postgresql_7.4.7-6sarge2_alpha.deb
> Size/MD5 checksum: 4153162 86740fcfb886861702c8bccbcfb7a8be
> http://security.debian.org/pool/updates/main/p/postgresql/postgresql-client_7.4.7-6sarge2_alpha.deb
> Size/MD5 checksum: 614270 16108bc1a5cc9d7d51337597e2f5090c
> http://security.debian.org/pool/updates/main/p/postgresql/postgresql-contrib_7.4.7-6sarge2_alpha.deb
> Size/MD5 checksum: 701704 de550242e2d5cbbf0d9c24aad75a4977
> http://security.debian.org/pool/updates/main/p/postgresql/postgresql-dev_7.4.7-6sarge2_alpha.deb
> Size/MD5 checksum: 546150 d9c95cc8ac6e21509b13640d0589c46c
>
> AMD64 architecture:
>
> http://security.debian.org/pool/updates/main/p/postgresql/libecpg-dev_7.4.7-6sarge2_amd64.deb
> Size/MD5 checksum: 210208 602e081a5b8ef164d0d7114cfbb002e2
> http://security.debian.org/pool/updates/main/p/postgresql/libecpg4_7.4.7-6sarge2_amd64.deb
> Size/MD5 checksum: 96442 ecdcbc5b59750b9871d49e3319a18fb8
> http://security.debian.org/pool/updates/main/p/postgresql/libpgtcl_7.4.7-6sarge2_amd64.deb
> Size/MD5 checksum: 79380 ca54542f754ac5da8c992f5889c12cc9
> http://security.debian.org/pool/updates/main/p/postgresql/libpgtcl-dev_7.4.7-6sarge2_amd64.deb
> Size/MD5 checksum: 56212 364aaa1ac5a22e12262b90314f060d33
> http://security.debian.org/pool/updates/main/p/postgresql/libpq3_7.4.7-6sarge2_amd64.deb
> Size/MD5 checksum: 131638 82fcd52b9cb9c93afb1e9545df89ee28
> http://security.debian.org/pool/updates/main/p/postgresql/postgresql_7.4.7-6sarge2_amd64.deb
> Size/MD5 checksum: 3887452 f408a28bc585b4f98e72e343813316be
> http://security.debian.org/pool/updates/main/p/postgresql/postgresql-client_7.4.7-6sarge2_amd64.deb
> Size/MD5 checksum: 559516 2b31c9a4fc43ab7ca0d9dd2f55dd1bb9
> http://security.debian.org/pool/updates/main/p/postgresql/postgresql-contrib_7.4.7-6sarge2_amd64.deb
> Size/MD5 checksum: 654962 0b5970688a0f4ed4476ea80196b3e33d
> http://security.debian.org/pool/updates/main/p/postgresql/postgresql-dev_7.4.7-6sarge2_amd64.deb
> Size/MD5 checksum: 519740 b291ff79aa9dcf4c94b4f544222b6e3c
>
> ARM architecture:
>
> http://security.debian.org/pool/updates/main/p/postgresql/libecpg-dev_7.4.7-6sarge2_arm.deb
> Size/MD5 checksum: 216872 60267ccd42ebc905fbed60faf15ce7c8
> http://security.debian.org/pool/updates/main/p/postgresql/libecpg4_7.4.7-6sarge2_arm.deb
> Size/MD5 checksum: 92170 6f866dbf0695c4857d73dbd9c538caa7
> http://security.debian.org/pool/updates/main/p/postgresql/libpgtcl_7.4.7-6sarge2_arm.deb
> Size/MD5 checksum: 76290 53279156767dd6b03ebde6a1a7a6e9d5
> http://security.debian.org/pool/updates/main/p/postgresql/libpgtcl-dev_7.4.7-6sarge2_arm.deb
> Size/MD5 checksum: 56338 14809b9f1149cc9a09b2b7f65efffd07
> http://security.debian.org/pool/updates/main/p/postgresql/libpq3_7.4.7-6sarge2_arm.deb
> Size/MD5 checksum: 124098 72f5fa7ae580925a88a2d3dd8fc96c3d
> http://security.debian.org/pool/updates/main/p/postgresql/postgresql_7.4.7-6sarge2_arm.deb
> Size/MD5 checksum: 3789942 b819ecda4f08a2f321942e6efd760e35
> http://security.debian.org/pool/updates/main/p/postgresql/postgresql-client_7.4.7-6sarge2_arm.deb
> Size/MD5 checksum: 534538 b1cd2927aaf7a59ebe9274e9d88beff9
> http://security.debian.org/pool/updates/main/p/postgresql/postgresql-contrib_7.4.7-6sarge2_arm.deb
> Size/MD5 checksum: 628216 a94c9d9207b560b6eed5fd823bdd5406
> http://security.debian.org/pool/updates/main/p/postgresql/postgresql-dev_7.4.7-6sarge2_arm.deb
> Size/MD5 checksum: 518454 db9f0c0c6ab0c0c3a504c5a1faf93d54
>
> Intel IA-32 architecture:
>
> http://security.debian.org/pool/updates/main/p/postgresql/libecpg-dev_7.4.7-6sarge2_i386.deb
> Size/MD5 checksum: 207204 aafafd90bea915cfce42e4cc8997a7ae
> http://security.debian.org/pool/updates/main/p/postgresql/libecpg4_7.4.7-6sarge2_i386.deb
> Size/MD5 checksum: 95146 fbccb71b54ddae5b4f0100262e546edd
> http://security.debian.org/pool/updates/main/p/postgresql/libpgtcl_7.4.7-6sarge2_i386.deb
> Size/MD5 checksum: 78032 c2199f8932f9af670103bae577da7928
> http://security.debian.org/pool/updates/main/p/postgresql/libpgtcl-dev_7.4.7-6sarge2_i386.deb
> Size/MD5 checksum: 55678 ba9771127582d3c4d041d0ebd54714f8
> http://security.debian.org/pool/updates/main/p/postgresql/libpq3_7.4.7-6sarge2_i386.deb
> Size/MD5 checksum: 128310 fcdcfa9995f3929c4af97fa75540fdf8
> http://security.debian.org/pool/updates/main/p/postgresql/postgresql_7.4.7-6sarge2_i386.deb
> Size/MD5 checksum: 3799030 0d851c1ad83ba723ca81009464c69f71
> http://security.debian.org/pool/updates/main/p/postgresql/postgresql-client_7.4.7-6sarge2_i386.deb
> Size/MD5 checksum: 539660 c3511e4e1935e5e741e630b33828492f
> http://security.debian.org/pool/updates/main/p/postgresql/postgresql-contrib_7.4.7-6sarge2_i386.deb
> Size/MD5 checksum: 625940 32bb7a6139270dd119f72a7b708a6c54
> http://security.debian.org/pool/updates/main/p/postgresql/postgresql-dev_7.4.7-6sarge2_i386.deb
> Size/MD5 checksum: 516050 9aa8818dec80c8830fde3b0d6849d310
>
> Intel IA-64 architecture:
>
> http://security.debian.org/pool/updates/main/p/postgresql/libecpg-dev_7.4.7-6sarge2_ia64.deb
> Size/MD5 checksum: 250406 02e0cd73738b871e12fe07d435f502e8
> http://security.debian.org/pool/updates/main/p/postgresql/libecpg4_7.4.7-6sarge2_ia64.deb
> Size/MD5 checksum: 117496 0b12feda47694da718abaa8b82e3a7df
> http://security.debian.org/pool/updates/main/p/postgresql/libpgtcl_7.4.7-6sarge2_ia64.deb
> Size/MD5 checksum: 91804 c75fd48f53fa84033593c5000c4e2ba1
> http://security.debian.org/pool/updates/main/p/postgresql/libpgtcl-dev_7.4.7-6sarge2_ia64.deb
> Size/MD5 checksum: 60582 c81d60f2b9fcafc17bf2c890f62a67af
> http://security.debian.org/pool/updates/main/p/postgresql/libpq3_7.4.7-6sarge2_ia64.deb
> Size/MD5 checksum: 152570 657268cc59f43720a4fbcd7401f68a51
> http://security.debian.org/pool/updates/main/p/postgresql/postgresql_7.4.7-6sarge2_ia64.deb
> Size/MD5 checksum: 4408476 6b9c54e4e402f7f2dd0bab017b53b066
> http://security.debian.org/pool/updates/main/p/postgresql/postgresql-client_7.4.7-6sarge2_ia64.deb
> Size/MD5 checksum: 682300 919925ab2e1e3f0214223ec4d557198f
> http://security.debian.org/pool/updates/main/p/postgresql/postgresql-contrib_7.4.7-6sarge2_ia64.deb
> Size/MD5 checksum: 776054 17a52e7ee887815ea0eca17db214e143
> http://security.debian.org/pool/updates/main/p/postgresql/postgresql-dev_7.4.7-6sarge2_ia64.deb
> Size/MD5 checksum: 543558 304d71b16b2de34209431a6e4f5f47b4
>
> HP Precision architecture:
>
> http://security.debian.org/pool/updates/main/p/postgresql/libecpg-dev_7.4.7-6sarge2_hppa.deb
> Size/MD5 checksum: 217744 7ea61b426c2ead22a87d8e6b2b8cbc06
> http://security.debian.org/pool/updates/main/p/postgresql/libecpg4_7.4.7-6sarge2_hppa.deb
> Size/MD5 checksum: 104378 cb8adb9c1dd2bc415a6157fa12f928e5
> http://security.debian.org/pool/updates/main/p/postgresql/libpgtcl_7.4.7-6sarge2_hppa.deb
> Size/MD5 checksum: 83740 3799d1cfececc128d9a6a790c08a86c7
> http://security.debian.org/pool/updates/main/p/postgresql/libpgtcl-dev_7.4.7-6sarge2_hppa.deb
> Size/MD5 checksum: 58682 3caab961a85db146b0d37f982af37622
> http://security.debian.org/pool/updates/main/p/postgresql/libpq3_7.4.7-6sarge2_hppa.deb
> Size/MD5 checksum: 134686 5a730cd2793948c69aacb82d00124259
> http://security.debian.org/pool/updates/main/p/postgresql/postgresql_7.4.7-6sarge2_hppa.deb
> Size/MD5 checksum: 4263326 56aa2f4f1caab2fddf15b8c0c960c426
> http://security.debian.org/pool/updates/main/p/postgresql/postgresql-client_7.4.7-6sarge2_hppa.deb
> Size/MD5 checksum: 572462 2989c44d3ed16aff10af1bbdfee973f8
> http://security.debian.org/pool/updates/main/p/postgresql/postgresql-contrib_7.4.7-6sarge2_hppa.deb
> Size/MD5 checksum: 686150 ad186c53d5cf30ec79bd5f7a8de97a7c
> http://security.debian.org/pool/updates/main/p/postgresql/postgresql-dev_7.4.7-6sarge2_hppa.deb
> Size/MD5 checksum: 523900 eb948f532e5cfdebe504925a73103c9d
>
> Motorola 680x0 architecture:
>
> http://security.debian.org/pool/updates/main/p/postgresql/libecpg-dev_7.4.7-6sarge2_m68k.deb
> Size/MD5 checksum: 194254 60cb0f51cdb1e8c270bf5092b8d8255c
> http://security.debian.org/pool/updates/main/p/postgresql/libecpg4_7.4.7-6sarge2_m68k.deb
> Size/MD5 checksum: 89926 557536dec7b52d56abd80da0e3395204
> http://security.debian.org/pool/updates/main/p/postgresql/libpgtcl_7.4.7-6sarge2_m68k.deb
> Size/MD5 checksum: 76946 8d5b8aaaad2faef72647dab6bf74a706
> http://security.debian.org/pool/updates/main/p/postgresql/libpgtcl-dev_7.4.7-6sarge2_m68k.deb
> Size/MD5 checksum: 53920 d8a7c7dfde0b9848c9b820b1b021013b
> http://security.debian.org/pool/updates/main/p/postgresql/libpq3_7.4.7-6sarge2_m68k.deb
> Size/MD5 checksum: 125348 e2a9707ad1ac5f7fe1c1f2455242bc2c
> http://security.debian.org/pool/updates/main/p/postgresql/postgresql_7.4.7-6sarge2_m68k.deb
> Size/MD5 checksum: 3974176 da72953d869784679784c9753972128f
> http://security.debian.org/pool/updates/main/p/postgresql/postgresql-client_7.4.7-6sarge2_m68k.deb
> Size/MD5 checksum: 510460 0c3be055f6a3e09377c5669e25ee6cc3
> http://security.debian.org/pool/updates/main/p/postgresql/postgresql-contrib_7.4.7-6sarge2_m68k.deb
> Size/MD5 checksum: 608894 52181b4b31ca796c2a67737706c2d732
> http://security.debian.org/pool/updates/main/p/postgresql/postgresql-dev_7.4.7-6sarge2_m68k.deb
> Size/MD5 checksum: 507366 b47589dc8e2cba5f2484136ae1360bd8
>
> Big endian MIPS architecture:
>
> http://security.debian.org/pool/updates/main/p/postgresql/libecpg-dev_7.4.7-6sarge2_mips.deb
> Size/MD5 checksum: 209612 24ecb0017cc2d0213c9ae14def963f7c
> http://security.debian.org/pool/updates/main/p/postgresql/libecpg4_7.4.7-6sarge2_mips.deb
> Size/MD5 checksum: 95740 7bc16022786a15ce296cc450bad14690
> http://security.debian.org/pool/updates/main/p/postgresql/libpgtcl_7.4.7-6sarge2_mips.deb
> Size/MD5 checksum: 80856 4ae6337bf3f0749e5646398025b4ca3a
> http://security.debian.org/pool/updates/main/p/postgresql/libpgtcl-dev_7.4.7-6sarge2_mips.deb
> Size/MD5 checksum: 56260 32e7db2cc80977c8202f4dd11e4d37c0
> http://security.debian.org/pool/updates/main/p/postgresql/libpq3_7.4.7-6sarge2_mips.deb
> Size/MD5 checksum: 128346 19627a5e0dab29be81b092ef9a064f1c
> http://security.debian.org/pool/updates/main/p/postgresql/postgresql_7.4.7-6sarge2_mips.deb
> Size/MD5 checksum: 4171356 e97e1b50aa6ce9f1b3963d9ab20eeacc
> http://security.debian.org/pool/updates/main/p/postgresql/postgresql-client_7.4.7-6sarge2_mips.deb
> Size/MD5 checksum: 582144 804d77b5e1089b5b39e57eb228836aca
> http://security.debian.org/pool/updates/main/p/postgresql/postgresql-contrib_7.4.7-6sarge2_mips.deb
> Size/MD5 checksum: 641800 4b006574dbeda3bcedc514ca12433b10
> http://security.debian.org/pool/updates/main/p/postgresql/postgresql-dev_7.4.7-6sarge2_mips.deb
> Size/MD5 checksum: 521302 8d1b8b6bc9bc640761909527c425083a
>
> Little endian MIPS architecture:
>
> http://security.debian.org/pool/updates/main/p/postgresql/libecpg-dev_7.4.7-6sarge2_mipsel.deb
> Size/MD5 checksum: 207620 1b974ad276e845a8b9da8afb88b20118
> http://security.debian.org/pool/updates/main/p/postgresql/libecpg4_7.4.7-6sarge2_mipsel.deb
> Size/MD5 checksum: 95932 06b9e5d8fd2e82c622febe7faf7b2be7
> http://security.debian.org/pool/updates/main/p/postgresql/libpgtcl_7.4.7-6sarge2_mipsel.deb
> Size/MD5 checksum: 80612 7a2d7bbd54b8f08aa09c2cd307d3d2be
> http://security.debian.org/pool/updates/main/p/postgresql/libpgtcl-dev_7.4.7-6sarge2_mipsel.deb
> Size/MD5 checksum: 56322 22475b9bc5de36f15ad8560795455133
> http://security.debian.org/pool/updates/main/p/postgresql/libpq3_7.4.7-6sarge2_mipsel.deb
> Size/MD5 checksum: 128422 f6fbc5968a69601bcf94d71ad0f88532
> http://security.debian.org/pool/updates/main/p/postgresql/postgresql_7.4.7-6sarge2_mipsel.deb
> Size/MD5 checksum: 3862226 e4424c77620f0c30beb7d8ac0e253d9f
> http://security.debian.org/pool/updates/main/p/postgresql/postgresql-client_7.4.7-6sarge2_mipsel.deb
> Size/MD5 checksum: 581426 ed5a9b2a615bdfcc7036287667502038
> http://security.debian.org/pool/updates/main/p/postgresql/postgresql-contrib_7.4.7-6sarge2_mipsel.deb
> Size/MD5 checksum: 641240 dc49d2bcf81a25280664c73b1af8797b
> http://security.debian.org/pool/updates/main/p/postgresql/postgresql-dev_7.4.7-6sarge2_mipsel.deb
> Size/MD5 checksum: 521720 5ff500cb5542403582240c7e37bbcdda
>
> PowerPC architecture:
>
> http://security.debian.org/pool/updates/main/p/postgresql/libecpg-dev_7.4.7-6sarge2_powerpc.deb
> Size/MD5 checksum: 210904 48e1dd207b4b025e80b35406d75b43ee
> http://security.debian.org/pool/updates/main/p/postgresql/libecpg4_7.4.7-6sarge2_powerpc.deb
> Size/MD5 checksum: 100428 901be88d71fc0e06ccf3e50fb4151b93
> http://security.debian.org/pool/updates/main/p/postgresql/libpgtcl_7.4.7-6sarge2_powerpc.deb
> Size/MD5 checksum: 84596 72fbac10fd10eedcc4ef1673e5ad57b2
> http://security.debian.org/pool/updates/main/p/postgresql/libpgtcl-dev_7.4.7-6sarge2_powerpc.deb
> Size/MD5 checksum: 55326 96fcce34e09b75e683c09e63d94b0ac2
> http://security.debian.org/pool/updates/main/p/postgresql/libpq3_7.4.7-6sarge2_powerpc.deb
> Size/MD5 checksum: 129898 6467b522f8bcf577a5a5eac47e695e5f
> http://security.debian.org/pool/updates/main/p/postgresql/postgresql_7.4.7-6sarge2_powerpc.deb
> Size/MD5 checksum: 4203052 1f019762641079d46b162b4ad2837458
> http://security.debian.org/pool/updates/main/p/postgresql/postgresql-client_7.4.7-6sarge2_powerpc.deb
> Size/MD5 checksum: 565430 a305cd9acfcec0d648edb56eaae2f605
> http://security.debian.org/pool/updates/main/p/postgresql/postgresql-contrib_7.4.7-6sarge2_powerpc.deb
> Size/MD5 checksum: 686040 3d34c6d9faf50a6c88c736364895cbdf
> http://security.debian.org/pool/updates/main/p/postgresql/postgresql-dev_7.4.7-6sarge2_powerpc.deb
> Size/MD5 checksum: 516676 c2e91f20faa7669ab94fae166f94cac5
>
> IBM S/390 architecture:
>
> http://security.debian.org/pool/updates/main/p/postgresql/libecpg-dev_7.4.7-6sarge2_s390.deb
> Size/MD5 checksum: 208296 1ceaec0962943f05b7cb930c5a8ec5f0
> http://security.debian.org/pool/updates/main/p/postgresql/libecpg4_7.4.7-6sarge2_s390.deb
> Size/MD5 checksum: 97814 73b521d57581888ffa97f4c519aa2b78
> http://security.debian.org/pool/updates/main/p/postgresql/libpgtcl_7.4.7-6sarge2_s390.deb
> Size/MD5 checksum: 80456 704e9ef41e3f89e610f7400c998ce88c
> http://security.debian.org/pool/updates/main/p/postgresql/libpgtcl-dev_7.4.7-6sarge2_s390.deb
> Size/MD5 checksum: 56994 b135a1197a5b47a4070a07ffceb33348
> http://security.debian.org/pool/updates/main/p/postgresql/libpq3_7.4.7-6sarge2_s390.deb
> Size/MD5 checksum: 133966 f80f2bfb7a971fd9ff4f3266c9fdddcd
> http://security.debian.org/pool/updates/main/p/postgresql/postgresql_7.4.7-6sarge2_s390.deb
> Size/MD5 checksum: 4161698 8dac213b26c2f64b394ead91cf796c8e
> http://security.debian.org/pool/updates/main/p/postgresql/postgresql-client_7.4.7-6sarge2_s390.deb
> Size/MD5 checksum: 549568 a82366bd7a49ca2e2c3f84a0f99b61b2
> http://security.debian.org/pool/updates/main/p/postgresql/postgresql-contrib_7.4.7-6sarge2_s390.deb
> Size/MD5 checksum: 665482 6d7faf109031c6f295966e65bd69ed79
> http://security.debian.org/pool/updates/main/p/postgresql/postgresql-dev_7.4.7-6sarge2_s390.deb
> Size/MD5 checksum: 520664 3ebbbcd84b599632d3b74a6aa5cfbd9e
>
> Sun Sparc architecture:
>
> http://security.debian.org/pool/updates/main/p/postgresql/libecpg-dev_7.4.7-6sarge2_sparc.deb
> Size/MD5 checksum: 205870 9fe5eac55d9ecb77cde27081e43fa2e2
> http://security.debian.org/pool/updates/main/p/postgresql/libecpg4_7.4.7-6sarge2_sparc.deb
> Size/MD5 checksum: 93606 1ef27ddd79e25a9de9f65673076ccbed
> http://security.debian.org/pool/updates/main/p/postgresql/libpgtcl_7.4.7-6sarge2_sparc.deb
> Size/MD5 checksum: 77926 525d22dd799578af00d5ee3e09718dbd
> http://security.debian.org/pool/updates/main/p/postgresql/libpgtcl-dev_7.4.7-6sarge2_sparc.deb
> Size/MD5 checksum: 56150 07daedfabe9931672c7fced5ef515708
> http://security.debian.org/pool/updates/main/p/postgresql/libpq3_7.4.7-6sarge2_sparc.deb
> Size/MD5 checksum: 127594 e488f86dcbce2df62c3dbfe56766d1c2
> http://security.debian.org/pool/updates/main/p/postgresql/postgresql_7.4.7-6sarge2_sparc.deb
> Size/MD5 checksum: 4091222 6c3cbbb9965d35a5813ea78abac52645
> http://security.debian.org/pool/updates/main/p/postgresql/postgresql-client_7.4.7-6sarge2_sparc.deb
> Size/MD5 checksum: 535876 f914be88ee8da6b67cc3af31db4ef42b
> http://security.debian.org/pool/updates/main/p/postgresql/postgresql-contrib_7.4.7-6sarge2_sparc.deb
> Size/MD5 checksum: 633208 f23620f4d6708b1946e85349372e3048
> http://security.debian.org/pool/updates/main/p/postgresql/postgresql-dev_7.4.7-6sarge2_sparc.deb
> Size/MD5 checksum: 514344 6d8417121070e1faa09936e6ac9b943f
>
>
> These files will probably be moved into the stable distribution on
> its next update.
>
> - ---------------------------------------------------------------------------------
> For apt-get: deb http://security.debian.org/ stable/updates main
> For dpkg-ftp: ftp://security.debian.org/debian-security dists/stable/updates/main
> Mailing list: debian-security-announce@lists.debian.org
> Package info: `apt-cache show <pkg>' and http://packages.debian.org/<pkg>
>
> -----BEGIN PGP SIGNATURE-----
> Version: GnuPG v1.4.3 (GNU/Linux)
>
> iD8DBQFEgT+lW5ql+IAeqTIRArfKAKCMOKzZa8IIZt+J/BxwuJBaoNgr4wCfRhTM
> WBMSduHAHsW4XT7jGd/g0mg=
> =lrI2
> -----END PGP SIGNATURE-----
>
>
> --
> To UNSUBSCRIBE, email to debian-security-announce-REQUEST@lists.debian.org
> with a subject of "unsubscribe". Trouble? Contact listmaster@lists.debian.org
On Sun, Jun 04, 2006 at 02:52:36PM -0500, Ross J. Reedstrom wrote:
> On Sun, Jun 04, 2006 at 12:40:27PM -0500, Jennifer A. Drummond wrote:
> > On Fri, Jun 02, 2006 at 10:29:06PM -0500, Ross J. Reedstrom wrote:
> > > Jenn -
> > > Actually, the default is 4, that's what depot is accepting. The one at
> > > 25 is citadel. In fact, all other frontends are at 25:
> > >
> > > grep '^[^#].*thread' /net/{{citadel,cnx,depot}/opt/instances/cnx,kissaki/opt/instances/cnx[12]}/etc/zope.conf
> >
> > Huh. Once again, I bow before your one-liner prowess. I was just, like,
> > reading the files. Maybe I ran into some symlink weirdness.
>
> You also read the diff backwards. No biggie.
>
> >
Reply to: