[Pkg-postgresql-public] PostgreSQL 8.4.16 for squeeze [CVE-2013-0255]

Moritz Muehlenhoff jmm at inutil.org
Sat Feb 16 22:46:07 UTC 2013

On Sat, Feb 16, 2013 at 10:16:24PM +0100, Martin Pitt wrote:
> Hello security team,
> about a week ago PostgreSQL published new microreleases which fix a
> local DoS: http://www.postgresql.org/about/news/1446/ They also carry
> the usual set of bug fixes.
> 8.4.16 has been in unstable for 8 days and already unblocked for
> testing migration, and there have been no regression reports upstream
> or in Debian.
> I now prepared the corresponding update for Squeeze:
>   http://people.debian.org/~mpitt/psql/squeeze/
> This passes the upstream and postgresql-common integration tests.
> This directory also contains the full debdiff:
>   http://people.debian.org/~mpitt/psql/squeeze/postgresql-8.4_8.4.16-0squeeze1.debdiff.gz
> as well as a filtered one which is dramatically smaller:
>   http://people.debian.org/~mpitt/psql/squeeze/postgresql-8.4_8.4.16-0squeeze1.filtered-debdiff
> This has .po files, documentation which only bumps the version,
> Windows specific build system, and the rather large diff from the
> bison output removed (the bison input .y files are still there, of
> course).
> OK to upload?

Yes, please go ahead (remember to build with -sa since the orig tarball is new in stable-security)


More information about the Pkg-postgresql-public mailing list