[Pkg-postgresql-public] Bug#777152: unblock: postgresql-9.4/9.4.1-1
Christoph Berg
christoph.berg at credativ.de
Thu Feb 5 16:18:00 UTC 2015
Package: release.debian.org
Severity: normal
User: release.debian.org at packages.debian.org
Usertags: unblock
Please unblock package postgresql-9.4. The new version fixes a bunch
of CVEs, and a regression in postfix-pgsql. There are no changes in
debian/ (except of course for the changelog).
postgresql-9.4 (9.4.1-1) unstable; urgency=medium
* New upstream version.
+ libpq5: Name lookups fixed in minimal chroots (Closes: #756627)
+ Fix buffer overruns in to_char() (CVE-2015-0241)
+ Fix buffer overruns in contrib/pgcrypto (CVE-2015-0243)
+ Fix possible loss of frontend/backend protocol synchronization after an
error (CVE-2015-0244)
+ Fix information leak via constraint-violation error messages
(CVE-2014-8161)
-- Christoph Berg <myon at debian.org> Wed, 04 Feb 2015 17:55:28 +0100
unblock postgresql-9.4/9.4.1-1
Christoph
--
cb at df7cb.de | http://www.df7cb.de/
-------------- next part --------------
A non-text attachment was scrubbed...
Name: signature.asc
Type: application/pgp-signature
Size: 819 bytes
Desc: Digital signature
URL: <http://lists.alioth.debian.org/pipermail/pkg-postgresql-public/attachments/20150205/f9437335/attachment.sig>
More information about the Pkg-postgresql-public
mailing list