[Pkg-postgresql-public] postgresql-9.4_9.4.5-1_source.changes ACCEPTED into unstable

Debian FTP Masters ftpmaster at ftp-master.debian.org
Thu Oct 8 12:50:22 UTC 2015



Accepted:

-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA256

Format: 1.8
Date: Tue, 06 Oct 2015 11:02:48 +0200
Source: postgresql-9.4
Binary: libpq-dev libpq5 libecpg6 libecpg-dev libecpg-compat3 libpgtypes3 postgresql-9.4 postgresql-9.4-dbg postgresql-client-9.4 postgresql-server-dev-9.4 postgresql-doc-9.4 postgresql-contrib-9.4 postgresql-plperl-9.4 postgresql-plpython-9.4 postgresql-plpython3-9.4 postgresql-pltcl-9.4
Architecture: source
Version: 9.4.5-1
Distribution: unstable
Urgency: medium
Maintainer: Debian PostgreSQL Maintainers <pkg-postgresql-public at lists.alioth.debian.org>
Changed-By: Christoph Berg <christoph.berg at credativ.de>
Description:
 libecpg-compat3 - older version of run-time library for ECPG programs
 libecpg-dev - development files for ECPG (Embedded PostgreSQL for C)
 libecpg6   - run-time library for ECPG programs
 libpgtypes3 - shared library libpgtypes for PostgreSQL 9.4
 libpq-dev  - header files for libpq5 (PostgreSQL library)
 libpq5     - PostgreSQL C client library
 postgresql-9.4 - object-relational SQL database, version 9.4 server
 postgresql-9.4-dbg - debug symbols for postgresql-9.4
 postgresql-client-9.4 - front-end programs for PostgreSQL 9.4
 postgresql-contrib-9.4 - additional facilities for PostgreSQL
 postgresql-doc-9.4 - documentation for the PostgreSQL database management system
 postgresql-plperl-9.4 - PL/Perl procedural language for PostgreSQL 9.4
 postgresql-plpython-9.4 - PL/Python procedural language for PostgreSQL 9.4
 postgresql-plpython3-9.4 - PL/Python 3 procedural language for PostgreSQL 9.4
 postgresql-pltcl-9.4 - PL/Tcl procedural language for PostgreSQL 9.4
 postgresql-server-dev-9.4 - development files for PostgreSQL 9.4 server-side programming
Changes:
 postgresql-9.4 (9.4.5-1) unstable; urgency=medium
 .
   * New upstream version.
 .
     + Guard against stack overflows in json parsing (Oskari Saarenmaa)
 .
       If an application constructs PostgreSQL json or jsonb values from
       arbitrary user input, the application's users can reliably crash the
       PostgreSQL server, causing momentary denial of service.  (CVE-2015-5289)
 .
     + Fix contrib/pgcrypto to detect and report too-short crypt() salts
       (Josh Kupershmidt)
 .
       Certain invalid salt arguments crashed the server or disclosed a few
       bytes of server memory.  We have not ruled out the viability of attacks
       that arrange for presence of confidential information in the disclosed
       bytes, but they seem unlikely.  (CVE-2015-5288)
 .
   * debian/rules: Call dh without --parallel, it's not supported upstream.
Checksums-Sha1:
 15fd99879923d8f7fd86c26ab00e38bd6c1ad456 3503 postgresql-9.4_9.4.5-1.dsc
 266b8e92cdced161b6a98d4eda0810e4b61fcf49 17660960 postgresql-9.4_9.4.5.orig.tar.bz2
 52e7e745c73994b7ad9f48dec19c5c5e8bb05589 21352 postgresql-9.4_9.4.5-1.debian.tar.xz
Checksums-Sha256:
 a8bf6a87916326f7ecc504d0429a51b552a8ff1f39f3b2aa09abb55ba4d43f82 3503 postgresql-9.4_9.4.5-1.dsc
 b87c50c66b6ea42a9712b5f6284794fabad0616e6ae420cf0f10523be6d94a39 17660960 postgresql-9.4_9.4.5.orig.tar.bz2
 1aaffc8862d0450e292e56bc3793abb579bc5d6765f74bf50915647f5e194691 21352 postgresql-9.4_9.4.5-1.debian.tar.xz
Files:
 a4c3882b159f8918226b0b07b66f1a2b 3503 database optional postgresql-9.4_9.4.5-1.dsc
 8b2e3472a8dc786649b4d02d02e039a0 17660960 database optional postgresql-9.4_9.4.5.orig.tar.bz2
 791802a730ce91ea3a5f2b4d9b39e969 21352 database optional postgresql-9.4_9.4.5-1.debian.tar.xz

-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1

iQIcBAEBCAAGBQJWFmUmAAoJEExaa6sS0qeuTLsP/iXgU9J6thdLSDP7EuqUgnQD
ekIH+25k8XTg57wy3KqtFq+oc+mftrZKIj5cngLUax8yJ08SBvBP4QDiv1vlFT/p
9y6lYmy05ZtTmZ5g0jCR0gedRYuaEDQecvevtkBKoRPduaysV5V4HayijpuHxUzw
6SICyE0t1L8m+HM/9SxlBfqdhuCFDO4PGgnJ/w/yS34VW8s8XqhG0/WFpqb21j1y
vNKqfPTgKtkIuT/U05Zai7VOLUmj2YUaPFw3z0sd/zgzBj0/VTzj6pTNW0kwBMrE
Tnjlr2WEjdcNzad6yXf0mJ4un2qqvBH79f9wxPMKNLLMHciqoFpaZJPkzhVd+396
V5wWshsxhmTOxVJpRtpry5mXynA2ck/pi1i6Vr5QoUZnK4KMpac3L8YA0d2YUK4r
pwxnUn2DLcJFb2WCYuJ9brkFabwnlASPhWTK+ol4NSM5TtJBiJ082EufbcLDZKJR
uaHGYb6keW4MyZ6SytNdkU98Hb9aDAAX5rlaEbz2a9VpCM2RTbOlvrH39ioqfoVv
xAhttBzb3oipIpigDLhJpW8a+s/eMqo2CoYpf4xK+GH4APQlK7FL/Z8w0SOIO/FS
9wkwk8vrRmvZBiCj7P6d7anxpHGJPu6CfacW2VKzCq+8wWzSH84AvDORY9ib+WVh
D1xV1J0XvUKFvQz6DxSi
=KjZi
-----END PGP SIGNATURE-----


Thank you for your contribution to Debian.



More information about the Pkg-postgresql-public mailing list