postgresql-8.4 (8.4.22-0ubuntu0.10.04) lucid-proposed; urgency=medium * New upstream bug fix release: (LP: #1348176) - Various data integrity and other bug fixes. - Secure Unix-domain sockets of temporary postmasters started during make check. Any local user able to access the socket file could connect as the server's bootstrap superuser, then proceed to execute arbitrary code as the operating-system user running the test, as we previously noted in CVE-2014-0067. This change defends against that risk by placing the server's socket in a temporary, mode 0700 subdirectory of /tmp. - See release notes for details: http://www.postgresql.org/docs/current/static/release-8-4-22.html * Drop pg_regress patch to run tests with socket in /tmp, obsolete with above upstream changes and not applicable any more. * Add debian/postgresql-8.4.NEWS to point out that upstream support ends now.
Date: Thu, 24 Jul 2014 18:17:34 +0200 Changed-By: Martin Pitt <martin.p...@ubuntu.com> Maintainer: Ubuntu Developers <ubuntu-devel-disc...@lists.ubuntu.com> https://launchpad.net/ubuntu/lucid/+source/postgresql-8.4/8.4.22-0ubuntu0.10.04
Format: 1.8 Date: Thu, 24 Jul 2014 18:17:34 +0200 Source: postgresql-8.4 Binary: libpq-dev libpq5 libecpg6 libecpg-dev libecpg-compat3 libpgtypes3 postgresql-8.4 postgresql-client-8.4 postgresql-server-dev-8.4 postgresql-doc-8.4 postgresql-contrib-8.4 postgresql-plperl-8.4 postgresql-plpython-8.4 postgresql-pltcl-8.4 postgresql postgresql-client postgresql-doc postgresql-contrib Architecture: source Version: 8.4.22-0ubuntu0.10.04 Distribution: lucid-proposed Urgency: medium Maintainer: Ubuntu Developers <ubuntu-devel-disc...@lists.ubuntu.com> Changed-By: Martin Pitt <martin.p...@ubuntu.com> Description: libecpg-compat3 - older version of run-time library for ECPG programs libecpg-dev - development files for ECPG (Embedded PostgreSQL for C) libecpg6 - run-time library for ECPG programs libpgtypes3 - shared library libpgtypes for PostgreSQL 8.4 libpq-dev - header files for libpq5 (PostgreSQL library) libpq5 - PostgreSQL C client library postgresql - object-relational SQL database (supported version) postgresql-8.4 - object-relational SQL database, version 8.4 server postgresql-client - front-end programs for PostgreSQL (supported version) postgresql-client-8.4 - front-end programs for PostgreSQL 8.4 postgresql-contrib - additional facilities for PostgreSQL (supported version) postgresql-contrib-8.4 - additional facilities for PostgreSQL postgresql-doc - documentation for the PostgreSQL database management system postgresql-doc-8.4 - documentation for the PostgreSQL database management system postgresql-plperl-8.4 - PL/Perl procedural language for PostgreSQL 8.4 postgresql-plpython-8.4 - PL/Python procedural language for PostgreSQL 8.4 postgresql-pltcl-8.4 - PL/Tcl procedural language for PostgreSQL 8.4 postgresql-server-dev-8.4 - development files for PostgreSQL 8.4 server-side programming Launchpad-Bugs-Fixed: 1348176 Changes: postgresql-8.4 (8.4.22-0ubuntu0.10.04) lucid-proposed; urgency=medium . * New upstream bug fix release: (LP: #1348176) - Various data integrity and other bug fixes. - Secure Unix-domain sockets of temporary postmasters started during make check. Any local user able to access the socket file could connect as the server's bootstrap superuser, then proceed to execute arbitrary code as the operating-system user running the test, as we previously noted in CVE-2014-0067. This change defends against that risk by placing the server's socket in a temporary, mode 0700 subdirectory of /tmp. - See release notes for details: http://www.postgresql.org/docs/current/static/release-8-4-22.html * Drop pg_regress patch to run tests with socket in /tmp, obsolete with above upstream changes and not applicable any more. * Add debian/postgresql-8.4.NEWS to point out that upstream support ends now. Checksums-Sha1: 008ca7442a2d5b31bd6dc15f617feb0af6732c4c 3477 postgresql-8.4_8.4.22-0ubuntu0.10.04.dsc 5e0aefc6d056a914bf4acc18e3a518d00d27a240 18332542 postgresql-8.4_8.4.22.orig.tar.gz d22cca8e0dedc46e627b0af2b7cc108fc803ccd9 55606 postgresql-8.4_8.4.22-0ubuntu0.10.04.diff.gz Checksums-Sha256: ebab25be28ae1ad6e8a86e6c9d0a24dd42b62d775fed76044a57ee85cc0681cf 3477 postgresql-8.4_8.4.22-0ubuntu0.10.04.dsc dda6dee53751ef6803f8a38e11d9621b8b02a9b0d7cbb2f4cff27d25d92b0a05 18332542 postgresql-8.4_8.4.22.orig.tar.gz fb89fdfdf1db62522f5d0cddb6ad085268bbc71915d9017c4b3ba2a4400ef89c 55606 postgresql-8.4_8.4.22-0ubuntu0.10.04.diff.gz Files: 9fd487e92da0d8c0c5b418792b5088ff 3477 database optional postgresql-8.4_8.4.22-0ubuntu0.10.04.dsc 26960b858a1b76e88a1c3a9dd495fe80 18332542 database optional postgresql-8.4_8.4.22.orig.tar.gz 48cdecaa4264a283980e538e7b77717f 55606 database optional postgresql-8.4_8.4.22-0ubuntu0.10.04.diff.gz Original-Maintainer: Martin Pitt <mp...@debian.org>
-- Lucid-changes mailing list Lucid-changes@lists.ubuntu.com Modify settings or unsubscribe at: https://lists.ubuntu.com/mailman/listinfo/lucid-changes