LWN.net Logo

Not logged in

Log in now

Create an account

Subscribe to LWN

Recent Features

LWN.net Weekly Edition for June 20, 2013

Pencil, Pencil, and Pencil

Dividing the Linux desktop

LWN.net Weekly Edition for June 13, 2013

A report from pgCon 2013

Printable page
Weekly edition Kernel Security Distributions Contact Us Search
Archives Calendar Subscribe Write for LWN LWN.net FAQ Sponsors

Fedora alert FEDORA-2008-0552 (postgresql)



From:
    	      updates@fedoraproject.org


To:
    	      fedora-package-announce@redhat.com


Subject:
    	      [SECURITY] Fedora 7 Update: postgresql-8.2.6-1.fc7


Date:
    	      Fri, 11 Jan 2008 15:24:42 -0700


Message-ID:
    	      <200801112224.m0BMO7Xw011852@bastion.fedora.phx.redhat.com>


--------------------------------------------------------------------------------
Fedora Update Notification
FEDORA-2008-0552
2008-01-11 21:31:09
--------------------------------------------------------------------------------

Name        : postgresql
Product     : Fedora 7
Version     : 8.2.6
Release     : 1.fc7
URL         : http://www.postgresql.org/
Summary     : PostgreSQL client programs and libraries
Description :
PostgreSQL is an advanced Object-Relational database management system
(DBMS) that supports almost all SQL constructs (including
transactions, subselects and user-defined types and functions). The
postgresql package includes the client programs and libraries that
you'll need to access a PostgreSQL DBMS server.  These PostgreSQL
client programs are programs that directly manipulate the internal
structure of PostgreSQL databases on a PostgreSQL server. These client
programs can be located on the same machine with the PostgreSQL
server, or may be on a remote machine which accesses a PostgreSQL
server over a network connection. This package contains the docs
in HTML for the whole package, as well as command-line utilities for
managing PostgreSQL databases on a PostgreSQL server.

If you want to manipulate a PostgreSQL database on a remote PostgreSQL
server, you need this package. You also need to install this package
if you're installing the postgresql-server package.

--------------------------------------------------------------------------------
ChangeLog:

* Mon Jan  7 2008 Tom Lane <tgl@redhat.com> 8.2.6-1
- Update to PostgreSQL 8.2.6 to fix CVE-2007-4769, CVE-2007-4772,
  CVE-2007-6067, CVE-2007-6600, CVE-2007-6601
- Make initscript and pam config files be installed unconditionally;
  seems new buildroots don't necessarily have those directories in place
* Thu Sep 20 2007 Tom Lane <tgl@redhat.com> 8.2.5-1
- Update to PostgreSQL 8.2.5 and pgtcl 1.6.0
- Fix multilib problem for /usr/include/ecpg_config.h (which is new in 8.2.x)
- Use tzdata package's data files instead of private copy, so that
  postgresql-server need not be turned for routine timezone updates
- Don't remove postgres user/group during RPM uninstall, per Fedora
  packaging guidelines
- Recent perl changes in rawhide mean we need a more specific BuildRequires
* Wed Jun 20 2007 Tom Lane <tgl@redhat.com> 8.2.4-2
- Fix oversight in postgresql-test makefile: pg_regress isn't a shell script
  anymore.  Per upstream bug 3398.
* Tue Apr 24 2007 Tom Lane <tgl@redhat.com> 8.2.4-1
- Update to PostgreSQL 8.2.4 for CVE-2007-2138, data loss bugs
Resolves: #237682
--------------------------------------------------------------------------------
References:

  [ 1 ] Bug #427128 - CVE-2007-6601 PostgreSQL privilege escalation via dblink
        https://bugzilla.redhat.com/show_bug.cgi?id=427128
  [ 2 ] Bug #315231 - CVE-2007-4769 postgresql integer overflow in regex code
        https://bugzilla.redhat.com/show_bug.cgi?id=315231
  [ 3 ] Bug #427772 - CVE-2007-4769 CVE-2007-4772 CVE-2007-6067 CVE-2007-6600 CVE-2007-6601
Multiple postgresql vulnerabilities [Fedora 7]
        https://bugzilla.redhat.com/show_bug.cgi?id=427772
  [ 4 ] Bug #316511 - CVE-2007-4772 postgresql DoS via infinite loop in regex NFA optimization
code
        https://bugzilla.redhat.com/show_bug.cgi?id=316511
  [ 5 ] Bug #400931 - CVE-2007-6067 postgresql: tempory DoS caused by slow regex NFA cleanup
        https://bugzilla.redhat.com/show_bug.cgi?id=400931
  [ 6 ] Bug #427127 - CVE-2007-6600 PostgreSQL privilege escalation
        https://bugzilla.redhat.com/show_bug.cgi?id=427127
--------------------------------------------------------------------------------
Updated packages:

e9fef6216d3e4180360f73580af856309139e37f postgresql-debuginfo-8.2.6-1.fc7.ppc64.rpm
ee4617333d8f3b3866e817d3e465174358c3ae7d postgresql-test-8.2.6-1.fc7.ppc64.rpm
95824e2c070dadb40561638350d8015e1e5ee383 postgresql-python-8.2.6-1.fc7.ppc64.rpm
795aade65cc3f92719dc3aa41321395b0a1758cb postgresql-tcl-8.2.6-1.fc7.ppc64.rpm
7fe0d4ea22108e940555565e9292c5b1e47ae4fa postgresql-pltcl-8.2.6-1.fc7.ppc64.rpm
9e7e19ed8f1c2f588da08db090ca57aab452b3a2 postgresql-plpython-8.2.6-1.fc7.ppc64.rpm
4de5117aca494e6609a4de4988ca873bd7902e27 postgresql-plperl-8.2.6-1.fc7.ppc64.rpm
ffd065bc2dc8a2a75c5abbbac1d7ba4d6f634f02 postgresql-devel-8.2.6-1.fc7.ppc64.rpm
d5c23d58673b83170a06017fe44f402ccaadfa2b postgresql-contrib-8.2.6-1.fc7.ppc64.rpm
64ba8a138407496fb614584b988268c782207148 postgresql-docs-8.2.6-1.fc7.ppc64.rpm
92630063687242c74d0de80470a17243acf7cc42 postgresql-server-8.2.6-1.fc7.ppc64.rpm
9b4ef692e4d932aa5941c44b6a118ecf8a9dcb0b postgresql-libs-8.2.6-1.fc7.ppc64.rpm
8a5459c2e1aedf76f12fadccc3877e5019c6da74 postgresql-8.2.6-1.fc7.ppc64.rpm
8da9d0df2ac6f30e48be1590d113f2c90b55b598 postgresql-debuginfo-8.2.6-1.fc7.i386.rpm
adc7c3af8ec088c44c550e0b27eee312cae10427 postgresql-test-8.2.6-1.fc7.i386.rpm
cecc5f7f5a093d476a1021cacbe5e67c2e2ecb23 postgresql-python-8.2.6-1.fc7.i386.rpm
2ffedd4748dace9da1f6804de46a01e94dfc887e postgresql-tcl-8.2.6-1.fc7.i386.rpm
70c9fa093d821f44202cffd2527d9375d78c0b76 postgresql-pltcl-8.2.6-1.fc7.i386.rpm
2c97f7969d24dd1f096e5f5f1c27138f189cca6b postgresql-plpython-8.2.6-1.fc7.i386.rpm
8e3ec52efaa286bc276ce4342c94f353d8261da3 postgresql-plperl-8.2.6-1.fc7.i386.rpm
f7e7b89921674319cb209208bcf6053201118d80 postgresql-devel-8.2.6-1.fc7.i386.rpm
709a78deff74563fa7f95de4decbfb1c72c41e40 postgresql-contrib-8.2.6-1.fc7.i386.rpm
25881ef1a748290fe107efea6563e1b4a13b4c21 postgresql-docs-8.2.6-1.fc7.i386.rpm
1d5692bb92ab3c785a5049fc2bdd56d8049d552d postgresql-server-8.2.6-1.fc7.i386.rpm
fe385c760b4c599d90c36e553eb983c4617d0c2b postgresql-libs-8.2.6-1.fc7.i386.rpm
fd1ed8cc2aad83191e69b781687f78966d43e712 postgresql-8.2.6-1.fc7.i386.rpm
21454a77b4d00579abfab413725d360ff8065530 postgresql-docs-8.2.6-1.fc7.x86_64.rpm
afd9193c48b26b8886dbcbfbd417f0428df4df74 postgresql-contrib-8.2.6-1.fc7.x86_64.rpm
631fdb31d083f4c4d7d46172c52a1570609ca90f postgresql-debuginfo-8.2.6-1.fc7.x86_64.rpm
6e1cc849bcc39b882501b64a8c08440239df6b26 postgresql-plperl-8.2.6-1.fc7.x86_64.rpm
2f4e11e79767d86ec6cd366f11e069af9058b478 postgresql-8.2.6-1.fc7.x86_64.rpm
c1433f07a405dbe28d747cbfe726171aebe378dd postgresql-pltcl-8.2.6-1.fc7.x86_64.rpm
2238886481a28ecfc15c202ce115dc15b3e5df04 postgresql-tcl-8.2.6-1.fc7.x86_64.rpm
ef9d2730448a2ac7a1d6de38316f630c4899bd70 postgresql-server-8.2.6-1.fc7.x86_64.rpm
1bb9696ab4c16f8e68abf1c51000ed4b9db4474b postgresql-python-8.2.6-1.fc7.x86_64.rpm
8e2a7ca85e3c4e0ebb54f9b6c504caf9976a28b2 postgresql-plpython-8.2.6-1.fc7.x86_64.rpm
19a634bff66e16674504f41cafce2ca6f627a9a5 postgresql-devel-8.2.6-1.fc7.x86_64.rpm
9d45bea0de990a9500bf77fb480fe3dd7f9a0743 postgresql-libs-8.2.6-1.fc7.x86_64.rpm
89d380d81708382e2c79e322f725dfb2a56a9b78 postgresql-test-8.2.6-1.fc7.x86_64.rpm
621e92b583fa4fc875d3bceacce0a31c0ed19226 postgresql-debuginfo-8.2.6-1.fc7.ppc.rpm
6c8055fd3030ceef0f1d63edab8776ab3bf5054f postgresql-test-8.2.6-1.fc7.ppc.rpm
e801b65154639587b976d37270c8c40c03407129 postgresql-python-8.2.6-1.fc7.ppc.rpm
589125d1b83674ed2ecfc8215136aaf81eff0b85 postgresql-tcl-8.2.6-1.fc7.ppc.rpm
ec3c5a13e7f5889001b65b0375deaedd6f723f98 postgresql-pltcl-8.2.6-1.fc7.ppc.rpm
a38d9a4bbc75f232dcd3acdaee108ae0b9ef32d5 postgresql-plpython-8.2.6-1.fc7.ppc.rpm
258d29ff36583f1761c7ad5c11dff2c9fe30f283 postgresql-plperl-8.2.6-1.fc7.ppc.rpm
823a247afc354141953f2ac9063007d293f06b6a postgresql-devel-8.2.6-1.fc7.ppc.rpm
f5cb0ea974999e6db6d1b026f9a39a1f16ec2408 postgresql-contrib-8.2.6-1.fc7.ppc.rpm
4db3e420f9656103c22850bb7f1e1c33e37f5f7a postgresql-docs-8.2.6-1.fc7.ppc.rpm
cba731342eea3496b58be297bd76a2c967efac3a postgresql-server-8.2.6-1.fc7.ppc.rpm
47b507fc7806fbdcd45ac8fab8b1c5d7475cdf9e postgresql-libs-8.2.6-1.fc7.ppc.rpm
acfc117e7613a79e15e755e86c5a5b316caa46fc postgresql-8.2.6-1.fc7.ppc.rpm
4bfc585864482f0bae2a55cbdcb21d1b75ca81e9 postgresql-8.2.6-1.fc7.src.rpm

This update can be installed with the "yum" update program.  Use 
su -c 'yum update postgresql' 
at the command line.  For more information, refer to "Managing Software
with yum", available at http://docs.fedoraproject.org/yum/.
--------------------------------------------------------------------------------

_______________________________________________
Fedora-package-announce mailing list
Fedora-package-announce@redhat.com
http://www.redhat.com/mailman/listinfo/fedora-package-ann...
(Log in to post comments)

Copyright © 2013, Eklektix, Inc.
Comments and public postings are copyrighted by their creators.
Linux is a registered trademark of Linus Torvalds