User: Password:
|
|
Subscribe / Log in / New account

Fedora alert FEDORA-2009-9474 (postgresql)

From:  updates@fedoraproject.org
To:  fedora-package-announce@redhat.com
Subject:  [SECURITY] Fedora 10 Update: postgresql-8.3.8-1.fc10
Date:  Fri, 11 Sep 2009 23:21:46 +0000
Message-ID:  <20090911232146.0B1CE10F85E@bastion2.fedora.phx.redhat.com>
Archive-link:  Article, Thread

-------------------------------------------------------------------------------- Fedora Update Notification FEDORA-2009-9474 2009-09-11 22:39:13 -------------------------------------------------------------------------------- Name : postgresql Product : Fedora 10 Version : 8.3.8 Release : 1.fc10 URL : http://www.postgresql.org/ Summary : PostgreSQL client programs and libraries Description : PostgreSQL is an advanced Object-Relational database management system (DBMS) that supports almost all SQL constructs (including transactions, subselects and user-defined types and functions). The postgresql package includes the client programs and libraries that you'll need to access a PostgreSQL DBMS server. These PostgreSQL client programs are programs that directly manipulate the internal structure of PostgreSQL databases on a PostgreSQL server. These client programs can be located on the same machine with the PostgreSQL server, or may be on a remote machine which accesses a PostgreSQL server over a network connection. This package contains the docs in HTML for the whole package, as well as command-line utilities for managing PostgreSQL databases on a PostgreSQL server. If you want to manipulate a PostgreSQL database on a remote PostgreSQL server, you need this package. You also need to install this package if you're installing the postgresql-server package. -------------------------------------------------------------------------------- Update Information: Update to PostgreSQL 8.3.8, for various fixes described at http://www.postgresql.org/docs/8.3/static/release-8-3-8.html including three security issues -------------------------------------------------------------------------------- ChangeLog: * Wed Sep 9 2009 Tom Lane <tgl@redhat.com> 8.3.8-1 - Update to PostgreSQL 8.3.8, for various fixes described at http://www.postgresql.org/docs/8.3/static/release-8-3-8.html including three security issues Related: #522084 Related: #522085 Related: #522092 * Thu Aug 20 2009 Tom "spot" Callaway <tcallawa@redhat.com> 8.3.7-1.1 - fix license tag * Sat Mar 21 2009 Tom Lane <tgl@redhat.com> 8.3.7-1 - Update to PostgreSQL 8.3.7, for various fixes described at http://www.postgresql.org/docs/8.3/static/release-8-3-7.html notably the fix for CVE-2009-0922 * Mon Mar 9 2009 Oliver Falk <oliver@linux-kernel.at> 8.3.6-2 - Use -O1 on alpha, as on sparc64 - Renable selftests on alpha again * Sat Feb 7 2009 Tom Lane <tgl@redhat.com> 8.3.6-1 - Update to PostgreSQL 8.3.6, for various fixes described at http://www.postgresql.org/docs/8.3/static/release-8-3-6.html * Wed Jan 21 2009 Dennis Gilmore <dennis@ausil.us> 8.3.5-1.1 - use -O1 on sparc64 * Sun Nov 2 2008 Tom Lane <tgl@redhat.com> 8.3.5-1 - Update to PostgreSQL 8.3.5. - Improve display from init script's initdb action, per Michael Schwendt -------------------------------------------------------------------------------- References: [ 1 ] Bug #522084 - postgresql: LDAP authentication bypass when anonymous LDAP bind are allowed https://bugzilla.redhat.com/show_bug.cgi?id=522084 [ 2 ] Bug #522085 - postgresql: SQL privilege escalation, incomplete fix for CVE-2007-6600 https://bugzilla.redhat.com/show_bug.cgi?id=522085 [ 3 ] Bug #522092 - postgresql: authenticated user server DoS via plugin re-LOAD-ing https://bugzilla.redhat.com/show_bug.cgi?id=522092 -------------------------------------------------------------------------------- This update can be installed with the "yum" update program. Use su -c 'yum update postgresql' at the command line. For more information, refer to "Managing Software with yum", available at http://docs.fedoraproject.org/yum/. All packages are signed with the Fedora Project GPG key. More details on the GPG keys used by the Fedora Project can be found at http://fedoraproject.org/keys -------------------------------------------------------------------------------- _______________________________________________ Fedora-package-announce mailing list Fedora-package-announce@redhat.com http://www.redhat.com/mailman/listinfo/fedora-package-ann...


(Log in to post comments)


Copyright © 2017, Eklektix, Inc.
Comments and public postings are copyrighted by their creators.
Linux is a registered trademark of Linus Torvalds