User: Password:
Subscribe / Log in / New account

Fedora alert FEDORA-2009-9474 (postgresql)

Subject:  [SECURITY] Fedora 10 Update: postgresql-8.3.8-1.fc10
Date:  Fri, 11 Sep 2009 23:21:46 +0000
Message-ID:  <>
Archive-link:  Article, Thread

-------------------------------------------------------------------------------- Fedora Update Notification FEDORA-2009-9474 2009-09-11 22:39:13 -------------------------------------------------------------------------------- Name : postgresql Product : Fedora 10 Version : 8.3.8 Release : 1.fc10 URL : Summary : PostgreSQL client programs and libraries Description : PostgreSQL is an advanced Object-Relational database management system (DBMS) that supports almost all SQL constructs (including transactions, subselects and user-defined types and functions). The postgresql package includes the client programs and libraries that you'll need to access a PostgreSQL DBMS server. These PostgreSQL client programs are programs that directly manipulate the internal structure of PostgreSQL databases on a PostgreSQL server. These client programs can be located on the same machine with the PostgreSQL server, or may be on a remote machine which accesses a PostgreSQL server over a network connection. This package contains the docs in HTML for the whole package, as well as command-line utilities for managing PostgreSQL databases on a PostgreSQL server. If you want to manipulate a PostgreSQL database on a remote PostgreSQL server, you need this package. You also need to install this package if you're installing the postgresql-server package. -------------------------------------------------------------------------------- Update Information: Update to PostgreSQL 8.3.8, for various fixes described at including three security issues -------------------------------------------------------------------------------- ChangeLog: * Wed Sep 9 2009 Tom Lane <> 8.3.8-1 - Update to PostgreSQL 8.3.8, for various fixes described at including three security issues Related: #522084 Related: #522085 Related: #522092 * Thu Aug 20 2009 Tom "spot" Callaway <> 8.3.7-1.1 - fix license tag * Sat Mar 21 2009 Tom Lane <> 8.3.7-1 - Update to PostgreSQL 8.3.7, for various fixes described at notably the fix for CVE-2009-0922 * Mon Mar 9 2009 Oliver Falk <> 8.3.6-2 - Use -O1 on alpha, as on sparc64 - Renable selftests on alpha again * Sat Feb 7 2009 Tom Lane <> 8.3.6-1 - Update to PostgreSQL 8.3.6, for various fixes described at * Wed Jan 21 2009 Dennis Gilmore <> 8.3.5-1.1 - use -O1 on sparc64 * Sun Nov 2 2008 Tom Lane <> 8.3.5-1 - Update to PostgreSQL 8.3.5. - Improve display from init script's initdb action, per Michael Schwendt -------------------------------------------------------------------------------- References: [ 1 ] Bug #522084 - postgresql: LDAP authentication bypass when anonymous LDAP bind are allowed [ 2 ] Bug #522085 - postgresql: SQL privilege escalation, incomplete fix for CVE-2007-6600 [ 3 ] Bug #522092 - postgresql: authenticated user server DoS via plugin re-LOAD-ing -------------------------------------------------------------------------------- This update can be installed with the "yum" update program. Use su -c 'yum update postgresql' at the command line. For more information, refer to "Managing Software with yum", available at All packages are signed with the Fedora Project GPG key. More details on the GPG keys used by the Fedora Project can be found at -------------------------------------------------------------------------------- _______________________________________________ Fedora-package-announce mailing list

(Log in to post comments)

Copyright © 2017, Eklektix, Inc.
Comments and public postings are copyrighted by their creators.
Linux is a registered trademark of Linus Torvalds