Fedora alert FEDORA-2011-0990 (postgresql)
| From: | updates@fedoraproject.org | |
| To: | package-announce@lists.fedoraproject.org | |
| Subject: | [SECURITY] Fedora 14 Update: postgresql-8.4.7-1.fc14 | |
| Date: | Mon, 07 Feb 2011 19:59:27 +0000 | |
| Message-ID: | <20110207195927.570A111090A@bastion02.phx2.fedoraproject.org> | |
| Archive‑link: | Article |
-------------------------------------------------------------------------------- Fedora Update Notification FEDORA-2011-0990 2011-02-01 20:16:06 -------------------------------------------------------------------------------- Name : postgresql Product : Fedora 14 Version : 8.4.7 Release : 1.fc14 URL : http://www.postgresql.org/ Summary : PostgreSQL client programs Description : PostgreSQL is an advanced Object-Relational database management system (DBMS) that supports almost all SQL constructs (including transactions, subselects and user-defined types and functions). The postgresql package includes the client programs and libraries that you'll need to access a PostgreSQL DBMS server. These PostgreSQL client programs are programs that directly manipulate the internal structure of PostgreSQL databases on a PostgreSQL server. These client programs can be located on the same machine with the PostgreSQL server, or may be on a remote machine which accesses a PostgreSQL server over a network connection. This package contains the docs in HTML for the whole package, as well as command-line utilities for managing PostgreSQL databases on a PostgreSQL server. If you want to manipulate a PostgreSQL database on a local or remote PostgreSQL server, you need this package. You also need to install this package if you're installing the postgresql-server package. -------------------------------------------------------------------------------- Update Information: Update to PostgreSQL 8.4.7, for various fixes described at http://www.postgresql.org/docs/8.4/static/release-8-4-7.html including the fix for CVE-2010-4015 -------------------------------------------------------------------------------- ChangeLog: * Tue Feb 1 2011 Tom Lane <tgl@redhat.com> 8.4.7-1 - Update to PostgreSQL 8.4.7, for various fixes described at http://www.postgresql.org/docs/8.4/static/release-8-4-7.html including the fix for CVE-2010-4015 Resolves: #674296 * Thu Dec 16 2010 Tom Lane <tgl@redhat.com> 8.4.6-1 - Update to PostgreSQL 8.4.6, for various fixes described at http://www.postgresql.org/docs/8.4/static/release-8-4-6.html - Ensure we don't package any .gitignore files from the source tarball Related: #642210 -------------------------------------------------------------------------------- References: [ 1 ] Bug #664402 - CVE-2010-4015 PostgreSQL: Stack-based buffer overflow by processing certain tokens from SQL query string when intarray module enabled https://bugzilla.redhat.com/show_bug.cgi?id=664402 -------------------------------------------------------------------------------- This update can be installed with the "yum" update program. Use su -c 'yum update postgresql' at the command line. For more information, refer to "Managing Software with yum", available at http://docs.fedoraproject.org/yum/. All packages are signed with the Fedora Project GPG key. More details on the GPG keys used by the Fedora Project can be found at https://fedoraproject.org/keys -------------------------------------------------------------------------------- _______________________________________________ package-announce mailing list package-announce@lists.fedoraproject.org https://admin.fedoraproject.org/mailman/listinfo/package-...