Back to postgresql-7.4 PTS page

Accepted postgresql-7.4 1:7.4.27-0etch1 (source i386 all)

To: debian-changes@lists.debian.org
Subject: Accepted postgresql-7.4 1:7.4.27-0etch1 (source i386 all)
From: Martin Pitt <mpitt@debian.org>
Date: Sun, 03 Jan 2010 02:16:51 +0000
Mail-followup-to: debian-devel@lists.debian.org
Message-id: <E1NRG1T-0003ep-5h@ries.debian.org>
Reply-to: debian-devel@lists.debian.org
Sender: Archive Administrator <dak@ries.debian.org>
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

Format: 1.7
Date: Tue, 15 Dec 2009 14:12:32 +0100
Source: postgresql-7.4
Binary: postgresql-plpython-7.4 postgresql-client-7.4 postgresql-7.4 postgresql-contrib-7.4 postgresql-doc-7.4 postgresql-plperl-7.4 postgresql-server-dev-7.4 postgresql-pltcl-7.4
Architecture: source i386 all
Version: 1:7.4.27-0etch1
Distribution: oldstable-security
Urgency: high
Maintainer: Martin Pitt <mpitt@debian.org>
Changed-By: Martin Pitt <mpitt@debian.org>
Description: 
 postgresql-7.4 - object-relational SQL database, version 7.4 server
 postgresql-client-7.4 - front-end programs for PostgreSQL 7.4
 postgresql-contrib-7.4 - additional facilities for PostgreSQL
 postgresql-doc-7.4 - documentation for the PostgreSQL database management system
 postgresql-plperl-7.4 - PL/Perl procedural language for PostgreSQL 7.4
 postgresql-plpython-7.4 - PL/Python procedural language for PostgreSQL 7.4
 postgresql-pltcl-7.4 - PL/Tcl procedural language for PostgreSQL 7.4
 postgresql-server-dev-7.4 - development files for PostgreSQL 7.4 server-side programming
Changes: 
 postgresql-7.4 (1:7.4.27-0etch1) oldstable-security; urgency=high
 .
   * New upstream security/bug fix release:
     - Protect against indirect security threats caused by index functions
       changing session-local state. This change prevents allegedly-immutable
       index functions from possibly subverting a superuser's session
       (CVE-2009-4136).
     - Reject SSL certificates containing an embedded null byte in the
       common name (CN) field. This prevents unintended matching of a
       certificate to a server or client name during SSL validation
       (CVE-2009-4034).
     - Fix possible crash during backend-startup-time cache initialization.
     - Prevent signals from interrupting VACUUM at unsafe times.
     - Fix possible crash due to integer overflow in hash table size
       calculation.
     - Fix very rare crash in inet/cidr comparisons.
     - Fix PAM password processing to be more robust. The previous code is
       known to fail with the combination of the Linux pam_krb5 PAM module with
       Microsoft Active Directory as the domain controller. It might have
       problems elsewhere too, since it was making unjustified assumptions about
       what arguments the PAM stack would pass to it.
     - Make the postmaster ignore any application_name parameter in
       connection request packets, to improve compatibility with future
       libpq versions.
Files: 
 b7487381adfbf4dbbf4972c66cbe6c85 1134 misc optional postgresql-7.4_7.4.27-0etch1.dsc
 ec501383ae38f79397c50ecf62e4eda5 10060890 misc optional postgresql-7.4_7.4.27.orig.tar.gz
 7d7f09f39c682a1d618e3c1e82615410 36672 misc optional postgresql-7.4_7.4.27-0etch1.diff.gz
 542a60916e16ac48b7b6651602c44891 1193124 doc optional postgresql-doc-7.4_7.4.27-0etch1_all.deb
 739cdd7ee12a7ebd4b8becceba7ff010 531632 libdevel optional postgresql-server-dev-7.4_7.4.27-0etch1_all.deb
 a0fe0a5e813a480f79be05be1383aad6 3403214 misc optional postgresql-7.4_7.4.27-0etch1_i386.deb
 65b1a18c5ba96b369a192ed1cc3ddd19 1117638 misc optional postgresql-client-7.4_7.4.27-0etch1_i386.deb
 524ec95f1d8239a9807b80b724814a28 575468 misc optional postgresql-contrib-7.4_7.4.27-0etch1_i386.deb
 62de3201b279c905be261c351ae2302a 129400 misc optional postgresql-plperl-7.4_7.4.27-0etch1_i386.deb
 ac7e259c8b0de669ec429c51a9128dcd 131634 misc optional postgresql-plpython-7.4_7.4.27-0etch1_i386.deb
 20b602d7613ecd793780c8a7b4e93159 133558 misc optional postgresql-pltcl-7.4_7.4.27-0etch1_i386.deb

-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.9 (GNU/Linux)

iEYEARECAAYFAksnkKoACgkQDecnbV4Fd/LPlACfcaVB85zzeA8plyN9wVQ/aa16
CJkAn3IIzU1ovzUMTFggSEw3pkjaSycU
=NV1C
-----END PGP SIGNATURE-----


Accepted:
postgresql-7.4_7.4.27-0etch1.diff.gz
  to main/p/postgresql-7.4/postgresql-7.4_7.4.27-0etch1.diff.gz
postgresql-7.4_7.4.27-0etch1.dsc
  to main/p/postgresql-7.4/postgresql-7.4_7.4.27-0etch1.dsc
postgresql-7.4_7.4.27-0etch1_i386.deb
  to main/p/postgresql-7.4/postgresql-7.4_7.4.27-0etch1_i386.deb
postgresql-7.4_7.4.27.orig.tar.gz
  to main/p/postgresql-7.4/postgresql-7.4_7.4.27.orig.tar.gz
postgresql-client-7.4_7.4.27-0etch1_i386.deb
  to main/p/postgresql-7.4/postgresql-client-7.4_7.4.27-0etch1_i386.deb
postgresql-contrib-7.4_7.4.27-0etch1_i386.deb
  to main/p/postgresql-7.4/postgresql-contrib-7.4_7.4.27-0etch1_i386.deb
postgresql-doc-7.4_7.4.27-0etch1_all.deb
  to main/p/postgresql-7.4/postgresql-doc-7.4_7.4.27-0etch1_all.deb
postgresql-plperl-7.4_7.4.27-0etch1_i386.deb
  to main/p/postgresql-7.4/postgresql-plperl-7.4_7.4.27-0etch1_i386.deb
postgresql-plpython-7.4_7.4.27-0etch1_i386.deb
  to main/p/postgresql-7.4/postgresql-plpython-7.4_7.4.27-0etch1_i386.deb
postgresql-pltcl-7.4_7.4.27-0etch1_i386.deb
  to main/p/postgresql-7.4/postgresql-pltcl-7.4_7.4.27-0etch1_i386.deb
postgresql-server-dev-7.4_7.4.27-0etch1_all.deb
  to main/p/postgresql-7.4/postgresql-server-dev-7.4_7.4.27-0etch1_all.deb