[ubuntu/precise-updates] postgresql-9.1 9.1.19-0ubuntu0.12.04 (Accepted)
Ubuntu Archive Robot
cjwatson+ubuntu-archive-robot at chiark.greenend.org.uk
Fri Oct 16 02:28:37 UTC 2015
postgresql-9.1 (9.1.19-0ubuntu0.12.04) precise-security; urgency=medium
* New upstream security/bug fix release (LP: #1504132)
- Fix contrib/pgcrypto to detect and report too-short crypt() salts
Certain invalid salt arguments crashed the server or disclosed a few
bytes of server memory. We have not ruled out the viability of attacks
that arrange for presence of confidential information in the disclosed
bytes, but they seem unlikely. (CVE-2015-5288)
- See release notes for details about other fixes.
Date: 2015-10-10 02:26:22.917512+00:00
Changed-By: Martin Pitt <martin.pitt at ubuntu.com>
Signed-By: Ubuntu Archive Robot <cjwatson+ubuntu-archive-robot at chiark.greenend.org.uk>
https://launchpad.net/ubuntu/+source/postgresql-9.1/9.1.19-0ubuntu0.12.04
-------------- next part --------------
Sorry, changesfile not available.
More information about the Precise-changes
mailing list