[ubuntu/trusty-updates] postgresql-9.3 9.3.11-0ubuntu0.14.04 (Accepted)

Ubuntu Archive Robot cjwatson+ubuntu-archive-robot at chiark.greenend.org.uk
Thu Feb 11 18:58:25 UTC 2016


postgresql-9.3 (9.3.11-0ubuntu0.14.04) trusty-security; urgency=medium

  * New upstream security/bug fix release: (LP: #1544576)
    - Fix infinite loops and buffer-overrun problems in regular expressions.
      Very large character ranges in bracket expressions could cause infinite
      loops in some cases, and memory overwrites in other cases.
      (CVE-2016-0773)
    - Prevent certain PL/Java parameters from being set by non-superusers.
      This change mitigates a PL/Java security bug (CVE-2016-0766), which was
      fixed in PL/Java by marking these parameters as superuser-only. To fix
      the security hazard for sites that update PostgreSQL more frequently
      than PL/Java, make the core code aware of them also.
    - See release notes for details about other fixes.

Date: 2016-02-11 15:51:13.839297+00:00
Changed-By: Martin Pitt <martin.pitt at ubuntu.com>
Signed-By: Ubuntu Archive Robot <cjwatson+ubuntu-archive-robot at chiark.greenend.org.uk>
https://launchpad.net/ubuntu/+source/postgresql-9.3/9.3.11-0ubuntu0.14.04
-------------- next part --------------
Sorry, changesfile not available.


More information about the Trusty-changes mailing list