[ubuntu/trusty-proposed] postgresql-9.3 9.3.17-0ubuntu0.14.04 (Accepted)

ChristianEhrhardt christian.ehrhardt at canonical.com
Wed May 24 16:15:51 UTC 2017


postgresql-9.3 (9.3.17-0ubuntu0.14.04) trusty; urgency=medium

  * New upstream release (LP: #1690730)
    - Restrict visibility of pg_user_mappings.umoptions, to protect passwords
      stored as user mapping options (CVE-2017-7486)
    - Prevent exposure of statistical information via leaky operators
      (CVE-2017-7484)
    - Restore libpq's recognition of the PGREQUIRESSL environment variable
      (CVE-2017-7485)

    - A dump/restore is not required for those running 9.3.X.
    - However, if you use foreign data servers that make use of user passwords
      for authentication, see the first changelog entry.

    - Details about other changes at full changelog:
      https://www.postgresql.org/docs/9.3/static/release-9-3-17.html

Date: 2017-05-15 07:30:14.303004+00:00
Changed-By: ChristianEhrhardt <christian.ehrhardt at canonical.com>
Signed-By: Ubuntu Archive Robot <cjwatson+ubuntu-archive-robot at chiark.greenend.org.uk>
https://launchpad.net/ubuntu/+source/postgresql-9.3/9.3.17-0ubuntu0.14.04
-------------- next part --------------
Sorry, changesfile not available.


More information about the Trusty-changes mailing list