[ubuntu/utopic-proposed] postgresql-9.3 9.3.5-0ubuntu1 (Accepted)

Martin Pitt martin.pitt at ubuntu.com
Thu Jul 24 14:03:24 UTC 2014


postgresql-9.3 (9.3.5-0ubuntu1) utopic; urgency=medium

  [ Christoph Berg ]
  * New upstream release. (LP: #1348176)
    + Secure Unix-domain sockets of temporary postmasters started during make
      check (Noah Misch)

      Any local user able to access the socket file could connect as the
      server's bootstrap superuser, then proceed to execute arbitrary code as
      the operating-system user running the test, as we previously noted in
      CVE-2014-0067. This change defends against that risk by placing the
      server's socket in a temporary, mode 0700 subdirectory of /tmp.

  * Remove our pg_regress patches to support --host=/path.
  * Remove the tcl8.6 patch, went upstream.
  * Update Vcs URLs.

Date: Thu, 24 Jul 2014 15:14:05 +0200
Changed-By: Martin Pitt <martin.pitt at ubuntu.com>
Maintainer: Ubuntu Developers <ubuntu-devel-discuss at lists.ubuntu.com>
https://launchpad.net/ubuntu/utopic/+source/postgresql-9.3/9.3.5-0ubuntu1
-------------- next part --------------
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA256

Format: 1.8
Date: Thu, 24 Jul 2014 15:14:05 +0200
Source: postgresql-9.3
Binary: libpq-dev libpq5 libecpg6 libecpg-dev libecpg-compat3 libpgtypes3 postgresql-9.3 postgresql-9.3-dbg postgresql-client-9.3 postgresql-server-dev-9.3 postgresql-doc-9.3 postgresql-contrib-9.3 postgresql-plperl-9.3 postgresql-plpython-9.3 postgresql-plpython3-9.3 postgresql-pltcl-9.3
Architecture: source
Version: 9.3.5-0ubuntu1
Distribution: utopic
Urgency: medium
Maintainer: Ubuntu Developers <ubuntu-devel-discuss at lists.ubuntu.com>
Changed-By: Martin Pitt <martin.pitt at ubuntu.com>
Description:
 libecpg-compat3 - older version of run-time library for ECPG programs
 libecpg-dev - development files for ECPG (Embedded PostgreSQL for C)
 libecpg6   - run-time library for ECPG programs
 libpgtypes3 - shared library libpgtypes for PostgreSQL 9.3
 libpq-dev  - header files for libpq5 (PostgreSQL library)
 libpq5     - PostgreSQL C client library
 postgresql-9.3 - object-relational SQL database, version 9.3 server
 postgresql-9.3-dbg - debug symbols for postgresql-9.3
 postgresql-client-9.3 - front-end programs for PostgreSQL 9.3
 postgresql-contrib-9.3 - additional facilities for PostgreSQL
 postgresql-doc-9.3 - documentation for the PostgreSQL database management system
 postgresql-plperl-9.3 - PL/Perl procedural language for PostgreSQL 9.3
 postgresql-plpython-9.3 - PL/Python procedural language for PostgreSQL 9.3
 postgresql-plpython3-9.3 - PL/Python 3 procedural language for PostgreSQL 9.3
 postgresql-pltcl-9.3 - PL/Tcl procedural language for PostgreSQL 9.3
 postgresql-server-dev-9.3 - development files for PostgreSQL 9.3 server-side programming
Launchpad-Bugs-Fixed: 1348176
Changes:
 postgresql-9.3 (9.3.5-0ubuntu1) utopic; urgency=medium
 .
   [ Christoph Berg ]
   * New upstream release. (LP: #1348176)
     + Secure Unix-domain sockets of temporary postmasters started during make
       check (Noah Misch)
 .
       Any local user able to access the socket file could connect as the
       server's bootstrap superuser, then proceed to execute arbitrary code as
       the operating-system user running the test, as we previously noted in
       CVE-2014-0067. This change defends against that risk by placing the
       server's socket in a temporary, mode 0700 subdirectory of /tmp.
 .
   * Remove our pg_regress patches to support --host=/path.
   * Remove the tcl8.6 patch, went upstream.
   * Update Vcs URLs.
Checksums-Sha1:
 4b4d2ec5dba186bc55eb2947559652fc072b1d76 3580 postgresql-9.3_9.3.5-0ubuntu1.dsc
 e011da16cb8a99c5ce6204898ddb898a8b3fbca4 16727725 postgresql-9.3_9.3.5.orig.tar.bz2
 5fd70ee84b0ccca2dac4c838bb274686ae5f61f9 26192 postgresql-9.3_9.3.5-0ubuntu1.debian.tar.xz
Checksums-Sha256:
 e2dda9f853f365338ab09b25b41faf187996d6c3dc37b877102b17f105664f24 3580 postgresql-9.3_9.3.5-0ubuntu1.dsc
 14176ffb1f90a189e7626214365be08ea2bfc26f26994bafb4235be314b9b4b0 16727725 postgresql-9.3_9.3.5.orig.tar.bz2
 aefdb386fec9061639f3cb1c13c9e6febd167bd32041d59cacc03c203cf4559a 26192 postgresql-9.3_9.3.5-0ubuntu1.debian.tar.xz
Files:
 7e029dbdfc20895e6fe01579aa454ee6 3580 database optional postgresql-9.3_9.3.5-0ubuntu1.dsc
 5059857c7d7e6ad83b6d55893a121b59 16727725 database optional postgresql-9.3_9.3.5.orig.tar.bz2
 d165fb2ccac5adebfaf63ff4de0e83ed 26192 database optional postgresql-9.3_9.3.5-0ubuntu1.debian.tar.xz
Original-Maintainer: Debian PostgreSQL Maintainers <pkg-postgresql-public at lists.alioth.debian.org>

-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1

iQIcBAEBCAAGBQJT0Q9qAAoJENFO8V2v4RNHc2IQAI1oazLbwkjtAeBXRGLdOLxQ
Kx0uQ0JDGfN43fR7ue8kaNG3nf+A04DDVusn7tWKmBfNY0DGo2ISX/Mggg2v4i9d
g0mCqEt2VOQhYZSwmB+SYOfpOgseLVuilU4f3ySNqbMRXLwnCAi6KrwE9PWBT5xA
NpmVgNWlbxFIxOwjZz9P5Zk2sprXBba9U0AW8DlT/wJjMwfh9M36t2LA9GDAgrD7
fRiP0rcvyu1c2cI0pvaDEwbcjtTRsuD5iMPP0Vd1yU2aVkTs9mtZYpkLjGlJhcB/
H9jRm3/2tkzjGVgRt3ErfvJO9oku4EjXXA7DpXY9EkaWBQJjf3gmdgdfNfMcAvJA
mha8yFvSxDQV2eYQP872crMVwmYwjkoAFMBMgq0xQxS1z5m8GEmreXcU3hfYyrB1
SK3OJFNBvNW7OeMqWHUpgqpuxhkVRD+51wCT8vOOD04/jzQKwNC3ywB3GS0fbqF9
3/onWAClbJtnrnNeCFVmuYoAUkRg6oWOF3MTp9iNu934eQKc6ARcqcod1BZ6MV2M
D73UyBB0PtnSc38+rq4oDC8XlLwbiW9lVo69uvh4T+1hW45r6NOPwqcj3FVhTf0t
LDzk8eQ6CHjck40o2nIyWsOLFVjLUzaL241+fNDmhs+8UzDlvPgBGBz8ZTugZB2Q
/J0ouRA3oiDniHjxKW9R
=9zuf
-----END PGP SIGNATURE-----


More information about the Utopic-changes mailing list