[ubuntu/utopic-proposed] postgresql-9.4 9.4~beta2-1 (Accepted)

[Martin Pitt]

postgresql-9.4 (9.4~beta2-1) unstable; urgency=low

  * New upstream beta version.
    + Secure Unix-domain sockets of temporary postmasters started during make
      check (Noah Misch)

      Any local user able to access the socket file could connect as the
      server's bootstrap superuser, then proceed to execute arbitrary code as
      the operating-system user running the test, as we previously noted in
      CVE-2014-0067. This change defends against that risk by placing the
      server's socket in a temporary, mode 0700 subdirectory of /tmp.

  * postgresql-9.4.preinst: Fail upgrade when upgrading from beta1, the
    catalog version changed. People should dump/remove their old clusters
    first.
  * Use util-linux' uuid lib as backend for the uuid-ossp extension
    (--with-uuid=e2fs).
  * Enable sepgsql (--with-selinux). On systems with libselinux1-dev < 2.1.10,
    this is automatically disabled.
  * Revert multiarch for libpq-dev and libecpg-dev. (Closes: #750111, #750112)
  * Remove our pg_regress patches to support --host=/path. Implemented
    upstream as fix for CVE-2014-0067.
  * debian/copyright: Say that there are various copyright holders for the
    contrib modules. (Hello Lintian!)
  * Update Vcs URLs.

Date: 2014-07-24 16:22:45.254095+00:00
Signed-By: Martin Pitt <martin.pitt at ubuntu.com>
https://launchpad.net/ubuntu/utopic/+source/postgresql-9.4/9.4~beta2-1
-------------- next part --------------
Sorry, changesfile not available.