[ubuntu/yakkety-proposed] postgresql-9.5 9.5.7-0ubuntu0.16.10 (Accepted)

Christian Ehrhardt christian.ehrhardt at canonical.com
Thu May 18 21:23:36 UTC 2017


postgresql-9.5 (9.5.7-0ubuntu0.16.10) yakkety; urgency=medium

  * New upstream release (LP: #1690730)
    - Restrict visibility of pg_user_mappings.umoptions, to protect passwords
      stored as user mapping options (CVE-2017-7486)
    - Prevent exposure of statistical information via leaky operators
      (CVE-2017-7484)
    - Restore libpq's recognition of the PGREQUIRESSL environment variable
      (CVE-2017-7485)

    - A dump/restore is not required for those running 9.5.X.
    - However, if you use foreign data servers that make use of user passwords
      for authentication, see the first changelog entry.
    - Also, if you are using third-party replication tools that depend on
      "logical decoding", see the fourth changelog entry.

    - Details about other changes at full changelog:
      https://www.postgresql.org/docs/9.5/static/release-9-5-7.html

Date: Mon, 15 May 2017 08:46:09 +0200
Changed-By: Christian Ehrhardt <christian.ehrhardt at canonical.com>
Maintainer: Ubuntu Developers <ubuntu-devel-discuss at lists.ubuntu.com>
https://launchpad.net/ubuntu/+source/postgresql-9.5/9.5.7-0ubuntu0.16.10
-------------- next part --------------
Format: 1.8
Date: Mon, 15 May 2017 08:46:09 +0200
Source: postgresql-9.5
Binary: libpq-dev libpq5 libecpg6 libecpg-dev libecpg-compat3 libpgtypes3 postgresql-9.5 postgresql-9.5-dbg postgresql-client-9.5 postgresql-server-dev-9.5 postgresql-doc-9.5 postgresql-contrib-9.5 postgresql-plperl-9.5 postgresql-plpython-9.5 postgresql-plpython3-9.5 postgresql-pltcl-9.5
Architecture: source
Version: 9.5.7-0ubuntu0.16.10
Distribution: yakkety
Urgency: medium
Maintainer: Ubuntu Developers <ubuntu-devel-discuss at lists.ubuntu.com>
Changed-By: Christian Ehrhardt <christian.ehrhardt at canonical.com>
Description:
 libecpg-compat3 - older version of run-time library for ECPG programs
 libecpg-dev - development files for ECPG (Embedded PostgreSQL for C)
 libecpg6   - run-time library for ECPG programs
 libpgtypes3 - shared library libpgtypes for PostgreSQL 9.5
 libpq-dev  - header files for libpq5 (PostgreSQL library)
 libpq5     - PostgreSQL C client library
 postgresql-9.5 - object-relational SQL database, version 9.5 server
 postgresql-9.5-dbg - debug symbols for postgresql-9.5
 postgresql-client-9.5 - front-end programs for PostgreSQL 9.5
 postgresql-contrib-9.5 - additional facilities for PostgreSQL
 postgresql-doc-9.5 - documentation for the PostgreSQL database management system
 postgresql-plperl-9.5 - PL/Perl procedural language for PostgreSQL 9.5
 postgresql-plpython-9.5 - PL/Python procedural language for PostgreSQL 9.5
 postgresql-plpython3-9.5 - PL/Python 3 procedural language for PostgreSQL 9.5
 postgresql-pltcl-9.5 - PL/Tcl procedural language for PostgreSQL 9.5
 postgresql-server-dev-9.5 - development files for PostgreSQL 9.5 server-side programming
Launchpad-Bugs-Fixed: 1690730
Changes:
 postgresql-9.5 (9.5.7-0ubuntu0.16.10) yakkety; urgency=medium
 .
   * New upstream release (LP: #1690730)
     - Restrict visibility of pg_user_mappings.umoptions, to protect passwords
       stored as user mapping options (CVE-2017-7486)
     - Prevent exposure of statistical information via leaky operators
       (CVE-2017-7484)
     - Restore libpq's recognition of the PGREQUIRESSL environment variable
       (CVE-2017-7485)
 .
     - A dump/restore is not required for those running 9.5.X.
     - However, if you use foreign data servers that make use of user passwords
       for authentication, see the first changelog entry.
     - Also, if you are using third-party replication tools that depend on
       "logical decoding", see the fourth changelog entry.
 .
     - Details about other changes at full changelog:
       https://www.postgresql.org/docs/9.5/static/release-9-5-7.html
Checksums-Sha1:
 1e496665d5038ad91270a4b31580ac86d31a2528 3649 postgresql-9.5_9.5.7-0ubuntu0.16.10.dsc
 3bb9675025cf1c2a5722f45a0fc8d0891669e094 18639775 postgresql-9.5_9.5.7.orig.tar.bz2
 c80ceeb15c2d0ca5d6f9cd55a43e435be8380776 23364 postgresql-9.5_9.5.7-0ubuntu0.16.10.debian.tar.xz
Checksums-Sha256:
 dea00d81ffd79672ed89ee45bd852aca9dade944f0a891e9892bfb9c56766464 3649 postgresql-9.5_9.5.7-0ubuntu0.16.10.dsc
 8b1e936f82109325decc0f5575e846b93fb4fd384e8c4bde83ff5e7f87fc6cad 18639775 postgresql-9.5_9.5.7.orig.tar.bz2
 400b0b69d9bc3a5425f170efd766d56308a5245af8dddacb2bf3c77c71b9ba76 23364 postgresql-9.5_9.5.7-0ubuntu0.16.10.debian.tar.xz
Files:
 72f44d00977b15f9281ba4efd1d6c070 3649 database optional postgresql-9.5_9.5.7-0ubuntu0.16.10.dsc
 8f225bc596ab953ec57f8f9ebfd66b92 18639775 database optional postgresql-9.5_9.5.7.orig.tar.bz2
 7d99d8658cacff7b76e7c12b45740d72 23364 database optional postgresql-9.5_9.5.7-0ubuntu0.16.10.debian.tar.xz
Original-Maintainer: Debian PostgreSQL Maintainers <pkg-postgresql-public at lists.alioth.debian.org>


More information about the Yakkety-changes mailing list