[ubuntu/zesty-proposed] postgresql-9.6 9.6.3-0ubuntu0.17.04 (Accepted)

Christian Ehrhardt christian.ehrhardt at canonical.com
Thu May 18 21:17:43 UTC 2017 

postgresql-9.6 (9.6.3-0ubuntu0.17.04) zesty; urgency=medium

  * New upstream release (LP: #1690730)
    - Restrict visibility of pg_user_mappings.umoptions, to protect passwords
      stored as user mapping options (CVE-2017-7486)
    - Prevent exposure of statistical information via leaky operators
      (CVE-2017-7484)
    - Restore libpq's recognition of the PGREQUIRESSL environment variable
      (CVE-2017-7485)

    - A dump/restore is not required for those running 9.6.X.
    - However, if you use foreign data servers that make use of user passwords
      for authentication, see the first changelog entry.
    - Also, if you are using third-party replication tools that depend on
      "logical decoding", see the fourth changelog entry.


    - Details about other changes at full changelog:
      https://www.postgresql.org/docs/9.6/static/release-9-6-3.html

Date: Mon, 15 May 2017 08:46:09 +0200
Changed-By: Christian Ehrhardt <christian.ehrhardt at canonical.com>
Maintainer: Ubuntu Developers <ubuntu-devel-discuss at lists.ubuntu.com>
https://launchpad.net/ubuntu/+source/postgresql-9.6/9.6.3-0ubuntu0.17.04
-------------- next part --------------
Format: 1.8
Date: Mon, 15 May 2017 08:46:09 +0200
Source: postgresql-9.6
Binary: libpq-dev libpq5 libecpg6 libecpg-dev libecpg-compat3 libpgtypes3 postgresql-9.6 postgresql-9.6-dbg postgresql-client-9.6 postgresql-server-dev-9.6 postgresql-doc-9.6 postgresql-contrib-9.6 postgresql-plperl-9.6 postgresql-plpython-9.6 postgresql-plpython3-9.6 postgresql-pltcl-9.6
Architecture: source
Version: 9.6.3-0ubuntu0.17.04
Distribution: zesty
Urgency: medium
Maintainer: Ubuntu Developers <ubuntu-devel-discuss at lists.ubuntu.com>
Changed-By: Christian Ehrhardt <christian.ehrhardt at canonical.com>
Description:
 libecpg-compat3 - older version of run-time library for ECPG programs
 libecpg-dev - development files for ECPG (Embedded PostgreSQL for C)
 libecpg6   - run-time library for ECPG programs
 libpgtypes3 - shared library libpgtypes for PostgreSQL 9.6
 libpq-dev  - header files for libpq5 (PostgreSQL library)
 libpq5     - PostgreSQL C client library
 postgresql-9.6 - object-relational SQL database, version 9.6 server
 postgresql-9.6-dbg - debug symbols for postgresql-9.6
 postgresql-client-9.6 - front-end programs for PostgreSQL 9.6
 postgresql-contrib-9.6 - additional facilities for PostgreSQL
 postgresql-doc-9.6 - documentation for the PostgreSQL database management system
 postgresql-plperl-9.6 - PL/Perl procedural language for PostgreSQL 9.6
 postgresql-plpython-9.6 - PL/Python procedural language for PostgreSQL 9.6
 postgresql-plpython3-9.6 - PL/Python 3 procedural language for PostgreSQL 9.6
 postgresql-pltcl-9.6 - PL/Tcl procedural language for PostgreSQL 9.6
 postgresql-server-dev-9.6 - development files for PostgreSQL 9.6 server-side programming
Launchpad-Bugs-Fixed: 1690730
Changes:
 postgresql-9.6 (9.6.3-0ubuntu0.17.04) zesty; urgency=medium
 .
   * New upstream release (LP: #1690730)
     - Restrict visibility of pg_user_mappings.umoptions, to protect passwords
       stored as user mapping options (CVE-2017-7486)
     - Prevent exposure of statistical information via leaky operators
       (CVE-2017-7484)
     - Restore libpq's recognition of the PGREQUIRESSL environment variable
       (CVE-2017-7485)
 .
     - A dump/restore is not required for those running 9.6.X.
     - However, if you use foreign data servers that make use of user passwords
       for authentication, see the first changelog entry.
     - Also, if you are using third-party replication tools that depend on
       "logical decoding", see the fourth changelog entry.
 .
 .
     - Details about other changes at full changelog:
       https://www.postgresql.org/docs/9.6/static/release-9-6-3.html
Checksums-Sha1:
 2df1ad3fa2b11ba29ba59a318b29fa4e96a1b92e 3678 postgresql-9.6_9.6.3-0ubuntu0.17.04.dsc
 5131272f6f22b38eafee8b090fff8d6b6fe1cff7 19534323 postgresql-9.6_9.6.3.orig.tar.bz2
 9e49aa06601dc7e424d034155c8cd341fe07c6b5 20968 postgresql-9.6_9.6.3-0ubuntu0.17.04.debian.tar.xz
Checksums-Sha256:
 01a46df2a9e419e1151ad13b62af4f968a9249e973cf99a1855a975ea0830d00 3678 postgresql-9.6_9.6.3-0ubuntu0.17.04.dsc
 1645b3736901f6d854e695a937389e68ff2066ce0cde9d73919d6ab7c995b9c6 19534323 postgresql-9.6_9.6.3.orig.tar.bz2
 4968afc67ffd23211ac43d6dbde05dfa5cca48196c54a4bf1fe489a3a2cf69b6 20968 postgresql-9.6_9.6.3-0ubuntu0.17.04.debian.tar.xz
Files:
 468318f1b6bb9d7c29525e9919fba129 3678 database optional postgresql-9.6_9.6.3-0ubuntu0.17.04.dsc
 ce1d0a57ace0a5b7a994b56796fdba35 19534323 database optional postgresql-9.6_9.6.3.orig.tar.bz2
 34d52267c80eddd74c58b598c0b22174 20968 database optional postgresql-9.6_9.6.3-0ubuntu0.17.04.debian.tar.xz
Original-Maintainer: Debian PostgreSQL Maintainers <pkg-postgresql-public at lists.alioth.debian.org>

More information about the Zesty-changes mailing list