[SECURITY] Fedora 13 Update: sepostgresql-9.0.1-20101007.fc13

updates at fedoraproject.org updates at fedoraproject.org
Wed Oct 27 22:49:56 UTC 2010


--------------------------------------------------------------------------------
Fedora Update Notification
FEDORA-2010-16004
2010-10-08 19:57:48
--------------------------------------------------------------------------------

Name        : sepostgresql
Product     : Fedora 13
Version     : 9.0.1
Release     : 20101007.fc13
URL         : http://code.google.com/p/sepgsql/
Summary     : Security Enhanced PostgreSQL
Description :
Security Enhanced PostgreSQL is an extension of PostgreSQL
based on SELinux security policy, that applies fine grained
mandatory access control to many objects within the database,
and takes advantage of user authorization integrated within
the operating system. SE-PostgreSQL works as a userspace
reference monitor to check any SQL query.

--------------------------------------------------------------------------------
Update Information:

Upgrade base version to v9.0.1 which contains various bug and security fixes.

* http://www.postgresql.org/docs/9.0/static/release-9-0.html
* http://www.postgresql.org/docs/9.0/static/release-9-0-1.html
--------------------------------------------------------------------------------
ChangeLog:

* Thu Oct  7 2010 KaiGai Kohei <kaigai at kaigai.gr.jp> - 9.0.1-20101007
- upgrade base version to 9.0.1
* Tue Oct  5 2010 KaiGai Kohei <kaigai at kaigai.gr.jp> - 9.0.0-20101005
- upgrade base version to 9.0.0
* Tue May 11 2010 KaiGai Kohei <kaigai at kaigai.gr.jp> - 9.0.0-20100511
- upgrade base version to 9.0beta1
* Sun Apr  4 2010 KaiGai Kohei <kaigai at kaigai.gr.jp> - 9.0.0-20100404
- upgrade base version 8.4.3->9.0alpha5
--------------------------------------------------------------------------------
References:

  [ 1 ] Bug #583072 - CVE-2010-1170 PostgreSQL: PL/Tcl Intended restriction bypass
        https://bugzilla.redhat.com/show_bug.cgi?id=583072
  [ 2 ] Bug #582615 - CVE-2010-1169 PostgreSQL: PL/Perl Intended restriction bypass
        https://bugzilla.redhat.com/show_bug.cgi?id=582615
  [ 3 ] Bug #639371 - CVE-2010-3433 PostgreSQL (PL/Perl, PL/Tcl): SECURITY DEFINER function keyword bypass
        https://bugzilla.redhat.com/show_bug.cgi?id=639371
--------------------------------------------------------------------------------

This update can be installed with the "yum" update program.  Use 
su -c 'yum update sepostgresql' at the command line.
For more information, refer to "Managing Software with yum",
available at http://docs.fedoraproject.org/yum/.

All packages are signed with the Fedora Project GPG key.  More details on the
GPG keys used by the Fedora Project can be found at
https://fedoraproject.org/keys
--------------------------------------------------------------------------------


More information about the package-announce mailing list