[SECURITY] Fedora 7 Update: postgresql-8.2.6-1.fc7
updates at fedoraproject.org
updates at fedoraproject.org
Fri Jan 11 22:24:42 UTC 2008
--------------------------------------------------------------------------------
Fedora Update Notification
FEDORA-2008-0552
2008-01-11 21:31:09
--------------------------------------------------------------------------------
Name : postgresql
Product : Fedora 7
Version : 8.2.6
Release : 1.fc7
URL : http://www.postgresql.org/
Summary : PostgreSQL client programs and libraries
Description :
PostgreSQL is an advanced Object-Relational database management system
(DBMS) that supports almost all SQL constructs (including
transactions, subselects and user-defined types and functions). The
postgresql package includes the client programs and libraries that
you'll need to access a PostgreSQL DBMS server. These PostgreSQL
client programs are programs that directly manipulate the internal
structure of PostgreSQL databases on a PostgreSQL server. These client
programs can be located on the same machine with the PostgreSQL
server, or may be on a remote machine which accesses a PostgreSQL
server over a network connection. This package contains the docs
in HTML for the whole package, as well as command-line utilities for
managing PostgreSQL databases on a PostgreSQL server.
If you want to manipulate a PostgreSQL database on a remote PostgreSQL
server, you need this package. You also need to install this package
if you're installing the postgresql-server package.
--------------------------------------------------------------------------------
ChangeLog:
* Mon Jan 7 2008 Tom Lane <tgl at redhat.com> 8.2.6-1
- Update to PostgreSQL 8.2.6 to fix CVE-2007-4769, CVE-2007-4772,
CVE-2007-6067, CVE-2007-6600, CVE-2007-6601
- Make initscript and pam config files be installed unconditionally;
seems new buildroots don't necessarily have those directories in place
* Thu Sep 20 2007 Tom Lane <tgl at redhat.com> 8.2.5-1
- Update to PostgreSQL 8.2.5 and pgtcl 1.6.0
- Fix multilib problem for /usr/include/ecpg_config.h (which is new in 8.2.x)
- Use tzdata package's data files instead of private copy, so that
postgresql-server need not be turned for routine timezone updates
- Don't remove postgres user/group during RPM uninstall, per Fedora
packaging guidelines
- Recent perl changes in rawhide mean we need a more specific BuildRequires
* Wed Jun 20 2007 Tom Lane <tgl at redhat.com> 8.2.4-2
- Fix oversight in postgresql-test makefile: pg_regress isn't a shell script
anymore. Per upstream bug 3398.
* Tue Apr 24 2007 Tom Lane <tgl at redhat.com> 8.2.4-1
- Update to PostgreSQL 8.2.4 for CVE-2007-2138, data loss bugs
Resolves: #237682
--------------------------------------------------------------------------------
References:
[ 1 ] Bug #427128 - CVE-2007-6601 PostgreSQL privilege escalation via dblink
https://bugzilla.redhat.com/show_bug.cgi?id=427128
[ 2 ] Bug #315231 - CVE-2007-4769 postgresql integer overflow in regex code
https://bugzilla.redhat.com/show_bug.cgi?id=315231
[ 3 ] Bug #427772 - CVE-2007-4769 CVE-2007-4772 CVE-2007-6067 CVE-2007-6600 CVE-2007-6601 Multiple postgresql vulnerabilities [Fedora 7]
https://bugzilla.redhat.com/show_bug.cgi?id=427772
[ 4 ] Bug #316511 - CVE-2007-4772 postgresql DoS via infinite loop in regex NFA optimization code
https://bugzilla.redhat.com/show_bug.cgi?id=316511
[ 5 ] Bug #400931 - CVE-2007-6067 postgresql: tempory DoS caused by slow regex NFA cleanup
https://bugzilla.redhat.com/show_bug.cgi?id=400931
[ 6 ] Bug #427127 - CVE-2007-6600 PostgreSQL privilege escalation
https://bugzilla.redhat.com/show_bug.cgi?id=427127
--------------------------------------------------------------------------------
Updated packages:
e9fef6216d3e4180360f73580af856309139e37f postgresql-debuginfo-8.2.6-1.fc7.ppc64.rpm
ee4617333d8f3b3866e817d3e465174358c3ae7d postgresql-test-8.2.6-1.fc7.ppc64.rpm
95824e2c070dadb40561638350d8015e1e5ee383 postgresql-python-8.2.6-1.fc7.ppc64.rpm
795aade65cc3f92719dc3aa41321395b0a1758cb postgresql-tcl-8.2.6-1.fc7.ppc64.rpm
7fe0d4ea22108e940555565e9292c5b1e47ae4fa postgresql-pltcl-8.2.6-1.fc7.ppc64.rpm
9e7e19ed8f1c2f588da08db090ca57aab452b3a2 postgresql-plpython-8.2.6-1.fc7.ppc64.rpm
4de5117aca494e6609a4de4988ca873bd7902e27 postgresql-plperl-8.2.6-1.fc7.ppc64.rpm
ffd065bc2dc8a2a75c5abbbac1d7ba4d6f634f02 postgresql-devel-8.2.6-1.fc7.ppc64.rpm
d5c23d58673b83170a06017fe44f402ccaadfa2b postgresql-contrib-8.2.6-1.fc7.ppc64.rpm
64ba8a138407496fb614584b988268c782207148 postgresql-docs-8.2.6-1.fc7.ppc64.rpm
92630063687242c74d0de80470a17243acf7cc42 postgresql-server-8.2.6-1.fc7.ppc64.rpm
9b4ef692e4d932aa5941c44b6a118ecf8a9dcb0b postgresql-libs-8.2.6-1.fc7.ppc64.rpm
8a5459c2e1aedf76f12fadccc3877e5019c6da74 postgresql-8.2.6-1.fc7.ppc64.rpm
8da9d0df2ac6f30e48be1590d113f2c90b55b598 postgresql-debuginfo-8.2.6-1.fc7.i386.rpm
adc7c3af8ec088c44c550e0b27eee312cae10427 postgresql-test-8.2.6-1.fc7.i386.rpm
cecc5f7f5a093d476a1021cacbe5e67c2e2ecb23 postgresql-python-8.2.6-1.fc7.i386.rpm
2ffedd4748dace9da1f6804de46a01e94dfc887e postgresql-tcl-8.2.6-1.fc7.i386.rpm
70c9fa093d821f44202cffd2527d9375d78c0b76 postgresql-pltcl-8.2.6-1.fc7.i386.rpm
2c97f7969d24dd1f096e5f5f1c27138f189cca6b postgresql-plpython-8.2.6-1.fc7.i386.rpm
8e3ec52efaa286bc276ce4342c94f353d8261da3 postgresql-plperl-8.2.6-1.fc7.i386.rpm
f7e7b89921674319cb209208bcf6053201118d80 postgresql-devel-8.2.6-1.fc7.i386.rpm
709a78deff74563fa7f95de4decbfb1c72c41e40 postgresql-contrib-8.2.6-1.fc7.i386.rpm
25881ef1a748290fe107efea6563e1b4a13b4c21 postgresql-docs-8.2.6-1.fc7.i386.rpm
1d5692bb92ab3c785a5049fc2bdd56d8049d552d postgresql-server-8.2.6-1.fc7.i386.rpm
fe385c760b4c599d90c36e553eb983c4617d0c2b postgresql-libs-8.2.6-1.fc7.i386.rpm
fd1ed8cc2aad83191e69b781687f78966d43e712 postgresql-8.2.6-1.fc7.i386.rpm
21454a77b4d00579abfab413725d360ff8065530 postgresql-docs-8.2.6-1.fc7.x86_64.rpm
afd9193c48b26b8886dbcbfbd417f0428df4df74 postgresql-contrib-8.2.6-1.fc7.x86_64.rpm
631fdb31d083f4c4d7d46172c52a1570609ca90f postgresql-debuginfo-8.2.6-1.fc7.x86_64.rpm
6e1cc849bcc39b882501b64a8c08440239df6b26 postgresql-plperl-8.2.6-1.fc7.x86_64.rpm
2f4e11e79767d86ec6cd366f11e069af9058b478 postgresql-8.2.6-1.fc7.x86_64.rpm
c1433f07a405dbe28d747cbfe726171aebe378dd postgresql-pltcl-8.2.6-1.fc7.x86_64.rpm
2238886481a28ecfc15c202ce115dc15b3e5df04 postgresql-tcl-8.2.6-1.fc7.x86_64.rpm
ef9d2730448a2ac7a1d6de38316f630c4899bd70 postgresql-server-8.2.6-1.fc7.x86_64.rpm
1bb9696ab4c16f8e68abf1c51000ed4b9db4474b postgresql-python-8.2.6-1.fc7.x86_64.rpm
8e2a7ca85e3c4e0ebb54f9b6c504caf9976a28b2 postgresql-plpython-8.2.6-1.fc7.x86_64.rpm
19a634bff66e16674504f41cafce2ca6f627a9a5 postgresql-devel-8.2.6-1.fc7.x86_64.rpm
9d45bea0de990a9500bf77fb480fe3dd7f9a0743 postgresql-libs-8.2.6-1.fc7.x86_64.rpm
89d380d81708382e2c79e322f725dfb2a56a9b78 postgresql-test-8.2.6-1.fc7.x86_64.rpm
621e92b583fa4fc875d3bceacce0a31c0ed19226 postgresql-debuginfo-8.2.6-1.fc7.ppc.rpm
6c8055fd3030ceef0f1d63edab8776ab3bf5054f postgresql-test-8.2.6-1.fc7.ppc.rpm
e801b65154639587b976d37270c8c40c03407129 postgresql-python-8.2.6-1.fc7.ppc.rpm
589125d1b83674ed2ecfc8215136aaf81eff0b85 postgresql-tcl-8.2.6-1.fc7.ppc.rpm
ec3c5a13e7f5889001b65b0375deaedd6f723f98 postgresql-pltcl-8.2.6-1.fc7.ppc.rpm
a38d9a4bbc75f232dcd3acdaee108ae0b9ef32d5 postgresql-plpython-8.2.6-1.fc7.ppc.rpm
258d29ff36583f1761c7ad5c11dff2c9fe30f283 postgresql-plperl-8.2.6-1.fc7.ppc.rpm
823a247afc354141953f2ac9063007d293f06b6a postgresql-devel-8.2.6-1.fc7.ppc.rpm
f5cb0ea974999e6db6d1b026f9a39a1f16ec2408 postgresql-contrib-8.2.6-1.fc7.ppc.rpm
4db3e420f9656103c22850bb7f1e1c33e37f5f7a postgresql-docs-8.2.6-1.fc7.ppc.rpm
cba731342eea3496b58be297bd76a2c967efac3a postgresql-server-8.2.6-1.fc7.ppc.rpm
47b507fc7806fbdcd45ac8fab8b1c5d7475cdf9e postgresql-libs-8.2.6-1.fc7.ppc.rpm
acfc117e7613a79e15e755e86c5a5b316caa46fc postgresql-8.2.6-1.fc7.ppc.rpm
4bfc585864482f0bae2a55cbdcb21d1b75ca81e9 postgresql-8.2.6-1.fc7.src.rpm
This update can be installed with the "yum" update program. Use
su -c 'yum update postgresql'
at the command line. For more information, refer to "Managing Software
with yum", available at http://docs.fedoraproject.org/yum/.
--------------------------------------------------------------------------------
More information about the package-announce
mailing list