-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA256 Format: 1.8 Date: Tue, 08 Aug 2017 10:05:43 +0200 Source: postgresql-9.6 Binary: libpq-dev libpq5 libecpg6 libecpg-dev libecpg-compat3 libpgtypes3 postgresql-9.6 postgresql-9.6-dbg postgresql-client-9.6 postgresql-server-dev-9.6 postgresql-doc-9.6 postgresql-contrib-9.6 postgresql-plperl-9.6 postgresql-plpython-9.6 postgresql-plpython3-9.6 postgresql-pltcl-9.6 Architecture: source Version: 9.6.4-1 Distribution: unstable Urgency: medium Maintainer: Debian PostgreSQL Maintainers <pkg-postgresql-pub...@lists.alioth.debian.org> Changed-By: Christoph Berg <christoph.b...@credativ.de> Description: libecpg-compat3 - older version of run-time library for ECPG programs libecpg-dev - development files for ECPG (Embedded PostgreSQL for C) libecpg6 - run-time library for ECPG programs libpgtypes3 - shared library libpgtypes for PostgreSQL 9.6 libpq-dev - header files for libpq5 (PostgreSQL library) libpq5 - PostgreSQL C client library postgresql-9.6 - object-relational SQL database, version 9.6 server postgresql-9.6-dbg - debug symbols for postgresql-9.6 postgresql-client-9.6 - front-end programs for PostgreSQL 9.6 postgresql-contrib-9.6 - additional facilities for PostgreSQL postgresql-doc-9.6 - documentation for the PostgreSQL database management system postgresql-plperl-9.6 - PL/Perl procedural language for PostgreSQL 9.6 postgresql-plpython-9.6 - PL/Python procedural language for PostgreSQL 9.6 postgresql-plpython3-9.6 - PL/Python 3 procedural language for PostgreSQL 9.6 postgresql-pltcl-9.6 - PL/Tcl procedural language for PostgreSQL 9.6 postgresql-server-dev-9.6 - development files for PostgreSQL 9.6 server-side programming Changes: postgresql-9.6 (9.6.4-1) unstable; urgency=medium . * Team upload. * New upstream version. . + Further restrict visibility of pg_user_mappings.umoptions, to protect passwords stored as user mapping options. See the release notes for instructions for applying the fix to existing database clusters. (CVE-2017-7547; extends fix for CVE-2017-7484) + Disallow empty passwords in all password-based authentication methods. (CVE-2017-7546) + Make lo_put() check for UPDATE privilege on the target large object. (CVE-2017-7548) . * debian/rules: Unconditionally use DEB_BUILD_MAINT_OPTIONS=hardening=+all. The old logic is kept around for compiling on older distributions. * Remove long obsolete --with-krb5 and move c/ldflags to configure switches. Checksums-Sha1: c0abab48a9759813b5e68ee5202bec072c631a78 3666 postgresql-9.6_9.6.4-1.dsc f10e2e5c09e041616e25bd41a9ea91be98534d9d 19566875 postgresql-9.6_9.6.4.orig.tar.bz2 294649179aa87e058ab084690843f27f073bb2a2 21212 postgresql-9.6_9.6.4-1.debian.tar.xz 02c8379607da7245e10fda9cb27f45fe714e5ad8 8227 postgresql-9.6_9.6.4-1_source.buildinfo Checksums-Sha256: cee0b01d0d8f33e522a133e7d9fced9f57cfa78e676bd8028938530829159098 3666 postgresql-9.6_9.6.4-1.dsc 2b3ab16d82e21cead54c08b95ce3ac480696944a68603b6c11b3205b7376ce13 19566875 postgresql-9.6_9.6.4.orig.tar.bz2 1fe0b13d576fbf7d898b3fd0f7ad2ce108075c24ea6199a77fa7c161198efabe 21212 postgresql-9.6_9.6.4-1.debian.tar.xz d122c3e215912c007d0a06a436b786e63336f6aa683896ad878abd889bde047f 8227 postgresql-9.6_9.6.4-1_source.buildinfo Files: 4873568cf5b6c86720f7abc5891b0c04 3666 database optional postgresql-9.6_9.6.4-1.dsc 67b01523a75271fd6cb2638eb2b55795 19566875 database optional postgresql-9.6_9.6.4.orig.tar.bz2 99537d18dd0de900797a06858c320e3a 21212 database optional postgresql-9.6_9.6.4-1.debian.tar.xz eb32b46bc02d53603dcb6286d2786899 8227 database optional postgresql-9.6_9.6.4-1_source.buildinfo
-----BEGIN PGP SIGNATURE----- iQIzBAEBCAAdFiEEXEj+YVf0kXlZcIfGTFprqxLSp64FAlmMSX4ACgkQTFprqxLS p67m7xAAra4ydtxO4J5epErFF5lJNHJNnvITYz5AiOFEiRDxN8OjrjXRusl8VzRO xgx0ZBCi8r42fYACbtY185DKMrfvygZqgC2RZhXErQ4NMfNAfxY5VOfqr8gMH9Ey AIHGAyVZ9fOFTlI0EWySHfNrR+O+6PZBq5hjeJ7AMES2cBFM60MnR0XxxP0hPJtI xrcrx7AaH22AgyR6Egho7lnuGNFF83afQa2EGP1Sa2iV4lpk9FHtweAWWU9wvwxW NGyfre+KP/xoWKYZLB17fbDXiNfUVBYJ5PZIIdVjCaJPy3QebR1/3Ai+iwqRS8mB Grq23Qz3ZNz2fKWzrpbpyIXbeYMfXkKP5JFDEQ15qOsuby91YZ8HeIIRW93QTIFV +LAiQDQmNOXXylkGCiwgSuwVY6c4u75dwRpT802gdHGjiQGn25d6XZHypHSZlVaH CxHYTh8xLzQkRJmNLyNTCQG1prURZan3GxhV3Josg1722XpVErVtsRi+3+hii3vE HWmE2uDyKrlrnCoJDCu5cOMi26cRBw2lW+5NxuzhOLJkK4Gqw5Tey5yjhWzl2UXP S2jomt+rB0T/Wh5LZOVAJf5X43Z7x6WCcY3i72kH0PyTVhoLzp8hBzgBXEXf3zo3 tkr09VGHBr+pCL24qpU64Y4sV70BdGnFtT8V/2dTJjGLZiO2tyI= =9tOa -----END PGP SIGNATURE-----