On Tue, 2011-11-08 at 00:16 +0000, Jan Kechel wrote: > Why is there no security update for postgresql-9.0 on squeeze? > > .. just wondered why my cron-apt didn't report any postgresql updates > today. My security.sources.list is
Are you thinking of backports? > On 11/07/2011 07:49 PM, Thijs Kinkhorst wrote: > > ------------------------------------------------------------------------- > > Debian Security Advisory DSA-2340-1 [email protected] > > http://www.debian.org/security/ Thijs Kinkhorst > > November 7, 2011 http://www.debian.org/security/faq > > ------------------------------------------------------------------------- > > > > Package : postgresql-8.3, postgresql-8.4, postgresql-9.0 > > Vulnerability : weak password hashing > > Problem type : remote > > Debian-specific: no > > CVE ID : CVE-2011-2483 > > Debian Bug : 631285 > > > > For the testing distribution (wheezy) and unstable distribution (sid), > > this problem has been fixed in postgresql-8.4 version 8.4.9-1, > > postgresql-9.0 9.0.5-1 and postgresql-9.1 9.1~rc1-1. Backports currently has the version 9.1 9.1.1-1~bpo60+1 Does this version need an update for this DSA notice? cheers, Dagan -- To UNSUBSCRIBE, email to [email protected] with a subject of "unsubscribe". Trouble? Contact [email protected] Archive: http://lists.debian.org/1320716646.12673.2.camel@tighanardrigh
