-------------------------------------------------------------------------------- Fedora Update Notification FEDORA-2013-4951 2013-04-05 22:28:28 --------------------------------------------------------------------------------
Name : postgresql Product : Fedora 18 Version : 9.2.4 Release : 1.fc18 URL : http://www.postgresql.org/ Summary : PostgreSQL client programs Description : PostgreSQL is an advanced Object-Relational database management system (DBMS). The base postgresql package contains the client programs that you'll need to access a PostgreSQL DBMS server, as well as HTML documentation for the whole system. These client programs can be located on the same machine as the PostgreSQL server, or on a remote machine that accesses a PostgreSQL server over a network connection. The PostgreSQL server can be found in the postgresql-server sub-package. -------------------------------------------------------------------------------- Update Information: - Update to PostgreSQL 9.2.4, for various fixes described at http://www.postgresql.org/docs/9.2/static/release-9-2-4.html including the fixes for CVE-2013-1899, CVE-2013-1900, CVE-2013-1901 - fix build for aarch64 and ppc64p7 -------------------------------------------------------------------------------- ChangeLog: * Thu Apr 4 2013 Tom Lane <[email protected]> 9.2.4-1 - Update to PostgreSQL 9.2.4, for various fixes described at http://www.postgresql.org/docs/9.2/static/release-9-2-4.html including the fixes for CVE-2013-1899, CVE-2013-1900, CVE-2013-1901 Resolves: #929223, #929255, #929328 - fix build for aarch64 * Tue Mar 19 2013 Karsten Hopp <[email protected]> 9.2.3-2 - add ppc64p7 optimized arch support * Thu Feb 7 2013 Tom Lane <[email protected]> 9.2.3-1 - Update to PostgreSQL 9.2.3, for various fixes described at http://www.postgresql.org/docs/9.2/static/release-9-2-3.html including the fix for CVE-2013-0255 Resolves: #908722 - Make the package build with selinux option disabled Resolves: #894367 - Include old version of pg_controldata in postgresql-upgrade subpackage Related: #896161 * Thu Jan 3 2013 Tom Lane <[email protected]> 9.2.2-3 - Prevent creation of TCP socket during pg_upgrade regression test, so that concurrent RPM builds on the same machine won't fail Resolves: #891531 - Make sure $PGDATA/pg_log/ gets the right SELinux label in postgresql-setup Resolves: #891547 * Wed Dec 19 2012 Tom Lane <[email protected]> 9.2.2-2 - Make building of plpython3 dependent on Fedora version, per guidelines Resolves: #888419 * Thu Dec 6 2012 Tom Lane <[email protected]> 9.2.2-1 - Update to PostgreSQL 9.2.2, for various fixes described at http://www.postgresql.org/docs/9.2/static/release-9-2-2.html - Use new systemd install/uninstall trigger macros conditionally, so that package can still be installed on pre-F18 branches -------------------------------------------------------------------------------- References: [ 1 ] Bug #929223 - CVE-2013-1899 postgresql: Insecure switch parsing https://bugzilla.redhat.com/show_bug.cgi?id=929223 [ 2 ] Bug #929255 - CVE-2013-1900 postgresql: Improper randomization of pgcrypto functions (requiring random seed) https://bugzilla.redhat.com/show_bug.cgi?id=929255 [ 3 ] Bug #929328 - CVE-2013-1901 postgresql: Improper user privilege check for on-line backups https://bugzilla.redhat.com/show_bug.cgi?id=929328 -------------------------------------------------------------------------------- This update can be installed with the "yum" update program. Use su -c 'yum update postgresql' at the command line. For more information, refer to "Managing Software with yum", available at http://docs.fedoraproject.org/yum/. All packages are signed with the Fedora Project GPG key. More details on the GPG keys used by the Fedora Project can be found at https://fedoraproject.org/keys -------------------------------------------------------------------------------- _______________________________________________ package-announce mailing list [email protected] https://admin.fedoraproject.org/mailman/listinfo/package-announce
