[Pkg-postgresql-public] Bug#778850: Missing 20-column_privilege_leak.patch file in postgresql-8.4 8.4.22-0ubuntu0.10.04.1 source package

Charlie Brady Fri, 20 Feb 2015 08:04:13 -0800

Package: postgresql
Version: 8.4.22-0ubuntu0.10.04.1

Changelog for this package contains:


...
  * Add 20-column_privilege_leak.patch:
    Fix information leak via constraint-violation error messages
    [CVE-2014-8161]
...

But there is no such patch file.

See:

http://launchpadlibrarian.net/197335367/postgresql-8.4_8.4.22-0ubuntu0.10.04_8.4.22-0ubuntu0.10.04.1.diff.gz

I think that means that CVE-2014-8161 is not fixed in this version.

_______________________________________________
Pkg-postgresql-public mailing list
[email protected]
http://lists.alioth.debian.org/cgi-bin/mailman/listinfo/pkg-postgresql-public

[Pkg-postgresql-public] Bug#778850: Missing 20-column_privilege_leak.patch file in postgresql-8.4 8.4.22-0ubuntu0.10.04.1 source package

Reply via email to