Accepted:
-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA256 Format: 1.8 Date: Tue, 06 Oct 2015 11:02:48 +0200 Source: postgresql-9.4 Binary: libpq-dev libpq5 libecpg6 libecpg-dev libecpg-compat3 libpgtypes3 postgresql-9.4 postgresql-9.4-dbg postgresql-client-9.4 postgresql-server-dev-9.4 postgresql-doc-9.4 postgresql-contrib-9.4 postgresql-plperl-9.4 postgresql-plpython-9.4 postgresql-plpython3-9.4 postgresql-pltcl-9.4 Architecture: armel Version: 9.4.5-1 Distribution: unstable Urgency: medium Maintainer: Debian PostgreSQL Maintainers <[email protected]> Changed-By: Christoph Berg <[email protected]> Description: libecpg-compat3 - older version of run-time library for ECPG programs libecpg-dev - development files for ECPG (Embedded PostgreSQL for C) libecpg6 - run-time library for ECPG programs libpgtypes3 - shared library libpgtypes for PostgreSQL 9.4 libpq-dev - header files for libpq5 (PostgreSQL library) libpq5 - PostgreSQL C client library postgresql-9.4 - object-relational SQL database, version 9.4 server postgresql-9.4-dbg - debug symbols for postgresql-9.4 postgresql-client-9.4 - front-end programs for PostgreSQL 9.4 postgresql-contrib-9.4 - additional facilities for PostgreSQL postgresql-doc-9.4 - documentation for the PostgreSQL database management system postgresql-plperl-9.4 - PL/Perl procedural language for PostgreSQL 9.4 postgresql-plpython-9.4 - PL/Python procedural language for PostgreSQL 9.4 postgresql-plpython3-9.4 - PL/Python 3 procedural language for PostgreSQL 9.4 postgresql-pltcl-9.4 - PL/Tcl procedural language for PostgreSQL 9.4 postgresql-server-dev-9.4 - development files for PostgreSQL 9.4 server-side programming Changes: postgresql-9.4 (9.4.5-1) unstable; urgency=medium . * New upstream version. . + Guard against stack overflows in json parsing (Oskari Saarenmaa) . If an application constructs PostgreSQL json or jsonb values from arbitrary user input, the application's users can reliably crash the PostgreSQL server, causing momentary denial of service. (CVE-2015-5289) . + Fix contrib/pgcrypto to detect and report too-short crypt() salts (Josh Kupershmidt) . Certain invalid salt arguments crashed the server or disclosed a few bytes of server memory. We have not ruled out the viability of attacks that arrange for presence of confidential information in the disclosed bytes, but they seem unlikely. (CVE-2015-5288) . * debian/rules: Call dh without --parallel, it's not supported upstream. Checksums-Sha1: ecd5a9c0eb5033e1d18b0a967bd3af5df88f3dca 13468 libecpg-compat3_9.4.5-1_armel.deb 605e1616e25e0c4b1f547055ad205ac511d1712e 189274 libecpg-dev_9.4.5-1_armel.deb f61ac0053b141fccdd1e592fcb20700daec90986 73484 libecpg6_9.4.5-1_armel.deb 1ac5fb8956b3672ad3d1c49cc3cfa1c5198d0a60 33648 libpgtypes3_9.4.5-1_armel.deb 997c9d6af794d4a4b841ed3e7a6d25fb18752aef 148998 libpq-dev_9.4.5-1_armel.deb 8127db5e24bd3b33de3a6d9346c34519eeb71bc7 107512 libpq5_9.4.5-1_armel.deb 773f6947cbf5c661001acb796898c9c3b7025059 11964826 postgresql-9.4-dbg_9.4.5-1_armel.deb 24247272f754b3c69fd8f68c049ee4e5c2fd7cb6 3219740 postgresql-9.4_9.4.5-1_armel.deb 41c019e6b53b0d9047bd9a829452e17d2b96adbf 986500 postgresql-client-9.4_9.4.5-1_armel.deb 7ebd0e3314e7aec9422b14b7868471b972cd7e38 393926 postgresql-contrib-9.4_9.4.5-1_armel.deb 3974df258eaddd80161e15ec3895f577413c35d2 51560 postgresql-plperl-9.4_9.4.5-1_armel.deb 0566f8f64b34b16924412d21623f8b542c7d830b 38906 postgresql-plpython-9.4_9.4.5-1_armel.deb 5dde649be498e6119f42b24f087a246e52c5db9b 38536 postgresql-plpython3-9.4_9.4.5-1_armel.deb 2f154c5c48c7bfa4d6a16cd0c5b8cff99ff34938 27938 postgresql-pltcl-9.4_9.4.5-1_armel.deb e76871d68c0c0cfafb985365f92e1ec8a9865d67 632304 postgresql-server-dev-9.4_9.4.5-1_armel.deb Checksums-Sha256: 10d396a8e2df381c2dfd66d391b14458915e7d40cdcfcee9447e192b1da743c5 13468 libecpg-compat3_9.4.5-1_armel.deb c455360f745a7ee44b036b6b81ef6b849bcb60dde8e5f61b7033fc3a10dfb4b2 189274 libecpg-dev_9.4.5-1_armel.deb 181cef540875d8d198c52bbbdf245642f9992954f8463fa5b785b175c65e34de 73484 libecpg6_9.4.5-1_armel.deb a076142d693eb48050917bbdc58801cfe86a1eb846fdb863c33a521a01c4cc09 33648 libpgtypes3_9.4.5-1_armel.deb 1a52724603d7608bfdb6ff1645f647830b37916a6f935a9a814c6a9a083dc436 148998 libpq-dev_9.4.5-1_armel.deb 3900493bfbd1690967de78b362bf089172976124765ceda0e0400ff86245a5f7 107512 libpq5_9.4.5-1_armel.deb 90b2bb758fc4b841048ce199c3e00deda9f978d3c524c24754377c3a82653051 11964826 postgresql-9.4-dbg_9.4.5-1_armel.deb 243b18a3a20d55fd709b8798198a18e5b343bfd6132b7c8038a3813218b351ea 3219740 postgresql-9.4_9.4.5-1_armel.deb eea8fe5155f7ff6d5e1e05661ea3d83fe206e25c5208101a63db56daf511bc56 986500 postgresql-client-9.4_9.4.5-1_armel.deb 556d906786f5ab2e958f50f0b62de05b01a3e0b19464888480345768c900a690 393926 postgresql-contrib-9.4_9.4.5-1_armel.deb 4251467e6dbb5d88b5fb0e2753cfc8429a9e31dbc370767b384da54322035285 51560 postgresql-plperl-9.4_9.4.5-1_armel.deb 676b8e76dfd7cb3b099ca6d71347c0261246240071df70d6d8f7abdfbd0c0fb5 38906 postgresql-plpython-9.4_9.4.5-1_armel.deb 588e3ae750578acaa9ac8d16c5b4fc75f3909be4405f9d5294b2fe1393f761aa 38536 postgresql-plpython3-9.4_9.4.5-1_armel.deb bc1aa0ac11102302d0d446ffaa6612821deb6dd9ad64378fa2280e263c8f4c05 27938 postgresql-pltcl-9.4_9.4.5-1_armel.deb a7a4c7ed115d4afd77307a76a5bc759eadd1b68fea53473cb549c0813e2c41da 632304 postgresql-server-dev-9.4_9.4.5-1_armel.deb Files: 74303bf76f0e123a7ab772fc047b6d61 13468 libs optional libecpg-compat3_9.4.5-1_armel.deb 74b603642154aa3269c1b86619f05801 189274 libdevel optional libecpg-dev_9.4.5-1_armel.deb 4b4ec38facd576e91b606e6e57aa574a 73484 libs optional libecpg6_9.4.5-1_armel.deb 8371f19c82ac7abdcc9c292f6bd267e0 33648 libs optional libpgtypes3_9.4.5-1_armel.deb b082cb453dfc01cddb14b886894217ce 148998 libdevel optional libpq-dev_9.4.5-1_armel.deb 61a944d8dcb682ae16df3377a65cb99d 107512 libs optional libpq5_9.4.5-1_armel.deb 3a46fd3471e2e2e39727f4a8195b467b 11964826 debug extra postgresql-9.4-dbg_9.4.5-1_armel.deb 3e2379d208567e12b3502ac6f5c7971c 3219740 database optional postgresql-9.4_9.4.5-1_armel.deb a516c7b255e519436799fe8bc2284d57 986500 database optional postgresql-client-9.4_9.4.5-1_armel.deb 68bb6dfa60ac843e22f42d7fc936ba87 393926 database optional postgresql-contrib-9.4_9.4.5-1_armel.deb a5804f10ab656d123f79e6e97b1e9c7f 51560 database optional postgresql-plperl-9.4_9.4.5-1_armel.deb 3f0e656b3b9c46f4a6593305024a6274 38906 database optional postgresql-plpython-9.4_9.4.5-1_armel.deb ddf83dee9066499c1865ea804da96d9d 38536 database optional postgresql-plpython3-9.4_9.4.5-1_armel.deb 0219d38fc7640d45eba8cf019926cc43 27938 database optional postgresql-pltcl-9.4_9.4.5-1_armel.deb f629bb57f318b5bd6394523b6c40d189 632304 libdevel optional postgresql-server-dev-9.4_9.4.5-1_armel.deb -----BEGIN PGP SIGNATURE----- Version: GnuPG v1 iQIcBAEBCAAGBQJWF68hAAoJEExaa6sS0qeuNocP/i8WTPYP0IrhMlxc8QsuY7hT VrSOCieILLWsp35FEpy2YLI8oC5vcXrcow1cxeiSNZUxxNq1N7rtpE+e1ef7HinQ WM1U+NBMGDiJd+k1IZaIgPPGFnP5A3p7CmkiEFEPC65RdnDCVN0n1JQmLtCbCAFt DLkgjpjiRUGgcq5kHdzO+7dIFmmHGjBYpwjcMZP7RDNOeUlTLYbrJnd4m9zVVaRA Efd7CQLrQLCP9O5H0/LwWdYDIjlumlKxCN/MtgxTQFAsQ2woGLVhdXeTYzBTG4dB 2gg26A5G1a+fKLYRhGtbdwzZKtipXT6h+DASqV12Rgs4LFUGGhqzXPBYOhrfFEVI oUSoBQcraBP5e00/AcUgcMsnRnSp9w407L9stOCn0vywT6drCJu/tvHewo5aEpji rac7tKuteGFrK9ZnF6lCL5DDyKew0Y5UP4iN75qrRtxo5g9k3A0bOAg91IWhWV49 I6zZjLdHC7eCYGV0LyruvUaXLIqoVMHOd3m+BinDuWVIPc/hDqdNiT3rCpuS//nL axJobWwGhZ+o3p8RsnxzDL8u3Gvxyl6i2w9f6+gqhNIYoSXgFp91AEOkGcMBoE3r T2XdB5uMeV+RVADkVt0ag0Qt+q6We+5gXpDQYHLDH9ICCVn1CJTLv0yXsk+lbHBp V8eYMcqsbL+BRrwdXdp7 =o26h -----END PGP SIGNATURE----- Thank you for your contribution to Debian. _______________________________________________ Pkg-postgresql-public mailing list [email protected] http://lists.alioth.debian.org/cgi-bin/mailman/listinfo/pkg-postgresql-public
