[Desktop-packages] [Bug 1457093] Re: New upstream microreleases 9.1.16, 9.3.7, 9.4.2
https://launchpad.net/ubuntu/+source/postgresql-9.4/9.4.2-1 is in wily now. ** Changed in: postgresql-9.4 (Ubuntu Wily) Status: Fix Committed => Fix Released -- You received this bug notification because you are a member of Desktop Packages, which is subscribed to postgresql-9.1 in Ubuntu. https://bugs.launchpad.net/bugs/1457093 Title: New upstream microreleases 9.1.16, 9.3.7, 9.4.2 Status in postgresql-9.1 package in Ubuntu: Invalid Status in postgresql-9.3 package in Ubuntu: Invalid Status in postgresql-9.4 package in Ubuntu: Fix Released Status in postgresql-9.1 source package in Precise: Fix Released Status in postgresql-9.1 source package in Trusty: Fix Released Status in postgresql-9.3 source package in Trusty: Fix Released Status in postgresql-9.4 source package in Utopic: Fix Released Status in postgresql-9.4 source package in Vivid: Fix Released Status in postgresql-9.4 source package in Wily: Fix Released Bug description: PostgreSQL will push out new microreleases on Friday, 2015-05-22. The tarballs for the updates are not public yet, but the fixes are visible in the upstream git, so there's no need to treat this as embargoed, but there should still be a coordinated release. These fix a couple of security issues, as well as the usual set of bug fixes. Upstream announcement: http://www.postgresql.org/about/news/1587/ To manage notifications about this bug go to: https://bugs.launchpad.net/ubuntu/+source/postgresql-9.1/+bug/1457093/+subscriptions -- Mailing list: https://launchpad.net/~desktop-packages Post to : desktop-packages@lists.launchpad.net Unsubscribe : https://launchpad.net/~desktop-packages More help : https://help.launchpad.net/ListHelp
[Desktop-packages] [Bug 1457093] Re: New upstream microreleases 9.1.16, 9.3.7, 9.4.2
** Branch linked: lp:~ubuntu-branches/ubuntu/vivid/postgresql-9.4/vivid- security ** Branch linked: lp:ubuntu/utopic-security/postgresql-9.4 -- You received this bug notification because you are a member of Desktop Packages, which is subscribed to postgresql-9.1 in Ubuntu. https://bugs.launchpad.net/bugs/1457093 Title: New upstream microreleases 9.1.16, 9.3.7, 9.4.2 Status in postgresql-9.1 package in Ubuntu: Invalid Status in postgresql-9.3 package in Ubuntu: Invalid Status in postgresql-9.4 package in Ubuntu: Fix Committed Status in postgresql-9.1 source package in Precise: Fix Released Status in postgresql-9.1 source package in Trusty: Fix Released Status in postgresql-9.3 source package in Trusty: Fix Released Status in postgresql-9.4 source package in Utopic: Fix Released Status in postgresql-9.4 source package in Vivid: Fix Released Status in postgresql-9.4 source package in Wily: Fix Committed Bug description: PostgreSQL will push out new microreleases on Friday, 2015-05-22. The tarballs for the updates are not public yet, but the fixes are visible in the upstream git, so there's no need to treat this as embargoed, but there should still be a coordinated release. These fix a couple of security issues, as well as the usual set of bug fixes. Upstream announcement: http://www.postgresql.org/about/news/1587/ To manage notifications about this bug go to: https://bugs.launchpad.net/ubuntu/+source/postgresql-9.1/+bug/1457093/+subscriptions -- Mailing list: https://launchpad.net/~desktop-packages Post to : desktop-packages@lists.launchpad.net Unsubscribe : https://launchpad.net/~desktop-packages More help : https://help.launchpad.net/ListHelp
[Desktop-packages] [Bug 1457093] Re: New upstream microreleases 9.1.16, 9.3.7, 9.4.2
This bug was fixed in the package postgresql-9.4 - 9.4.2-0ubuntu0.14.10 --- postgresql-9.4 (9.4.2-0ubuntu0.14.10) utopic-security; urgency=medium * New upstream security/bug fix release (LP: #1457093) - Avoid possible crash when client disconnects just before the authentication timeout expires. If the timeout interrupt fired partway through the session shutdown sequence, SSL-related state would be freed twice, typically causing a crash and hence denial of service to other sessions. Experimentation shows that an unauthenticated remote attacker could trigger the bug somewhat consistently, hence treat as security issue. (CVE-2015-3165) - Improve detection of system-call failures Our replacement implementation of snprintf() failed to check for errors reported by the underlying system library calls; the main case that might be missed is out-of-memory situations. In the worst case this might lead to information exposure, due to our code assuming that a buffer had been overwritten when it hadn't been. Also, there were a few places in which security-relevant calls of other system library functions did not check for failure. It remains possible that some calls of the *printf() family of functions are vulnerable to information disclosure if an out-of-memory error occurs at just the wrong time. We judge the risk to not be large, but will continue analysis in this area. (CVE-2015-3166) - In contrib/pgcrypto, uniformly report decryption failures as Wrong key or corrupt data Previously, some cases of decryption with an incorrect key could report other error message texts. It has been shown that such variance in error reports can aid attackers in recovering keys from other systems. While it's unknown whether pgcrypto's specific behaviors are likewise exploitable, it seems better to avoid the risk by using a one-size-fits-all message. (CVE-2015-3167) - Protect against wraparound of multixact member IDs Under certain usage patterns, the existing defenses against this might be insufficient, allowing pg_multixact/members files to be removed too early, resulting in data loss. The fix for this includes modifying the server to fail transactions that would result in overwriting old multixact member ID data, and improving autovacuum to ensure it will act proactively to prevent multixact member ID wraparound, as it does for transaction ID wraparound. - See release notes for details about other fixes. -- Martin Pitt Wed, 20 May 2015 23:01:00 +0200 -- You received this bug notification because you are a member of Desktop Packages, which is subscribed to postgresql-9.1 in Ubuntu. https://bugs.launchpad.net/bugs/1457093 Title: New upstream microreleases 9.1.16, 9.3.7, 9.4.2 Status in postgresql-9.1 package in Ubuntu: Invalid Status in postgresql-9.3 package in Ubuntu: Invalid Status in postgresql-9.4 package in Ubuntu: Fix Committed Status in postgresql-9.1 source package in Precise: Fix Released Status in postgresql-9.1 source package in Trusty: Fix Released Status in postgresql-9.3 source package in Trusty: Fix Released Status in postgresql-9.4 source package in Utopic: Fix Released Status in postgresql-9.4 source package in Vivid: Fix Released Status in postgresql-9.4 source package in Wily: Fix Committed Bug description: PostgreSQL will push out new microreleases on Friday, 2015-05-22. The tarballs for the updates are not public yet, but the fixes are visible in the upstream git, so there's no need to treat this as embargoed, but there should still be a coordinated release. These fix a couple of security issues, as well as the usual set of bug fixes. Upstream announcement: http://www.postgresql.org/about/news/1587/ To manage notifications about this bug go to: https://bugs.launchpad.net/ubuntu/+source/postgresql-9.1/+bug/1457093/+subscriptions -- Mailing list: https://launchpad.net/~desktop-packages Post to : desktop-packages@lists.launchpad.net Unsubscribe : https://launchpad.net/~desktop-packages More help : https://help.launchpad.net/ListHelp
[Desktop-packages] [Bug 1457093] Re: New upstream microreleases 9.1.16, 9.3.7, 9.4.2
This bug was fixed in the package postgresql-9.3 - 9.3.7-0ubuntu0.14.04 --- postgresql-9.3 (9.3.7-0ubuntu0.14.04) trusty-security; urgency=medium * New upstream security/bug fix release (LP: #1457093) - Avoid possible crash when client disconnects just before the authentication timeout expires. If the timeout interrupt fired partway through the session shutdown sequence, SSL-related state would be freed twice, typically causing a crash and hence denial of service to other sessions. Experimentation shows that an unauthenticated remote attacker could trigger the bug somewhat consistently, hence treat as security issue. (CVE-2015-3165) - Improve detection of system-call failures Our replacement implementation of snprintf() failed to check for errors reported by the underlying system library calls; the main case that might be missed is out-of-memory situations. In the worst case this might lead to information exposure, due to our code assuming that a buffer had been overwritten when it hadn't been. Also, there were a few places in which security-relevant calls of other system library functions did not check for failure. It remains possible that some calls of the *printf() family of functions are vulnerable to information disclosure if an out-of-memory error occurs at just the wrong time. We judge the risk to not be large, but will continue analysis in this area. (CVE-2015-3166) - In contrib/pgcrypto, uniformly report decryption failures as Wrong key or corrupt data Previously, some cases of decryption with an incorrect key could report other error message texts. It has been shown that such variance in error reports can aid attackers in recovering keys from other systems. While it's unknown whether pgcrypto's specific behaviors are likewise exploitable, it seems better to avoid the risk by using a one-size-fits-all message. (CVE-2015-3167) - Protect against wraparound of multixact member IDs Under certain usage patterns, the existing defenses against this might be insufficient, allowing pg_multixact/members files to be removed too early, resulting in data loss. The fix for this includes modifying the server to fail transactions that would result in overwriting old multixact member ID data, and improving autovacuum to ensure it will act proactively to prevent multixact member ID wraparound, as it does for transaction ID wraparound. - See release notes for details about other fixes. -- Martin Pitt Wed, 20 May 2015 23:08:58 +0200 ** Changed in: postgresql-9.3 (Ubuntu Trusty) Status: In Progress => Fix Released ** Changed in: postgresql-9.4 (Ubuntu Utopic) Status: In Progress => Fix Released -- You received this bug notification because you are a member of Desktop Packages, which is subscribed to postgresql-9.1 in Ubuntu. https://bugs.launchpad.net/bugs/1457093 Title: New upstream microreleases 9.1.16, 9.3.7, 9.4.2 Status in postgresql-9.1 package in Ubuntu: Invalid Status in postgresql-9.3 package in Ubuntu: Invalid Status in postgresql-9.4 package in Ubuntu: Fix Committed Status in postgresql-9.1 source package in Precise: Fix Released Status in postgresql-9.1 source package in Trusty: Fix Released Status in postgresql-9.3 source package in Trusty: Fix Released Status in postgresql-9.4 source package in Utopic: Fix Released Status in postgresql-9.4 source package in Vivid: Fix Released Status in postgresql-9.4 source package in Wily: Fix Committed Bug description: PostgreSQL will push out new microreleases on Friday, 2015-05-22. The tarballs for the updates are not public yet, but the fixes are visible in the upstream git, so there's no need to treat this as embargoed, but there should still be a coordinated release. These fix a couple of security issues, as well as the usual set of bug fixes. Upstream announcement: http://www.postgresql.org/about/news/1587/ To manage notifications about this bug go to: https://bugs.launchpad.net/ubuntu/+source/postgresql-9.1/+bug/1457093/+subscriptions -- Mailing list: https://launchpad.net/~desktop-packages Post to : desktop-packages@lists.launchpad.net Unsubscribe : https://launchpad.net/~desktop-packages More help : https://help.launchpad.net/ListHelp
[Desktop-packages] [Bug 1457093] Re: New upstream microreleases 9.1.16, 9.3.7, 9.4.2
This bug was fixed in the package postgresql-9.4 - 9.4.2-0ubuntu0.15.04 --- postgresql-9.4 (9.4.2-0ubuntu0.15.04) vivid-security; urgency=medium * New upstream security/bug fix release (LP: #1457093) - Avoid possible crash when client disconnects just before the authentication timeout expires. If the timeout interrupt fired partway through the session shutdown sequence, SSL-related state would be freed twice, typically causing a crash and hence denial of service to other sessions. Experimentation shows that an unauthenticated remote attacker could trigger the bug somewhat consistently, hence treat as security issue. (CVE-2015-3165) - Improve detection of system-call failures Our replacement implementation of snprintf() failed to check for errors reported by the underlying system library calls; the main case that might be missed is out-of-memory situations. In the worst case this might lead to information exposure, due to our code assuming that a buffer had been overwritten when it hadn't been. Also, there were a few places in which security-relevant calls of other system library functions did not check for failure. It remains possible that some calls of the *printf() family of functions are vulnerable to information disclosure if an out-of-memory error occurs at just the wrong time. We judge the risk to not be large, but will continue analysis in this area. (CVE-2015-3166) - In contrib/pgcrypto, uniformly report decryption failures as Wrong key or corrupt data Previously, some cases of decryption with an incorrect key could report other error message texts. It has been shown that such variance in error reports can aid attackers in recovering keys from other systems. While it's unknown whether pgcrypto's specific behaviors are likewise exploitable, it seems better to avoid the risk by using a one-size-fits-all message. (CVE-2015-3167) - Protect against wraparound of multixact member IDs Under certain usage patterns, the existing defenses against this might be insufficient, allowing pg_multixact/members files to be removed too early, resulting in data loss. The fix for this includes modifying the server to fail transactions that would result in overwriting old multixact member ID data, and improving autovacuum to ensure it will act proactively to prevent multixact member ID wraparound, as it does for transaction ID wraparound. - See release notes for details about other fixes. -- Martin Pitt Wed, 20 May 2015 17:44:27 +0200 -- You received this bug notification because you are a member of Desktop Packages, which is subscribed to postgresql-9.1 in Ubuntu. https://bugs.launchpad.net/bugs/1457093 Title: New upstream microreleases 9.1.16, 9.3.7, 9.4.2 Status in postgresql-9.1 package in Ubuntu: Invalid Status in postgresql-9.3 package in Ubuntu: Invalid Status in postgresql-9.4 package in Ubuntu: Fix Committed Status in postgresql-9.1 source package in Precise: Fix Released Status in postgresql-9.1 source package in Trusty: Fix Released Status in postgresql-9.3 source package in Trusty: Fix Released Status in postgresql-9.4 source package in Utopic: Fix Released Status in postgresql-9.4 source package in Vivid: Fix Released Status in postgresql-9.4 source package in Wily: Fix Committed Bug description: PostgreSQL will push out new microreleases on Friday, 2015-05-22. The tarballs for the updates are not public yet, but the fixes are visible in the upstream git, so there's no need to treat this as embargoed, but there should still be a coordinated release. These fix a couple of security issues, as well as the usual set of bug fixes. Upstream announcement: http://www.postgresql.org/about/news/1587/ To manage notifications about this bug go to: https://bugs.launchpad.net/ubuntu/+source/postgresql-9.1/+bug/1457093/+subscriptions -- Mailing list: https://launchpad.net/~desktop-packages Post to : desktop-packages@lists.launchpad.net Unsubscribe : https://launchpad.net/~desktop-packages More help : https://help.launchpad.net/ListHelp
[Desktop-packages] [Bug 1457093] Re: New upstream microreleases 9.1.16, 9.3.7, 9.4.2
This bug was fixed in the package postgresql-9.1 - 9.1.16-0ubuntu0.12.04 --- postgresql-9.1 (9.1.16-0ubuntu0.12.04) precise-security; urgency=medium * New upstream security/bug fix release (LP: #1457093) - Avoid possible crash when client disconnects just before the authentication timeout expires. If the timeout interrupt fired partway through the session shutdown sequence, SSL-related state would be freed twice, typically causing a crash and hence denial of service to other sessions. Experimentation shows that an unauthenticated remote attacker could trigger the bug somewhat consistently, hence treat as security issue. (CVE-2015-3165) - Improve detection of system-call failures Our replacement implementation of snprintf() failed to check for errors reported by the underlying system library calls; the main case that might be missed is out-of-memory situations. In the worst case this might lead to information exposure, due to our code assuming that a buffer had been overwritten when it hadn't been. Also, there were a few places in which security-relevant calls of other system library functions did not check for failure. It remains possible that some calls of the *printf() family of functions are vulnerable to information disclosure if an out-of-memory error occurs at just the wrong time. We judge the risk to not be large, but will continue analysis in this area. (CVE-2015-3166) - In contrib/pgcrypto, uniformly report decryption failures as Wrong key or corrupt data Previously, some cases of decryption with an incorrect key could report other error message texts. It has been shown that such variance in error reports can aid attackers in recovering keys from other systems. While it's unknown whether pgcrypto's specific behaviors are likewise exploitable, it seems better to avoid the risk by using a one-size-fits-all message. (CVE-2015-3167) - Protect against wraparound of multixact member IDs Under certain usage patterns, the existing defenses against this might be insufficient, allowing pg_multixact/members files to be removed too early, resulting in data loss. The fix for this includes modifying the server to fail transactions that would result in overwriting old multixact member ID data, and improving autovacuum to ensure it will act proactively to prevent multixact member ID wraparound, as it does for transaction ID wraparound. - See release notes for details about other fixes. * Backport the autopkgtest, as running the postgresql-common integration test suite is a lot simpler that way. Add manual creation of required locales, as precise's postgresql-common test suite does not yet do that by itself. -- Martin Pitt Wed, 20 May 2015 23:25:56 +0200 ** Changed in: postgresql-9.4 (Ubuntu Vivid) Status: In Progress => Fix Released -- You received this bug notification because you are a member of Desktop Packages, which is subscribed to postgresql-9.1 in Ubuntu. https://bugs.launchpad.net/bugs/1457093 Title: New upstream microreleases 9.1.16, 9.3.7, 9.4.2 Status in postgresql-9.1 package in Ubuntu: Invalid Status in postgresql-9.3 package in Ubuntu: Invalid Status in postgresql-9.4 package in Ubuntu: Fix Committed Status in postgresql-9.1 source package in Precise: Fix Released Status in postgresql-9.1 source package in Trusty: Fix Released Status in postgresql-9.3 source package in Trusty: Fix Released Status in postgresql-9.4 source package in Utopic: Fix Released Status in postgresql-9.4 source package in Vivid: Fix Released Status in postgresql-9.4 source package in Wily: Fix Committed Bug description: PostgreSQL will push out new microreleases on Friday, 2015-05-22. The tarballs for the updates are not public yet, but the fixes are visible in the upstream git, so there's no need to treat this as embargoed, but there should still be a coordinated release. These fix a couple of security issues, as well as the usual set of bug fixes. Upstream announcement: http://www.postgresql.org/about/news/1587/ To manage notifications about this bug go to: https://bugs.launchpad.net/ubuntu/+source/postgresql-9.1/+bug/1457093/+subscriptions -- Mailing list: https://launchpad.net/~desktop-packages Post to : desktop-packages@lists.launchpad.net Unsubscribe : https://launchpad.net/~desktop-packages More help : https://help.launchpad.net/ListHelp
[Desktop-packages] [Bug 1457093] Re: New upstream microreleases 9.1.16, 9.3.7, 9.4.2
This bug was fixed in the package postgresql-9.1 - 9.1.16-0ubuntu0.14.04 --- postgresql-9.1 (9.1.16-0ubuntu0.14.04) trusty-security; urgency=medium * New upstream security/bug fix release (LP: #1457093) - Improve detection of system-call failures Our replacement implementation of snprintf() failed to check for errors reported by the underlying system library calls; the main case that might be missed is out-of-memory situations. In the worst case this might lead to information exposure, due to our code assuming that a buffer had been overwritten when it hadn't been. Also, there were a few places in which security-relevant calls of other system library functions did not check for failure. It remains possible that some calls of the *printf() family of functions are vulnerable to information disclosure if an out-of-memory error occurs at just the wrong time. We judge the risk to not be large, but will continue analysis in this area. (CVE-2015-3166) - Note: The other vulnerabilities fixed in 9.1.16 don't affect this version as we build the PL/Perl package only. -- Martin Pitt Wed, 20 May 2015 23:16:18 +0200 ** Changed in: postgresql-9.1 (Ubuntu Trusty) Status: In Progress => Fix Released ** Changed in: postgresql-9.1 (Ubuntu Precise) Status: In Progress => Fix Released -- You received this bug notification because you are a member of Desktop Packages, which is subscribed to postgresql-9.1 in Ubuntu. https://bugs.launchpad.net/bugs/1457093 Title: New upstream microreleases 9.1.16, 9.3.7, 9.4.2 Status in postgresql-9.1 package in Ubuntu: Invalid Status in postgresql-9.3 package in Ubuntu: Invalid Status in postgresql-9.4 package in Ubuntu: Fix Committed Status in postgresql-9.1 source package in Precise: Fix Released Status in postgresql-9.1 source package in Trusty: Fix Released Status in postgresql-9.3 source package in Trusty: Fix Released Status in postgresql-9.4 source package in Utopic: Fix Released Status in postgresql-9.4 source package in Vivid: Fix Released Status in postgresql-9.4 source package in Wily: Fix Committed Bug description: PostgreSQL will push out new microreleases on Friday, 2015-05-22. The tarballs for the updates are not public yet, but the fixes are visible in the upstream git, so there's no need to treat this as embargoed, but there should still be a coordinated release. These fix a couple of security issues, as well as the usual set of bug fixes. Upstream announcement: http://www.postgresql.org/about/news/1587/ To manage notifications about this bug go to: https://bugs.launchpad.net/ubuntu/+source/postgresql-9.1/+bug/1457093/+subscriptions -- Mailing list: https://launchpad.net/~desktop-packages Post to : desktop-packages@lists.launchpad.net Unsubscribe : https://launchpad.net/~desktop-packages More help : https://help.launchpad.net/ListHelp
[Desktop-packages] [Bug 1457093] Re: New upstream microreleases 9.1.16, 9.3.7, 9.4.2
** Changed in: postgresql-9.4 (Ubuntu Wily) Status: In Progress => Fix Committed -- You received this bug notification because you are a member of Desktop Packages, which is subscribed to postgresql-9.1 in Ubuntu. https://bugs.launchpad.net/bugs/1457093 Title: New upstream microreleases 9.1.16, 9.3.7, 9.4.2 Status in postgresql-9.1 package in Ubuntu: Invalid Status in postgresql-9.3 package in Ubuntu: Invalid Status in postgresql-9.4 package in Ubuntu: Fix Committed Status in postgresql-9.1 source package in Precise: In Progress Status in postgresql-9.1 source package in Trusty: In Progress Status in postgresql-9.3 source package in Trusty: In Progress Status in postgresql-9.4 source package in Utopic: In Progress Status in postgresql-9.4 source package in Vivid: In Progress Status in postgresql-9.4 source package in Wily: Fix Committed Bug description: PostgreSQL will push out new microreleases on Friday, 2015-05-22. The tarballs for the updates are not public yet, but the fixes are visible in the upstream git, so there's no need to treat this as embargoed, but there should still be a coordinated release. These fix a couple of security issues, as well as the usual set of bug fixes. Upstream announcement: http://www.postgresql.org/about/news/1587/ To manage notifications about this bug go to: https://bugs.launchpad.net/ubuntu/+source/postgresql-9.1/+bug/1457093/+subscriptions -- Mailing list: https://launchpad.net/~desktop-packages Post to : desktop-packages@lists.launchpad.net Unsubscribe : https://launchpad.net/~desktop-packages More help : https://help.launchpad.net/ListHelp
[Desktop-packages] [Bug 1457093] Re: New upstream microreleases 9.1.16, 9.3.7, 9.4.2
** Description changed: PostgreSQL will push out new microreleases on Friday, 2015-05-22. The tarballs for the updates are not public yet, but the fixes are visible in the upstream git, so there's no need to treat this as embargoed, but there should still be a coordinated release. These fix a couple of security issues, as well as the usual set of bug fixes. + + Upstream announcement: http://www.postgresql.org/about/news/1587/ -- You received this bug notification because you are a member of Desktop Packages, which is subscribed to postgresql-9.1 in Ubuntu. https://bugs.launchpad.net/bugs/1457093 Title: New upstream microreleases 9.1.16, 9.3.7, 9.4.2 Status in postgresql-9.1 package in Ubuntu: Invalid Status in postgresql-9.3 package in Ubuntu: Invalid Status in postgresql-9.4 package in Ubuntu: In Progress Status in postgresql-9.1 source package in Precise: In Progress Status in postgresql-9.1 source package in Trusty: In Progress Status in postgresql-9.3 source package in Trusty: In Progress Status in postgresql-9.4 source package in Utopic: In Progress Status in postgresql-9.4 source package in Vivid: In Progress Status in postgresql-9.4 source package in Wily: In Progress Bug description: PostgreSQL will push out new microreleases on Friday, 2015-05-22. The tarballs for the updates are not public yet, but the fixes are visible in the upstream git, so there's no need to treat this as embargoed, but there should still be a coordinated release. These fix a couple of security issues, as well as the usual set of bug fixes. Upstream announcement: http://www.postgresql.org/about/news/1587/ To manage notifications about this bug go to: https://bugs.launchpad.net/ubuntu/+source/postgresql-9.1/+bug/1457093/+subscriptions -- Mailing list: https://launchpad.net/~desktop-packages Post to : desktop-packages@lists.launchpad.net Unsubscribe : https://launchpad.net/~desktop-packages More help : https://help.launchpad.net/ListHelp
[Desktop-packages] [Bug 1457093] Re: New upstream microreleases 9.1.16, 9.3.7, 9.4.2
All packages are in http://people.canonical.com/~pitti/tmp/psql-1457093/ -- You received this bug notification because you are a member of Desktop Packages, which is subscribed to postgresql-9.1 in Ubuntu. https://bugs.launchpad.net/bugs/1457093 Title: New upstream microreleases 9.1.16, 9.3.7, 9.4.2 Status in postgresql-9.1 package in Ubuntu: Invalid Status in postgresql-9.3 package in Ubuntu: Invalid Status in postgresql-9.4 package in Ubuntu: In Progress Status in postgresql-9.1 source package in Precise: In Progress Status in postgresql-9.1 source package in Trusty: In Progress Status in postgresql-9.3 source package in Trusty: In Progress Status in postgresql-9.4 source package in Utopic: In Progress Status in postgresql-9.4 source package in Vivid: In Progress Status in postgresql-9.4 source package in Wily: In Progress Bug description: PostgreSQL will push out new microreleases on Friday, 2015-05-22. The tarballs for the updates are not public yet, but the fixes are visible in the upstream git, so there's no need to treat this as embargoed, but there should still be a coordinated release. These fix a couple of security issues, as well as the usual set of bug fixes. To manage notifications about this bug go to: https://bugs.launchpad.net/ubuntu/+source/postgresql-9.1/+bug/1457093/+subscriptions -- Mailing list: https://launchpad.net/~desktop-packages Post to : desktop-packages@lists.launchpad.net Unsubscribe : https://launchpad.net/~desktop-packages More help : https://help.launchpad.net/ListHelp
[Desktop-packages] [Bug 1457093] Re: New upstream microreleases 9.1.16, 9.3.7, 9.4.2
Friday is fine, we won't release them until monday anyway. Thanks! ** Changed in: postgresql-9.1 (Ubuntu Precise) Assignee: (unassigned) => Marc Deslauriers (mdeslaur) ** Changed in: postgresql-9.1 (Ubuntu Trusty) Assignee: (unassigned) => Marc Deslauriers (mdeslaur) ** Changed in: postgresql-9.3 (Ubuntu Trusty) Assignee: (unassigned) => Marc Deslauriers (mdeslaur) ** Changed in: postgresql-9.4 (Ubuntu Utopic) Assignee: (unassigned) => Marc Deslauriers (mdeslaur) ** Changed in: postgresql-9.4 (Ubuntu Wily) Assignee: (unassigned) => Martin Pitt (pitti) ** Changed in: postgresql-9.4 (Ubuntu Vivid) Assignee: Martin Pitt (pitti) => Marc Deslauriers (mdeslaur) -- You received this bug notification because you are a member of Desktop Packages, which is subscribed to postgresql-9.1 in Ubuntu. https://bugs.launchpad.net/bugs/1457093 Title: New upstream microreleases 9.1.16, 9.3.7, 9.4.2 Status in postgresql-9.1 package in Ubuntu: Invalid Status in postgresql-9.3 package in Ubuntu: Invalid Status in postgresql-9.4 package in Ubuntu: In Progress Status in postgresql-9.1 source package in Precise: In Progress Status in postgresql-9.1 source package in Trusty: In Progress Status in postgresql-9.3 source package in Trusty: In Progress Status in postgresql-9.4 source package in Utopic: In Progress Status in postgresql-9.4 source package in Vivid: In Progress Status in postgresql-9.4 source package in Wily: In Progress Bug description: PostgreSQL will push out new microreleases on Friday, 2015-05-22. The tarballs for the updates are not public yet, but the fixes are visible in the upstream git, so there's no need to treat this as embargoed, but there should still be a coordinated release. These fix a couple of security issues, as well as the usual set of bug fixes. To manage notifications about this bug go to: https://bugs.launchpad.net/ubuntu/+source/postgresql-9.1/+bug/1457093/+subscriptions -- Mailing list: https://launchpad.net/~desktop-packages Post to : desktop-packages@lists.launchpad.net Unsubscribe : https://launchpad.net/~desktop-packages More help : https://help.launchpad.net/ListHelp
[Desktop-packages] [Bug 1457093] Re: New upstream microreleases 9.1.16, 9.3.7, 9.4.2
I have prepared and tested updates for all releases. Trusty and newer are trivial (just debian/changelog), all upstream and the postgresql- common test suites pass (via autopkgtest). Precise was also fairly trivial (no patch changes etc.), but I backported the autopkgtest. That way a new version can be tested with adt-run *.deb -B postgresql-9.1_9.1.16-0ubuntu0.12.04.dsc --- schroot precise which is a lot easier than having to manually install all packages, create locales etc., and run the tests. Note that the tests fail in 090_multicluster.t, all tests up to that are alright. This is nothing new, they've failed forever (at least in schroot), one of these days I'll track this down. trusty and newer all succeed. I'll put the packages on people.u.c. on Friday. We won't release this on a Friday anyway? If you want them earlier, please tell me and we figure out how to transfer them privately. ** Changed in: postgresql-9.4 (Ubuntu Utopic) Status: New => In Progress ** Changed in: postgresql-9.3 (Ubuntu Trusty) Status: New => In Progress ** Changed in: postgresql-9.1 (Ubuntu Trusty) Status: New => In Progress ** Changed in: postgresql-9.1 (Ubuntu Precise) Status: New => In Progress -- You received this bug notification because you are a member of Desktop Packages, which is subscribed to postgresql-9.1 in Ubuntu. https://bugs.launchpad.net/bugs/1457093 Title: New upstream microreleases 9.1.16, 9.3.7, 9.4.2 Status in postgresql-9.1 package in Ubuntu: Invalid Status in postgresql-9.3 package in Ubuntu: Invalid Status in postgresql-9.4 package in Ubuntu: In Progress Status in postgresql-9.1 source package in Precise: In Progress Status in postgresql-9.1 source package in Trusty: In Progress Status in postgresql-9.3 source package in Trusty: In Progress Status in postgresql-9.4 source package in Utopic: In Progress Status in postgresql-9.4 source package in Vivid: In Progress Status in postgresql-9.4 source package in Wily: In Progress Bug description: PostgreSQL will push out new microreleases on Friday, 2015-05-22. The tarballs for the updates are not public yet, but the fixes are visible in the upstream git, so there's no need to treat this as embargoed, but there should still be a coordinated release. These fix a couple of security issues, as well as the usual set of bug fixes. To manage notifications about this bug go to: https://bugs.launchpad.net/ubuntu/+source/postgresql-9.1/+bug/1457093/+subscriptions -- Mailing list: https://launchpad.net/~desktop-packages Post to : desktop-packages@lists.launchpad.net Unsubscribe : https://launchpad.net/~desktop-packages More help : https://help.launchpad.net/ListHelp
[Desktop-packages] [Bug 1457093] Re: New upstream microreleases 9.1.16, 9.3.7, 9.4.2
** Changed in: postgresql-9.4 (Ubuntu Vivid) Status: New => In Progress -- You received this bug notification because you are a member of Desktop Packages, which is subscribed to postgresql-9.1 in Ubuntu. https://bugs.launchpad.net/bugs/1457093 Title: New upstream microreleases 9.1.16, 9.3.7, 9.4.2 Status in postgresql-9.1 package in Ubuntu: Invalid Status in postgresql-9.3 package in Ubuntu: Invalid Status in postgresql-9.4 package in Ubuntu: In Progress Status in postgresql-9.1 source package in Precise: New Status in postgresql-9.1 source package in Trusty: New Status in postgresql-9.3 source package in Trusty: New Status in postgresql-9.4 source package in Utopic: New Status in postgresql-9.4 source package in Vivid: In Progress Status in postgresql-9.4 source package in Wily: In Progress Bug description: PostgreSQL will push out new microreleases on Friday, 2015-05-22. The tarballs for the updates are not public yet, but the fixes are visible in the upstream git, so there's no need to treat this as embargoed, but there should still be a coordinated release. These fix a couple of security issues, as well as the usual set of bug fixes. To manage notifications about this bug go to: https://bugs.launchpad.net/ubuntu/+source/postgresql-9.1/+bug/1457093/+subscriptions -- Mailing list: https://launchpad.net/~desktop-packages Post to : desktop-packages@lists.launchpad.net Unsubscribe : https://launchpad.net/~desktop-packages More help : https://help.launchpad.net/ListHelp
[Desktop-packages] [Bug 1457093] Re: New upstream microreleases 9.1.16, 9.3.7, 9.4.2
As usual, wily will be fixed via syncing from Debian unstable. Christoph already prepared 9.4.2-1 in git. ** Changed in: postgresql-9.4 (Ubuntu Wily) Importance: Undecided => High ** Changed in: postgresql-9.4 (Ubuntu Vivid) Assignee: (unassigned) => Martin Pitt (pitti) -- You received this bug notification because you are a member of Desktop Packages, which is subscribed to postgresql-9.1 in Ubuntu. https://bugs.launchpad.net/bugs/1457093 Title: New upstream microreleases 9.1.16, 9.3.7, 9.4.2 Status in postgresql-9.1 package in Ubuntu: Invalid Status in postgresql-9.3 package in Ubuntu: Invalid Status in postgresql-9.4 package in Ubuntu: In Progress Status in postgresql-9.1 source package in Precise: New Status in postgresql-9.1 source package in Trusty: New Status in postgresql-9.3 source package in Trusty: New Status in postgresql-9.4 source package in Utopic: New Status in postgresql-9.4 source package in Vivid: New Status in postgresql-9.4 source package in Wily: In Progress Bug description: PostgreSQL will push out new microreleases on Friday, 2015-05-22. The tarballs for the updates are not public yet, but the fixes are visible in the upstream git, so there's no need to treat this as embargoed, but there should still be a coordinated release. These fix a couple of security issues, as well as the usual set of bug fixes. To manage notifications about this bug go to: https://bugs.launchpad.net/ubuntu/+source/postgresql-9.1/+bug/1457093/+subscriptions -- Mailing list: https://launchpad.net/~desktop-packages Post to : desktop-packages@lists.launchpad.net Unsubscribe : https://launchpad.net/~desktop-packages More help : https://help.launchpad.net/ListHelp