[Bug 1116336] Re: New upstream microreleases 9.1.8, 8.4.16, 8.3.23
** CVE removed: http://www.cve.mitre.org/cgi- bin/cvename.cgi?name=2013-0255 -- You received this bug notification because you are a member of Ubuntu Bugs, which is subscribed to Ubuntu. https://bugs.launchpad.net/bugs/1116336 Title: New upstream microreleases 9.1.8, 8.4.16, 8.3.23 To manage notifications about this bug go to: https://bugs.launchpad.net/ubuntu/+source/postgresql-8.3/+bug/1116336/+subscriptions -- ubuntu-bugs mailing list ubuntu-bugs@lists.ubuntu.com https://lists.ubuntu.com/mailman/listinfo/ubuntu-bugs
[Bug 1116336] Re: New upstream microreleases 9.1.8, 8.4.16, 8.3.23
This bug was fixed in the package postgresql-9.1 - 9.1.8-0ubuntu12.10 --- postgresql-9.1 (9.1.8-0ubuntu12.10) quantal-security; urgency=low * New upstream security/bug fix release: (LP: #1116336) - Prevent execution of enum_recv from SQL The function was misdeclared, allowing a simple SQL command to crash the server. In principle an attacker might be able to use it to examine the contents of server memory. Our thanks to Sumit Soni (via Secunia SVCRP) for reporting this issue. (CVE-2013-0255) - See HISTORY/changelog.gz for the other bug fixes. -- Martin Pitt martin.p...@ubuntu.com Tue, 05 Feb 2013 16:07:05 +0100 ** Changed in: postgresql-9.1 (Ubuntu Quantal) Status: New = Fix Released ** Changed in: postgresql-9.1 (Ubuntu Oneiric) Status: New = Fix Released -- You received this bug notification because you are a member of Ubuntu Bugs, which is subscribed to Ubuntu. https://bugs.launchpad.net/bugs/1116336 Title: New upstream microreleases 9.1.8, 8.4.16, 8.3.23 To manage notifications about this bug go to: https://bugs.launchpad.net/ubuntu/+source/postgresql-8.3/+bug/1116336/+subscriptions -- ubuntu-bugs mailing list ubuntu-bugs@lists.ubuntu.com https://lists.ubuntu.com/mailman/listinfo/ubuntu-bugs
[Bug 1116336] Re: New upstream microreleases 9.1.8, 8.4.16, 8.3.23
This bug was fixed in the package postgresql-9.1 - 9.1.8-0ubuntu11.10 --- postgresql-9.1 (9.1.8-0ubuntu11.10) oneiric-security; urgency=low * New upstream security/bug fix release: (LP: #1116336) - Prevent execution of enum_recv from SQL The function was misdeclared, allowing a simple SQL command to crash the server. In principle an attacker might be able to use it to examine the contents of server memory. Our thanks to Sumit Soni (via Secunia SVCRP) for reporting this issue. (CVE-2013-0255) - See HISTORY/changelog.gz for the other bug fixes. -- Martin Pitt martin.p...@ubuntu.com Tue, 05 Feb 2013 18:13:52 +0100 ** Changed in: postgresql-8.3 (Ubuntu Hardy) Status: New = Fix Released -- You received this bug notification because you are a member of Ubuntu Bugs, which is subscribed to Ubuntu. https://bugs.launchpad.net/bugs/1116336 Title: New upstream microreleases 9.1.8, 8.4.16, 8.3.23 To manage notifications about this bug go to: https://bugs.launchpad.net/ubuntu/+source/postgresql-8.3/+bug/1116336/+subscriptions -- ubuntu-bugs mailing list ubuntu-bugs@lists.ubuntu.com https://lists.ubuntu.com/mailman/listinfo/ubuntu-bugs
[Bug 1116336] Re: New upstream microreleases 9.1.8, 8.4.16, 8.3.23
This bug was fixed in the package postgresql-8.3 - 8.3.23-0ubuntu8.04 --- postgresql-8.3 (8.3.23-0ubuntu8.04) hardy-security; urgency=low * New upstream security/bug fix release: (LP: #1116336) - Prevent execution of enum_recv from SQL The function was misdeclared, allowing a simple SQL command to crash the server. In principle an attacker might be able to use it to examine the contents of server memory. Our thanks to Sumit Soni (via Secunia SVCRP) for reporting this issue. (CVE-2013-0255) - See HISTORY/changelog.gz for details about other changes. * 03-gettext-domains.patch: Unfuzz for new version. -- Martin Pitt martin.p...@ubuntu.com Wed, 06 Feb 2013 09:02:48 +0100 ** Changed in: postgresql-8.4 (Ubuntu Lucid) Status: New = Fix Released -- You received this bug notification because you are a member of Ubuntu Bugs, which is subscribed to Ubuntu. https://bugs.launchpad.net/bugs/1116336 Title: New upstream microreleases 9.1.8, 8.4.16, 8.3.23 To manage notifications about this bug go to: https://bugs.launchpad.net/ubuntu/+source/postgresql-8.3/+bug/1116336/+subscriptions -- ubuntu-bugs mailing list ubuntu-bugs@lists.ubuntu.com https://lists.ubuntu.com/mailman/listinfo/ubuntu-bugs
[Bug 1116336] Re: New upstream microreleases 9.1.8, 8.4.16, 8.3.23
This bug was fixed in the package postgresql-8.4 - 8.4.16-0ubuntu10.04 --- postgresql-8.4 (8.4.16-0ubuntu10.04) lucid-security; urgency=low * New upstream security/bug fix release: (LP: #1116336) - Prevent execution of enum_recv from SQL The function was misdeclared, allowing a simple SQL command to crash the server. In principle an attacker might be able to use it to examine the contents of server memory. Our thanks to Sumit Soni (via Secunia SVCRP) for reporting this issue. (CVE-2013-0255) - See HISTORY/changelog.gz for the other bug fixes. -- Martin Pitt martin.p...@ubuntu.com Wed, 06 Feb 2013 08:33:25 +0100 ** Changed in: postgresql-9.1 (Ubuntu Precise) Status: New = Fix Released -- You received this bug notification because you are a member of Ubuntu Bugs, which is subscribed to Ubuntu. https://bugs.launchpad.net/bugs/1116336 Title: New upstream microreleases 9.1.8, 8.4.16, 8.3.23 To manage notifications about this bug go to: https://bugs.launchpad.net/ubuntu/+source/postgresql-8.3/+bug/1116336/+subscriptions -- ubuntu-bugs mailing list ubuntu-bugs@lists.ubuntu.com https://lists.ubuntu.com/mailman/listinfo/ubuntu-bugs
[Bug 1116336] Re: New upstream microreleases 9.1.8, 8.4.16, 8.3.23
This bug was fixed in the package postgresql-9.1 - 9.1.8-0ubuntu12.04 --- postgresql-9.1 (9.1.8-0ubuntu12.04) precise-security; urgency=low * New upstream security/bug fix release: (LP: #1116336) - Prevent execution of enum_recv from SQL The function was misdeclared, allowing a simple SQL command to crash the server. In principle an attacker might be able to use it to examine the contents of server memory. Our thanks to Sumit Soni (via Secunia SVCRP) for reporting this issue. (CVE-2013-0255) - See HISTORY/changelog.gz for the other bug fixes. -- Martin Pitt martin.p...@ubuntu.com Tue, 05 Feb 2013 16:19:31 +0100 -- You received this bug notification because you are a member of Ubuntu Bugs, which is subscribed to Ubuntu. https://bugs.launchpad.net/bugs/1116336 Title: New upstream microreleases 9.1.8, 8.4.16, 8.3.23 To manage notifications about this bug go to: https://bugs.launchpad.net/ubuntu/+source/postgresql-8.3/+bug/1116336/+subscriptions -- ubuntu-bugs mailing list ubuntu-bugs@lists.ubuntu.com https://lists.ubuntu.com/mailman/listinfo/ubuntu-bugs
[Bug 1116336] Re: New upstream microreleases 9.1.8, 8.4.16, 8.3.23
This bug was fixed in the package postgresql-8.4 - 8.4.16-0ubuntu12.04 --- postgresql-8.4 (8.4.16-0ubuntu12.04) precise-security; urgency=low * New upstream security/bug fix release: (LP: #1116336) - Prevent execution of enum_recv from SQL The function was misdeclared, allowing a simple SQL command to crash the server. In principle an attacker might be able to use it to examine the contents of server memory. Our thanks to Sumit Soni (via Secunia SVCRP) for reporting this issue. (CVE-2013-0255) - See HISTORY/changelog.gz for the other bug fixes. -- Martin Pitt martin.p...@ubuntu.com Tue, 05 Feb 2013 16:27:57 +0100 ** Changed in: postgresql-8.4 (Ubuntu Precise) Status: New = Fix Released -- You received this bug notification because you are a member of Ubuntu Bugs, which is subscribed to Ubuntu. https://bugs.launchpad.net/bugs/1116336 Title: New upstream microreleases 9.1.8, 8.4.16, 8.3.23 To manage notifications about this bug go to: https://bugs.launchpad.net/ubuntu/+source/postgresql-8.3/+bug/1116336/+subscriptions -- ubuntu-bugs mailing list ubuntu-bugs@lists.ubuntu.com https://lists.ubuntu.com/mailman/listinfo/ubuntu-bugs
[Bug 1116336] Re: New upstream microreleases 9.1.8, 8.4.16, 8.3.23
$ rmadison -s raring postgresql-9.1 postgresql-9.1 |9.1.8-1 |raring | source, amd64, armhf, i386, powerpc ** Changed in: postgresql-9.1 (Ubuntu Raring) Status: Fix Committed = Fix Released -- You received this bug notification because you are a member of Ubuntu Bugs, which is subscribed to Ubuntu. https://bugs.launchpad.net/bugs/1116336 Title: New upstream microreleases 9.1.8, 8.4.16, 8.3.23 To manage notifications about this bug go to: https://bugs.launchpad.net/ubuntu/+source/postgresql-8.3/+bug/1116336/+subscriptions -- ubuntu-bugs mailing list ubuntu-bugs@lists.ubuntu.com https://lists.ubuntu.com/mailman/listinfo/ubuntu-bugs
[Bug 1116336] Re: New upstream microreleases 9.1.8, 8.4.16, 8.3.23
I got a rejection message for oneiric, as I accidentally targetted that at oneiric-proposed. I fixed that to say oneiric-security and put the new package here: http://people.canonical.com/~pitti/packages/psql/oneiric/ -- You received this bug notification because you are a member of Ubuntu Bugs, which is subscribed to Ubuntu. https://bugs.launchpad.net/bugs/1116336 Title: New upstream microreleases 9.1.8, 8.4.16, 8.3.23 To manage notifications about this bug go to: https://bugs.launchpad.net/ubuntu/+source/postgresql-8.3/+bug/1116336/+subscriptions -- ubuntu-bugs mailing list ubuntu-bugs@lists.ubuntu.com https://lists.ubuntu.com/mailman/listinfo/ubuntu-bugs
[Bug 1116336] Re: New upstream microreleases 9.1.8, 8.4.16, 8.3.23
** Information type changed from Private Security to Public -- You received this bug notification because you are a member of Ubuntu Bugs, which is subscribed to Ubuntu. https://bugs.launchpad.net/bugs/1116336 Title: New upstream microreleases 9.1.8, 8.4.16, 8.3.23 To manage notifications about this bug go to: https://bugs.launchpad.net/ubuntu/+source/postgresql-8.3/+bug/1116336/+subscriptions -- ubuntu-bugs mailing list ubuntu-bugs@lists.ubuntu.com https://lists.ubuntu.com/mailman/listinfo/ubuntu-bugs
[Bug 1116336] Re: New upstream microreleases 9.1.8, 8.4.16, 8.3.23
** Description changed: PostgreSQL will announce new upstream microreleases in two days which include one security issue. I'll update the description with the official annoucement once it goes public. The updates are on lillypilly.canonical.com:~pitti/psql/ . I'll move them to a HTTP accessible location once upstream goes public. + + UPDATE 2013-02-07: It's out, http://www.postgresql.org/about/news/1446/. + + I moved the updates to http://people.canonical.com/~pitti/packages/psql/ + , aka lillypilly.canonical.com:~pitti/public_html/packages/psql/. -- You received this bug notification because you are a member of Ubuntu Bugs, which is subscribed to Ubuntu. https://bugs.launchpad.net/bugs/1116336 Title: New upstream microreleases 9.1.8, 8.4.16, 8.3.23 To manage notifications about this bug go to: https://bugs.launchpad.net/ubuntu/+source/postgresql-8.3/+bug/1116336/+subscriptions -- ubuntu-bugs mailing list ubuntu-bugs@lists.ubuntu.com https://lists.ubuntu.com/mailman/listinfo/ubuntu-bugs
