Sorry, I forgot to take out the changelog message for CVE-2014-8161 from
the -8.4/lucid update (see comment 4). This is misleading, there is no
such patch and this vulnerability is *not* fixed in lucid.
--
You received this bug notification because you are a member of Desktop
Packages, which is
** Changed in: postgresql-8.4 (Ubuntu Lucid)
Assignee: Ubuntu Security Team (ubuntu-security) = Marc Deslauriers
(mdeslaur)
** Changed in: postgresql-9.1 (Ubuntu Precise)
Assignee: (unassigned) = Marc Deslauriers (mdeslaur)
** Changed in: postgresql-9.3 (Ubuntu Trusty)
Assignee:
This bug was fixed in the package postgresql-9.1 - 9.1.15-0ubuntu0.14.04
---
postgresql-9.1 (9.1.15-0ubuntu0.14.04) trusty-security; urgency=medium
* New upstream bug fix release (LP: #1418928). No effective changes for
PL/Perl, the version must just be higher than the one in
This bug was fixed in the package postgresql-9.4 - 9.4.1-0ubuntu0.14.10
---
postgresql-9.4 (9.4.1-0ubuntu0.14.10) utopic-security; urgency=medium
* New upstream security/bug fix release (LP: #1418928)
- Fix buffer overruns in to_char() [CVE-2015-0241]
- Fix buffer overruns
This bug was fixed in the package postgresql-9.3 - 9.3.6-0ubuntu0.14.04
---
postgresql-9.3 (9.3.6-0ubuntu0.14.04) trusty-security; urgency=medium
* New upstream security/bug fix release (LP: #1418928)
- Fix buffer overruns in to_char() [CVE-2015-0241]
- Fix buffer overruns
This bug was fixed in the package postgresql-9.1 - 9.1.15-0ubuntu0.12.04
---
postgresql-9.1 (9.1.15-0ubuntu0.12.04) precise-security; urgency=medium
* New upstream security/bug fix release (LP: #1418928)
- Fix buffer overruns in to_char() [CVE-2015-0241]
- Fix buffer
** Branch linked: lp:ubuntu/trusty-updates/postgresql-9.3
--
You received this bug notification because you are a member of Desktop
Packages, which is subscribed to postgresql-9.1 in Ubuntu.
https://bugs.launchpad.net/bugs/1418928
Title:
New upstream microreleases 9.1.15, 9.3.6, 9.4.1
Status
** Branch linked: lp:~ubuntu-branches/ubuntu/utopic/postgresql-9.4
/utopic-security
** Branch linked: lp:ubuntu/trusty-security/postgresql-9.3
--
You received this bug notification because you are a member of Desktop
Packages, which is subscribed to postgresql-9.1 in Ubuntu.
** Changed in: postgresql-8.4 (Ubuntu Lucid)
Status: In Progress = Fix Released
** Changed in: postgresql-9.4 (Ubuntu Vivid)
Status: Fix Committed = Fix Released
--
You received this bug notification because you are a member of Desktop
Packages, which is subscribed to
** Changed in: postgresql-9.4 (Ubuntu Utopic)
Status: New = In Progress
** Changed in: postgresql-9.4 (Ubuntu Utopic)
Assignee: (unassigned) = Martin Pitt (pitti)
--
You received this bug notification because you are a member of Desktop
Packages, which is subscribed to
https://launchpad.net/ubuntu/+source/postgresql-9.4/9.4.1-1 is in vivid-
proposed, but currently stuck on some reverse test dependency failures.
** Changed in: postgresql-9.4 (Ubuntu Vivid)
Status: New = Fix Committed
--
You received this bug notification because you are a member of
lucid is now ready and tested as well.
** Changed in: postgresql-8.4 (Ubuntu Lucid)
Assignee: Martin Pitt (pitti) = Ubuntu Security Team (ubuntu-security)
--
You received this bug notification because you are a member of Desktop
Packages, which is subscribed to postgresql-9.1 in Ubuntu.
** Changed in: postgresql-9.3 (Ubuntu Trusty)
Status: New = In Progress
--
You received this bug notification because you are a member of Desktop
Packages, which is subscribed to postgresql-9.1 in Ubuntu.
https://bugs.launchpad.net/bugs/1418928
Title:
New upstream microreleases 9.1.15,
8.4 for lucid requires some backporting, as it isn't supported upstream
any more.
CVE-2015-0241:
http://git.postgresql.org/gitweb/?p=postgresql.git;a=commitdiff;h=611e110aa
http://git.postgresql.org/gitweb/?p=postgresql.git;a=commitdiff;h=56b970f2
CVE-2015-0242:
** Changed in: postgresql-9.1 (Ubuntu Trusty)
Status: New = In Progress
--
You received this bug notification because you are a member of Desktop
Packages, which is subscribed to postgresql-9.1 in Ubuntu.
https://bugs.launchpad.net/bugs/1418928
Title:
New upstream microreleases 9.1.15,
The fix for the column privilege leaks in error messages
(http://git.postgresql.org/gitweb/?p=postgresql.git;a=commitdiff;h=3a2063369
, CVE-2014-8161) backports really badly to 8.4, the code changed
completely. I'm really afraid of breaking something, and the importance
of that is low to medium
** Changed in: postgresql-9.1 (Ubuntu Precise)
Status: New = In Progress
--
You received this bug notification because you are a member of Desktop
Packages, which is subscribed to postgresql-9.1 in Ubuntu.
https://bugs.launchpad.net/bugs/1418928
Title:
New upstream microreleases
Packages for precise to utopic are ready and tested:
http://people.canonical.com/~pitti/packages/psql/
I'm still backporting for lucid, though.
** Information type changed from Public to Public Security
--
You received this bug notification because you are a member of Desktop
Packages, which
18 matches
Mail list logo
