This bug was fixed in the package postgresql-9.3 -
9.3.5-0ubuntu0.14.04.1
---------------
postgresql-9.3 (9.3.5-0ubuntu0.14.04.1) trusty-proposed; urgency=medium
* New upstream bug fix release: (LP: #1348176)
- pg_upgrade: Users who upgraded to version 9.3 using pg_upgrade may have
an issue with transaction information which causes VACUUM to eventually
fail. These users should run the script provided in the release notes to
determine if their installation is affected, and then take the remedy
steps outlined there.
- Various data integrity and other bug fixes.
- Secure Unix-domain sockets of temporary postmasters started during make
check.
Any local user able to access the socket file could connect as the
server's bootstrap superuser, then proceed to execute arbitrary code as
the operating-system user running the test, as we previously noted in
CVE-2014-0067. This change defends against that risk by placing the
server's socket in a temporary, mode 0700 subdirectory of /tmp.
- See release notes for details:
http://www.postgresql.org/about/news/1534/
* Remove pg_regress patches to support --host=/path, obsolete with above
upstream changes and not applicable any more.
* Drop tcl8.6 patch, applied upstream.
* Add missing logrotate test dependency.
-- Martin Pitt <[email protected]> Thu, 24 Jul 2014 16:13:59 +0200
** Changed in: postgresql-9.1 (Ubuntu Trusty)
Status: Fix Committed => Fix Released
--
You received this bug notification because you are a member of Ubuntu
Bugs, which is subscribed to Ubuntu.
https://bugs.launchpad.net/bugs/1348176
Title:
New upstream microreleases 9.3.5, 9.1.14, 8.4.22
To manage notifications about this bug go to:
https://bugs.launchpad.net/ubuntu/+source/postgresql-8.4/+bug/1348176/+subscriptions
--
ubuntu-bugs mailing list
[email protected]
https://lists.ubuntu.com/mailman/listinfo/ubuntu-bugs
