Bug#801317: wheezy-pu: package postgresql-9.1/9.1.19-0+deb7u1

Christoph Berg Thu, 08 Oct 2015 08:24:55 -0700

Package: release.debian.org
Severity: normal
Tags: wheezy
User: release.debian....@packages.debian.org
Usertags: pu


Hi,

please consider postgresql-9.1/9.1.19-0+deb7u1 for the next wheezy
point release:

postgresql-9.1 (9.1.19-0+deb7u1) wheezy; urgency=medium

  * New upstream version.

    + Fix contrib/pgcrypto to detect and report too-short crypt() salts
      (Josh Kupershmidt)

      Certain invalid salt arguments crashed the server or disclosed a few
      bytes of server memory.  We have not ruled out the viability of attacks
      that arrange for presence of confidential information in the disclosed
      bytes, but they seem unlikely.  (CVE-2015-5288)

 -- Christoph Berg <christoph.b...@credativ.de>  Thu, 08 Oct 2015 14:30:41 +0200

Christoph
-- 
c...@df7cb.de | http://www.df7cb.de/

signature.asc
Description: PGP signature

Bug#801317: wheezy-pu: package postgresql-9.1/9.1.19-0+deb7u1

Reply via email to