postgresql-7.4 1:7.4.8-17ubuntu1.4 source package in Ubuntu
Changelog
postgresql-7.4 (1:7.4.8-17ubuntu1.4) breezy-security; urgency=low * SECURITY UPDATE: Read out arbitrary memory locations from the server, local DoS. * Add debian/patches/56_cvs_sql_fun_typecheck.patch: - Repair insufficiently careful type checking for SQL-language functions. Not only can one trivially crash the backend, but with appropriate misuse of pass-by-reference datatypes it is possible to read out arbitrary locations in the server process's memory, which could allow retrieving database content the user should not be able to see. - Discovered by Jeff Trout. - Patch backported from 7.4.16 from CVS: http://developer.postgresql.org/cvsweb.cgi/pgsql/src/backend/executor/functions.c.diff?r1=1.75.2.1;r2=1.75.2.2 http://developer.postgresql.org/cvsweb.cgi/pgsql/src/backend/optimizer/util/clauses.c.diff?r1=1.154.2.4;r2=1.154.2.5 - CVE-2007-0555 * Add debian/patches/57_max_utf8_wchar_len.patch: - Update various string functions to support the maximum UTF-8 sequence length for 4-byte character set to prevent buffer overflows. - Patch backported from 7.4.16 from CVS: http://developer.postgresql.org/cvsweb.cgi/pgsql/src/backend/utils/mb/wchar.c.diff?r1=1.34.2.2;r2=1.34.2.3 -- Martin Pitt <email address hidden> Sun, 4 Feb 2007 22:17:39 +0100
Upload details
- Uploaded by:
- Martin Pitt
- Uploaded to:
- Breezy
- Original maintainer:
- Martin Pitt
- Architectures:
- any
- Section:
- misc
- Urgency:
- Low Urgency
See full publishing history Publishing
Series | Published | Component | Section |
---|
Downloads
File | Size | SHA-256 Checksum |
---|---|---|
postgresql-7.4_7.4.8.orig.tar.gz | 9.5 MiB | 2d65f932b453b67a06db7bf1e403580347908ec0a1371f071e3c3642eb7d054e |
postgresql-7.4_7.4.8-17ubuntu1.4.diff.gz | 60.2 KiB | 0131e88b56f2c617d87b782fad9cc18e3584bc84ba99061e979e96361fe486cb |
postgresql-7.4_7.4.8-17ubuntu1.4.dsc | 1.0 KiB | 4204d872f883f05593e9a6f065c9e666ef6240f5b566123b71859564550027d5 |
Binary packages built by this source
- libpq3: No summary available for libpq3 in ubuntu breezy.
No description available for libpq3 in ubuntu breezy.
- postgresql-7.4: No summary available for postgresql-7.4 in ubuntu breezy.
No description available for postgresql-7.4 in ubuntu breezy.
- postgresql-client-7.4: No summary available for postgresql-client-7.4 in ubuntu breezy.
No description available for postgresql-
client- 7.4 in ubuntu breezy.
- postgresql-contrib-7.4: No summary available for postgresql-contrib-7.4 in ubuntu breezy.
No description available for postgresql-
contrib- 7.4 in ubuntu breezy.
- postgresql-doc-7.4: No summary available for postgresql-doc-7.4 in ubuntu breezy.
No description available for postgresql-doc-7.4 in ubuntu breezy.
- postgresql-plperl-7.4: No summary available for postgresql-plperl-7.4 in ubuntu breezy.
No description available for postgresql-
plperl- 7.4 in ubuntu breezy.
- postgresql-plpython-7.4: No summary available for postgresql-plpython-7.4 in ubuntu breezy.
No description available for postgresql-
plpython- 7.4 in ubuntu breezy.
- postgresql-pltcl-7.4: No summary available for postgresql-pltcl-7.4 in ubuntu breezy.
No description available for postgresql-
pltcl-7. 4 in ubuntu breezy.
- postgresql-server-dev-7.4: No summary available for postgresql-server-dev-7.4 in ubuntu breezy.
No description available for postgresql-
server- dev-7.4 in ubuntu breezy.