Ubuntu
postgresql-9.1 package

postgresql-9.1 9.1.16-0ubuntu0.14.04 source package in Ubuntu

Changelog

postgresql-9.1 (9.1.16-0ubuntu0.14.04) trusty-security; urgency=medium

  * New upstream security/bug fix release (LP: #1457093)
    - Improve detection of system-call failures
      Our replacement implementation of snprintf() failed to check for errors
      reported by the underlying system library calls; the main case that
      might be missed is out-of-memory situations. In the worst case this
      might lead to information exposure, due to our code assuming that a
      buffer had been overwritten when it hadn't been. Also, there were a few
      places in which security-relevant calls of other system library
      functions did not check for failure.
      It remains possible that some calls of the *printf() family of functions
      are vulnerable to information disclosure if an out-of-memory error
      occurs at just the wrong time.  We judge the risk to not be large, but
      will continue analysis in this area. (CVE-2015-3166)
   - Note: The other vulnerabilities fixed in 9.1.16 don't affect this version
     as we build the PL/Perl package only.

 -- Martin Pitt <email address hidden>  Wed, 20 May 2015 23:16:18 +0200

Upload details

Uploaded by:
Martin Pitt
Sponsored by:
Marc Deslauriers
Uploaded to:
Trusty
Original maintainer:
Ubuntu Developers
Architectures:
any
Section:
database
Urgency:
Medium Urgency

See full publishing history Publishing

Series Pocket Published Component Section

Downloads

File Size SHA-256 Checksum
postgresql-9.1_9.1.16.orig.tar.bz2 15.1 MiB 2b65e2f7d6171107b96d3e92f42b869ec21f3b4e920d8941e511111372909456
postgresql-9.1_9.1.16-0ubuntu0.14.04.debian.tar.gz 38.3 KiB 48a703ee2855c8709a356da0d9d78fbe9e3d5d8754e993fa8eb0c4125291be1b
postgresql-9.1_9.1.16-0ubuntu0.14.04.dsc 2.3 KiB eac202bcbd590c8731f766626cea189d21874e2793fc5ef840f3c10216eb207b

View changes file

Binary packages built by this source

postgresql-plperl-9.1: PL/Perl procedural language for PostgreSQL 9.1

 PL/Perl enables an SQL developer to write procedural language functions
 for PostgreSQL 9.1 in Perl. You need this package if you have any
 PostgreSQL 9.1 functions that use the languages plperl or plperlu.
 .
 PostgreSQL 9.1 is obsolete. This package is only provided for upgrades from
 9.1 from Debian 7.x ("Wheezy") and should not be installed otherwise.

postgresql-plperl-9.1-dbgsym: debug symbols for package postgresql-plperl-9.1

 PL/Perl enables an SQL developer to write procedural language functions
 for PostgreSQL 9.1 in Perl. You need this package if you have any
 PostgreSQL 9.1 functions that use the languages plperl or plperlu.
 .
 PostgreSQL 9.1 is obsolete. This package is only provided for upgrades from
 9.1 from Debian 7.x ("Wheezy") and should not be installed otherwise.