postgresql-9.1 9.1.16-0ubuntu0.14.04 source package in Ubuntu
Changelog
postgresql-9.1 (9.1.16-0ubuntu0.14.04) trusty-security; urgency=medium * New upstream security/bug fix release (LP: #1457093) - Improve detection of system-call failures Our replacement implementation of snprintf() failed to check for errors reported by the underlying system library calls; the main case that might be missed is out-of-memory situations. In the worst case this might lead to information exposure, due to our code assuming that a buffer had been overwritten when it hadn't been. Also, there were a few places in which security-relevant calls of other system library functions did not check for failure. It remains possible that some calls of the *printf() family of functions are vulnerable to information disclosure if an out-of-memory error occurs at just the wrong time. We judge the risk to not be large, but will continue analysis in this area. (CVE-2015-3166) - Note: The other vulnerabilities fixed in 9.1.16 don't affect this version as we build the PL/Perl package only. -- Martin Pitt <email address hidden> Wed, 20 May 2015 23:16:18 +0200
Upload details
- Uploaded by:
- Martin Pitt
- Sponsored by:
- Marc Deslauriers
- Uploaded to:
- Trusty
- Original maintainer:
- Ubuntu Developers
- Architectures:
- any
- Section:
- database
- Urgency:
- Medium Urgency
See full publishing history Publishing
Series | Published | Component | Section |
---|
Downloads
File | Size | SHA-256 Checksum |
---|---|---|
postgresql-9.1_9.1.16.orig.tar.bz2 | 15.1 MiB | 2b65e2f7d6171107b96d3e92f42b869ec21f3b4e920d8941e511111372909456 |
postgresql-9.1_9.1.16-0ubuntu0.14.04.debian.tar.gz | 38.3 KiB | 48a703ee2855c8709a356da0d9d78fbe9e3d5d8754e993fa8eb0c4125291be1b |
postgresql-9.1_9.1.16-0ubuntu0.14.04.dsc | 2.3 KiB | eac202bcbd590c8731f766626cea189d21874e2793fc5ef840f3c10216eb207b |
Available diffs
Binary packages built by this source
- postgresql-plperl-9.1: PL/Perl procedural language for PostgreSQL 9.1
PL/Perl enables an SQL developer to write procedural language functions
for PostgreSQL 9.1 in Perl. You need this package if you have any
PostgreSQL 9.1 functions that use the languages plperl or plperlu.
.
PostgreSQL 9.1 is obsolete. This package is only provided for upgrades from
9.1 from Debian 7.x ("Wheezy") and should not be installed otherwise.
- postgresql-plperl-9.1-dbgsym: debug symbols for package postgresql-plperl-9.1
PL/Perl enables an SQL developer to write procedural language functions
for PostgreSQL 9.1 in Perl. You need this package if you have any
PostgreSQL 9.1 functions that use the languages plperl or plperlu.
.
PostgreSQL 9.1 is obsolete. This package is only provided for upgrades from
9.1 from Debian 7.x ("Wheezy") and should not be installed otherwise.