Format: 1.8
Date: Wed, 20 May 2015 23:16:18 +0200
Source: postgresql-9.1
Binary: postgresql-plperl-9.1
Architecture: amd64
Version: 9.1.16-0ubuntu0.14.04
Distribution: trusty
Urgency: medium
Maintainer: Ubuntu/amd64 Build Daemon <buildd@komainu.buildd>
Changed-By: Martin Pitt <martin.pitt@ubuntu.com>
Description: 
 postgresql-plperl-9.1 - PL/Perl procedural language for PostgreSQL 9.1
Launchpad-Bugs-Fixed: 1457093
Changes: 
 postgresql-9.1 (9.1.16-0ubuntu0.14.04) trusty-security; urgency=medium
 .
   * New upstream security/bug fix release (LP: #1457093)
     - Improve detection of system-call failures
       Our replacement implementation of snprintf() failed to check for errors
       reported by the underlying system library calls; the main case that
       might be missed is out-of-memory situations. In the worst case this
       might lead to information exposure, due to our code assuming that a
       buffer had been overwritten when it hadn't been. Also, there were a few
       places in which security-relevant calls of other system library
       functions did not check for failure.
       It remains possible that some calls of the *printf() family of functions
       are vulnerable to information disclosure if an out-of-memory error
       occurs at just the wrong time.  We judge the risk to not be large, but
       will continue analysis in this area. (CVE-2015-3166)
    - Note: The other vulnerabilities fixed in 9.1.16 don't affect this version
      as we build the PL/Perl package only.
Checksums-Sha1: 
 397443d8bee39d418d301af10441edda9ba06bdc 54388 postgresql-plperl-9.1_9.1.16-0ubuntu0.14.04_amd64.deb
 2d3165fcb9f2ef9b6bb930d92f65a2a8b5a64e9d 105104 postgresql-plperl-9.1-dbgsym_9.1.16-0ubuntu0.14.04_amd64.ddeb
Checksums-Sha256: 
 9235d5d40cc0a800209e62c9b51bc039834644af6b5950b9d21a7a03b16f362a 54388 postgresql-plperl-9.1_9.1.16-0ubuntu0.14.04_amd64.deb
 36cf90a396bf1e0f8729dff82f58f1f0a77ca8ece0e8f614d71d50ce3dbe2fca 105104 postgresql-plperl-9.1-dbgsym_9.1.16-0ubuntu0.14.04_amd64.ddeb
Files: 
 4b0b888ea5b3e015d475f1d60bfeae91 54388 database optional postgresql-plperl-9.1_9.1.16-0ubuntu0.14.04_amd64.deb
 5f771d3316d67b14dabacc55e08e98a1 105104 database extra postgresql-plperl-9.1-dbgsym_9.1.16-0ubuntu0.14.04_amd64.ddeb
Original-Maintainer: Debian PostgreSQL Maintainers <pkg-postgresql-public@lists.alioth.debian.org>