Opened 11 years ago
Closed 11 years ago
#4718 closed enhancement (fixed)
PostgreSQL 9.3.3
| Reported by: | Fernando de Oliveira | Owned by: | |
|---|---|---|---|
| Priority: | normal | Milestone: | 7.5 |
| Component: | BOOK | Version: | SVN |
| Severity: | normal | Keywords: | |
| Cc: |
Description ¶
http://ftp.postgresql.org/pub/source/v9.3.3/postgresql-9.3.3.tar.bz2
URL above is different from the book.
http://www.postgresql.org/about/news/1506/
PostgreSQL 9.3.3, 9.2.7, 9.1.12, 9.0.16 and 8.4.20 released! Posted on Feb. 20, 2014
The PostgreSQL Global Development Group has released an important update to all supported versions of the PostgreSQL database system, which includes minor versions 9.3.3, 9.2.7, 9.1.12, 9.0.16, and 8.4.20. This update contains fixes for multiple security issues, as well as several fixes for replication and data integrity issues. All users are urged to update their installations at the earliest opportunity, especially those using binary replication or running a high-security application. Security Fixes
Change History (10)
comment:1 by , 11 years ago
comment:2 by , 11 years ago
I agree, but is it possible for this to break any other package? Anyway, I would like to ask Igor, if he agrees and if he can do it.
comment:3 by , 11 years ago
Or, recalling the post in lfs dev, if Igor agrees and perhaps you do? Already almost blind, and did not even start updating, today. Will take a rest, perhaps will be back only tomaorrow, but will try today, later.
comment:5 by , 11 years ago
Perhaps we ought to mention part of what it says at http://www.postgresql.org/about/news/1506/ :
With this release, we are also alerting users to a known security hole that allows other users on the same machine to gain access to an operating system account while it is doing "make check": CVE-2014-0067. "Make check" is normally part of building PostgreSQL from source code. As it is not possible to fix this issue without causing significant issues to our testing infrastructure, a patch will be released separately and publicly. Until then, users are strongly advised not to run "make check" on machines where untrusted users have accounts.
comment:6 by , 11 years ago
I have one more package to build before PostgreSQL, so if it's okay with you two I'll update what's needed and add the note about make check?
by , 11 years ago
| Attachment: | postgresql.patch added |
|---|
comment:8 by , 11 years ago
| Owner: | changed from to |
|---|
comment:9 by , 11 years ago
| Milestone: | 7.6 → 7.5 |
|---|---|
| Resolution: | → fixed |
| Status: | new → closed |
Applied in r12755. Thanks.
I suggest updating to this package for 7.5 since it fixes security issues, but it's your call.