-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA256 Format: 1.8 Date: Sat, 16 Feb 2013 21:55:37 +0100 Source: postgresql-8.4 Binary: libpq-dev libpq5 libecpg6 libecpg-dev libecpg-compat3 libpgtypes3 postgresql-8.4 postgresql-client-8.4 postgresql-server-dev-8.4 postgresql-doc-8.4 postgresql-contrib-8.4 postgresql-plperl-8.4 postgresql-plpython-8.4 postgresql-pltcl-8.4 postgresql postgresql-client postgresql-doc postgresql-contrib Architecture: source all amd64 Version: 8.4.16-0squeeze1 Distribution: stable-security Urgency: high Maintainer: Martin Pitt <mpitt@debian.org> Changed-By: Martin Pitt <mpitt@debian.org> Description: libecpg-compat3 - older version of run-time library for ECPG programs libecpg-dev - development files for ECPG (Embedded PostgreSQL for C) libecpg6 - run-time library for ECPG programs libpgtypes3 - shared library libpgtypes for PostgreSQL 8.4 libpq-dev - header files for libpq5 (PostgreSQL library) libpq5 - PostgreSQL C client library postgresql - object-relational SQL database (supported version) postgresql-8.4 - object-relational SQL database, version 8.4 server postgresql-client - front-end programs for PostgreSQL (supported version) postgresql-client-8.4 - front-end programs for PostgreSQL 8.4 postgresql-contrib - additional facilities for PostgreSQL (supported version) postgresql-contrib-8.4 - additional facilities for PostgreSQL postgresql-doc - documentation for the PostgreSQL database management system postgresql-doc-8.4 - documentation for the PostgreSQL database management system postgresql-plperl-8.4 - PL/Perl procedural language for PostgreSQL 8.4 postgresql-plpython-8.4 - PL/Python procedural language for PostgreSQL 8.4 postgresql-pltcl-8.4 - PL/Tcl procedural language for PostgreSQL 8.4 postgresql-server-dev-8.4 - development files for PostgreSQL 8.4 server-side programming Changes: postgresql-8.4 (8.4.16-0squeeze1) stable-security; urgency=high . * New upstream security/bug fix release: - Prevent execution of enum_recv from SQL The function was misdeclared, allowing a simple SQL command to crash the server. In principle an attacker might be able to use it to examine the contents of server memory. Our thanks to Sumit Soni (via Secunia SVCRP) for reporting this issue. (CVE-2013-0255) - See HISTORY/changelog.gz for the other bug fixes. Checksums-Sha1: e42065e25c0186325bbd4dff0b921483e72cdd13 2532 postgresql-8.4_8.4.16-0squeeze1.dsc cf41260f8fd72d41dc4e2c0cc6f57d048f4cc48f 18577654 postgresql-8.4_8.4.16.orig.tar.gz 49bf27ccd8d8ad87324ad0b75d017b82d82d3408 58908 postgresql-8.4_8.4.16-0squeeze1.diff.gz cf972e8d255f0d897f942abc7083e1fe07b30d7a 2202006 postgresql-doc-8.4_8.4.16-0squeeze1_all.deb c27ecf4be996b42a9a6a35cdf75edad350d3b4e0 31978 postgresql_8.4.16-0squeeze1_all.deb f1e340859b58b987457457118079d78fe9de1800 31944 postgresql-client_8.4.16-0squeeze1_all.deb 86f1f0ad39dc0f12d8c100aedc1b9fb3a481d979 31786 postgresql-doc_8.4.16-0squeeze1_all.deb 0fff02f904d8e45459d3fd0e74e98d5de7e6aa7b 31848 postgresql-contrib_8.4.16-0squeeze1_all.deb 5a7ee65c6bae7cd125dad4d927a042d242824c79 252428 libpq-dev_8.4.16-0squeeze1_amd64.deb e67bb9cd19e3e994136f0274429546d2081205f0 170306 libpq5_8.4.16-0squeeze1_amd64.deb cbce5fdd417c816e3e44f63903d643e456a077d0 109020 libecpg6_8.4.16-0squeeze1_amd64.deb 3eae3fbe1d67e56c4fbda55b32f5afd2e9487f6c 269730 libecpg-dev_8.4.16-0squeeze1_amd64.deb f0bfdc0c9cff8625297434ea14cc16159c8e3366 39890 libecpg-compat3_8.4.16-0squeeze1_amd64.deb 706a0be8488bec9c599eb6de4e7221434da588a7 63682 libpgtypes3_8.4.16-0squeeze1_amd64.deb e130c3a96fdc215a010c156cdc8fc6f4b992c2df 5746544 postgresql-8.4_8.4.16-0squeeze1_amd64.deb 63664d3d4ed7471106ffc92f1eeeda47455eca28 1596174 postgresql-client-8.4_8.4.16-0squeeze1_amd64.deb c730263d8de77af4628392782f4ead09888c3972 650688 postgresql-server-dev-8.4_8.4.16-0squeeze1_amd64.deb aa9608c39ad62a30912d696ec62b7fc7841ab0b4 443108 postgresql-contrib-8.4_8.4.16-0squeeze1_amd64.deb 8f89a66e27bca1fa44b5a5d1ce40f76d9a73a0c2 70460 postgresql-plperl-8.4_8.4.16-0squeeze1_amd64.deb 6fe8f921e634e91d30834c73008bc0054f89c505 72530 postgresql-plpython-8.4_8.4.16-0squeeze1_amd64.deb 83c383582144784371fdf77272b864ea295566e7 55356 postgresql-pltcl-8.4_8.4.16-0squeeze1_amd64.deb Checksums-Sha256: 14e7078b7632543ef19b9050b7c45809676945d993d16085fc7d5ad4ee92de5d 2532 postgresql-8.4_8.4.16-0squeeze1.dsc d8ffc054f1a45bf9e2a9a246b19a046bfbe9e4f1a034613b3ecaf3c309a05266 18577654 postgresql-8.4_8.4.16.orig.tar.gz b4f0860f6d7108e7cc303454be94c25cca6aa328e424bca32a404147ff2de389 58908 postgresql-8.4_8.4.16-0squeeze1.diff.gz 632c48fef12bb5d6e6b3a87253fecb5c6ceab65a87c1539c9ce457ad07c7b162 2202006 postgresql-doc-8.4_8.4.16-0squeeze1_all.deb 99d1eed53122379f44f3edecd2171871b774782a44bf6e7f02bf047c6c073795 31978 postgresql_8.4.16-0squeeze1_all.deb 5eb8d6f0d111e676b7970b1b1e3ab89cafd7025ba7a38876b10579506ab74bdc 31944 postgresql-client_8.4.16-0squeeze1_all.deb a4adfe92c934597681b6b7d92d120327d6f263fa7fde98813b5760d4bf90a0e4 31786 postgresql-doc_8.4.16-0squeeze1_all.deb ba81d83067e756cfb5ea5075b4114a4c8c571770913951b0babd1228de64066c 31848 postgresql-contrib_8.4.16-0squeeze1_all.deb bcd544bb68638edff97d7e1c857ad63e7b99a562d6c4dd4383bd66125d144a35 252428 libpq-dev_8.4.16-0squeeze1_amd64.deb d0718274e93f3bdfb09dd6182f3710258d12da499cb1000bb35278fb7e16fda9 170306 libpq5_8.4.16-0squeeze1_amd64.deb 3b282ade56e249f814af8ed709e6c6dd312075c4aca8ee8985f6e0365e1bc6b3 109020 libecpg6_8.4.16-0squeeze1_amd64.deb 83f039b871494330841b6fe7f0b5cde0c6c02449c10e8b6e6e76dc1313989fe2 269730 libecpg-dev_8.4.16-0squeeze1_amd64.deb 20e9827e4adff402ac2366d12816afad3ca57da00b62d9dfdf90e60b0086c577 39890 libecpg-compat3_8.4.16-0squeeze1_amd64.deb 67814e64b304b64e4993cccdc879128acdd816e1a7d36503f5fd4fcbe221d3eb 63682 libpgtypes3_8.4.16-0squeeze1_amd64.deb 44e0c0f9fdbd26752cdc9ae97763917e4f65cc547cb96ffb5e6bc99170b98b99 5746544 postgresql-8.4_8.4.16-0squeeze1_amd64.deb 2fcfaee0f320c33f1c1915d7b170824570f2956277385b2a82fb3b8f41074aa1 1596174 postgresql-client-8.4_8.4.16-0squeeze1_amd64.deb c7993d9642f27a55cdff580170a86dd5d6da55fa1829c4c8948f2e6267461c26 650688 postgresql-server-dev-8.4_8.4.16-0squeeze1_amd64.deb 81a8c36494c53d1506a27fb3b003fde9c2a91c88d3f2a45b0b5ad006edd54638 443108 postgresql-contrib-8.4_8.4.16-0squeeze1_amd64.deb 2e9552c1ef176881617abf82f600ef64d416add3a81e7b7f69e9ccdb728cee24 70460 postgresql-plperl-8.4_8.4.16-0squeeze1_amd64.deb 53ee8c6f8bf9687e12a6b54d7fe769e794076087e797849fdb10ed0c47dab59b 72530 postgresql-plpython-8.4_8.4.16-0squeeze1_amd64.deb c5e246a6acbade3e47baa45151a9561c03169400511f3d9bc0c3f1907d76c705 55356 postgresql-pltcl-8.4_8.4.16-0squeeze1_amd64.deb Files: a0b7bedc8ea79e467213b0761b0781a0 2532 database optional postgresql-8.4_8.4.16-0squeeze1.dsc aacfe10924cd8404571fe7011778ba67 18577654 database optional postgresql-8.4_8.4.16.orig.tar.gz a1717b6d8771def0d36ab13ad8b1cd2b 58908 database optional postgresql-8.4_8.4.16-0squeeze1.diff.gz e3c379585ae523367d49501f1ded7d5a 2202006 doc optional postgresql-doc-8.4_8.4.16-0squeeze1_all.deb 71a6eebfb82a03627587659aec9aeb38 31978 database optional postgresql_8.4.16-0squeeze1_all.deb 85390be0e4a03c98070a0c0ccaf2fc3c 31944 database optional postgresql-client_8.4.16-0squeeze1_all.deb c832944bfdaf39224c2f0aa12370468a 31786 doc optional postgresql-doc_8.4.16-0squeeze1_all.deb 1f8023be6dcad3f502af0522f7db953a 31848 database optional postgresql-contrib_8.4.16-0squeeze1_all.deb 8cbb09524b6cfe2102d916bd82a9feec 252428 libdevel optional libpq-dev_8.4.16-0squeeze1_amd64.deb 81fdc9a57bd1526e7b18fcc3628f4496 170306 libs optional libpq5_8.4.16-0squeeze1_amd64.deb e048e29cf02a86f5039118fd6989dc47 109020 libs optional libecpg6_8.4.16-0squeeze1_amd64.deb 9f44ac62203f9a7f70c72c1bf64f7998 269730 libdevel optional libecpg-dev_8.4.16-0squeeze1_amd64.deb ef87844cd5fef366ca6c570bc608164d 39890 libs optional libecpg-compat3_8.4.16-0squeeze1_amd64.deb 1ddeedf913e094369f5a7b784c2a63da 63682 libs optional libpgtypes3_8.4.16-0squeeze1_amd64.deb b2502c032a40dd0fc86878fdf5a4c675 5746544 database optional postgresql-8.4_8.4.16-0squeeze1_amd64.deb 17324891351b18f8f051527dc5805111 1596174 database optional postgresql-client-8.4_8.4.16-0squeeze1_amd64.deb bd20f2784cb4367554a1f21a5aa88cdb 650688 libdevel optional postgresql-server-dev-8.4_8.4.16-0squeeze1_amd64.deb f9670d47fda61a30d44b775c80f06689 443108 database optional postgresql-contrib-8.4_8.4.16-0squeeze1_amd64.deb 2b4fcbae3ccef638a4562e9ed14ec676 70460 database optional postgresql-plperl-8.4_8.4.16-0squeeze1_amd64.deb 8803149c51a5c6133c9f6f41c88665f3 72530 database optional postgresql-plpython-8.4_8.4.16-0squeeze1_amd64.deb 167148ef285ad668f04fa52904f3d244 55356 database optional postgresql-pltcl-8.4_8.4.16-0squeeze1_amd64.deb -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.4.12 (GNU/Linux) iQIcBAEBCAAGBQJRH/SUAAoJEPmIJawmtHufWbwP/RCV32metVyx9T40cYunZw7Q ObRfIfnYPCF/yz65nswctWFTZ1f+yniJMNZBN9s1NA5lgK8HQuWRypvloG1Qs+LI IKVmcLjpczAqAyIjUtLVZldxA2V548M1Tlt+T15q0EoTsXpZCPaU68pd9LptE4eV GTPVVzOW5KjIOgbaFSZdxAIvHmMnT4AL5idkzT/PRKzUiOYgFvp/+gGmKvM+pmLY 2CYG/K2d25RfMdYObTp7kFCqFLEnXhB+uE2MfjMCvK+1upxVzxg0xPs75QPFoVsg IbSBG4OsQvexXjIGVwi9SqlfjwagTOxeh6a56f4xG8mTyret80awv/zmzlOmlgbW F34F9BhELNt4NF6+lGNlunorJxDCpg9+A3w6omwRUD7lzGU28JQo76NEFn4dMNrf F+KEH8AFXtRspjtjG80xhRoAIdiG2MTnQUnIp0KBFGidhLULaYlalGzrnoimRT3O Pb88DsksOczpydtSaUZXVdbnJbFHpIhoV9OwtUa/RqgJQDKKMn1UA+EjnEgYiFT7 34PD8VH8rOmJDpcpaISPGNrKLTJcDz8z+PnrETD+0NXEaqzgvS1Xv/D1UoJfD2Xn Vpf+lwIyGfbyVKSOVpgHwDbQr0fbaP9gOMVf7o2xcY3o7VHRZahWc2DCe5cPQJVm txHJdXwfNQMM+ioho4vf =ktuO -----END PGP SIGNATURE-----