update for postgresql
- Security and bugfix release 9.0.7:
* Require execute permission on the trigger function for "CREATE
TRIGGER" (CVE-2012-0866, bnc#749299).
* Remove arbitrary limitation on length of common name in SSL
certificates (CVE-2012-0867, bnc#749301).
* Convert newlines to spaces in names written in pg_dump
comments (CVE-2012-0868, bnc#749303).
See the release notes for the rest of the changes:
http://www.postgresql.org/docs/9.0/static/release.html
/usr/share/doc/packages/postgresql/HISTORY
-
Submitted by
Ludwig Nussel (lnussel)
Fixed bugs
bnc#749299
postgresql: Absent permission checks on trigger function to be called when creating a trigger
bnc#749303
postgresql: SQL injection due unsanitized newline characters in object names
bnc#749301
postgresql: MITM due improper x509_v3 CN validation during certificate verification
bnc#701489
postgresql-contrib: crypt_blowfish: 8-bit character mishandling
