Sign Up
Log In
Log In
or
Sign Up
Places
All Projects
Status Monitor
Collapse sidebar
openSUSE:Evergreen:11.4
patchinfo.943
_patchinfo
Overview
Repositories
Revisions
Requests
Users
Attributes
Meta
File _patchinfo of Package patchinfo.943
<patchinfo> <issue id="765069" tracker="bnc">CVE-2012-2655: postgresql: denial of service (stack exhaustion) via specially-crafted SQL</issue> <issue id="776523" tracker="bnc">CVE-2012-3488: postgresql: arbitrary read + write of files via XSL functionality</issue> <issue id="766799" tracker="bnc">CVE-2012-2143: postgresql: BSD crypt 8bit character mishandling</issue> <issue id="776524" tracker="bnc">CVE-2012-3489: postgresql: determination of the existence of files</issue> <issue id="CVE-2012-3489" tracker="cve" /> <issue id="CVE-2012-3488" tracker="cve" /> <issue id="CVE-2012-2655" tracker="cve" /> <issue id="CVE-2012-2143" tracker="cve" /> <category>security</category> <rating>moderate</rating> <packager>rmax</packager> <description> This version upgrade of PostgreSQL fixes following issues: - Bugfix release 9.0.10: * Fix planner's assignment of executor parameters, and fix executor's rescan logic for CTE plan nodes. * Improve page-splitting decisions in GiST indexes. * Fix cascading privilege revoke to stop if privileges are still held. * Improve error messages for Hot Standby misconfiguration errors. * Fix handling of SIGFPE when PL/Perl is in use. * Prevent PL/Perl from crashing if a recursive PL/Perl function is redefined while being executed. * Work around possible misoptimization in PL/Perl. - See also: http://www.postgresql.org/docs/9.0/static/release.html - Security and bugfix release 9.0.9: * Prevent access to external files/URLs via contrib/xml2 (CVE-2012-3488, bnc#776523). * Prevent access to external files/URLs via XML entity references (CVE-2012-3489, bnc#776524). * Fix incorrect password transformation in contrib/pgcrypto (CVE-2012-2143, bnc#766799). * Ignore SECURITY DEFINER and SET attributes for a procedural language's call handler (CVE-2012-2655, bnc#765069). - See also: http://www.postgresql.org/docs/9.0/static/release.html - Rename postgresql-mkspecfiles to pre_checkin.sh </description> <summary>postgresql: security and bugfix upgrade to 9.0.10</summary> </patchinfo>
Locations
Projects
Search
Status Monitor
Help
OpenBuildService.org
Documentation
API Documentation
Code of Conduct
Contact
Support
@OBShq
Terms
openSUSE Build Service is sponsored by
The Open Build Service is an
openSUSE project
.
Sign Up
Log In
Places
Places
All Projects
Status Monitor