[SECURITY] New set of PostgreSQL RPMS are available for download - Mailing list pgsql-announce

From Devrim GUNDUZ
Subject [SECURITY] New set of PostgreSQL RPMS are available for download
Date
Msg-id Pine.LNX.4.61.0410261036120.7499@emo.org.tr
Whole thread Raw
List pgsql-announce
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1


- ---------------------------------------------------------------------
PostgreSQL RPM Set Update
2004-10-26

Version(s): 7.3.8, 7.4.6

New set labels: 7.3.8-2PGDG, 7.4.6-2PGDG
- ---------------------------------------------------------------------

- ---------------------------------------------------------------------
Update Info:

Due to a security bug in RPM sets, new RPM sets for 7.4.6 and 7.3.8 have
been released. They are available in FTP site and synched mirrors. Due to
the seriousness of the bug, it is strongly recommended that administrators
upgrade their database servers at their earliest convenience.

Also, some minor changes have been applied to the spec files.

It should be noted that, for those looking to upgrade from a 7.4.0/7.4.1
server to 7.4.6, that there a dump-n-reload is *recommended* (but not
required) to address a fix introduced between 7.4.1 and 7.4.2. Please
refer to the 7.4.6 HISTORY file for information on how this can be
accomplished without a dump-n-reload, as there are steps that can be
followed for this.

7.4.6-2 set also includes RPMs for RHAS 2.1, thanks to Gaetano Mendola for
the effort.

These sets include RPMs and SRPMs for Fedora Core 1, Fedore Core 2, Red
Hat Enterprise Linux 3.0, Red Hat Linux 9 and Red Hat Advanced Server 2.1.
md5sums are also provided with the packages.
- ---------------------------------------------------------------------

- ---------------------------------------------------------------------
Changes since 7.4.6-1PGDG and 7.3.8-1PGDG RPMs:

* Updated init script to preventa nefarious postgres user from obtaining
root privileges.(per Red Hat Bugzilla #136947, #136949)
* Updated kerbdir
* Updated PyGreSQL from 3.4 to 3.5 (only for 7.4.6-2PGDG)
* Updated spec file to correct permissions for PyGreSQL permissions (per
Red Hat RPMS) (for only 7.4.6-2PGDG)
* Updated doc files for PyGreSQL (only for 7.4.6-2PGDG)
* Modified if-endif lines for tcl&tcldevel prereq lines (per Red Hat RPMS)
* Applied getppid.patch as patch #4 (per Red Hat RPMS)
- - Updated preun and postun server scripts, per Red Hat RPMS
- ----------------------------------------------------------------------

Please download these from one of our FTP mirror sites:

http://www.PostgreSQL.org/mirrors-ftp.html

or from Bittorrent (Thanks to David Fetter) :

http://bt.PostgreSQL.org

As always, please report any bugs to pgsql-bugs@postgresql.org

Regards,
- --
Devrim GUNDUZ
devrim~gunduz.org                devrim.gunduz~linux.org.tr
             http://www.tdmsoft.com
             http://www.gunduz.org
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.2.1 (GNU/Linux)

iD8DBQFBfobetl86P3SPfQ4RArLrAJ9iau6uicftPX7VjWVwF/AgcW2lbQCdHXCT
JRFRQVj1nJ7h0jxdgrKARxU=
=yQGE
-----END PGP SIGNATURE-----

pgsql-announce by date:

Previous
From: Robert Treat
Date:
Subject: == PostgreSQL Weekly News - October 27th 2004 ==
Next
From: Laurent THEVENET
Date:
Subject: PgWorksheet 1.2