| From: | Selena Deckelmann <sdeckelmann(at)chrisking(dot)com> |
|---|---|
| To: | pdxpug(at)postgresql(dot)org |
| Subject: | Fwd: [ANNOUNCE] PostgreSQL Releases: 8.2.4, 8.1.9, 8.0.13, 7.4.17, 7.3.19 |
| Date: | 2007-04-23 16:43:20 |
| Message-ID: | 25E7B098-8FD9-4C2B-876D-D69D5D30BF3B@chrisking.com |
| Views: | Raw Message | Whole Thread | Download mbox | Resend email |
| Thread: | |
| Lists: | pdxpug pgsql-announce |
Begin forwarded message:
From: Bruce Momjian <bruce(at)momjian(dot)us>
Date: April 23, 2007 9:22:50 AM PDT
To: PostgreSQL-announce <pgsql-announce(at)postgresql(dot)org>
Subject: [ANNOUNCE] PostgreSQL Releases: 8.2.4, 8.1.9, 8.0.13,
7.4.17, 7.3.19
The PostgreSQL Global Development Group has released updated versions
for PostgreSQL 8.2 and all back versions to patch a privilege escalation
exploit in SECURITY DEFINER functions. All users of this feature are
urged to update to the latest minor version and follow instructions on
securing these functions as soon as possible. This minor release also
contains other fixes, so all users should plan to deploy it.
Once you have updated, additional steps are required to secure your
database against the exploit. Please read the release notes at
http://www.postgresql.org/docs/8.2/static/release.html and the TechDocs
article at http://www.postgresql.org/docs/techdocs.77 on how to
lock down your security definer functions, if you use them.
Downloads are in the usual places, http://www.postgresql.org/download.
As always, application of a minor release does not require a dump and
reload of the database.
The frequency of security fixes recently is a result of increased
scrutiny of the PostgreSQL code by government agencies and
security-conscious companies. Rapid turnaround on security patches is
key to keeping PostgreSQL the most secure SQL database. Your work and
vigilance in applying the latest security updates ensures that there
will never be a PostgreSQL "worm".
--
Bruce Momjian <bruce(at)momjian(dot)us> http://momjian.us
EnterpriseDB http://
www.enterprisedb.com
+ If your life is a hard drive, Christ can be your backup. +
---------------------------(end of broadcast)---------------------------
-To unsubscribe from this list, send an email to:
pgsql-announce-unsubscribe(at)postgresql(dot)org
--
Selena Deckelmann
Information Systems Manager
Chris King Precision Components
Made in Portland, Oregon
www.chrisking.com / 503.972.4050 x230
| From | Date | Subject | |
|---|---|---|---|
| Next Message | David Fetter | 2007-04-30 04:11:51 | == PostgreSQL Weekly News - April 29 2007 == |
| Previous Message | Bruce Momjian | 2007-04-23 16:22:50 | PostgreSQL Releases: 8.2.4, 8.1.9, 8.0.13, 7.4.17, 7.3.19 |
| From | Date | Subject | |
|---|---|---|---|
| Next Message | Hiroshi Inoue | 2007-04-24 08:26:49 | psqlODBC 08.02.0300 Released |
| Previous Message | Bruce Momjian | 2007-04-23 16:22:50 | PostgreSQL Releases: 8.2.4, 8.1.9, 8.0.13, 7.4.17, 7.3.19 |