|From:||"Marc G(dot) Fournier" <scrappy(at)postgresql(dot)org>|
|Subject:||Minor Releases 7.3 thru 8.1 Available to Fix Security Issue|
|Views:||Raw Message | Whole Thread | Download mbox | Resend email|
PostgreSQL minor version 8.1.3 has been released, containing a patch for a
serious security issue present in the 8.1 branch. All users of 8.1 are
urged to upgrade at the earliest opportunity.
Minor versions 8.0.7, 7.4.12, and 7.3.14 are being released at the same
time. These contain only minor bug fixes to the 8.0, 7.4 and 7.3
versions and can be upgraded on a more planned schedule, unless of course
you are encountering one of the bugs described.
The security issue in 8.1.x allows an authenticated database user to
escalate his ROLE privileges by exploiting knowledge of the backend
protocol. While there are no known exploits in the wild for this, users
are urged not to wait until they encounter one.
8.1.3 also contains a number of other bug fixes, most of them for very
specific (rare) database configurations and schema issues, but including a
number of crash fixes. Notable also is a fix to the TSearch2 GiST index
generation code which will significantly speed up creation of TSearch2
indexes. See the release notes for more detail:
As usual, you may download the new releases from our FTP Mirrors or
|Next Message||Nels Lindquist||2006-02-16 16:58:36||Re: Minor Releases 7.3 thru 8.1 Available to Fix Security|
|Previous Message||David Fetter||2006-02-13 05:50:09||== PostgreSQL Weekly News - February 12 2006 ==|
|Next Message||Tom Lane||2006-02-14 15:21:11||Re: Dropping a database that does not exist|
|Previous Message||Sebastjan Trepca||2006-02-14 15:13:03||Time complexity of statements|