[SECURITY] New set of PostgreSQL RPMS are available for download

From: Devrim GUNDUZ <devrim(at)gunduz(dot)org>
To: pgsql-announce(at)PostgreSQL(dot)org, pgsql-general(at)PostgreSQL(dot)org
Subject: [SECURITY] New set of PostgreSQL RPMS are available for download
Date: 2004-10-26 17:18:20
Message-ID: Pine.LNX.4.61.0410261036120.7499@emo.org.tr
Views: Raw Message | Whole Thread | Download mbox | Resend email
Lists: pgsql-announce pgsql-general

Hash: SHA1

- ---------------------------------------------------------------------
PostgreSQL RPM Set Update

Version(s): 7.3.8, 7.4.6

New set labels: 7.3.8-2PGDG, 7.4.6-2PGDG
- ---------------------------------------------------------------------

- ---------------------------------------------------------------------
Update Info:

Due to a security bug in RPM sets, new RPM sets for 7.4.6 and 7.3.8 have
been released. They are available in FTP site and synched mirrors. Due to
the seriousness of the bug, it is strongly recommended that administrators
upgrade their database servers at their earliest convenience.

Also, some minor changes have been applied to the spec files.

It should be noted that, for those looking to upgrade from a 7.4.0/7.4.1
server to 7.4.6, that there a dump-n-reload is *recommended* (but not
required) to address a fix introduced between 7.4.1 and 7.4.2. Please
refer to the 7.4.6 HISTORY file for information on how this can be
accomplished without a dump-n-reload, as there are steps that can be
followed for this.

7.4.6-2 set also includes RPMs for RHAS 2.1, thanks to Gaetano Mendola for
the effort.

These sets include RPMs and SRPMs for Fedora Core 1, Fedore Core 2, Red
Hat Enterprise Linux 3.0, Red Hat Linux 9 and Red Hat Advanced Server 2.1.
md5sums are also provided with the packages.
- ---------------------------------------------------------------------

- ---------------------------------------------------------------------
Changes since 7.4.6-1PGDG and 7.3.8-1PGDG RPMs:

* Updated init script to preventa nefarious postgres user from obtaining
root privileges.(per Red Hat Bugzilla #136947, #136949)
* Updated kerbdir
* Updated PyGreSQL from 3.4 to 3.5 (only for 7.4.6-2PGDG)
* Updated spec file to correct permissions for PyGreSQL permissions (per
Red Hat RPMS) (for only 7.4.6-2PGDG)
* Updated doc files for PyGreSQL (only for 7.4.6-2PGDG)
* Modified if-endif lines for tcl&tcldevel prereq lines (per Red Hat RPMS)
* Applied getppid.patch as patch #4 (per Red Hat RPMS)
- - Updated preun and postun server scripts, per Red Hat RPMS
- ----------------------------------------------------------------------

Please download these from one of our FTP mirror sites:


or from Bittorrent (Thanks to David Fetter) :


As always, please report any bugs to pgsql-bugs(at)postgresql(dot)org

- --
devrim~gunduz.org devrim.gunduz~linux.org.tr
Version: GnuPG v1.2.1 (GNU/Linux)



Browse pgsql-announce by date

  From Date Subject
Next Message Devrim GUNDUZ 2004-10-26 22:15:07 Re: (S)RPMs for PostgreSQL 7.2.6, 7.3.8 and 7.4.6 are
Previous Message Marc G. Fournier 2004-10-26 00:13:45 PostgreSQL 8.0.0 Beta 4 Now Available

Browse pgsql-general by date

  From Date Subject
Next Message Brian Maguire 2004-10-26 17:27:53 Re: what could cause inserts getting queued up and db locking??
Previous Message Naeem Bari 2004-10-26 16:57:00 Newbie question about escaping in a function