Viewing all changes in revision 22.
- Committer: Package Import Robot
- Date: 2015-02-06 13:18:20 UTC
- mfrom: (12.1.10 lucid-proposed)
- Revision ID: package-import@ubuntu.com-20150206131820-gztx16uwjvfu3je8
* Add 15-to_char_buffer_overflow.patch and 16-to_char_buffer_overflow_time.patch:
  Fix buffer overruns in to_char() [CVE-2015-0241]
* Add 17-pgcrypto_pullf_read_max_overflow.patch and 18-pgcrypto_imath_fixes.patch:
  Fix buffer overruns in contrib/pgcrypto [CVE-2015-0243]
* Add 19-ensure_frontend_backend_sync.patch:
  Fix possible loss of frontend/backend protocol synchronization after an
  error [CVE-2015-0244]
* Add 20-column_privilege_leak.patch:
  Fix information leak via constraint-violation error messages
  [CVE-2014-8161]
* Note: CVE-2015-0242 does not affect Ubuntu packages as we use glibc's
  snprintf().
  Fix buffer overruns in to_char() [CVE-2015-0241]
* Add 17-pgcrypto_pullf_read_max_overflow.patch and 18-pgcrypto_imath_fixes.patch:
  Fix buffer overruns in contrib/pgcrypto [CVE-2015-0243]
* Add 19-ensure_frontend_backend_sync.patch:
  Fix possible loss of frontend/backend protocol synchronization after an
  error [CVE-2015-0244]
* Add 20-column_privilege_leak.patch:
  Fix information leak via constraint-violation error messages
  [CVE-2014-8161]
* Note: CVE-2015-0242 does not affect Ubuntu packages as we use glibc's
  snprintf().
- files added:
- debian/patches/15-to_char_buffer_overflow.patch
- files removed:
- debian/patches/11-pg_regress-socketpath.patch
- files modified:
- INSTALL
expand all
collapse all
added
removed
