From: | www(at)www(dot)postgresql(dot)com (World Wide Web Owner) |
---|---|
To: | pgsql-www(at)postgresql(dot)org |
Subject: | New News Entry |
Date: | 2004-10-23 16:25:37 |
Message-ID: | 20041023162537.ECF585A118D@www.postgresql.com |
Views: | Raw Message | Whole Thread | Download mbox | Resend email |
Thread: | |
Lists: | pgsql-www |
A new entry has been added to the news database.
Database Admin: http://www.postgresql.org/admin/edit_news.php?234
Submitted by: press(at)PostgreSQL(dot)org
Headline: PostgreSQL Security Release(s) for 7.2, 7.3 and 7.4
Summary:
In order to address a recent security report from iDefence, we have released 3 new \"point\" releases: 7.2.6, 7.3.8 and 7.4.6. Click the news title for details.
Story:
In order to address a recent security report from iDefence, we have released 3 new \"point\" releases: 7.2.6, 7.3.8 and 7.4.6
Although rated only a Medium risk, according to their web site: \"A vulnerability exists due to the insecure creation of temporary files, which could possibly let a malicious user overwrite arbitrary files.\"
Also in these releases is a potential \'data loss\' bug that was recently identified:
* Repair possible failure to update hint bits on disk
Under rare circumstances this oversight could lead to \"could not access transaction status\" failures, which qualifies it as a potential-data-loss bug.
Although not yet available via Bittorrent, these releases are available through ftp at all of the mirrors, as well as the (S)RPMS for various OSes.
For a listing of all currently available FTP mirrors, please see:
<a href=\"http://www.postgresql.org/mirrors-ftp.html\">http://www.postgresql.org/mirrors-ftp.html
</a>
From | Date | Subject | |
---|---|---|---|
Next Message | Devrim GUNDUZ | 2004-10-23 16:29:23 | Re: New News Entry |
Previous Message | Devrim GUNDUZ | 2004-10-22 22:18:54 | Announcement for new releases |