Get Gentoo!
gentoo.org sites
gentoo.org Wiki Bugs Forums Packages
Planet Archives Sources
Infra Status

Gentoo Archives: gentoo-user-es

From: Daniel Ahlberg <aliz@g.o>
To: gentoo-security@g.o
Cc: gentoo-user@g.o, gentoo-dev@g.o, gentoo-desktop@g.o, gentooppc-user@g.o, gentooppc-dev@g.o, gentoo-sparc@g.o, gentoo-announce@g.o
Subject: [gentoo-user-es] [gentoo-announce] GLSA: PostgreSQL
Date: Mon, 26 Aug 2002 05:38:05
Message-Id: 200208261141.00978.aliz@gentoo.org
1 -----BEGIN PGP SIGNED MESSAGE-----
2 Hash: SHA1
3
4 - - --------------------------------------------------------------------
5 GENTOO LINUX SECURITY ANNOUNCEMENT
6 - - --------------------------------------------------------------------
7
8 PACKAGE :postgresql
9 SUMMARY :buffer overruns
10 DATE :2002-08-26 09:40 UTC
11
12 - - --------------------------------------------------------------------
13
14 OVERVIEW
15
16 Several buffer overruns found in PostgreSQL
17
18 DETAIL
19
20 The PostgreSQL Global Development Team has identified and
21 addressed the following buffer overruns in PostgreSQL:
22
23 * in handling long datetime input
24 * in repeat()
25 * in lpad() and rpad() with multibyte
26 * in SET TIME ZONE and TZ env var
27
28 More information can be found on the following adresses:
29
30 http://online.securityfocus.com/archive/1/288305/2002-08-16/2002-08-22/0
31 http://online.securityfocus.com/archive/1/288334/2002-08-16/2002-08-22/0
32
33 The advisory sent by The PostgreSQL Global Development Team can be read at
34
35 http://online.securityfocus.com/archive/1/288998/2002-08-23/2002-08-29/0
36
37 SOLUTION
38
39 It is recommended that all Gentoo Linux users who are running
40 dev-db/postgresql-7.2.1-r2 and earlier update their systems
41 as follows:
42
43 emerge rsync
44 emerge postgresql
45 emerge clean
46
47 postgresql-7.2.2 is currently only available for x86. Sparc and ppc will
48 be available when it's been tested on these archs.
49
50 - - --------------------------------------------------------------------
51 Daniel Ahlberg
52 aliz@g.o - GnuPG key is available at www.gentoo.org/~aliz
53 - - --------------------------------------------------------------------
54 -----BEGIN PGP SIGNATURE-----
55 Version: GnuPG v1.0.7 (GNU/Linux)
56
57 iD8DBQE9aferfT7nyhUpoZMRAvekAJ9UjtWr7K5934otXCWVujKOrK9m5QCghSE5
58 W7ksuXGlIoPx2QexaxEcUEY=
59 =nrn6
60 -----END PGP SIGNATURE-----
61
62 _______________________________________________
63 gentoo-announce mailing list
64 gentoo-announce@g.o
65 http://lists.gentoo.org/mailman/listinfo/gentoo-announce
Report Message
Find on MARC Find on Google Groups