FYI, but there doesn't seem to be rpms for RHEL3/SL3 available yet :-(
Derek
> -----Original Message-----
> From: [log in to unmask]
> [mailto:[log in to unmask]]On Behalf Of Marc G.
> Fournier
> Sent: 14 February 2006 15:19
> To: [log in to unmask]
> Cc: [log in to unmask]
> Subject: [ANNOUNCE] Minor Releases 7.3 thru 8.1 Available to Fix
> Security Issue
>
>
>
> PostgreSQL minor version 8.1.3 has been released, containing
> a patch for a
> serious security issue present in the 8.1 branch. All users
> of 8.1 are
> urged to upgrade at the earliest opportunity.
>
> Minor versions 8.0.7, 7.4.12, and 7.3.14 are being released
> at the same
> time. These contain only minor bug fixes to the 8.0, 7.4 and 7.3
> versions and can be upgraded on a more planned schedule,
> unless of course
> you are encountering one of the bugs described.
>
> The security issue in 8.1.x allows an authenticated database user to
> escalate his ROLE privileges by exploiting knowledge of the backend
> protocol. While there are no known exploits in the wild for
> this, users
> are urged not to wait until they encounter one.
>
> 8.1.3 also contains a number of other bug fixes, most of them
> for very
> specific (rare) database configurations and schema issues,
> but including a
> number of crash fixes. Notable also is a fix to the
> TSearch2 GiST index
> generation code which will significantly speed up creation of
> TSearch2
> indexes. See the release notes for more detail:
>
> http://www.postgresql.org/docs/8.1/static/release.html
>
> As usual, you may download the new releases from our FTP Mirrors or
> BitTorrent:
>
> http://www.postgresql.org/download/
>
> ---------------------------(end of
> broadcast)---------------------------
> TIP 6: explain analyze is your friend
>
|