86dd060cb0
update to all supported versions of the PostgreSQL database system, which includes minor versions 9.3.3, 9.2.7, 9.1.12, 9.0.16, and 8.4.20. This update contains fixes for multiple security issues, as well as several fixes for replication and data integrity issues. All users are urged to update their installations at the earliest opportunity, especially those using binary replication or running a high-security application. This update fixes CVE-2014-0060, in which PostgreSQL did not properly enforce the WITH ADMIN OPTION permission for ROLE management. Before this fix, any member of a ROLE was able to grant others access to the same ROLE regardless if the member was given the WITH ADMIN OPTION permission. It also fixes multiple privilege escalation issues, including: CVE-2014-0061, CVE-2014-0062, CVE-2014-0063, CVE-2014-0064, CVE-2014-0065, and CVE-2014-0066. More information on these issues can be found on our security page and the security issue detail wiki page. Security: CVE-2014-0060,CVE-2014-0061,CVE-2014-0062,CVE-2014-0063 CVE-2014-0064,CVE-2014-0065,CVE-2014-0066,CVE-2014-0067 |
||
---|---|---|
.. | ||
files | ||
distinfo | ||
Makefile | ||
pkg-descr | ||
pkg-install-server | ||
pkg-plist-client | ||
pkg-plist-contrib | ||
pkg-plist-plperl | ||
pkg-plist-plpython | ||
pkg-plist-pltcl | ||
pkg-plist-server |