-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 Format: 1.7 Date: Thu, 13 May 2004 11:00:07 +0200 Source: postgresql Binary: libpgtcl postgresql pgaccess odbc-postgresql libpgperl postgresql-client libecpg3 postgresql-contrib postgresql-dev postgresql-doc python-pygresql libpgsql2 Architecture: ia64 Version: 7.2.1-2woody5 Distribution: stable-security Urgency: low Maintainer: Debian/IA64 Build Daemon Changed-By: Martin Pitt Description: libecpg3 - Shared library libecpg.so.3 for PostgreSQL libpgperl - Perl modules for PostgreSQL. libpgsql2 - Shared library libpq.so.2 for PostgreSQL libpgtcl - Tcl/Tk library and front-end for PostgreSQL. odbc-postgresql - ODBC support for PostgreSQL pgaccess - Tk/Tcl front-end for PostgreSQL database postgresql - Object-relational SQL database, descended from POSTGRES. postgresql-client - Front-end programs for PostgreSQL postgresql-contrib - Additional facilities for PostgreSQL postgresql-dev - Header files for libpq (postgresql library) python-pygresql - PostgreSQL module for Python Changes: postgresql (7.2.1-2woody5) stable-security; urgency=low . * Fixed buffer overflow in ODBC driver (src/interfaces/odbc/): added parameter for target buffer size to make_string() to prevent buffer overflows and corrected all calls to it. This fixes #247306 for woody (bug was already closed with the upload to sid). . With previous versions it was possible to crash (and possibly exploit) e. g. apache if a PHP script connected to a ODBC database with very long credential strings (DSN, username, password, etc.). . Other parts of postgresql are not affected. Files: 8dc3c51bf3106bd2bc97b6c094161740 2092092 misc optional postgresql_7.2.1-2woody5_ia64.deb c724d865d91d8eea9de654b031a0c8de 363118 misc optional postgresql-client_7.2.1-2woody5_ia64.deb a0fbdf37d7b1012838a48de6afb22b48 554748 devel optional postgresql-dev_7.2.1-2woody5_ia64.deb c990bcfba32cba098cc789543d17861a 90292 libs optional libpgsql2_7.2.1-2woody5_ia64.deb 2e2b49ceab6f75c4eafe1803ea1f2d41 39104 libs optional libecpg3_7.2.1-2woody5_ia64.deb b6c0b4e857fd76d167b5d17f6b83166e 76758 libs optional libpgtcl_7.2.1-2woody5_ia64.deb 3077ee626e5557c99a25664ad9138be5 76822 libs optional libpgperl_7.2.1-2woody5_ia64.deb ae897f7d9d7ba643e33ce626dc791a01 424908 misc optional pgaccess_7.2.1-2woody5_ia64.deb a4bea3a76278ae871a454fa25689d81f 434310 misc optional postgresql-contrib_7.2.1-2woody5_ia64.deb 21f8914238251c13af225121cecd97d2 70668 misc optional python-pygresql_7.2.1-2woody5_ia64.deb add9f1038e2d5bb8981651a0058f453d 332852 libs optional odbc-postgresql_7.2.1-2woody5_ia64.deb -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.2.4 (GNU/Linux) iD8DBQFAo55zW5ql+IAeqTIRAsAMAJ9niJxPVk43poGDzxLxTwR3IJsuLACgi4qx 6QL1qOsfAw+ZSmPKFoV1GkE= =VADJ -----END PGP SIGNATURE-----