Univention Bugzilla – Bug 45211
postgresql-9.4: Multiple issues (4.2)
Last modified: 2017-08-30 16:29:44 CEST
Upstream Debian package version 9.4.13-0+deb8u1 fixes these issues: * In some authentication methods empty passwords were accepted (CVE-2017-7546) * User mappings could leak data to unprivileged users (CVE-2017-7547) * The lo_put() function ignored ACLs (CVE-2017-7548)
OK: Imported from Debian OK: univention-install univention-postgresql FIXED: postgresql-9.4.yaml → r82354 OK: /usr/share/doc/postgresql-9.4/changelog.Debian.gz
OK: apt-get install univention-postgresql OK: apt-get upgrade OK: Upgrade 9.1 -> 9.4, reboot OK: errata-announce -V --only postgresql-9.?.yaml OK: postgresql-9.?.yaml
<http://errata.software-univention.de/ucs/4.2/146.html>