Security releases 8.0.3, 7.4.8, 7.3.10, 7.2.8
Posted on 2005-05-12
Posted by press@postgresql.org
In order to address several security issues identified over the
past two weeks, as well as one "low probability" race condition,
we are releasing new version of PostgreSQL as far back as the
7.2.x branch.
Please note that the security issues were those already reported
by Tom Lane, as well as a manual fix for them. These releases are
mainly to ensure that those installing and/or upgrading existing
installations have those fixes automatically.
For details on the fixes, please see the HISTORY file included in
the Release, but a summary consists of:
* Change encoding function signature to prevent misuse
* Change "contrib/tsearch2" to avoid unsafe use of INTERNAL
function results
* Repair race condition between relation extension and VACUUM
This could theoretically have caused loss of a page's worth of
freshly-inserted data, although the scenario seems of very low
probability. There are no known cases of it having caused more
than an Assert failure.
Downloads are available via:
http://www.postgresql.org/download
|