+++ This bug was initially created as a clone of Bug #12841 +++ Upstream has issued an advisory on February 20: http://article.gmane.org/gmane.comp.db.postgresql.announce/2371 Debian has issued advisories for this on February 20: http://www.debian.org/security/2014/dsa-2864 http://www.debian.org/security/2014/dsa-2865 Mandriva has also issued an advisory for this: http://www.mandriva.com/en/support/security/advisories/mbs1/MDVSA-2014:047/ We've fixed this for Mageia 4, but still need to fix it for Mageia 3.
Blocks: 13241, 12782 => (none)Assignee: bugsquad => doktor5000
Pushed the same versions as for Mageia 4, except for 8.4, where I've pushed the latest version. postgresql9.3 doesn't exist for mga3. Here's a short list: postgresql8.4-8.4.21-1.mga3 postgresql9.0-9.0.17-1.mga3 postgresql9.1-9.1.13-1.mga3 postgresql9.2-9.2.8-1.mga3 Advisory: https://bugs.mageia.org/show_bug.cgi?id=12841#c14 x86_64 postgresql8.4-pltcl-8.4.21-1.mga3.x86_64.rpm postgresql8.4-pl-8.4.21-1.mga3.x86_64.rpm postgresql8.4-plperl-8.4.21-1.mga3.x86_64.rpm postgresql8.4-contrib-8.4.21-1.mga3.x86_64.rpm postgresql8.4-server-8.4.21-1.mga3.x86_64.rpm postgresql8.4-plpython-8.4.21-1.mga3.x86_64.rpm lib64ecpg8.4_6-8.4.21-1.mga3.x86_64.rpm postgresql8.4-debuginfo-8.4.21-1.mga3.x86_64.rpm postgresql8.4-devel-8.4.21-1.mga3.x86_64.rpm postgresql8.4-8.4.21-1.mga3.x86_64.rpm postgresql8.4-plpgsql-8.4.21-1.mga3.x86_64.rpm lib64pq8.4_5-8.4.21-1.mga3.x86_64.rpm postgresql8.4-docs-8.4.21-1.mga3.noarch.rpm postgresql9.0-contrib-9.0.17-1.mga3.x86_64.rpm postgresql9.0-plpython-9.0.17-1.mga3.x86_64.rpm postgresql9.0-pltcl-9.0.17-1.mga3.x86_64.rpm lib64pq9.0_5-9.0.17-1.mga3.x86_64.rpm postgresql9.0-plperl-9.0.17-1.mga3.x86_64.rpm lib64ecpg9.0_6-9.0.17-1.mga3.x86_64.rpm postgresql9.0-pl-9.0.17-1.mga3.x86_64.rpm postgresql9.0-server-9.0.17-1.mga3.x86_64.rpm postgresql9.0-9.0.17-1.mga3.x86_64.rpm postgresql9.0-devel-9.0.17-1.mga3.x86_64.rpm postgresql9.0-plpgsql-9.0.17-1.mga3.x86_64.rpm postgresql9.0-debuginfo-9.0.17-1.mga3.x86_64.rpm postgresql9.0-docs-9.0.17-1.mga3.noarch.rpm postgresql9.1-pl-9.1.13-1.mga3.x86_64.rpm lib64pq9.1_5-9.1.13-1.mga3.x86_64.rpm postgresql9.1-plpython-9.1.13-1.mga3.x86_64.rpm postgresql9.1-debuginfo-9.1.13-1.mga3.x86_64.rpm postgresql9.1-9.1.13-1.mga3.x86_64.rpm postgresql9.1-plpgsql-9.1.13-1.mga3.x86_64.rpm postgresql9.1-contrib-9.1.13-1.mga3.x86_64.rpm postgresql9.1-devel-9.1.13-1.mga3.x86_64.rpm postgresql9.1-pltcl-9.1.13-1.mga3.x86_64.rpm postgresql9.1-server-9.1.13-1.mga3.x86_64.rpm postgresql9.1-plperl-9.1.13-1.mga3.x86_64.rpm lib64ecpg9.1_6-9.1.13-1.mga3.x86_64.rpm postgresql9.1-docs-9.1.13-1.mga3.noarch.rpm lib64pq9.2_5-9.2.8-1.mga3.x86_64.rpm postgresql9.2-pl-9.2.8-1.mga3.x86_64.rpm postgresql9.2-contrib-9.2.8-1.mga3.x86_64.rpm postgresql9.2-9.2.8-1.mga3.x86_64.rpm postgresql9.2-plperl-9.2.8-1.mga3.x86_64.rpm postgresql9.2-pltcl-9.2.8-1.mga3.x86_64.rpm postgresql9.2-debuginfo-9.2.8-1.mga3.x86_64.rpm postgresql9.2-plpython-9.2.8-1.mga3.x86_64.rpm postgresql9.2-plpgsql-9.2.8-1.mga3.x86_64.rpm postgresql9.2-devel-9.2.8-1.mga3.x86_64.rpm lib64ecpg9.2_6-9.2.8-1.mga3.x86_64.rpm postgresql9.2-server-9.2.8-1.mga3.x86_64.rpm postgresql9.2-docs-9.2.8-1.mga3.noarch.rpm i586 postgresql8.4-pltcl-8.4.21-1.mga3.i586.rpm postgresql8.4-pl-8.4.21-1.mga3.i586.rpm postgresql8.4-plperl-8.4.21-1.mga3.i586.rpm postgresql8.4-contrib-8.4.21-1.mga3.i586.rpm postgresql8.4-server-8.4.21-1.mga3.i586.rpm postgresql8.4-plpython-8.4.21-1.mga3.i586.rpm lib64ecpg8.4_6-8.4.21-1.mga3.i586.rpm postgresql8.4-debuginfo-8.4.21-1.mga3.i586.rpm postgresql8.4-devel-8.4.21-1.mga3.i586.rpm postgresql8.4-8.4.21-1.mga3.i586.rpm postgresql8.4-plpgsql-8.4.21-1.mga3.i586.rpm lib64pq8.4_5-8.4.21-1.mga3.i586.rpm postgresql8.4-docs-8.4.21-1.mga3.noarch.rpm postgresql9.0-contrib-9.0.17-1.mga3.i586.rpm postgresql9.0-plpython-9.0.17-1.mga3.i586.rpm postgresql9.0-pltcl-9.0.17-1.mga3.i586.rpm lib64pq9.0_5-9.0.17-1.mga3.i586.rpm postgresql9.0-plperl-9.0.17-1.mga3.i586.rpm lib64ecpg9.0_6-9.0.17-1.mga3.i586.rpm postgresql9.0-pl-9.0.17-1.mga3.i586.rpm postgresql9.0-server-9.0.17-1.mga3.i586.rpm postgresql9.0-9.0.17-1.mga3.i586.rpm postgresql9.0-devel-9.0.17-1.mga3.i586.rpm postgresql9.0-plpgsql-9.0.17-1.mga3.i586.rpm postgresql9.0-debuginfo-9.0.17-1.mga3.i586.rpm postgresql9.0-docs-9.0.17-1.mga3.noarch.rpm postgresql9.1-pl-9.1.13-1.mga3.i586.rpm lib64pq9.1_5-9.1.13-1.mga3.i586.rpm postgresql9.1-plpython-9.1.13-1.mga3.i586.rpm postgresql9.1-debuginfo-9.1.13-1.mga3.i586.rpm postgresql9.1-9.1.13-1.mga3.i586.rpm postgresql9.1-plpgsql-9.1.13-1.mga3.i586.rpm postgresql9.1-contrib-9.1.13-1.mga3.i586.rpm postgresql9.1-devel-9.1.13-1.mga3.i586.rpm postgresql9.1-pltcl-9.1.13-1.mga3.i586.rpm postgresql9.1-server-9.1.13-1.mga3.i586.rpm postgresql9.1-plperl-9.1.13-1.mga3.i586.rpm lib64ecpg9.1_6-9.1.13-1.mga3.i586.rpm postgresql9.1-docs-9.1.13-1.mga3.noarch.rpm lib64pq9.2_5-9.2.8-1.mga3.i586.rpm postgresql9.2-pl-9.2.8-1.mga3.i586.rpm postgresql9.2-contrib-9.2.8-1.mga3.i586.rpm postgresql9.2-9.2.8-1.mga3.i586.rpm postgresql9.2-plperl-9.2.8-1.mga3.i586.rpm postgresql9.2-pltcl-9.2.8-1.mga3.i586.rpm postgresql9.2-debuginfo-9.2.8-1.mga3.i586.rpm postgresql9.2-plpython-9.2.8-1.mga3.i586.rpm postgresql9.2-plpgsql-9.2.8-1.mga3.i586.rpm postgresql9.2-devel-9.2.8-1.mga3.i586.rpm lib64ecpg9.2_6-9.2.8-1.mga3.i586.rpm postgresql9.2-server-9.2.8-1.mga3.i586.rpm postgresql9.2-docs-9.2.8-1.mga3.noarch.rpm SRPMS postgresql8.4-8.4.21-1.mga3.src.rpm postgresql9.0-9.0.17-1.mga3.src.rpm postgresql9.1-9.1.13-1.mga3.src.rpm postgresql9.2-9.2.8-1.mga3.src.rpm
Status: NEW => ASSIGNEDAssignee: doktor5000 => qa-bugsSummary: postgresql new security issues fixed upstream in 9.3.3, 9.2.7, 9.1.12, 9.0.16, and 8.4.20 => postgresql new security issues fixed upstream in 9.2.7, 9.1.12, 9.0.16, and 8.4.20
Easy one to test. Procedure: https://bugs.mageia.org/show_bug.cgi?id=12841#c8 The world.sql file referenced can be found here, it needs extracting before use. http://pgfoundry.org/frs/download.php/527/world-1.0.tar.gz
Whiteboard: (none) => has_procedure
Testing these now.
Testing complete mga3 32
Whiteboard: has_procedure => has_procedure mga3-32-ok
Testing complete mga3 64
Whiteboard: has_procedure mga3-32-ok => has_procedure mga3-32-ok mga3-64-ok
Validating. Advisory uploaded. Could you check it please David. Could sysadmin please push to 3 updates Thanks
Keywords: (none) => validated_updateWhiteboard: has_procedure mga3-32-ok mga3-64-ok => has_procedure advisory mga3-32-ok mga3-64-okCC: (none) => sysadmin-bugs
(In reply to claire robinson from comment #6) > Validating. Advisory uploaded. Could you check it please David. Looks good :D Thanks.
Update pushed: http://advisories.mageia.org/MGASA-2014-0222.html
Status: ASSIGNED => RESOLVEDCC: (none) => tmbResolution: (none) => FIXED