0642ae4b77
Two security issues have been fixed in this release which affect users of specific PostgreSQL features: CVE-2015-5289: json or jsonb input values constructed from arbitrary user input can crash the PostgreSQL server and cause a denial of service. CVE-2015-5288: The crypt( function included with the optional pgCrypto extension could be exploited to read a few additional bytes of memory. No working exploit for this issue has been developed. This update will also disable SSL renegotiation by default; previously, it was enabled by default. SSL renegotiation will be removed entirely in PostgreSQL versions 9.5 and later. URL: http://www.postgresql.org/about/news/1615/ Security: CVE-2015-5288 CVE-2015-5289
5 lines
340 B
Plaintext
5 lines
340 B
Plaintext
SHA256 (postgresql/postgresql-9.3.10.tar.bz2) = e5444f0f76aff98a251400b7c28bc361d65e3d72d8d6cb9bb5d8361a69541531
|
|
SIZE (postgresql/postgresql-9.3.10.tar.bz2) = 16995860
|
|
SHA256 (postgresql/pg-929-icu-2015-04-18.diff.gz) = 9aff1ba25fbe5892a3868bff516df685531c85901c360548e38bf2e5fa0e14ab
|
|
SIZE (postgresql/pg-929-icu-2015-04-18.diff.gz) = 4469
|