[Pkg-postgresql-public] Bug#778850: Missing 20-column_privilege_leak.patch file in postgresql-8.4 8.4.22-0ubuntu0.10.04.1 source package
Charlie Brady
charlieb at budge.apana.org.au
Fri Feb 20 15:54:40 UTC 2015
Package: postgresql
Version: 8.4.22-0ubuntu0.10.04.1
Changelog for this package contains:
...
* Add 20-column_privilege_leak.patch:
Fix information leak via constraint-violation error messages
[CVE-2014-8161]
...
But there is no such patch file.
See:
http://launchpadlibrarian.net/197335367/postgresql-8.4_8.4.22-0ubuntu0.10.04_8.4.22-0ubuntu0.10.04.1.diff.gz
I think that means that CVE-2014-8161 is not fixed in this version.
More information about the Pkg-postgresql-public
mailing list