[Date Prev][Date Next] [Thread Prev][Thread Next] [Date Index] [Thread Index]

[SECURITY] [DLA 390-1] dbconfig-common security update



-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA256

Package        : dbconfig-common
Version        : 1.8.46+squeeze.1
CVE ID         : NA
Debian Bug     : 805638

It was discovered that dbconfig-common could, depending on the local
umask, make PostgreSQL database backups that were readable by other
users than the database owner. The issue is fixed in version
1.8.46+squeeze.1. Access rights to existing database backups (not only
for PostgreSQL) will be limited to the owner of the backup during the
upgrade of dbconfig-common to this version. Future upgrades will not
change access rights in case the local administrator has specific
requirements.

dbconfig-common is a Debian helper package that is used by a number of
packages to manage the corresponding database.


-----BEGIN PGP SIGNATURE-----
Version: GnuPG v2

iQEcBAEBCAAGBQJWmP1xAAoJEJxcmesFvXUKXRQH/3iIThytSpZrqL5NQvQHMpsz
XLnN6IfMfuIoK75MBuMuYR/amefjHt2GRAHp5YPKlBdrGahHhZxTfLsBhGVsJGl0
7zf7UMqvgDjfHiMuBU7v/HVgaXJpS1Xnqo+f/z/nHZDo78vlDrxGt3G1c3TG1T+Y
Wk7NroJuiMGsRKRkCN0H9fljyOFdykTR3BBSQNU2e5+yrxZcIu+VlyEDigUqYiCA
YtmanZF2XSQ6EnneHu4ZLonE+28lFdaB0AXWu/NbURZOSWIp0Lk9mi8TAjqjv8hz
azx6CbSg6/azShIWdP1gXw5KzjKyOsEu/7WNagPiHHcTa6Rr+zTHiMUtvZKwGFI=
=S8EI
-----END PGP SIGNATURE-----


Reply to: