[OPEN-ILS-GENERAL] Heads-up: PostgreSQL security release coming on April 4, 2013

Dan Scott dan at coffeecode.net
Fri Mar 29 19:13:32 EDT 2013


As Evergreen is built with PostgreSQL at the core, the following
PostgreSQL news announcement should be of concern to Evergreen
administrators:

"""
Upcoming PostgreSQL Security Release: April 4, 2013
Posted on 2013-03-28

The PostgreSQL Global Development Group will be releasing a security
update for all supported versions on Thursday April 4th, 2013. This
release will include a fix for a high-exposure security vulnerability.
All users are strongly urged to apply the update as soon as it is
available.

We are providing this advance notice so that users may schedule an
update of their production systems on or shortly after April 4th.

As always, update releases only require installation of packages and a
database system restart. You do not need to dump/restore or use
pg_upgrade for this update release.
"""

Please be prepared to update to the security release. While a typical
Evergreen configuration does not expose PostgreSQL to public access, the
nature of this announcement is unusual for PostgreSQL and suggests that
the vulnerability may be particularly concerning.


More information about the Open-ils-general mailing list