[GTALUG] Debian postgresql security advisory
Giles Orr
gilesorr at gmail.com
Thu Aug 11 17:27:00 EDT 2016
Debian issued a security advisory for postgresql today:
https://www.debian.org/security/2016/dsa-3646 . So I want to upgrade
my pgsql install on stable. The advisory says "these problems have
been fixed in version 9.4.9-0+deb8u1." I upgraded, and found myself
with version 9.4+165+deb8u1. And this has me very confused,
particularly since the online database (
https://packages.debian.org/search?searchon=sourcenames&keywords=postgresql-9.4
) shows the jessie version recommended by the advisory. If I run
"lsb_release -c" I get "Codename: jessie" in response. The
sources.list is basic but complete(?):
deb http://http.debian.net/debian jessie main
deb http://security.debian.org/ jessie/updates main
deb http://http.debian.net/debian jessie-updates main
(I've left out the deb-src statements.)
First, why the discrepancy? Second, where do I go to find out what
went into the current package? ie. is there a place to look that will
say "9.4+165+deb8u1 was compiled for X reason?"
I installed a new virtual machine from a fresh download of
debian-8.5.0-amd64-netinst.iso. A final "apt-get update ; apt-get
dist-upgrade" finds me at the same 9.4+165+deb8u1.
--
Giles
http://www.gilesorr.com/
gilesorr at gmail.com
More information about the talk
mailing list