Ubuntu 1542-1: PostgreSQL vulnerabilities
Summary
Update Instructions
The problem can be corrected by updating your system to the following package versions: Ubuntu 12.04 LTS: postgresql-9.1 9.1.5-0ubuntu12.04 Ubuntu 11.10: postgresql-9.1 9.1.5-0ubuntu11.10 Ubuntu 11.04: postgresql-8.4 8.4.13-0ubuntu11.04 Ubuntu 10.04 LTS: postgresql-8.4 8.4.13-0ubuntu10.04 Ubuntu 8.04 LTS: postgresql-8.3 8.3.20-0ubuntu8.04 This update uses a new upstream release, which includes additional bug fixes. Due to upstream security policies, this update removes the ability of xslt_process() to fetch documents or stylesheets from external URLs. Please see https://www.postgresql.org/about/news/security-update-2012-08-17-released-1407/ for more information. In general, a standard system update will make all the necessary changes.
References
https://ubuntu.com/security/notices/USN-1542-1
CVE-2012-3488, CVE-2012-3489
Package Information
https://launchpad.net/ubuntu/+source/postgresql-9.1/9.1.5-0ubuntu12.04 https://launchpad.net/ubuntu/+source/postgresql-9.1/9.1.5-0ubuntu11.10 https://launchpad.net/ubuntu/+source/postgresql-8.4/8.4.13-0ubuntu11.04 https://launchpad.net/ubuntu/+source/postgresql-8.4/8.4.13-0ubuntu10.04 https://launchpad.net/ubuntu/+source/postgresql-8.3/8.3.20-0ubuntu8.04