apticron report [Mon, 19 Oct 2015 18:44:11 +0200]
========================================================================
apticron has detected that some packages need upgrading on:
        
baldrick.crans.org
        [ 138.231.142.239 2a01:240:fe3d:4:62:61ff:fe6c:6401 138.231.142.239 ]
        [ 2a01:240:fe3d:4:62:61ff:fe6c:6401 ]
The following packages are currently pending an upgrade:
        libpq5 9.4.5-0+deb8u1
        tzdata 2015g-0+deb8u1
        tzdata-java 2015g-0+deb8u1
========================================================================
Package Details:
Lecture des fichiers de modifications (« changelog »)...
--- Modifications pour postgresql-9.4 (libpq5) ---
postgresql-9.4 (9.4.5-0+deb8u1) jessie-security; urgency=medium
  * New upstream security release.
    + Guard against stack overflows in json parsing (Oskari Saarenmaa)
      If an application constructs PostgreSQL json or jsonb values from
      arbitrary user input, the application's users can reliably crash the
      PostgreSQL server, causing momentary denial of service.  (CVE-2015-5289)
    + Fix contrib/pgcrypto to detect and report too-short crypt() salts
      (Josh Kupershmidt)
      Certain invalid salt arguments crashed the server or disclosed a few
      bytes of server memory.  We have not ruled out the viability of attacks
      that arrange for presence of confidential information in the disclosed
      bytes, but they seem unlikely.  (CVE-2015-5288)
 -- Christoph Berg <christoph.berg(a)credativ.de>  Thu, 08 Oct 2015 14:24:00 +0200
--- Modifications pour tzdata (tzdata tzdata-java) ---
tzdata (2015g-0+deb8u1) stable; urgency=medium
  [ Aurelien Jarno ]
  * New upstream version, affecting the following future time stamps:
    - Fiji
    - Fort Nelson, British Columbia
    - Norfolk Island
    - Turkey (closes: #801172)
 -- Aurelien Jarno <aurel32(a)debian.org>  Wed, 07 Oct 2015 16:06:53 +0200
========================================================================
You can perform the upgrade by issuing the command:
        apt-get dist-upgrade
as root on 
baldrick.crans.org
--
apticron