PostgreSQL Security Release(s) for 7.2, 7.3 and 7.4

In order to address a recent security report from iDefence, we have
released 3 new "point" releases: 7.2.6, 7.3.8 and 7.4.6

Although rated only a Medium risk, according to their web site: "A
vulnerability exists due to the insecure creation of temporary files,
which could possibly let a malicious user overwrite arbitrary files."

Also in these releases is a potential 'data loss' bug that was recently
identified:

      * Repair possible failure to update hint bits on disk

        Under rare circumstances this oversight could lead to "could not
        access transaction status" failures, which qualifies it as a
        potential-data-loss bug.

Although not yet available via Bittorrent, these releases are available
through ftp at all of the mirrors, and Devrim is currently working on RPMs
for the various releases, which should be available soon.

For a listing of all currently available FTP mirrors, please see:

     http://www.postgresql.org/mirrors-ftp.html


----
Marc G. Fournier           Hub.Org Networking Services (http://www.hub.org)
Email: scrappy@hub.org           Yahoo!: yscrappy              ICQ: 7615664