postgresql-8.4 8.4.9-1~hardy1 source package in Ubuntu

Changelog

postgresql-8.4 (8.4.9-1~hardy1) hardy-backports; urgency=low

  * Automated backport upload; no source changes.

postgresql-8.4 (8.4.9-1) unstable; urgency=low

  * New upstream bug fix release:
     - Fix bugs in indexing of in-doubt HOT-updated tuples.
       These bugs could result in index corruption after reindexing a
       system catalog. They are not believed to affect user indexes.
     - Fix multiple bugs in GiST index page split processing.
       The probability of occurrence was low, but these could lead to
       index corruption.
     - Fix possible buffer overrun in tsvector_concat().
       The function could underestimate the amount of memory needed for
       its result, leading to server crashes.
     - Fix crash in xml_recv when processing a "standalone" parameter.
     - Make pg_options_to_table return NULL for an option with no value.
       Previously such cases would result in a server crash.
     - Avoid possibly accessing off the end of memory in "ANALYZE" and in
       SJIS-2004 encoding conversion.
       This fixes some very-low-probability server crash scenarios.
     - Prevent intermittent hang in interactions of startup process with
       bgwriter process.
       This affected recovery in non-hot-standby cases.
     - Fix race condition in relcache init file invalidation.
       There was a window wherein a new backend process could read a stale
       init file but miss the inval messages that would tell it the data
       is stale. The result would be bizarre failures in catalog accesses,
       typically "could not read block 0 in file ..." later during
       startup.
     - Fix memory leak at end of a GiST index scan.
       Commands that perform many separate GiST index scans, such as
       verification of a new GiST-based exclusion constraint on a table
       already containing many rows, could transiently require large
       amounts of memory due to this leak.
     - Fix incorrect memory accounting (leading to possible memory bloat)
       in tuplestores supporting holdable cursors and plpgsql's RETURN
       NEXT command.
     - Fix performance problem when constructing a large, lossy bitmap.
     - Fix join selectivity estimation for unique columns.
       This fixes an erroneous planner heuristic that could lead to poor
       estimates of the result size of a join.
     - Fix nested PlaceHolderVar expressions that appear only in
       sub-select target lists. This mistake could result in outputs of an
       outer join incorrectly appearing as NULL.
     - Allow nested EXISTS queries to be optimized properly.
     - Fix array- and path-creating functions to ensure padding bytes are
       zeroes.  This avoids some situations where the planner will think that
       semantically-equal constants are not equal, resulting in poor
       optimization.
     - Fix "EXPLAIN" to handle gating Result nodes within inner-indexscan
       subplans.  The usual symptom of this oversight was "bogus varno" errors.
     - Work around gcc 4.6.0 bug that breaks WAL replay.  This could lead to
       loss of committed transactions after a server crash.
     - Fix dump bug for VALUES in a view.
     - Disallow SELECT FOR UPDATE/SHARE on sequences.
       This operation doesn't work as expected and can lead to failures.
     - Fix "VACUUM" so that it always updates pg_class.reltuples/relpages.
       This fixes some scenarios where autovacuum could make increasingly
       poor decisions about when to vacuum tables.
     - Defend against integer overflow when computing size of a hash table.
     - Fix cases where "CLUSTER" might attempt to access already-removed
       TOAST data.
     - Fix portability bugs in use of credentials control messages for
       "peer" authentication.
     - Fix SSPI login when multiple roundtrips are required.
       The typical symptom of this problem was "The function requested is
       not supported" errors during SSPI login.
     - Throw an error if "pg_hba.conf" contains hostssl but SSL is
       disabled.  This was concluded to be more user-friendly than the
       previous behavior of silently ignoring such lines.
     - Fix typo in pg_srand48 seed initialization.
       This led to failure to use all bits of the provided seed. This
       function is not used on most platforms (only those without
       srandom), and the potential security exposure from a
       less-random-than-expected seed seems minimal in any case.
     - Avoid integer overflow when the sum of LIMIT and OFFSET values
       exceeds 2^63.
     - Add overflow checks to int4 and int8 versions of generate_series().
     - Fix trailing-zero removal in to_char().  In a format with FM and no
       digit positions after the decimal point, zeroes to the left of the
       decimal point could be removed incorrectly.
     - Fix pg_size_pretty() to avoid overflow for inputs close to 2^63.
     - Weaken plpgsql's check for typmod matching in record values.
       An overly enthusiastic check could lead to discarding length
       modifiers that should have been kept.
     - Fix pg_upgrade to preserve toast tables' relfrozenxids during an
       upgrade from 8.3. Failure to do this could lead to "pg_clog" files
       being removed too soon after the upgrade.
     - Fix psql's counting of script file line numbers during COPY from a
       different file.
     - Fix pg_restore's direct-to-database mode for
       standard_conforming_strings.  pg_restore could emit incorrect commands
       when restoring directly to a database server from an archive file that
       had been made with standard_conforming_strings set to on.
     - Be more user-friendly about unsupported cases for parallel
       pg_restore.  This change ensures that such cases are detected and
       reported before any restore actions have been taken.
     - Fix write-past-buffer-end and memory leak in libpq's LDAP service
       lookup code.
     - In libpq, avoid failures when using nonblocking I/O and an SSL
       connection.
     - Improve libpq's handling of failures during connection startup.
       In particular, the response to a server report of fork() failure
       during SSL connection startup is now saner.
     - Improve libpq's error reporting for SSL failures.
     - Fix PQsetvalue() to avoid possible crash when adding a new tuple to
       a PGresult originally obtained from a server query.
     - Make ecpglib write double values with 15 digits precision.
     - In ecpglib, be sure LC_NUMERIC setting is restored after an error.
     - Apply upstream fix for blowfish signed-character bug
       (CVE-2011-2483) (Closes: #631285)
       "contrib/pg_crypto"'s blowfish encryption code could give wrong
       results on platforms where char is signed (which is most), leading
       to encrypted passwords being weaker than they should be.
     - Fix memory leak in "contrib/seg".
     - Fix pgstatindex() to give consistent results for empty indexes.
     - Allow building with perl 5.14. (Closes: #628503)
  * Drop 16-cmsgcred-size.patch, fixed upstream in a different way.

postgresql-8.4 (8.4.8-2) unstable; urgency=low

  * debian/postgresql-8.4.postrm: Clean up pg_ctl.conf on purge.
  * debian/control, debian/rules: Drop usage of pycentral. We don't ship any
    Python extension/module, so we don't need a python helper at all.
    (Closes: #616948)
  * Add 16-cmsgcred-size.patch: Fix size of struct cmsgcred to fix ident
    authentication on kFreeBSD 64 bit. Thanks to Petr Salinger for the patch!
    (Closes: #612888)

postgresql-8.4 (8.4.8-1) unstable; urgency=medium

  Priority medium due to data-loss pg_upgrade bug.

  [ Martin Pitt ]
  * New upstream bug fix release:
    - If your installation was upgraded from a previous major release by
      running pg_upgrade, you should take action to prevent possible data loss
      due to a now-fixed bug in pg_upgrade. The recommended solution is to run
      "VACUUM FREEZE" on all TOAST tables.  More information is available at
      http://wiki.postgresql.org/wiki/20110408pg_upgrade_fix.
    - Fix pg_upgrade's handling of TOAST tables.
      This error poses a significant risk of data loss for installations
      that have been upgraded with pg_upgrade. This patch corrects the
      problem for future uses of pg_upgrade, but does not in itself cure
      the issue in installations that have been processed with a buggy
      version of pg_upgrade.
    - Suppress incorrect "PD_ALL_VISIBLE flag was incorrectly set"
      warning.
    - Disallow including a composite type in itself.
    - Avoid potential deadlock during catalog cache initialization.
    - Fix dangling-pointer problem in BEFORE ROW UPDATE trigger handling
      when there was a concurrent update to the target tuple.
    - Disallow "DROP TABLE" when there are pending deferred trigger
      events for the table.
      Formerly the "DROP" would go through, leading to "could not open
      relation with OID nnn" errors when the triggers were eventually
      fired.
    - Prevent crash triggered by constant-false WHERE conditions during
      GEQO optimization.
    - Improve planner's handling of semi-join and anti-join cases.
    - Fix selectivity estimation for text search to account for NULLs.
    - Improve PL/pgSQL's ability to handle row types with dropped columns.
    - Fix PL/Python memory leak involving array slices.
    - Fix pg_restore to cope with long lines (over 1KB) in TOC files.
    - Put in more safeguards against crashing due to division-by-zero
      with overly enthusiastic compiler optimization. (Closes: #616180)
  * debian/control: Stop building the versionless metapackages and client-side
    libraries, they are built by postgresql-9.0 now. Add libpq-dev build
    dependency.
  * debian/rules: Drop check for uninstalled files, since it'd now break the
    build due to the uninstalled libraries.

  [ Matthias Klose ]
  * Add 15-bool-altivec.patch: Fix definition of bool on __APPLE_ALTIVEC__
    architecture (ppc64).

postgresql-8.4 (8.4.7-1) unstable; urgency=low

  * New upstream security/bug fix release:
    - Fix buffer overrun in "contrib/intarray"'s input function for the
      query_int type.
      This bug is a security risk since the function's return address
      could be overwritten. Thanks to Apple Inc's security team for
      reporting this issue and supplying the fix. (CVE-2010-4015)
    - Avoid failures when "EXPLAIN" tries to display a simple-form CASE
      expression.
      If the CASE's test expression was a constant, the planner could
      simplify the CASE into a form that confused the expression-display
      code, resulting in "unexpected CASE WHEN clause" errors.
    - Fix assignment to an array slice that is before the existing range
      of subscripts.
      If there was a gap between the newly added subscripts and the first
      pre-existing subscript, the code miscalculated how many entries
      needed to be copied from the old array's null bitmap, potentially
      leading to data corruption or crash.
    - Avoid unexpected conversion overflow in planner for very distant
      date values.
      The date type supports a wider range of dates than can be
      represented by the timestamp types, but the planner assumed it
      could always convert a date to timestamp with impunity.
    - Fix pg_restore's text output for large objects (BLOBs) when
      standard_conforming_strings is on.
      Although restoring directly to a database worked correctly, string
      escaping was incorrect if pg_restore was asked for SQL text output
      and standard_conforming_strings had been enabled in the source
      database.
    - Fix erroneous parsing of tsquery values containing ... &
      !(subexpression) | ... .
      Queries containing this combination of operators were not executed
      correctly. The same error existed in "contrib/intarray"'s query_int
      type and "contrib/ltree"'s ltxtquery type.
    - Fix bug in "contrib/seg"'s GiST picksplit algorithm.
      This could result in considerable inefficiency, though not actually
      incorrect answers, in a GiST index on a seg column. If you have
      such an index, consider "REINDEX"ing it after installing this
      update. (This is identical to the bug that was fixed in
      "contrib/cube" in the previous update.)
 -- Ubuntu Archive Auto-Backport <email address hidden>   Thu, 27 Oct 2011 06:13:09 +0000