postgresql-8.3 8.3.0-1~gutsy1 source package in Ubuntu

Changelog

postgresql-8.3 (8.3.0-1~gutsy1) gutsy-backports; urgency=low

  * Automated backport upload; no source changes.

postgresql-8.3 (8.3.0-1) unstable; urgency=low

  * Final 8.3.0 release. (Closes: #462070)
  * debian/watch: Update for a currently working mirror. (Closes: #462821)
  * Add debian/patches/14-pg_config-paths.patch: Disable PostgreSQL's
    automagic path mangling and fix libdir for pg_config, so that pg_config in
    /usr/bin and /usr/lib/postgresql/8.3/bin behave identically.
    (Closes: #462037)

postgresql-8.3 (8.3~rc2-1) unstable; urgency=low

  * Second release candidate of PostgreSQL 8.3. Upload to unstable now, the
    database format is not likely to change any more, and we want more
    widespread testing now.
  * debian/control: Build the versionless metapackages from this source now
    and let them point to 8.3.
  * debian/postgresql-server-dev-8.3.install: Do not ship pg_config.1, it's
    already shipped by libpq-dev. (Closes: #459746)
  * debian/rules: Stop postgresql at priority 21, not 19, so that services at
    runlevel 20 which use postgresql (such as postfix, pdns) can shutdown
    cleanly. Do the transition on upgrades, too
    (debian/postgresql-8.3.postinst). (Closes: #447063)
  * debian/rules: set SYSCONFDIR to /etc/postgresql-common, so that
    pg_service.conf is searched there. (Closes: #439026)
  * Add debian/patches/13-pg_service.conf_directory_doc.patch: Change
    documentation comment in sample pg_service.conf to point to Debian's
    sysconfdir (/etc/postgresql-common) instead of /usr/local/pgsql/etc.
  * Fix dependencies of libecpg-dev.

postgresql-8.3 (8.3~rc1-1) experimental; urgency=low

  * First release candidate of PostgreSQL 8.3. This also provides the security
    bug fixes of 8.2.6:
    - Prevent functions in indexes from executing with the privileges of
      the user running "VACUUM", "ANALYZE", etc. "SET ROLE" is now forbidden
      within a SECURITY DEFINER context. [CVE-2007-6600]
    - Suitably crafted regular-expression patterns could cause crashes,
      infinite or near-infinite looping, and/or massive memory
      consumption, all of which pose denial-of-service hazards for
      applications that accept regex search patterns from untrustworthy
      sources. [CVE-2007-4769, CVE-2007-4772, CVE-2007-6067]
    - Require non-superusers who use "/contrib/dblink" to use only
      password authentication, as a security measure.
      The fix that appeared for this in 8.2.5 was incomplete, as it
      plugged the hole for only some "dblink" functions. [CVE-2007-6601,
      CVE-2007-3278]
  * debian/patches/04-psql-passwordprompt.patch: Update for new version.
  * Bump Standards-Version to 3.7.3 (no changes necessary).
  * debian/rules:
    - Build with -O1 on sparc and alpha until the miscompilation with -O2 is
      sorted out (http://lists.debian.org/debian-alpha/2007/11/msg00025.html).
    - Have a failed test suite fail the build on all architectures again.
  * Ship pg_config in postgresql-server-dev, and ship a copy in /usr/bin in
    libpq-dev, instead of libpq-dev shipping it in
    /usr/lib/postgresql/<version>/bin. This makes it possible to use a
    libpq-dev from a different major version. (See #455509)
  * debian/control: Mention tablefunc in -contrib description.
    (Closes: #458752)
  * debian/rules: Run make bigcheck instead of check, to run the numeric_big
    test, too.
  * debian/rules: Add target 'contrib-check' for running the tests in contrib.
    Do not call it by default for now, still needs some work.
  * debian/rules: Add target 'contrib-installcheck' for running the tests in
    contrib, using the installed programs in the system.
  * debian/rules: Replace hardcoded '8.3' strings with $(MAJOR_VER) variable.

postgresql-8.3 (8.3~beta4-1) experimental; urgency=low

  * Fourth beta release of PostgreSQL 8.3.

postgresql-8.3 (8.3~beta3-2) experimental; urgency=low

  * debian/control: Drop libgssapi-dev build dependency, current krb does not
    need it any more. (Closes: #452549)

postgresql-8.3 (8.3~beta3-1) experimental; urgency=low

  * Third beta release of PostgreSQL 8.3.
  * debian/rules:
    - Ignore test suite failure on alpha for now, since it behaves weird on
      some floating point operations (regression in glibc and gcc-4.2). Bug is
      under investigation. Fixes FTBFS for now. (see #449002)
    - Remove test suite ignoring for mips and mipsel again, seems the buildds
      finally got a fixed kernel.
  * Add debian/patches/12-psql-sensible-editor.patch: Use sensible-editor
    instead of vi as editor fallback in psql if $EDITOR and friends are not
    defined. (Closes: #451553)
  * Enable OSSP UUID support, add build dependency libossp-uuid-dev.
    (Closes: #451336)
  * Install some missing .so libraries.
  * debian/rules: Check that all files in debian/tmp get installed to
    somewhere, and fail the build if not.

postgresql-8.3 (8.3~beta2-1) experimental; urgency=low

  * Second beta release of PostgreSQL 8.3.
  * Remove patches which are upstream now:
    00upstream-encoding-abibreakage.patch, 12-pgpassfile-crash.patch
  * 03-gettext-domains.patch: Adapt to new upstream version.

postgresql-8.3 (8.3~beta1-2) experimental; urgency=low

  * debian/control: Update -contrib description for new modules.
  * debian/{control,rules}: Enable GSSAPI and LDAP support and add build
    dependencies libgssapi-dev and libldap2-dev.
  * Add debian/patches/00upstream-encoding-abibreakage.patch: Fix libpq ABI
    breakage wrt. ordering of encoding names. Taken from upstream CVS head.
    This requires a catalog bump, thus upgrades from 8.3~beta1-1 will break.
  * debian/postgresql-8.3.postrm:
    - Clean up rotated logs on purge when postgresql-common is already gone.
      (Closes: #447445)
    - Clean up default data dir/log file if 'pgdata'/'log' symbolic links do
      not exist.
    - Clean up environment file.

postgresql-8.3 (8.3~beta1-1) experimental; urgency=low

  * First beta release of PostgreSQL 8.3. Branch off the 8.2 packaging.
  * Drop debian/patches/12-m32r-tas.patch: Adopted upstream.
  * Drop debian/patches/04-timezone-symlinks.patch: Upstream now offers
    configure option --with-system-tzdata. Use it in debian/rules.
  * Drop debian/patches/50-contrib-enablemodules.patch: xml2 is now built
    conditionally. Supply --with-lib{xml,xslt} configure options in
    debian/rules.
  * Updated patches for new upstream version.
  * debian/control: Bump postgresql-common dependencies to >= 79 to ensure
    support of version 8.3.
  * debian/control: Do not build the versionless metapackages like
    'postgresql' until 8.3 is released and goes to unstable. Until then, 8.2
    should remain the default.
  * Add debian/patches/04-psql-passwordprompt.patch: Change psql to not prompt
    for a password if PGPASSWORD is given, just as in earlier versions.
    Without that, there is no way to suppress the password input prompt, which
    is bad for scripts.
  * Add debian/patches/12-pgpassfile-crash.patch: Fix crash (free'ing a static
    stack variable) in fe-connect.c.

postgresql-8.2 (8.2.5-1) unstable; urgency=low

  * New upstream bugfix release:
    - Require non-superusers who use "/contrib/dblink" to use only
      password authentication, as a security measure.
      [CVE-2007-3278, CVE-2007-3280]
    - Fix ALTER DOMAIN ADD CONSTRAINT for cases involving domains over
      domains.
    - Make "CREATE DOMAIN ... DEFAULT NULL" work properly.
    - Fix some planner problems with outer joins, notably poor size
      estimation for t1 LEFT JOIN t2 WHERE t2.col IS NULL.
    - Allow the interval data type to accept input consisting only of
      milliseconds or microseconds.
    - Allow timezone name to appear before the year in timestamp input.
    - Fixes for GIN indexes used by "/contrib/tsearch2".
    - Speed up rtree index insertion.
    - Fix excessive logging of SSL error messages.
    - Fix logging so that log messages are never interleaved when using
      the syslogger process.
    - Fix crash when log_min_error_statement logging runs out of memory.
    - Fix incorrect handling of some foreign-key corner cases.
    - Fix stddev_pop(numeric) and var_pop(numeric).
    - Prevent "REINDEX" and "CLUSTER" from failing due to attempting to
      process temporary tables of other sessions.
    - Restrict "/contrib/pgstattuple" functions to superusers, for
      security reasons.
    - Do not let "/contrib/intarray" try to make its GIN opclass the
      default (this caused problems at dump/restore).
  * Remove debian/patches/00upstream-01-polymorphic-functions.patch: Upstream
    now.

postgresql-8.2 (8.2.4-3) unstable; urgency=medium

  * Urgency medium since the dpkg bug above is nasty and I want this fixed in
    testing ASAP.
  * debian/postgresql-8.2.postinst: Work around dpkg bug #435938 by manually
    doing the timezone symlink transition. Closes: #430524
  * debian/rules: Make binary-arch idempotent if test suite fails.
    Closes: #431565

postgresql-8.2 (8.2.4-2) unstable; urgency=low

  * debian/control: Remove some unnecessary build depends. Closes: #424010
  * debian/postgresql-8.2.install: Actually install the "timezone" symlink,
    not the dereferenced files.
  * Add debian/patches/12-m32r-tas.patch:
    - Support m32r architecture, thanks to Kazuhiro Inaoka for the initial
      patch.
    - Backported from CVS head:
      http://archives.postgresql.org/pgsql-committers/2007-05/msg00065.php
    - Closes: #419267
  * Add debian/patches/00upstream-01-polymorphic-functions.patch:
    - Fix breakage of polymorphic SQL functions (regression in 8.2.4), add
      test cases.
    - Patch taken from upstream CVS:
      http://archives.postgresql.org/pgsql-committers/2007-05/msg00010.php
    - Closes: #430347
  * debian/control: Fix libpq-dev Depends: line: ${Source-Version} ->
    ${binary:Version}.

postgresql-8.2 (8.2.4-1) unstable; urgency=medium

  * New upstream security/bug fix release:
    - Support explicit placement of the temporary-table schema within
      search_path, and disable searching it for functions and operators.
      This is needed to allow a security-definer function to set a truly
      secure value of search_path. Without it, an unprivileged SQL user
      can use temporary objects to execute code with the privileges of
      the security-definer function (CVE-2007-2138). See "CREATE
      FUNCTION" for more information.
    - Fix to_char() so it properly upper/lower cases localized day or
      month names.
    - "/contrib/tsearch2" crash fixes.
    - Require "COMMIT PREPARED" to be executed in the same database as
      the transaction was prepared in.
    - New traditional (Taiwan) Chinese FAQ.
    - Prevent the statistics collector from writing to disk too
      frequently.
    - Fix potential-data-corruption bug in how "VACUUM FULL" handles
      "UPDATE" chains.
    - Fix bug in domains that use array types.
    - Fix "pg_dump" so it can dump a serial column's sequence using "-t"
      when not also dumping the owning table.
    - Planner fixes, including improving outer join and bitmap scan
      selection logic.
    - Fix possible wrong answers or crash when a PL/pgSQL function tries
      to RETURN from within an EXCEPTION block.
    - Fix PANIC during enlargement of a hash index.
  * debian/patches/04-timezone-symlinks.patch: Adapt to slightly changed
    Makefile of 8.2.4.
  * Remove debian/patches/12-vacuum-cycle-hang.patch: Fixed upstream.
  * debian/postgresql-8.2.postrm: Fix bashism.

postgresql-8.2 (8.2.3-5) unstable; urgency=low

  * debian/rules: Do not let failed test suite fail the build on mips and
    mipsel. The Debian buildds' kernels are still broken.
  * debian/control: Add empty postgresql{,-client,-contrib,-doc} packages
    which always point to the latest available version.

postgresql-8.2 (8.2.3-4) unstable; urgency=low

  * First upload to unstable: Welcome, Lenny!

postgresql-8.2 (8.2.3-3) experimental; urgency=low

  * debian/rules: Do not FTBFS on failed test suite on sparc. sparc throws a
    'floating point exception' instead of a 'division by zero' error, which is
    fine, but differs from expected string output. Closes: #417160

postgresql-8.2 (8.2.3-2) experimental; urgency=low

  * debian/control: Add Perl dependency to p-8.2-plperl, to ensure that
    creating plperl functions works (as opposed to plperlu, which only needs
    libperl). (see bug #412135)
  * debian/control: Do not mention nor suggest 'pgdocs' any more in p-doc's
    description since pgdocs is only available for 7.4. (see bug #405097)
  * debian/patches/04-timezone-symlinks.patch:
    - Use the timezone database from the system tzdata instead of shipping our
      own. Towards a single authoritative time zone database in Debian and
      Ubuntu... :) (LP: #41159)
    - Drop previous hardlink-to-symlink patch to zic, since that is irrelevant
      now.
    - debian/control: Add tzdata dependency.
  * Add debian/patches/12-vacuum-cycle-hang.patch: Properly release our
    semaphore lock before erroring out wit elog() to prevent deadlocks on
    vacuum errors. Thanks to Heikki Linnakangas!
  * debian/rules: Have a test suite failure fail the build again. Let's ignore
    the old kernels on the Debian mips[el] buildds for now.

postgresql-8.2 (8.2.3-1) experimental; urgency=low

  * New upstream bug fix release to fix regressions in 8.2.2:
    - Remove overly-restrictive check for type length in constraints and
      functional indexes.
    - Fix optimization so MIN/MAX in subqueries can again use indexes.

postgresql-8.2 (8.2.2-1) experimental; urgency=low

  * New upstream security and bug fix release:
    - Fix security vulnerabilities that allowed connected users to
      read backend memory.
      The vulnerabilities involve suppressing the normal check that a SQL
      function returns the data type it's declared to, and changing the
      data type of a table column (CVE-2007-0555, CVE-2007-0556). These
      errors can easily be exploited to cause a backend crash, and in
      principle might be used to read database content that the user
      should not be able to access.
    - Fix not-so-rare-anymore bug wherein btree index page splits could
      fail due to choosing an infeasible split point.
    - Properly handle to_char('CC') for years ending in 00.
      Year 2000 is in the twentieth century, not the twenty-first.
    - "/contrib/tsearch2" localization improvements.
    - Fix incorrect permission check in information_schema.key_column_usage
      view.
      The symptom is "relation with OID nnnnn does not exist" errors. To
      get this fix without using "initdb", use "CREATE OR REPLACE VIEW"
      to install the corrected definition found in
      "share/information_schema.sql". Note you will need to do this in
      each database.
    - Improve "VACUUM" performance for databases with many tables.
    - Fix for rare Assert() crash triggered by UNION.
    - Fix potentially incorrect results from index searches using ROW
      inequality conditions.
    - Tighten security of multi-byte character processing for UTF8
      sequences over three bytes long.
    - Fix possible crashes when an already-in-use PL/pgSQL function is
      updated.
    - Improve PL/pgSQL handling of domain types.
    - Fix possible errors in processing PL/pgSQL exception blocks.
  * debian/control: postgresql-client-8.2 provides postgresql-client. This
    avoids breaking all the reverse dependencies to p-c when the transitional
    package gets removed. Closes: #400648

postgresql-8.2 (8.2.1-2) experimental; urgency=low

  * debian/libpq-dev.install: Install missing pg_trace.h.
  * debian/control: Remove -contrib's libpg-perl recommendation, nothing in
    -contrib uses it any more. Thanks to Peter Eisentraut for spotting this.
    Closes: #408070
  * debian/control: Update -contrib package description for 8.2.
    Closes: #408072

postgresql-8.2 (8.2.1-1) experimental; urgency=low

  * New upstream bugfix release:
    - Fix crash with SELECT ... LIMIT ALL (also LIMIT NULL).
    - "Several /contrib/tsearch2" fixes (Teodor)
    - Fix planner mistakes for outer join queries.
    - Fix several problems in queries involving sub-SELECTs.
    - Fix potential crash in SPI during subtransaction abort.
      This affects all PL functions since they all use SPI.
    - Improve build speed of PDF documentation.
    - Re-add JST (Japan) timezone abbreviation.
    - Improve optimization decisions related to index scans.
    - Have psql print multi-byte combining characters as before, rather
      than output as \u.
    - Improve index usage of regular expressions that use parentheses.
      This improves psql \d performance also.
    - Make pg_dumpall assume that databases have public CONNECT
      privilege, when dumping from a pre-8.2 server.
      This preserves the previous behavior that anyone can connect to a
      database if allowed by "pg_hba.conf".

postgresql-8.2 (8.2-1) experimental; urgency=low

  * 8.2 final release.
  * debian/control: Fix spelling of 'Tcl'. (See #401191)
  * Added a watch file.

postgresql-8.2 (8.2~rc1-1) experimental; urgency=low

  * Release candidate 1.

postgresql-8.2 (8.2~beta3-1) experimental; urgency=low

  * New upstream beta release.

postgresql-8.2 (8.2~beta2-1) experimental; urgency=low

  * New upstream beta release.
    - Documents ~/.pgpass file in psql(1). Closes: #308535
    - Document long --format values in pg_dump(1). Closes: #308827
    - Does not output &apos; any more in HTML mode. Closes: #353200
  * debian/patches/{03-gettext-domains.patch,11-pg_regress-socketpath.patch}:
    Adapted to new upstream version.

postgresql-8.2 (8.2~beta1-2) experimental; urgency=low

  * Move vacuumlo from -client to -contrib, since it is a contributed script.
    Add appropriate Replaces:.
  * debian/control: Fix libpq-dev dependency of -server-dev-8.2.
    Closes: #393148

postgresql-8.2 (8.2~beta1-1) experimental; urgency=low

  * First public beta release of 8.2, packaging based on current 8.1 tree.
  * Major improvements and changes (see HISTORY for details):
    - Improved sort performance with lower memory usage.
    - More efficient locking with better concurency.
    - New FILLFACTOR support for tables and indexes.
    - Many query optimization improvements.
    - More efficient vacuuming.
    - Warm standby server enhancements.
    - Monitoring, logging, and performance tuning additions.
    - Query enhancements including RETURNING values, multi-VALUES,
    - support, and self-joins for DELETE.
    - More control over creating/dropping objects and inheritance.
    - Index creation without blocking INSERT/UPDATE/DELETE.
    - COPY TO support for SELECT statements.
    - Array and aggregate improvements, including SQL:2003 statistical
    - functions.
    - Many /contrib improvements.

postgresql-8.1 (8.1.4-6) unstable; urgency=low

  * debian/control: Drop heimdal-dev suggestion of libpq-dev. Closes: #379848
  * debian/libpq-dev.install: Ship pg_wchar.h. Closes: #380047
  * Transition for private python extension in p-plpython-8.1:
    - debian/control:
      + Bump cdbs/debhelper build dependency versions.
      + Add {XS,XB}-Python-Version attributes.
    - debian/compat: Use compat level 5.
    - Add debian/pycompat: Use compat level 2.
    - debian/rules: Call dh_pycentral and dh_python for p-plpython-8.1.
    - Closes: #380898
  * debian/control: Change the order of records so that the libraries come
    first. With that, postgresql-client-8.1 and friends pick up the correct
    shlibs. Closes: #381211

postgresql-8.1 (8.1.4-5) unstable; urgency=low

  * debian/rules: Install init script at priority 19, since Apache and web
    applications usually reside on priority 20, but often require a running
    database. This follows a recent change in the MySQL package, thanks to
    Christian Hammers for pointing this out. Closes: #379276
  * Add debian/patches/12-pg_restore-ignore-failing-tables.patch:
    - pg_restore: Add option -X no-data-for-failed-tables to ignore TABLE DATA
      objects if the corresponding TABLE could not be created. Necessary for
      fixing #351571.

postgresql-8.1 (8.1.4-4) unstable; urgency=low

  * debian/rules: Use -fPIC instead of -fpic to avoid FTBFS on sparc and m68k
    (and maybe avoid the ICE on arm).
  * debian/postgresql-8.1.init: Add LSB magic comment header (provide both
    postgresql-8.1 and a generic postgresql service). Closes: #377882

postgresql-8.1 (8.1.4-3) unstable; urgency=low

  * debian/control: Add missing comerr-dev and libkrb5-dev dependencies to
    libpq-dev. Closes: #371158
  * Add debian/patches/54-contrib-dbmirror-quoteparsing.patch: Fix parsing of
    quotes escaped as '' in PendingData table. Closes: #375743
  * Add debian/patches/55-contrib-admin.patch:
    - Add the 'admin81' contrib module and build it. This provides
      instrumentation functions for use with PgAdmin 3 and similar.
    - http://www.postgresql.org/ftp/pgadmin3/release/v1.4.2/adminpacks/
    - Closes: #354731
  * debian/rules: Build with -fpic everywhere to improve the proactive
    security effectivity of address space layout randomization. This has no
    measurable performance impact on at least i386, amd64, and powerpc.

postgresql-8.1 (8.1.4-2) unstable; urgency=medium

  * Add debian/libpq4.shlibs and bump it to >= 8.1.4, to respect the
    introduction of PQescapeStringConn() and PQescapeByteaConn().
  * debian/postgresql-8.1.postrm, clean_dir(): Do not use rmdir's
    --ignore-fail-on-nonempty, since that still falls apart when the
    directory is a mountpoint. Just ignore errors.

postgresql-8.1 (8.1.4-1) unstable; urgency=medium

  * New upstream security and bug fix release:
    - The server now rejects invalidly-encoded multibyte characters in all
      cases to defend against SQL-injection attacks. [CVE-2006-2313]
    - Reject unsafe uses of \' in string literals (for client encodings that
      allow SQL injection with this, like SJIS, BIG5, GBK, GB18030, or UHC). A
      new configuration parameter backslash_quote is available to adjust this
      behavior when needed. [CVE-2006-2314]
    - Modify libpq's string-escaping routines to be aware of encoding
      considerations and standard_conforming_strings
      This fixes libpq-using applications for the security issues
      described in CVE-2006-2313 and CVE-2006-2314, and also
      future-proofs them against the planned changeover to SQL-standard
      string literal syntax. Applications that use multiple PostgreSQL
      connections concurrently should migrate to PQescapeStringConn() and
      PQescapeByteaConn() to ensure that escaping is done correctly for
      the settings in use in each database connection. Applications that
      do string escaping "by hand" should be modified to rely on library
      routines instead.
    - Various bug fixes, see upstream changelog for details.
  * Remove debian/patches/12-krb5-multiusers.patch: Fixed upstream.
  * debian/postgresql-8.1.init: Add a comment to point out that environment
    variables need to be set in the 'environment' file, not in the init
    script.
  * debian/postgresql-8.1.init, debian/postgresql-8.1.postinst: Do not fail if
    init.d-functions/maintscripts-functions are not present, which happens if
    postgresql-{8.1,common} are removed, but not purged. Closes: #362488
  * Bump Standards-Version to 3.7.2.

postgresql-8.1 (8.1.3-4) unstable; urgency=low

  * debian/rules:
    - Put --as-needed into LDFLAGS instead of CFLAGS to avoid warnings when
      building extension modules. Closes: #360759
    - Fix a bashism.
  * debian/control: Suggest oidentd | ident-server (oidentd prefered since it
    works with IPv6). Closes: #359193
  * libecpg-dev: Move manpage to /usr/share/man/man1 where it belongs to.
    Closes: #360817
  * debian/rules: Ship the tutorial's Makefile and ship the SQL *.source files
    (not the generated *.sql files) to get the correct path to the built
    libraries. Closes: #360469
  * Add debian/patches/13-tutorial-README.patch: Remove confusing note about
    make and point out that p-server-dev-8.1 is required for building the
    tutorial.
  * debian/postgresql-contrib-8.1.install, 50-contrib-oracle-enable.patch:
    Move Ora2Pg.pm to /usr/share/postgresql/8.1 and adapt the library search
    path in ora2pg.pl accordingly. Closes: #360818

postgresql-8.1 (8.1.3-3) unstable; urgency=low

  * debian/postgresql-8.1.init: Use shell 'sh -e' instead of bash.
  * debian/postgresql-contrib-8.1.install: Ship ora2pg.pl and Ora2Pg.pm.
  * debian/control: Updated contrib package description. Closes: #355172
  * debian/rules: Don't special-case HPPA for --enable-thread-safety-force;
    the current kernel seems to cope with threads quite well, so that the
    configure check does not hang any more. Closes: #315440
  * debian/control: Build server packages on mips and mipsel again, even if
    they do not work. No need to block testing migration forever (the
    ftp-masters seem reluctant to remove the mips binaries, see #344487), and
    the bug is in binutils, not PostgreSQL itself (see #357603).

postgresql-8.1 (8.1.3-2) unstable; urgency=low

  * Re-enable 'do not run as root' check from upstream:
    - Move debian/patches/08-disable-root-check.patch to
      debian/disable-root-check.patch.
    - debian/rules: Move test suite to binary/predeb and apply
      disable-root-check.patch manually right before calling the test suite.
      Unapply debian/disable-root-check.patch after executing the
      test suite to not break subsequent package builds.
    - With this, the test suite can happily run as (fake)root during package
      build without disabling the check in the actual packages.
  * postgresql-doc-8.1: Ship tutorial C and SQL files.
    (https://launchpad.net/bugs/30233)
  * debian/control, postgresql-client-8.1: Depend on postgresql-client-common
    instead of postgresql-common.

postgresql-8.1 (8.1.3-1) unstable; urgency=low

  * New upstream security and bug fix release:
    - Fix bug that allowed any logged-in user to "SET ROLE" to any other
      database user id (CVE-2006-0553).
    - See upstream changelog for detailled changes.
  * Remove debian/patches/80-cvs-pg_restore-COPY.patch: Upstream now.
  * debian/rules: Use --as-needed linker option to avoid excessive
    library dependencies.
  * debian/control: Remove unnecessary dependencies from PL/Python and PL/Tcl
    packages.

postgresql-8.1 (8.1.2-2) unstable; urgency=low

  * debian/patches/09-relax-sslkey-permscheck.patch: Do not check for any
    particular group if the SSL key is group readable, to allow sharing a
    common SSL certificate with other server processes.
  * debian/control: Add ${shlibs:Depends} to packages which need it.
    Closes: #348066
  * debian/control, libecpg5: Remove obsolete Provides/Conflicts to ecpg.
  * Add debian/patches/80-cvs-pg_restore-COPY.patch:
    - Fix pg_restore to properly discard COPY data when trying to continue
      after an error in a COPY statement.  Formerly it thought the COPY data
      was SQL commands, and got quite confused.
    - Patch from Stephen Frost, taken from upstream CVS.
  * Add debian/patches/12-krb5-multiusers.patch:
    - Fix krb5 credential handling in libpq for multiple connections with
      different users: Don't keep credentials in global variables, but pass
      them around in a new krb5_info struct.
    - Patch from Stephen Frost, proposed to be adopted upstream.

postgresql-8.1 (8.1.2-1) unstable; urgency=medium

  * New upstream bugfix release:
    - Fix bug introduced in 8.0 that could allow ReadBuffer to return an
      already-used page as new, potentially causing loss of recently-committed
      data.
    - Fix for protocol-level Describe messages issued outside a
      transaction or in a failed transaction.
    - Fix character string comparison for locales that consider different
      character combinations as equal, such as Hungarian.
      This might require "REINDEX" to fix existing indexes on textual
      columns.
    - Set locale environment variables during postmaster startup to
      ensure that plperl won't change the locale later. This fixes a problem
      that occurred if the postmaster was started
      with environment variables specifying a different locale than what
      initdb had been told. Under these conditions, any use of plperl was
      likely to lead to corrupt indexes. You may need "REINDEX" to fix
      existing indexes on textual columns if this has happened to you.
      (postgresql-common checks and aborts on this condition.)
    - Allow more flexible relocation of installation directories.
      Previous releases supported relocation only if all installation
      directory paths were the same except for the last component.
      This makes the test suite work with Debian's directory structure, so
      that the horology test can find the timezones again and pass.
    - Prevent crashes caused by the use of ISO-8859-5 and ISO-8859-9
      encodings.
    - Fix longstanding bug in strpos() and regular expression handling in
      certain rarely used Asian multi-byte character sets.
    - Fix bug where COPY CSV mode considered any \. to terminate the copy
      data. The new code requires \. to appear alone on a line, as per
      documentation.
    - Make COPY CSV mode quote a literal data value of \. to ensure it
      cannot be interpreted as the end-of-data marker.
    - Various fixes for functions returning RECORDs.
    - Fix processing of "postgresql.conf" so a final line with no newline
      is processed properly.
    - Fix bug in "/contrib/pgcrypto" gen_salt, which caused it not to use
      all available salt space for MD5 and XDES algorithms.  Salts for
      Blowfish and standard DES are unaffected.
    - Fix autovacuum crash when processing expression indexes.
    - Fix "/contrib/dblink" to throw an error, rather than crashing, when
      the number of columns specified is different from what's actually
      returned by the query.
  * Remove debian/patches/12-readline-prompt-ignore.patch: Adopted upstream.
  * Bump postgresql-common dependencies to >= 39. This will ensure more
    robust upgrades and other bug fixes.

postgresql-8.1 (8.1.1-2) unstable; urgency=low

  * Do not build postgresql-8.1, p-contrib-8.1, and the PL/ packages on mips
    and mipsel, since the postmaster just SIGBUSes on these architectures and
    nobody seems to be able to fix that.
  * Add debian/patches/12-readline-prompt-ignore.patch: Do not prepend a
    '\001' before the 'prompt ignore begin/end' readline commands; this is a
    bash quirk, not a readline feature. Thanks to Aaron Schrab.
    Closes: #343616

postgresql-8.1 (8.1.1-1) unstable; urgency=low

  * New upstream bug fix release.
  * Remove debian/patches/80_cvs_crash_deform_tuple.patch, upstream now.
  * debian/postgresql-8.1.postrm: Also clean start.conf if purging without
    pg_dropcluster.
  * debian/postgresql-8.1.postrm: Check if a /etc/postgresql/8.1 subdirectory
    is really a cluster directory before trying to remove it. Closes: #339810
  * Ship upstream changelog.

postgresql-8.1 (8.1.0-3) unstable; urgency=low

  * debian/rules: Remove superfluous R include path.
  * debian/control: Version the libpq-dev dependency of -server-dev-8.1 to
    avoid horrible breakage.
  * Add debian/patches/80_cvs_crash_deform_tuple.patch:
    - Fix crash in tuple deformator (stolen from CVS head).
    - Closes: #339527
  * Add debian/patches/52-contrib-dbase-enable-iconv.patch:
    - Enable iconv support for 'dbf2pg' contrib module.
    - Closes: #338645

postgresql-8.1 (8.1.0-2) unstable; urgency=low

  * Do not install pg_config and its mo files into postgresql-server-dev-8.1
    any more, since libpq-dev now ships it. Closes: #338231
  * debian/control: Clean up contrib description. Closes: #338308

postgresql-8.1 (8.1.0-1) unstable; urgency=low

  * Final 8.1.0 upstream release, first unstable upload.
  * Build client libraries (-8.0 does not build them any more).
  * Add debian/patches/11-server-includedir.patch: Change server include
    directory to /usr/include/postgresql/8.1/server since we do want to
    keep apart server include files.

postgresql-8.1 (8.0+8.1rc1-1) experimental; urgency=low

  * Upgrade to 8.1rc1 release.

postgresql-8.1 (8.0+8.1beta4-2) experimental; urgency=low

  * Clean up the installation path ./configure arguments.
    - debian/rules: Use default libdir /usr/lib.
    - Add debian/patches/10-pkglibdir.patch: Set pkglibdir to
      /usr/lib/postgresql/8.1/lib instead of /usr/lib/postgresql.

postgresql-8.1 (8.0+8.1beta4-1) experimental; urgency=low

  * Upgrade to 8.1beta4 release.
  * Adopt patches to new upstream version:
    - 09-relax-sslkey-permscheck.patch
  * debian/postgresql-8.1.postrm: clean_dir(): Ensure that directory is not a
    symbolic link before attempting to rmdir it. Closes: #333867
  * debian/rules: Remove obsolete --disable-spinlocks build option for mips.

postgresql-8.1 (8.0+8.1beta3-1) experimental; urgency=low

  * Upgrade to 8.1beta3 release.
  * Drop debian/patches/81-beta2.patch: beta2->beta3 changes are too big to be
    sensibly stuffed into a patch.
  * Adopt patches to new upstream version:
    - 03-gettext-domains.patch
  * Remove patches which are upstream now:
    - 52-contrib-dbf2pg-errorcheck.patch
    - 53-contrib-dbf2pg-textfield
  * debian/patches/09-relax-sslkey-permscheck.patch: Use effective rather than
    real group id for checking the private SSL certificate permissions. It
    does not make any practical difference, but is more consistent.
  * Rename patch 01-top-makefile.patch to 01-build-contrib.patch to give a
    better idea of what it does.

postgresql-8.1 (8.0+8.1beta-4) experimental; urgency=low

  * Add debian/patches/09-relax-sslkey-permscheck.patch:
    - Relax security check on private SSL key file: The file is also
      considered safe if it has owner and/or group "root", and if it is
      group-readable (unless the group is something other than root or the
      database owner group).
    - See bug #327901.

postgresql-8.1 (8.0+8.1beta-3) experimental; urgency=low

  * Add debian/patches/81-beta2.patch: Upgrade to 8.1beta2 release.
  * Remove debian/patches/80-s_lock.h-m68k.patch: Included upstream now.

postgresql-8.1 (8.0+8.1beta-2) experimental; urgency=low

  * debian/postgresql-8.1.postrm: Do not remove an empty /var/log/postgresql,
    postgresql-common now cares for it to not break log rotation. (See
    #325330)
  * Remove debian/postgresql-server-dev-8.1.manpages: Do not install the
    manpage, since it belongs to libpq-dev (which is currently built by
    postgresql-8.0). Closes: #327379
  * debian/postgresql-server-dev-8.1.install: Ship pg_config.
  * Build-depend on libpq-dev to pull in libpq4 dependencies for binary
    packages. This hack is necessary as long as we build libpq from
    postgresql-8.0. Closes: #327765

postgresql-8.1 (8.0+8.1beta-1) experimental; urgency=low

  * First public beta version.

postgresql-8.1 (8.0+8.1alpha-1) experimental; urgency=low

  * New upstream snapshot release. The first beta is close to be released, and
    I want to be prepared for that.
  * Package based on postgresql-8.0 8.0.3-13; don't build client libraries yet
    until 8.1 final is released.

postgresql-8.0 (8.0.3-13) unstable; urgency=low

  * debian/control: Fix libpq4 description, it is compatible with servers
    starting from 7.3.
  * Move back client include files to /usr/include/postgresql/ for now to
    not render all client packages unbuildable which have not yet converted
    to pg_config:
    - debian/rules: Configure with include dir /usr/include/postgresql.
    - debian/libecpg-dev.install, debian/libpq-dev.install: Install files from
      and to /usr/include/postgresql
    - Add debian/patches/13_server_includedir.patch: Change server include
      directory back to /usr/include/postgresql/8.0/server since we do want to
      keep apart server include files.
    - Closes: #322085
  * Drop obsolete xml contrib module, build and ship xml2 instead:
    - Remove debian/patches/51-contrib-xml-enable.patch
    - Add debian/patches/51-contrib-xml2-enable.patch
    - debian/control: Add build dependency libxslt1-dev.
    - debian/postgresql-contrib-8.0.install: Ship pgxml.so, drop pgxml_dom.so.
    - Closes: #322777
  * Add debian/patches/14-mips-gcc4.patch:
    - Add a proper test-and-set function for mips and mipsel. Thanks to Thiemo
      Seufer for the patch and Aurelien Jarno for his help. This now also
      works with gcc 4.
  * debian/rules: Remove the --disable-spinlocks option for mips again, now
    that we have a proper patch for that.

postgresql-8.0 (8.0.3-12) unstable; urgency=low

  * debian/rules:
    - Robustify log output in case of a failed test suite; also print out
      regression.diffs if it fails. Closes: #319218
    - Don't run the test suite if DEB_BUILD_OPTIONS contains "nocheck".
  * Add debian/check_installed_files to check for upstream installed files
    which are not shipped in any deb.
  * debian/postgresql-contrib-8.0.install: Ship pgxml_dom.so. Closes: #318922

postgresql-8.0 (8.0.3-11) unstable; urgency=low

  * Add debian/patches/12-disable-root-check.patch: Disable "am I root" test
    in initdb and postmaster to be able to run the test suite at build time.
    This check is already done in pg_createcluster.
  * debian/rules: Remove all the chown/setuid crack and simply call "make
    check" now; print the log files if the test fails.
  * debian/patches/10-testsuite-params.patch: Disable authentication in the
    test suite db since ident authentication does not work with fakeroot.

postgresql-8.0 (8.0.3-10) unstable; urgency=low

  * debian/rules: If the test suite fails, don't let the build fail but rather
    cat the log files. Once the test suite calling works reliably, the
    previous behaviour can be restored.

postgresql-8.0 (8.0.3-9) unstable; urgency=low

  * Bump Standards-Version to 3.6.2.
  * debian/rules: Use start-stop-daemon instead of su to call the test suite
    since su requires a terminal.
  * debian/rules: Disable spinlocks on mips and mipsel for now since they
    FTBFS with gcc-4.0.

postgresql-8.0 (8.0.3-8) unstable; urgency=low

  * postgresql-client-8.0: Now suggest postgresql-8.0; clarified the
    description wrt the server package (see #313247).
  * Fix README.Debian symlink.
  * Add debian/patches/10-testsuite-params.patch: Use /tmp as the socket
    directory when running the test suite.
  * debian/rules: Call the test suite when building the package. Since
    creating databases as root is not permitted, do this as "nobody" if run by
    root (as on the buildds); don't do it at all if run with fakeroot.

postgresql-8.0 (8.0.3-7) unstable; urgency=low

  * Removed some redundant configure options which cdbs applies anyway.
  * configure with --enable-thread-safety-force on HPPA since the configure
    check triggers a kernel bug on the buildd. (See #315440)
  * debian/postgresql-8.0.init: autovac-* functions in postgresql-common were
    renamed to autovac_* to comply to POSIX shell standard (see #315551).
    Adaped dependencies.

postgresql-8.0 (8.0.3-6) unstable; urgency=low

  * Added debian/postgresql-8.0.links: Symlink README.Debian from
    postgresql-common.
  * Added debian/patches/08-timezone-inttimestamps.patch (stolen from CVS
    head): Fix integer timestamps in time zone handling.
    Closes: #249417, #311533.
  * debian/rules: Fix POT file generation.
  * Added debian/patches/09-libpq-defaultsocketdir.patch:
    - Set default socket directory for libpq to /var/run/postgresql.
      Closes: #313507, #313602
  * Adjusted packages to follow upstream library SONAME change in 8.0.3:
    libecpg4 -> libecpg5, libecpg-compat1 -> libecpg-compat2,
    libpgtypes1 -> libpgtypes2. Closes: #313452, #313453, #313454

postgresql-8.0 (8.0.3-5) unstable; urgency=low

  * debian/rules: Generate POT files to help translators.
  * Added debian/libpq-dev.manpages: Install pg_wrapper(1) manpage.
    Closes: #311671
  * debian/control: Restrict libpq-dev conflict to postgresql-dev to
    versions << 7.5. Closes: #312827

postgresql-8.0 (8.0.3-4) unstable; urgency=low

  * First unstable upload.
  * debian/control: Now build with libreadline5-dev instead of version 4.

postgresql-8.0 (8.0.3-3) experimental; urgency=low

  * Added libpq4 dependency to libpq-dev.
  * postgresql-contrib-8.0.install: Correct paths to install missing shared
    files and documentation. (Closes: #311553)
  * libpq-dev.install: Install some more header files from server/ which are
    required by client libraries.

postgresql-8.0 (8.0.3-2) experimental; urgency=low

  * Added CAN numbers to previous changelog entries.
  * debian/patches/07-postgresql.conf.patch: Enable listen_addresses = '*' by
    default.
  * debian/control, libpq-dev: Conflict to and replace postgresql-dev.

postgresql-8.0 (8.0.3-1) experimental; urgency=low

  * New upstream release:
    - Prevent calling conversion functions by users. [CAN-2005-1409]
    - Prevent calling tsearch2 functions by users. [CAN-2005-1410]
  * debian/libpq-dev.{install,links}: Install pg_config into
    /usr/lib/postgresql/8.0/bin to make it print correct paths, and install a
    symlink into /usr/bin instead. Closes: #305200
  * debian/rules: Change include dir configure option to
    /usr/include/postgresql/8.0, so that different versions of
    postgresql-server-dev-<version> do not conflict with each other. Since
    applications using the libpq-dev are supposed to use pg_config, this
    should not break them either.

postgresql-8.0 (8.0.2-1) experimental; urgency=low

  * New upstream release:
    - Removed debian/patches/02-libpq-soname.patch, upstream adopted SONAME
      change to libpq4.
  * Ship "reindexdb" in -contrib.
  * Added debian/patches/02_pager.patch: Use /usr/bin/pager as default pager
    in psql. Closes: #304459
  * Added debian/postgresql-doc-8.0.doc-base: Register doc package in
    doc-base.

postgresql-8.0 (8.0.1-4) experimental; urgency=low

  * Ship pg_config in libpq-dev instead of postgresql-8.0; added
    proper package conflict. Closes: #303257
  * Install pg_config in /usr/bin instead of 8.0-specific bin dir.
    Closes: #302368
  * debian/postgresql-8.0.init: Added autovacuum functions.

postgresql-8.0 (8.0.1-3) experimental; urgency=low

  * Dropped pgxs package, the Makefiles are now part of postgresql-server-dev.
  * -contrib: Only recommend, not depend on libpg-perl and libdbd-pg-perl.
  * Renamed packages pg-pl*-8.0 to postgresql-pl*-8.0 for consistency.
  * Added debian/patches/07-postgresql.conf.patch:
    - Patch for Debian changes to the default configuration.
    - Enable stats_row_level to allow pg_autovacuum to work.

postgresql-8.0 (8.0.1-2) experimental; urgency=low

  * Changed dependency of pg-pltcl-8.0 from libtcl8.4 to tcl8.4
  * Now depend on postgresql-common >= 3 which provides more maintainer script
    functions.
  * Compress manpages.

postgresql-8.0 (8.0.1-1) experimental; urgency=low

  * New upstream release. Closes: #274043, #291350
    - Ignores shell backticks with invalid meta-commands. Closes: #285844
    - Fixes uninitialized error strings when connecting to a server which is
      down. Closes: #264603, #277757
    - configure script supports GNU/Hurd and GNU/k*BSD. Closes: #262081
    - Fixes comma splices in HTML documentation. Closes: #243781
    - Now upper() and lower() work also for Unicode characters.
      Closes: #139389, #290118, #290399
    - New configuration variable max_stack_depth which prevents DoS situations
      due to infinite recursion. Closes: #239811
    - Reportedly works with Turkish locale. Closes: #305886
    - This version is not vulnerable against the following security issues:
      . Load arbitrary shared libs, execute startup function [CAN-2005-0227]
      . Execute functions with aggregate wrapper [CAN-2005-0244]
      . Buffer overflow and 64-bit issues in contrib/intagg [CAN-2005-0246]
      . Buffer overflows in the PL/PGSQL parser in gram.y [CAN-2005-0247]
      . Insecure temporary files in make_oidjoins_check [CAN-2004-0977]
  * Splitted development package into libpq-dev and postgresql-server-dev.
    Closes: #280417
  * Splitted libecpg4 into libecpg4, libecpg-compat1 and libpgtypes1.
  * Old libpgtcl package does not exist any more. The PL/TCL procedural
    language is now shipped in pg-pltcl8.0, the TCL client library is not
    shipped by PostgreSQL any more. Closes: #280418
  * Now use /var/lib/postgresql/ as (default) data directory. Closes: #285929

 -- SpecialK <email address hidden>   Fri,  8 Feb 2008 13:48:42 +0000