Format: 1.8 Date: Wed, 19 Feb 2014 10:15:39 +0100 Source: postgresql-9.3 Binary: libpq-dev libpq5 libecpg6 libecpg-dev libecpg-compat3 libpgtypes3 postgresql-9.3 postgresql-9.3-dbg postgresql-client-9.3 postgresql-server-dev-9.3 postgresql-doc-9.3 postgresql-contrib-9.3 postgresql-plperl-9.3 postgresql-plpython-9.3 postgresql-plpython3-9.3 postgresql-pltcl-9.3 Architecture: powerpc powerpc_translations Version: 9.3.3-1 Distribution: trusty-proposed Urgency: medium Maintainer: Ubuntu/powerpc Build Daemon Changed-By: Christoph Berg Description: libecpg-compat3 - older version of run-time library for ECPG programs libecpg-dev - development files for ECPG (Embedded PostgreSQL for C) libecpg6 - run-time library for ECPG programs libpgtypes3 - shared library libpgtypes for PostgreSQL 9.3 libpq-dev - header files for libpq5 (PostgreSQL library) libpq5 - PostgreSQL C client library postgresql-9.3 - object-relational SQL database, version 9.3 server postgresql-9.3-dbg - debug symbols for postgresql-9.3 postgresql-client-9.3 - front-end programs for PostgreSQL 9.3 postgresql-contrib-9.3 - additional facilities for PostgreSQL postgresql-doc-9.3 - documentation for the PostgreSQL database management system postgresql-plperl-9.3 - PL/Perl procedural language for PostgreSQL 9.3 postgresql-plpython-9.3 - PL/Python procedural language for PostgreSQL 9.3 postgresql-plpython3-9.3 - PL/Python 3 procedural language for PostgreSQL 9.3 postgresql-pltcl-9.3 - PL/Tcl procedural language for PostgreSQL 9.3 postgresql-server-dev-9.3 - development files for PostgreSQL 9.3 server-side programming Closes: 646245 Launchpad-Bugs-Fixed: 991725 Changes: postgresql-9.3 (9.3.3-1) unstable; urgency=medium . [ Christoph Berg ] * New upstream security/bugfix release. . + Shore up GRANT ... WITH ADMIN OPTION restrictions (Noah Misch) . Granting a role without ADMIN OPTION is supposed to prevent the grantee from adding or removing members from the granted role, but this restriction was easily bypassed by doing SET ROLE first. The security impact is mostly that a role member can revoke the access of others, contrary to the wishes of his grantor. Unapproved role member additions are a lesser concern, since an uncooperative role member could provide most of his rights to others anyway by creating views or SECURITY DEFINER functions. (CVE-2014-0060) . + Prevent privilege escalation via manual calls to PL validator functions (Andres Freund) . The primary role of PL validator functions is to be called implicitly during CREATE FUNCTION, but they are also normal SQL functions that a user can call explicitly. Calling a validator on a function actually written in some other language was not checked for and could be exploited for privilege-escalation purposes. The fix involves adding a call to a privilege-checking function in each validator function. Non-core procedural languages will also need to make this change to their own validator functions, if any. (CVE-2014-0061) . + Avoid multiple name lookups during table and index DDL (Robert Haas, Andres Freund) . If the name lookups come to different conclusions due to concurrent activity, we might perform some parts of the DDL on a different table than other parts. At least in the case of CREATE INDEX, this can be used to cause the permissions checks to be performed against a different table than the index creation, allowing for a privilege escalation attack. (CVE-2014-0062) . + Prevent buffer overrun with long datetime strings (Noah Misch) . The MAXDATELEN constant was too small for the longest possible value of type interval, allowing a buffer overrun in interval_out(). Although the datetime input functions were more careful about avoiding buffer overrun, the limit was short enough to cause them to reject some valid inputs, such as input containing a very long timezone name. The ecpg library contained these vulnerabilities along with some of its own. (CVE-2014-0063) . + Prevent buffer overrun due to integer overflow in size calculations (Noah Misch, Heikki Linnakangas) . Several functions, mostly type input functions, calculated an allocation size without checking for overflow. If overflow did occur, a too-small buffer would be allocated and then written past. (CVE-2014-0064) . + Prevent overruns of fixed-size buffers (Peter Eisentraut, Jozef Mlich) . Use strlcpy() and related functions to provide a clear guarantee that fixed-size buffers are not overrun. Unlike the preceding items, it is unclear whether these cases really represent live issues, since in most cases there appear to be previous constraints on the size of the input string. Nonetheless it seems prudent to silence all Coverity warnings of this type. (CVE-2014-0065) . + Avoid crashing if crypt() returns NULL (Honza Horak, Bruce Momjian) . There are relatively few scenarios in which crypt() could return NULL, but contrib/chkpass would crash if it did. One practical case in which this could be an issue is if libc is configured to refuse to execute unapproved hashing algorithms (e.g., "FIPS mode"). (CVE-2014-0066) . + Document risks of make check in the regression testing instructions (Noah Misch, Tom Lane) . Since the temporary server started by make check uses "trust" authentication, another user on the same machine could connect to it as database superuser, and then potentially exploit the privileges of the operating-system user who started the tests. A future release will probably incorporate changes in the testing procedure to prevent this risk, but some public discussion is needed first. So for the moment, just warn people against using make check when there are untrusted users on the same machine. (CVE-2014-0067) . + Rework tuple freezing protocol (Álvaro Herrera, Andres Freund) . The logic for tuple freezing was unable to handle some cases involving freezing of multixact IDs, with the practical effect that shared row-level locks might be forgotten once old enough. . Fixing this required changing the WAL record format for tuple freezing. While this is no issue for standalone servers, when using replication it means that standby servers must be upgraded to 9.3.3 or later before their masters are. An older standby will be unable to interpret freeze records generated by a newer master, and will fail with a PANIC message. (In such a case, upgrading the standby should be sufficient to let it resume execution.) . * The upstream tarballs no longer contain a plain HISTORY file, but point to the html documentation. Note the location of these files in our changelog.gz file. * Teach configure to find tclsh8.6 where tclsh is not available. . [ Martin Pitt ] * Build with LINUX_OOM_SCORE_ADJ=0 instead of the older LINUX_OOM_ADJ=0. All relevant distro releases (>= squeeze/lucid) use kernels which support /proc/pid/oom_score_adj, so avoid the dmesg warnings. (Closes: #646245, LP: #991725) * Bump Standards-Version to 3.9.5 (no changes necessary). * Build with tcl8.6 where available (>= Jessie, >= trusty). Checksums-Sha1: a6a61e1447bc5a8159b45b91ae08dc638cf521b0 159126 libpq-dev_9.3.3-1_powerpc.deb 8dea5e466e68216aa6d60032335613a18596f80a 70298 libpq5_9.3.3-1_powerpc.deb 5b7daf39ec33f0361b2e1be49e30c5a10abec795 32082 libecpg6_9.3.3-1_powerpc.deb f742efb76d25b982ec952591abc23b6a0af9c97d 188230 libecpg-dev_9.3.3-1_powerpc.deb 2335706c396be18cc4ad997262bfa9612de7d707 10168 libecpg-compat3_9.3.3-1_powerpc.deb acfbb37e59f6b1d2f337033a5ccca7269debee26 37302 libpgtypes3_9.3.3-1_powerpc.deb 21f8bc93b665e6785c21db24651c26255063e43a 2301224 postgresql-9.3_9.3.3-1_powerpc.deb 128df6612546863b329399c267c97ee90722f21c 6839946 postgresql-9.3-dbg_9.3.3-1_powerpc.deb 32406c8e9229486afefb48112af2004eebc0e205 718902 postgresql-client-9.3_9.3.3-1_powerpc.deb 9918930ffc8cf3c5c265bed3b2c40787524e71db 593990 postgresql-server-dev-9.3_9.3.3-1_powerpc.deb 2911a9ad924d91d37439438edf76d035da941093 359246 postgresql-contrib-9.3_9.3.3-1_powerpc.deb 55d50f1778276023177c1a2aadc061b56abee71f 32652 postgresql-plperl-9.3_9.3.3-1_powerpc.deb 1b6f5de56e25403c777ebbcabdb56134b5cf6990 34084 postgresql-plpython-9.3_9.3.3-1_powerpc.deb a3845af22c2e467401503bafc8ce984b3c1baf57 33810 postgresql-plpython3-9.3_9.3.3-1_powerpc.deb 1533a193c9246d70112e85448258ddc5240b825d 20182 postgresql-pltcl-9.3_9.3.3-1_powerpc.deb 441a8813a9ef41a364f7907ecc91a0d7057a1dbf 5044860 postgresql-9.3_9.3.3-1_powerpc_translations.tar.gz Checksums-Sha256: 68cf8e11b9b5b890056a4b409fe955839a93d6a1dfcbe1f3f6dac50113839808 159126 libpq-dev_9.3.3-1_powerpc.deb 598d4bf4851479070a34008a03e2a6a2b1d53d647e446bf395e4af079e947dbe 70298 libpq5_9.3.3-1_powerpc.deb 48475d4a98cfbff29cec2d489a23af2cf21908c7bb4c39eaed5f4d14a9d1a6e2 32082 libecpg6_9.3.3-1_powerpc.deb 13ff151e14dac01250ff65e2235529cc0d98972e45d22db8ceb76f81027b19ae 188230 libecpg-dev_9.3.3-1_powerpc.deb be03f93d8138929470f25e5b43f390a7707fd11574ab9654e27bd40b7f823621 10168 libecpg-compat3_9.3.3-1_powerpc.deb 849a844ccd56153ad656e1309c6c988cb01d4b7ee30783acaa30b629a112f966 37302 libpgtypes3_9.3.3-1_powerpc.deb d823740282afe8854118afddd228be008b868e5d309b496f192804f79e7483d6 2301224 postgresql-9.3_9.3.3-1_powerpc.deb 0912a4cf26db778923ef3edece7f50782b07fe9de971e8c7dad52d7323edd662 6839946 postgresql-9.3-dbg_9.3.3-1_powerpc.deb b9486737a071285899ca5879b4d5e1e483e65351d1fac000d40525b710691d10 718902 postgresql-client-9.3_9.3.3-1_powerpc.deb b2f20d38803bd4c8b06e34713df537082fe9e73bd42202e92a08c40eacb9c8b2 593990 postgresql-server-dev-9.3_9.3.3-1_powerpc.deb 0164bf5c5e63e75153c1b9db65475389036a5ad51f08fe70850fb6ddeb29bcba 359246 postgresql-contrib-9.3_9.3.3-1_powerpc.deb 6439027bb55791480129617ca6ba9bb78978c7c6f67486356a56e5768739dcf4 32652 postgresql-plperl-9.3_9.3.3-1_powerpc.deb 3f3f4a275bd48a5bcb0ea9958713864ad6de10edf3940c181255a2aba19342ce 34084 postgresql-plpython-9.3_9.3.3-1_powerpc.deb 7bc4dda917c11cf97e02fd1a5fd05b6a5441cac8c27f213776d53adef41e97ec 33810 postgresql-plpython3-9.3_9.3.3-1_powerpc.deb db599582b56a04ddd780c0198d59afd8cef26e334f4326c28590c0dd95045df0 20182 postgresql-pltcl-9.3_9.3.3-1_powerpc.deb ee0d7fd9c22ac1c1a257f3574a7500ddfbc055e48cc4988d16c78766be90f2bf 5044860 postgresql-9.3_9.3.3-1_powerpc_translations.tar.gz Files: 89833bf83a9c31cba79a360e1edf6353 159126 libdevel optional libpq-dev_9.3.3-1_powerpc.deb 32ad07c590698343aa0939987085b174 70298 libs optional libpq5_9.3.3-1_powerpc.deb ca97e6c758fd7a9a6cb440ce165e93b8 32082 libs optional libecpg6_9.3.3-1_powerpc.deb 2c6bd2f6f497da83af383945bb7b1603 188230 libdevel optional libecpg-dev_9.3.3-1_powerpc.deb 12f31894d0215f70d359ec9dbd445745 10168 libs optional libecpg-compat3_9.3.3-1_powerpc.deb 58fba21da7cd2ef0f412ad0602385481 37302 libs optional libpgtypes3_9.3.3-1_powerpc.deb 1c25e1f0c9b39f27ccac04bf9337c340 2301224 database optional postgresql-9.3_9.3.3-1_powerpc.deb e74b0d5679dcb6c772c5cd720e046a3f 6839946 debug extra postgresql-9.3-dbg_9.3.3-1_powerpc.deb 2b7078f0289aead17de978403dde89d4 718902 database optional postgresql-client-9.3_9.3.3-1_powerpc.deb 447f2b5ffcb7f342c60c6543faf593cc 593990 libdevel optional postgresql-server-dev-9.3_9.3.3-1_powerpc.deb e600dc8025abe8c949642cfd05356251 359246 database optional postgresql-contrib-9.3_9.3.3-1_powerpc.deb 1e5a78efba4e47d9cbb95c086b304cfc 32652 database optional postgresql-plperl-9.3_9.3.3-1_powerpc.deb 6503dcd01a46470d48a9e68dd4056b53 34084 database optional postgresql-plpython-9.3_9.3.3-1_powerpc.deb 9de31d5d79df130ab68956742139152b 33810 database optional postgresql-plpython3-9.3_9.3.3-1_powerpc.deb 9959be927e33187aa2b6c1b413db9ee8 20182 database optional postgresql-pltcl-9.3_9.3.3-1_powerpc.deb 93a9c18807a525b621cc1d674090273c 5044860 raw-translations - postgresql-9.3_9.3.3-1_powerpc_translations.tar.gz