Format: 1.8
Date: Tue, 05 Oct 2010 22:11:42 +0200
Source: postgresql-8.4
Binary: libpq-dev libpq5 libecpg6 libecpg-dev libecpg-compat3 libpgtypes3 postgresql-8.4 postgresql-client-8.4 postgresql-server-dev-8.4 postgresql-doc-8.4 postgresql-contrib-8.4 postgresql-plperl-8.4 postgresql-plpython-8.4 postgresql-pltcl-8.4 postgresql postgresql-client postgresql-doc postgresql-contrib
Architecture: all i386_translations i386
Version: 8.4.5-0ubuntu9.10
Distribution: karmic
Urgency: low
Maintainer: Ubuntu/i386 Build Daemon <buildd@vernadsky.buildd>
Changed-By: Martin Pitt <martin.pitt@ubuntu.com>
Description: 
 libecpg-compat3 - older version of run-time library for ECPG programs
 libecpg-dev - development files for ECPG (Embedded PostgreSQL for C)
 libecpg6   - run-time library for ECPG programs
 libpgtypes3 - shared library libpgtypes for PostgreSQL 8.4
 libpq-dev  - header files for libpq5 (PostgreSQL library)
 libpq5     - PostgreSQL C client library
 postgresql - object-relational SQL database (supported version)
 postgresql-8.4 - object-relational SQL database, version 8.4 server
 postgresql-client - front-end programs for PostgreSQL (supported version)
 postgresql-client-8.4 - front-end programs for PostgreSQL 8.4
 postgresql-contrib - additional facilities for PostgreSQL (supported version)
 postgresql-contrib-8.4 - additional facilities for PostgreSQL
 postgresql-doc - documentation for the PostgreSQL database management system
 postgresql-doc-8.4 - documentation for the PostgreSQL database management system
 postgresql-plperl-8.4 - PL/Perl procedural language for PostgreSQL 8.4
 postgresql-plpython-8.4 - PL/Python procedural language for PostgreSQL 8.4
 postgresql-pltcl-8.4 - PL/Tcl procedural language for PostgreSQL 8.4
 postgresql-server-dev-8.4 - development files for PostgreSQL 8.4 server-side programming
Changes: 
 postgresql-8.4 (8.4.5-0ubuntu9.10) karmic-security; urgency=low
 .
   * New upstream security/bug fix update: (LP: #655293)
     - Use a separate interpreter for each calling SQL userid in PL/Perl
       and PL/Tcl.
       This change prevents security problems that can be caused by
       subverting Perl or Tcl code that will be executed later in the same
       session under another SQL user identity (for example, within a
       SECURITY DEFINER function). Most scripting languages offer numerous
       ways that that might be done, such as redefining standard functions
       or operators called by the target function. Without this change,
       any SQL user with Perl or Tcl language usage rights can do
       essentially anything with the SQL privileges of the target
       function's owner.
       The cost of this change is that intentional communication among
       Perl and Tcl functions becomes more difficult. To provide an escape
       hatch, PL/PerlU and PL/TclU functions continue to use only one
       interpreter per session. This is not considered a security issue
       since all such functions execute at the trust level of a database
       superuser already.
       It is likely that third-party procedural languages that claim to
       offer trusted execution have similar security issues. We advise
       contacting the authors of any PL you are depending on for
       security-critical purposes.
       Our thanks to Tim Bunce for pointing out this issue
       (CVE-2010-3433).
     - Prevent possible crashes in pg_get_expr() by disallowing it from
       being called with an argument that is not one of the system catalog
       columns it's intended to be used with.
     - Fix incorrect placement of placeholder evaluation.
       This bug could result in query outputs being non-null when they
       should be null, in cases where the inner side of an outer join is a
       sub-select with non-strict expressions in its output list.
     - Fix possible duplicate scans of UNION ALL member relations.
     - Fix "cannot handle unplanned sub-select" error.
       This occurred when a sub-select contains a join alias reference
       that expands into an expression containing another sub-select.
     - Fix mishandling of whole-row Vars that reference a view or
       sub-select and appear within a nested sub-select.
     - Fix mishandling of cross-type IN comparisons.
       This could result in failures if the planner tried to implement an
       IN join with a sort-then-unique-then-plain-join plan.
     - Fix computation of "ANALYZE" statistics for tsvector columns.
       The original coding could produce incorrect statistics, leading to
       poor plan choices later.
     - Improve planner's estimate of memory used by array_agg(),
       string_agg(), and similar aggregate functions.
       The previous drastic underestimate could lead to out-of-memory
       failures due to inappropriate choice of a hash-aggregation plan.
     - Fix failure to mark cached plans as transient.
       If a plan is prepared while "CREATE INDEX CONCURRENTLY" is in
       progress for one of the referenced tables, it is supposed to be
       re-planned once the index is ready for use. This was not happening
       reliably.
     - Reduce PANIC to ERROR in some occasionally-reported btree failure
       cases, and provide additional detail in the resulting error
       messages.
       This should improve the system's robustness with corrupted indexes.
     - Fix incorrect search logic for partial-match queries with GIN
       indexes.
       Cases involving AND/OR combination of several GIN index conditions
       didn't always give the right answer, and were sometimes much slower
       than necessary.
     - Prevent show_session_authorization() from crashing within
       autovacuum processes.
     - Defend against functions returning setof record where not all the
       returned rows are actually of the same rowtype.
     - Fix possible corruption of pending trigger event lists during
       subtransaction rollback.
       This could lead to a crash or incorrect firing of triggers.
     - Fix possible failure when hashing a pass-by-reference function
       result.
     - Improve merge join's handling of NULLs in the join columns.
       A merge join can now stop entirely upon reaching the first NULL, if
       the sort order is such that NULLs sort high.
     - Take care to fsync the contents of lockfiles (both "postmaster.pid"
       and the socket lockfile) while writing them.
       This omission could result in corrupted lockfile contents if the
       machine crashes shortly after postmaster start. That could in turn
       prevent subsequent attempts to start the postmaster from
       succeeding, until the lockfile is manually removed.
     - Avoid recursion while assigning XIDs to heavily-nested
       subtransactions.
       The original coding could result in a crash if there was limited
       stack space.
     - Avoid holding open old WAL segments in the walwriter process.
       The previous coding would prevent removal of no-longer-needed
       segments.
     - Fix log_line_prefix's %i escape, which could produce junk early in
       backend startup.
     - Prevent misinterpretation of partially-specified relation options
       for TOAST tables.
       In particular, fillfactor would be read as zero if any other
       reloption had been set for the table, leading to serious bloat.
     - Fix inheritance count tracking in "ALTER TABLE ... ADD CONSTRAINT"
     - Fix possible data corruption in "ALTER TABLE ... SET TABLESPACE"
       when archiving is enabled.
     - Allow "CREATE DATABASE" and "ALTER DATABASE ... SET TABLESPACE" to
       be interrupted by query-cancel.
     - Improve "CREATE INDEX"'s checking of whether proposed index
       expressions are immutable.
     - Fix "REASSIGN OWNED" to handle operator classes and families.
     - Fix possible core dump when comparing two empty tsquery values.
     - Fix LIKE's handling of patterns containing % followed by _.
       We've fixed this before, but there were still some
       incorrectly-handled cases.
     - Re-allow input of Julian dates prior to 0001-01-01 AD.
       Input such as 'J100000'::date worked before 8.4, but was
       unintentionally broken by added error-checking.
     - Fix PL/pgSQL to throw an error, not crash, if a cursor is closed
       within a FOR loop that is iterating over that cursor.
     - In PL/Python, defend against null pointer results from
       PyCObject_AsVoidPtr and PyCObject_FromVoidPtr.
     - In libpq, fix full SSL certificate verification for the case where
       both host and hostaddr are specified.
     - Make psql recognize "DISCARD ALL" as a command that should not be
       encased in a transaction block in autocommit-off mode.
     - Fix some issues in pg_dump's handling of SQL/MED objects.
       Notably, pg_dump would always fail if run by a non-superuser, which
       was not intended.
     - Improve pg_dump and pg_restore's handling of non-seekable archive
       files.
       This is important for proper functioning of parallel restore.
     - Improve parallel pg_restore's ability to cope with selective
       restore (-L option).
       The original code tended to fail if the -L file commanded a
       non-default restore ordering.
     - Fix ecpg to process data from RETURNING clauses correctly.
     - Fix some memory leaks in ecpg.
     - Improve "contrib/dblink"'s handling of tables containing dropped
       columns.
     - Fix connection leak after "duplicate connection name" errors in
       "contrib/dblink".
     - Fix "contrib/dblink" to handle connection names longer than 62
       bytes correctly.
     - Add hstore(text, text) function to "contrib/hstore".
       This function is the recommended substitute for the now-deprecated
       => operator. It was back-patched so that future-proofed code can be
       used with older server versions. Note that the patch will be
       effective only after "contrib/hstore" is installed or reinstalled
       in a particular database. Users might prefer to execute the "CREATE
       FUNCTION" command by hand, instead.
     - Update build infrastructure and documentation to reflect the source
       code repository's move from CVS to Git.
Checksums-Sha1: 
 eb8ad9991a2df481b6b3909e0b8a226a32bf1c5f 1908112 postgresql-doc-8.4_8.4.5-0ubuntu9.10_all.deb
 1205ae8ac4e0b6849911315ac7ab308780cfbe37 1950072 postgresql-8.4_8.4.5-0ubuntu9.10_i386_translations.tar.gz
 33553f5c774d6855c694fe9d5c9c8498e1334304 17390 postgresql_8.4.5-0ubuntu9.10_all.deb
 ed08f0618dcfb5cffdf3149dfea05e8903489216 17358 postgresql-client_8.4.5-0ubuntu9.10_all.deb
 c075fcdc42af745c808f2358a9b37883a32e366e 3418 postgresql-doc_8.4.5-0ubuntu9.10_all.deb
 d6b35a99c0ae71e39bb8a76cd7aa103476ca952b 17256 postgresql-contrib_8.4.5-0ubuntu9.10_all.deb
 968f617a7f59f11da9b6ca25b9f402602b776d4c 192656 libpq-dev_8.4.5-0ubuntu9.10_i386.deb
 9e5507309d23ddc8dd0ea922edb8671cfeca1646 83464 libpq5_8.4.5-0ubuntu9.10_i386.deb
 9b7b937284ac2b9810878d8139e82445643c619e 32468 libecpg6_8.4.5-0ubuntu9.10_i386.deb
 a04165dd9e7f0236d0514a5b944191ae3fca84fd 225884 libecpg-dev_8.4.5-0ubuntu9.10_i386.deb
 82951b56c7d0720fe787f0550783dabe1dd0c971 10614 libecpg-compat3_8.4.5-0ubuntu9.10_i386.deb
 f95ea46aef5c267054ce30ee338da16b61c58cb4 47652 libpgtypes3_8.4.5-0ubuntu9.10_i386.deb
 83188e3bae8ce73eaa92f66048e18fb2f2feeb4d 3898280 postgresql-8.4_8.4.5-0ubuntu9.10_i386.deb
 cf146d0874df8b943fb2c6538f3c8fceceb9b3da 785948 postgresql-client-8.4_8.4.5-0ubuntu9.10_i386.deb
 cc2f96d1611e9785fc3f98c6a6f498da397916db 625918 postgresql-server-dev-8.4_8.4.5-0ubuntu9.10_i386.deb
 6374284554746f753d4686cccea07d8e86e2062b 370462 postgresql-contrib-8.4_8.4.5-0ubuntu9.10_i386.deb
 bd216dd82028a8744097ef0adffbc05931371039 45082 postgresql-plperl-8.4_8.4.5-0ubuntu9.10_i386.deb
 99e6f0591389964bdb0223eaf062d9a276610176 37188 postgresql-plpython-8.4_8.4.5-0ubuntu9.10_i386.deb
 446d5a1ce11c86f08aaaa7b1d3b41142cf0a8d9a 36222 postgresql-pltcl-8.4_8.4.5-0ubuntu9.10_i386.deb
Checksums-Sha256: 
 40b9c2265547bf3168c230235fc88b5aad5fee6bbac5d370d08d00f4aa67f43b 1908112 postgresql-doc-8.4_8.4.5-0ubuntu9.10_all.deb
 52180f793e5c4a5b460f844ac70668fb31514899908abf0e4a3f7b512436e76d 1950072 postgresql-8.4_8.4.5-0ubuntu9.10_i386_translations.tar.gz
 f834ff6c977e9233b0560504965f40d354a6141ff98d432adc71ed5643df7d0f 17390 postgresql_8.4.5-0ubuntu9.10_all.deb
 5332a28d0ce8a7ba66277aef71b387998fff3713384e0c1d12f696455487daff 17358 postgresql-client_8.4.5-0ubuntu9.10_all.deb
 fc4aced0ef9b31a1a2930278371a0f84f1979991939984454a26b9d8f36c820d 3418 postgresql-doc_8.4.5-0ubuntu9.10_all.deb
 6ae6fdfcc5eefc969d9fb203651f8546fdf0526f6e46f4a10f8c90cd936b718b 17256 postgresql-contrib_8.4.5-0ubuntu9.10_all.deb
 76a7381c3a43cad91f4d7bf07dfb006e5ad4d753ba1fec710bf2ea6475ff32a1 192656 libpq-dev_8.4.5-0ubuntu9.10_i386.deb
 e74716fc685543ae8931ea1d942473e85c63969d48a1ab9d93378e45544bc418 83464 libpq5_8.4.5-0ubuntu9.10_i386.deb
 20bb7b7c4a57906ac50477dc0b6156297f265c65568e324dd2e1081e20c78954 32468 libecpg6_8.4.5-0ubuntu9.10_i386.deb
 b1adf1621fe13905db0ccf4d9f545708b2beb364bbc1d00711ec8961803a4127 225884 libecpg-dev_8.4.5-0ubuntu9.10_i386.deb
 b4c92b742ebb1f09a180a905f4818e2e389dd3a01d636848b68100e5baf7e62d 10614 libecpg-compat3_8.4.5-0ubuntu9.10_i386.deb
 d58954837a7be051cdb8ae1e4cadeca1825e2ea2eb981bfe349a7f2a0ca3d0ef 47652 libpgtypes3_8.4.5-0ubuntu9.10_i386.deb
 b893e25852623ccb7a9369cf90bfa93666c810edf5a8145cde27075e114e08dd 3898280 postgresql-8.4_8.4.5-0ubuntu9.10_i386.deb
 42f60fc8010d382fefb2785413ce17bf8d91c46aa6985fb9dadf31050967fe76 785948 postgresql-client-8.4_8.4.5-0ubuntu9.10_i386.deb
 977ff2e92fb2e3ea1fb92e215f3a22df8628056768f896400f9fab9d99dea8c8 625918 postgresql-server-dev-8.4_8.4.5-0ubuntu9.10_i386.deb
 8ff4d1176a22bfa51a03221b9812f897c984429463c6dbf453b6bb4d3176ecc4 370462 postgresql-contrib-8.4_8.4.5-0ubuntu9.10_i386.deb
 8845850303af01a7d8bbe43dbf9465d48bf4c6d2253b51b4eb39229fc373aca4 45082 postgresql-plperl-8.4_8.4.5-0ubuntu9.10_i386.deb
 8f3be5e28b1717f532e739ac83da010eb4b42e9fe23405e2d96ea4e1a161503f 37188 postgresql-plpython-8.4_8.4.5-0ubuntu9.10_i386.deb
 8a1262962926a75d6796a0314694c43499e2ce50bde489893ade7723b9fa9adc 36222 postgresql-pltcl-8.4_8.4.5-0ubuntu9.10_i386.deb
Files: 
 c60dc791e5e4a8f0fb4c85122a60f2e1 1908112 doc optional postgresql-doc-8.4_8.4.5-0ubuntu9.10_all.deb
 8c9c7734c267553c157305a562f44db6 1950072 raw-translations - postgresql-8.4_8.4.5-0ubuntu9.10_i386_translations.tar.gz
 96c87788ba4420dadb61489ccb68f76f 17390 database optional postgresql_8.4.5-0ubuntu9.10_all.deb
 8be8229505571fe6afc7d7e0d8975e19 17358 database optional postgresql-client_8.4.5-0ubuntu9.10_all.deb
 c6bd01af2265c99478a7ab4166589a16 3418 doc optional postgresql-doc_8.4.5-0ubuntu9.10_all.deb
 98b3abfe155279a909af90bf86a7542d 17256 database optional postgresql-contrib_8.4.5-0ubuntu9.10_all.deb
 19147f1b88e9c48563a9e25818d810f2 192656 libdevel optional libpq-dev_8.4.5-0ubuntu9.10_i386.deb
 c2f06e62c0169e19b263b28eec8cf628 83464 libs optional libpq5_8.4.5-0ubuntu9.10_i386.deb
 fbd6bdc5285aa50d1140a7b4f6da4599 32468 libs optional libecpg6_8.4.5-0ubuntu9.10_i386.deb
 e401b9d741ff3d23ef94584f64ffeff6 225884 libdevel optional libecpg-dev_8.4.5-0ubuntu9.10_i386.deb
 6a56579c2236d0fc4bf27dfef16c0272 10614 libs optional libecpg-compat3_8.4.5-0ubuntu9.10_i386.deb
 a5ff2f5cc68c77cf6ef39467beb3ccac 47652 libs optional libpgtypes3_8.4.5-0ubuntu9.10_i386.deb
 ea52d2ed276de4adf8e07f0deb785b93 3898280 database optional postgresql-8.4_8.4.5-0ubuntu9.10_i386.deb
 be5e0bee22e71fba09cf905f4c512f9b 785948 database optional postgresql-client-8.4_8.4.5-0ubuntu9.10_i386.deb
 25158c6f9619a6f6a7545034143e52de 625918 libdevel optional postgresql-server-dev-8.4_8.4.5-0ubuntu9.10_i386.deb
 a77fb48e682a696826ca3e3f45946368 370462 database optional postgresql-contrib-8.4_8.4.5-0ubuntu9.10_i386.deb
 c95cd9ab31e3d27e741cb2ca4fcf5691 45082 database optional postgresql-plperl-8.4_8.4.5-0ubuntu9.10_i386.deb
 7223dc12bd7a79a5680d4b136f826cb6 37188 database optional postgresql-plpython-8.4_8.4.5-0ubuntu9.10_i386.deb
 ccb84aa5e1fa63cdace82967cd7dccc0 36222 database optional postgresql-pltcl-8.4_8.4.5-0ubuntu9.10_i386.deb
Launchpad-Bugs-Fixed: 655293
Original-Maintainer: Martin Pitt <mpitt@debian.org>