Format: 1.8 Date: Mon, 04 Jun 2012 09:03:09 +0200 Source: postgresql-8.4 Binary: libpq-dev libpq5 libecpg6 libecpg-dev libecpg-compat3 libpgtypes3 postgresql-8.4 postgresql-client-8.4 postgresql-server-dev-8.4 postgresql-doc-8.4 postgresql-contrib-8.4 postgresql-plperl-8.4 postgresql-plpython-8.4 postgresql-pltcl-8.4 postgresql postgresql-client postgresql-doc postgresql-contrib Architecture: all i386_translations i386 Version: 8.4.12-0ubuntu10.04 Distribution: lucid Urgency: low Maintainer: Ubuntu/amd64 Build Daemon Changed-By: Martin Pitt Description: libecpg-compat3 - older version of run-time library for ECPG programs libecpg-dev - development files for ECPG (Embedded PostgreSQL for C) libecpg6 - run-time library for ECPG programs libpgtypes3 - shared library libpgtypes for PostgreSQL 8.4 libpq-dev - header files for libpq5 (PostgreSQL library) libpq5 - PostgreSQL C client library postgresql - object-relational SQL database (supported version) postgresql-8.4 - object-relational SQL database, version 8.4 server postgresql-client - front-end programs for PostgreSQL (supported version) postgresql-client-8.4 - front-end programs for PostgreSQL 8.4 postgresql-contrib - additional facilities for PostgreSQL (supported version) postgresql-contrib-8.4 - additional facilities for PostgreSQL postgresql-doc - documentation for the PostgreSQL database management system postgresql-doc-8.4 - documentation for the PostgreSQL database management system postgresql-plperl-8.4 - PL/Perl procedural language for PostgreSQL 8.4 postgresql-plpython-8.4 - PL/Python procedural language for PostgreSQL 8.4 postgresql-pltcl-8.4 - PL/Tcl procedural language for PostgreSQL 8.4 postgresql-server-dev-8.4 - development files for PostgreSQL 8.4 server-side programming Launchpad-Bugs-Fixed: 1008317 Changes: postgresql-8.4 (8.4.12-0ubuntu10.04) lucid-security; urgency=low . * New upstream security/bug fix release: (LP: #1008317) - Fix incorrect password transformation in "contrib/pgcrypto"'s DES crypt() function. If a password string contained the byte value 0x80, the remainder of the password was ignored, causing the password to be much weaker than it appeared. With this fix, the rest of the string is properly included in the DES hash. Any stored password values that are affected by this bug will thus no longer match, so the stored values may need to be updated. (CVE-2012-2143) - Ignore SECURITY DEFINER and SET attributes for a procedural language's call handler. Applying such attributes to a call handler could crash the server. (CVE-2012-2655) - Allow numeric timezone offsets in timestamp input to be up to 16 hours away from UTC. Some historical time zones have offsets larger than 15 hours, the previous limit. This could result in dumped data values being rejected during reload. - Fix timestamp conversion to cope when the given time is exactly the last DST transition time for the current timezone. This oversight has been there a long time, but was not noticed previously because most DST-using zones are presumed to have an indefinite sequence of future DST transitions. - Fix text to name and char to name casts to perform string truncation correctly in multibyte encodings. - Fix memory copying bug in to_tsquery(). - Fix planner's handling of outer PlaceHolderVars within subqueries. This bug concerns sub-SELECTs that reference variables coming from the nullable side of an outer join of the surrounding query. In 9.1, queries affected by this bug would fail with "ERROR: Upper-level PlaceHolderVar found where not expected". But in 9.0 and 8.4, you'd silently get possibly-wrong answers, since the value transmitted into the subquery wouldn't go to null when it should. - Fix slow session startup when pg_attribute is very large. If pg_attribute exceeds one-fourth of shared_buffers, cache rebuilding code that is sometimes needed during session start would trigger the synchronized-scan logic, causing it to take many times longer than normal. The problem was particularly acute if many new sessions were starting at once. - Ensure sequential scans check for query cancel reasonably often. A scan encountering many consecutive pages that contain no live tuples would not respond to interrupts meanwhile. - Ensure the Windows implementation of PGSemaphoreLock() clears ImmediateInterruptOK before returning. This oversight meant that a query-cancel interrupt received later in the same query could be accepted at an unsafe time, with unpredictable but not good consequences. - Show whole-row variables safely when printing views or rules. Corner cases involving ambiguous names (that is, the name could be either a table or column name of the query) were printed in an ambiguous way, risking that the view or rule would be interpreted differently after dump and reload. Avoid the ambiguous case by attaching a no-op cast. - Fix "COPY FROM" to properly handle null marker strings that correspond to invalid encoding. A null marker string such as E'\\0' should work, and did work in the past, but the case got broken in 8.4. - Ensure autovacuum worker processes perform stack depth checking properly. Previously, infinite recursion in a function invoked by auto-"ANALYZE" could crash worker processes. - Fix logging collector to not lose log coherency under high load. The collector previously could fail to reassemble large messages if it got too busy. - Fix logging collector to ensure it will restart file rotation after receiving SIGHUP. - Fix WAL replay logic for GIN indexes to not fail if the index was subsequently dropped> - Fix memory leak in PL/pgSQL's "RETURN NEXT" command. - Fix PL/pgSQL's "GET DIAGNOSTICS" command when the target is the function's first variable. - Fix potential access off the end of memory in psql's expanded display ("\x") mode. - Fix several performance problems in pg_dump when the database contains many objects. pg_dump could get very slow if the database contained many schemas, or if many objects are in dependency loops, or if there are many owned sequences. - Fix "contrib/dblink"'s dblink_exec() to not leak temporary database connections upon error. - Fix "contrib/dblink" to report the correct connection name in error messages. Checksums-Sha1: fbb95c540888a0bec4f9142cc8e6861d73367b76 2188288 postgresql-doc-8.4_8.4.12-0ubuntu10.04_all.deb 3a007df5c44cf8d6c80f2e1d449b7fba50f8d9b4 2155919 postgresql-8.4_8.4.12-0ubuntu10.04_i386_translations.tar.gz 6be892496d394b1f3632a36db4dc51fdc17bf967 29508 postgresql_8.4.12-0ubuntu10.04_all.deb 2a28e253e49422346c9b16a304a8d0f6fe1008a7 29470 postgresql-client_8.4.12-0ubuntu10.04_all.deb 76048dd310ff8a9a614bed9f98d68bb9d6dc7aa5 3438 postgresql-doc_8.4.12-0ubuntu10.04_all.deb 41b5f45dd2f597ecabc680b90909fe3771eeda23 29370 postgresql-contrib_8.4.12-0ubuntu10.04_all.deb ae980221b227d526238753a35130c017df7f76ff 193664 libpq-dev_8.4.12-0ubuntu10.04_i386.deb 76bedd9c786778e54d860126d3b92349d90e02f1 95854 libpq5_8.4.12-0ubuntu10.04_i386.deb 411be53c83a10bea59a2d099c706df891db1c992 32484 libecpg6_8.4.12-0ubuntu10.04_i386.deb 49cc28019f8364ee83ff5a232d2684c799753642 226216 libecpg-dev_8.4.12-0ubuntu10.04_i386.deb 34c4a8063c2e0e13d8c04550dd18a83b45216d43 10572 libecpg-compat3_8.4.12-0ubuntu10.04_i386.deb 04ed7ff16129acca5afa77f9b9c38ea81f195b6e 60420 libpgtypes3_8.4.12-0ubuntu10.04_i386.deb eede9e23ece392a0d447172b26f2eae6946a0640 3909302 postgresql-8.4_8.4.12-0ubuntu10.04_i386.deb d220a7e0d8ad821961dee4a110a50bd906b80538 786932 postgresql-client-8.4_8.4.12-0ubuntu10.04_i386.deb c71da2c9d615a8e2a0c3322e7043b37e7c6fe337 646854 postgresql-server-dev-8.4_8.4.12-0ubuntu10.04_i386.deb d19172990fc02d8c03388dcecc0f353bf11ec296 372370 postgresql-contrib-8.4_8.4.12-0ubuntu10.04_i386.deb 50042d596d29a838c33da5fe4c44545205234ffa 57722 postgresql-plperl-8.4_8.4.12-0ubuntu10.04_i386.deb 18e11a481e9b2814cddcef1674d6ee4eee20e3c2 49874 postgresql-plpython-8.4_8.4.12-0ubuntu10.04_i386.deb cd1c3df66f3bc85696ad98b26ffab2217d4eb0af 48976 postgresql-pltcl-8.4_8.4.12-0ubuntu10.04_i386.deb Checksums-Sha256: 4dcfb13b1d39edfb8e71c8cbceba8d70d9016ceb585477750b0d64fc0d0db879 2188288 postgresql-doc-8.4_8.4.12-0ubuntu10.04_all.deb 0d740cce8505586f463f3f6896a6c1c8298c1111b6e71fd54dbbeaf4e1e89bff 2155919 postgresql-8.4_8.4.12-0ubuntu10.04_i386_translations.tar.gz 4ceb8850bfeb4246ca920d352dca1cccba9e45c7118003544081fa369a99cb76 29508 postgresql_8.4.12-0ubuntu10.04_all.deb 70d8dd4cfaf5990927fbef76a2f4048702a9013dda239ad1b10cc8af3bb3e681 29470 postgresql-client_8.4.12-0ubuntu10.04_all.deb 8f38a509724a396f9287daadd4abffeaa12bfc5bf533e80e0ca7ee47cab19b2f 3438 postgresql-doc_8.4.12-0ubuntu10.04_all.deb 8e329c598bc469f624c15039e45d3f3a67138e24c9b2cd25cc47c0c159b0c4eb 29370 postgresql-contrib_8.4.12-0ubuntu10.04_all.deb 08dc2a55875fe5f3df5f8c6cb9c4728314c914948bfb9da98f9bcfcce3d0b31f 193664 libpq-dev_8.4.12-0ubuntu10.04_i386.deb 1fb2aaef70effb0bce8f4122400438b00d71ef974399312d88afa382303b3348 95854 libpq5_8.4.12-0ubuntu10.04_i386.deb 2481707d2bc9a1a0e23ca43fa7d3fa257de28f5c801ac79b3ca8ca0cbbd30700 32484 libecpg6_8.4.12-0ubuntu10.04_i386.deb a6690d91a109aac057b74a4b12da347fa964a1dd690ed17902a3496cda3e03bf 226216 libecpg-dev_8.4.12-0ubuntu10.04_i386.deb 40956f89ee60b22bf0f50f183673ba7c3d5d64dae665c087aa9af988fd26a506 10572 libecpg-compat3_8.4.12-0ubuntu10.04_i386.deb 2b8a01bae9cab0ad7811a238b470b9812ccd080b27764b833d1eb1f0071bdcce 60420 libpgtypes3_8.4.12-0ubuntu10.04_i386.deb 1fb349481d3995ad51290e7f8e2802253c08f0977258d8c67c7a2cc45ea5846f 3909302 postgresql-8.4_8.4.12-0ubuntu10.04_i386.deb ab4825d4d21f6bd2b40376cd77f45b076202947d6e9646809b9495233b7363a0 786932 postgresql-client-8.4_8.4.12-0ubuntu10.04_i386.deb b8364d8c21a2bf5e2ed8f0b571dacd331b74861567c9119419a74666b869d388 646854 postgresql-server-dev-8.4_8.4.12-0ubuntu10.04_i386.deb 276b5957104899d55cd701dad4bf3a125300387fb9015426481bccbc946c4bf9 372370 postgresql-contrib-8.4_8.4.12-0ubuntu10.04_i386.deb 891d20b3744b928e23996cf5b521c23b7ac3a19d5432b85f0f316a5835eaa3bc 57722 postgresql-plperl-8.4_8.4.12-0ubuntu10.04_i386.deb aa0749a873485eea2fccefaea43590b4ce7b9cef09e4c3e4a70253f9cbf01280 49874 postgresql-plpython-8.4_8.4.12-0ubuntu10.04_i386.deb 88097df634324db49102645b5c0b3922deeca4b712a804d92b1f2a1c20584865 48976 postgresql-pltcl-8.4_8.4.12-0ubuntu10.04_i386.deb Files: aab591a4c0bff0439ca8824d1bf3d7ca 2188288 doc optional postgresql-doc-8.4_8.4.12-0ubuntu10.04_all.deb eb10d5cd7f044e44665662be1476ce3f 2155919 raw-translations - postgresql-8.4_8.4.12-0ubuntu10.04_i386_translations.tar.gz 74557c048d9a2b32667a8ff4ab76b3f4 29508 database optional postgresql_8.4.12-0ubuntu10.04_all.deb eadeaff502269386abf3ca2c015c996f 29470 database optional postgresql-client_8.4.12-0ubuntu10.04_all.deb b0f6680b5c8bd9ef507017cbf39f2415 3438 doc optional postgresql-doc_8.4.12-0ubuntu10.04_all.deb 500f71cc9b2e5735d02d7730271159e2 29370 database optional postgresql-contrib_8.4.12-0ubuntu10.04_all.deb 5b0370a8f88db37e1e62893c889f0cc9 193664 libdevel optional libpq-dev_8.4.12-0ubuntu10.04_i386.deb 84305569ba1bc60b965f781d0ca6f81d 95854 libs optional libpq5_8.4.12-0ubuntu10.04_i386.deb 200acec4436a335bcf9df2bc305e8ee7 32484 libs optional libecpg6_8.4.12-0ubuntu10.04_i386.deb 99be379d08c19fe36a7981697a79bfc1 226216 libdevel optional libecpg-dev_8.4.12-0ubuntu10.04_i386.deb c30b7502331e17e0e46146129107a64f 10572 libs optional libecpg-compat3_8.4.12-0ubuntu10.04_i386.deb 5da8bea9133805ac40fc885994eb4118 60420 libs optional libpgtypes3_8.4.12-0ubuntu10.04_i386.deb 330aea21cf6e6e43620ed3708e9cda81 3909302 database optional postgresql-8.4_8.4.12-0ubuntu10.04_i386.deb c5e49989b3dcd3da44ecb8ac3b3d8eee 786932 database optional postgresql-client-8.4_8.4.12-0ubuntu10.04_i386.deb eb51a7afd82c5f11b4b74cd14f59b73c 646854 libdevel optional postgresql-server-dev-8.4_8.4.12-0ubuntu10.04_i386.deb cebd45930b497830c92dd10d7689314e 372370 database optional postgresql-contrib-8.4_8.4.12-0ubuntu10.04_i386.deb 78b337343251492eaf89068584c30fa5 57722 database optional postgresql-plperl-8.4_8.4.12-0ubuntu10.04_i386.deb f20b98113509554fb17fd374a21d2b2f 49874 database optional postgresql-plpython-8.4_8.4.12-0ubuntu10.04_i386.deb aac527853a11a4fc2aa50d3600c55e66 48976 database optional postgresql-pltcl-8.4_8.4.12-0ubuntu10.04_i386.deb Original-Maintainer: Martin Pitt