-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA256 Format: 1.8 Date: Mon, 04 Jun 2012 09:53:26 +0200 Source: postgresql-8.4 Binary: libpq-dev libpq5 libecpg6 libecpg-dev libecpg-compat3 libpgtypes3 postgresql-8.4 postgresql-client-8.4 postgresql-server-dev-8.4 postgresql-doc-8.4 postgresql-contrib-8.4 postgresql-plperl-8.4 postgresql-plpython-8.4 postgresql-pltcl-8.4 postgresql postgresql-client postgresql-doc postgresql-contrib Architecture: source all amd64 Version: 8.4.12-0squeeze1 Distribution: stable-security Urgency: low Maintainer: Martin Pitt <mpitt@debian.org> Changed-By: Martin Pitt <mpitt@debian.org> Description: libecpg-compat3 - older version of run-time library for ECPG programs libecpg-dev - development files for ECPG (Embedded PostgreSQL for C) libecpg6 - run-time library for ECPG programs libpgtypes3 - shared library libpgtypes for PostgreSQL 8.4 libpq-dev - header files for libpq5 (PostgreSQL library) libpq5 - PostgreSQL C client library postgresql - object-relational SQL database (supported version) postgresql-8.4 - object-relational SQL database, version 8.4 server postgresql-client - front-end programs for PostgreSQL (supported version) postgresql-client-8.4 - front-end programs for PostgreSQL 8.4 postgresql-contrib - additional facilities for PostgreSQL (supported version) postgresql-contrib-8.4 - additional facilities for PostgreSQL postgresql-doc - documentation for the PostgreSQL database management system postgresql-doc-8.4 - documentation for the PostgreSQL database management system postgresql-plperl-8.4 - PL/Perl procedural language for PostgreSQL 8.4 postgresql-plpython-8.4 - PL/Python procedural language for PostgreSQL 8.4 postgresql-pltcl-8.4 - PL/Tcl procedural language for PostgreSQL 8.4 postgresql-server-dev-8.4 - development files for PostgreSQL 8.4 server-side programming Changes: postgresql-8.4 (8.4.12-0squeeze1) stable-security; urgency=low . * New upstream security/bug fix release: - Fix incorrect password transformation in "contrib/pgcrypto"'s DES crypt() function. If a password string contained the byte value 0x80, the remainder of the password was ignored, causing the password to be much weaker than it appeared. With this fix, the rest of the string is properly included in the DES hash. Any stored password values that are affected by this bug will thus no longer match, so the stored values may need to be updated. (CVE-2012-2143) - Ignore SECURITY DEFINER and SET attributes for a procedural language's call handler. Applying such attributes to a call handler could crash the server. (CVE-2012-2655) - Allow numeric timezone offsets in timestamp input to be up to 16 hours away from UTC. Some historical time zones have offsets larger than 15 hours, the previous limit. This could result in dumped data values being rejected during reload. - Fix timestamp conversion to cope when the given time is exactly the last DST transition time for the current timezone. This oversight has been there a long time, but was not noticed previously because most DST-using zones are presumed to have an indefinite sequence of future DST transitions. - Fix text to name and char to name casts to perform string truncation correctly in multibyte encodings. - Fix memory copying bug in to_tsquery(). - Fix planner's handling of outer PlaceHolderVars within subqueries. This bug concerns sub-SELECTs that reference variables coming from the nullable side of an outer join of the surrounding query. In 9.1, queries affected by this bug would fail with "ERROR: Upper-level PlaceHolderVar found where not expected". But in 9.0 and 8.4, you'd silently get possibly-wrong answers, since the value transmitted into the subquery wouldn't go to null when it should. - Fix slow session startup when pg_attribute is very large. If pg_attribute exceeds one-fourth of shared_buffers, cache rebuilding code that is sometimes needed during session start would trigger the synchronized-scan logic, causing it to take many times longer than normal. The problem was particularly acute if many new sessions were starting at once. - Ensure sequential scans check for query cancel reasonably often. A scan encountering many consecutive pages that contain no live tuples would not respond to interrupts meanwhile. - Ensure the Windows implementation of PGSemaphoreLock() clears ImmediateInterruptOK before returning. This oversight meant that a query-cancel interrupt received later in the same query could be accepted at an unsafe time, with unpredictable but not good consequences. - Show whole-row variables safely when printing views or rules. Corner cases involving ambiguous names (that is, the name could be either a table or column name of the query) were printed in an ambiguous way, risking that the view or rule would be interpreted differently after dump and reload. Avoid the ambiguous case by attaching a no-op cast. - Fix "COPY FROM" to properly handle null marker strings that correspond to invalid encoding. A null marker string such as E'\\0' should work, and did work in the past, but the case got broken in 8.4. - Ensure autovacuum worker processes perform stack depth checking properly. Previously, infinite recursion in a function invoked by auto-"ANALYZE" could crash worker processes. - Fix logging collector to not lose log coherency under high load. The collector previously could fail to reassemble large messages if it got too busy. - Fix logging collector to ensure it will restart file rotation after receiving SIGHUP. - Fix WAL replay logic for GIN indexes to not fail if the index was subsequently dropped> - Fix memory leak in PL/pgSQL's "RETURN NEXT" command. - Fix PL/pgSQL's "GET DIAGNOSTICS" command when the target is the function's first variable. - Fix potential access off the end of memory in psql's expanded display ("\x") mode. - Fix several performance problems in pg_dump when the database contains many objects. pg_dump could get very slow if the database contained many schemas, or if many objects are in dependency loops, or if there are many owned sequences. - Fix "contrib/dblink"'s dblink_exec() to not leak temporary database connections upon error. - Fix "contrib/dblink" to report the correct connection name in error messages. * debian/patches/15-revert-typmod-check.patch: Unfuzz to apply to new version. * debian/control: Move bzr branches to alioth, so that other members of pkg-postgresql can commit. Update Vcs-* tags. Checksums-Sha1: 563bad647ebd16fe055a7dfac9555159499d0d02 2532 postgresql-8.4_8.4.12-0squeeze1.dsc 53a17cd0f104bcad112925d3c6fc2e29e1f89c8e 18193373 postgresql-8.4_8.4.12.orig.tar.gz 1141309dfe737633df5a6db5ab242edf0a9a639e 56959 postgresql-8.4_8.4.12-0squeeze1.diff.gz ccb74ba7785a6af747d3cc6c4d315a93cd1f43d1 2188736 postgresql-doc-8.4_8.4.12-0squeeze1_all.deb 94765e93b61320e81792f2bf9959c52d22db2cae 29786 postgresql_8.4.12-0squeeze1_all.deb a16d35767a535d139ab3b53c0c57581d07ef02df 29756 postgresql-client_8.4.12-0squeeze1_all.deb ed3f5b03a09ab30617dce41352a3098de3a0396a 29600 postgresql-doc_8.4.12-0squeeze1_all.deb 57363fa90d3d454421f55d6a9fc898ddc226d059 29654 postgresql-contrib_8.4.12-0squeeze1_all.deb 5e6cb1022b4e2619c407a16c29820faae13f91fa 248768 libpq-dev_8.4.12-0squeeze1_amd64.deb 67ad89ecfb8b696b4f337f64ba57df9c44b75c23 169866 libpq5_8.4.12-0squeeze1_amd64.deb f325e89562c8ab6d8cf006e502c03a5c6aa69b55 103016 libecpg6_8.4.12-0squeeze1_amd64.deb 3d356d07d085f17224c473e7727df8d48d27c6e2 267682 libecpg-dev_8.4.12-0squeeze1_amd64.deb f139707aced2d0d7536f5c461b32c0e6051f26ad 37754 libecpg-compat3_8.4.12-0squeeze1_amd64.deb feb07ad7eb12349b9926c563555f454ece995b09 61474 libpgtypes3_8.4.12-0squeeze1_amd64.deb e7cc40feb263c17ede3b50dfcc557be91b51e8b0 5492164 postgresql-8.4_8.4.12-0squeeze1_amd64.deb 703810c8d1b296d35075c9913641f07902e956f4 1539260 postgresql-client-8.4_8.4.12-0squeeze1_amd64.deb 6323d191f5bca4f464b0d4fa432a2d86e56509da 646296 postgresql-server-dev-8.4_8.4.12-0squeeze1_amd64.deb 14995640b50fa7e7858a580c3ead7d5b4f254a44 440716 postgresql-contrib-8.4_8.4.12-0squeeze1_amd64.deb 5fd5901f037e0eee27c944f788cd1db3ac2dd75d 67074 postgresql-plperl-8.4_8.4.12-0squeeze1_amd64.deb d77a03eac98e84618f1283d18f274abd6a66baf7 68462 postgresql-plpython-8.4_8.4.12-0squeeze1_amd64.deb 0dd8086e17ea81f4606b25a09eaa89e7411bf6cd 52906 postgresql-pltcl-8.4_8.4.12-0squeeze1_amd64.deb Checksums-Sha256: 10226a5a775ec973d2a7feaaeae85795149f78bb57cf8c3aa87b8d8ae28afb4e 2532 postgresql-8.4_8.4.12-0squeeze1.dsc 0cd614f0f0f149d683aa1fbdefd7d873282cfdefada5a687d2644457c855d4f2 18193373 postgresql-8.4_8.4.12.orig.tar.gz dbb3b7bf4b07bfa49c17f83866c398c0a564a574be37a527154942de75929229 56959 postgresql-8.4_8.4.12-0squeeze1.diff.gz c1c5d51dcbbaa890c6ecbdad729f4dcc5fb07a727d9e7cc58d435a5ac3345c37 2188736 postgresql-doc-8.4_8.4.12-0squeeze1_all.deb e772ae54771d5fbe990d644209a5c2ff1b92ef27301cc3afa3984ff432e4985c 29786 postgresql_8.4.12-0squeeze1_all.deb 16b9da595487a7bbaa79ce81d22e9cfd56c63fc93bea91bcb578b1276b64020d 29756 postgresql-client_8.4.12-0squeeze1_all.deb 109c05b18f8c1027664e45b402ce111d995523cd4e01768957789fd8fc6ed87b 29600 postgresql-doc_8.4.12-0squeeze1_all.deb 589411809b2a05481d0bd4a19986878f4e006458b63ccfebf0290dd1794ba7a3 29654 postgresql-contrib_8.4.12-0squeeze1_all.deb 997e38cd8f4f26bd5f20ea943b1e245bb0ec641f15435eaee862b127f9cd89a7 248768 libpq-dev_8.4.12-0squeeze1_amd64.deb dc8407792befd671e4bcdc69b9ede808ea3dc20c3340186b45fd6c9df1fe0032 169866 libpq5_8.4.12-0squeeze1_amd64.deb 35ddc8f6b139a273e06e2941ffb2c6ce8889143fbe836ace3ac309255ea4a768 103016 libecpg6_8.4.12-0squeeze1_amd64.deb c0cfa58107184be2d6bf0f3b06e2d07b7c433f9ca5c220b6285b198bd0442aed 267682 libecpg-dev_8.4.12-0squeeze1_amd64.deb 909102300aae5c781cabac2304300101de65db795b540f6d78da37ea1a6d5335 37754 libecpg-compat3_8.4.12-0squeeze1_amd64.deb a4607c6e6a8676086c064bb6fc3ba4de5fd1502576231df6f96098973a585c36 61474 libpgtypes3_8.4.12-0squeeze1_amd64.deb 708297238c2957bc76824050a0cca9e02caf8a6da8d3a88697ca6669fe43ca5f 5492164 postgresql-8.4_8.4.12-0squeeze1_amd64.deb 44db821bf855aa4b92939894b7c1bcfc980efbe5b4facf6500e633323330ab2a 1539260 postgresql-client-8.4_8.4.12-0squeeze1_amd64.deb d2c64442e9c085be8718cd03e7c1b5e11884e0ce6f2beb6896ccb119d63a834d 646296 postgresql-server-dev-8.4_8.4.12-0squeeze1_amd64.deb 83c0a267ab18c972041d565a63a5294bc2453e8a7bd7b18d7bb133813b5404ec 440716 postgresql-contrib-8.4_8.4.12-0squeeze1_amd64.deb 8e87d5809de131b7e0b185dfad6816a241772d940ba28792f3010c20adc864a9 67074 postgresql-plperl-8.4_8.4.12-0squeeze1_amd64.deb e1451f5b5f2ba411bcb46686d67d8b42f7c44e9093979922707b7625fbc21d98 68462 postgresql-plpython-8.4_8.4.12-0squeeze1_amd64.deb c4d6ec39368364114b9bd35cda27d27cfe06327b8b9581cc19e2ccbe83be1d44 52906 postgresql-pltcl-8.4_8.4.12-0squeeze1_amd64.deb Files: a2eb88bfb30096ec294fa2980b024d69 2532 database optional postgresql-8.4_8.4.12-0squeeze1.dsc 2e7c6e16fe19e9597e2882fe47c7d3fd 18193373 database optional postgresql-8.4_8.4.12.orig.tar.gz c114914466a23b7f14a1374a67fcc173 56959 database optional postgresql-8.4_8.4.12-0squeeze1.diff.gz 0fc98591e4526a09be186d1265cc2f0e 2188736 doc optional postgresql-doc-8.4_8.4.12-0squeeze1_all.deb 539e2b44cbd196fcb77ecd0421b97a3f 29786 database optional postgresql_8.4.12-0squeeze1_all.deb 8676c9b87c84d5ce55cb4f8a5f4f933e 29756 database optional postgresql-client_8.4.12-0squeeze1_all.deb f8d259cc5eb0f3443ca233fdb07f88c6 29600 doc optional postgresql-doc_8.4.12-0squeeze1_all.deb 2d71e4ab16c7dd764777ca038c11fe4b 29654 database optional postgresql-contrib_8.4.12-0squeeze1_all.deb 31c57806b6dc4d5c4f33a665bc303ba5 248768 libdevel optional libpq-dev_8.4.12-0squeeze1_amd64.deb 5ca718364396faa254b710c9b46e139b 169866 libs optional libpq5_8.4.12-0squeeze1_amd64.deb 3ab37b7490ea19d37fc017297e5b7e5d 103016 libs optional libecpg6_8.4.12-0squeeze1_amd64.deb 1d8743ad6423e56e6af6a59ab5352671 267682 libdevel optional libecpg-dev_8.4.12-0squeeze1_amd64.deb 73d6290e1c0924ba585238b63609eb40 37754 libs optional libecpg-compat3_8.4.12-0squeeze1_amd64.deb 70570359fe18dc95882e6e77401af846 61474 libs optional libpgtypes3_8.4.12-0squeeze1_amd64.deb b91006d42577e83f784ea878546dc7aa 5492164 database optional postgresql-8.4_8.4.12-0squeeze1_amd64.deb 681eecb2a8e9ec2e4a7bf8e95997c866 1539260 database optional postgresql-client-8.4_8.4.12-0squeeze1_amd64.deb baff18cf607ac12c3335dd67d209b706 646296 libdevel optional postgresql-server-dev-8.4_8.4.12-0squeeze1_amd64.deb 4087c1f2cfba19ba548052c69826beba 440716 database optional postgresql-contrib-8.4_8.4.12-0squeeze1_amd64.deb 035761ceae13b43075ef5254c611e96a 67074 database optional postgresql-plperl-8.4_8.4.12-0squeeze1_amd64.deb 907f3c1ac076c5d4353eb84a038e599f 68462 database optional postgresql-plpython-8.4_8.4.12-0squeeze1_amd64.deb 25dca493415158b5da5998484f6c1502 52906 database optional postgresql-pltcl-8.4_8.4.12-0squeeze1_amd64.deb -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.4.10 (GNU/Linux) iQIcBAEBCAAGBQJPzGvOAAoJEPmIJawmtHuffT0P/2w28iBrWGIeMWk84coVbQgW SBKfcOFwEp78Nojh7MbBPSmU11SNIEZ28OlYofpbsU14/vbUWZyCTdldWkN4SEEq nB7LVY/mSTgi9w7n+WR3u04TWUpNW3V99r+b62luEJsJtm1FM5T/OUYujOZr6R65 ILL5NIQhlw0a5/QoSmK4nFXlnxRRWpQG6byHHi915TnMFq7JzwElzU7MUbqk3gaC /mfPwkakYMNGEQT0/9k2jSopKvj7JSL4ZbgdebMEFiBJr8UD0kr+J3eF+XMoOKz8 uXtd0G4GJTbW/MSAFmDjlIrVxTT0AV9MwIE+eeFyCZMg1XN6cqOV4OGoBY4NlBP0 gfV6cCHkoVfyamb5yMLK5brnzM3+qGU+HsrBQhnOH+1J4FoC/fRfTwmH/QG06oDB V/FL2hgN33Z3bH70VfkW6MrNA3fD2Xi5A/rwWBApFjR1zdL5Wde8qS7vc6Oi89Qg 3732u1QHIt5QpuLZOBXC+mh2fqV83lZNDze+R5hefK+20YWgly21TQNEEEOacSLC iltyo47NzWLqQ5xVSP2x2uvBpdXs5oU5zl5GICpQlmz4BHSDeytL7s55vTqhX7kZ 0V3wqpSgDsImPDOWz53Ldrto7mREGQhz6jkBUg48yRJ/YIMMpdpe2K7Y+fC2ohci wD9xFGZeECxzd2xQc46P =fxnd -----END PGP SIGNATURE----- Accepted: libecpg-compat3_8.4.12-0squeeze1_amd64.deb to main/p/postgresql-8.4/libecpg-compat3_8.4.12-0squeeze1_amd64.deb libecpg-dev_8.4.12-0squeeze1_amd64.deb to main/p/postgresql-8.4/libecpg-dev_8.4.12-0squeeze1_amd64.deb libecpg6_8.4.12-0squeeze1_amd64.deb to main/p/postgresql-8.4/libecpg6_8.4.12-0squeeze1_amd64.deb libpgtypes3_8.4.12-0squeeze1_amd64.deb to main/p/postgresql-8.4/libpgtypes3_8.4.12-0squeeze1_amd64.deb libpq-dev_8.4.12-0squeeze1_amd64.deb to main/p/postgresql-8.4/libpq-dev_8.4.12-0squeeze1_amd64.deb libpq5_8.4.12-0squeeze1_amd64.deb to main/p/postgresql-8.4/libpq5_8.4.12-0squeeze1_amd64.deb postgresql-8.4_8.4.12-0squeeze1.diff.gz to main/p/postgresql-8.4/postgresql-8.4_8.4.12-0squeeze1.diff.gz postgresql-8.4_8.4.12-0squeeze1.dsc to main/p/postgresql-8.4/postgresql-8.4_8.4.12-0squeeze1.dsc postgresql-8.4_8.4.12-0squeeze1_amd64.deb to main/p/postgresql-8.4/postgresql-8.4_8.4.12-0squeeze1_amd64.deb postgresql-client-8.4_8.4.12-0squeeze1_amd64.deb to main/p/postgresql-8.4/postgresql-client-8.4_8.4.12-0squeeze1_amd64.deb postgresql-client_8.4.12-0squeeze1_all.deb to main/p/postgresql-8.4/postgresql-client_8.4.12-0squeeze1_all.deb postgresql-contrib-8.4_8.4.12-0squeeze1_amd64.deb to main/p/postgresql-8.4/postgresql-contrib-8.4_8.4.12-0squeeze1_amd64.deb postgresql-contrib_8.4.12-0squeeze1_all.deb to main/p/postgresql-8.4/postgresql-contrib_8.4.12-0squeeze1_all.deb postgresql-doc-8.4_8.4.12-0squeeze1_all.deb to main/p/postgresql-8.4/postgresql-doc-8.4_8.4.12-0squeeze1_all.deb postgresql-doc_8.4.12-0squeeze1_all.deb to main/p/postgresql-8.4/postgresql-doc_8.4.12-0squeeze1_all.deb postgresql-plperl-8.4_8.4.12-0squeeze1_amd64.deb to main/p/postgresql-8.4/postgresql-plperl-8.4_8.4.12-0squeeze1_amd64.deb postgresql-plpython-8.4_8.4.12-0squeeze1_amd64.deb to main/p/postgresql-8.4/postgresql-plpython-8.4_8.4.12-0squeeze1_amd64.deb postgresql-pltcl-8.4_8.4.12-0squeeze1_amd64.deb to main/p/postgresql-8.4/postgresql-pltcl-8.4_8.4.12-0squeeze1_amd64.deb postgresql-server-dev-8.4_8.4.12-0squeeze1_amd64.deb to main/p/postgresql-8.4/postgresql-server-dev-8.4_8.4.12-0squeeze1_amd64.deb postgresql_8.4.12-0squeeze1_all.deb to main/p/postgresql-8.4/postgresql_8.4.12-0squeeze1_all.deb