-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1
Format: 1.7
Date: Sun, 4 Feb 2007 20:02:05 +0100
Source: postgresql-8.1
Binary: postgresql-8.1 postgresql-pltcl-8.1 postgresql-plperl-8.1 libpgtypes2 libpq-dev libpq4 postgresql-doc-8.1 postgresql-plpython-8.1 libecpg5 libecpg-compat2 libecpg-dev postgresql-client-8.1 postgresql-contrib-8.1 postgresql-server-dev-8.1
Architecture: source i386 all
Version: 8.1.7-1
Distribution: unstable
Urgency: high
Maintainer: Martin Pitt <mpitt@debian.org>
Changed-By: Martin Pitt <mpitt@debian.org>
Description:
libecpg-compat2 - older version of run-time library for ECPG programs
libecpg-dev - development files for ECPG (Embedded PostgreSQL for C)
libecpg5 - run-time library for ECPG programs
libpgtypes2 - shared library libpgtypes for PostgreSQL 8.1
libpq-dev - header files for libpq4 (PostgreSQL library)
libpq4 - PostgreSQL C client library
postgresql-8.1 - object-relational SQL database, version 8.1 server
postgresql-client-8.1 - front-end programs for PostgreSQL 8.1
postgresql-contrib-8.1 - additional facilities for PostgreSQL
postgresql-doc-8.1 - documentation for the PostgreSQL database management system
postgresql-plperl-8.1 - PL/Perl procedural language for PostgreSQL 8.1
postgresql-plpython-8.1 - PL/Python procedural language for PostgreSQL 8.1
postgresql-pltcl-8.1 - PL/Tcl procedural language for PostgreSQL 8.1
postgresql-server-dev-8.1 - development files for PostgreSQL 8.1 server-side programming
Changes:
postgresql-8.1 (8.1.7-1) unstable; urgency=high
.
* New upstream security and bug fix release:
- Fix security vulnerabilities that allowed connected users to
read backend memory.
The vulnerabilities involve suppressing the normal check that a SQL
function returns the data type it's declared to, and changing the
data type of a table column (CVE-2007-0555, CVE-2007-0556). These
errors can easily be exploited to cause a backend crash, and in
principle might be used to read database content that the user
should not be able to access.
- Fix rare bug wherein btree index page splits could fail due to
choosing an infeasible split point.
- Improve "VACUUM" performance for databases with many tables.
- Fix autovacuum to avoid leaving non-permanent transaction IDs in
non-connectable databases.
- Fix for rare Assert() crash triggered by UNION.
- Tighten security of multi-byte character processing for UTF8
sequences over three bytes long.
- Fix possible crashes when an already-in-use pl/pgsql function is
updated.
* Urgency high: security relevant changes and critical bug fixes.
Files:
e3d71bbbebcb5af9137785655619a2e7 1158 misc optional postgresql-8.1_8.1.7-1.dsc
2fee0e657ea6772a495e15fb1cd008bf 11399892 misc optional postgresql-8.1_8.1.7.orig.tar.gz
fedff26fdccae52c5ccd8adeee688d48 33209 misc optional postgresql-8.1_8.1.7-1.diff.gz
d4f5d0970895434012380ccd5024b4df 1569736 doc optional postgresql-doc-8.1_8.1.7-1_all.deb
c5201162a754d7fd9dee8fb9c5b3b25d 323114 libdevel optional libpq-dev_8.1.7-1_i386.deb
0bbe7f0eac1eade1da87ee9f4ae1112d 267846 libs optional libpq4_8.1.7-1_i386.deb
ff30d6fed7d1b0bf96e71996b9e56bbe 177284 libs optional libecpg5_8.1.7-1_i386.deb
09440cb98b6f63deb4597a73222987cf 343906 libdevel optional libecpg-dev_8.1.7-1_i386.deb
e199a2967021697eb759549c2638cb3f 156956 libs optional libecpg-compat2_8.1.7-1_i386.deb
c12f01f5a7997ea7d136806aaca07978 179502 libs optional libpgtypes2_8.1.7-1_i386.deb
842f35583799670542e28f3f1d975b7e 4370794 misc optional postgresql-8.1_8.1.7-1_i386.deb
979199fea233429a02eccf194677deeb 1410172 misc optional postgresql-client-8.1_8.1.7-1_i386.deb
7ded41e85350ef1d176edacc69b38cae 602752 libdevel optional postgresql-server-dev-8.1_8.1.7-1_i386.deb
803093e2a09b90cc964b025e5da1c512 594592 misc optional postgresql-contrib-8.1_8.1.7-1_i386.deb
a556815faaa6448ec62636f44ac02a4a 173136 misc optional postgresql-plperl-8.1_8.1.7-1_i386.deb
92b64cb4d56caf7f5b1b284a20f47e58 165990 misc optional postgresql-plpython-8.1_8.1.7-1_i386.deb
1e95ea4bb4f70c6ad2fb3b17525b29ef 167642 misc optional postgresql-pltcl-8.1_8.1.7-1_i386.deb
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.1 (GNU/Linux)
iD8DBQFFxjfTDecnbV4Fd/IRAqREAKCLpChjKbiFP2Xyttx9iMt/0fG1rwCgvj3y
YgUiA3G/bMXo/LDtMFqj51I=
=TrGp
-----END PGP SIGNATURE-----
Accepted:
libecpg-compat2_8.1.7-1_i386.deb
to pool/main/p/postgresql-8.1/libecpg-compat2_8.1.7-1_i386.deb
libecpg-dev_8.1.7-1_i386.deb
to pool/main/p/postgresql-8.1/libecpg-dev_8.1.7-1_i386.deb
libecpg5_8.1.7-1_i386.deb
to pool/main/p/postgresql-8.1/libecpg5_8.1.7-1_i386.deb
libpgtypes2_8.1.7-1_i386.deb
to pool/main/p/postgresql-8.1/libpgtypes2_8.1.7-1_i386.deb
libpq-dev_8.1.7-1_i386.deb
to pool/main/p/postgresql-8.1/libpq-dev_8.1.7-1_i386.deb
libpq4_8.1.7-1_i386.deb
to pool/main/p/postgresql-8.1/libpq4_8.1.7-1_i386.deb
postgresql-8.1_8.1.7-1.diff.gz
to pool/main/p/postgresql-8.1/postgresql-8.1_8.1.7-1.diff.gz
postgresql-8.1_8.1.7-1.dsc
to pool/main/p/postgresql-8.1/postgresql-8.1_8.1.7-1.dsc
postgresql-8.1_8.1.7-1_i386.deb
to pool/main/p/postgresql-8.1/postgresql-8.1_8.1.7-1_i386.deb
postgresql-8.1_8.1.7.orig.tar.gz
to pool/main/p/postgresql-8.1/postgresql-8.1_8.1.7.orig.tar.gz
postgresql-client-8.1_8.1.7-1_i386.deb
to pool/main/p/postgresql-8.1/postgresql-client-8.1_8.1.7-1_i386.deb
postgresql-contrib-8.1_8.1.7-1_i386.deb
to pool/main/p/postgresql-8.1/postgresql-contrib-8.1_8.1.7-1_i386.deb
postgresql-doc-8.1_8.1.7-1_all.deb
to pool/main/p/postgresql-8.1/postgresql-doc-8.1_8.1.7-1_all.deb
postgresql-plperl-8.1_8.1.7-1_i386.deb
to pool/main/p/postgresql-8.1/postgresql-plperl-8.1_8.1.7-1_i386.deb
postgresql-plpython-8.1_8.1.7-1_i386.deb
to pool/main/p/postgresql-8.1/postgresql-plpython-8.1_8.1.7-1_i386.deb
postgresql-pltcl-8.1_8.1.7-1_i386.deb
to pool/main/p/postgresql-8.1/postgresql-pltcl-8.1_8.1.7-1_i386.deb
postgresql-server-dev-8.1_8.1.7-1_i386.deb
to pool/main/p/postgresql-8.1/postgresql-server-dev-8.1_8.1.7-1_i386.deb
