-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA256 Format: 1.8 Date: Sun, 25 Sep 2011 13:40:58 +0200 Source: postgresql-8.3 Binary: libpq-dev libpq5 libecpg6 libecpg-dev libecpg-compat3 libpgtypes3 postgresql-8.3 postgresql-client-8.3 postgresql-server-dev-8.3 postgresql-doc-8.3 postgresql-contrib-8.3 postgresql-plperl-8.3 postgresql-plpython-8.3 postgresql-pltcl-8.3 postgresql postgresql-client postgresql-doc postgresql-contrib Architecture: ia64 Version: 8.3.16-0lenny1 Distribution: lenny-security Urgency: low Maintainer: ia64 Build Daemon (mundy) Changed-By: Martin Pitt Description: libecpg-compat3 - older version of run-time library for ECPG programs libecpg-dev - development files for ECPG (Embedded PostgreSQL for C) libecpg6 - run-time library for ECPG programs libpgtypes3 - shared library libpgtypes for PostgreSQL 8.3 libpq-dev - header files for libpq5 (PostgreSQL library) libpq5 - PostgreSQL C client library postgresql - object-relational SQL database (supported version) postgresql-8.3 - object-relational SQL database, version 8.3 server postgresql-client - front-end programs for PostgreSQL (supported version) postgresql-client-8.3 - front-end programs for PostgreSQL 8.3 postgresql-contrib - additional facilities for PostgreSQL (supported version) postgresql-contrib-8.3 - additional facilities for PostgreSQL postgresql-doc - documentation for the PostgreSQL database management system postgresql-doc-8.3 - documentation for the PostgreSQL database management system postgresql-plperl-8.3 - PL/Perl procedural language for PostgreSQL 8.3 postgresql-plpython-8.3 - PL/Python procedural language for PostgreSQL 8.3 postgresql-pltcl-8.3 - PL/Tcl procedural language for PostgreSQL 8.3 postgresql-server-dev-8.3 - development files for PostgreSQL 8.3 server-side programming Changes: postgresql-8.3 (8.3.16-0lenny1) oldstable-security; urgency=low . * New upstream bug fix release 8.3.15: - Disallow including a composite type in itself. This prevents scenarios wherein the server could recurse infinitely while processing the composite type. While there are some possible uses for such a structure, they don't seem compelling enough to justify the effort required to make sure it always works safely. - Avoid potential deadlock during catalog cache initialization. In some cases the cache loading code would acquire share lock on a system index before locking the index's catalog. This could deadlock against processes trying to acquire exclusive locks in the other, more standard order. - Fix dangling-pointer problem in BEFORE ROW UPDATE trigger handling when there was a concurrent update to the target tuple. This bug has been observed to result in intermittent "cannot extract system attribute from virtual tuple" failures while trying to do UPDATE RETURNING ctid. There is a very small probability of more serious errors, such as generating incorrect index entries for the updated tuple. - Disallow "DROP TABLE" when there are pending deferred trigger events for the table. Formerly the "DROP" would go through, leading to "could not open relation with OID nnn" errors when the triggers were eventually fired. - Fix PL/Python memory leak involving array slices. - Fix pg_restore to cope with long lines (over 1KB) in TOC files. - Put in more safeguards against crashing due to division-by-zero with overly enthusiastic compiler optimization. * New upstream bug fix release 8.3.16: - Fix bugs in indexing of in-doubt HOT-updated tuples. These bugs could result in index corruption after reindexing a system catalog. They are not believed to affect user indexes. - Fix multiple bugs in GiST index page split processing. The probability of occurrence was low, but these could lead to index corruption. - Fix possible buffer overrun in tsvector_concat(). The function could underestimate the amount of memory needed for its result, leading to server crashes. - Fix crash in xml_recv when processing a "standalone" parameter. - Avoid possibly accessing off the end of memory in "ANALYZE" and in SJIS-2004 encoding conversion. This fixes some very-low-probability server crash scenarios. - Fix race condition in relcache init file invalidation. There was a window wherein a new backend process could read a stale init file but miss the inval messages that would tell it the data is stale. The result would be bizarre failures in catalog accesses, typically "could not read block 0 in file ..." later during startup. - Fix memory leak at end of a GiST index scan. Commands that perform many separate GiST index scans, such as verification of a new GiST-based exclusion constraint on a table already containing many rows, could transiently require large amounts of memory due to this leak. - Fix performance problem when constructing a large, lossy bitmap. - Fix array- and path-creating functions to ensure padding bytes are zeroes. This avoids some situations where the planner will think that semantically-equal constants are not equal, resulting in poor optimization. - Fix dump bug for VALUES in a view. - Disallow SELECT FOR UPDATE/SHARE on sequences. This operation doesn't work as expected and can lead to failures. - Defend against integer overflow when computing size of a hash table. - Fix cases where "CLUSTER" might attempt to access already-removed TOAST data. - Fix portability bugs in use of credentials control messages for "peer" authentication. - Fix SSPI login when multiple roundtrips are required. The typical symptom of this problem was "The function requested is not supported" errors during SSPI login. - Fix typo in pg_srand48 seed initialization. This led to failure to use all bits of the provided seed. This function is not used on most platforms (only those without srandom), and the potential security exposure from a less-random-than-expected seed seems minimal in any case. - Avoid integer overflow when the sum of LIMIT and OFFSET values exceeds 2^63. - Add overflow checks to int4 and int8 versions of generate_series(). - Fix trailing-zero removal in to_char(). In a format with FM and no digit positions after the decimal point, zeroes to the left of the decimal point could be removed incorrectly. - Fix pg_size_pretty() to avoid overflow for inputs close to 2^63. - Fix psql's counting of script file line numbers during COPY from a different file. - Fix pg_restore's direct-to-database mode for standard_conforming_strings. pg_restore could emit incorrect commands when restoring directly to a database server from an archive file that had been made with standard_conforming_strings set to on. - Fix write-past-buffer-end and memory leak in libpq's LDAP service lookup code. - In libpq, avoid failures when using nonblocking I/O and an SSL connection. - Improve libpq's handling of failures during connection startup. In particular, the response to a server report of fork() failure during SSL connection startup is now saner. - Improve libpq's error reporting for SSL failures. - Make ecpglib write double values with 15 digits precision. - In ecpglib, be sure LC_NUMERIC setting is restored after an error. - Apply upstream fix for blowfish signed-character bug (CVE-2011-2483). "contrib/pg_crypto"'s blowfish encryption code could give wrong results on platforms where char is signed (which is most), leading to encrypted passwords being weaker than they should be. - Fix memory leak in "contrib/seg". - Fix pgstatindex() to give consistent results for empty indexes. - Allow building with perl 5.14 (Alex Hunsaker) * Drop 00cvs-unregister-ssl-callbacks.patch, upstream now. Checksums-Sha1: 2de1f541182ff30b94a4484523aea47935d8590a 536288 libpq-dev_8.3.16-0lenny1_ia64.deb b6763b9b0840a0ae71965e418f053cf46d1b9343 456062 libpq5_8.3.16-0lenny1_ia64.deb 10cd2c92345c6f5251622a2e90570821ef252b9d 329836 libecpg6_8.3.16-0lenny1_ia64.deb 8343806fc6044b1fce135d07ac31189dec5706f5 560720 libecpg-dev_8.3.16-0lenny1_ia64.deb d13f30f6c74aa588ac428d502e92b3d9206004bb 299372 libecpg-compat3_8.3.16-0lenny1_ia64.deb 7ba9ffc385e9106b892fef470872c3f742132643 334578 libpgtypes3_8.3.16-0lenny1_ia64.deb b8bfbd70c31fe93b3be203b6709e04d30a859f33 6364712 postgresql-8.3_8.3.16-0lenny1_ia64.deb 20d0001ddbeb1cc4ee63398372501770180db7e4 1922208 postgresql-client-8.3_8.3.16-0lenny1_ia64.deb ac496defd935e24b633631b7541ad6dcadafe600 876282 postgresql-server-dev-8.3_8.3.16-0lenny1_ia64.deb 17165327c267957b9fac3dbf0fd68767607741d3 768884 postgresql-contrib-8.3_8.3.16-0lenny1_ia64.deb ef7fb0c1d07ed505a97f9733c0023796cd0346be 333128 postgresql-plperl-8.3_8.3.16-0lenny1_ia64.deb f220c33822c29e82141b6ac323c1f9449d726957 323466 postgresql-plpython-8.3_8.3.16-0lenny1_ia64.deb 73bc7eb7c318d236da6f5e34dd77b82ff8218354 315288 postgresql-pltcl-8.3_8.3.16-0lenny1_ia64.deb Checksums-Sha256: 489ed6d69dff9e2fb8eea04d6951e1bf58d2e933f5a6e5c5ee478c799dab026f 536288 libpq-dev_8.3.16-0lenny1_ia64.deb f40ab38949dc26b86fd19e38ea0cd34e12366e9c3168e301c361f41c80e8ef60 456062 libpq5_8.3.16-0lenny1_ia64.deb 874d7b298645dd0ec8e42830776e54e667b778885160b47c94332e2258ae9ae7 329836 libecpg6_8.3.16-0lenny1_ia64.deb 4b7b73ee6b6a705330a6585a782b51d6eb82cfd2b2d89876c475d6625d10e858 560720 libecpg-dev_8.3.16-0lenny1_ia64.deb e17e631e9730d35ed3391444d15e245c0e8a4499bf7391a930c44011e08ae50b 299372 libecpg-compat3_8.3.16-0lenny1_ia64.deb def5fd89d72e7bda191490251997c5cd2a9da4b602caa305992778e7d260a283 334578 libpgtypes3_8.3.16-0lenny1_ia64.deb 33ecf7ee5bba7d407ced1c9ee09e297f7bdefeb4681e1b5111484256474f793b 6364712 postgresql-8.3_8.3.16-0lenny1_ia64.deb f9e6abaac6c1dfaf314c3cea0eb1112f536fb84bfd17f4d6e85b91774b694ff1 1922208 postgresql-client-8.3_8.3.16-0lenny1_ia64.deb ea5dd0018e1ed3904331b1c9f60963efa1d1ec0bae746ae9841b75f01f218111 876282 postgresql-server-dev-8.3_8.3.16-0lenny1_ia64.deb 5c17318cdec17fb485da2f5ec1200fe65ad371c82e38bf5584a811dbbad3ff4c 768884 postgresql-contrib-8.3_8.3.16-0lenny1_ia64.deb e387af7dbeced96d4dccb22ee4b76b5509e7b272fdd7e18bc980c006a8deb24c 333128 postgresql-plperl-8.3_8.3.16-0lenny1_ia64.deb 6724392f19124c2adeee9077502bdd01367500c825e99db332828e48944f856c 323466 postgresql-plpython-8.3_8.3.16-0lenny1_ia64.deb 5354b7c040d44a44735fa6e2202a7ff29017bb4346a8330d2d1ab4e41dc8a2dd 315288 postgresql-pltcl-8.3_8.3.16-0lenny1_ia64.deb Files: 0eb37fd9b254c321ea8884f81938050c 536288 libdevel optional libpq-dev_8.3.16-0lenny1_ia64.deb 23723e227101afe7cbcf833187c294cb 456062 libs optional libpq5_8.3.16-0lenny1_ia64.deb c00016b1b800de2f6ac5f5f401720c13 329836 libs optional libecpg6_8.3.16-0lenny1_ia64.deb 875c897333fde1316ef707c6e82b1d0f 560720 libdevel optional libecpg-dev_8.3.16-0lenny1_ia64.deb fad96ad71fb51d9dfe12ab8f8392c8a6 299372 libs optional libecpg-compat3_8.3.16-0lenny1_ia64.deb 652f287366c4aef9d998835e12d10bac 334578 libs optional libpgtypes3_8.3.16-0lenny1_ia64.deb 5ba910a7dd703815f415fd6cbfb3accc 6364712 misc optional postgresql-8.3_8.3.16-0lenny1_ia64.deb 25c512af4399cba5e6f55538386e2d73 1922208 misc optional postgresql-client-8.3_8.3.16-0lenny1_ia64.deb b337d86727b5e37136760886049bd091 876282 libdevel optional postgresql-server-dev-8.3_8.3.16-0lenny1_ia64.deb ebd827fbc9c75e84250bae4256b24400 768884 misc optional postgresql-contrib-8.3_8.3.16-0lenny1_ia64.deb 197986ef77e522c3deb08ee07ed6cdf0 333128 misc optional postgresql-plperl-8.3_8.3.16-0lenny1_ia64.deb bcf1d22447f1eb6242e810e04fcf8529 323466 misc optional postgresql-plpython-8.3_8.3.16-0lenny1_ia64.deb de9e9e4ab0cca3f8b1dd5d3b171b55ac 315288 misc optional postgresql-pltcl-8.3_8.3.16-0lenny1_ia64.deb -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.4.10 (GNU/Linux) iQIcBAEBCAAGBQJOm75YAAoJEHzOw5eW+kj05iwP/07ZIkW20RiwXrtcUrtt4L+U AQ4WCjIkLYGdczUnajWqGwi6L6SHXx8UEFvavPxCf4KEg9jsaQE8UtRJc9AEF5hO g4VkXHDevD0sfNiuOnxqzLIYYrczF97fVg0WZeXA74ySjlsj1fHHtkFXEDQCtq02 YL7LRkPTzziNJvSileOpRihluCWzgaZ+Vg+d8FBwXzH7my2TLYaQyTlXrPwY/JJJ Ba/BA9U6m9Ec3N+LEwvzDa+ozCWncLW2XIKd8pGHiHMlqJDAcoxBUhJyRv5LiSWq LM9HF+D9tNb5O3nYrM97PT9FRAQPaLwHioeYjdKbUQf/25K9HWoxjy0iHXkaJfi2 ouZx0hWoHb5iJLDvLIA6JUC0VOjp6Rv9184zEfwUuPk3/aN4QgeoOK3lvn2Vw3cl xAY/fWL8Y4SGhriQ1UreLECH2FgDCABEspt0TeEOZoGaVlRUf1ywzs/SWqY1AaOt 13cqXQvOBZyemC8v/Xnhx/85jz8NJBacfWmk1KtTin+U3YtmN4FHbxN45/Exwqen EfyorZzw125yI8ik77lFvUNjihciWiaRtLA65kbi4lDSlW7JHQ522OTel7L1ngYw eOPxxnfi9WJV9QK7FPWcRiZxVgJ4XlJEIcR/51RbxniEdSQvdRYeCDMC5lMX+LCb eBEUXu3ux3T9YPAIA0eH =/Al7 -----END PGP SIGNATURE-----