Accepted: postgresql-8.1 8.1.11-0ubuntu0.6.06 (source)

Martin Pitt martin.pitt at
Mon Jan 7 16:12:24 GMT 2008

 OK: postgresql-8.1_8.1.11.orig.tar.gz
 OK: postgresql-8.1_8.1.11-0ubuntu0.6.06.diff.gz
 OK: postgresql-8.1_8.1.11-0ubuntu0.6.06.dsc
     -> Component: main Section: misc

Hash: SHA1

Format: 1.7
Date: Sat, 05 Jan 2008 19:26:49 +0100
Source: postgresql-8.1
Binary: postgresql-8.1 postgresql-pltcl-8.1 postgresql-plperl-8.1 libpgtypes2 libpq-dev libpq4 postgresql-doc-8.1 postgresql-plpython-8.1 libecpg-compat2 libecpg5 libecpg-dev postgresql-client-8.1 postgresql-server-dev-8.1 postgresql-contrib-8.1
Architecture: source
Version: 8.1.11-0ubuntu0.6.06
Distribution: dapper-proposed
Urgency: low
Maintainer: Martin Pitt <mpitt at>
Changed-By: Martin Pitt <martin.pitt at>
 libecpg-compat2 - older version of run-time library for ECPG programs
 libecpg-dev - development files for ECPG (Embedded PostgreSQL for C)
 libecpg5   - run-time library for ECPG programs
 libpgtypes2 - shared library libpgtypes for PostgreSQL 8.1
 libpq-dev  - header files for libpq4 (PostgreSQL library)
 libpq4     - PostgreSQL C client library
 postgresql-8.1 - object-relational SQL database, version 8.1 server
 postgresql-client-8.1 - front-end programs for PostgreSQL 8.1
 postgresql-contrib-8.1 - additional facilities for PostgreSQL
 postgresql-doc-8.1 - documentation for the PostgreSQL database management system
 postgresql-plperl-8.1 - PL/Perl procedural language for PostgreSQL 8.1
 postgresql-plpython-8.1 - PL/Python procedural language for PostgreSQL 8.1
 postgresql-pltcl-8.1 - PL/TCL procedural language for PostgreSQL 8.1
 postgresql-server-dev-8.1 - development files for PostgreSQL 8.1 server-side programming
 postgresql-8.1 (8.1.11-0ubuntu0.6.06) dapper-proposed; urgency=low
   * New upstream security/bugfix release:
     - Prevent functions in indexes from executing with the privileges of
       the user running "VACUUM", "ANALYZE", etc. "SET ROLE" is now forbidden
       within a SECURITY DEFINER context. [CVE-2007-6600]
     - Suitably crafted regular-expression patterns could cause crashes,
       infinite or near-infinite looping, and/or massive memory
       consumption, all of which pose denial-of-service hazards for
       applications that accept regex search patterns from untrustworthy
       sources. [CVE-2007-4769, CVE-2007-4772, CVE-2007-6067]
     - Require non-superusers who use "/contrib/dblink" to use only
       password authentication, as a security measure.
       The fix that appeared for this in 8.2.5 was incomplete, as it
       plugged the hole for only some "dblink" functions. [CVE-2007-6601,
     - Fix planner failure in some cases of WHERE false AND var IN (SELECT
     - Preserve the tablespace and storage parameters of indexes that are
       rebuilt by "ALTER TABLE ... ALTER COLUMN TYPE".
     - Make archive recovery always start a new WAL timeline, rather than
       only when a recovery stop time was used. This avoids a corner-case risk
       of trying to overwrite an existing archived copy of the last WAL
       segment, and seems simpler and cleaner than the original definition.
     - Make "VACUUM" not use all of maintenance_work_mem when the table is
       too small for it to be useful.
     - Fix potential crash in translate() when using a multibyte database
     - Fix overflow in extract(epoch from interval) for intervals
       exceeding 68 years.
     - Fix PL/Perl to not fail when a UTF-8 regular expression is used in
       a trusted function.
     - Fix PL/Python to not crash on long exception messages.
     - Fix pg_dump to correctly handle inheritance child tables that have
       default expressions different from their parent's.
     - Fix libpq crash when PGPASSFILE refers to a file that is not a
       plain file.
     - ecpg parser fixes.
     - Make "contrib/tablefunc"'s crosstab() handle NULL rowid as a
       category in its own right, rather than crashing.
     - Fix tsvector and tsquery output routines to escape backslashes
     - Fix crash of to_tsvector() on huge input strings.
   * Use the timezone database from the system tzdata instead of shipping our
     - debian/patches/04-timezone-symlinks.patch: Drop previous
       hardlink-to-symlink patch to zic, since that is irrelevant now. Replace
       the patch with a Makefile change that just symlinks /usr/share/zoneinfo
       to where postgresql previously installed its own tzdata copy.
     - debian/control: Add locales dependency (which contains tzdata in
     - debian/postgresql-8.1.install: Install the 'timezone' symlink, not the
       files in the dereferenced directory.
     - debian/postgresql-8.1.postinst: Replace the timezone directory with the
       symlink on upgrades, since dpkg does not do that automatically. Without
       this, we'd end up with an empty timezone directory.
 a37fedb4a10822904eaf4ebce6cdffb5 1122 misc optional postgresql-8.1_8.1.11-0ubuntu0.6.06.dsc
 9eadd7e16f547a8ce1e0eec5de96632e 11444400 misc optional postgresql-8.1_8.1.11.orig.tar.gz
 3e951c55c5f16c76da9ec7af833f8c64 27183 misc optional postgresql-8.1_8.1.11-0ubuntu0.6.06.diff.gz

Version: GnuPG v1.4.6 (GNU/Linux)


More information about the dapper-changes mailing list