Accepted: postgresql-8.2 8.2.6-0ubuntu0.7.04 (source)

Martin Pitt martin.pitt at ubuntu.com
Mon Jan 7 16:12:55 GMT 2008


Accepted:
 OK: postgresql-8.2_8.2.6.orig.tar.gz
 OK: postgresql-8.2_8.2.6-0ubuntu0.7.04.diff.gz
 OK: postgresql-8.2_8.2.6-0ubuntu0.7.04.dsc
     -> Component: main Section: misc

-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

Format: 1.7
Date: Sat, 05 Jan 2008 20:14:33 +0100
Source: postgresql-8.2
Binary: libpq5 postgresql-doc-8.2 postgresql-server-dev-8.2 postgresql-contrib-8.2 libpgtypes2 libpq-dev postgresql-8.2 postgresql-client-8.2 libecpg5 libecpg-compat2 libecpg-dev postgresql-pltcl-8.2 postgresql-plpython-8.2 postgresql-plperl-8.2
Architecture: source
Version: 8.2.6-0ubuntu0.7.04
Distribution: feisty-proposed
Urgency: low
Maintainer: Martin Pitt <martin.pitt at ubuntu.com>
Changed-By: Martin Pitt <martin.pitt at ubuntu.com>
Description: 
 libecpg-compat2 - older version of run-time library for ECPG programs
 libecpg-dev - development files for ECPG (Embedded PostgreSQL for C)
 libecpg5   - run-time library for ECPG programs
 libpgtypes2 - shared library libpgtypes for PostgreSQL 8.2
 libpq-dev  - header files for libpq5 (PostgreSQL library)
 libpq5     - PostgreSQL C client library
 postgresql-8.2 - object-relational SQL database, version 8.2 server
 postgresql-client-8.2 - front-end programs for PostgreSQL 8.2
 postgresql-contrib-8.2 - additional facilities for PostgreSQL
 postgresql-doc-8.2 - documentation for the PostgreSQL database management system
 postgresql-plperl-8.2 - PL/Perl procedural language for PostgreSQL 8.2
 postgresql-plpython-8.2 - PL/Python procedural language for PostgreSQL 8.2
 postgresql-pltcl-8.2 - PL/Tcl procedural language for PostgreSQL 8.2
 postgresql-server-dev-8.2 - development files for PostgreSQL 8.2 server-side programming
Launchpad-Bugs-Fixed: 146382
Changes: 
 postgresql-8.2 (8.2.6-0ubuntu0.7.04) feisty-proposed; urgency=low
 .
   * New upstream security/bugfix release:
     - Prevent functions in indexes from executing with the privileges of
       the user running "VACUUM", "ANALYZE", etc. "SET ROLE" is now forbidden
       within a SECURITY DEFINER context. [CVE-2007-6600]
     - Suitably crafted regular-expression patterns could cause crashes,
       infinite or near-infinite looping, and/or massive memory
       consumption, all of which pose denial-of-service hazards for
       applications that accept regex search patterns from untrustworthy
       sources. [CVE-2007-4769, CVE-2007-4772, CVE-2007-6067]
     - Require non-superusers who use "/contrib/dblink" to use only
       password authentication, as a security measure.
       The fix that appeared for this in 8.2.5 was incomplete, as it
       plugged the hole for only some "dblink" functions. [CVE-2007-6601,
       CVE-2007-3278]
     - Fix bugs in WAL replay for GIN indexes.
     - Fix GIN index build to work properly when maintenance_work_mem is
       4GB or more.
     - Improve planner's handling of LIKE/regex estimation in non-C
       locales.
     - Fix planning-speed problem for deep outer-join nests, as well as
       possible poor choice of join order.
     - Fix planner failure in some cases of WHERE false AND var IN (SELECT
       ...).
     - Make "CREATE TABLE ... SERIAL" and "ALTER SEQUENCE ... OWNED BY"
       not change the currval() state of the sequence.
     - Preserve the tablespace and storage parameters of indexes that are
       rebuilt by "ALTER TABLE ... ALTER COLUMN TYPE".
     - Make archive recovery always start a new WAL timeline, rather than
       only when a recovery stop time was used. This avoids a corner-case risk
       of trying to overwrite an existing archived copy of the last WAL
       segment, and seems simpler and cleaner than the original definition.
     - Make "VACUUM" not use all of maintenance_work_mem when the table is
       too small for it to be useful.
     - Fix potential crash in translate() when using a multibyte database
       encoding.
     - Make corr() return the correct result for negative correlation
       values.
     - Fix overflow in extract(epoch from interval) for intervals
       exceeding 68 years.
     - Fix PL/Perl to not fail when a UTF-8 regular expression is used in
       a trusted function.
     - Fix PL/Python to work correctly with Python 2.5 on 64-bit machines
       (Marko Kreen)
     - Fix PL/Python to not crash on long exception messages.
     - Fix pg_dump to correctly handle inheritance child tables that have
       default expressions different from their parent's.
     - Fix libpq crash when PGPASSFILE refers to a file that is not a
       plain file.
     - ecpg parser fixes.
     - Make "contrib/tablefunc"'s crosstab() handle NULL rowid as a
       category in its own right, rather than crashing.
     - Fix tsvector and tsquery output routines to escape backslashes
       correctly. (LP: #146382)
     - Fix crash of to_tsvector() on huge input strings.
Files: 
 9182671034e9e032409ffc34bbdfbd2a 1186 misc optional postgresql-8.2_8.2.6-0ubuntu0.7.04.dsc
 75de71c7fa102b8e56f5fabd1f79584e 12264131 misc optional postgresql-8.2_8.2.6.orig.tar.gz
 8f08d047c3eea2f9d32084548f250f40 29465 misc optional postgresql-8.2_8.2.6-0ubuntu0.7.04.diff.gz
Original-Maintainer: Martin Pitt <mpitt at debian.org>

-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.6 (GNU/Linux)

iD8DBQFHf9geDecnbV4Fd/IRAl1eAJ4yX/W/Nq5Kob3n93UCPBAiFCXzpQCgrcG8
NgdCX3uJd3X1XexE2EXadF4=
=Axmp
-----END PGP SIGNATURE-----





More information about the feisty-changes mailing list