Accepted: postgresql-8.1 8.1.11-1 (source)

Ubuntu Installer archive at
Tue Jan 8 07:43:55 GMT 2008

 OK: postgresql-8.1_8.1.11.orig.tar.gz
 OK: postgresql-8.1_8.1.11-1.diff.gz
 OK: postgresql-8.1_8.1.11-1.dsc
     -> Component: universe Section: misc

Origin: Debian/unstable
Format: 1.7
Date: Tue,  08 Jan 2008 07:42:54 +0000
Source: postgresql-8.1
Binary: postgresql-plperl-8.1, postgresql-server-dev-8.1, postgresql-contrib-8.1, postgresql-client-8.1, libpq4, postgresql-8.1, postgresql-plpython-8.1, postgresql-pltcl-8.1, postgresql-doc-8.1
Architecture: source
Version: 8.1.11-1
Distribution: hardy
Urgency: medium
Maintainer: Martin Pitt <mpitt at>
Changed-By: Martin Pitt <martin.pitt at>
 postgresql-8.1 - object-relational SQL database, version 8.1 server
 postgresql-8.1 (8.1.11-1) unstable; urgency=medium
   * New upstream security/bugfix release:
     - Prevent functions in indexes from executing with the privileges of
       the user running "VACUUM", "ANALYZE", etc. "SET ROLE" is now forbidden
       within a SECURITY DEFINER context. [CVE-2007-6600]
     - Suitably crafted regular-expression patterns could cause crashes,
       infinite or near-infinite looping, and/or massive memory
       consumption, all of which pose denial-of-service hazards for
       applications that accept regex search patterns from untrustworthy
       sources. [CVE-2007-4769, CVE-2007-4772, CVE-2007-6067]
     - Require non-superusers who use "/contrib/dblink" to use only
       password authentication, as a security measure.
       The fix that appeared for this in 8.2.5 was incomplete, as it
       plugged the hole for only some "dblink" functions. [CVE-2007-6601,
     - Fix planner failure in some cases of WHERE false AND var IN (SELECT
     - Preserve the tablespace and storage parameters of indexes that are
       rebuilt by "ALTER TABLE ... ALTER COLUMN TYPE".
     - Make archive recovery always start a new WAL timeline, rather than
       only when a recovery stop time was used. This avoids a corner-case risk
       of trying to overwrite an existing archived copy of the last WAL
       segment, and seems simpler and cleaner than the original definition.
     - Make "VACUUM" not use all of maintenance_work_mem when the table is
       too small for it to be useful.
     - Fix potential crash in translate() when using a multibyte database
     - Fix overflow in extract(epoch from interval) for intervals
       exceeding 68 years.
     - Fix PL/Perl to not fail when a UTF-8 regular expression is used in
       a trusted function.
     - Fix PL/Python to not crash on long exception messages.
     - Fix pg_dump to correctly handle inheritance child tables that have
       default expressions different from their parent's.
     - Fix libpq crash when PGPASSFILE refers to a file that is not a
       plain file.
     - ecpg parser fixes.
     - Make "contrib/tablefunc"'s crosstab() handle NULL rowid as a
       category in its own right, rather than crashing.
     - Fix tsvector and tsquery output routines to escape backslashes
     - Fix crash of to_tsvector() on huge input strings.
   * Use the timezone database from the system tzdata instead of shipping our
     - debian/patches/04-timezone-symlinks.patch: Drop previous
       hardlink-to-symlink patch to zic, since that is irrelevant now. Replace
       the patch with a Makefile change that just symlinks /usr/share/zoneinfo
       to where postgresql previously installed its own tzdata copy.
     - debian/control: Add tzdata dependency.
     - debian/postgresql-8.1.install: Install the 'timezone' symlink, not the
       files in the dereferenced directory.
     - debian/postgresql-8.1.postinst: Replace the timezone directory with the
       symlink on upgrades, since dpkg does not do that automatically. Without
       this, we'd end up with an empty timezone directory.
 6be189a40f35be83ef33a0b2381aee5f 34913 misc optional postgresql-8.1_8.1.11-1.diff.gz
 d5d7805fe99dd1a98d62aacfae7fdedc 1096 misc optional postgresql-8.1_8.1.11-1.dsc

More information about the Hardy-changes mailing list