[ubuntu/trusty-proposed] postgresql-9.3 9.3.5-0ubuntu0.14.04.1 (Accepted)

Martin Pitt martin.pitt at ubuntu.com
Wed Jul 30 09:35:46 UTC 2014 

postgresql-9.3 (9.3.5-0ubuntu0.14.04.1) trusty-proposed; urgency=medium

  * New upstream bug fix release: (LP: #1348176)
    - pg_upgrade: Users who upgraded to version 9.3 using pg_upgrade may have
      an issue with transaction information which causes VACUUM to eventually
      fail. These users should run the script provided in the release notes to
      determine if their installation is affected, and then take the remedy
      steps outlined there.
    - Various data integrity and other bug fixes.
    - Secure Unix-domain sockets of temporary postmasters started during make
      check.
      Any local user able to access the socket file could connect as the
      server's bootstrap superuser, then proceed to execute arbitrary code as
      the operating-system user running the test, as we previously noted in
      CVE-2014-0067. This change defends against that risk by placing the
      server's socket in a temporary, mode 0700 subdirectory of /tmp.
    - See release notes for details:
      http://www.postgresql.org/about/news/1534/
  * Remove pg_regress patches to support --host=/path, obsolete with above
    upstream changes and not applicable any more.
  * Drop tcl8.6 patch, applied upstream.
  * Add missing logrotate test dependency.

Date: Thu, 24 Jul 2014 16:13:59 +0200
Changed-By: Martin Pitt <martin.pitt at ubuntu.com>
Maintainer: Ubuntu Developers <ubuntu-devel-discuss at lists.ubuntu.com>
https://launchpad.net/ubuntu/trusty/+source/postgresql-9.3/9.3.5-0ubuntu0.14.04.1
-------------- next part --------------
Format: 1.8
Date: Thu, 24 Jul 2014 16:13:59 +0200
Source: postgresql-9.3
Binary: libpq-dev libpq5 libecpg6 libecpg-dev libecpg-compat3 libpgtypes3 postgresql-9.3 postgresql-9.3-dbg postgresql-client-9.3 postgresql-server-dev-9.3 postgresql-doc-9.3 postgresql-contrib-9.3 postgresql-plperl-9.3 postgresql-plpython-9.3 postgresql-plpython3-9.3 postgresql-pltcl-9.3
Architecture: source
Version: 9.3.5-0ubuntu0.14.04.1
Distribution: trusty-proposed
Urgency: medium
Maintainer: Ubuntu Developers <ubuntu-devel-discuss at lists.ubuntu.com>
Changed-By: Martin Pitt <martin.pitt at ubuntu.com>
Description:
 libecpg-compat3 - older version of run-time library for ECPG programs
 libecpg-dev - development files for ECPG (Embedded PostgreSQL for C)
 libecpg6   - run-time library for ECPG programs
 libpgtypes3 - shared library libpgtypes for PostgreSQL 9.3
 libpq-dev  - header files for libpq5 (PostgreSQL library)
 libpq5     - PostgreSQL C client library
 postgresql-9.3 - object-relational SQL database, version 9.3 server
 postgresql-9.3-dbg - debug symbols for postgresql-9.3
 postgresql-client-9.3 - front-end programs for PostgreSQL 9.3
 postgresql-contrib-9.3 - additional facilities for PostgreSQL
 postgresql-doc-9.3 - documentation for the PostgreSQL database management system
 postgresql-plperl-9.3 - PL/Perl procedural language for PostgreSQL 9.3
 postgresql-plpython-9.3 - PL/Python procedural language for PostgreSQL 9.3
 postgresql-plpython3-9.3 - PL/Python 3 procedural language for PostgreSQL 9.3
 postgresql-pltcl-9.3 - PL/Tcl procedural language for PostgreSQL 9.3
 postgresql-server-dev-9.3 - development files for PostgreSQL 9.3 server-side programming
Launchpad-Bugs-Fixed: 1348176
Changes:
 postgresql-9.3 (9.3.5-0ubuntu0.14.04.1) trusty-proposed; urgency=medium
 .
   * New upstream bug fix release: (LP: #1348176)
     - pg_upgrade: Users who upgraded to version 9.3 using pg_upgrade may have
       an issue with transaction information which causes VACUUM to eventually
       fail. These users should run the script provided in the release notes to
       determine if their installation is affected, and then take the remedy
       steps outlined there.
     - Various data integrity and other bug fixes.
     - Secure Unix-domain sockets of temporary postmasters started during make
       check.
       Any local user able to access the socket file could connect as the
       server's bootstrap superuser, then proceed to execute arbitrary code as
       the operating-system user running the test, as we previously noted in
       CVE-2014-0067. This change defends against that risk by placing the
       server's socket in a temporary, mode 0700 subdirectory of /tmp.
     - See release notes for details:
       http://www.postgresql.org/about/news/1534/
   * Remove pg_regress patches to support --host=/path, obsolete with above
     upstream changes and not applicable any more.
   * Drop tcl8.6 patch, applied upstream.
   * Add missing logrotate test dependency.
Checksums-Sha1:
 8380c37e636fe9d9842c7776b9974a7e683566ac 3596 postgresql-9.3_9.3.5-0ubuntu0.14.04.1.dsc
 062e1483238daf02df5904ebd4cdfb52d5320eaa 25988 postgresql-9.3_9.3.5-0ubuntu0.14.04.1.debian.tar.xz
Checksums-Sha256:
 73d12a96eaabcc1e039a8512844a45be526cdd042836670a7d26225deb4f3a1f 3596 postgresql-9.3_9.3.5-0ubuntu0.14.04.1.dsc
 4d5c70176b40e642b3c0ee5aeb246794b0701e495b43e17c8e3c7f1d373b6843 25988 postgresql-9.3_9.3.5-0ubuntu0.14.04.1.debian.tar.xz
Files:
 1de2d491d8d307af5a9b6c1548aba4bf 3596 database optional postgresql-9.3_9.3.5-0ubuntu0.14.04.1.dsc
 175692749ecf62377251fad1ea05f81c 25988 database optional postgresql-9.3_9.3.5-0ubuntu0.14.04.1.debian.tar.xz
Original-Maintainer: Debian PostgreSQL Maintainers <pkg-postgresql-public at lists.alioth.debian.org>

More information about the Trusty-changes mailing list