Accepted postgresql-9.1 9.1.9-1~bpo60+1 (source amd64 all)
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA256
Format: 1.8
Date: Thu, 04 Apr 2013 11:25:46 +0200
Source: postgresql-9.1
Binary: libpq-dev libpq5 libecpg6 libecpg-dev libecpg-compat3 libpgtypes3 postgresql-9.1 postgresql-9.1-dbg postgresql-client-9.1 postgresql-server-dev-9.1 postgresql-doc-9.1 postgresql-contrib-9.1 postgresql-plperl-9.1 postgresql-plpython-9.1 postgresql-plpython3-9.1 postgresql-pltcl-9.1
Architecture: source amd64 all
Version: 9.1.9-1~bpo60+1
Distribution: squeeze-backports
Urgency: high
Maintainer: Debian PostgreSQL Maintainers <pkg-postgresql-public@lists.alioth.debian.org>
Changed-By: Christoph Berg <myon@debian.org>
Description:
libecpg-compat3 - older version of run-time library for ECPG programs
libecpg-dev - development files for ECPG (Embedded PostgreSQL for C)
libecpg6 - run-time library for ECPG programs
libpgtypes3 - shared library libpgtypes for PostgreSQL 9.1
libpq-dev - header files for libpq5 (PostgreSQL library)
libpq5 - PostgreSQL C client library
postgresql-9.1 - object-relational SQL database, version 9.1 server
postgresql-9.1-dbg - debug symbols for postgresql-9.1
postgresql-client-9.1 - front-end programs for PostgreSQL 9.1
postgresql-contrib-9.1 - additional facilities for PostgreSQL
postgresql-doc-9.1 - documentation for the PostgreSQL database management system
postgresql-plperl-9.1 - PL/Perl procedural language for PostgreSQL 9.1
postgresql-plpython-9.1 - PL/Python procedural language for PostgreSQL 9.1
postgresql-plpython3-9.1 - PL/Python 3 procedural language for PostgreSQL 9.1
postgresql-pltcl-9.1 - PL/Tcl procedural language for PostgreSQL 9.1
postgresql-server-dev-9.1 - development files for PostgreSQL 9.1 server-side programming
Closes: 697618 704479
Changes:
postgresql-9.1 (9.1.9-1~bpo60+1) squeeze-backports; urgency=high
.
* Rebuild for squeeze-backports.
.
postgresql-9.1 (9.1.9-1) unstable; urgency=high
.
* Urgency high because of critical remote data destruction vulnerability.
* New upstream security/bug fix release:
- Fix insecure parsing of server command-line switches.
A connection request containing a database name that begins with
"-" could be crafted to damage or destroy files within the server's
data directory, even if the request is eventually rejected.
[CVE-2013-1899] (Closes: #704479)
- Reset OpenSSL randomness state in each postmaster child process.
This avoids a scenario wherein random numbers generated by
"contrib/pgcrypto" functions might be relatively easy for another
database user to guess. The risk is only significant when the
postmaster is configured with ssl = on but most connections don't
use SSL encryption. [CVE-2013-1900]
- Make REPLICATION privilege checks test current user not
authenticated user.
An unprivileged database user could exploit this mistake to call
pg_start_backup() or pg_stop_backup(), thus possibly interfering
with creation of routine backups. [CVE-2013-1901]
- Fix GiST indexes to not use "fuzzy" geometric comparisons when it's
not appropriate to do so.
The core geometric types perform comparisons using "fuzzy"
equality, but gist_box_same must do exact comparisons, else GiST
indexes using it might become inconsistent. After installing this
update, users should "REINDEX" any GiST indexes on box, polygon,
circle, or point columns, since all of these use gist_box_same.
- Fix erroneous range-union and penalty logic in GiST indexes that
use "contrib/btree_gist" for variable-width data types, that is
text, bytea, bit, and numeric columns.
These errors could result in inconsistent indexes in which some
keys that are present would not be found by searches, and also in
useless index bloat. Users are advised to "REINDEX" such indexes
after installing this update.
- Fix bugs in GiST page splitting code for multi-column indexes.
These errors could result in inconsistent indexes in which some
keys that are present would not be found by searches, and also in
indexes that are unnecessarily inefficient to search. Users are
advised to "REINDEX" multi-column GiST indexes after installing
this update.
- See HISTORY/changelog.gz for details about the other bug fixes.
* Bump Standards-Version to 3.9.4 (no changes necessary).
.
postgresql-9.1 (9.1.8-1) unstable; urgency=medium
.
[ Martin Pitt ]
* Add autopkgtest, moved from postgresql-common.
* debian/rules: Only build the error codes and the plpython subtree for the
"python3" flavor, to cut down build time.
* Add missing docbook build dependency. (Closes: #697618)
.
[ Christoph Berg ]
* New upstream version.
+ Prevent execution of enum_recv from SQL
The function was misdeclared, allowing a simple SQL command to crash the
server. In principle an attacker might be able to use it to examine the
contents of server memory. Our thanks to Sumit Soni (via Secunia SVCRP)
for reporting this issue. (CVE-2013-0255)
Checksums-Sha1:
c8c6881ae91d2fb13d47206947af45af0acd558e 3351 postgresql-9.1_9.1.9-1~bpo60+1.dsc
4cbbfc5be9b8e6fe3d67c5075c212bcb057eac20 15815421 postgresql-9.1_9.1.9.orig.tar.bz2
f229b52781d7f9308a5ec257ca8ea46ce7f57ee5 38362 postgresql-9.1_9.1.9-1~bpo60+1.debian.tar.gz
20922b9e3f1a8ed8e8443754acfa47e9b1866b7a 581834 libpq-dev_9.1.9-1~bpo60+1_amd64.deb
e19d0419c9ae4e95f36762071a585ea13cb65373 526034 libpq5_9.1.9-1~bpo60+1_amd64.deb
3e05ea997def32a6e101e5e5a9361b60e66472ef 484054 libecpg6_9.1.9-1~bpo60+1_amd64.deb
700ee5a751bbefed2dcf11cb5974a87eb7479b70 615666 libecpg-dev_9.1.9-1~bpo60+1_amd64.deb
5611592be64880aeae75610139e067caf786c837 421916 libecpg-compat3_9.1.9-1~bpo60+1_amd64.deb
ce56b4f5ff0580f2bb39eec5dd5a5b7e37dfad33 443576 libpgtypes3_9.1.9-1~bpo60+1_amd64.deb
a97d4b81da01d33981e26bc179d489790763e6bf 3646046 postgresql-9.1_9.1.9-1~bpo60+1_amd64.deb
e6761047f5811f4588639c0c8dc8b40b44f075f0 4846456 postgresql-9.1-dbg_9.1.9-1~bpo60+1_amd64.deb
03820f5d98f05af43ccbb4f672ed5388c91ff0e8 1385008 postgresql-client-9.1_9.1.9-1~bpo60+1_amd64.deb
b871fdf7301d343c4b4d5e8acd4a2d177d1a6661 942200 postgresql-server-dev-9.1_9.1.9-1~bpo60+1_amd64.deb
982edb0ad97fc72537ccba6f587fa52862d5ed51 2010980 postgresql-doc-9.1_9.1.9-1~bpo60+1_all.deb
37afe88f2376b7a898e1ddd24a68a2fd0291e876 750466 postgresql-contrib-9.1_9.1.9-1~bpo60+1_amd64.deb
23b37d89a63bd4a526b104bc430012c2c6239b82 460954 postgresql-plperl-9.1_9.1.9-1~bpo60+1_amd64.deb
2904c96ec56a51d00ec647bf810eafcf0a45ad1f 446970 postgresql-plpython-9.1_9.1.9-1~bpo60+1_amd64.deb
7f62bbaf87cd8d7a743cb47d6374a816765eb6ba 446702 postgresql-plpython3-9.1_9.1.9-1~bpo60+1_amd64.deb
8d0365c8cb9ef511783033ecf0c99dff3f4c948a 436750 postgresql-pltcl-9.1_9.1.9-1~bpo60+1_amd64.deb
Checksums-Sha256:
77536749450f67b8e23a6cf82d5db040b0f39b127f6de2b7861cacd2c1b30475 3351 postgresql-9.1_9.1.9-1~bpo60+1.dsc
28a533e181009308722e8b3c51f1ea7224ab910c380ac1a86f07118667602dd8 15815421 postgresql-9.1_9.1.9.orig.tar.bz2
ec164d2e62738ef8a1a71d66de4c613f04d872d6b2d97718aa5092729a1978cc 38362 postgresql-9.1_9.1.9-1~bpo60+1.debian.tar.gz
23f9158673b108c940abdea3d7a1d4faa7f1bb3947f0f55c1b04a204936a8467 581834 libpq-dev_9.1.9-1~bpo60+1_amd64.deb
4b7f5818cadecc71a3d1b4fa10866174b18cfe053f6032bc3fe7d7ed2460dfc9 526034 libpq5_9.1.9-1~bpo60+1_amd64.deb
b93c827ff74c26b994b62ce0fd2c8fa7b267a0e5da61b4df94bd80b503b1803d 484054 libecpg6_9.1.9-1~bpo60+1_amd64.deb
a724d119abc886d7aba40c21f81867fa8090f335973eb516197e58578044511a 615666 libecpg-dev_9.1.9-1~bpo60+1_amd64.deb
7e0027962f562004947224299b2533ba1081cc2aa3879fa9532f58c3ee5e9d2a 421916 libecpg-compat3_9.1.9-1~bpo60+1_amd64.deb
d66256635ab09359897326ab5cfb61da24a96cb8aa7bd75f0be278f38e68d601 443576 libpgtypes3_9.1.9-1~bpo60+1_amd64.deb
c91de3657ba4694a36ac135fd31b9b61f14ffe2af8c143628c24b4d47955b3e8 3646046 postgresql-9.1_9.1.9-1~bpo60+1_amd64.deb
490f5f91961d1bfc5e163e94e38ff1f27f0a61acca065d75383d4179c3b1e94a 4846456 postgresql-9.1-dbg_9.1.9-1~bpo60+1_amd64.deb
fb10954c2645e8f238407cb2fb2969fef754e96ba98eb7cacfd7ee0cdd48e206 1385008 postgresql-client-9.1_9.1.9-1~bpo60+1_amd64.deb
3b589bb1b98d5d2a6d12a0c38b813069bc74ae87a3d8a16282481b6d39fb8064 942200 postgresql-server-dev-9.1_9.1.9-1~bpo60+1_amd64.deb
30e7bfaab2e5b3b2d1dfd24779c44cbea66ba9cc76e23f53a14a192fe5264c2b 2010980 postgresql-doc-9.1_9.1.9-1~bpo60+1_all.deb
54bd6a0c3fd582889f861dbb676619350a7ddfdca73a7236f6de51461ef8002d 750466 postgresql-contrib-9.1_9.1.9-1~bpo60+1_amd64.deb
01129e885ad7b35cb8a8b67f48c85cddd5c42162ace02636ec5d8de8e6cd5ef2 460954 postgresql-plperl-9.1_9.1.9-1~bpo60+1_amd64.deb
7622b07ca2c2ce59c6e63c9d95d2744acd712b91125a76f36c77c87942c91809 446970 postgresql-plpython-9.1_9.1.9-1~bpo60+1_amd64.deb
ae275ed1887b63af4697010332a84af4e8be5c9915918d4e294a8e956957067c 446702 postgresql-plpython3-9.1_9.1.9-1~bpo60+1_amd64.deb
4ea9bcffbbd619878b81835848905453cef195e318ec40d53debe9d3253389c4 436750 postgresql-pltcl-9.1_9.1.9-1~bpo60+1_amd64.deb
Files:
c0e98160702f976f1afb197b09fe2acc 3351 database optional postgresql-9.1_9.1.9-1~bpo60+1.dsc
6b5ea53dde48fcd79acfc8c196b83535 15815421 database optional postgresql-9.1_9.1.9.orig.tar.bz2
22e79d34598a118dcf6f98275fdd615e 38362 database optional postgresql-9.1_9.1.9-1~bpo60+1.debian.tar.gz
5d557f946f47f60976ce30e624947882 581834 libdevel optional libpq-dev_9.1.9-1~bpo60+1_amd64.deb
bd5ff4d5352f86e7de5517bbf26cd988 526034 libs optional libpq5_9.1.9-1~bpo60+1_amd64.deb
19fdf170e9844a7c7f7b48349565e757 484054 libs optional libecpg6_9.1.9-1~bpo60+1_amd64.deb
993c2c8fdfe909277913ad422c9d5048 615666 libdevel optional libecpg-dev_9.1.9-1~bpo60+1_amd64.deb
9a1d849fd785ac42a8a7b623bbeaf56f 421916 libs optional libecpg-compat3_9.1.9-1~bpo60+1_amd64.deb
ca7e4b38531224293acaba347ecf0093 443576 libs optional libpgtypes3_9.1.9-1~bpo60+1_amd64.deb
1f8f8eda7aad75df4367480f80f0a041 3646046 database optional postgresql-9.1_9.1.9-1~bpo60+1_amd64.deb
290545d357f1be83cacf5de608c549ce 4846456 debug extra postgresql-9.1-dbg_9.1.9-1~bpo60+1_amd64.deb
4a811391c9cad8d097cc6a86697e32ad 1385008 database optional postgresql-client-9.1_9.1.9-1~bpo60+1_amd64.deb
0416f8bb323d8062d8b9c3405f855f2e 942200 libdevel optional postgresql-server-dev-9.1_9.1.9-1~bpo60+1_amd64.deb
ae99829e9a6ebcd2bec5ef4df5c1aeac 2010980 doc optional postgresql-doc-9.1_9.1.9-1~bpo60+1_all.deb
03fe6bc2d144b35694410bc6b3a05b5e 750466 database optional postgresql-contrib-9.1_9.1.9-1~bpo60+1_amd64.deb
6d34901d6ed60e688628d87a7d33f976 460954 database optional postgresql-plperl-9.1_9.1.9-1~bpo60+1_amd64.deb
6351cfb6637d10ab24baa29b44cab185 446970 database optional postgresql-plpython-9.1_9.1.9-1~bpo60+1_amd64.deb
ef6da08b9dc87fa05f810656d1f5fb83 446702 database optional postgresql-plpython3-9.1_9.1.9-1~bpo60+1_amd64.deb
31ba05991eac43a13d349ac54fd805bf 436750 database optional postgresql-pltcl-9.1_9.1.9-1~bpo60+1_amd64.deb
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.12 (GNU/Linux)
iQIcBAEBCAAGBQJRXXqMAAoJEExaa6sS0qeuHtMQAKDSdsx3oFhwWxfJOkrLPl0l
mrTebYlcGAiNGxCU5z5dmngM+vvTQ/2/VZlhoYUl2S1qiT5MA+eonhL5LPi6Pxgj
GP+xwbRtAdLVlSGwhg/3BWOdJ52tunDPKm/zQ8NJOTRFVCOqQ3qVLREQbHWmez6S
dnoMqW38pwA7Z8Oc+xPop8GQwlITzWUgqLIN2POatKnz1ZmfJX9kgne1LfsLtwoE
ERALa25g/z20qoz2qOYCFW+kjSI35edO3h0SpFARukLpr4ohp6IfLOR/OW+xiWqS
zikWHb670Dq5fmrxWWzlfBEM9WqBb2bZi7c2Ne8zW4OvXQAcj1iIbY1KgTvMYNnH
MOtSdFUQnzoTVOJ5pP/9RCpVOP0jrvqbI0olGZ9fLjO4nRw20oeCg2eB0+nex1cL
mmTAwV+LvED37H90b16l3pWCXFfP7OJJ2NFEiEeSEEY2/6lcIwRts5BxfSBQpOmf
JRNWQdisXV3alvx9uo/ij37WZVFaMLYXVzC8Y51tMQPXa7xMEtca9ZZFD8MYdqZO
QrbbETfu30n1OTUEsR6lfPx/DbD0kJeUOUhaxURQLWBGLONEQT1k0GBscBznKufo
w0/PEcWgOQx0gaTqD223/lFjnBHGDmC+ziVgvk1+P+uQ5fPZ4SxtjRthV837T5fk
5je0gTc2oWnncAfhkEe2
=zWgP
-----END PGP SIGNATURE-----
hkEe2
=zWgP
-----END PGP SIGNATURE-----
Reply to: