Accepted postgresql-8.1 8.1.4-1 (source i386 all)
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1
Format: 1.7
Date: Mon, 22 May 2006 10:33:20 +0200
Source: postgresql-8.1
Binary: postgresql-8.1 postgresql-pltcl-8.1 postgresql-plperl-8.1 libpgtypes2 libpq-dev libpq4 postgresql-doc-8.1 postgresql-plpython-8.1 libecpg-compat2 libecpg5 libecpg-dev postgresql-client-8.1 postgresql-server-dev-8.1 postgresql-contrib-8.1
Architecture: source i386 all
Version: 8.1.4-1
Distribution: unstable
Urgency: medium
Maintainer: Martin Pitt <mpitt@debian.org>
Changed-By: Martin Pitt <martin.pitt@ubuntu.com>
Description:
libecpg-compat2 - older version of run-time library for ECPG programs
libecpg-dev - development files for ECPG (Embedded PostgreSQL for C)
libecpg5 - run-time library for ECPG programs
libpgtypes2 - shared library libpgtypes for PostgreSQL 8.1
libpq-dev - header files for libpq4 (PostgreSQL library)
libpq4 - PostgreSQL C client library
postgresql-8.1 - object-relational SQL database, version 8.1 server
postgresql-client-8.1 - front-end programs for PostgreSQL 8.1
postgresql-contrib-8.1 - additional facilities for PostgreSQL
postgresql-doc-8.1 - documentation for the PostgreSQL database management system
postgresql-plperl-8.1 - PL/Perl procedural language for PostgreSQL 8.1
postgresql-plpython-8.1 - PL/Python procedural language for PostgreSQL 8.1
postgresql-pltcl-8.1 - PL/TCL procedural language for PostgreSQL 8.1
postgresql-server-dev-8.1 - development files for PostgreSQL 8.1 server-side programming
Closes: 362488
Changes:
postgresql-8.1 (8.1.4-1) unstable; urgency=medium
.
* New upstream security and bug fix release:
- The server now rejects invalidly-encoded multibyte characters in all
cases to defend against SQL-injection attacks. [CVE-2006-2313]
- Reject unsafe uses of \' in string literals (for client encodings that
allow SQL injection with this, like SJIS, BIG5, GBK, GB18030, or UHC). A
new configuration parameter backslash_quote is available to adjust this
behavior when needed. [CVE-2006-2314]
- Modify libpq's string-escaping routines to be aware of encoding
considerations and standard_conforming_strings
This fixes libpq-using applications for the security issues
described in CVE-2006-2313 and CVE-2006-2314, and also
future-proofs them against the planned changeover to SQL-standard
string literal syntax. Applications that use multiple PostgreSQL
connections concurrently should migrate to PQescapeStringConn() and
PQescapeByteaConn() to ensure that escaping is done correctly for
the settings in use in each database connection. Applications that
do string escaping "by hand" should be modified to rely on library
routines instead.
- Various bug fixes, see upstream changelog for details.
* Remove debian/patches/12-krb5-multiusers.patch: Fixed upstream.
* debian/postgresql-8.1.init: Add a comment to point out that environment
variables need to be set in the 'environment' file, not in the init
script.
* debian/postgresql-8.1.init, debian/postgresql-8.1.postinst: Do not fail if
init.d-functions/maintscripts-functions are not present, which happens if
postgresql-{8.1,common} are removed, but not purged. Closes: #362488
* Bump Standards-Version to 3.7.2.
Files:
bfe14f17ff56661f5526de0e5676ab5b 1095 misc optional postgresql-8.1_8.1.4-1.dsc
c6554a0ef948ab2b18b617954e1788fe 11312643 misc optional postgresql-8.1_8.1.4.orig.tar.gz
38b34811c7650a03a2d336e76e8fe833 23567 misc optional postgresql-8.1_8.1.4-1.diff.gz
f0db5ef63af00fa8f8fa6e6d496ff271 1552848 doc optional postgresql-doc-8.1_8.1.4-1_all.deb
74e46c1ad7759a675e98bdd466806520 4291192 misc optional postgresql-8.1_8.1.4-1_i386.deb
f2ac0f40dfe59eef002ead1a4cf47f5a 1348078 misc optional postgresql-client-8.1_8.1.4-1_i386.deb
a48b259bb1af7a0a273e3b52728a3261 595694 libdevel optional postgresql-server-dev-8.1_8.1.4-1_i386.deb
6743515674055bc365658e4a0dded57d 584414 misc optional postgresql-contrib-8.1_8.1.4-1_i386.deb
021523cf0e5745511bf6af1319f633b9 166408 misc optional postgresql-plperl-8.1_8.1.4-1_i386.deb
ee8ab8d19f9e500cdd7efadfa723792b 159428 misc optional postgresql-plpython-8.1_8.1.4-1_i386.deb
ad28153ef1f026865cf2b35a80d8ac57 160944 misc optional postgresql-pltcl-8.1_8.1.4-1_i386.deb
d383e51df7e479aeccdd36eb5d66c07a 311222 libdevel optional libpq-dev_8.1.4-1_i386.deb
0ac29a7f282046b71dbca2224b68fa78 258288 libs optional libpq4_8.1.4-1_i386.deb
d61501b0a131fa3c7b5dce8ab268de35 169772 libs optional libecpg5_8.1.4-1_i386.deb
881bce349d33269721a3ea53d9f2468d 335942 libdevel optional libecpg-dev_8.1.4-1_i386.deb
3c26e4e7b5d8f2748fa9f0b365a90245 150252 libs optional libecpg-compat2_8.1.4-1_i386.deb
d8947525c941ff43f529caa961398317 172952 libs optional libpgtypes2_8.1.4-1_i386.deb
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.1 (GNU/Linux)
iD8DBQFEcYINDecnbV4Fd/IRAsYPAKDW+1wJqdw73fzjfDpqW/KuZyF1VQCggMMy
uZO8GlNYpD8+sw+t1tkg1iQ=
=hWD+
-----END PGP SIGNATURE-----
Accepted:
libecpg-compat2_8.1.4-1_i386.deb
to pool/main/p/postgresql-8.1/libecpg-compat2_8.1.4-1_i386.deb
libecpg-dev_8.1.4-1_i386.deb
to pool/main/p/postgresql-8.1/libecpg-dev_8.1.4-1_i386.deb
libecpg5_8.1.4-1_i386.deb
to pool/main/p/postgresql-8.1/libecpg5_8.1.4-1_i386.deb
libpgtypes2_8.1.4-1_i386.deb
to pool/main/p/postgresql-8.1/libpgtypes2_8.1.4-1_i386.deb
libpq-dev_8.1.4-1_i386.deb
to pool/main/p/postgresql-8.1/libpq-dev_8.1.4-1_i386.deb
libpq4_8.1.4-1_i386.deb
to pool/main/p/postgresql-8.1/libpq4_8.1.4-1_i386.deb
postgresql-8.1_8.1.4-1.diff.gz
to pool/main/p/postgresql-8.1/postgresql-8.1_8.1.4-1.diff.gz
postgresql-8.1_8.1.4-1.dsc
to pool/main/p/postgresql-8.1/postgresql-8.1_8.1.4-1.dsc
postgresql-8.1_8.1.4-1_i386.deb
to pool/main/p/postgresql-8.1/postgresql-8.1_8.1.4-1_i386.deb
postgresql-8.1_8.1.4.orig.tar.gz
to pool/main/p/postgresql-8.1/postgresql-8.1_8.1.4.orig.tar.gz
postgresql-client-8.1_8.1.4-1_i386.deb
to pool/main/p/postgresql-8.1/postgresql-client-8.1_8.1.4-1_i386.deb
postgresql-contrib-8.1_8.1.4-1_i386.deb
to pool/main/p/postgresql-8.1/postgresql-contrib-8.1_8.1.4-1_i386.deb
postgresql-doc-8.1_8.1.4-1_all.deb
to pool/main/p/postgresql-8.1/postgresql-doc-8.1_8.1.4-1_all.deb
postgresql-plperl-8.1_8.1.4-1_i386.deb
to pool/main/p/postgresql-8.1/postgresql-plperl-8.1_8.1.4-1_i386.deb
postgresql-plpython-8.1_8.1.4-1_i386.deb
to pool/main/p/postgresql-8.1/postgresql-plpython-8.1_8.1.4-1_i386.deb
postgresql-pltcl-8.1_8.1.4-1_i386.deb
to pool/main/p/postgresql-8.1/postgresql-pltcl-8.1_8.1.4-1_i386.deb
postgresql-server-dev-8.1_8.1.4-1_i386.deb
to pool/main/p/postgresql-8.1/postgresql-server-dev-8.1_8.1.4-1_i386.deb
Reply to: