Format: 1.7 Date: Sat, 05 Jan 2008 20:24:54 +0100 Source: postgresql-8.2 Binary: libpq5 postgresql-doc-8.2 libpgtypes2 libpq-dev postgresql-doc postgresql postgresql-contrib postgresql-plpython-8.2 postgresql-plperl-8.2 postgresql-client postgresql-server-dev-8.2 postgresql-contrib-8.2 postgresql-client-8.2 postgresql-8.2 libecpg-compat2 libecpg5 libecpg-dev postgresql-pltcl-8.2 Architecture: hppa Version: 8.2.6-0ubuntu0.7.10 Distribution: autobuild Urgency: low Maintainer: Ubuntu/hppa Build Daemon <buildd@castilla.buildd> Changed-By: Martin Pitt <martin.pitt@ubuntu.com> Description: libecpg-compat2 - older version of run-time library for ECPG programs libecpg-dev - development files for ECPG (Embedded PostgreSQL for C) libecpg5 - run-time library for ECPG programs libpgtypes2 - shared library libpgtypes for PostgreSQL 8.2 libpq-dev - header files for libpq5 (PostgreSQL library) libpq5 - PostgreSQL C client library postgresql-8.2 - object-relational SQL database, version 8.2 server postgresql-client-8.2 - front-end programs for PostgreSQL 8.2 postgresql-contrib-8.2 - additional facilities for PostgreSQL postgresql-plperl-8.2 - PL/Perl procedural language for PostgreSQL 8.2 postgresql-plpython-8.2 - PL/Python procedural language for PostgreSQL 8.2 postgresql-pltcl-8.2 - PL/Tcl procedural language for PostgreSQL 8.2 postgresql-server-dev-8.2 - development files for PostgreSQL 8.2 server-side programming Launchpad-Bugs-Fixed: 146382 Changes: postgresql-8.2 (8.2.6-0ubuntu0.7.10) gutsy-proposed; urgency=low . * New upstream security/bugfix release: - Prevent functions in indexes from executing with the privileges of the user running "VACUUM", "ANALYZE", etc. "SET ROLE" is now forbidden within a SECURITY DEFINER context. [CVE-2007-6600] - Suitably crafted regular-expression patterns could cause crashes, infinite or near-infinite looping, and/or massive memory consumption, all of which pose denial-of-service hazards for applications that accept regex search patterns from untrustworthy sources. [CVE-2007-4769, CVE-2007-4772, CVE-2007-6067] - Require non-superusers who use "/contrib/dblink" to use only password authentication, as a security measure. The fix that appeared for this in 8.2.5 was incomplete, as it plugged the hole for only some "dblink" functions. [CVE-2007-6601, CVE-2007-3278] - Fix bugs in WAL replay for GIN indexes. - Fix GIN index build to work properly when maintenance_work_mem is 4GB or more. - Improve planner's handling of LIKE/regex estimation in non-C locales. - Fix planning-speed problem for deep outer-join nests, as well as possible poor choice of join order. - Fix planner failure in some cases of WHERE false AND var IN (SELECT ...). - Make "CREATE TABLE ... SERIAL" and "ALTER SEQUENCE ... OWNED BY" not change the currval() state of the sequence. - Preserve the tablespace and storage parameters of indexes that are rebuilt by "ALTER TABLE ... ALTER COLUMN TYPE". - Make archive recovery always start a new WAL timeline, rather than only when a recovery stop time was used. This avoids a corner-case risk of trying to overwrite an existing archived copy of the last WAL segment, and seems simpler and cleaner than the original definition. - Make "VACUUM" not use all of maintenance_work_mem when the table is too small for it to be useful. - Fix potential crash in translate() when using a multibyte database encoding. - Make corr() return the correct result for negative correlation values. - Fix overflow in extract(epoch from interval) for intervals exceeding 68 years. - Fix PL/Perl to not fail when a UTF-8 regular expression is used in a trusted function. - Fix PL/Python to work correctly with Python 2.5 on 64-bit machines (Marko Kreen) - Fix PL/Python to not crash on long exception messages. - Fix pg_dump to correctly handle inheritance child tables that have default expressions different from their parent's. - Fix libpq crash when PGPASSFILE refers to a file that is not a plain file. - ecpg parser fixes. - Make "contrib/tablefunc"'s crosstab() handle NULL rowid as a category in its own right, rather than crashing. - Fix tsvector and tsquery output routines to escape backslashes correctly. (LP: #146382) - Fix crash of to_tsvector() on huge input strings. * Drop debian/patches/00upstream-tsearch2-compareWORD.patch, upstream. Files: f186454fb3502c8a669786dbbbaf0376 372380 libdevel optional libpq-dev_8.2.6-0ubuntu0.7.10_hppa.deb 709f0a658e9418010a0182bda6cfdf93 306268 libs optional libpq5_8.2.6-0ubuntu0.7.10_hppa.deb bc31318102a7d7efef2130da22018d55 208202 libs optional libecpg5_8.2.6-0ubuntu0.7.10_hppa.deb 0f10c4356c047caeca4718cd987e6cf0 389094 libdevel optional libecpg-dev_8.2.6-0ubuntu0.7.10_hppa.deb 59f5505d4307924966293d2747c1fd91 188272 libs optional libecpg-compat2_8.2.6-0ubuntu0.7.10_hppa.deb 43fc2b71e5158b03e81dd252f715c4a6 214334 libs optional libpgtypes2_8.2.6-0ubuntu0.7.10_hppa.deb c950584816de33912cd01ff944bfbfa8 5029922 misc optional postgresql-8.2_8.2.6-0ubuntu0.7.10_hppa.deb 2e1f440595efbf3d78dba07880d309a8 1576864 misc optional postgresql-client-8.2_8.2.6-0ubuntu0.7.10_hppa.deb 885e6c04b310322345bfacf25806f54e 680010 libdevel optional postgresql-server-dev-8.2_8.2.6-0ubuntu0.7.10_hppa.deb 8f668e449f22f466aa385879cdeaaeed 740498 misc optional postgresql-contrib-8.2_8.2.6-0ubuntu0.7.10_hppa.deb 74a03da3145e267de53403e2c1e27a24 211234 misc optional postgresql-plperl-8.2_8.2.6-0ubuntu0.7.10_hppa.deb b5ae9374aa673a7844233de98ee7c25c 202230 misc optional postgresql-plpython-8.2_8.2.6-0ubuntu0.7.10_hppa.deb a99ac4b02283d006711585a2930e28e9 199322 misc optional postgresql-pltcl-8.2_8.2.6-0ubuntu0.7.10_hppa.deb Original-Maintainer: Martin Pitt <mpitt@debian.org>