postgresql-8.1 8.1.11-0ubuntu0.6.06.1 source package in Ubuntu
Changelog
postgresql-8.1 (8.1.11-0ubuntu0.6.06.1) dapper-security; urgency=low * New upstream security/bugfix release: - Prevent functions in indexes from executing with the privileges of the user running "VACUUM", "ANALYZE", etc. "SET ROLE" is now forbidden within a SECURITY DEFINER context. [CVE-2007-6600] - Suitably crafted regular-expression patterns could cause crashes, infinite or near-infinite looping, and/or massive memory consumption, all of which pose denial-of-service hazards for applications that accept regex search patterns from untrustworthy sources. [CVE-2007-4769, CVE-2007-4772, CVE-2007-6067] - Require non-superusers who use "/contrib/dblink" to use only password authentication, as a security measure. The fix that appeared for this in 8.2.5 was incomplete, as it plugged the hole for only some "dblink" functions. [CVE-2007-6601, CVE-2007-3278] - Fix planner failure in some cases of WHERE false AND var IN (SELECT ...). - Preserve the tablespace and storage parameters of indexes that are rebuilt by "ALTER TABLE ... ALTER COLUMN TYPE". - Make archive recovery always start a new WAL timeline, rather than only when a recovery stop time was used. This avoids a corner-case risk of trying to overwrite an existing archived copy of the last WAL segment, and seems simpler and cleaner than the original definition. - Make "VACUUM" not use all of maintenance_work_mem when the table is too small for it to be useful. - Fix potential crash in translate() when using a multibyte database encoding. - Fix overflow in extract(epoch from interval) for intervals exceeding 68 years. - Fix PL/Perl to not fail when a UTF-8 regular expression is used in a trusted function. - Fix PL/Python to not crash on long exception messages. - Fix pg_dump to correctly handle inheritance child tables that have default expressions different from their parent's. - Fix libpq crash when PGPASSFILE refers to a file that is not a plain file. - ecpg parser fixes. - Make "contrib/tablefunc"'s crosstab() handle NULL rowid as a category in its own right, rather than crashing. - Fix tsvector and tsquery output routines to escape backslashes correctly. - Fix crash of to_tsvector() on huge input strings. * Use the timezone database from the system tzdata instead of shipping our own. - debian/patches/04-timezone-symlinks.patch: Drop previous hardlink-to-symlink patch to zic, since that is irrelevant now. Replace the patch with a Makefile change that just symlinks /usr/share/zoneinfo to where postgresql previously installed its own tzdata copy. - debian/control: Add locales dependency (which contains tzdata in dapper). - debian/postgresql-8.1.install: Install the 'timezone' symlink, not the files in the dereferenced directory. - debian/postgresql-8.1.postinst: Replace the timezone directory with the symlink on upgrades, since dpkg does not do that automatically. Without this, we'd end up with an empty timezone directory. -- Martin Pitt <email address hidden> Sat, 05 Jan 2008 19:26:49 +0100
Upload details
- Uploaded by:
- Martin Pitt
- Uploaded to:
- Dapper
- Original maintainer:
- Martin Pitt
- Architectures:
- any
- Section:
- misc
- Urgency:
- Low Urgency
See full publishing history Publishing
Series | Published | Component | Section |
---|
Downloads
File | Size | SHA-256 Checksum |
---|---|---|
postgresql-8.1_8.1.11.orig.tar.gz | 10.9 MiB | bb66ac1d7875450c9da1f9931b337157ff2c1d16bd5bd98245cc3007fa945b36 |
postgresql-8.1_8.1.11-0ubuntu0.6.06.1.diff.gz | 26.5 KiB | 112d7adf5c54e4d369cc4b38c6cfb56df34bb4e813a8f32df7d2f09dcf8d4fbb |
postgresql-8.1_8.1.11-0ubuntu0.6.06.1.dsc | 1.1 KiB | e53c920c0a7c2c9e95d97c603803869b3c3af2881905a3a668abedd17d1cf08d |
Binary packages built by this source
- libecpg-compat2: No summary available for libecpg-compat2 in ubuntu dapper.
No description available for libecpg-compat2 in ubuntu dapper.
- libecpg-dev: No summary available for libecpg-dev in ubuntu dapper.
No description available for libecpg-dev in ubuntu dapper.
- libecpg5: No summary available for libecpg5 in ubuntu dapper.
No description available for libecpg5 in ubuntu dapper.
- libpgtypes2: No summary available for libpgtypes2 in ubuntu dapper.
No description available for libpgtypes2 in ubuntu dapper.
- libpq-dev: No summary available for libpq-dev in ubuntu dapper.
No description available for libpq-dev in ubuntu dapper.
- libpq4: No summary available for libpq4 in ubuntu dapper.
No description available for libpq4 in ubuntu dapper.
- postgresql-8.1: No summary available for postgresql-8.1 in ubuntu dapper.
No description available for postgresql-8.1 in ubuntu dapper.
- postgresql-client-8.1: No summary available for postgresql-client-8.1 in ubuntu dapper.
No description available for postgresql-
client- 8.1 in ubuntu dapper.
- postgresql-contrib-8.1: No summary available for postgresql-contrib-8.1 in ubuntu dapper.
No description available for postgresql-
contrib- 8.1 in ubuntu dapper.
- postgresql-doc-8.1: No summary available for postgresql-doc-8.1 in ubuntu dapper.
No description available for postgresql-doc-8.1 in ubuntu dapper.
- postgresql-plperl-8.1: No summary available for postgresql-plperl-8.1 in ubuntu dapper.
No description available for postgresql-
plperl- 8.1 in ubuntu dapper.
- postgresql-plpython-8.1: No summary available for postgresql-plpython-8.1 in ubuntu dapper.
No description available for postgresql-
plpython- 8.1 in ubuntu dapper.
- postgresql-pltcl-8.1: No summary available for postgresql-pltcl-8.1 in ubuntu dapper.
No description available for postgresql-
pltcl-8. 1 in ubuntu dapper.
- postgresql-server-dev-8.1: No summary available for postgresql-server-dev-8.1 in ubuntu dapper.
No description available for postgresql-
server- dev-8.1 in ubuntu dapper.