Package: postgresql-8.3; Maintainer for postgresql-8.3 is (unknown);
Reported by: Afonin Denis <vadm@itkm.ru>
Date: Fri, 27 Feb 2009 14:00:02 UTC
Severity: important
Tags: security, upstream
Found in version postgresql-8.3/8.3.6-1
Fixed in versions postgresql-8.3/8.3.7-1, postgresql-8.3/8.3.7-0lenny1
Done: Martin Pitt <mpitt@debian.org>
Bug is archived. No further changes may be made.
Forwarded to http://archives.postgresql.org/pgsql-bugs/2009-02/msg00172.php
View this report as an mbox folder, status mbox, maintainer mbox
Report forwarded
to debian-bugs-dist@lists.debian.org, Debian Security Team <team@security.debian.org>, Debian Testing Security Team <secure-testing-team@lists.alioth.debian.org>, Martin Pitt <mpitt@debian.org>:
Bug#517405; Package postgresql-8.3.
(Fri, 27 Feb 2009 14:00:04 GMT) (full text, mbox, link).
Acknowledgement sent
to Afonin Denis <vadm@itkm.ru>:
New Bug report received and forwarded. Copy sent to Debian Security Team <team@security.debian.org>, Debian Testing Security Team <secure-testing-team@lists.alioth.debian.org>, Martin Pitt <mpitt@debian.org>.
(Fri, 27 Feb 2009 14:00:04 GMT) (full text, mbox, link).
Message #5 received at submit@bugs.debian.org (full text, mbox, reply):
Package: postgresql-8.3 Version: 8.3.6-1 Severity: serious Tags: security Justification: must As reported in http://archives.postgresql.org/pgsql-bugs/2009-02/msg00172.php using conversion functions width mismatched specified and database codepages causes postgresql to segfault. A serious issue is that a regular user can do that and bring down the whole system. Upstream came up with a patch just hours after the report, and it seems to be slated for 8.3.6: http://archives.postgresql.org/pgsql-bugs/2009-02/msg00176.php -- System Information: Debian Release: 5.0 APT prefers stable APT policy: (500, 'stable') Architecture: amd64 (x86_64) Kernel: Linux 2.6.18+openvz (SMP w/8 CPU cores) Locale: LANG=ru_RU.KOI8-R, LC_CTYPE=ru_RU.KOI8-R (charmap=KOI8-R) Shell: /bin/sh linked to /bin/bash Versions of packages postgresql-8.3 depends on: ii libc6 2.7-18 GNU C Library: Shared libraries ii libcomerr2 1.41.3-1 common error description library ii libkrb53 1.6.dfsg.4~beta1-5 MIT Kerberos runtime libraries ii libldap-2.4-2 2.4.11-1 OpenLDAP libraries ii libpam0g 1.0.1-5 Pluggable Authentication Modules l ii libpq5 8.3.6-1 PostgreSQL C client library ii libssl0.9.8 0.9.8g-15 SSL shared libraries ii libxml2 2.6.32.dfsg-5 GNOME XML library ii locales 2.7-18 GNU C Library: National Language ( ii postgresql-client-8.3 8.3.6-1 front-end programs for PostgreSQL ii postgresql-common 94lenny1 PostgreSQL database-cluster manage ii ssl-cert 1.0.23 simple debconf wrapper for OpenSSL ii tzdata 2008h-2 time zone and daylight-saving time postgresql-8.3 recommends no packages. Versions of packages postgresql-8.3 suggests: ii pidentd [ident-server] 3.0.19.ds1-4 TCP/IP IDENT protocol server with -- no debconf information
Information forwarded
to debian-bugs-dist@lists.debian.org:
Bug#517405; Package postgresql-8.3.
(Sat, 28 Feb 2009 13:33:02 GMT) (full text, mbox, link).
Acknowledgement sent
to Martin Pitt <mpitt@debian.org>:
Extra info received and forwarded to list.
(Sat, 28 Feb 2009 13:33:02 GMT) (full text, mbox, link).
Message #10 received at 517405@bugs.debian.org (full text, mbox, reply):
[Message part 1 (text/plain, inline)]
severity 517405 important tag 517405 upstream forwarded 517405 http://archives.postgresql.org/pgsql-bugs/2009-02/msg00172.php thanks Afonin Denis [2009-02-27 16:57 +0300]: > As reported in http://archives.postgresql.org/pgsql-bugs/2009-02/msg00172.php > using conversion functions width mismatched specified and database codepages causes postgresql to segfault. > A serious issue is that a regular user can do that and bring down the whole system. > > Upstream came up with a patch just hours after the report, and it seems > to be slated for 8.3.6: I assume you mean 8.3.7 :) Anyway, it seems that the patch is still under discussion and hasn't been committed yet. I'll let upstream decide on the right approach, and then the fix will trickle into Debian with 8.3.7. We'll also put 8.3.7 into lenny-updates. Thank you for your report! Martin -- Martin Pitt | http://www.piware.de Ubuntu Developer (www.ubuntu.com) | Debian Developer (www.debian.org)
[signature.asc (application/pgp-signature, inline)]
Severity set to `important' from `serious'
Request was from Martin Pitt <mpitt@debian.org>
to control@bugs.debian.org.
(Sat, 28 Feb 2009 13:33:03 GMT) (full text, mbox, link).
Tags added: upstream
Request was from Martin Pitt <mpitt@debian.org>
to control@bugs.debian.org.
(Sat, 28 Feb 2009 13:33:04 GMT) (full text, mbox, link).
Noted your statement that Bug has been forwarded to http://archives.postgresql.org/pgsql-bugs/2009-02/msg00172.php.
Request was from Martin Pitt <mpitt@debian.org>
to control@bugs.debian.org.
(Sat, 28 Feb 2009 13:33:05 GMT) (full text, mbox, link).
Tags added: pending
Request was from Martin Pitt <mpitt@debian.org>
to control@bugs.debian.org.
(Sat, 14 Mar 2009 18:33:09 GMT) (full text, mbox, link).
Reply sent
to Martin Pitt <mpitt@debian.org>:
You have taken responsibility.
(Wed, 18 Mar 2009 08:06:04 GMT) (full text, mbox, link).
Notification sent
to Afonin Denis <vadm@itkm.ru>:
Bug acknowledged by developer.
(Wed, 18 Mar 2009 08:06:04 GMT) (full text, mbox, link).
Message #23 received at 517405-close@bugs.debian.org (full text, mbox, reply):
Source: postgresql-8.3
Source-Version: 8.3.7-1
We believe that the bug you reported is fixed in the latest version of
postgresql-8.3, which is due to be installed in the Debian FTP archive:
libecpg-compat3_8.3.7-1_i386.deb
to pool/main/p/postgresql-8.3/libecpg-compat3_8.3.7-1_i386.deb
libecpg-dev_8.3.7-1_i386.deb
to pool/main/p/postgresql-8.3/libecpg-dev_8.3.7-1_i386.deb
libecpg6_8.3.7-1_i386.deb
to pool/main/p/postgresql-8.3/libecpg6_8.3.7-1_i386.deb
libpgtypes3_8.3.7-1_i386.deb
to pool/main/p/postgresql-8.3/libpgtypes3_8.3.7-1_i386.deb
libpq-dev_8.3.7-1_i386.deb
to pool/main/p/postgresql-8.3/libpq-dev_8.3.7-1_i386.deb
libpq5_8.3.7-1_i386.deb
to pool/main/p/postgresql-8.3/libpq5_8.3.7-1_i386.deb
postgresql-8.3_8.3.7-1.diff.gz
to pool/main/p/postgresql-8.3/postgresql-8.3_8.3.7-1.diff.gz
postgresql-8.3_8.3.7-1.dsc
to pool/main/p/postgresql-8.3/postgresql-8.3_8.3.7-1.dsc
postgresql-8.3_8.3.7-1_i386.deb
to pool/main/p/postgresql-8.3/postgresql-8.3_8.3.7-1_i386.deb
postgresql-8.3_8.3.7.orig.tar.gz
to pool/main/p/postgresql-8.3/postgresql-8.3_8.3.7.orig.tar.gz
postgresql-client-8.3_8.3.7-1_i386.deb
to pool/main/p/postgresql-8.3/postgresql-client-8.3_8.3.7-1_i386.deb
postgresql-client_8.3.7-1_all.deb
to pool/main/p/postgresql-8.3/postgresql-client_8.3.7-1_all.deb
postgresql-contrib-8.3_8.3.7-1_i386.deb
to pool/main/p/postgresql-8.3/postgresql-contrib-8.3_8.3.7-1_i386.deb
postgresql-contrib_8.3.7-1_all.deb
to pool/main/p/postgresql-8.3/postgresql-contrib_8.3.7-1_all.deb
postgresql-doc-8.3_8.3.7-1_all.deb
to pool/main/p/postgresql-8.3/postgresql-doc-8.3_8.3.7-1_all.deb
postgresql-doc_8.3.7-1_all.deb
to pool/main/p/postgresql-8.3/postgresql-doc_8.3.7-1_all.deb
postgresql-plperl-8.3_8.3.7-1_i386.deb
to pool/main/p/postgresql-8.3/postgresql-plperl-8.3_8.3.7-1_i386.deb
postgresql-plpython-8.3_8.3.7-1_i386.deb
to pool/main/p/postgresql-8.3/postgresql-plpython-8.3_8.3.7-1_i386.deb
postgresql-pltcl-8.3_8.3.7-1_i386.deb
to pool/main/p/postgresql-8.3/postgresql-pltcl-8.3_8.3.7-1_i386.deb
postgresql-server-dev-8.3_8.3.7-1_i386.deb
to pool/main/p/postgresql-8.3/postgresql-server-dev-8.3_8.3.7-1_i386.deb
postgresql_8.3.7-1_all.deb
to pool/main/p/postgresql-8.3/postgresql_8.3.7-1_all.deb
A summary of the changes between this version and the previous one is
attached.
Thank you for reporting the bug, which will now be closed. If you
have further comments please address them to 517405@bugs.debian.org,
and the maintainer will reopen the bug report if appropriate.
Debian distribution maintenance software
pp.
Martin Pitt <mpitt@debian.org> (supplier of updated postgresql-8.3 package)
(This message was generated automatically at their request; if you
believe that there is a problem with it please contact the archive
administrators by mailing ftpmaster@debian.org)
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1
Format: 1.8
Date: Sat, 14 Mar 2009 20:11:20 +0100
Source: postgresql-8.3
Binary: libpq-dev libpq5 libecpg6 libecpg-dev libecpg-compat3 libpgtypes3 postgresql-8.3 postgresql-client-8.3 postgresql-server-dev-8.3 postgresql-doc-8.3 postgresql-contrib-8.3 postgresql-plperl-8.3 postgresql-plpython-8.3 postgresql-pltcl-8.3 postgresql postgresql-client postgresql-doc postgresql-contrib
Architecture: source all i386
Version: 8.3.7-1
Distribution: unstable
Urgency: low
Maintainer: Martin Pitt <mpitt@debian.org>
Changed-By: Martin Pitt <mpitt@debian.org>
Description:
libecpg-compat3 - older version of run-time library for ECPG programs
libecpg-dev - development files for ECPG (Embedded PostgreSQL for C)
libecpg6 - run-time library for ECPG programs
libpgtypes3 - shared library libpgtypes for PostgreSQL 8.3
libpq-dev - header files for libpq5 (PostgreSQL library)
libpq5 - PostgreSQL C client library
postgresql - object-relational SQL database (supported version)
postgresql-8.3 - object-relational SQL database, version 8.3 server
postgresql-client - front-end programs for PostgreSQL (supported version)
postgresql-client-8.3 - front-end programs for PostgreSQL 8.3
postgresql-contrib - additional facilities for PostgreSQL (supported version)
postgresql-contrib-8.3 - additional facilities for PostgreSQL
postgresql-doc - documentation for the PostgreSQL database management system
postgresql-doc-8.3 - documentation for the PostgreSQL database management system
postgresql-plperl-8.3 - PL/Perl procedural language for PostgreSQL 8.3
postgresql-plpython-8.3 - PL/Python procedural language for PostgreSQL 8.3
postgresql-pltcl-8.3 - PL/Tcl procedural language for PostgreSQL 8.3
postgresql-server-dev-8.3 - development files for PostgreSQL 8.3 server-side programming
Closes: 517405 519582
Changes:
postgresql-8.3 (8.3.7-1) unstable; urgency=low
.
* New upstream bug fix release:
- Prevent error recursion crashes when encoding conversion fails.
This change extends fixes made in the last two minor releases for
related failure scenarios. The previous fixes were narrowly
tailored for the original problem reports, but we have now
recognized that *any* error thrown by an encoding conversion
function could potentially lead to infinite recursion while trying
to report the error. The solution therefore is to disable
translation and encoding conversion and report the plain-ASCII form
of any error message, if we find we have gotten into a recursive
error reporting situation. (Closes: #517405)
- Disallow "CREATE CONVERSION" with the wrong encodings for the
specified conversion function. This prevents one possible scenario for
encoding conversion failure. The previous change is a backstop to guard
against other kinds of failures in the same area.
- Fix xpath() to not modify the path expression unless necessary, and
to make a saner attempt at it when necessary.
The SQL standard suggests that xpath should work on data that is a
document fragment, but libxml doesn't support that, and indeed it's
not clear that this is sensible according to the XPath standard.
xpath attempted to work around this mismatch by modifying both the
data and the path expression, but the modification was buggy and
could cause valid searches to fail. Now, xpath checks whether the
data is in fact a well-formed document, and if so invokes libxml
with no change to the data or path expression. Otherwise, a
different modification method that is somewhat less likely to fail
is used.
Note: The new modification method is still not 100% satisfactory,
and it seems likely that no real solution is possible. This patch
should therefore be viewed as a band-aid to keep from breaking
existing applications unnecessarily. It is likely that PostgreSQL
8.4 will simply reject use of xpath on data that is not a
well-formed document.
- Fix core dump when to_char() is given format codes that are
inappropriate for the type of the data argument.
- Fix extreme inefficiency in text search parser's handling of an
email-like string containing multiple @ characters.
- Fix planner problem with sub-"SELECT" in the output list of a
larger subquery.
- Fix decompilation of CASE WHEN with an implicit coercion.
- Fix possible misassignment of the owner of a TOAST table's rowtype.
If "CLUSTER" or a rewriting variant of "ALTER TABLE" were executed
by someone other than the table owner, the pg_type entry for the
table's TOAST table would end up marked as owned by that someone.
This caused no immediate problems, since the permissions on the
TOAST rowtype aren't examined by any ordinary database operation.
However, it could lead to unexpected failures if one later tried to
drop the role that issued the command (in 8.1 or 8.2), or "owner of
data type appears to be invalid" warnings from pg_dump after having
done so (in 8.3).
- Change "UNLISTEN" to exit quickly if the current session has never
executed any "LISTEN" command.
Most of the time this is not a particularly useful optimization,
but since "DISCARD ALL" invokes "UNLISTEN", the previous coding
caused a substantial performance problem for applications that made
heavy use of "DISCARD ALL".
- Fix PL/pgSQL to not treat INTO after "INSERT" as an INTO-variables
clause anywhere in the string, not only at the start; in
particular, don't fail for "INSERT INTO" within "CREATE RULE".
- Clean up PL/pgSQL error status variables fully at block exit.
This is not a problem for PL/pgSQL itself, but the omission could
cause the PL/pgSQL Debugger to crash while examining the state of a
function.
- Add MUST (Mauritius Island Summer Time) to the default list of
known timezone abbreviations (Xavier Bugaud)
* debian/postgresql-8.3.init: Drop obsolete autovac-* commands.
(Closes: #519582)
* debian/rules: Enable build hardening on Debian now. Drop lsb-release build
dependency, since we do not need it any more.
Checksums-Sha1:
8a2d4355c0ae6e957a57eaa966db4bc67104f436 1628 postgresql-8.3_8.3.7-1.dsc
2e6b29bcafa27964990228522363a2dcf3d6c960 13814173 postgresql-8.3_8.3.7.orig.tar.gz
89fdb037bdbbb172e6c566c79581bc73c2348b7d 65003 postgresql-8.3_8.3.7-1.diff.gz
a7b7b851515b428a9f4c67b1b716176ee782da51 2125580 postgresql-doc-8.3_8.3.7-1_all.deb
06f8bd0c6434ae60cceaad0042ed436ebb7e1ee2 234718 postgresql_8.3.7-1_all.deb
c8923b06068cbc7a9de923e9f5eab473ef270561 234682 postgresql-client_8.3.7-1_all.deb
a6c9233236500dbdc6921e2a6e06e68258ed4a1a 234524 postgresql-doc_8.3.7-1_all.deb
76faa0f34771e413df01eb424aa7caef51564723 234580 postgresql-contrib_8.3.7-1_all.deb
24af5fa0228edfa3ecc3ccdeacf3da568286b6a5 430202 libpq-dev_8.3.7-1_i386.deb
f2eac368a638b6238884772e80e42b8284545414 364388 libpq5_8.3.7-1_i386.deb
ed3a30074c343334a87a789d421ae067b3d537e8 262880 libecpg6_8.3.7-1_i386.deb
d0728a7d68538e39065b6460dffa861534f1385c 446916 libecpg-dev_8.3.7-1_i386.deb
5579831be88026a6dece81fce7ec0d11b30fae0e 241748 libecpg-compat3_8.3.7-1_i386.deb
3fe9c842ab450be0b23525e6d2097739341889e1 263810 libpgtypes3_8.3.7-1_i386.deb
b8022dbf96238870c1e19d15cdfa54d247f75da8 5234546 postgresql-8.3_8.3.7-1_i386.deb
672e95dcdfda4c3b7f0d7abe51283474f8bd246f 1671434 postgresql-client-8.3_8.3.7-1_i386.deb
6e1d9379d1ad33fc5f7db7e8df2446f1fd20c4d6 807078 postgresql-server-dev-8.3_8.3.7-1_i386.deb
2e93b78c0bba6dc5582c07f7f04b21076be6bd7f 565180 postgresql-contrib-8.3_8.3.7-1_i386.deb
6c049815ffa45b9e4366395c6216c37989c5ec71 260360 postgresql-plperl-8.3_8.3.7-1_i386.deb
44222e7a44adec88996f2390f40ef603f26f83a2 253408 postgresql-plpython-8.3_8.3.7-1_i386.deb
47a584205e8dfa39e9bd9bdd534160112a94d540 252468 postgresql-pltcl-8.3_8.3.7-1_i386.deb
Checksums-Sha256:
c9aae99fb5a5d71d9ef2c1a74c4a28053c4a53309ce36445073e7f781495235d 1628 postgresql-8.3_8.3.7-1.dsc
b476ff30ff01a2b93449a22d55cd39b450742f1dd49d22fa765d869a2fc08368 13814173 postgresql-8.3_8.3.7.orig.tar.gz
e719524cb53ff6d411b9ca39657c181deab00bf8725e1999065325f38e9ec168 65003 postgresql-8.3_8.3.7-1.diff.gz
79e51d17fc9c547b89749a11ea861c318576f89e06694be843f5ee4d1dd7fd7a 2125580 postgresql-doc-8.3_8.3.7-1_all.deb
942bd4f6b5a54f2fef3d90402abb88d4f2414107347d001c9b3020f569963af6 234718 postgresql_8.3.7-1_all.deb
bf2cc7bdbdda401c89ddd7d9416384269f2e244e7f92cfdab26947c4febfda62 234682 postgresql-client_8.3.7-1_all.deb
676e819d9e3e3fc913c9f28c1110c17ed2a3389fa5b5277516fb70507a7a8050 234524 postgresql-doc_8.3.7-1_all.deb
d7c7346cb94439f324282be571522b897c3d0127389cbe47702399043bb4f8b0 234580 postgresql-contrib_8.3.7-1_all.deb
272ca149d59e1e64b9339ca1e0b69270edc7116278759ac4e2cdedade8eca077 430202 libpq-dev_8.3.7-1_i386.deb
2c060cc14ce28b1a86ba2c872ce45f28eb737857d083def88d321685997b690f 364388 libpq5_8.3.7-1_i386.deb
a2402eddba260e6f27810ad8b3325e00f54eaffb8166cdbc5aa12d874a67fda1 262880 libecpg6_8.3.7-1_i386.deb
9881e92c30be6a4bbe8d8c9a1b3237742cb663b6f683062b36ad08b11711fc61 446916 libecpg-dev_8.3.7-1_i386.deb
c63bc8fea9af80e4bc69b85e3771ab6d156d41c4500f5f9cf55d189db045f722 241748 libecpg-compat3_8.3.7-1_i386.deb
42549a9d32aaca403703d569529f665d217a4bbdd04a83b037b37ed86dab6f15 263810 libpgtypes3_8.3.7-1_i386.deb
7d36ef19e7780c66fe5f399e11bec73d4b1e9f13815eae023222dd2856a3f4f7 5234546 postgresql-8.3_8.3.7-1_i386.deb
37be62a67e26742a494bb4e58e1a7a3a2860a8298dea39cd77ddecc2fa995182 1671434 postgresql-client-8.3_8.3.7-1_i386.deb
a133f2eaa218bb0cab671fa8bc578464321991eca686c28d3ddeab95a24d39c0 807078 postgresql-server-dev-8.3_8.3.7-1_i386.deb
113f741020918dfd1a1926758012ff308eb85ba2714e97e775ef09cd45b28d4e 565180 postgresql-contrib-8.3_8.3.7-1_i386.deb
fb8f9930a36e5670cfe60cceafe1cf6c8131219013c40017c182565d952d7827 260360 postgresql-plperl-8.3_8.3.7-1_i386.deb
034160d192d541422c855199cee526825ba3ab738b2f3ee274fb8c998a43839a 253408 postgresql-plpython-8.3_8.3.7-1_i386.deb
7dfc7eee4427997d0cc23343acdf7c734534572251626e006643a9e439b21d63 252468 postgresql-pltcl-8.3_8.3.7-1_i386.deb
Files:
f6169a277d571bde073886b0518f7ace 1628 misc optional postgresql-8.3_8.3.7-1.dsc
850f5e17f2d0a8272214ed75da4befc7 13814173 misc optional postgresql-8.3_8.3.7.orig.tar.gz
47052919959817c00bebde24cabf9723 65003 misc optional postgresql-8.3_8.3.7-1.diff.gz
3564a7994b8ef7cda49e6726c2b28e55 2125580 doc optional postgresql-doc-8.3_8.3.7-1_all.deb
fe2f70b1ef01c6f7e0c6c01384463e34 234718 misc optional postgresql_8.3.7-1_all.deb
7e3f79dd41154e9b686935981e3ddcea 234682 misc optional postgresql-client_8.3.7-1_all.deb
376cfd82076fdc4a3f837d59a2388db4 234524 doc optional postgresql-doc_8.3.7-1_all.deb
bbc11f2445f3395992b8534aff58ee96 234580 misc optional postgresql-contrib_8.3.7-1_all.deb
da1d717769ad38c2a31846c048962abe 430202 libdevel optional libpq-dev_8.3.7-1_i386.deb
664948a71de4c8fac15066c8b938c0c1 364388 libs optional libpq5_8.3.7-1_i386.deb
f75a00f2e7f3e4924524ec7e5a88ab04 262880 libs optional libecpg6_8.3.7-1_i386.deb
c01c139c49cc9f3ef7242ede2bbd4f0c 446916 libdevel optional libecpg-dev_8.3.7-1_i386.deb
bf77f941b7f165d7385c112f3ebbf7a2 241748 libs optional libecpg-compat3_8.3.7-1_i386.deb
edd749dcfbe7a7b08189f9ecad53c938 263810 libs optional libpgtypes3_8.3.7-1_i386.deb
8fdd68334bbb1603277448e353686459 5234546 misc optional postgresql-8.3_8.3.7-1_i386.deb
c21606073fc75b318310a60a456c5ee7 1671434 misc optional postgresql-client-8.3_8.3.7-1_i386.deb
80f246395db3ff5b1e9006b6efb69a52 807078 libdevel optional postgresql-server-dev-8.3_8.3.7-1_i386.deb
b631ed267fbb32921359d4ab98356108 565180 misc optional postgresql-contrib-8.3_8.3.7-1_i386.deb
96451156137cff9ca02ce739f32338cf 260360 misc optional postgresql-plperl-8.3_8.3.7-1_i386.deb
23619d0cae5f0001161d79bb92b87b8d 253408 misc optional postgresql-plpython-8.3_8.3.7-1_i386.deb
fa440d7293417c89571a0302ddf8aab1 252468 misc optional postgresql-pltcl-8.3_8.3.7-1_i386.deb
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.9 (GNU/Linux)
iEYEARECAAYFAkm8EecACgkQDecnbV4Fd/K40gCgnVN/2lI1w36GAfBHUqWZcNHj
zVcAn0DdDht+vdecHXC3HbxvygL7jHfe
=eu9s
-----END PGP SIGNATURE-----
Reply sent
to Martin Pitt <mpitt@debian.org>:
You have taken responsibility.
(Wed, 25 Mar 2009 14:12:06 GMT) (full text, mbox, link).
Notification sent
to Afonin Denis <vadm@itkm.ru>:
Bug acknowledged by developer.
(Wed, 25 Mar 2009 14:12:06 GMT) (full text, mbox, link).
Message #28 received at 517405-close@bugs.debian.org (full text, mbox, reply):
Source: postgresql-8.3
Source-Version: 8.3.7-0lenny1
We believe that the bug you reported is fixed in the latest version of
postgresql-8.3, which is due to be installed in the Debian FTP archive:
libecpg-compat3_8.3.7-0lenny1_i386.deb
to pool/main/p/postgresql-8.3/libecpg-compat3_8.3.7-0lenny1_i386.deb
libecpg-dev_8.3.7-0lenny1_i386.deb
to pool/main/p/postgresql-8.3/libecpg-dev_8.3.7-0lenny1_i386.deb
libecpg6_8.3.7-0lenny1_i386.deb
to pool/main/p/postgresql-8.3/libecpg6_8.3.7-0lenny1_i386.deb
libpgtypes3_8.3.7-0lenny1_i386.deb
to pool/main/p/postgresql-8.3/libpgtypes3_8.3.7-0lenny1_i386.deb
libpq-dev_8.3.7-0lenny1_i386.deb
to pool/main/p/postgresql-8.3/libpq-dev_8.3.7-0lenny1_i386.deb
libpq5_8.3.7-0lenny1_i386.deb
to pool/main/p/postgresql-8.3/libpq5_8.3.7-0lenny1_i386.deb
postgresql-8.3_8.3.7-0lenny1.diff.gz
to pool/main/p/postgresql-8.3/postgresql-8.3_8.3.7-0lenny1.diff.gz
postgresql-8.3_8.3.7-0lenny1.dsc
to pool/main/p/postgresql-8.3/postgresql-8.3_8.3.7-0lenny1.dsc
postgresql-8.3_8.3.7-0lenny1_i386.deb
to pool/main/p/postgresql-8.3/postgresql-8.3_8.3.7-0lenny1_i386.deb
postgresql-client-8.3_8.3.7-0lenny1_i386.deb
to pool/main/p/postgresql-8.3/postgresql-client-8.3_8.3.7-0lenny1_i386.deb
postgresql-client_8.3.7-0lenny1_all.deb
to pool/main/p/postgresql-8.3/postgresql-client_8.3.7-0lenny1_all.deb
postgresql-contrib-8.3_8.3.7-0lenny1_i386.deb
to pool/main/p/postgresql-8.3/postgresql-contrib-8.3_8.3.7-0lenny1_i386.deb
postgresql-contrib_8.3.7-0lenny1_all.deb
to pool/main/p/postgresql-8.3/postgresql-contrib_8.3.7-0lenny1_all.deb
postgresql-doc-8.3_8.3.7-0lenny1_all.deb
to pool/main/p/postgresql-8.3/postgresql-doc-8.3_8.3.7-0lenny1_all.deb
postgresql-doc_8.3.7-0lenny1_all.deb
to pool/main/p/postgresql-8.3/postgresql-doc_8.3.7-0lenny1_all.deb
postgresql-plperl-8.3_8.3.7-0lenny1_i386.deb
to pool/main/p/postgresql-8.3/postgresql-plperl-8.3_8.3.7-0lenny1_i386.deb
postgresql-plpython-8.3_8.3.7-0lenny1_i386.deb
to pool/main/p/postgresql-8.3/postgresql-plpython-8.3_8.3.7-0lenny1_i386.deb
postgresql-pltcl-8.3_8.3.7-0lenny1_i386.deb
to pool/main/p/postgresql-8.3/postgresql-pltcl-8.3_8.3.7-0lenny1_i386.deb
postgresql-server-dev-8.3_8.3.7-0lenny1_i386.deb
to pool/main/p/postgresql-8.3/postgresql-server-dev-8.3_8.3.7-0lenny1_i386.deb
postgresql_8.3.7-0lenny1_all.deb
to pool/main/p/postgresql-8.3/postgresql_8.3.7-0lenny1_all.deb
A summary of the changes between this version and the previous one is
attached.
Thank you for reporting the bug, which will now be closed. If you
have further comments please address them to 517405@bugs.debian.org,
and the maintainer will reopen the bug report if appropriate.
Debian distribution maintenance software
pp.
Martin Pitt <mpitt@debian.org> (supplier of updated postgresql-8.3 package)
(This message was generated automatically at their request; if you
believe that there is a problem with it please contact the archive
administrators by mailing ftpmaster@debian.org)
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1
Format: 1.8
Date: Sat, 14 Mar 2009 19:17:23 +0100
Source: postgresql-8.3
Binary: libpq-dev libpq5 libecpg6 libecpg-dev libecpg-compat3 libpgtypes3 postgresql-8.3 postgresql-client-8.3 postgresql-server-dev-8.3 postgresql-doc-8.3 postgresql-contrib-8.3 postgresql-plperl-8.3 postgresql-plpython-8.3 postgresql-pltcl-8.3 postgresql postgresql-client postgresql-doc postgresql-contrib
Architecture: source all i386
Version: 8.3.7-0lenny1
Distribution: stable
Urgency: low
Maintainer: Martin Pitt <mpitt@debian.org>
Changed-By: Martin Pitt <mpitt@debian.org>
Description:
libecpg-compat3 - older version of run-time library for ECPG programs
libecpg-dev - development files for ECPG (Embedded PostgreSQL for C)
libecpg6 - run-time library for ECPG programs
libpgtypes3 - shared library libpgtypes for PostgreSQL 8.3
libpq-dev - header files for libpq5 (PostgreSQL library)
libpq5 - PostgreSQL C client library
postgresql - object-relational SQL database (supported version)
postgresql-8.3 - object-relational SQL database, version 8.3 server
postgresql-client - front-end programs for PostgreSQL (supported version)
postgresql-client-8.3 - front-end programs for PostgreSQL 8.3
postgresql-contrib - additional facilities for PostgreSQL (supported version)
postgresql-contrib-8.3 - additional facilities for PostgreSQL
postgresql-doc - documentation for the PostgreSQL database management system
postgresql-doc-8.3 - documentation for the PostgreSQL database management system
postgresql-plperl-8.3 - PL/Perl procedural language for PostgreSQL 8.3
postgresql-plpython-8.3 - PL/Python procedural language for PostgreSQL 8.3
postgresql-pltcl-8.3 - PL/Tcl procedural language for PostgreSQL 8.3
postgresql-server-dev-8.3 - development files for PostgreSQL 8.3 server-side programming
Closes: 517405
Changes:
postgresql-8.3 (8.3.7-0lenny1) stable; urgency=low
.
* New upstream bug fix release:
- Prevent error recursion crashes when encoding conversion fails.
This change extends fixes made in the last two minor releases for
related failure scenarios. The previous fixes were narrowly
tailored for the original problem reports, but we have now
recognized that *any* error thrown by an encoding conversion
function could potentially lead to infinite recursion while trying
to report the error. The solution therefore is to disable
translation and encoding conversion and report the plain-ASCII form
of any error message, if we find we have gotten into a recursive
error reporting situation. (Closes: #517405)
- Disallow "CREATE CONVERSION" with the wrong encodings for the
specified conversion function. This prevents one possible scenario for
encoding conversion failure. The previous change is a backstop to guard
against other kinds of failures in the same area.
- Fix xpath() to not modify the path expression unless necessary, and
to make a saner attempt at it when necessary.
The SQL standard suggests that xpath should work on data that is a
document fragment, but libxml doesn't support that, and indeed it's
not clear that this is sensible according to the XPath standard.
xpath attempted to work around this mismatch by modifying both the
data and the path expression, but the modification was buggy and
could cause valid searches to fail. Now, xpath checks whether the
data is in fact a well-formed document, and if so invokes libxml
with no change to the data or path expression. Otherwise, a
different modification method that is somewhat less likely to fail
is used.
Note: The new modification method is still not 100% satisfactory,
and it seems likely that no real solution is possible. This patch
should therefore be viewed as a band-aid to keep from breaking
existing applications unnecessarily. It is likely that PostgreSQL
8.4 will simply reject use of xpath on data that is not a
well-formed document.
- Fix core dump when to_char() is given format codes that are
inappropriate for the type of the data argument.
- Fix extreme inefficiency in text search parser's handling of an
email-like string containing multiple @ characters.
- Fix planner problem with sub-"SELECT" in the output list of a
larger subquery.
- Fix decompilation of CASE WHEN with an implicit coercion.
- Fix possible misassignment of the owner of a TOAST table's rowtype.
If "CLUSTER" or a rewriting variant of "ALTER TABLE" were executed
by someone other than the table owner, the pg_type entry for the
table's TOAST table would end up marked as owned by that someone.
This caused no immediate problems, since the permissions on the
TOAST rowtype aren't examined by any ordinary database operation.
However, it could lead to unexpected failures if one later tried to
drop the role that issued the command (in 8.1 or 8.2), or "owner of
data type appears to be invalid" warnings from pg_dump after having
done so (in 8.3).
- Change "UNLISTEN" to exit quickly if the current session has never
executed any "LISTEN" command.
Most of the time this is not a particularly useful optimization,
but since "DISCARD ALL" invokes "UNLISTEN", the previous coding
caused a substantial performance problem for applications that made
heavy use of "DISCARD ALL".
- Fix PL/pgSQL to not treat INTO after "INSERT" as an INTO-variables
clause anywhere in the string, not only at the start; in
particular, don't fail for "INSERT INTO" within "CREATE RULE".
- Clean up PL/pgSQL error status variables fully at block exit.
This is not a problem for PL/pgSQL itself, but the omission could
cause the PL/pgSQL Debugger to crash while examining the state of a
function.
- Add MUST (Mauritius Island Summer Time) to the default list of
known timezone abbreviations (Xavier Bugaud)
Checksums-Sha1:
3421d4d9a2e6a8dda6104ea3abdbefe5e987d32e 1665 postgresql-8.3_8.3.7-0lenny1.dsc
a4aada6f9d6ed25c8e99b691dd9796dec95eb074 42746 postgresql-8.3_8.3.7-0lenny1.diff.gz
a693f108496cd37832f64c8a2c39a778b9313985 2125832 postgresql-doc-8.3_8.3.7-0lenny1_all.deb
918c337d68e412531996689555f587ff52dc0d3f 234668 postgresql_8.3.7-0lenny1_all.deb
f1b8d8a92445e56cb896d11cf8619a07bc00e2b1 234638 postgresql-client_8.3.7-0lenny1_all.deb
b0024740228b3622ecece2f1626ca41d5d27f065 234476 postgresql-doc_8.3.7-0lenny1_all.deb
68680e7e4a20d5a2a2de61158089d17251991983 234534 postgresql-contrib_8.3.7-0lenny1_all.deb
43963f9a5d0fa54ffb1d2c8d828a34912945bf85 428056 libpq-dev_8.3.7-0lenny1_i386.deb
1c141364b3d86cdc7846f94a6a5d9f96c5b34a9c 363392 libpq5_8.3.7-0lenny1_i386.deb
81f32e5ce561c19ac54dcb7b62682541ef0d5ba5 262644 libecpg6_8.3.7-0lenny1_i386.deb
697f21c3d3fd803c35ba4bc42e635ddc7e397172 444342 libecpg-dev_8.3.7-0lenny1_i386.deb
7ea08e861b9e57fc84dd2a8d541fa997095043ec 241714 libecpg-compat3_8.3.7-0lenny1_i386.deb
27162aa5a80875cddeeabf91e67b0abc7dfda281 263282 libpgtypes3_8.3.7-0lenny1_i386.deb
8699da70c00b41fb7633ac97683aa4ade8346f30 5208078 postgresql-8.3_8.3.7-0lenny1_i386.deb
afe5d58b9d5c53f141b84e83d117e2b24522be7b 1650982 postgresql-client-8.3_8.3.7-0lenny1_i386.deb
562e6dc56d030c0c9a1af8e926247392455e86ca 805600 postgresql-server-dev-8.3_8.3.7-0lenny1_i386.deb
c032d20e692e32a8079fb636560d1f68506464a2 560160 postgresql-contrib-8.3_8.3.7-0lenny1_i386.deb
e969c875ecbde3e68dd26c40cbd66cebba9340ef 260242 postgresql-plperl-8.3_8.3.7-0lenny1_i386.deb
3c4a916cf58dcfc318468c25f5b76b9d9d13aecd 253226 postgresql-plpython-8.3_8.3.7-0lenny1_i386.deb
1ca7eac014dc4432b9b89fe9886996886bff8a21 252194 postgresql-pltcl-8.3_8.3.7-0lenny1_i386.deb
Checksums-Sha256:
c34564519d51cfcc801d3db961e174e336a86ee18251c0443147c3f10e0bc0aa 1665 postgresql-8.3_8.3.7-0lenny1.dsc
05b6010864698d31683d64333462740c75cc185fc53322c10f7d76286d045646 42746 postgresql-8.3_8.3.7-0lenny1.diff.gz
864c8bc3f2ab49fcad0e56a67481978497458b554f9e06eac1a76f18b91af0c3 2125832 postgresql-doc-8.3_8.3.7-0lenny1_all.deb
3dd184a80fc3ab1b18ea6ea11445effe441db6598cd1434abbf78498d2f4bece 234668 postgresql_8.3.7-0lenny1_all.deb
06b328460c7012c2a81d93af04b3d8462052fc5e71bd5d40900b114bd28793fe 234638 postgresql-client_8.3.7-0lenny1_all.deb
2f63d39c2324c402fd2148bd5f982d55b9dbc9717b93d1942c2429afbd4370cb 234476 postgresql-doc_8.3.7-0lenny1_all.deb
be3882a85497923e01f59fefd800e5243b3ae8d8f4e2b9f9f98fea8fb12fdcf9 234534 postgresql-contrib_8.3.7-0lenny1_all.deb
136528d3b80f9c4c96b694a373ab1120c3a36365a0a96d522a245806813ecfb9 428056 libpq-dev_8.3.7-0lenny1_i386.deb
279c6b4ea9d8a03d5e008d7c4a7a1acdfdf1b36b4b31cb0a7c74c62c25097994 363392 libpq5_8.3.7-0lenny1_i386.deb
44af5f7830a2beb664c6509ef41f192cf8ab9f2e13c49b8ee0c39022ea0db246 262644 libecpg6_8.3.7-0lenny1_i386.deb
a136930d3f004a0bd46264e51892d460cb08061d44e9a5c375fbed10e3d8cbff 444342 libecpg-dev_8.3.7-0lenny1_i386.deb
2ecf645c6bc958d1fd3c6543f18fd59ac473184d29a985f078e6f2cca14c2eaa 241714 libecpg-compat3_8.3.7-0lenny1_i386.deb
b0c911a15f98b3e66b511bb68f3e29c5f554b8642544776c91a748703d6a40b5 263282 libpgtypes3_8.3.7-0lenny1_i386.deb
f15be2931bfb11b0e382e3c68de92c6e94e7eae58bbdea490404b15a83753877 5208078 postgresql-8.3_8.3.7-0lenny1_i386.deb
6afd86292f02f98b991868be190840b61358ab1bf24a2a2d157bad5db05d8e9c 1650982 postgresql-client-8.3_8.3.7-0lenny1_i386.deb
999e4e0fee8d78ed6082133a396c45d449fb0223da3557c4ff9e8c68511fb8cb 805600 postgresql-server-dev-8.3_8.3.7-0lenny1_i386.deb
06bc3b5584e4d0a45f859a11bd8bc91121e595449b289f10fd336a089ea040d2 560160 postgresql-contrib-8.3_8.3.7-0lenny1_i386.deb
711c385e773fe5faf9084138821fd5c9f5ca605a2db4398e29dcb81350b2e9f7 260242 postgresql-plperl-8.3_8.3.7-0lenny1_i386.deb
20307c0d7ed1a574167e89e23c23cfa52fdf5ebb895f029a1ab4d2d344277534 253226 postgresql-plpython-8.3_8.3.7-0lenny1_i386.deb
e11c7b4ed3819ff7cc81bdf5dabd1a5cebf70d332b7816f768f12c113769ba24 252194 postgresql-pltcl-8.3_8.3.7-0lenny1_i386.deb
Files:
cefb47755f7d0c43200cfd2970fa84b7 1665 misc optional postgresql-8.3_8.3.7-0lenny1.dsc
246bf61b49bb1c9d759a8693f1675596 42746 misc optional postgresql-8.3_8.3.7-0lenny1.diff.gz
c38a66535e5b31ce4d3f960b6d01a81f 2125832 doc optional postgresql-doc-8.3_8.3.7-0lenny1_all.deb
ae91c989c4b798311ec054c5d01a4425 234668 misc optional postgresql_8.3.7-0lenny1_all.deb
5c64a75504182179863a4c2b2741adde 234638 misc optional postgresql-client_8.3.7-0lenny1_all.deb
2092d673e25728521e9bace3865bc606 234476 doc optional postgresql-doc_8.3.7-0lenny1_all.deb
2936998bfad471c3374eabf703ee3324 234534 misc optional postgresql-contrib_8.3.7-0lenny1_all.deb
ea4e58987dcc5921e33d5440f7567ee0 428056 libdevel optional libpq-dev_8.3.7-0lenny1_i386.deb
d68a6d2476cd5bded4ba3a285e8390ae 363392 libs optional libpq5_8.3.7-0lenny1_i386.deb
fd2837f56ac826b269c4d09358485cc3 262644 libs optional libecpg6_8.3.7-0lenny1_i386.deb
6fe82e511d77c9fb47912b0b7657e3c8 444342 libdevel optional libecpg-dev_8.3.7-0lenny1_i386.deb
d93f76b8a38932d54fb3bf228bc7092b 241714 libs optional libecpg-compat3_8.3.7-0lenny1_i386.deb
bb47de1ba28b4d0347f4b8d74f1190ec 263282 libs optional libpgtypes3_8.3.7-0lenny1_i386.deb
d6663908aa5a8e430e9ea769bf979998 5208078 misc optional postgresql-8.3_8.3.7-0lenny1_i386.deb
de0a4f9ab42168fb0af86b31491dd2bf 1650982 misc optional postgresql-client-8.3_8.3.7-0lenny1_i386.deb
a7634cf632f0a9e4f6e9c6be0b96e88f 805600 libdevel optional postgresql-server-dev-8.3_8.3.7-0lenny1_i386.deb
59a01cd7e7cbaee0c64e10387280664d 560160 misc optional postgresql-contrib-8.3_8.3.7-0lenny1_i386.deb
f9ecf02f71a75dc71b4672fcab110269 260242 misc optional postgresql-plperl-8.3_8.3.7-0lenny1_i386.deb
85e1c6d77a136826272154ebfb96b9c7 253226 misc optional postgresql-plpython-8.3_8.3.7-0lenny1_i386.deb
bc06674c47df8eb5b31473c5b006c035 252194 misc optional postgresql-pltcl-8.3_8.3.7-0lenny1_i386.deb
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.9 (GNU/Linux)
iEYEARECAAYFAknA59IACgkQDecnbV4Fd/IkGACgmXubPbdcI5QgoCNDQmOp5N3P
MiEAoMdwApdYYPUPREcz77N0Zhumu5tE
=LZKW
-----END PGP SIGNATURE-----
Information forwarded
to debian-bugs-dist@lists.debian.org, Martin Pitt <mpitt@debian.org>:
Bug#517405; Package postgresql-8.3.
(Tue, 07 Apr 2009 21:54:05 GMT) (full text, mbox, link).
Acknowledgement sent
to "Michael S. Gilbert" <michael.s.gilbert@gmail.com>:
Extra info received and forwarded to list. Copy sent to Martin Pitt <mpitt@debian.org>.
(Tue, 07 Apr 2009 21:54:06 GMT) (full text, mbox, link).
Message #33 received at 517405@bugs.debian.org (full text, mbox, reply):
hello, thanks for fixing this security issue. please coordinate with the security team (team@security.debian.org) to prepare new packages for the stable releases. thank you.
Reply sent
to Martin Pitt <mpitt@debian.org>:
You have taken responsibility.
(Sat, 11 Apr 2009 17:21:13 GMT) (full text, mbox, link).
Notification sent
to Afonin Denis <vadm@itkm.ru>:
Bug acknowledged by developer.
(Sat, 11 Apr 2009 17:21:13 GMT) (full text, mbox, link).
Message #38 received at 517405-close@bugs.debian.org (full text, mbox, reply):
Source: postgresql-8.3
Source-Version: 8.3.7-0lenny1
We believe that the bug you reported is fixed in the latest version of
postgresql-8.3, which is due to be installed in the Debian FTP archive:
libecpg-compat3_8.3.7-0lenny1_i386.deb
to pool/main/p/postgresql-8.3/libecpg-compat3_8.3.7-0lenny1_i386.deb
libecpg-dev_8.3.7-0lenny1_i386.deb
to pool/main/p/postgresql-8.3/libecpg-dev_8.3.7-0lenny1_i386.deb
libecpg6_8.3.7-0lenny1_i386.deb
to pool/main/p/postgresql-8.3/libecpg6_8.3.7-0lenny1_i386.deb
libpgtypes3_8.3.7-0lenny1_i386.deb
to pool/main/p/postgresql-8.3/libpgtypes3_8.3.7-0lenny1_i386.deb
libpq-dev_8.3.7-0lenny1_i386.deb
to pool/main/p/postgresql-8.3/libpq-dev_8.3.7-0lenny1_i386.deb
libpq5_8.3.7-0lenny1_i386.deb
to pool/main/p/postgresql-8.3/libpq5_8.3.7-0lenny1_i386.deb
postgresql-8.3_8.3.7-0lenny1.diff.gz
to pool/main/p/postgresql-8.3/postgresql-8.3_8.3.7-0lenny1.diff.gz
postgresql-8.3_8.3.7-0lenny1.dsc
to pool/main/p/postgresql-8.3/postgresql-8.3_8.3.7-0lenny1.dsc
postgresql-8.3_8.3.7-0lenny1_i386.deb
to pool/main/p/postgresql-8.3/postgresql-8.3_8.3.7-0lenny1_i386.deb
postgresql-client-8.3_8.3.7-0lenny1_i386.deb
to pool/main/p/postgresql-8.3/postgresql-client-8.3_8.3.7-0lenny1_i386.deb
postgresql-client_8.3.7-0lenny1_all.deb
to pool/main/p/postgresql-8.3/postgresql-client_8.3.7-0lenny1_all.deb
postgresql-contrib-8.3_8.3.7-0lenny1_i386.deb
to pool/main/p/postgresql-8.3/postgresql-contrib-8.3_8.3.7-0lenny1_i386.deb
postgresql-contrib_8.3.7-0lenny1_all.deb
to pool/main/p/postgresql-8.3/postgresql-contrib_8.3.7-0lenny1_all.deb
postgresql-doc-8.3_8.3.7-0lenny1_all.deb
to pool/main/p/postgresql-8.3/postgresql-doc-8.3_8.3.7-0lenny1_all.deb
postgresql-doc_8.3.7-0lenny1_all.deb
to pool/main/p/postgresql-8.3/postgresql-doc_8.3.7-0lenny1_all.deb
postgresql-plperl-8.3_8.3.7-0lenny1_i386.deb
to pool/main/p/postgresql-8.3/postgresql-plperl-8.3_8.3.7-0lenny1_i386.deb
postgresql-plpython-8.3_8.3.7-0lenny1_i386.deb
to pool/main/p/postgresql-8.3/postgresql-plpython-8.3_8.3.7-0lenny1_i386.deb
postgresql-pltcl-8.3_8.3.7-0lenny1_i386.deb
to pool/main/p/postgresql-8.3/postgresql-pltcl-8.3_8.3.7-0lenny1_i386.deb
postgresql-server-dev-8.3_8.3.7-0lenny1_i386.deb
to pool/main/p/postgresql-8.3/postgresql-server-dev-8.3_8.3.7-0lenny1_i386.deb
postgresql_8.3.7-0lenny1_all.deb
to pool/main/p/postgresql-8.3/postgresql_8.3.7-0lenny1_all.deb
A summary of the changes between this version and the previous one is
attached.
Thank you for reporting the bug, which will now be closed. If you
have further comments please address them to 517405@bugs.debian.org,
and the maintainer will reopen the bug report if appropriate.
Debian distribution maintenance software
pp.
Martin Pitt <mpitt@debian.org> (supplier of updated postgresql-8.3 package)
(This message was generated automatically at their request; if you
believe that there is a problem with it please contact the archive
administrators by mailing ftpmaster@debian.org)
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1
Format: 1.8
Date: Sat, 14 Mar 2009 19:17:23 +0100
Source: postgresql-8.3
Binary: libpq-dev libpq5 libecpg6 libecpg-dev libecpg-compat3 libpgtypes3 postgresql-8.3 postgresql-client-8.3 postgresql-server-dev-8.3 postgresql-doc-8.3 postgresql-contrib-8.3 postgresql-plperl-8.3 postgresql-plpython-8.3 postgresql-pltcl-8.3 postgresql postgresql-client postgresql-doc postgresql-contrib
Architecture: source all i386
Version: 8.3.7-0lenny1
Distribution: stable
Urgency: low
Maintainer: Martin Pitt <mpitt@debian.org>
Changed-By: Martin Pitt <mpitt@debian.org>
Description:
libecpg-compat3 - older version of run-time library for ECPG programs
libecpg-dev - development files for ECPG (Embedded PostgreSQL for C)
libecpg6 - run-time library for ECPG programs
libpgtypes3 - shared library libpgtypes for PostgreSQL 8.3
libpq-dev - header files for libpq5 (PostgreSQL library)
libpq5 - PostgreSQL C client library
postgresql - object-relational SQL database (supported version)
postgresql-8.3 - object-relational SQL database, version 8.3 server
postgresql-client - front-end programs for PostgreSQL (supported version)
postgresql-client-8.3 - front-end programs for PostgreSQL 8.3
postgresql-contrib - additional facilities for PostgreSQL (supported version)
postgresql-contrib-8.3 - additional facilities for PostgreSQL
postgresql-doc - documentation for the PostgreSQL database management system
postgresql-doc-8.3 - documentation for the PostgreSQL database management system
postgresql-plperl-8.3 - PL/Perl procedural language for PostgreSQL 8.3
postgresql-plpython-8.3 - PL/Python procedural language for PostgreSQL 8.3
postgresql-pltcl-8.3 - PL/Tcl procedural language for PostgreSQL 8.3
postgresql-server-dev-8.3 - development files for PostgreSQL 8.3 server-side programming
Closes: 517405
Changes:
postgresql-8.3 (8.3.7-0lenny1) stable; urgency=low
.
* New upstream bug fix release:
- Prevent error recursion crashes when encoding conversion fails.
This change extends fixes made in the last two minor releases for
related failure scenarios. The previous fixes were narrowly
tailored for the original problem reports, but we have now
recognized that *any* error thrown by an encoding conversion
function could potentially lead to infinite recursion while trying
to report the error. The solution therefore is to disable
translation and encoding conversion and report the plain-ASCII form
of any error message, if we find we have gotten into a recursive
error reporting situation. (Closes: #517405)
- Disallow "CREATE CONVERSION" with the wrong encodings for the
specified conversion function. This prevents one possible scenario for
encoding conversion failure. The previous change is a backstop to guard
against other kinds of failures in the same area.
- Fix xpath() to not modify the path expression unless necessary, and
to make a saner attempt at it when necessary.
The SQL standard suggests that xpath should work on data that is a
document fragment, but libxml doesn't support that, and indeed it's
not clear that this is sensible according to the XPath standard.
xpath attempted to work around this mismatch by modifying both the
data and the path expression, but the modification was buggy and
could cause valid searches to fail. Now, xpath checks whether the
data is in fact a well-formed document, and if so invokes libxml
with no change to the data or path expression. Otherwise, a
different modification method that is somewhat less likely to fail
is used.
Note: The new modification method is still not 100% satisfactory,
and it seems likely that no real solution is possible. This patch
should therefore be viewed as a band-aid to keep from breaking
existing applications unnecessarily. It is likely that PostgreSQL
8.4 will simply reject use of xpath on data that is not a
well-formed document.
- Fix core dump when to_char() is given format codes that are
inappropriate for the type of the data argument.
- Fix extreme inefficiency in text search parser's handling of an
email-like string containing multiple @ characters.
- Fix planner problem with sub-"SELECT" in the output list of a
larger subquery.
- Fix decompilation of CASE WHEN with an implicit coercion.
- Fix possible misassignment of the owner of a TOAST table's rowtype.
If "CLUSTER" or a rewriting variant of "ALTER TABLE" were executed
by someone other than the table owner, the pg_type entry for the
table's TOAST table would end up marked as owned by that someone.
This caused no immediate problems, since the permissions on the
TOAST rowtype aren't examined by any ordinary database operation.
However, it could lead to unexpected failures if one later tried to
drop the role that issued the command (in 8.1 or 8.2), or "owner of
data type appears to be invalid" warnings from pg_dump after having
done so (in 8.3).
- Change "UNLISTEN" to exit quickly if the current session has never
executed any "LISTEN" command.
Most of the time this is not a particularly useful optimization,
but since "DISCARD ALL" invokes "UNLISTEN", the previous coding
caused a substantial performance problem for applications that made
heavy use of "DISCARD ALL".
- Fix PL/pgSQL to not treat INTO after "INSERT" as an INTO-variables
clause anywhere in the string, not only at the start; in
particular, don't fail for "INSERT INTO" within "CREATE RULE".
- Clean up PL/pgSQL error status variables fully at block exit.
This is not a problem for PL/pgSQL itself, but the omission could
cause the PL/pgSQL Debugger to crash while examining the state of a
function.
- Add MUST (Mauritius Island Summer Time) to the default list of
known timezone abbreviations (Xavier Bugaud)
Checksums-Sha1:
3421d4d9a2e6a8dda6104ea3abdbefe5e987d32e 1665 postgresql-8.3_8.3.7-0lenny1.dsc
a4aada6f9d6ed25c8e99b691dd9796dec95eb074 42746 postgresql-8.3_8.3.7-0lenny1.diff.gz
a693f108496cd37832f64c8a2c39a778b9313985 2125832 postgresql-doc-8.3_8.3.7-0lenny1_all.deb
918c337d68e412531996689555f587ff52dc0d3f 234668 postgresql_8.3.7-0lenny1_all.deb
f1b8d8a92445e56cb896d11cf8619a07bc00e2b1 234638 postgresql-client_8.3.7-0lenny1_all.deb
b0024740228b3622ecece2f1626ca41d5d27f065 234476 postgresql-doc_8.3.7-0lenny1_all.deb
68680e7e4a20d5a2a2de61158089d17251991983 234534 postgresql-contrib_8.3.7-0lenny1_all.deb
43963f9a5d0fa54ffb1d2c8d828a34912945bf85 428056 libpq-dev_8.3.7-0lenny1_i386.deb
1c141364b3d86cdc7846f94a6a5d9f96c5b34a9c 363392 libpq5_8.3.7-0lenny1_i386.deb
81f32e5ce561c19ac54dcb7b62682541ef0d5ba5 262644 libecpg6_8.3.7-0lenny1_i386.deb
697f21c3d3fd803c35ba4bc42e635ddc7e397172 444342 libecpg-dev_8.3.7-0lenny1_i386.deb
7ea08e861b9e57fc84dd2a8d541fa997095043ec 241714 libecpg-compat3_8.3.7-0lenny1_i386.deb
27162aa5a80875cddeeabf91e67b0abc7dfda281 263282 libpgtypes3_8.3.7-0lenny1_i386.deb
8699da70c00b41fb7633ac97683aa4ade8346f30 5208078 postgresql-8.3_8.3.7-0lenny1_i386.deb
afe5d58b9d5c53f141b84e83d117e2b24522be7b 1650982 postgresql-client-8.3_8.3.7-0lenny1_i386.deb
562e6dc56d030c0c9a1af8e926247392455e86ca 805600 postgresql-server-dev-8.3_8.3.7-0lenny1_i386.deb
c032d20e692e32a8079fb636560d1f68506464a2 560160 postgresql-contrib-8.3_8.3.7-0lenny1_i386.deb
e969c875ecbde3e68dd26c40cbd66cebba9340ef 260242 postgresql-plperl-8.3_8.3.7-0lenny1_i386.deb
3c4a916cf58dcfc318468c25f5b76b9d9d13aecd 253226 postgresql-plpython-8.3_8.3.7-0lenny1_i386.deb
1ca7eac014dc4432b9b89fe9886996886bff8a21 252194 postgresql-pltcl-8.3_8.3.7-0lenny1_i386.deb
Checksums-Sha256:
c34564519d51cfcc801d3db961e174e336a86ee18251c0443147c3f10e0bc0aa 1665 postgresql-8.3_8.3.7-0lenny1.dsc
05b6010864698d31683d64333462740c75cc185fc53322c10f7d76286d045646 42746 postgresql-8.3_8.3.7-0lenny1.diff.gz
864c8bc3f2ab49fcad0e56a67481978497458b554f9e06eac1a76f18b91af0c3 2125832 postgresql-doc-8.3_8.3.7-0lenny1_all.deb
3dd184a80fc3ab1b18ea6ea11445effe441db6598cd1434abbf78498d2f4bece 234668 postgresql_8.3.7-0lenny1_all.deb
06b328460c7012c2a81d93af04b3d8462052fc5e71bd5d40900b114bd28793fe 234638 postgresql-client_8.3.7-0lenny1_all.deb
2f63d39c2324c402fd2148bd5f982d55b9dbc9717b93d1942c2429afbd4370cb 234476 postgresql-doc_8.3.7-0lenny1_all.deb
be3882a85497923e01f59fefd800e5243b3ae8d8f4e2b9f9f98fea8fb12fdcf9 234534 postgresql-contrib_8.3.7-0lenny1_all.deb
136528d3b80f9c4c96b694a373ab1120c3a36365a0a96d522a245806813ecfb9 428056 libpq-dev_8.3.7-0lenny1_i386.deb
279c6b4ea9d8a03d5e008d7c4a7a1acdfdf1b36b4b31cb0a7c74c62c25097994 363392 libpq5_8.3.7-0lenny1_i386.deb
44af5f7830a2beb664c6509ef41f192cf8ab9f2e13c49b8ee0c39022ea0db246 262644 libecpg6_8.3.7-0lenny1_i386.deb
a136930d3f004a0bd46264e51892d460cb08061d44e9a5c375fbed10e3d8cbff 444342 libecpg-dev_8.3.7-0lenny1_i386.deb
2ecf645c6bc958d1fd3c6543f18fd59ac473184d29a985f078e6f2cca14c2eaa 241714 libecpg-compat3_8.3.7-0lenny1_i386.deb
b0c911a15f98b3e66b511bb68f3e29c5f554b8642544776c91a748703d6a40b5 263282 libpgtypes3_8.3.7-0lenny1_i386.deb
f15be2931bfb11b0e382e3c68de92c6e94e7eae58bbdea490404b15a83753877 5208078 postgresql-8.3_8.3.7-0lenny1_i386.deb
6afd86292f02f98b991868be190840b61358ab1bf24a2a2d157bad5db05d8e9c 1650982 postgresql-client-8.3_8.3.7-0lenny1_i386.deb
999e4e0fee8d78ed6082133a396c45d449fb0223da3557c4ff9e8c68511fb8cb 805600 postgresql-server-dev-8.3_8.3.7-0lenny1_i386.deb
06bc3b5584e4d0a45f859a11bd8bc91121e595449b289f10fd336a089ea040d2 560160 postgresql-contrib-8.3_8.3.7-0lenny1_i386.deb
711c385e773fe5faf9084138821fd5c9f5ca605a2db4398e29dcb81350b2e9f7 260242 postgresql-plperl-8.3_8.3.7-0lenny1_i386.deb
20307c0d7ed1a574167e89e23c23cfa52fdf5ebb895f029a1ab4d2d344277534 253226 postgresql-plpython-8.3_8.3.7-0lenny1_i386.deb
e11c7b4ed3819ff7cc81bdf5dabd1a5cebf70d332b7816f768f12c113769ba24 252194 postgresql-pltcl-8.3_8.3.7-0lenny1_i386.deb
Files:
cefb47755f7d0c43200cfd2970fa84b7 1665 misc optional postgresql-8.3_8.3.7-0lenny1.dsc
246bf61b49bb1c9d759a8693f1675596 42746 misc optional postgresql-8.3_8.3.7-0lenny1.diff.gz
c38a66535e5b31ce4d3f960b6d01a81f 2125832 doc optional postgresql-doc-8.3_8.3.7-0lenny1_all.deb
ae91c989c4b798311ec054c5d01a4425 234668 misc optional postgresql_8.3.7-0lenny1_all.deb
5c64a75504182179863a4c2b2741adde 234638 misc optional postgresql-client_8.3.7-0lenny1_all.deb
2092d673e25728521e9bace3865bc606 234476 doc optional postgresql-doc_8.3.7-0lenny1_all.deb
2936998bfad471c3374eabf703ee3324 234534 misc optional postgresql-contrib_8.3.7-0lenny1_all.deb
ea4e58987dcc5921e33d5440f7567ee0 428056 libdevel optional libpq-dev_8.3.7-0lenny1_i386.deb
d68a6d2476cd5bded4ba3a285e8390ae 363392 libs optional libpq5_8.3.7-0lenny1_i386.deb
fd2837f56ac826b269c4d09358485cc3 262644 libs optional libecpg6_8.3.7-0lenny1_i386.deb
6fe82e511d77c9fb47912b0b7657e3c8 444342 libdevel optional libecpg-dev_8.3.7-0lenny1_i386.deb
d93f76b8a38932d54fb3bf228bc7092b 241714 libs optional libecpg-compat3_8.3.7-0lenny1_i386.deb
bb47de1ba28b4d0347f4b8d74f1190ec 263282 libs optional libpgtypes3_8.3.7-0lenny1_i386.deb
d6663908aa5a8e430e9ea769bf979998 5208078 misc optional postgresql-8.3_8.3.7-0lenny1_i386.deb
de0a4f9ab42168fb0af86b31491dd2bf 1650982 misc optional postgresql-client-8.3_8.3.7-0lenny1_i386.deb
a7634cf632f0a9e4f6e9c6be0b96e88f 805600 libdevel optional postgresql-server-dev-8.3_8.3.7-0lenny1_i386.deb
59a01cd7e7cbaee0c64e10387280664d 560160 misc optional postgresql-contrib-8.3_8.3.7-0lenny1_i386.deb
f9ecf02f71a75dc71b4672fcab110269 260242 misc optional postgresql-plperl-8.3_8.3.7-0lenny1_i386.deb
85e1c6d77a136826272154ebfb96b9c7 253226 misc optional postgresql-plpython-8.3_8.3.7-0lenny1_i386.deb
bc06674c47df8eb5b31473c5b006c035 252194 misc optional postgresql-pltcl-8.3_8.3.7-0lenny1_i386.deb
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.9 (GNU/Linux)
iEYEARECAAYFAknA59IACgkQDecnbV4Fd/IkGACgmXubPbdcI5QgoCNDQmOp5N3P
MiEAoMdwApdYYPUPREcz77N0Zhumu5tE
=LZKW
-----END PGP SIGNATURE-----
Bug archived.
Request was from Debbugs Internal Request <owner@bugs.debian.org>
to internal_control@bugs.debian.org.
(Sun, 10 May 2009 07:25:58 GMT) (full text, mbox, link).
Send a report that this bug log contains spam.
Debbugs is free software and licensed under the terms of the GNU General Public License version 2. The current version can be obtained from https://bugs.debian.org/debbugs-source/.
Copyright © 1999 Darren O. Benham, 1997,2003 nCipher Corporation Ltd, 1994-97 Ian Jackson, 2005-2017 Don Armstrong, and many other contributors.