Back to postgresql-9.1 PTS page

Accepted postgresql-9.1 9.1.9-1 (source amd64 all)



-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA256

Format: 1.8
Date: Tue, 02 Apr 2013 10:26:14 +0200
Source: postgresql-9.1
Binary: libpq-dev libpq5 libecpg6 libecpg-dev libecpg-compat3 libpgtypes3 postgresql-9.1 postgresql-9.1-dbg postgresql-client-9.1 postgresql-server-dev-9.1 postgresql-doc-9.1 postgresql-contrib-9.1 postgresql-plperl-9.1 postgresql-plpython-9.1 postgresql-plpython3-9.1 postgresql-pltcl-9.1
Architecture: source amd64 all
Version: 9.1.9-1
Distribution: unstable
Urgency: high
Maintainer: Debian PostgreSQL Maintainers <pkg-postgresql-public@lists.alioth.debian.org>
Changed-By: Martin Pitt <mpitt@debian.org>
Description: 
 libecpg-compat3 - older version of run-time library for ECPG programs
 libecpg-dev - development files for ECPG (Embedded PostgreSQL for C)
 libecpg6   - run-time library for ECPG programs
 libpgtypes3 - shared library libpgtypes for PostgreSQL 9.1
 libpq-dev  - header files for libpq5 (PostgreSQL library)
 libpq5     - PostgreSQL C client library
 postgresql-9.1 - object-relational SQL database, version 9.1 server
 postgresql-9.1-dbg - debug symbols for postgresql-9.1
 postgresql-client-9.1 - front-end programs for PostgreSQL 9.1
 postgresql-contrib-9.1 - additional facilities for PostgreSQL
 postgresql-doc-9.1 - documentation for the PostgreSQL database management system
 postgresql-plperl-9.1 - PL/Perl procedural language for PostgreSQL 9.1
 postgresql-plpython-9.1 - PL/Python procedural language for PostgreSQL 9.1
 postgresql-plpython3-9.1 - PL/Python 3 procedural language for PostgreSQL 9.1
 postgresql-pltcl-9.1 - PL/Tcl procedural language for PostgreSQL 9.1
 postgresql-server-dev-9.1 - development files for PostgreSQL 9.1 server-side programming
Closes: 704479
Changes: 
 postgresql-9.1 (9.1.9-1) unstable; urgency=high
 .
   * Urgency high because of critical remote data destruction vulnerability.
   * New upstream security/bug fix release:
     - Fix insecure parsing of server command-line switches.
       A connection request containing a database name that begins with
       "-" could be crafted to damage or destroy files within the server's
       data directory, even if the request is eventually rejected.
       [CVE-2013-1899] (Closes: #704479)
     - Reset OpenSSL randomness state in each postmaster child process.
       This avoids a scenario wherein random numbers generated by
       "contrib/pgcrypto" functions might be relatively easy for another
       database user to guess. The risk is only significant when the
       postmaster is configured with ssl = on but most connections don't
       use SSL encryption. [CVE-2013-1900]
     - Make REPLICATION privilege checks test current user not
       authenticated user.
       An unprivileged database user could exploit this mistake to call
       pg_start_backup() or pg_stop_backup(), thus possibly interfering
       with creation of routine backups. [CVE-2013-1901]
     - Fix GiST indexes to not use "fuzzy" geometric comparisons when it's
       not appropriate to do so.
       The core geometric types perform comparisons using "fuzzy"
       equality, but gist_box_same must do exact comparisons, else GiST
       indexes using it might become inconsistent. After installing this
       update, users should "REINDEX" any GiST indexes on box, polygon,
       circle, or point columns, since all of these use gist_box_same.
     - Fix erroneous range-union and penalty logic in GiST indexes that
       use "contrib/btree_gist" for variable-width data types, that is
       text, bytea, bit, and numeric columns.
       These errors could result in inconsistent indexes in which some
       keys that are present would not be found by searches, and also in
       useless index bloat. Users are advised to "REINDEX" such indexes
       after installing this update.
     - Fix bugs in GiST page splitting code for multi-column indexes.
       These errors could result in inconsistent indexes in which some
       keys that are present would not be found by searches, and also in
       indexes that are unnecessarily inefficient to search. Users are
       advised to "REINDEX" multi-column GiST indexes after installing
       this update.
     - See HISTORY/changelog.gz for details about the other bug fixes.
   * Bump Standards-Version to 3.9.4 (no changes necessary).
Checksums-Sha1: 
 54286d9aac66d4bf0efe9c8e33b03c9cf3588f49 3319 postgresql-9.1_9.1.9-1.dsc
 4cbbfc5be9b8e6fe3d67c5075c212bcb057eac20 15815421 postgresql-9.1_9.1.9.orig.tar.bz2
 33700436b2dcddf0418e98e7c7079ffff6e38cd2 37114 postgresql-9.1_9.1.9-1.debian.tar.gz
 783a762683145051c23924b7dfde9e5422608425 580800 libpq-dev_9.1.9-1_amd64.deb
 4bcb8a01012e521ad144f078aa543cd7b0de12ec 527132 libpq5_9.1.9-1_amd64.deb
 d6d2c071f33b383cd7791b459bbf47b7692b0029 483620 libecpg6_9.1.9-1_amd64.deb
 32f911d451628d6bcb984880659d2892648925de 614122 libecpg-dev_9.1.9-1_amd64.deb
 f49f06b42a189a4d27913eca8ddfbcd0584a19e2 422076 libecpg-compat3_9.1.9-1_amd64.deb
 46465cae1f749e5e634f915ba35bd4b8e604004d 442654 libpgtypes3_9.1.9-1_amd64.deb
 35c766245bfe32dc3984b423521759d2bd287709 3619888 postgresql-9.1_9.1.9-1_amd64.deb
 0e8946c801a3e80d8576fc6418f2d28190506d02 7137884 postgresql-9.1-dbg_9.1.9-1_amd64.deb
 af8fefc9a51f0ef543682d76fb159061d43e434c 1384696 postgresql-client-9.1_9.1.9-1_amd64.deb
 8db8563867f1975154af946a6c23aa6c7c0fd798 939864 postgresql-server-dev-9.1_9.1.9-1_amd64.deb
 aae813c0b5603cf90aa2101bbaf2d34933b469c9 2008722 postgresql-doc-9.1_9.1.9-1_all.deb
 39e3a3dd5227503cf58aad070822d08f22e63d77 752720 postgresql-contrib-9.1_9.1.9-1_amd64.deb
 a44784fcd2941f7c09c897b893858de8073f3ddc 461570 postgresql-plperl-9.1_9.1.9-1_amd64.deb
 b453c387b0aa63fcfed42c8f87fc439d4575174e 445772 postgresql-plpython-9.1_9.1.9-1_amd64.deb
 600c5930efd879c53d15721965fdcef8e8f898d7 445570 postgresql-plpython3-9.1_9.1.9-1_amd64.deb
 e09dd3374eeb72f1b7f7918e06ecfc9bf3c9bab7 435910 postgresql-pltcl-9.1_9.1.9-1_amd64.deb
Checksums-Sha256: 
 49664a2e061398e318ce44b5b9ae8da601e1abf99d4024256ced86106b99224a 3319 postgresql-9.1_9.1.9-1.dsc
 28a533e181009308722e8b3c51f1ea7224ab910c380ac1a86f07118667602dd8 15815421 postgresql-9.1_9.1.9.orig.tar.bz2
 9c294469b01adcff8c9610856f8a7205efb96e98921cd5fba30230322f91e238 37114 postgresql-9.1_9.1.9-1.debian.tar.gz
 e631870075e0ca0c76727f22fdcf10406dbcbd97e4c440fffc329b8aee8eb9dd 580800 libpq-dev_9.1.9-1_amd64.deb
 c45e9b49b99d1082414c9a939bd10f883372ae95bfa599c8576e26e9b00e72ff 527132 libpq5_9.1.9-1_amd64.deb
 6b9482da9c9b00bc36a290d886a9d7f8ef716490af5422c74903d46072bb6a42 483620 libecpg6_9.1.9-1_amd64.deb
 bef38aa7cc4b9df73d2fe5255f794bc6ce831e312c0796d88297f5dc0fb6c641 614122 libecpg-dev_9.1.9-1_amd64.deb
 a71ac2bcf729418c59bfd2d3ad501317d640fe22d940aa4745b1315a9f123261 422076 libecpg-compat3_9.1.9-1_amd64.deb
 43f8afea66ec810c955d5bf7b9b5d7ac659399e3965fd0cfe752403c91bd6f3a 442654 libpgtypes3_9.1.9-1_amd64.deb
 2b7c1739df16eec625739b2617cb778393a73c18bcf264c995b3e04c7447fa75 3619888 postgresql-9.1_9.1.9-1_amd64.deb
 a944b8c259555dd2a3507827d7525d3416fc78b35891d19987909b7c71f319f0 7137884 postgresql-9.1-dbg_9.1.9-1_amd64.deb
 ba0282edde59aec222ffac03cf57547f3da6e39c391432d66052c9f89c37bb62 1384696 postgresql-client-9.1_9.1.9-1_amd64.deb
 ba9926e459227e3b5728f49128049be88c733b45bf860779892d941f296bd7f9 939864 postgresql-server-dev-9.1_9.1.9-1_amd64.deb
 a9444af66120703b1f5aad80f0c061c3edc9e19c734138c9453d7fd1d965f3fe 2008722 postgresql-doc-9.1_9.1.9-1_all.deb
 911479988637533e03c681335bf22bfdf5384eb7024c89d7053bb85605e0643a 752720 postgresql-contrib-9.1_9.1.9-1_amd64.deb
 4bea6518ab6a0074d17d55701ad30075b92f6ebd69e2009c816985d699cc7211 461570 postgresql-plperl-9.1_9.1.9-1_amd64.deb
 1edc8f4f8fa82b614b38f21e048681cdf032f80d496ea7aa1db26d8526a8f5c7 445772 postgresql-plpython-9.1_9.1.9-1_amd64.deb
 33093b5c5888a3ebf26528cf5544423f76fe19b4aa9fde2d1641a9701d96e648 445570 postgresql-plpython3-9.1_9.1.9-1_amd64.deb
 74e2d2fc34ed17234bc7780d6a500facababe75f5581890f804ab72763edab2c 435910 postgresql-pltcl-9.1_9.1.9-1_amd64.deb
Files: 
 95da5776e121c6d67e308cb275a836b4 3319 database optional postgresql-9.1_9.1.9-1.dsc
 6b5ea53dde48fcd79acfc8c196b83535 15815421 database optional postgresql-9.1_9.1.9.orig.tar.bz2
 4e98d63cd37afa1cc2c17464d6c357a3 37114 database optional postgresql-9.1_9.1.9-1.debian.tar.gz
 72f67278056fc3648f8dc30831a8eca8 580800 libdevel optional libpq-dev_9.1.9-1_amd64.deb
 af596f37cb3c848508435a4c8082df37 527132 libs optional libpq5_9.1.9-1_amd64.deb
 e454dce7501715ca5c87fad70794e226 483620 libs optional libecpg6_9.1.9-1_amd64.deb
 3042726434cd8e68f0c8c72e9196b4b8 614122 libdevel optional libecpg-dev_9.1.9-1_amd64.deb
 d1539f7c99db8e3c57e6203e3ab6b796 422076 libs optional libecpg-compat3_9.1.9-1_amd64.deb
 cb20f62bc2e0bd9f50737377832d860e 442654 libs optional libpgtypes3_9.1.9-1_amd64.deb
 eaffb680c8905ecf0249cae84307f69c 3619888 database optional postgresql-9.1_9.1.9-1_amd64.deb
 a7303e1d2a6e2c5ba83985cb1815daf9 7137884 debug extra postgresql-9.1-dbg_9.1.9-1_amd64.deb
 2bb1563d9eaaf0c3d3456214c90740c0 1384696 database optional postgresql-client-9.1_9.1.9-1_amd64.deb
 e4f43883101178d186b71ac196429dac 939864 libdevel optional postgresql-server-dev-9.1_9.1.9-1_amd64.deb
 06f053cf1e6f788645df4e202e5207a8 2008722 doc optional postgresql-doc-9.1_9.1.9-1_all.deb
 17f6d662561f5f885705703aaf1ef55f 752720 database optional postgresql-contrib-9.1_9.1.9-1_amd64.deb
 27596d541fdb9c7bc61ad959b8901b39 461570 database optional postgresql-plperl-9.1_9.1.9-1_amd64.deb
 425c81b851dd20beb6d8c63ac01e2a26 445772 database optional postgresql-plpython-9.1_9.1.9-1_amd64.deb
 caa9964617beb009dc2142350dbd1c70 445570 database optional postgresql-plpython3-9.1_9.1.9-1_amd64.deb
 6b806f7e776e750a263eca22cd6d17f5 435910 database optional postgresql-pltcl-9.1_9.1.9-1_amd64.deb

-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.12 (GNU/Linux)

iQIcBAEBCAAGBQJRWprWAAoJEPmIJawmtHufsEMQALzZTLnnc5hTDhnoRpynWKEd
jzntktCKLh1KWFUOBBtbHS68GxBZM9vtn281sU01IRAdVyJm1WGmsDj2pm3y98YT
kALLrTS1PtaTt9CDmwRNrvLUgaWSBpmPuaIqXXJ/1AB9H1jUEChJDIJ4hZuQug30
PiUycR2URxrWuqpHQYLBu1pulyMnCBUJQhVqX9rZbKswiV0RtGGu20Sfd7ba2pha
aIR0Z8O27QXLP8Ajz8dsqAMIIFMKW4S1HZF3FyStMyYIA08cisoFQzNdl6LGyIBB
2+9iZYvCEOvKmDqiQtXOic6gsvPGBKe6/0YQBA20oXnyDgRhC6/m7LZIzPR2QIAN
/iVIosKI8PY5cXETKY1wvqrDinsDh3+JUn8UW38ARNw1lYiUXuOkJAdAxvPFU8hM
CxVUS3pcyTD1kq4iCoj8XX1IrJcUX3n67U8rWKpLfyJff8gsbrth0WZ/pVH4oPrr
tzx2iBj5ib5BeBD6uE1bM62CsBHQk/py1LTrJrf4jB8jzYG6Fzavx9KlWqi3dpUU
AqhlBkfBalI0GHg0EoWSSUcAUH3dsFDjEISY3bCfbdH8K9gcUeH/9ag52TSY4iAd
okAVq5qqpLl1t0mHYS56BlRcR7wB7HDda56BFlHftwrHsSYpTmptcMGWqFl1lsvd
BEBzxl8hiy4el64WpzKq
=l65+
-----END PGP SIGNATURE-----