Back to postgresql-9.1 PTS page

Accepted postgresql-9.1 9.1.9-0wheezy1 (source amd64 all)



-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA256

Format: 1.8
Date: Tue, 02 Apr 2013 10:26:14 +0200
Source: postgresql-9.1
Binary: libpq-dev libpq5 libecpg6 libecpg-dev libecpg-compat3 libpgtypes3 postgresql-9.1 postgresql-9.1-dbg postgresql-client-9.1 postgresql-server-dev-9.1 postgresql-doc-9.1 postgresql-contrib-9.1 postgresql-plperl-9.1 postgresql-plpython-9.1 postgresql-plpython3-9.1 postgresql-pltcl-9.1
Architecture: source amd64 all
Version: 9.1.9-0wheezy1
Distribution: wheezy-security
Urgency: high
Maintainer: Debian PostgreSQL Maintainers <pkg-postgresql-public@lists.alioth.debian.org>
Changed-By: Martin Pitt <mpitt@debian.org>
Description: 
 libecpg-compat3 - older version of run-time library for ECPG programs
 libecpg-dev - development files for ECPG (Embedded PostgreSQL for C)
 libecpg6   - run-time library for ECPG programs
 libpgtypes3 - shared library libpgtypes for PostgreSQL 9.1
 libpq-dev  - header files for libpq5 (PostgreSQL library)
 libpq5     - PostgreSQL C client library
 postgresql-9.1 - object-relational SQL database, version 9.1 server
 postgresql-9.1-dbg - debug symbols for postgresql-9.1
 postgresql-client-9.1 - front-end programs for PostgreSQL 9.1
 postgresql-contrib-9.1 - additional facilities for PostgreSQL
 postgresql-doc-9.1 - documentation for the PostgreSQL database management system
 postgresql-plperl-9.1 - PL/Perl procedural language for PostgreSQL 9.1
 postgresql-plpython-9.1 - PL/Python procedural language for PostgreSQL 9.1
 postgresql-plpython3-9.1 - PL/Python 3 procedural language for PostgreSQL 9.1
 postgresql-pltcl-9.1 - PL/Tcl procedural language for PostgreSQL 9.1
 postgresql-server-dev-9.1 - development files for PostgreSQL 9.1 server-side programming
Closes: 704479
Changes: 
 postgresql-9.1 (9.1.9-0wheezy1) wheezy-security; urgency=high
 .
   * New upstream security/bug fix release:
     - Fix insecure parsing of server command-line switches.
       A connection request containing a database name that begins with
       "-" could be crafted to damage or destroy files within the server's
       data directory, even if the request is eventually rejected.
       [CVE-2013-1899] (Closes: #704479)
     - Reset OpenSSL randomness state in each postmaster child process.
       This avoids a scenario wherein random numbers generated by
       "contrib/pgcrypto" functions might be relatively easy for another
       database user to guess. The risk is only significant when the
       postmaster is configured with ssl = on but most connections don't
       use SSL encryption. [CVE-2013-1900]
     - Make REPLICATION privilege checks test current user not
       authenticated user.
       An unprivileged database user could exploit this mistake to call
       pg_start_backup() or pg_stop_backup(), thus possibly interfering
       with creation of routine backups. [CVE-2013-1901]
     - Fix GiST indexes to not use "fuzzy" geometric comparisons when it's
       not appropriate to do so.
       The core geometric types perform comparisons using "fuzzy"
       equality, but gist_box_same must do exact comparisons, else GiST
       indexes using it might become inconsistent. After installing this
       update, users should "REINDEX" any GiST indexes on box, polygon,
       circle, or point columns, since all of these use gist_box_same.
     - Fix erroneous range-union and penalty logic in GiST indexes that
       use "contrib/btree_gist" for variable-width data types, that is
       text, bytea, bit, and numeric columns.
       These errors could result in inconsistent indexes in which some
       keys that are present would not be found by searches, and also in
       useless index bloat. Users are advised to "REINDEX" such indexes
       after installing this update.
     - Fix bugs in GiST page splitting code for multi-column indexes.
       These errors could result in inconsistent indexes in which some
       keys that are present would not be found by searches, and also in
       indexes that are unnecessarily inefficient to search. Users are
       advised to "REINDEX" multi-column GiST indexes after installing
       this update.
     - See HISTORY/changelog.gz for details about the other bug fixes.
Checksums-Sha1: 
 329ea3bb4e9d5a2b69f9b4d499ab2f0fc4a87c48 3347 postgresql-9.1_9.1.9-0wheezy1.dsc
 4cbbfc5be9b8e6fe3d67c5075c212bcb057eac20 15815421 postgresql-9.1_9.1.9.orig.tar.bz2
 bdb7c6dbea7a87d4a50651dc76149f87d13cf949 36861 postgresql-9.1_9.1.9-0wheezy1.debian.tar.gz
 4812c143db916646860f0df45e1ccf7c9d1fda38 580860 libpq-dev_9.1.9-0wheezy1_amd64.deb
 ae483da3055866e42a4d8977e4d7ca4e7c7ded45 526794 libpq5_9.1.9-0wheezy1_amd64.deb
 bd285c47712287e0fa0acf8e13f3df0f1fe8d446 483512 libecpg6_9.1.9-0wheezy1_amd64.deb
 853c02567e4e0c93dc1ffb6d26032edfa8ff9584 614132 libecpg-dev_9.1.9-0wheezy1_amd64.deb
 05532bf9a259dd3ebf5d96bf2da7cd91bee9861d 422036 libecpg-compat3_9.1.9-0wheezy1_amd64.deb
 05fcff80b4e5b21361d100d4509e9a4cd325da7a 442628 libpgtypes3_9.1.9-0wheezy1_amd64.deb
 1f6a6a86fdeedf96ad2eb2378b35efc66f8f081f 3617308 postgresql-9.1_9.1.9-0wheezy1_amd64.deb
 6a5a2fb6b0cf7a2a5b26cb8860ccf3e9633d1399 7135756 postgresql-9.1-dbg_9.1.9-0wheezy1_amd64.deb
 7acf700364dfe8787e4d76b205b564fae0aef65c 1384800 postgresql-client-9.1_9.1.9-0wheezy1_amd64.deb
 f2cae2e6c3d3274a7c6f0b76dcb462dc947beb30 939854 postgresql-server-dev-9.1_9.1.9-0wheezy1_amd64.deb
 e1d9102b3b4e03728d251cf11f9f5ae399e2ab1c 2008802 postgresql-doc-9.1_9.1.9-0wheezy1_all.deb
 4c7ea1a80e17ac250418c99f6432febd81df6b6c 752788 postgresql-contrib-9.1_9.1.9-0wheezy1_amd64.deb
 769ad1571dfff5886547719a97f9f92a8992a1aa 461456 postgresql-plperl-9.1_9.1.9-0wheezy1_amd64.deb
 c9d6e14d2515b2beb42882e595a51c28cfd811ac 445808 postgresql-plpython-9.1_9.1.9-0wheezy1_amd64.deb
 6108bffa90c759b4e8321a5e817667533b6e13c9 445560 postgresql-plpython3-9.1_9.1.9-0wheezy1_amd64.deb
 7eed69d09d358d5bde444417c7223b57952a44ac 435904 postgresql-pltcl-9.1_9.1.9-0wheezy1_amd64.deb
Checksums-Sha256: 
 d9f69d12c3ee925951a129ce0649d7cf4e52914e3ebb4dc8f6c5e6e8b7976846 3347 postgresql-9.1_9.1.9-0wheezy1.dsc
 28a533e181009308722e8b3c51f1ea7224ab910c380ac1a86f07118667602dd8 15815421 postgresql-9.1_9.1.9.orig.tar.bz2
 6fb03f00559a50d7578ddf2016e101e6de5158b38eca61c8fc3925c0da0082c4 36861 postgresql-9.1_9.1.9-0wheezy1.debian.tar.gz
 7d142d30786556ca04da03c1afa9cc306aac39e4759fb75f88713044afa45a74 580860 libpq-dev_9.1.9-0wheezy1_amd64.deb
 5b09cab443f293778be3c4ef205a7eb0a64c9a83d9d7329e361b5db9ed5e6ae4 526794 libpq5_9.1.9-0wheezy1_amd64.deb
 db0d0280917534e2b5adf570cdc6dc11ea22478cf94199e3c7fb7c2de72e0af2 483512 libecpg6_9.1.9-0wheezy1_amd64.deb
 b175f6df08f6539be942a9afced5257d2488ef7e9401d5dee48ca9d75aec8289 614132 libecpg-dev_9.1.9-0wheezy1_amd64.deb
 fc38d978093f2c49ad929d8dfc035f113da8c1186f2e797679836c5ebef7a1b5 422036 libecpg-compat3_9.1.9-0wheezy1_amd64.deb
 a7b9ab737b84c9642ccfae1e68f1d96a28231cd1f6b1adde0abc7f5dd3dffbe4 442628 libpgtypes3_9.1.9-0wheezy1_amd64.deb
 f557ef393ea24be235fc5b7590010d10c148e582a6cb030cdf575e6d7bf03c4f 3617308 postgresql-9.1_9.1.9-0wheezy1_amd64.deb
 78a19c14bff2b1ee23053e72d76b9313101f831caf2bbbdd992c23c6e4498092 7135756 postgresql-9.1-dbg_9.1.9-0wheezy1_amd64.deb
 70a8bd32f2db02e31caa87ff990cb7d5365d79d7ab375facfc8214674f99a729 1384800 postgresql-client-9.1_9.1.9-0wheezy1_amd64.deb
 491e32e8ec53298fedb8874cb67a086abab2dd9bf27715f605549264f4537dcb 939854 postgresql-server-dev-9.1_9.1.9-0wheezy1_amd64.deb
 bf7a86c59ed37b36ea66a10db4d91ed46371f8b9565f49bd9523637c92ad6615 2008802 postgresql-doc-9.1_9.1.9-0wheezy1_all.deb
 c734b4ecc015fdd85a03e33b55324cc149ffb01b5746a3127850e463cce2b099 752788 postgresql-contrib-9.1_9.1.9-0wheezy1_amd64.deb
 e49bff37fe236da322f42c3d9523f2110529b6f456e8809739a68a249c5d9ef1 461456 postgresql-plperl-9.1_9.1.9-0wheezy1_amd64.deb
 20ea03a1bd586b7c602bc7f90933e02807ca44da3194c77ce754f8ed6fe3b022 445808 postgresql-plpython-9.1_9.1.9-0wheezy1_amd64.deb
 5d18597a35c93ce8927456f62d55a67c63565c9430e0f1613d6e5e2bb4c4a1bb 445560 postgresql-plpython3-9.1_9.1.9-0wheezy1_amd64.deb
 a60cb3404ecfaf0e369b99454c88e6cd0876be0169dbf120a03151e07e7ddfc0 435904 postgresql-pltcl-9.1_9.1.9-0wheezy1_amd64.deb
Files: 
 747982e9e538226e0bb99a4e9b4b1d63 3347 database optional postgresql-9.1_9.1.9-0wheezy1.dsc
 6b5ea53dde48fcd79acfc8c196b83535 15815421 database optional postgresql-9.1_9.1.9.orig.tar.bz2
 7a8c542465d4bf44fb88caf60c51a597 36861 database optional postgresql-9.1_9.1.9-0wheezy1.debian.tar.gz
 1c14a92b2a3545b0259f5c13d85b612e 580860 libdevel optional libpq-dev_9.1.9-0wheezy1_amd64.deb
 e3f4cd9c34b6b74b87da568fac778f5a 526794 libs optional libpq5_9.1.9-0wheezy1_amd64.deb
 b2917f52cf3919756d7cc5e5ca9d3ff2 483512 libs optional libecpg6_9.1.9-0wheezy1_amd64.deb
 20961674adaf4f6d00a6ae37f50c5094 614132 libdevel optional libecpg-dev_9.1.9-0wheezy1_amd64.deb
 27ca9e165e50cc45e8f071e0d99a99cc 422036 libs optional libecpg-compat3_9.1.9-0wheezy1_amd64.deb
 37faecc2e6306033ba002f354de6a371 442628 libs optional libpgtypes3_9.1.9-0wheezy1_amd64.deb
 0aca67c21750f49ace4eefb48162af1e 3617308 database optional postgresql-9.1_9.1.9-0wheezy1_amd64.deb
 6208d209eb409ad1eb5b1561f44dafdc 7135756 debug extra postgresql-9.1-dbg_9.1.9-0wheezy1_amd64.deb
 41e70ceb6addf66eae31d404979b3e54 1384800 database optional postgresql-client-9.1_9.1.9-0wheezy1_amd64.deb
 0abef58d61a63329288ee1b55a888b47 939854 libdevel optional postgresql-server-dev-9.1_9.1.9-0wheezy1_amd64.deb
 ab90e76c26df4d86f86a2856fad6208c 2008802 doc optional postgresql-doc-9.1_9.1.9-0wheezy1_all.deb
 3b2f13e8ded5eb9115be68fcce7c1441 752788 database optional postgresql-contrib-9.1_9.1.9-0wheezy1_amd64.deb
 10cd594c3d8a264dbf7649a762565c18 461456 database optional postgresql-plperl-9.1_9.1.9-0wheezy1_amd64.deb
 126d44524b72956142848a2d5f172c90 445808 database optional postgresql-plpython-9.1_9.1.9-0wheezy1_amd64.deb
 4b1dd12a5a3d5ad119f7948237c219d0 445560 database optional postgresql-plpython3-9.1_9.1.9-0wheezy1_amd64.deb
 b164acd5e76ae59c7f983e57b33598f9 435904 database optional postgresql-pltcl-9.1_9.1.9-0wheezy1_amd64.deb

-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.12 (GNU/Linux)

iQIcBAEBCAAGBQJRWwXfAAoJEPmIJawmtHufIdoP/3bAr36gEPKMQxFGzARU0M25
ZSZdTm7uf2u8Ur/FmwlEYZQRMMbvimljdxOFUIQSX+h+VIs2GHaPoY0nqRiUKj+c
Ph80QaUi7rk5mtEaN6xwFhGZfZmdZICzsKe3v2Ld1itPitteIDqTKYpfcyVu9kPv
hlBia47MFsmpAtixm0BpAzI3bLbKOP2Dqfxy0DcW3g6MvgG97t4hcY9scW0RaMOi
T0Oc7JLvX7W98/pwaG6mu+aaHMI9XGMRUFi5mh+iV9EJ4tn+ae0PFD3u9V0jiDoG
M0plQ8mfzF8tmW7wPhyo6Aqdhs5cc6SBTsz7RjxYASGIf7s1sXQ9EsdPCP5JJwsi
/+Qh5pOWT7LziQbWFmAmA0H9DXdLfuFuhFYVbFEjYlqREjLXkXJmN+PBg6TFRnBB
cbqvZQ65vPTMisCsU8ppaOe3Cza0VdDBcCEsXLwxxJ1pmTvsVuCSEbOOss9GRYkI
cc8KiQ5u4dIKAlocZb3fYJN4ax097PO+WhkF3LjxAW+axi50H5Nn2RpNh+1Px4wR
65VI/wisSsCvuLtXDcJZovWfG0froHnYYxS0Si4rVqnvLlDg7/JKiHLuxAxAAGjT
6FXVq0Vg6Efj8cvlCHs/UcwNKoNuvn9l7u3YWX27i0V7Hzv3qLdsRxqDi5984fE/
X7JTShyrZQ+uss3paFv4
=bsRR
-----END PGP SIGNATURE-----