Back to postgresql-9.4 PTS page

Accepted postgresql-9.4 9.4.9-0+deb8u1 (source amd64 all) into proposed-updates->stable-new, proposed-updates

To: debian-changes@lists.debian.org
Subject: Accepted postgresql-9.4 9.4.9-0+deb8u1 (source amd64 all) into proposed-updates->stable-new, proposed-updates
From: Christoph Berg <christoph.berg@credativ.de>
Date: Tue, 16 Aug 2016 22:37:07 +0000
Mail-followup-to: debian-devel@lists.debian.org
Message-id: <E1bZmyp-0002wC-GY@franck.debian.org>
Reply-to: debian-devel@lists.debian.org
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA256

Format: 1.8
Date: Wed, 10 Aug 2016 13:36:18 +0200
Source: postgresql-9.4
Binary: libpq-dev libpq5 libecpg6 libecpg-dev libecpg-compat3 libpgtypes3 postgresql-9.4 postgresql-9.4-dbg postgresql-client-9.4 postgresql-server-dev-9.4 postgresql-doc-9.4 postgresql-contrib-9.4 postgresql-plperl-9.4 postgresql-plpython-9.4 postgresql-plpython3-9.4 postgresql-pltcl-9.4
Architecture: source amd64 all
Version: 9.4.9-0+deb8u1
Distribution: jessie-security
Urgency: medium
Maintainer: Debian PostgreSQL Maintainers <pkg-postgresql-public@lists.alioth.debian.org>
Changed-By: Christoph Berg <christoph.berg@credativ.de>
Description:
 libecpg-compat3 - older version of run-time library for ECPG programs
 libecpg-dev - development files for ECPG (Embedded PostgreSQL for C)
 libecpg6   - run-time library for ECPG programs
 libpgtypes3 - shared library libpgtypes for PostgreSQL 9.4
 libpq-dev  - header files for libpq5 (PostgreSQL library)
 libpq5     - PostgreSQL C client library
 postgresql-9.4 - object-relational SQL database, version 9.4 server
 postgresql-9.4-dbg - debug symbols for postgresql-9.4
 postgresql-client-9.4 - front-end programs for PostgreSQL 9.4
 postgresql-contrib-9.4 - additional facilities for PostgreSQL
 postgresql-doc-9.4 - documentation for the PostgreSQL database management system
 postgresql-plperl-9.4 - PL/Perl procedural language for PostgreSQL 9.4
 postgresql-plpython-9.4 - PL/Python procedural language for PostgreSQL 9.4
 postgresql-plpython3-9.4 - PL/Python 3 procedural language for PostgreSQL 9.4
 postgresql-pltcl-9.4 - PL/Tcl procedural language for PostgreSQL 9.4
 postgresql-server-dev-9.4 - development files for PostgreSQL 9.4 server-side programming
Changes:
 postgresql-9.4 (9.4.9-0+deb8u1) jessie-security; urgency=medium
 .
   * New upstream security release.
 .
     + Fix possible mis-evaluation of nested CASE-WHEN expressions
       (Heikki Linnakangas, Michael Paquier, Tom Lane)
 .
       A CASE expression appearing within the test value subexpression of
       another CASE could become confused about whether its own test value was
       null or not.  Also, inlining of a SQL function implementing the equality
       operator used by a CASE expression could result in passing the wrong
       test value to functions called within a CASE expression in the SQL
       function's body.  If the test values were of different data types, a
       crash might result; moreover such situations could be abused to allow
       disclosure of portions of server memory.  (CVE-2016-5423)
 .
     + Fix client programs' handling of special characters in database and role
       names (Noah Misch, Nathan Bossart, Michael Paquier)
 .
       Numerous places in vacuumdb and other client programs could become
       confused by database and role names containing double quotes or
       backslashes.  Tighten up quoting rules to make that safe. Also, ensure
       that when a conninfo string is used as a database name parameter to
       these programs, it is correctly treated as such throughout.
 .
       Fix handling of paired double quotes in psql's \connect and \password
       commands to match the documentation.
 .
       Introduce a new -reuse-previous option in psql's \connect command to
       allow explicit control of whether to re-use connection parameters from a
       previous connection.  (Without this, the choice is based on whether the
       database name looks like a conninfo string, as before.)  This allows
       secure handling of database names containing special characters in
       pg_dumpall scripts.
 .
       pg_dumpall now refuses to deal with database and role names containing
       carriage returns or newlines, as it seems impractical to quote those
       characters safely on Windows.  In future we may reject such names on the
       server side, but that step has not been taken yet.
 .
       These are considered security fixes because crafted object names
       containing special characters could have been used to execute commands
       with superuser privileges the next time a superuser executes pg_dumpall
       or other routine maintenance operations.  (CVE-2016-5424)
Checksums-Sha1:
 9d2806eb29575c8fbb25d7e9aa90b5cc79eb44ff 3525 postgresql-9.4_9.4.9-0+deb8u1.dsc
 a8e6130576ff7b8876e71497f18cdfeb89bb6fc0 17763281 postgresql-9.4_9.4.9.orig.tar.bz2
 c1886bb36bfaec4f822ec544b357f0f5d7398be0 22404 postgresql-9.4_9.4.9-0+deb8u1.debian.tar.xz
 226934d5cf831f5d5195f15059d4f841838a7e2e 164204 libpq-dev_9.4.9-0+deb8u1_amd64.deb
 7ca3a952c56c52d6ed7f5b083f283436bc83724a 123732 libpq5_9.4.9-0+deb8u1_amd64.deb
 69e4dcb7ec647d55ebee01a1842485e337419acd 80140 libecpg6_9.4.9-0+deb8u1_amd64.deb
 e802d121062707ebd2bf517872b8990ac8ecc209 217042 libecpg-dev_9.4.9-0+deb8u1_amd64.deb
 e59fa36667a5799022bf7c6f16d0286e36c41295 15840 libecpg-compat3_9.4.9-0+deb8u1_amd64.deb
 fcb952d5f2861efff81c29f54f9526e40ae58195 37860 libpgtypes3_9.4.9-0+deb8u1_amd64.deb
 33877ca4b73bae71f1a9f899289a72e4e4a2ffa3 3697050 postgresql-9.4_9.4.9-0+deb8u1_amd64.deb
 2e5d9e0fe76315651aa97f135728d8bb0b5bd9c9 12119514 postgresql-9.4-dbg_9.4.9-0+deb8u1_amd64.deb
 6b819e2e118096a44d86effc35dc29c0c870d279 1079444 postgresql-client-9.4_9.4.9-0+deb8u1_amd64.deb
 779e66e1b08c5895a61c13fc928472e92bdc23e5 638056 postgresql-server-dev-9.4_9.4.9-0+deb8u1_amd64.deb
 ff8c939974fbf52355a0e561e4b301bc5c94d8c4 1863244 postgresql-doc-9.4_9.4.9-0+deb8u1_all.deb
 f37f9a7dc3e7983fd9d7cf454b295462250481d0 450996 postgresql-contrib-9.4_9.4.9-0+deb8u1_amd64.deb
 5e9c5091e0c92253d9ab7f1f1c5e33f978e45300 56900 postgresql-plperl-9.4_9.4.9-0+deb8u1_amd64.deb
 116b79ccfe5d0120bae8359438fbbea331b035b1 45270 postgresql-plpython-9.4_9.4.9-0+deb8u1_amd64.deb
 1309c23d29c7d1c4810367d3149892abec3acf83 44732 postgresql-plpython3-9.4_9.4.9-0+deb8u1_amd64.deb
 b363f074ce18a3ae8d484366c7c11157a1b070d2 30588 postgresql-pltcl-9.4_9.4.9-0+deb8u1_amd64.deb
Checksums-Sha256:
 6aca81ec5b66c4f868733ef841a4b78beaf0b581bc0b9ab48f83336cd7d65513 3525 postgresql-9.4_9.4.9-0+deb8u1.dsc
 c120a62e90214c20d9160da3ca3fbaec97d5f1656f1dd033f60e7297b7a1e1c9 17763281 postgresql-9.4_9.4.9.orig.tar.bz2
 1ae3b228dc8c392a276bcc78ac7e5ae1ecc8cc1bcb5f182478979babd0b20c21 22404 postgresql-9.4_9.4.9-0+deb8u1.debian.tar.xz
 b4120f517603e48d0b3f18da90f16c4aa86b34168df05e4941d1277fe0c397aa 164204 libpq-dev_9.4.9-0+deb8u1_amd64.deb
 cf2833160dafd3e3c584096780e335221d28b03bc3ee03e84abe8e809a6036e8 123732 libpq5_9.4.9-0+deb8u1_amd64.deb
 d79d4b910adfc0ecb9ea3a51edf4fed1cfbfd44eb6af88a343af2f82335ef7d4 80140 libecpg6_9.4.9-0+deb8u1_amd64.deb
 bc414e3f79c9b42bb808dd0ab6c4fa9a3c6bc0effaeb1acadce4549fc6dce968 217042 libecpg-dev_9.4.9-0+deb8u1_amd64.deb
 f32b39fc061a03884c8c37f4ea361f39f642d07b627e8aaca74dd741b3b74c4b 15840 libecpg-compat3_9.4.9-0+deb8u1_amd64.deb
 4865a991c69b7deeac44af1c850b53f11c41d7cfa4c282e353dcdcd0dd28291f 37860 libpgtypes3_9.4.9-0+deb8u1_amd64.deb
 e3a3b51571e7290ce1365ed0262afb429a87a5b1ef1fc2b0fa313bcca1eb373d 3697050 postgresql-9.4_9.4.9-0+deb8u1_amd64.deb
 e313a34df273310899b36e4ebbc1d12fa2ab4bc6b7f1e55ec9d040e8f02f1dbb 12119514 postgresql-9.4-dbg_9.4.9-0+deb8u1_amd64.deb
 8382af7d0ac19db622cd65cfa86ed76b0df1dffd5a5ca020f7950c3a0e251a76 1079444 postgresql-client-9.4_9.4.9-0+deb8u1_amd64.deb
 a1923a0f3027eccfdda85bd3151c17d9017049c30d58da619f5205492b822eaa 638056 postgresql-server-dev-9.4_9.4.9-0+deb8u1_amd64.deb
 841d405b61b2836337ac884a2ffbbc1f24bf7c76f11e717a2f629a13c71c78e0 1863244 postgresql-doc-9.4_9.4.9-0+deb8u1_all.deb
 e5d804b1affa4059ece3883f553a22ab909b4cac05b00f98a8a2031eeee9dac2 450996 postgresql-contrib-9.4_9.4.9-0+deb8u1_amd64.deb
 67325a44ad2f78239e5b506917933507a36b02ca32f6f4de68e504e71a63ef22 56900 postgresql-plperl-9.4_9.4.9-0+deb8u1_amd64.deb
 b3fd305cecbf45e27359a27393657be959c3c137578eaa7f35ac6e46098a39a0 45270 postgresql-plpython-9.4_9.4.9-0+deb8u1_amd64.deb
 c2fcc2cc5289b5ea442977ad1000d43c5296a1a39ffca0c56810df1bf446f34b 44732 postgresql-plpython3-9.4_9.4.9-0+deb8u1_amd64.deb
 7a3a8590ae3591f1969b30454daa48066f4a6864cb235d6d06d77a30d8414bf8 30588 postgresql-pltcl-9.4_9.4.9-0+deb8u1_amd64.deb
Files:
 d39e26f6c36a5f6ce07b22ae65e092c7 3525 database optional postgresql-9.4_9.4.9-0+deb8u1.dsc
 cb2960fb4022d57f9d7cf421a592a7c0 17763281 database optional postgresql-9.4_9.4.9.orig.tar.bz2
 c9e91f64a0bba9f6e5ce36e3debbbb4c 22404 database optional postgresql-9.4_9.4.9-0+deb8u1.debian.tar.xz
 8322a84cd1faba9a3741dae7878ab99f 164204 libdevel optional libpq-dev_9.4.9-0+deb8u1_amd64.deb
 64fefc6ff54555f5a709f737e902a9b3 123732 libs optional libpq5_9.4.9-0+deb8u1_amd64.deb
 f1445b18f4311577ca35dd7a4e1a8620 80140 libs optional libecpg6_9.4.9-0+deb8u1_amd64.deb
 1406242a0f1236a3d4e3014cce5f96fd 217042 libdevel optional libecpg-dev_9.4.9-0+deb8u1_amd64.deb
 770a84025ee934852cc88cb67ee7513d 15840 libs optional libecpg-compat3_9.4.9-0+deb8u1_amd64.deb
 2a4c2bf24f9683920ea0fda3ae7bae1a 37860 libs optional libpgtypes3_9.4.9-0+deb8u1_amd64.deb
 d6e8d8733aa58e00ab8f33811491f297 3697050 database optional postgresql-9.4_9.4.9-0+deb8u1_amd64.deb
 071bd466eb262bfc8f1593c8d0391eb4 12119514 debug extra postgresql-9.4-dbg_9.4.9-0+deb8u1_amd64.deb
 2de9430329638f692cbf9c2bdb63d481 1079444 database optional postgresql-client-9.4_9.4.9-0+deb8u1_amd64.deb
 d7cbef08a8b06ca12aac683555f42d0d 638056 libdevel optional postgresql-server-dev-9.4_9.4.9-0+deb8u1_amd64.deb
 83f33c20e73ceb3106774de618bdf588 1863244 doc optional postgresql-doc-9.4_9.4.9-0+deb8u1_all.deb
 6ea282483c875c8adaecf93a5519e4c5 450996 database optional postgresql-contrib-9.4_9.4.9-0+deb8u1_amd64.deb
 da53d30bb43a2ce679106f42a4d6bd6b 56900 database optional postgresql-plperl-9.4_9.4.9-0+deb8u1_amd64.deb
 5b9107f1af8bb5d42d763f7a34a0c1e1 45270 database optional postgresql-plpython-9.4_9.4.9-0+deb8u1_amd64.deb
 7a11fe31f13438f6a7585aa69d14d8c6 44732 database optional postgresql-plpython3-9.4_9.4.9-0+deb8u1_amd64.deb
 aa86c409cd2cad08e6cb259e2a15db60 30588 database optional postgresql-pltcl-9.4_9.4.9-0+deb8u1_amd64.deb

-----BEGIN PGP SIGNATURE-----
Version: GnuPG v2

iQIcBAEBCAAGBQJXqxqvAAoJEExaa6sS0qeuUhIQALPNzs85Trz2bcbgA/H/qdPh
YUnd+inWuTH4GZVzhVpFJvxS4SPtCGQ5OmMMOU3TG2Vu+5vBHmXV+pdFRj7iVziO
R0jQGh11UsMcI392U+EqWhMJ9YwJgd0qCpo5F+8owQKzVgSQQv2bjRMyVPZa1ki5
T76HKqGXK75JzNOjo+dkruXvBdCh51n80FOhnxQkUceO5iTtVXcEVaVyJ6zMhC2S
dY+mkqZDaQp/dmBnoXViDvEmgM/AVbSQMeoxQT0piiiw6Fx8umeluuxeeHj9C1a6
jIDpXtIKe2Y8nbMNgisBVOGt1rVl4w9Ev6VfSddjMbtKig/6pCyfU/HheLbB0Vop
uh+UPvlSi71Z+m8Hc0C4xDMoGaGLlZ1PZ60dP6Q4Z9MLvBrnlXpuJRJMliA2Tbmy
CK8gVEfTsPCkg5FOXpl93no+9hTlzwhuzx9980aE6gnO9cd4vmXHCGfwLBuMoTQf
qeOvimuX7RipkasKV3b62MSvo0CRz0IcWM6o0jOyH9uk3E+wvDYYPxME6qTtEEK1
WzxmsqWqOH72AncVkJEUZcpuwx52YIAJIOFi9Bc4izidbGahDS/W7SLSbPhQnzNM
rlE/+Y17Xhe941M/MTmpM38akp1zgPMfisSNFH6biGcAxdeyyy3qe0jHLOUjESbi
1eD5Gtb3KvhYHKQFxHvR
=p/QX
-----END PGP SIGNATURE-----