postgresql-8.4 (8.4.3-0ubuntu9.10) karmic-proposed; urgency=low * New upstream bug fix release: (LP: #557408) - Add new configuration parameter ssl_renegotiation_limit to control how often we do session key renegotiation for an SSL connection. This can be set to zero to disable renegotiation completely, which may be required if a broken SSL library is used. In particular, some vendors are shipping stopgap patches for CVE-2009-3555 that cause renegotiation attempts to fail. - Fix possible deadlock during backend startup. - Fix possible crashes due to not handling errors during relcache reload cleanly. - Fix possible crash due to use of dangling pointer to a cached plan. - Fix possible crash due to overenthusiastic invalidation of cached plan for "ROLLBACK". - Fix possible crashes when trying to recover from a failure in subtransaction start. - Fix server memory leak associated with use of savepoints and a client encoding different from server's encoding. - Fix incorrect WAL data emitted during end-of-recovery cleanup of a GIST index page split. - Fix bug in WAL redo cleanup method for GIN indexes. - Fix incorrect comparison of scan key in GIN index search. - Make substring() for bit types treat any negative length as meaning "all the rest of the string". The previous coding treated only -1 that way, and would produce an invalid result value for other negative values, possibly leading to a crash (CVE-2010-0442). - Fix integer-to-bit-string conversions to handle the first fractional byte correctly when the output bit width is wider than the given integer by something other than a multiple of 8 bits. - Fix some cases of pathologically slow regular expression matching. - Fix bug occurring when trying to inline a SQL function that returns a set of a composite type that contains dropped columns. - Fix bug with trying to update a field of an element of a composite-type array column. - Avoid failure when "EXPLAIN" has to print a FieldStore or assignment ArrayRef expression. These cases can arise now that "EXPLAIN VERBOSE" tries to print plan node target lists. - Avoid an unnecessary coercion failure in some cases where an undecorated literal string appears in a subquery within "UNION"/"INTERSECT"/"EXCEPT". This fixes a regression for some cases that worked before 8.4. - Avoid undesirable rowtype compatibility check failures in some cases where a whole-row Var has a rowtype that contains dropped columns. - Fix the STOP WAL LOCATION entry in backup history files to report the next WAL segment's name when the end location is exactly at a segment boundary. - Always pass the catalog ID to an option validator function specified in "CREATE FOREIGN DATA WRAPPER". - Fix some more cases of temporary-file leakage. This corrects a problem introduced in the previous minor release. One case that failed is when a plpgsql function returning set is called within another function's exception handler. - Add support for doing FULL JOIN ON FALSE. This prevents a regression from pre-8.4 releases for some queries that can now be simplified to a constant-false join condition. - Improve constraint exclusion processing of boolean-variable cases, in particular make it possible to exclude a partition that has a "bool_column = false" constraint. - Prevent treating an INOUT cast as representing binary compatibility. - Include column name in the message when warning about inability to grant or revoke column-level privileges. This is more useful than before and helps to prevent confusion when a "REVOKE" generates multiple messages, which formerly appeared to be duplicates. - When reading "pg_hba.conf" and related files, do not treat @something as a file inclusion request if the @ appears inside quote marks; also, never treat @ by itself as a file inclusion request. This prevents erratic behavior if a role or database name starts with @. If you need to include a file whose path name contains spaces, you can still do so, but you must write @"/path to/file" rather than putting the quotes around the whole construct. - Prevent infinite loop on some platforms if a directory is named as an inclusion target in "pg_hba.conf" and related files. - Fix possible infinite loop if SSL_read or SSL_write fails without setting errno. This is reportedly possible with some Windows versions of openssl. - Disallow GSSAPI authentication on local connections, since it requires a hostname to function correctly. - Protect ecpg against applications freeing strings unexpectedly. - Make ecpg report the proper SQLSTATE if the connection disappears. - Fix translation of cell contents in psql \d output. - Fix psql's numericlocale option to not format strings it shouldn't in latex and troff output formats. - Fix a small per-query memory leak in psql. - Make psql return the correct exit status (3) when ON_ERROR_STOP and --single-transaction are both specified and an error occurs during the implied "COMMIT". - Fix pg_dump's output of permissions for foreign servers. - Fix possible crash in parallel pg_restore due to out-of-range dependency IDs. - Fix plpgsql failure in one case where a composite column is set to NULL. - Fix possible failure when calling PL/Perl functions from PL/PerlU or vice versa. - Add volatile markings in PL/Python to avoid possible compiler-specific misbehavior> - Ensure PL/Tcl initializes the Tcl interpreter. The only known symptom of this oversight is that the Tcl clock command misbehaves if using Tcl 8.5 or later. - Prevent ExecutorEnd from being run on portals created within a failed transaction or subtransaction. This is known to cause issues when using "contrib/auto_explain". - Prevent crash in "contrib/dblink" when too many key columns are specified to a dblink_build_sql_- function. - Allow zero-dimensional arrays in "contrib/ltree" operations. This case was formerly rejected as an error, but it's more convenient to treat it the same as a zero-element array. In particular this avoids unnecessary failures when an ltree operation is applied to the result of ARRAY(SELECT ...) and the sub-select returns no rows. - Fix assorted crashes in "contrib/xml2" caused by sloppy memory management.
Date: Wed, 07 Apr 2010 18:37:40 +0200 Changed-By: Martin Pitt <martin.p...@ubuntu.com> Maintainer: Martin Pitt <mp...@debian.org> https://launchpad.net/ubuntu/karmic/+source/postgresql-8.4/8.4.3-0ubuntu9.10
-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 Format: 1.8 Date: Wed, 07 Apr 2010 18:37:40 +0200 Source: postgresql-8.4 Binary: libpq-dev libpq5 libecpg6 libecpg-dev libecpg-compat3 libpgtypes3 postgresql-8.4 postgresql-client-8.4 postgresql-server-dev-8.4 postgresql-doc-8.4 postgresql-contrib-8.4 postgresql-plperl-8.4 postgresql-plpython-8.4 postgresql-pltcl-8.4 postgresql postgresql-client postgresql-doc postgresql-contrib Architecture: source Version: 8.4.3-0ubuntu9.10 Distribution: karmic-proposed Urgency: low Maintainer: Martin Pitt <mp...@debian.org> Changed-By: Martin Pitt <martin.p...@ubuntu.com> Description: libecpg-compat3 - older version of run-time library for ECPG programs libecpg-dev - development files for ECPG (Embedded PostgreSQL for C) libecpg6 - run-time library for ECPG programs libpgtypes3 - shared library libpgtypes for PostgreSQL 8.4 libpq-dev - header files for libpq5 (PostgreSQL library) libpq5 - PostgreSQL C client library postgresql - object-relational SQL database (supported version) postgresql-8.4 - object-relational SQL database, version 8.4 server postgresql-client - front-end programs for PostgreSQL (supported version) postgresql-client-8.4 - front-end programs for PostgreSQL 8.4 postgresql-contrib - additional facilities for PostgreSQL (supported version) postgresql-contrib-8.4 - additional facilities for PostgreSQL postgresql-doc - documentation for the PostgreSQL database management system postgresql-doc-8.4 - documentation for the PostgreSQL database management system postgresql-plperl-8.4 - PL/Perl procedural language for PostgreSQL 8.4 postgresql-plpython-8.4 - PL/Python procedural language for PostgreSQL 8.4 postgresql-pltcl-8.4 - PL/Tcl procedural language for PostgreSQL 8.4 postgresql-server-dev-8.4 - development files for PostgreSQL 8.4 server-side programming Launchpad-Bugs-Fixed: 557408 Changes: postgresql-8.4 (8.4.3-0ubuntu9.10) karmic-proposed; urgency=low . * New upstream bug fix release: (LP: #557408) - Add new configuration parameter ssl_renegotiation_limit to control how often we do session key renegotiation for an SSL connection. This can be set to zero to disable renegotiation completely, which may be required if a broken SSL library is used. In particular, some vendors are shipping stopgap patches for CVE-2009-3555 that cause renegotiation attempts to fail. - Fix possible deadlock during backend startup. - Fix possible crashes due to not handling errors during relcache reload cleanly. - Fix possible crash due to use of dangling pointer to a cached plan. - Fix possible crash due to overenthusiastic invalidation of cached plan for "ROLLBACK". - Fix possible crashes when trying to recover from a failure in subtransaction start. - Fix server memory leak associated with use of savepoints and a client encoding different from server's encoding. - Fix incorrect WAL data emitted during end-of-recovery cleanup of a GIST index page split. - Fix bug in WAL redo cleanup method for GIN indexes. - Fix incorrect comparison of scan key in GIN index search. - Make substring() for bit types treat any negative length as meaning "all the rest of the string". The previous coding treated only -1 that way, and would produce an invalid result value for other negative values, possibly leading to a crash (CVE-2010-0442). - Fix integer-to-bit-string conversions to handle the first fractional byte correctly when the output bit width is wider than the given integer by something other than a multiple of 8 bits. - Fix some cases of pathologically slow regular expression matching. - Fix bug occurring when trying to inline a SQL function that returns a set of a composite type that contains dropped columns. - Fix bug with trying to update a field of an element of a composite-type array column. - Avoid failure when "EXPLAIN" has to print a FieldStore or assignment ArrayRef expression. These cases can arise now that "EXPLAIN VERBOSE" tries to print plan node target lists. - Avoid an unnecessary coercion failure in some cases where an undecorated literal string appears in a subquery within "UNION"/"INTERSECT"/"EXCEPT". This fixes a regression for some cases that worked before 8.4. - Avoid undesirable rowtype compatibility check failures in some cases where a whole-row Var has a rowtype that contains dropped columns. - Fix the STOP WAL LOCATION entry in backup history files to report the next WAL segment's name when the end location is exactly at a segment boundary. - Always pass the catalog ID to an option validator function specified in "CREATE FOREIGN DATA WRAPPER". - Fix some more cases of temporary-file leakage. This corrects a problem introduced in the previous minor release. One case that failed is when a plpgsql function returning set is called within another function's exception handler. - Add support for doing FULL JOIN ON FALSE. This prevents a regression from pre-8.4 releases for some queries that can now be simplified to a constant-false join condition. - Improve constraint exclusion processing of boolean-variable cases, in particular make it possible to exclude a partition that has a "bool_column = false" constraint. - Prevent treating an INOUT cast as representing binary compatibility. - Include column name in the message when warning about inability to grant or revoke column-level privileges. This is more useful than before and helps to prevent confusion when a "REVOKE" generates multiple messages, which formerly appeared to be duplicates. - When reading "pg_hba.conf" and related files, do not treat @something as a file inclusion request if the @ appears inside quote marks; also, never treat @ by itself as a file inclusion request. This prevents erratic behavior if a role or database name starts with @. If you need to include a file whose path name contains spaces, you can still do so, but you must write @"/path to/file" rather than putting the quotes around the whole construct. - Prevent infinite loop on some platforms if a directory is named as an inclusion target in "pg_hba.conf" and related files. - Fix possible infinite loop if SSL_read or SSL_write fails without setting errno. This is reportedly possible with some Windows versions of openssl. - Disallow GSSAPI authentication on local connections, since it requires a hostname to function correctly. - Protect ecpg against applications freeing strings unexpectedly. - Make ecpg report the proper SQLSTATE if the connection disappears. - Fix translation of cell contents in psql \d output. - Fix psql's numericlocale option to not format strings it shouldn't in latex and troff output formats. - Fix a small per-query memory leak in psql. - Make psql return the correct exit status (3) when ON_ERROR_STOP and --single-transaction are both specified and an error occurs during the implied "COMMIT". - Fix pg_dump's output of permissions for foreign servers. - Fix possible crash in parallel pg_restore due to out-of-range dependency IDs. - Fix plpgsql failure in one case where a composite column is set to NULL. - Fix possible failure when calling PL/Perl functions from PL/PerlU or vice versa. - Add volatile markings in PL/Python to avoid possible compiler-specific misbehavior> - Ensure PL/Tcl initializes the Tcl interpreter. The only known symptom of this oversight is that the Tcl clock command misbehaves if using Tcl 8.5 or later. - Prevent ExecutorEnd from being run on portals created within a failed transaction or subtransaction. This is known to cause issues when using "contrib/auto_explain". - Prevent crash in "contrib/dblink" when too many key columns are specified to a dblink_build_sql_- function. - Allow zero-dimensional arrays in "contrib/ltree" operations. This case was formerly rejected as an error, but it's more convenient to treat it the same as a zero-element array. In particular this avoids unnecessary failures when an ltree operation is applied to the result of ARRAY(SELECT ...) and the sub-select returns no rows. - Fix assorted crashes in "contrib/xml2" caused by sloppy memory management. Checksums-Sha1: cebe73ac9138a26097f01b6bd9928e82516a4f07 1716 postgresql-8.4_8.4.3-0ubuntu9.10.dsc 9c666fa85e0782fc3e555766856bf1c2b6b35aa0 16853436 postgresql-8.4_8.4.3.orig.tar.gz 5295acccca3c29470c8dbc3cd6fee5c477a5a828 33361 postgresql-8.4_8.4.3-0ubuntu9.10.diff.gz Checksums-Sha256: 465c2d100090f4108664ec1143c506022273cdf0c32ee8a6f4599df1cd3d08ef 1716 postgresql-8.4_8.4.3-0ubuntu9.10.dsc 09c3eed3297234d88a8d1b12ebf5b01513d7e0428ebc8ff02b341749e9fb6f56 16853436 postgresql-8.4_8.4.3.orig.tar.gz 0c4e29eb26abefaab42f228349242fb1f1379c8d88a2a71d3dca8ec30e3d4a80 33361 postgresql-8.4_8.4.3-0ubuntu9.10.diff.gz Files: d00cd79c7a2da775a7bb8451e7fb3f0f 1716 database optional postgresql-8.4_8.4.3-0ubuntu9.10.dsc 712a5d8f78814d2de2071cf43ed323ac 16853436 database optional postgresql-8.4_8.4.3.orig.tar.gz 864e122dfffa9e85d154216b2eefca26 33361 database optional postgresql-8.4_8.4.3-0ubuntu9.10.diff.gz -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.4.10 (GNU/Linux) iEYEARECAAYFAku8tUgACgkQDecnbV4Fd/J2ugCg7qhM7JV27ccUyBFUI4DMJ8J6 e4wAoOyB1DicSsh39N/OkW2rjJh2cW5n =ylox -----END PGP SIGNATURE-----
-- Karmic-changes mailing list Karmic-changes@lists.ubuntu.com Modify settings or unsubscribe at: https://lists.ubuntu.com/mailman/listinfo/karmic-changes