lp:ubuntu/edgy-proposed/postgresql-8.1

Branch merges

Propose for merging

No branches dependent on this one.

Related source package recipes

No recipes using this branch. (?)

Create packaging recipe

Related snap packages

Related bugs

Related blueprints

23. By Martin Pitt on 2008-01-05

* New upstream security/bugfix release:
  - Prevent functions in indexes from executing with the privileges of
    the user running "VACUUM", "ANALYZE", etc. "SET ROLE" is now forbidden
    within a SECURITY DEFINER context. [CVE-2007-6600]
  - Suitably crafted regular-expression patterns could cause crashes,
    infinite or near-infinite looping, and/or massive memory
    consumption, all of which pose denial-of-service hazards for
    applications that accept regex search patterns from untrustworthy
    sources. [CVE-2007-4769, CVE-2007-4772, CVE-2007-6067]
  - Require non-superusers who use "/contrib/dblink" to use only
    password authentication, as a security measure.
    The fix that appeared for this in 8.2.5 was incomplete, as it
    plugged the hole for only some "dblink" functions. [CVE-2007-6601,
    CVE-2007-3278]
  - Fix planner failure in some cases of WHERE false AND var IN (SELECT
    ...).
  - Preserve the tablespace and storage parameters of indexes that are
    rebuilt by "ALTER TABLE ... ALTER COLUMN TYPE".
  - Make archive recovery always start a new WAL timeline, rather than
    only when a recovery stop time was used. This avoids a corner-case risk
    of trying to overwrite an existing archived copy of the last WAL
    segment, and seems simpler and cleaner than the original definition.
  - Make "VACUUM" not use all of maintenance_work_mem when the table is
    too small for it to be useful.
  - Fix potential crash in translate() when using a multibyte database
    encoding.
  - Fix overflow in extract(epoch from interval) for intervals
    exceeding 68 years.
  - Fix PL/Perl to not fail when a UTF-8 regular expression is used in
    a trusted function.
  - Fix PL/Python to not crash on long exception messages.
  - Fix pg_dump to correctly handle inheritance child tables that have
    default expressions different from their parent's.
  - Fix libpq crash when PGPASSFILE refers to a file that is not a
    plain file.
  - ecpg parser fixes.
  - Make "contrib/tablefunc"'s crosstab() handle NULL rowid as a
    category in its own right, rather than crashing.
  - Fix tsvector and tsquery output routines to escape backslashes
    correctly.
  - Fix crash of to_tsvector() on huge input strings.
* Use the timezone database from the system tzdata instead of shipping our
  own.
  - debian/patches/04-timezone-symlinks.patch: Drop previous
    hardlink-to-symlink patch to zic, since that is irrelevant now. Replace
    the patch with a Makefile change that just symlinks /usr/share/zoneinfo
    to where postgresql previously installed its own tzdata copy.
  - debian/control: Add tzdata dependency.
  - debian/postgresql-8.1.install: Install the 'timezone' symlink, not the
    files in the dereferenced directory.
  - debian/postgresql-8.1.postinst: Replace the timezone directory with the
    symlink on upgrades, since dpkg does not do that automatically. Without
    this, we'd end up with an empty timezone directory.

22. By Martin Pitt on 2007-09-19

* New upstream bugfix release:
  - Require non-superusers who use "/contrib/dblink" to use only
    password authentication, as a security measure.
    [CVE-2007-3278, CVE-2007-3280]
  - Make "CREATE DOMAIN ... DEFAULT NULL" work properly.
  - Allow the interval data type to accept input consisting only of
    milliseconds or microseconds.
  - Speed up rtree index insertion.
  - Fix excessive logging of SSL error messages.
  - Fix logging so that log messages are never interleaved when using
    the syslogger process.
  - Fix crash when log_min_error_statement logging runs out of memory.
  - Fix incorrect handling of some foreign-key corner cases.
  - Prevent "REINDEX" and "CLUSTER" from failing due to attempting to
    process temporary tables of other sessions.
  - Update the time zone database rules, particularly New Zealand's
    upcoming changes.

21. By Martin Pitt on 2007-04-23

* New upstream security/bugfix release:
  - Support explicit placement of the temporary-table schema within
    search_path, and disable searching it for functions and operators.
    This is needed to allow a security-definer function to set a truly
    secure value of search_path. Without it, an unprivileged SQL user
    can use temporary objects to execute code with the privileges of
    the security-definer function (CVE-2007-2138). See "CREATE
    FUNCTION" for more information.
  - "/contrib/tsearch2" crash fixes.
  - Require "COMMIT PREPARED" to be executed in the same database as
    the transaction was prepared in.
  - Fix potential-data-corruption bug in how "VACUUM FULL" handles
    "UPDATE" chains.
  - Planner fixes, including improving outer join and bitmap scan
    selection logic.
  - Fix PANIC during enlargement of a hash index (bug introduced in
    8.1.6).
  - Fix POSIX-style timezone specs to follow new USA DST rules.

20. By Martin Pitt on 2007-02-09

* Upgraded to new upstream microrelease:
  - Fix another overzealous type check.
  - Two handfuls of non-security, but important bug fixes.
* Remove the following patches (these are included in 8.1.8 now):
  - 00upstream-disable-update-aggregates.patch
  - 00upstream-duration-logging-crash.patch
  - 00upstream-max-utf8-wchar-len.patch
  - 00upstream-sql-fun-typecheck.patch
  - 00upstream-table-plan-consistency.patch
  - 00upstream-unknown-array-coerce.patch
  - 00upstream-zzz-sql-fun-typecheck-regression.patch
  - 54-contrib-dbmirror-quoteparsing.patch

19. By Martin Pitt on 2007-02-06

Add debian/patches/00upstream-zzz-sql-fun-typecheck-regression.patch: Fix
overzealous type checks in some cases. Closes: LP#83505

18. By Martin Pitt on 2007-02-05

* SECURITY UPDATE: Read out arbitrary memory locations from the server,
  local DoS.
* Add debian/patches/00upstream-sql-fun-typecheck.patch:
  - Repair insufficiently careful type checking for SQL-language functions.
    Not only can one trivially crash the backend, but with appropriate
    misuse of pass-by-reference datatypes it is possible to read out
    arbitrary locations in the server process's memory, which could allow
    retrieving database content the user should not be able to see.
  - Discovered by Jeff Trout.
  - Patch backported from 8.1.7 from CVS:
    http://developer.postgresql.org/cvsweb.cgi/pgsql/src/backend/executor/functions.c.diff?r1=1.98.2.2;r2=1.98.2.3
    http://developer.postgresql.org/cvsweb.cgi/pgsql/src/backend/optimizer/util/clauses.c.diff?r1=1.201.2.1;r2=1.201.2.2
  - CVE-2007-0555
* Add debian/patches/00upstream-table-plan-consistency.patch:
  - Check that a table is still compatible with a previously made query
    plan. Use of ALTER COLUMN TYPE creates a hazard for cached query plans:
    they could contain vars that claim a column has a different type than it
    now has. Not only can one trivially crash the backend, but with
    appropriate misuse of pass-by-reference datatypes it is possible to read
    out arbitrary locations in the server process's memory, which could allow
    retrieving database content the user should not be able to see.
  - Discovered by Jeff Trout.
  - Patch backported from 8.1.7 from CVS:
    http://developer.postgresql.org/cvsweb.cgi/pgsql/src/backend/commands/tablecmds.c.diff?r1=1.174.2.3;r2=1.174.2.4
    http://developer.postgresql.org/cvsweb.cgi/pgsql/src/backend/executor/execQual.c.diff?r1=1.183.2.4;r2=1.183.2.5
    http://developer.postgresql.org/cvsweb.cgi/pgsql/src/backend/executor/execScan.c.diff?r1=1.37.2.1;r2=1.37.2.2
    http://developer.postgresql.org/cvsweb.cgi/pgsql/src/backend/executor/execUtils.c.diff?r1=1.126.2.3;r2=1.126.2.4
    http://developer.postgresql.org/cvsweb.cgi/pgsql/src/backend/executor/nodeAgg.c.diff?r1=1.135.2.1;r2=1.135.2.2
    http://developer.postgresql.org/cvsweb.cgi/pgsql/src/backend/executor/nodeGroup.c.diff?r1=1.62;r2=1.62.2.1
    http://developer.postgresql.org/cvsweb.cgi/pgsql/src/backend/executor/nodeHashjoin.c.diff?r1=1.75.2.3;r2=1.75.2.4
    http://developer.postgresql.org/cvsweb.cgi/pgsql/src/backend/executor/nodeMergejoin.c.diff?r1=1.75.2.2;r2=1.75.2.3
    http://developer.postgresql.org/cvsweb.cgi/pgsql/src/backend/executor/nodeNestloop.c.diff?r1=1.39.2.1;r2=1.39.2.2
    http://developer.postgresql.org/cvsweb.cgi/pgsql/src/backend/executor/nodeResult.c.diff?r1=1.32.2.1;r2=1.32.2.2
    http://developer.postgresql.org/cvsweb.cgi/pgsql/src/backend/executor/nodeSubplan.c.diff?r1=1.70.2.1;r2=1.70.2.2
    http://developer.postgresql.org/cvsweb.cgi/pgsql/src/include/executor/executor.h.diff?r1=1.120.2.2;r2=1.120.2.3
  - CVE-2007-0556
* Add debian/patches/00upstream-max-utf8-wchar-len.patch:
  - Update various string functions to support the maximum UTF-8 sequence
    length for 4-byte character set to prevent buffer overflows.
  - Patch backported from 8.1.7 from CVS:
    http://developer.postgresql.org/cvsweb.cgi/pgsql/src/backend/utils/mb/wchar.c.diff?r1=1.47.2.4;r2=1.47.2.5

17. By Martin Pitt on 2006-10-23

* SECURITY UPDATE: Local DoS.
* Add debian/patches/00upstream-disable-update-aggregates.patch:
  - Disallow aggregate functions in UPDATE commands (unless within a
    sub-SELECT). It is disallowed by the SQL spec and causes crashes.
  - Patch backported from 8.1.5:
    http://developer.postgresql.org/cvsweb.cgi/pgsql/src/backend/parser/analyze.c.diff?r1=1.326.2.1&r2=1.326.2.2
  - CVE-2006-5540
* Add debian/patches/00upstream-duration-logging-crash.patch:
  - Fix crash in duration logging for a V3-protocol Execute message
    when what's being executed is a COMMIT or ROLLBACK.
  - Patch backported from 8.1.5:
    http://developer.postgresql.org/cvsweb.cgi/pgsql/src/backend/tcop/postgres.c.diff?r1=1.468.2.5&r2=1.468.2.6
  - CVE-2006-5542
* Add debian/patches/00upstream-unknown-array-coerce.patch:
  - Repair incorrect check for coercion of unknown literal to ANYARRAY,
    which could cause a backend crash.
  - Patch backported from 8.1.5:
    http://developer.postgresql.org/cvsweb.cgi/pgsql/src/backend/parser/parse_coerce.c.diff?r1=2.132.2.3&r2=2.132.2.4
  - CVE-2006-5541

16. By Martin Pitt on 2006-09-27

* debian/control: Update libpq4 package description, point out that it is
  only compatible for servers up to 8.1 (8.2 got a new libpq soname).
* Add debian/patches/08-unnecessary-libs.patch: Remove all unnecessary -lfoo
  library references from Makefiles to clean up unnecessary library
  dependencies. Thanks to Christian Aichinger for his neat checklib system!

15. By Martin Pitt on 2006-08-06

* debian/control: Drop heimdal-dev suggestion of libpq-dev. Closes: #379848
* debian/libpq-dev.install: Ship pg_wchar.h. Closes: #380047
* Transition for private python extension in p-plpython-8.1:
  - debian/control:
    + Bump cdbs/debhelper build dependency versions.
    + Add {XS,XB}-Python-Version attributes.
  - debian/compat: Use compat level 5.
  - Add debian/pycompat: Use compat level 2.
  - debian/rules: Call dh_pycentral and dh_python for p-plpython-8.1.
  - Closes: #380898
* debian/control: Change the order of records so that the libraries come
  first. With that, postgresql-client-8.1 and friends pick up the correct
  shlibs. Closes: #381211

14. By Martin Pitt on 2006-07-23

* debian/rules: Install init script at priority 19, since Apache and web
  applications usually reside on priority 20, but often require a running
  database. This follows a recent change in the MySQL package, thanks to
  Christian Hammers for pointing this out. Closes: #379276
* Add debian/patches/12-pg_restore-ignore-failing-tables.patch:
  - pg_restore: Add option -X no-data-for-failed-tables to ignore TABLE DATA
    objects if the corresponding TABLE could not be created. Necessary for
    fixing #351571.