lp:ubuntu/edgy-proposed/postgresql-8.1
- Get this branch:
- bzr branch lp:ubuntu/edgy-proposed/postgresql-8.1
Branch merges
Branch information
- Owner:
- Ubuntu branches
- Status:
- Development
Recent revisions
- 23. By Martin Pitt
-
* New upstream security/bugfix release:
- Prevent functions in indexes from executing with the privileges of
the user running "VACUUM", "ANALYZE", etc. "SET ROLE" is now forbidden
within a SECURITY DEFINER context. [CVE-2007-6600]
- Suitably crafted regular-expression patterns could cause crashes,
infinite or near-infinite looping, and/or massive memory
consumption, all of which pose denial-of-service hazards for
applications that accept regex search patterns from untrustworthy
sources. [CVE-2007-4769, CVE-2007-4772, CVE-2007-6067]
- Require non-superusers who use "/contrib/dblink" to use only
password authentication, as a security measure.
The fix that appeared for this in 8.2.5 was incomplete, as it
plugged the hole for only some "dblink" functions. [CVE-2007-6601,
CVE-2007-3278]
- Fix planner failure in some cases of WHERE false AND var IN (SELECT
...).
- Preserve the tablespace and storage parameters of indexes that are
rebuilt by "ALTER TABLE ... ALTER COLUMN TYPE".
- Make archive recovery always start a new WAL timeline, rather than
only when a recovery stop time was used. This avoids a corner-case risk
of trying to overwrite an existing archived copy of the last WAL
segment, and seems simpler and cleaner than the original definition.
- Make "VACUUM" not use all of maintenance_work_mem when the table is
too small for it to be useful.
- Fix potential crash in translate() when using a multibyte database
encoding.
- Fix overflow in extract(epoch from interval) for intervals
exceeding 68 years.
- Fix PL/Perl to not fail when a UTF-8 regular expression is used in
a trusted function.
- Fix PL/Python to not crash on long exception messages.
- Fix pg_dump to correctly handle inheritance child tables that have
default expressions different from their parent's.
- Fix libpq crash when PGPASSFILE refers to a file that is not a
plain file.
- ecpg parser fixes.
- Make "contrib/tablefunc" 's crosstab() handle NULL rowid as a
category in its own right, rather than crashing.
- Fix tsvector and tsquery output routines to escape backslashes
correctly.
- Fix crash of to_tsvector() on huge input strings.
* Use the timezone database from the system tzdata instead of shipping our
own.
- debian/patches/ 04-timezone- symlinks. patch: Drop previous
hardlink-to-symlink patch to zic, since that is irrelevant now. Replace
the patch with a Makefile change that just symlinks /usr/share/zoneinfo
to where postgresql previously installed its own tzdata copy.
- debian/control: Add tzdata dependency.
- debian/postgresql- 8.1.install: Install the 'timezone' symlink, not the
files in the dereferenced directory.
- debian/postgresql- 8.1.postinst: Replace the timezone directory with the
symlink on upgrades, since dpkg does not do that automatically. Without
this, we'd end up with an empty timezone directory. - 22. By Martin Pitt
-
* New upstream bugfix release:
- Require non-superusers who use "/contrib/dblink" to use only
password authentication, as a security measure.
[CVE-2007-3278, CVE-2007-3280]
- Make "CREATE DOMAIN ... DEFAULT NULL" work properly.
- Allow the interval data type to accept input consisting only of
milliseconds or microseconds.
- Speed up rtree index insertion.
- Fix excessive logging of SSL error messages.
- Fix logging so that log messages are never interleaved when using
the syslogger process.
- Fix crash when log_min_error_statement logging runs out of memory.
- Fix incorrect handling of some foreign-key corner cases.
- Prevent "REINDEX" and "CLUSTER" from failing due to attempting to
process temporary tables of other sessions.
- Update the time zone database rules, particularly New Zealand's
upcoming changes. - 21. By Martin Pitt
-
* New upstream security/bugfix release:
- Support explicit placement of the temporary-table schema within
search_path, and disable searching it for functions and operators.
This is needed to allow a security-definer function to set a truly
secure value of search_path. Without it, an unprivileged SQL user
can use temporary objects to execute code with the privileges of
the security-definer function (CVE-2007-2138). See "CREATE
FUNCTION" for more information.
- "/contrib/tsearch2" crash fixes.
- Require "COMMIT PREPARED" to be executed in the same database as
the transaction was prepared in.
- Fix potential-data-corruption bug in how "VACUUM FULL" handles
"UPDATE" chains.
- Planner fixes, including improving outer join and bitmap scan
selection logic.
- Fix PANIC during enlargement of a hash index (bug introduced in
8.1.6).
- Fix POSIX-style timezone specs to follow new USA DST rules. - 20. By Martin Pitt
-
* Upgraded to new upstream microrelease:
- Fix another overzealous type check.
- Two handfuls of non-security, but important bug fixes.
* Remove the following patches (these are included in 8.1.8 now):
- 00upstream-disable- update- aggregates. patch
- 00upstream-duration- logging- crash.patch
- 00upstream-max-utf8- wchar-len. patch
- 00upstream-sql-fun- typecheck. patch
- 00upstream-table-plan- consistency. patch
- 00upstream-unknown- array-coerce. patch
- 00upstream-zzz-sql- fun-typecheck- regression. patch
- 54-contrib-dbmirror- quoteparsing. patch - 19. By Martin Pitt
-
Add debian/
patches/ 00upstream- zzz-sql- fun-typecheck- regression. patch: Fix
overzealous type checks in some cases. Closes: LP#83505 - 18. By Martin Pitt
-
* SECURITY UPDATE: Read out arbitrary memory locations from the server,
local DoS.
* Add debian/patches/ 00upstream- sql-fun- typecheck. patch:
- Repair insufficiently careful type checking for SQL-language functions.
Not only can one trivially crash the backend, but with appropriate
misuse of pass-by-reference datatypes it is possible to read out
arbitrary locations in the server process's memory, which could allow
retrieving database content the user should not be able to see.
- Discovered by Jeff Trout.
- Patch backported from 8.1.7 from CVS:
http://developer. postgresql. org/cvsweb. cgi/pgsql/ src/backend/ executor/ functions. c.diff? r1=1.98. 2.2;r2= 1.98.2. 3
http://developer. postgresql. org/cvsweb. cgi/pgsql/ src/backend/ optimizer/ util/clauses. c.diff? r1=1.201. 2.1;r2= 1.201.2. 2
- CVE-2007-0555
* Add debian/patches/ 00upstream- table-plan- consistency. patch:
- Check that a table is still compatible with a previously made query
plan. Use of ALTER COLUMN TYPE creates a hazard for cached query plans:
they could contain vars that claim a column has a different type than it
now has. Not only can one trivially crash the backend, but with
appropriate misuse of pass-by-reference datatypes it is possible to read
out arbitrary locations in the server process's memory, which could allow
retrieving database content the user should not be able to see.
- Discovered by Jeff Trout.
- Patch backported from 8.1.7 from CVS:
http://developer. postgresql. org/cvsweb. cgi/pgsql/ src/backend/ commands/ tablecmds. c.diff? r1=1.174. 2.3;r2= 1.174.2. 4
http://developer. postgresql. org/cvsweb. cgi/pgsql/ src/backend/ executor/ execQual. c.diff? r1=1.183. 2.4;r2= 1.183.2. 5
http://developer. postgresql. org/cvsweb. cgi/pgsql/ src/backend/ executor/ execScan. c.diff? r1=1.37. 2.1;r2= 1.37.2. 2
http://developer. postgresql. org/cvsweb. cgi/pgsql/ src/backend/ executor/ execUtils. c.diff? r1=1.126. 2.3;r2= 1.126.2. 4
http://developer. postgresql. org/cvsweb. cgi/pgsql/ src/backend/ executor/ nodeAgg. c.diff? r1=1.135. 2.1;r2= 1.135.2. 2
http://developer. postgresql. org/cvsweb. cgi/pgsql/ src/backend/ executor/ nodeGroup. c.diff? r1=1.62; r2=1.62. 2.1
http://developer. postgresql. org/cvsweb. cgi/pgsql/ src/backend/ executor/ nodeHashjoin. c.diff? r1=1.75. 2.3;r2= 1.75.2. 4
http://developer. postgresql. org/cvsweb. cgi/pgsql/ src/backend/ executor/ nodeMergejoin. c.diff? r1=1.75. 2.2;r2= 1.75.2. 3
http://developer. postgresql. org/cvsweb. cgi/pgsql/ src/backend/ executor/ nodeNestloop. c.diff? r1=1.39. 2.1;r2= 1.39.2. 2
http://developer. postgresql. org/cvsweb. cgi/pgsql/ src/backend/ executor/ nodeResult. c.diff? r1=1.32. 2.1;r2= 1.32.2. 2
http://developer. postgresql. org/cvsweb. cgi/pgsql/ src/backend/ executor/ nodeSubplan. c.diff? r1=1.70. 2.1;r2= 1.70.2. 2
http://developer. postgresql. org/cvsweb. cgi/pgsql/ src/include/ executor/ executor. h.diff? r1=1.120. 2.2;r2= 1.120.2. 3
- CVE-2007-0556
* Add debian/patches/ 00upstream- max-utf8- wchar-len. patch:
- Update various string functions to support the maximum UTF-8 sequence
length for 4-byte character set to prevent buffer overflows.
- Patch backported from 8.1.7 from CVS:
http://developer. postgresql. org/cvsweb. cgi/pgsql/ src/backend/ utils/mb/ wchar.c. diff?r1= 1.47.2. 4;r2=1. 47.2.5 - 17. By Martin Pitt
-
* SECURITY UPDATE: Local DoS.
* Add debian/patches/ 00upstream- disable- update- aggregates. patch:
- Disallow aggregate functions in UPDATE commands (unless within a
sub-SELECT). It is disallowed by the SQL spec and causes crashes.
- Patch backported from 8.1.5:
http://developer. postgresql. org/cvsweb. cgi/pgsql/ src/backend/ parser/ analyze. c.diff? r1=1.326. 2.1&r2= 1.326.2. 2
- CVE-2006-5540
* Add debian/patches/ 00upstream- duration- logging- crash.patch:
- Fix crash in duration logging for a V3-protocol Execute message
when what's being executed is a COMMIT or ROLLBACK.
- Patch backported from 8.1.5:
http://developer. postgresql. org/cvsweb. cgi/pgsql/ src/backend/ tcop/postgres. c.diff? r1=1.468. 2.5&r2= 1.468.2. 6
- CVE-2006-5542
* Add debian/patches/ 00upstream- unknown- array-coerce. patch:
- Repair incorrect check for coercion of unknown literal to ANYARRAY,
which could cause a backend crash.
- Patch backported from 8.1.5:
http://developer. postgresql. org/cvsweb. cgi/pgsql/ src/backend/ parser/ parse_coerce. c.diff? r1=2.132. 2.3&r2= 2.132.2. 4
- CVE-2006-5541 - 16. By Martin Pitt
-
* debian/control: Update libpq4 package description, point out that it is
only compatible for servers up to 8.1 (8.2 got a new libpq soname).
* Add debian/patches/ 08-unnecessary- libs.patch: Remove all unnecessary -lfoo
library references from Makefiles to clean up unnecessary library
dependencies. Thanks to Christian Aichinger for his neat checklib system! - 15. By Martin Pitt
-
* debian/control: Drop heimdal-dev suggestion of libpq-dev. Closes: #379848
* debian/libpq-dev. install: Ship pg_wchar.h. Closes: #380047
* Transition for private python extension in p-plpython-8.1:
- debian/control:
+ Bump cdbs/debhelper build dependency versions.
+ Add {XS,XB}-Python- Version attributes.
- debian/compat: Use compat level 5.
- Add debian/pycompat: Use compat level 2.
- debian/rules: Call dh_pycentral and dh_python for p-plpython-8.1.
- Closes: #380898
* debian/control: Change the order of records so that the libraries come
first. With that, postgresql-client- 8.1 and friends pick up the correct
shlibs. Closes: #381211 - 14. By Martin Pitt
-
* debian/rules: Install init script at priority 19, since Apache and web
applications usually reside on priority 20, but often require a running
database. This follows a recent change in the MySQL package, thanks to
Christian Hammers for pointing this out. Closes: #379276
* Add debian/patches/ 12-pg_restore- ignore- failing- tables. patch:
- pg_restore: Add option -X no-data-for-failed- tables to ignore TABLE DATA
objects if the corresponding TABLE could not be created. Necessary for
fixing #351571.
Branch metadata
- Branch format:
- Branch format 7
- Repository format:
- Bazaar repository format 2a (needs bzr 1.16 or later)