ubuntu/+source/postgresql-9.1:applied/ubuntu/precise-devel

Last commit made on 2016-10-27
Get this branch:
git clone -b applied/ubuntu/precise-devel https://git.launchpad.net/ubuntu/+source/postgresql-9.1
Members of Ubuntu Server Dev import team can upload to this branch. Log in for directions.

Branch merges

Branch information

Name:
applied/ubuntu/precise-devel
Repository:
lp:ubuntu/+source/postgresql-9.1

Recent commits

4f38c80... by Martin Pitt on 2016-10-27

Import patches-applied version 9.1.24-0ubuntu0.12.04 to applied/ubuntu/precise-proposed

Imported using git-ubuntu import.

Changelog parent: 1bd4fe6314f28cf91fe69589e26b9fb6e5222627
Unapplied parent: 5a35afb286d8916f3a23e17f754b2c15b094073c

New changelog entries:
  * New upstream bug fix release (LP: #1637236)
   - Details: https://www.postgresql.org/docs/9.1/static/release-9-1-24.html

5a35afb... by Martin Pitt on 2016-10-27

70-history.patch

No DEP3 Subject or Description header found

Gbp-Pq: 70-history.patch.

2f827e0... by Martin Pitt on 2016-10-27

Use Debian alternatives for external tools instead of hardcoded programs

Gbp-Pq: 54-debian-alternatives-for-external-tools.patch.

1ebffa1... by Martin Pitt on 2016-10-27

Update pg_service.conf example to tell the Debian specific file location.

Gbp-Pq: 53-pg_service.conf_directory_doc.patch.

6d39d85... by Martin Pitt on 2016-10-27

Update tutorial README for required build dependencies.

Gbp-Pq: 52-tutorial-README.patch.

79d079e... by Martin Pitt on 2016-10-27

Put server Unix sockets into /var/run/postgresql/ by default

Gbp-Pq: 51-default-sockets-in-var.patch.

e378596... by Martin Pitt on 2016-10-27

Use version specific installation directories so that several major versions can be installed in parallel.

Gbp-Pq: 50-per-version-dirs.patch.

0fbef88... by Martin Pitt on 2016-10-27

Relax security check on private SSL key file: The file is also considered safe if it has owner and/or group "root", and if it is group-readable (unless the group is something other than root or the database owner group).

Gbp-Pq: 02-relax-sslkey-permscheck.patch.

6c30511... by Martin Pitt on 2016-10-27

Import patches-unapplied version 9.1.24-0ubuntu0.12.04 to ubuntu/precise-proposed

Imported using git-ubuntu import.

Changelog parent: b336b9e106caf89b33d3a04268d9884c333e4939

New changelog entries:
  * New upstream bug fix release (LP: #1637236)
   - Details: https://www.postgresql.org/docs/9.1/static/release-9-1-24.html

1bd4fe6... by Martin Pitt on 2016-08-17

Import patches-applied version 9.1.23-0ubuntu0.12.04 to applied/ubuntu/precise-security

Imported using git-ubuntu import.

Changelog parent: 3815556846ab2d010c6fc3a96156db2a3e3524ae
Unapplied parent: a44946a1a547626be690f796511217bd56a1939a

New changelog entries:
  * New upstream security/bug fix release (LP: #1614113)
    - Fix possible mis-evaluation of nested CASE-WHEN expressions
      A CASE expression appearing within the test value subexpression of
      another CASE could become confused about whether its own test value was
      null or not. Also, inlining of a SQL function implementing the equality
      operator used by a CASE expression could result in passing the wrong
      test value to functions called within a CASE expression in the SQL
      function's body. If the test values were of different data types, a
      crash might result; moreover such situations could be abused to allow
      disclosure of portions of server memory. (CVE-2016-5423)
    - Fix client programs' handling of special characters in database and role
      names
      Numerous places in vacuumdb and other client programs could become
      confused by database and role names containing double quotes or
      backslashes. Tighten up quoting rules to make that safe. Also, ensure
      that when a conninfo string is used as a database name parameter to
      these programs, it is correctly treated as such throughout.
      Fix handling of paired double quotes in psql's \connect and \password
      commands to match the documentation.
      Introduce a new -reuse-previous option in psql's \connect command to
      allow explicit control of whether to re-use connection parameters from a
      previous connection. (Without this, the choice is based on whether the
      database name looks like a conninfo string, as before.) This allows
      secure handling of database names containing special characters in
      pg_dumpall scripts.
      pg_dumpall now refuses to deal with database and role names containing
      carriage returns or newlines, as it seems impractical to quote those
      characters safely on Windows. In future we may reject such names on the
      server side, but that step has not been taken yet.
      These are considered security fixes because crafted object names
      containing special characters could have been used to execute commands
      with superuser privileges the next time a superuser executes pg_dumpall
      or other routine maintenance operations. (CVE-2016-5424)
   - Details: https://www.postgresql.org/docs/9.1/static/release-9-1-23.html