-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA256

Format: 1.8
Date: Tue, 04 Oct 2011 11:32:12 +0200
Source: postgresql-8.4
Binary: libpq-dev libpq5 libecpg6 libecpg-dev libecpg-compat3 libpgtypes3 postgresql-8.4 postgresql-client-8.4 postgresql-server-dev-8.4 postgresql-doc-8.4 postgresql-contrib-8.4 postgresql-plperl-8.4 postgresql-plpython-8.4 postgresql-pltcl-8.4 postgresql postgresql-client postgresql-doc postgresql-contrib
Architecture: armel
Version: 8.4.9-0squeeze1
Distribution: squeeze-security
Urgency: low
Maintainer: armel Build Daemon (antheil) <buildd_armel-antheil@buildd.debian.org>
Changed-By: Martin Pitt <mpitt@debian.org>
Description: 
 libecpg-compat3 - older version of run-time library for ECPG programs
 libecpg-dev - development files for ECPG (Embedded PostgreSQL for C)
 libecpg6   - run-time library for ECPG programs
 libpgtypes3 - shared library libpgtypes for PostgreSQL 8.4
 libpq-dev  - header files for libpq5 (PostgreSQL library)
 libpq5     - PostgreSQL C client library
 postgresql - object-relational SQL database (supported version)
 postgresql-8.4 - object-relational SQL database, version 8.4 server
 postgresql-client - front-end programs for PostgreSQL (supported version)
 postgresql-client-8.4 - front-end programs for PostgreSQL 8.4
 postgresql-contrib - additional facilities for PostgreSQL (supported version)
 postgresql-contrib-8.4 - additional facilities for PostgreSQL
 postgresql-doc - documentation for the PostgreSQL database management system
 postgresql-doc-8.4 - documentation for the PostgreSQL database management system
 postgresql-plperl-8.4 - PL/Perl procedural language for PostgreSQL 8.4
 postgresql-plpython-8.4 - PL/Python procedural language for PostgreSQL 8.4
 postgresql-pltcl-8.4 - PL/Tcl procedural language for PostgreSQL 8.4
 postgresql-server-dev-8.4 - development files for PostgreSQL 8.4 server-side programming
Closes: 628503 631285
Changes: 
 postgresql-8.4 (8.4.9-0squeeze1) stable-security; urgency=low
 .
   * New upstream bug fix/security release:
      - Fix bugs in indexing of in-doubt HOT-updated tuples.
        These bugs could result in index corruption after reindexing a
        system catalog. They are not believed to affect user indexes.
      - Fix multiple bugs in GiST index page split processing.
        The probability of occurrence was low, but these could lead to
        index corruption.
      - Fix possible buffer overrun in tsvector_concat().
        The function could underestimate the amount of memory needed for
        its result, leading to server crashes.
      - Fix crash in xml_recv when processing a "standalone" parameter.
      - Make pg_options_to_table return NULL for an option with no value.
        Previously such cases would result in a server crash.
      - Avoid possibly accessing off the end of memory in "ANALYZE" and in
        SJIS-2004 encoding conversion.
        This fixes some very-low-probability server crash scenarios.
      - Prevent intermittent hang in interactions of startup process with
        bgwriter process.
        This affected recovery in non-hot-standby cases.
      - Fix race condition in relcache init file invalidation.
        There was a window wherein a new backend process could read a stale
        init file but miss the inval messages that would tell it the data
        is stale. The result would be bizarre failures in catalog accesses,
        typically "could not read block 0 in file ..." later during
        startup.
      - Fix memory leak at end of a GiST index scan.
        Commands that perform many separate GiST index scans, such as
        verification of a new GiST-based exclusion constraint on a table
        already containing many rows, could transiently require large
        amounts of memory due to this leak.
      - Fix incorrect memory accounting (leading to possible memory bloat)
        in tuplestores supporting holdable cursors and plpgsql's RETURN
        NEXT command.
      - Fix performance problem when constructing a large, lossy bitmap.
      - Fix join selectivity estimation for unique columns.
        This fixes an erroneous planner heuristic that could lead to poor
        estimates of the result size of a join.
      - Fix nested PlaceHolderVar expressions that appear only in
        sub-select target lists. This mistake could result in outputs of an
        outer join incorrectly appearing as NULL.
      - Allow nested EXISTS queries to be optimized properly.
      - Fix array- and path-creating functions to ensure padding bytes are
        zeroes.  This avoids some situations where the planner will think that
        semantically-equal constants are not equal, resulting in poor
        optimization.
      - Fix "EXPLAIN" to handle gating Result nodes within inner-indexscan
        subplans.  The usual symptom of this oversight was "bogus varno" errors.
      - Work around gcc 4.6.0 bug that breaks WAL replay.  This could lead to
        loss of committed transactions after a server crash.
      - Fix dump bug for VALUES in a view.
      - Disallow SELECT FOR UPDATE/SHARE on sequences.
        This operation doesn't work as expected and can lead to failures.
      - Fix "VACUUM" so that it always updates pg_class.reltuples/relpages.
        This fixes some scenarios where autovacuum could make increasingly
        poor decisions about when to vacuum tables.
      - Defend against integer overflow when computing size of a hash table.
      - Fix cases where "CLUSTER" might attempt to access already-removed
        TOAST data.
      - Fix portability bugs in use of credentials control messages for
        "peer" authentication.
      - Fix SSPI login when multiple roundtrips are required.
        The typical symptom of this problem was "The function requested is
        not supported" errors during SSPI login.
      - Throw an error if "pg_hba.conf" contains hostssl but SSL is
        disabled.  This was concluded to be more user-friendly than the
        previous behavior of silently ignoring such lines.
      - Fix typo in pg_srand48 seed initialization.
        This led to failure to use all bits of the provided seed. This
        function is not used on most platforms (only those without
        srandom), and the potential security exposure from a
        less-random-than-expected seed seems minimal in any case.
      - Avoid integer overflow when the sum of LIMIT and OFFSET values
        exceeds 2^63.
      - Add overflow checks to int4 and int8 versions of generate_series().
      - Fix trailing-zero removal in to_char().  In a format with FM and no
        digit positions after the decimal point, zeroes to the left of the
        decimal point could be removed incorrectly.
      - Fix pg_size_pretty() to avoid overflow for inputs close to 2^63.
      - Weaken plpgsql's check for typmod matching in record values.
        An overly enthusiastic check could lead to discarding length
        modifiers that should have been kept.
      - Fix pg_upgrade to preserve toast tables' relfrozenxids during an
        upgrade from 8.3. Failure to do this could lead to "pg_clog" files
        being removed too soon after the upgrade.
      - Fix psql's counting of script file line numbers during COPY from a
        different file.
      - Fix pg_restore's direct-to-database mode for
        standard_conforming_strings.  pg_restore could emit incorrect commands
        when restoring directly to a database server from an archive file that
        had been made with standard_conforming_strings set to on.
      - Be more user-friendly about unsupported cases for parallel
        pg_restore.  This change ensures that such cases are detected and
        reported before any restore actions have been taken.
      - Fix write-past-buffer-end and memory leak in libpq's LDAP service
        lookup code.
      - In libpq, avoid failures when using nonblocking I/O and an SSL
        connection.
      - Improve libpq's handling of failures during connection startup.
        In particular, the response to a server report of fork() failure
        during SSL connection startup is now saner.
      - Improve libpq's error reporting for SSL failures.
      - Fix PQsetvalue() to avoid possible crash when adding a new tuple to
        a PGresult originally obtained from a server query.
      - Make ecpglib write double values with 15 digits precision.
      - In ecpglib, be sure LC_NUMERIC setting is restored after an error.
      - Apply upstream fix for blowfish signed-character bug
        (CVE-2011-2483) (Closes: #631285)
        "contrib/pg_crypto"'s blowfish encryption code could give wrong
        results on platforms where char is signed (which is most), leading
        to encrypted passwords being weaker than they should be.
      - Fix memory leak in "contrib/seg".
      - Fix pgstatindex() to give consistent results for empty indexes.
      - Allow building with perl 5.14. (Closes: #628503)
   * 15-revert-typmod-check.patch: Update for new upstream release.
Checksums-Sha1: 
 b8ed6fb41e0d70acd9d6ebccec881e032a0d1007 229604 libpq-dev_8.4.9-0squeeze1_armel.deb
 a4e675a616942e246f5616538e035d520040e655 150950 libpq5_8.4.9-0squeeze1_armel.deb
 a7d4bcb05e983394f09ab1313c3a3a68bd30dc48 96886 libecpg6_8.4.9-0squeeze1_armel.deb
 ac9707aacfe9d60b41a588a65d9c7ccef87fddd1 246708 libecpg-dev_8.4.9-0squeeze1_armel.deb
 e22f5f63cfb0378da53320dc1d548a7cff112446 29934 libecpg-compat3_8.4.9-0squeeze1_armel.deb
 61c55ab70a206fc2a9c37d3dc510ac059fd2c3aa 55050 libpgtypes3_8.4.9-0squeeze1_armel.deb
 e60e243f7448623b463fd89476919e59193301a8 5356888 postgresql-8.4_8.4.9-0squeeze1_armel.deb
 f5c78d874dc422ed1e8da48ecda3a3e329dd2da1 1442890 postgresql-client-8.4_8.4.9-0squeeze1_armel.deb
 73409eec435296d7003a439788697ab628edbc74 638102 postgresql-server-dev-8.4_8.4.9-0squeeze1_armel.deb
 d83e5fc596051d00d1c1a310acfaf4665d00708c 412856 postgresql-contrib-8.4_8.4.9-0squeeze1_armel.deb
 579565afd80a6c6b4aad7ce7a557a74eb6311605 59642 postgresql-plperl-8.4_8.4.9-0squeeze1_armel.deb
 3abcfff3e4332ec3e1d9ee1cfe1d5c3ee7190829 59710 postgresql-plpython-8.4_8.4.9-0squeeze1_armel.deb
 9effa39d219d08acd239566862d9dcc2382e7ed0 46330 postgresql-pltcl-8.4_8.4.9-0squeeze1_armel.deb
Checksums-Sha256: 
 90f18403435b95a5971ac287eeac8ddc0cd4813174a633c28a753c9b500673c3 229604 libpq-dev_8.4.9-0squeeze1_armel.deb
 f1a89ff1919df754a20c4662d2d31dda4339ef2c2ce2e550b196cc6c95bafb93 150950 libpq5_8.4.9-0squeeze1_armel.deb
 bb44eb666b1bfe29f60fdebad54aed2f4089fd0b6443bd491abb64f97eab9ac2 96886 libecpg6_8.4.9-0squeeze1_armel.deb
 9d4e68e3e74ca8e04db8b5c1805383c8a029632cef815ac5aa4756f54c9284c9 246708 libecpg-dev_8.4.9-0squeeze1_armel.deb
 98415ddce40df34c2d87d27fd53567d8b14eee3154f7f81d29d3e3158751eb46 29934 libecpg-compat3_8.4.9-0squeeze1_armel.deb
 d3e1f0767f9bb9c429510a87739130f9f6a913bc69a0c85edae444759bcda73a 55050 libpgtypes3_8.4.9-0squeeze1_armel.deb
 5ed5d650b52200b7f25d4aff4b7e8ccc27b656f7cb45d836af8861e0738dcb66 5356888 postgresql-8.4_8.4.9-0squeeze1_armel.deb
 fdb6da7caf38d4a07a16c204d8d296ef72c059c812a2e3ef790040663bb1ea92 1442890 postgresql-client-8.4_8.4.9-0squeeze1_armel.deb
 c860dc5e9b40c16655bb4e8c0d5b4a4b4d00bea82b1ca3c182619348b6eb2497 638102 postgresql-server-dev-8.4_8.4.9-0squeeze1_armel.deb
 d2cfb8ace8c00707114dca49aba434782d5cf0598bd8f0a7948951ed24108b51 412856 postgresql-contrib-8.4_8.4.9-0squeeze1_armel.deb
 63a21a791e48677b525a8d6562c875841b9cbee5194165058478eedaf6424c3d 59642 postgresql-plperl-8.4_8.4.9-0squeeze1_armel.deb
 85b31d7ee4ec9a25ef829f7635d669ae5a3292d2a00cf4a1f2d72411958abdcb 59710 postgresql-plpython-8.4_8.4.9-0squeeze1_armel.deb
 25431fbc246a9bd06919fc804a4223c699f690b5b65b8356b1a1f0e45f67b8d6 46330 postgresql-pltcl-8.4_8.4.9-0squeeze1_armel.deb
Files: 
 e07673251b3610af5cf9c84f5d26175b 229604 libdevel optional libpq-dev_8.4.9-0squeeze1_armel.deb
 64c91a72028a17dca3db7108a6fe2906 150950 libs optional libpq5_8.4.9-0squeeze1_armel.deb
 d3493ac4563991e9ba6e09d5577640c8 96886 libs optional libecpg6_8.4.9-0squeeze1_armel.deb
 a69912d28d3293d577390d6e32e86324 246708 libdevel optional libecpg-dev_8.4.9-0squeeze1_armel.deb
 49737ae3aabac2c37ffcb02a91f89823 29934 libs optional libecpg-compat3_8.4.9-0squeeze1_armel.deb
 d2bd69922e6eee4a47e8dd0d316e2f24 55050 libs optional libpgtypes3_8.4.9-0squeeze1_armel.deb
 9b0a43f2bd2f1b4d13639381bec60646 5356888 database optional postgresql-8.4_8.4.9-0squeeze1_armel.deb
 00990c58cbaaaae526686254368bc2e4 1442890 database optional postgresql-client-8.4_8.4.9-0squeeze1_armel.deb
 20aa556d73976a5f4ef1f3984c051244 638102 libdevel optional postgresql-server-dev-8.4_8.4.9-0squeeze1_armel.deb
 44bc4da9d099753fbe8246fd367c3f79 412856 database optional postgresql-contrib-8.4_8.4.9-0squeeze1_armel.deb
 dd39e9fe5c4e14c3b14b0bc25a85603e 59642 database optional postgresql-plperl-8.4_8.4.9-0squeeze1_armel.deb
 9534cdd560aa0a1699447a73ce238d0e 59710 database optional postgresql-plpython-8.4_8.4.9-0squeeze1_armel.deb
 467a44686eb5349868753ef95afd018d 46330 database optional postgresql-pltcl-8.4_8.4.9-0squeeze1_armel.deb

-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.10 (GNU/Linux)

iQIcBAEBCAAGBQJOm9T/AAoJECVpDDEoiwdTk5kP/jcbAExJFKf2XvC5NLObIgne
zQWjq/59LW3IBmNnQX1pGuqQ4L32j2ISypC9YPpwDsh4i3OyXe0HFVkEQVgLFOFb
bBsyrdJF/FMNA7eZvAWZf11k+pmpjR5ozQOK9brXeqffDuJoAdj/CcAyAW1vj64f
tSiQD4gXGHQ5CPUEeC21QsEw6vNEyk6uqVqWipIQsQb4VDM9aq9cX7u3GEEXdgu6
nZtQ8ud3HgHTjKted/vyj2OrEEWaZjPx15jyiUMwmauZPLFDoVVZjrl9N9CDNpRt
kR7uTYBX4NpViTuYx9YMIRTbz9QOV7/DpurXJ3rBQr08o40ETLBTyxROVPJWSQLu
sJJz/nUEHmDqoBvVSAGGpYR3oQbqT/6Lm8FGsQl5sUahRV6HxrcsAZnFjHyEBZLn
olBIQhs4GsXieyhNSTn/j4BGn4amD9XdO3NWSr7dMjCVWUdYfQrNaYPfXwZ6nI+x
Tl3bdT34GiyZmvdKXVmoHa4W6nuME+SpG6iLH0VsmzPe4braC8eScmgRTQMI9OtL
5daMO52M6WYw28l2NPqNnnrRij0D9rDf4ebc2QIV7JTT5+b4HVT+Ot1M9NsdoDAp
AfNl+CTmXo+ujG7oDh+B/l7hp/2QAvhLpi4gOwvy/E/L1TUCANY6hg/W/1Zx5tZN
nW+LqvmSK3KUQ02tFyFD
=jG3a
-----END PGP SIGNATURE-----