-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA256

Format: 1.8
Date: Tue, 04 Oct 2011 11:32:12 +0200
Source: postgresql-8.4
Binary: libpq-dev libpq5 libecpg6 libecpg-dev libecpg-compat3 libpgtypes3 postgresql-8.4 postgresql-client-8.4 postgresql-server-dev-8.4 postgresql-doc-8.4 postgresql-contrib-8.4 postgresql-plperl-8.4 postgresql-plpython-8.4 postgresql-pltcl-8.4 postgresql postgresql-client postgresql-doc postgresql-contrib
Architecture: mipsel
Version: 8.4.9-0squeeze1
Distribution: squeeze-security
Urgency: low
Maintainer: mipsel Build Daemon (mayer) <buildd_mips-mayer@buildd.debian.org>
Changed-By: Martin Pitt <mpitt@debian.org>
Description: 
 libecpg-compat3 - older version of run-time library for ECPG programs
 libecpg-dev - development files for ECPG (Embedded PostgreSQL for C)
 libecpg6   - run-time library for ECPG programs
 libpgtypes3 - shared library libpgtypes for PostgreSQL 8.4
 libpq-dev  - header files for libpq5 (PostgreSQL library)
 libpq5     - PostgreSQL C client library
 postgresql - object-relational SQL database (supported version)
 postgresql-8.4 - object-relational SQL database, version 8.4 server
 postgresql-client - front-end programs for PostgreSQL (supported version)
 postgresql-client-8.4 - front-end programs for PostgreSQL 8.4
 postgresql-contrib - additional facilities for PostgreSQL (supported version)
 postgresql-contrib-8.4 - additional facilities for PostgreSQL
 postgresql-doc - documentation for the PostgreSQL database management system
 postgresql-doc-8.4 - documentation for the PostgreSQL database management system
 postgresql-plperl-8.4 - PL/Perl procedural language for PostgreSQL 8.4
 postgresql-plpython-8.4 - PL/Python procedural language for PostgreSQL 8.4
 postgresql-pltcl-8.4 - PL/Tcl procedural language for PostgreSQL 8.4
 postgresql-server-dev-8.4 - development files for PostgreSQL 8.4 server-side programming
Closes: 628503 631285
Changes: 
 postgresql-8.4 (8.4.9-0squeeze1) stable-security; urgency=low
 .
   * New upstream bug fix/security release:
      - Fix bugs in indexing of in-doubt HOT-updated tuples.
        These bugs could result in index corruption after reindexing a
        system catalog. They are not believed to affect user indexes.
      - Fix multiple bugs in GiST index page split processing.
        The probability of occurrence was low, but these could lead to
        index corruption.
      - Fix possible buffer overrun in tsvector_concat().
        The function could underestimate the amount of memory needed for
        its result, leading to server crashes.
      - Fix crash in xml_recv when processing a "standalone" parameter.
      - Make pg_options_to_table return NULL for an option with no value.
        Previously such cases would result in a server crash.
      - Avoid possibly accessing off the end of memory in "ANALYZE" and in
        SJIS-2004 encoding conversion.
        This fixes some very-low-probability server crash scenarios.
      - Prevent intermittent hang in interactions of startup process with
        bgwriter process.
        This affected recovery in non-hot-standby cases.
      - Fix race condition in relcache init file invalidation.
        There was a window wherein a new backend process could read a stale
        init file but miss the inval messages that would tell it the data
        is stale. The result would be bizarre failures in catalog accesses,
        typically "could not read block 0 in file ..." later during
        startup.
      - Fix memory leak at end of a GiST index scan.
        Commands that perform many separate GiST index scans, such as
        verification of a new GiST-based exclusion constraint on a table
        already containing many rows, could transiently require large
        amounts of memory due to this leak.
      - Fix incorrect memory accounting (leading to possible memory bloat)
        in tuplestores supporting holdable cursors and plpgsql's RETURN
        NEXT command.
      - Fix performance problem when constructing a large, lossy bitmap.
      - Fix join selectivity estimation for unique columns.
        This fixes an erroneous planner heuristic that could lead to poor
        estimates of the result size of a join.
      - Fix nested PlaceHolderVar expressions that appear only in
        sub-select target lists. This mistake could result in outputs of an
        outer join incorrectly appearing as NULL.
      - Allow nested EXISTS queries to be optimized properly.
      - Fix array- and path-creating functions to ensure padding bytes are
        zeroes.  This avoids some situations where the planner will think that
        semantically-equal constants are not equal, resulting in poor
        optimization.
      - Fix "EXPLAIN" to handle gating Result nodes within inner-indexscan
        subplans.  The usual symptom of this oversight was "bogus varno" errors.
      - Work around gcc 4.6.0 bug that breaks WAL replay.  This could lead to
        loss of committed transactions after a server crash.
      - Fix dump bug for VALUES in a view.
      - Disallow SELECT FOR UPDATE/SHARE on sequences.
        This operation doesn't work as expected and can lead to failures.
      - Fix "VACUUM" so that it always updates pg_class.reltuples/relpages.
        This fixes some scenarios where autovacuum could make increasingly
        poor decisions about when to vacuum tables.
      - Defend against integer overflow when computing size of a hash table.
      - Fix cases where "CLUSTER" might attempt to access already-removed
        TOAST data.
      - Fix portability bugs in use of credentials control messages for
        "peer" authentication.
      - Fix SSPI login when multiple roundtrips are required.
        The typical symptom of this problem was "The function requested is
        not supported" errors during SSPI login.
      - Throw an error if "pg_hba.conf" contains hostssl but SSL is
        disabled.  This was concluded to be more user-friendly than the
        previous behavior of silently ignoring such lines.
      - Fix typo in pg_srand48 seed initialization.
        This led to failure to use all bits of the provided seed. This
        function is not used on most platforms (only those without
        srandom), and the potential security exposure from a
        less-random-than-expected seed seems minimal in any case.
      - Avoid integer overflow when the sum of LIMIT and OFFSET values
        exceeds 2^63.
      - Add overflow checks to int4 and int8 versions of generate_series().
      - Fix trailing-zero removal in to_char().  In a format with FM and no
        digit positions after the decimal point, zeroes to the left of the
        decimal point could be removed incorrectly.
      - Fix pg_size_pretty() to avoid overflow for inputs close to 2^63.
      - Weaken plpgsql's check for typmod matching in record values.
        An overly enthusiastic check could lead to discarding length
        modifiers that should have been kept.
      - Fix pg_upgrade to preserve toast tables' relfrozenxids during an
        upgrade from 8.3. Failure to do this could lead to "pg_clog" files
        being removed too soon after the upgrade.
      - Fix psql's counting of script file line numbers during COPY from a
        different file.
      - Fix pg_restore's direct-to-database mode for
        standard_conforming_strings.  pg_restore could emit incorrect commands
        when restoring directly to a database server from an archive file that
        had been made with standard_conforming_strings set to on.
      - Be more user-friendly about unsupported cases for parallel
        pg_restore.  This change ensures that such cases are detected and
        reported before any restore actions have been taken.
      - Fix write-past-buffer-end and memory leak in libpq's LDAP service
        lookup code.
      - In libpq, avoid failures when using nonblocking I/O and an SSL
        connection.
      - Improve libpq's handling of failures during connection startup.
        In particular, the response to a server report of fork() failure
        during SSL connection startup is now saner.
      - Improve libpq's error reporting for SSL failures.
      - Fix PQsetvalue() to avoid possible crash when adding a new tuple to
        a PGresult originally obtained from a server query.
      - Make ecpglib write double values with 15 digits precision.
      - In ecpglib, be sure LC_NUMERIC setting is restored after an error.
      - Apply upstream fix for blowfish signed-character bug
        (CVE-2011-2483) (Closes: #631285)
        "contrib/pg_crypto"'s blowfish encryption code could give wrong
        results on platforms where char is signed (which is most), leading
        to encrypted passwords being weaker than they should be.
      - Fix memory leak in "contrib/seg".
      - Fix pgstatindex() to give consistent results for empty indexes.
      - Allow building with perl 5.14. (Closes: #628503)
   * 15-revert-typmod-check.patch: Update for new upstream release.
Checksums-Sha1: 
 0ffd1bbae3d05eed30d7e11dae20120ee69c83f0 244846 libpq-dev_8.4.9-0squeeze1_mipsel.deb
 6faf7abb1b8c2e1bb120fb0a40dd14ae6a71d789 152514 libpq5_8.4.9-0squeeze1_mipsel.deb
 bd7b953435d0b3606ce72b65082f8d4070fdc279 94380 libecpg6_8.4.9-0squeeze1_mipsel.deb
 4d0902a84e13ed9317c57f584cc2cb50316b0963 247534 libecpg-dev_8.4.9-0squeeze1_mipsel.deb
 c7c2c14ea5cd3f9b945a537eeafa4dd9e40bb28d 30492 libecpg-compat3_8.4.9-0squeeze1_mipsel.deb
 e5b34cc0475ca49a67471a864f78f233fb784056 57036 libpgtypes3_8.4.9-0squeeze1_mipsel.deb
 e6ca4c7a23564ee3bdd8217ffd16d49fc4eefd81 5286034 postgresql-8.4_8.4.9-0squeeze1_mipsel.deb
 78dc2e0887dd4542d6813e3209b0cca8863ef344 1440694 postgresql-client-8.4_8.4.9-0squeeze1_mipsel.deb
 6628f39182d93ee979d259a959a89125f0b2cf4f 637296 postgresql-server-dev-8.4_8.4.9-0squeeze1_mipsel.deb
 b9cf135396a05a7e4f4bc6cbcd2610cd0d652f24 387772 postgresql-contrib-8.4_8.4.9-0squeeze1_mipsel.deb
 b2b9a9eb0f5afe586fd94080fabb97e8aa44face 55380 postgresql-plperl-8.4_8.4.9-0squeeze1_mipsel.deb
 9b340e39c779fcbeba1d31adc1da5fb300be8176 58284 postgresql-plpython-8.4_8.4.9-0squeeze1_mipsel.deb
 120276d2b1b4c94964fff75363ce08392308ec9b 45558 postgresql-pltcl-8.4_8.4.9-0squeeze1_mipsel.deb
Checksums-Sha256: 
 fa5886add337b4a4f2320597f66e82173d906580189224f22c6ab926363c5877 244846 libpq-dev_8.4.9-0squeeze1_mipsel.deb
 b816912af0de63e9e90feb0d579350f40b03cb358de961f0ad8368943fb2d5b2 152514 libpq5_8.4.9-0squeeze1_mipsel.deb
 ce3119f0cab345f7976b24edf84570741d5e34f72c865c78e1443b6919a0ad15 94380 libecpg6_8.4.9-0squeeze1_mipsel.deb
 b57c62833aee8e3125fce8cf47e274e8b4d3e3623c4aa9e6d56ede88e88ad711 247534 libecpg-dev_8.4.9-0squeeze1_mipsel.deb
 f5e1b5cbb507d902ce684b6dda3804d2a1289b6355fd87737d074ea410db9020 30492 libecpg-compat3_8.4.9-0squeeze1_mipsel.deb
 72f8c2b35b71a4332cf9b48fb7323b2664bff3ad94da0f3c7f7c7fbc0e832c21 57036 libpgtypes3_8.4.9-0squeeze1_mipsel.deb
 309b6549a7e8be32adf9f40eecfb8191bdcf2f5aea3134a282a1735d7dcdade5 5286034 postgresql-8.4_8.4.9-0squeeze1_mipsel.deb
 e026c6e1fe4448514bf1c9c6b38487333046ee5233feeddc5252523dff9b2fb7 1440694 postgresql-client-8.4_8.4.9-0squeeze1_mipsel.deb
 eade4ae0c908cf6b76764ec34008e44dc34b1dcc782a0ff0c42fe8023f79508c 637296 postgresql-server-dev-8.4_8.4.9-0squeeze1_mipsel.deb
 617dc80e25773158282dfea7dbd4c709994a8875377c7a8388adb87e8635e8d5 387772 postgresql-contrib-8.4_8.4.9-0squeeze1_mipsel.deb
 a716cf79640ff48c4af537d949b6889d3e64bde5b3234415dfca90b52cc9fa25 55380 postgresql-plperl-8.4_8.4.9-0squeeze1_mipsel.deb
 93bc4b53387a8187f2d8b69bc023212d13350f5f8385e4a293fc1b17163b5b52 58284 postgresql-plpython-8.4_8.4.9-0squeeze1_mipsel.deb
 9de1f549ad1f1323d3eed8e23b77a43a84034f97ca127a178353b45b2249ae59 45558 postgresql-pltcl-8.4_8.4.9-0squeeze1_mipsel.deb
Files: 
 f70b4783d8e583297e737f5540ffe169 244846 libdevel optional libpq-dev_8.4.9-0squeeze1_mipsel.deb
 c6acc54716975b85c61bb1f1ec2bf12f 152514 libs optional libpq5_8.4.9-0squeeze1_mipsel.deb
 785cf7fc42696e220060839c07a946c4 94380 libs optional libecpg6_8.4.9-0squeeze1_mipsel.deb
 16bd303127e095614acb06877c991830 247534 libdevel optional libecpg-dev_8.4.9-0squeeze1_mipsel.deb
 8306368f4fbd1901759bc67e5ee4d9f6 30492 libs optional libecpg-compat3_8.4.9-0squeeze1_mipsel.deb
 2b6487a4554a20d656ceefe2e117a4c9 57036 libs optional libpgtypes3_8.4.9-0squeeze1_mipsel.deb
 4964e317506d2e572d6a826ba86f174e 5286034 database optional postgresql-8.4_8.4.9-0squeeze1_mipsel.deb
 6e22a39d0763b61163bc74b8ffd9270f 1440694 database optional postgresql-client-8.4_8.4.9-0squeeze1_mipsel.deb
 d189c2240e02190fedb045be47f3ad38 637296 libdevel optional postgresql-server-dev-8.4_8.4.9-0squeeze1_mipsel.deb
 1d128b5fdaf2c108c31b2de7e4dad426 387772 database optional postgresql-contrib-8.4_8.4.9-0squeeze1_mipsel.deb
 ad730e5511cf21fc9291d568ba2bc848 55380 database optional postgresql-plperl-8.4_8.4.9-0squeeze1_mipsel.deb
 6f890595894c3a8011849f9599c7ac95 58284 database optional postgresql-plpython-8.4_8.4.9-0squeeze1_mipsel.deb
 ee03eae5cd3938dff2fd8bd54ab39731 45558 database optional postgresql-pltcl-8.4_8.4.9-0squeeze1_mipsel.deb

-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.9 (GNU/Linux)

iQIcBAEBCAAGBQJOm85cAAoJEHR+3TSlYz+Ul+QQAL8fioB7BJE+tQABzE8qH00t
+hRKkUwwiKIzP2D1Ut7BmmksqrPanE1igc3UP1WZq+uBWLvB5QFUyUOHKzJx41qJ
5o38T49aYzzeY3Cde/CSM2Hj80erYfMh7vOX9MluVzHF8xdUHFeCsLfed+81yre6
AUZscDjef6Uf0O6IErZnoB4bOtuOEdIPDYfi5kMKSs6dX/IGdA8NmQzzopfYFbEm
/5Dgguo77xcibF31D1zuLxPhCIQAA09yCakVuHc8oswfQ4+3ssK30Ll/LkbLJFs8
TkSAWjTa68MRDqflLjJbmUvhTxttUKmIe4GBbUZw9lZrECAyT5ZYAfBKzKvJ6/XN
e1siJuxjWkWzkeNcBLslziDPV8kLQHfZ3TU/jTcJRgnwa0smJ2FXQR7Lbqn2Y8/m
0nKrwf9sbYxfuPAkB3LYVfslCQ5lRdbk3SUv6g29Z/1LHhkn6kYXbn5cyb5vLg3K
+H4x0hC47g1WUrQGO24Bu/2K2tyDujjHdLmUvXTP7StfG04OD4L6rL5MxekbPk45
h2XCtzc5Cb67Vx6mdnItFwWuzokvevhlYGkcEPcKwnlpAE6rmI07RPMmByHbv8tM
WRzNtzxrfJ4x2onUsqSla9pMDC7vpz4TD9RiwFM2Vzxn6u3nD9l6cXo/6tFnyTTo
OtS3JfXzKjBtYSomFShC
=RIgv
-----END PGP SIGNATURE-----