-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA256

Format: 1.8
Date: Sun, 25 Sep 2011 13:40:58 +0200
Source: postgresql-8.3
Binary: libpq-dev libpq5 libecpg6 libecpg-dev libecpg-compat3 libpgtypes3 postgresql-8.3 postgresql-client-8.3 postgresql-server-dev-8.3 postgresql-doc-8.3 postgresql-contrib-8.3 postgresql-plperl-8.3 postgresql-plpython-8.3 postgresql-pltcl-8.3 postgresql postgresql-client postgresql-doc postgresql-contrib
Architecture: source all amd64
Version: 8.3.16-0lenny1
Distribution: oldstable-security
Urgency: low
Maintainer: Martin Pitt <mpitt@debian.org>
Changed-By: Martin Pitt <mpitt@debian.org>
Description: 
 libecpg-compat3 - older version of run-time library for ECPG programs
 libecpg-dev - development files for ECPG (Embedded PostgreSQL for C)
 libecpg6   - run-time library for ECPG programs
 libpgtypes3 - shared library libpgtypes for PostgreSQL 8.3
 libpq-dev  - header files for libpq5 (PostgreSQL library)
 libpq5     - PostgreSQL C client library
 postgresql - object-relational SQL database (supported version)
 postgresql-8.3 - object-relational SQL database, version 8.3 server
 postgresql-client - front-end programs for PostgreSQL (supported version)
 postgresql-client-8.3 - front-end programs for PostgreSQL 8.3
 postgresql-contrib - additional facilities for PostgreSQL (supported version)
 postgresql-contrib-8.3 - additional facilities for PostgreSQL
 postgresql-doc - documentation for the PostgreSQL database management system
 postgresql-doc-8.3 - documentation for the PostgreSQL database management system
 postgresql-plperl-8.3 - PL/Perl procedural language for PostgreSQL 8.3
 postgresql-plpython-8.3 - PL/Python procedural language for PostgreSQL 8.3
 postgresql-pltcl-8.3 - PL/Tcl procedural language for PostgreSQL 8.3
 postgresql-server-dev-8.3 - development files for PostgreSQL 8.3 server-side programming
Changes: 
 postgresql-8.3 (8.3.16-0lenny1) oldstable-security; urgency=low
 .
   * New upstream bug fix release 8.3.15:
     - Disallow including a composite type in itself.
       This prevents scenarios wherein the server could recurse infinitely
       while processing the composite type. While there are some possible
       uses for such a structure, they don't seem compelling enough to
       justify the effort required to make sure it always works safely.
     - Avoid potential deadlock during catalog cache initialization.
       In some cases the cache loading code would acquire share lock on a
       system index before locking the index's catalog. This could
       deadlock against processes trying to acquire exclusive locks in the
       other, more standard order.
     - Fix dangling-pointer problem in BEFORE ROW UPDATE trigger handling
       when there was a concurrent update to the target tuple.
       This bug has been observed to result in intermittent "cannot
       extract system attribute from virtual tuple" failures while trying
       to do UPDATE RETURNING ctid. There is a very small probability of
       more serious errors, such as generating incorrect index entries for
       the updated tuple.
     - Disallow "DROP TABLE" when there are pending deferred trigger
       events for the table. Formerly the "DROP" would go through, leading to
       "could not open relation with OID nnn" errors when the triggers were
       eventually fired.
     - Fix PL/Python memory leak involving array slices.
     - Fix pg_restore to cope with long lines (over 1KB) in TOC files.
     - Put in more safeguards against crashing due to division-by-zero
       with overly enthusiastic compiler optimization.
   * New upstream bug fix release 8.3.16:
     - Fix bugs in indexing of in-doubt HOT-updated tuples.
       These bugs could result in index corruption after reindexing a
       system catalog. They are not believed to affect user indexes.
     - Fix multiple bugs in GiST index page split processing.
       The probability of occurrence was low, but these could lead to
       index corruption.
     - Fix possible buffer overrun in tsvector_concat().
       The function could underestimate the amount of memory needed for
       its result, leading to server crashes.
     - Fix crash in xml_recv when processing a "standalone" parameter.
     - Avoid possibly accessing off the end of memory in "ANALYZE" and in
       SJIS-2004 encoding conversion.
       This fixes some very-low-probability server crash scenarios.
     - Fix race condition in relcache init file invalidation.
       There was a window wherein a new backend process could read a stale
       init file but miss the inval messages that would tell it the data
       is stale. The result would be bizarre failures in catalog accesses,
       typically "could not read block 0 in file ..." later during
       startup.
     - Fix memory leak at end of a GiST index scan.
       Commands that perform many separate GiST index scans, such as
       verification of a new GiST-based exclusion constraint on a table
       already containing many rows, could transiently require large
       amounts of memory due to this leak.
     - Fix performance problem when constructing a large, lossy bitmap.
     - Fix array- and path-creating functions to ensure padding bytes are
       zeroes. This avoids some situations where the planner will think that
       semantically-equal constants are not equal, resulting in poor
       optimization.
     - Fix dump bug for VALUES in a view.
     - Disallow SELECT FOR UPDATE/SHARE on sequences.
       This operation doesn't work as expected and can lead to failures.
     - Defend against integer overflow when computing size of a hash table.
     - Fix cases where "CLUSTER" might attempt to access already-removed
       TOAST data.
     - Fix portability bugs in use of credentials control messages for
       "peer" authentication.
     - Fix SSPI login when multiple roundtrips are required.
       The typical symptom of this problem was "The function requested is
       not supported" errors during SSPI login.
     - Fix typo in pg_srand48 seed initialization.
       This led to failure to use all bits of the provided seed. This
       function is not used on most platforms (only those without
       srandom), and the potential security exposure from a
       less-random-than-expected seed seems minimal in any case.
     - Avoid integer overflow when the sum of LIMIT and OFFSET values
       exceeds 2^63.
     - Add overflow checks to int4 and int8 versions of generate_series().
     - Fix trailing-zero removal in to_char(). In a format with FM and no digit
       positions after the decimal point, zeroes to the left of the decimal
       point could be removed incorrectly.
     - Fix pg_size_pretty() to avoid overflow for inputs close to 2^63.
     - Fix psql's counting of script file line numbers during COPY from a
       different file.
     - Fix pg_restore's direct-to-database mode for
       standard_conforming_strings.
       pg_restore could emit incorrect commands when restoring directly to
       a database server from an archive file that had been made with
       standard_conforming_strings set to on.
     - Fix write-past-buffer-end and memory leak in libpq's LDAP service
       lookup code.
     - In libpq, avoid failures when using nonblocking I/O and an SSL
       connection.
     - Improve libpq's handling of failures during connection startup.
       In particular, the response to a server report of fork() failure
       during SSL connection startup is now saner.
     - Improve libpq's error reporting for SSL failures.
     - Make ecpglib write double values with 15 digits precision.
     - In ecpglib, be sure LC_NUMERIC setting is restored after an error.
     - Apply upstream fix for blowfish signed-character bug
       (CVE-2011-2483).
       "contrib/pg_crypto"'s blowfish encryption code could give wrong
       results on platforms where char is signed (which is most), leading
       to encrypted passwords being weaker than they should be.
     - Fix memory leak in "contrib/seg".
     - Fix pgstatindex() to give consistent results for empty indexes.
     - Allow building with perl 5.14 (Alex Hunsaker)
   * Drop 00cvs-unregister-ssl-callbacks.patch, upstream now.
Checksums-Sha1: 
 ceb7864bc688b2a06901f4793920fc1cbe93f522 2312 postgresql-8.3_8.3.16-0lenny1.dsc
 e18c11f26a3e7e41b7c1a20cc5d4927c2ef32b1c 14030916 postgresql-8.3_8.3.16.orig.tar.gz
 e6abfd15b83dbbe14e9501f444b3d55be7d02761 54258 postgresql-8.3_8.3.16-0lenny1.diff.gz
 500ffce5e67640fe60020257530eeded75164533 2246368 postgresql-doc-8.3_8.3.16-0lenny1_all.deb
 ce3fb2904f2ae1c044a2d2646d47d3fe4ded9f8e 288642 postgresql_8.3.16-0lenny1_all.deb
 9b695ba751bb7b62ecd8d189416e4bf439e37e09 288628 postgresql-client_8.3.16-0lenny1_all.deb
 bb4cc0ce1ef063a254c964afe3543853a04903ce 288458 postgresql-doc_8.3.16-0lenny1_all.deb
 6d4cca0ee4a432d95d30361acd9240eacc862b25 288524 postgresql-contrib_8.3.16-0lenny1_all.deb
 20b0b3ea06dc657775ee5e9ad0c6be068f5c8e8c 495604 libpq-dev_8.3.16-0lenny1_amd64.deb
 b39f82e40dceaa8f3b5c5b83d9db2813aa309a8e 427138 libpq5_8.3.16-0lenny1_amd64.deb
 8c7deb1c430b93b11d191372b6b2e4c27a49f1dc 317916 libecpg6_8.3.16-0lenny1_amd64.deb
 5bbf389f8f833e2cac0b3c9bd206312be5d3d38f 508004 libecpg-dev_8.3.16-0lenny1_amd64.deb
 9789275d2134ec9e7b408631b7aed297903302b1 296590 libecpg-compat3_8.3.16-0lenny1_amd64.deb
 e75d5f2f8b19912b9644fac6483ea85946357044 318162 libpgtypes3_8.3.16-0lenny1_amd64.deb
 55fb9c28a70db63f3012500744d0642ac0921b97 5448656 postgresql-8.3_8.3.16-0lenny1_amd64.deb
 4f4960b65733ac002dac9618fc34e37e65ff1f63 1743426 postgresql-client-8.3_8.3.16-0lenny1_amd64.deb
 9e284f93c8b73d8656e8fc43f25974a1098fa534 861002 postgresql-server-dev-8.3_8.3.16-0lenny1_amd64.deb
 05635a8e54b9c6d08493ed84aa0bf37c6737b6ba 653146 postgresql-contrib-8.3_8.3.16-0lenny1_amd64.deb
 9b1678a07e42ba415ca5468bd79b7864b4c4447e 318100 postgresql-plperl-8.3_8.3.16-0lenny1_amd64.deb
 03e8bcc4dee7af8cd11bf6f4a7a626e0513f0dc0 310456 postgresql-plpython-8.3_8.3.16-0lenny1_amd64.deb
 ef4637133f1dc92e8d60c928efd44efbd858fd8e 307980 postgresql-pltcl-8.3_8.3.16-0lenny1_amd64.deb
Checksums-Sha256: 
 63cf2559be8718ab42bba6b8a5295ff8032c901e8fa5b3dbdcaaa2a1fe731bbb 2312 postgresql-8.3_8.3.16-0lenny1.dsc
 e1fd8c3157064220e30d1caa504a7d47d7b53df819379c677fd3cc0fc56f8356 14030916 postgresql-8.3_8.3.16.orig.tar.gz
 39c22416638928d18ad7d288c2869e6a5b2d42c72075dfa2af369abb8857ad56 54258 postgresql-8.3_8.3.16-0lenny1.diff.gz
 cc9fdc639a748439c2e45aa8961c29aa953b4513ede73dfef89d20f783d56285 2246368 postgresql-doc-8.3_8.3.16-0lenny1_all.deb
 fe29e4dd3638f885f512c7dd05e86bcf0c9894c6ce79257c517ceb305ca270d2 288642 postgresql_8.3.16-0lenny1_all.deb
 b144f3688f3affdee9ef7e53984aa016f9e4d52f0799cde90748ed9b7a53d494 288628 postgresql-client_8.3.16-0lenny1_all.deb
 1c50567e1cfc7aae3b064bc8bc9411e0459d0649e65bb8eb386889e9affcca00 288458 postgresql-doc_8.3.16-0lenny1_all.deb
 d7f46b79434c2175df0efc3e86d82eb984a8984ac128a8bdfc3271ba4f5feb23 288524 postgresql-contrib_8.3.16-0lenny1_all.deb
 b0bfa78b637bbfae7610cf66bf14d00650a86ac8fdc347bf711f3d9cb59cb6f1 495604 libpq-dev_8.3.16-0lenny1_amd64.deb
 a3ad8809d8ec747a08d63c1db1d3ac7d851885a25b6b259f74929f8bb83a59bb 427138 libpq5_8.3.16-0lenny1_amd64.deb
 e5e6a858729260a9734f4bba6481db74b614f2b70761ef228b85fdb0bc8212cb 317916 libecpg6_8.3.16-0lenny1_amd64.deb
 cfce782f8092be6c37129b4ea3b8f02f93f242c609eb1e50cf2209389d321c3d 508004 libecpg-dev_8.3.16-0lenny1_amd64.deb
 6005ec1914412464b27b61d8c37031aba55aa0c04f02c69b3a6fd97decfac4b6 296590 libecpg-compat3_8.3.16-0lenny1_amd64.deb
 5c01d37a3f126e5e409d23e0f3c04112092bbea2fdbc591d693b83c7d328d71a 318162 libpgtypes3_8.3.16-0lenny1_amd64.deb
 d179988770c6225655484f3a535692c672ac5b32313a49a242502a99ba4e9572 5448656 postgresql-8.3_8.3.16-0lenny1_amd64.deb
 49b28502a634cb2b84c4fd33647a6e3be04eeccb782e27812ef8c802fe5963ea 1743426 postgresql-client-8.3_8.3.16-0lenny1_amd64.deb
 f688a0fd7da130b239fb3630013ed913293308c66266abd138058a8a93f926bc 861002 postgresql-server-dev-8.3_8.3.16-0lenny1_amd64.deb
 96c99a279b150db91734ffdaeb4c7f52075ce2fe0880e027ab85c57dc37b7b5f 653146 postgresql-contrib-8.3_8.3.16-0lenny1_amd64.deb
 dc13d6601eef03809f2406dd894c53867c6d3a6a0a365b10ce73fbcb53758ae4 318100 postgresql-plperl-8.3_8.3.16-0lenny1_amd64.deb
 0a46c5059b4db9ca1e16f8b2d36da5518bc065e5eaccb31d83ef99cd62e727c8 310456 postgresql-plpython-8.3_8.3.16-0lenny1_amd64.deb
 a8f13e70dff2f18b6392ea919da58ac92e2d6a02d65bc7e164e02be04c2014f8 307980 postgresql-pltcl-8.3_8.3.16-0lenny1_amd64.deb
Files: 
 965ea091e36ae8fb6f7dd1852640859b 2312 misc optional postgresql-8.3_8.3.16-0lenny1.dsc
 a6570ace348bf7eaa454de24b56d9362 14030916 misc optional postgresql-8.3_8.3.16.orig.tar.gz
 bc0017231f5cd99aa128f078d1a30854 54258 misc optional postgresql-8.3_8.3.16-0lenny1.diff.gz
 399fe6b9e5539977ee6dd3061e92f59b 2246368 doc optional postgresql-doc-8.3_8.3.16-0lenny1_all.deb
 04aedb269f63805c10fef6fa13b760a3 288642 misc optional postgresql_8.3.16-0lenny1_all.deb
 b7d0ae0fe06d1e1ada7dc395ecccc3a8 288628 misc optional postgresql-client_8.3.16-0lenny1_all.deb
 c45bd6077749a93b0bb6c137dc20888b 288458 doc optional postgresql-doc_8.3.16-0lenny1_all.deb
 805417a26ee8104a562a478d59644f42 288524 misc optional postgresql-contrib_8.3.16-0lenny1_all.deb
 92da1c045a0bfb8e5a058e3cfcd927c4 495604 libdevel optional libpq-dev_8.3.16-0lenny1_amd64.deb
 6087cc75f7f88ff132873912d58691dd 427138 libs optional libpq5_8.3.16-0lenny1_amd64.deb
 c6df246ce6665118132b20ac7ef480ea 317916 libs optional libecpg6_8.3.16-0lenny1_amd64.deb
 832c6fb3374fe3ab5be0a429cfc13874 508004 libdevel optional libecpg-dev_8.3.16-0lenny1_amd64.deb
 97d30f3d715a7579e285ccdf4c759f5d 296590 libs optional libecpg-compat3_8.3.16-0lenny1_amd64.deb
 7accff9689b309cff8b42496566d1a81 318162 libs optional libpgtypes3_8.3.16-0lenny1_amd64.deb
 d3e25552fa3447483d5c320974604f0c 5448656 misc optional postgresql-8.3_8.3.16-0lenny1_amd64.deb
 371773388b633a348c22e7cb3faa84a1 1743426 misc optional postgresql-client-8.3_8.3.16-0lenny1_amd64.deb
 d28b02130786816b8a9813fdb4b19eeb 861002 libdevel optional postgresql-server-dev-8.3_8.3.16-0lenny1_amd64.deb
 ee59361f057fc9caee0e26c23869b1aa 653146 misc optional postgresql-contrib-8.3_8.3.16-0lenny1_amd64.deb
 d8c76484042420be91005eecbe98a9fd 318100 misc optional postgresql-plperl-8.3_8.3.16-0lenny1_amd64.deb
 bc2a0f7f64d311103f1af817c5c42f10 310456 misc optional postgresql-plpython-8.3_8.3.16-0lenny1_amd64.deb
 52b8dc8276d3703adeb479c4086c49da 307980 misc optional postgresql-pltcl-8.3_8.3.16-0lenny1_amd64.deb

-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.9 (GNU/Linux)

iQIcBAEBCAAGBQJOfxeAAAoJEPmIJawmtHuf8iMP/2HjCCBd3YAsa/oi715eOLOo
btnS4CbAeQknw3NIwr+y6hyiVhlsjcQMTdLipSdh9r5WA+hAfj2PAfFOAZAYpzDh
wS+erIrvHKqXkaGEm2gglkDfxHLbCO0PnNCktnpdapTlmPSymVRn2GtgYGbXkZXr
ZUYLFo2cFFdUx/SZToghqWgxN68ESSi4glXrtzcrkRGu2hwfTQoc2YDKgRhqRAZx
0zpWP3NQpn4EAM1dJS1ryV6TvL/dZAGJ5yMmjcIc2AKEypZBLZxU7keLEwfO+4P1
T3HqWwVUlWRaatl12yziMVak6NWrYAmoUjTPLYRXn7JKbOXKX1/ZPxaoF+oYp8Qp
5/Q2ZK2q9L5R5kdYuICM1QUCxKXTKK6mfUG9j+DCYGCGDCG+jgM0w0jvjkfng/gq
vc0aASrY/sAfsPeamCQwmYZOxLCpzAexb5D/6T1fDwm5w6zVNVXpQRCYTWmB2Ecm
SsSWpRsVDG3HK5UlFDzFBz/cb3uHV3WwUdSJf1qfMM0ad6wzTlyHYqL0ExPHh/C2
vGBJOzVn69J/L8Qtl5Q2L9bcATIam5/hgpPPsIQEtWIPFeNazA1rZd6c3EXG9TzF
t66sAgBboIvC7LVMB9ki0zOMl/d+Tu1/oWsRCZ8U4EB3/dUquoMYE01Fgme9ghfP
+pYsOd3TABNHAj3iSwXP
=5GmS
-----END PGP SIGNATURE-----