-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

Format: 1.8
Date: Tue, 04 Oct 2011 11:32:12 +0200
Source: postgresql-8.4
Binary: libpq-dev libpq5 libecpg6 libecpg-dev libecpg-compat3 libpgtypes3 postgresql-8.4 postgresql-client-8.4 postgresql-server-dev-8.4 postgresql-doc-8.4 postgresql-contrib-8.4 postgresql-plperl-8.4 postgresql-plpython-8.4 postgresql-pltcl-8.4 postgresql postgresql-client postgresql-doc postgresql-contrib
Architecture: mips
Version: 8.4.9-0squeeze1
Distribution: squeeze-security
Urgency: low
Maintainer: mips Build Daemon (corelli) <buildd_mips-corelli2@buildd.debian.org>
Changed-By: Martin Pitt <mpitt@debian.org>
Description: 
 libecpg-compat3 - older version of run-time library for ECPG programs
 libecpg-dev - development files for ECPG (Embedded PostgreSQL for C)
 libecpg6   - run-time library for ECPG programs
 libpgtypes3 - shared library libpgtypes for PostgreSQL 8.4
 libpq-dev  - header files for libpq5 (PostgreSQL library)
 libpq5     - PostgreSQL C client library
 postgresql - object-relational SQL database (supported version)
 postgresql-8.4 - object-relational SQL database, version 8.4 server
 postgresql-client - front-end programs for PostgreSQL (supported version)
 postgresql-client-8.4 - front-end programs for PostgreSQL 8.4
 postgresql-contrib - additional facilities for PostgreSQL (supported version)
 postgresql-contrib-8.4 - additional facilities for PostgreSQL
 postgresql-doc - documentation for the PostgreSQL database management system
 postgresql-doc-8.4 - documentation for the PostgreSQL database management system
 postgresql-plperl-8.4 - PL/Perl procedural language for PostgreSQL 8.4
 postgresql-plpython-8.4 - PL/Python procedural language for PostgreSQL 8.4
 postgresql-pltcl-8.4 - PL/Tcl procedural language for PostgreSQL 8.4
 postgresql-server-dev-8.4 - development files for PostgreSQL 8.4 server-side programming
Closes: 628503 631285
Changes: 
 postgresql-8.4 (8.4.9-0squeeze1) stable-security; urgency=low
 .
   * New upstream bug fix/security release:
      - Fix bugs in indexing of in-doubt HOT-updated tuples.
        These bugs could result in index corruption after reindexing a
        system catalog. They are not believed to affect user indexes.
      - Fix multiple bugs in GiST index page split processing.
        The probability of occurrence was low, but these could lead to
        index corruption.
      - Fix possible buffer overrun in tsvector_concat().
        The function could underestimate the amount of memory needed for
        its result, leading to server crashes.
      - Fix crash in xml_recv when processing a "standalone" parameter.
      - Make pg_options_to_table return NULL for an option with no value.
        Previously such cases would result in a server crash.
      - Avoid possibly accessing off the end of memory in "ANALYZE" and in
        SJIS-2004 encoding conversion.
        This fixes some very-low-probability server crash scenarios.
      - Prevent intermittent hang in interactions of startup process with
        bgwriter process.
        This affected recovery in non-hot-standby cases.
      - Fix race condition in relcache init file invalidation.
        There was a window wherein a new backend process could read a stale
        init file but miss the inval messages that would tell it the data
        is stale. The result would be bizarre failures in catalog accesses,
        typically "could not read block 0 in file ..." later during
        startup.
      - Fix memory leak at end of a GiST index scan.
        Commands that perform many separate GiST index scans, such as
        verification of a new GiST-based exclusion constraint on a table
        already containing many rows, could transiently require large
        amounts of memory due to this leak.
      - Fix incorrect memory accounting (leading to possible memory bloat)
        in tuplestores supporting holdable cursors and plpgsql's RETURN
        NEXT command.
      - Fix performance problem when constructing a large, lossy bitmap.
      - Fix join selectivity estimation for unique columns.
        This fixes an erroneous planner heuristic that could lead to poor
        estimates of the result size of a join.
      - Fix nested PlaceHolderVar expressions that appear only in
        sub-select target lists. This mistake could result in outputs of an
        outer join incorrectly appearing as NULL.
      - Allow nested EXISTS queries to be optimized properly.
      - Fix array- and path-creating functions to ensure padding bytes are
        zeroes.  This avoids some situations where the planner will think that
        semantically-equal constants are not equal, resulting in poor
        optimization.
      - Fix "EXPLAIN" to handle gating Result nodes within inner-indexscan
        subplans.  The usual symptom of this oversight was "bogus varno" errors.
      - Work around gcc 4.6.0 bug that breaks WAL replay.  This could lead to
        loss of committed transactions after a server crash.
      - Fix dump bug for VALUES in a view.
      - Disallow SELECT FOR UPDATE/SHARE on sequences.
        This operation doesn't work as expected and can lead to failures.
      - Fix "VACUUM" so that it always updates pg_class.reltuples/relpages.
        This fixes some scenarios where autovacuum could make increasingly
        poor decisions about when to vacuum tables.
      - Defend against integer overflow when computing size of a hash table.
      - Fix cases where "CLUSTER" might attempt to access already-removed
        TOAST data.
      - Fix portability bugs in use of credentials control messages for
        "peer" authentication.
      - Fix SSPI login when multiple roundtrips are required.
        The typical symptom of this problem was "The function requested is
        not supported" errors during SSPI login.
      - Throw an error if "pg_hba.conf" contains hostssl but SSL is
        disabled.  This was concluded to be more user-friendly than the
        previous behavior of silently ignoring such lines.
      - Fix typo in pg_srand48 seed initialization.
        This led to failure to use all bits of the provided seed. This
        function is not used on most platforms (only those without
        srandom), and the potential security exposure from a
        less-random-than-expected seed seems minimal in any case.
      - Avoid integer overflow when the sum of LIMIT and OFFSET values
        exceeds 2^63.
      - Add overflow checks to int4 and int8 versions of generate_series().
      - Fix trailing-zero removal in to_char().  In a format with FM and no
        digit positions after the decimal point, zeroes to the left of the
        decimal point could be removed incorrectly.
      - Fix pg_size_pretty() to avoid overflow for inputs close to 2^63.
      - Weaken plpgsql's check for typmod matching in record values.
        An overly enthusiastic check could lead to discarding length
        modifiers that should have been kept.
      - Fix pg_upgrade to preserve toast tables' relfrozenxids during an
        upgrade from 8.3. Failure to do this could lead to "pg_clog" files
        being removed too soon after the upgrade.
      - Fix psql's counting of script file line numbers during COPY from a
        different file.
      - Fix pg_restore's direct-to-database mode for
        standard_conforming_strings.  pg_restore could emit incorrect commands
        when restoring directly to a database server from an archive file that
        had been made with standard_conforming_strings set to on.
      - Be more user-friendly about unsupported cases for parallel
        pg_restore.  This change ensures that such cases are detected and
        reported before any restore actions have been taken.
      - Fix write-past-buffer-end and memory leak in libpq's LDAP service
        lookup code.
      - In libpq, avoid failures when using nonblocking I/O and an SSL
        connection.
      - Improve libpq's handling of failures during connection startup.
        In particular, the response to a server report of fork() failure
        during SSL connection startup is now saner.
      - Improve libpq's error reporting for SSL failures.
      - Fix PQsetvalue() to avoid possible crash when adding a new tuple to
        a PGresult originally obtained from a server query.
      - Make ecpglib write double values with 15 digits precision.
      - In ecpglib, be sure LC_NUMERIC setting is restored after an error.
      - Apply upstream fix for blowfish signed-character bug
        (CVE-2011-2483) (Closes: #631285)
        "contrib/pg_crypto"'s blowfish encryption code could give wrong
        results on platforms where char is signed (which is most), leading
        to encrypted passwords being weaker than they should be.
      - Fix memory leak in "contrib/seg".
      - Fix pgstatindex() to give consistent results for empty indexes.
      - Allow building with perl 5.14. (Closes: #628503)
   * 15-revert-typmod-check.patch: Update for new upstream release.
Checksums-Sha1: 
 1c80c3f3e346b43e9f50a9850cdb50e5bc99868d 244040 libpq-dev_8.4.9-0squeeze1_mips.deb
 f13f93c7889fca15d788d9c42767a2721f72da00 154202 libpq5_8.4.9-0squeeze1_mips.deb
 7e6a9e213905cf719ce0433cd8913fb10b941d42 95460 libecpg6_8.4.9-0squeeze1_mips.deb
 00d972649c4ef3885a8f9796120173dc54b81175 251232 libecpg-dev_8.4.9-0squeeze1_mips.deb
 3b48b75a163399e5e4b5baa27192fb66ed3c079c 30000 libecpg-compat3_8.4.9-0squeeze1_mips.deb
 4efe543312ce87ca7f1729f244ec014991b44075 56530 libpgtypes3_8.4.9-0squeeze1_mips.deb
 f1b615f80d35d7c8ff1061c16684d06adea6079a 5648062 postgresql-8.4_8.4.9-0squeeze1_mips.deb
 5037fb31255fe84c8686b5010df4f6c48e68e091 1446560 postgresql-client-8.4_8.4.9-0squeeze1_mips.deb
 9c9b31b99a13af2191c8b21e5ace60e479260aa4 642010 postgresql-server-dev-8.4_8.4.9-0squeeze1_mips.deb
 857fbc44817da00ce9b61c84ae1008e556b8ec28 391494 postgresql-contrib-8.4_8.4.9-0squeeze1_mips.deb
 4fbe8fc3638cd079162dfb25ed6cd1c05b749ea4 55704 postgresql-plperl-8.4_8.4.9-0squeeze1_mips.deb
 1d417203d3b2a2c481ca5e9b613d7e792fc2bfb6 59104 postgresql-plpython-8.4_8.4.9-0squeeze1_mips.deb
 2a7f8fe26326ee0607a91df3003dfa4e4b8008bd 45636 postgresql-pltcl-8.4_8.4.9-0squeeze1_mips.deb
Checksums-Sha256: 
 a83abfe713cba7303b14025a3bfb21b7d529d53323908195e817325717cd0165 244040 libpq-dev_8.4.9-0squeeze1_mips.deb
 c8b570d407c754a7c9bb4551ba0cd8872311d2465137daf0d111a63bfbead10d 154202 libpq5_8.4.9-0squeeze1_mips.deb
 2080c92fca6ca5393d84b84b6c8802fca174686df827faf4929ef702540278d1 95460 libecpg6_8.4.9-0squeeze1_mips.deb
 0bc14914d306d743728174cfc9a0525a3355bd3f976cc7d0cab149f04b7a6be8 251232 libecpg-dev_8.4.9-0squeeze1_mips.deb
 cefc44a7b1faf26cab6bcd98b92f14ccc4bd2573661da6b635b8d02e50345e85 30000 libecpg-compat3_8.4.9-0squeeze1_mips.deb
 31693f264778194e4d053334110823c0fdc52f707f656f4ae8c26fcca2166c05 56530 libpgtypes3_8.4.9-0squeeze1_mips.deb
 62dcf9ef6dd739812f384b5cc9453a7a4182355e905fffd0b77bdba41f05670c 5648062 postgresql-8.4_8.4.9-0squeeze1_mips.deb
 ca370a10714d22dad4664a4da7f21a072f632a7332ffdeebf992bc01b2c75faa 1446560 postgresql-client-8.4_8.4.9-0squeeze1_mips.deb
 85542e357845a7a488b1de478b325620cc7a0714c7e39872e81617c2f8c5c416 642010 postgresql-server-dev-8.4_8.4.9-0squeeze1_mips.deb
 c95e88a407c00707ef420ac2383d0104253bb15ff78c999c591f12e6589d5638 391494 postgresql-contrib-8.4_8.4.9-0squeeze1_mips.deb
 7d1597b6e1988d983a93265f7dbd5b0c27590128c90bc0d940c3c951f936332c 55704 postgresql-plperl-8.4_8.4.9-0squeeze1_mips.deb
 35447a49986b25e2956baa4c9755076984a006d4fcd754fbfe570644702d5dac 59104 postgresql-plpython-8.4_8.4.9-0squeeze1_mips.deb
 0b6f83cbb17ec878cdb068d011704b28b6477a1e533bf2364a4f9127c1485fea 45636 postgresql-pltcl-8.4_8.4.9-0squeeze1_mips.deb
Files: 
 863a89bdd8e4d717cb10be3ffd645bfd 244040 libdevel optional libpq-dev_8.4.9-0squeeze1_mips.deb
 586b53e70e0aa632968a39ec8b3cf784 154202 libs optional libpq5_8.4.9-0squeeze1_mips.deb
 489b776a3a3525685c93735b01e51cdb 95460 libs optional libecpg6_8.4.9-0squeeze1_mips.deb
 860a213223332879a96b673766eaeb33 251232 libdevel optional libecpg-dev_8.4.9-0squeeze1_mips.deb
 a09758c5a17000d0f70bdbf34850baba 30000 libs optional libecpg-compat3_8.4.9-0squeeze1_mips.deb
 d78f5334706a0596c27b5826bb4754cb 56530 libs optional libpgtypes3_8.4.9-0squeeze1_mips.deb
 341ec56490dcb6700ba685a685655864 5648062 database optional postgresql-8.4_8.4.9-0squeeze1_mips.deb
 4e0318d82f3fb689f4b03956e53a24cb 1446560 database optional postgresql-client-8.4_8.4.9-0squeeze1_mips.deb
 635ac0fab169109224d7763a230bc313 642010 libdevel optional postgresql-server-dev-8.4_8.4.9-0squeeze1_mips.deb
 add71cf77c56f5b46f9bd71134d7eadf 391494 database optional postgresql-contrib-8.4_8.4.9-0squeeze1_mips.deb
 df517de29544b818dfe8f32a1fb91564 55704 database optional postgresql-plperl-8.4_8.4.9-0squeeze1_mips.deb
 fabc80c81b4931e41fda27fde1310504 59104 database optional postgresql-plpython-8.4_8.4.9-0squeeze1_mips.deb
 fc52b5c9ef2527156f88f4c44dba0f52 45636 database optional postgresql-pltcl-8.4_8.4.9-0squeeze1_mips.deb

-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.9 (GNU/Linux)

iQIcBAEBAgAGBQJOm+C0AAoJELcyWGdNnMAmTOQP/1MbVBh+xKNlQ+Bncf1JHLbU
SKcansX0O91+/eyvWc8W1gLJBGsIrOZyDdTgjwP6ufWJljnN+JMd48hSIr7T/cJA
L/GJyYvBt/egLtrnAyIT+0PWLE4GSsj+j5ec8T5ElU8DNzWvAm6CzGrKGJAXmR0s
jju5mpz8t7iTa+su/XzvzuAgUQqHYUREM2XFHNpRGgeIiA6cuVIXyS+ywwK1ADFJ
l8ow0xR3tGlfaPpKdc4+XiS7z3K5yfyCHF6xvupMFqmu4vxcIwtYpv2RqI97I3TH
ndV/aTb5eTFexKxbmhH10ISAckNYkKTple3fqN0arUAGe1peHSXvzO6z+6QB8OEQ
SEZYsLOstSeRDzXGYL+cnPwg65DSmrjtxG1wUoFSeFCPebMao7cuT8vd2ftuNsiq
pMYFeiaX4F/OGjTRGYH8y2ZckYApircdLTztVHxYWPpykNlx0Ur0KpO57ofwE41u
tnsfzit+p0jptBn5YWfBg2UzIzzSz0qri4EO2ZCX8dBLX6L57Jy2I9PzX2nB9y1Y
52JNJ+RGiQqoUifViBnbTea+lpLlKalHj4F3i6qya/M3nirvhu9Mir1bDWlo6HDT
AwABmN28eQMdXh2iVOanRHyyyA+0B2cEz0tKhwXN326osBPkTBHKaYlL/rj6/Yq4
UOrh2q2TDBY6GKTR5p4a
=XSF7
-----END PGP SIGNATURE-----