-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA256

Format: 1.8
Date: Tue, 04 Oct 2011 11:32:12 +0200
Source: postgresql-8.4
Binary: libpq-dev libpq5 libecpg6 libecpg-dev libecpg-compat3 libpgtypes3 postgresql-8.4 postgresql-client-8.4 postgresql-server-dev-8.4 postgresql-doc-8.4 postgresql-contrib-8.4 postgresql-plperl-8.4 postgresql-plpython-8.4 postgresql-pltcl-8.4 postgresql postgresql-client postgresql-doc postgresql-contrib
Architecture: sparc
Version: 8.4.9-0squeeze1
Distribution: squeeze-security
Urgency: low
Maintainer: sparc Build Daemon (schroeder) <buildd_sparc-schroeder@buildd.debian.org>
Changed-By: Martin Pitt <mpitt@debian.org>
Description: 
 libecpg-compat3 - older version of run-time library for ECPG programs
 libecpg-dev - development files for ECPG (Embedded PostgreSQL for C)
 libecpg6   - run-time library for ECPG programs
 libpgtypes3 - shared library libpgtypes for PostgreSQL 8.4
 libpq-dev  - header files for libpq5 (PostgreSQL library)
 libpq5     - PostgreSQL C client library
 postgresql - object-relational SQL database (supported version)
 postgresql-8.4 - object-relational SQL database, version 8.4 server
 postgresql-client - front-end programs for PostgreSQL (supported version)
 postgresql-client-8.4 - front-end programs for PostgreSQL 8.4
 postgresql-contrib - additional facilities for PostgreSQL (supported version)
 postgresql-contrib-8.4 - additional facilities for PostgreSQL
 postgresql-doc - documentation for the PostgreSQL database management system
 postgresql-doc-8.4 - documentation for the PostgreSQL database management system
 postgresql-plperl-8.4 - PL/Perl procedural language for PostgreSQL 8.4
 postgresql-plpython-8.4 - PL/Python procedural language for PostgreSQL 8.4
 postgresql-pltcl-8.4 - PL/Tcl procedural language for PostgreSQL 8.4
 postgresql-server-dev-8.4 - development files for PostgreSQL 8.4 server-side programming
Closes: 628503 631285
Changes: 
 postgresql-8.4 (8.4.9-0squeeze1) stable-security; urgency=low
 .
   * New upstream bug fix/security release:
      - Fix bugs in indexing of in-doubt HOT-updated tuples.
        These bugs could result in index corruption after reindexing a
        system catalog. They are not believed to affect user indexes.
      - Fix multiple bugs in GiST index page split processing.
        The probability of occurrence was low, but these could lead to
        index corruption.
      - Fix possible buffer overrun in tsvector_concat().
        The function could underestimate the amount of memory needed for
        its result, leading to server crashes.
      - Fix crash in xml_recv when processing a "standalone" parameter.
      - Make pg_options_to_table return NULL for an option with no value.
        Previously such cases would result in a server crash.
      - Avoid possibly accessing off the end of memory in "ANALYZE" and in
        SJIS-2004 encoding conversion.
        This fixes some very-low-probability server crash scenarios.
      - Prevent intermittent hang in interactions of startup process with
        bgwriter process.
        This affected recovery in non-hot-standby cases.
      - Fix race condition in relcache init file invalidation.
        There was a window wherein a new backend process could read a stale
        init file but miss the inval messages that would tell it the data
        is stale. The result would be bizarre failures in catalog accesses,
        typically "could not read block 0 in file ..." later during
        startup.
      - Fix memory leak at end of a GiST index scan.
        Commands that perform many separate GiST index scans, such as
        verification of a new GiST-based exclusion constraint on a table
        already containing many rows, could transiently require large
        amounts of memory due to this leak.
      - Fix incorrect memory accounting (leading to possible memory bloat)
        in tuplestores supporting holdable cursors and plpgsql's RETURN
        NEXT command.
      - Fix performance problem when constructing a large, lossy bitmap.
      - Fix join selectivity estimation for unique columns.
        This fixes an erroneous planner heuristic that could lead to poor
        estimates of the result size of a join.
      - Fix nested PlaceHolderVar expressions that appear only in
        sub-select target lists. This mistake could result in outputs of an
        outer join incorrectly appearing as NULL.
      - Allow nested EXISTS queries to be optimized properly.
      - Fix array- and path-creating functions to ensure padding bytes are
        zeroes.  This avoids some situations where the planner will think that
        semantically-equal constants are not equal, resulting in poor
        optimization.
      - Fix "EXPLAIN" to handle gating Result nodes within inner-indexscan
        subplans.  The usual symptom of this oversight was "bogus varno" errors.
      - Work around gcc 4.6.0 bug that breaks WAL replay.  This could lead to
        loss of committed transactions after a server crash.
      - Fix dump bug for VALUES in a view.
      - Disallow SELECT FOR UPDATE/SHARE on sequences.
        This operation doesn't work as expected and can lead to failures.
      - Fix "VACUUM" so that it always updates pg_class.reltuples/relpages.
        This fixes some scenarios where autovacuum could make increasingly
        poor decisions about when to vacuum tables.
      - Defend against integer overflow when computing size of a hash table.
      - Fix cases where "CLUSTER" might attempt to access already-removed
        TOAST data.
      - Fix portability bugs in use of credentials control messages for
        "peer" authentication.
      - Fix SSPI login when multiple roundtrips are required.
        The typical symptom of this problem was "The function requested is
        not supported" errors during SSPI login.
      - Throw an error if "pg_hba.conf" contains hostssl but SSL is
        disabled.  This was concluded to be more user-friendly than the
        previous behavior of silently ignoring such lines.
      - Fix typo in pg_srand48 seed initialization.
        This led to failure to use all bits of the provided seed. This
        function is not used on most platforms (only those without
        srandom), and the potential security exposure from a
        less-random-than-expected seed seems minimal in any case.
      - Avoid integer overflow when the sum of LIMIT and OFFSET values
        exceeds 2^63.
      - Add overflow checks to int4 and int8 versions of generate_series().
      - Fix trailing-zero removal in to_char().  In a format with FM and no
        digit positions after the decimal point, zeroes to the left of the
        decimal point could be removed incorrectly.
      - Fix pg_size_pretty() to avoid overflow for inputs close to 2^63.
      - Weaken plpgsql's check for typmod matching in record values.
        An overly enthusiastic check could lead to discarding length
        modifiers that should have been kept.
      - Fix pg_upgrade to preserve toast tables' relfrozenxids during an
        upgrade from 8.3. Failure to do this could lead to "pg_clog" files
        being removed too soon after the upgrade.
      - Fix psql's counting of script file line numbers during COPY from a
        different file.
      - Fix pg_restore's direct-to-database mode for
        standard_conforming_strings.  pg_restore could emit incorrect commands
        when restoring directly to a database server from an archive file that
        had been made with standard_conforming_strings set to on.
      - Be more user-friendly about unsupported cases for parallel
        pg_restore.  This change ensures that such cases are detected and
        reported before any restore actions have been taken.
      - Fix write-past-buffer-end and memory leak in libpq's LDAP service
        lookup code.
      - In libpq, avoid failures when using nonblocking I/O and an SSL
        connection.
      - Improve libpq's handling of failures during connection startup.
        In particular, the response to a server report of fork() failure
        during SSL connection startup is now saner.
      - Improve libpq's error reporting for SSL failures.
      - Fix PQsetvalue() to avoid possible crash when adding a new tuple to
        a PGresult originally obtained from a server query.
      - Make ecpglib write double values with 15 digits precision.
      - In ecpglib, be sure LC_NUMERIC setting is restored after an error.
      - Apply upstream fix for blowfish signed-character bug
        (CVE-2011-2483) (Closes: #631285)
        "contrib/pg_crypto"'s blowfish encryption code could give wrong
        results on platforms where char is signed (which is most), leading
        to encrypted passwords being weaker than they should be.
      - Fix memory leak in "contrib/seg".
      - Fix pgstatindex() to give consistent results for empty indexes.
      - Allow building with perl 5.14. (Closes: #628503)
   * 15-revert-typmod-check.patch: Update for new upstream release.
Checksums-Sha1: 
 7760605d7dd9975259bf0bc16675d878e14fe3c1 231724 libpq-dev_8.4.9-0squeeze1_sparc.deb
 e2977810cc59cddefefa2f632ba3b2f7b0ddbac2 153444 libpq5_8.4.9-0squeeze1_sparc.deb
 10f1a44b061a9691bff3d6f56f83ce2efa05ba04 94546 libecpg6_8.4.9-0squeeze1_sparc.deb
 f3ce34b1913bf56381c99e793d17864d251cdf41 252186 libecpg-dev_8.4.9-0squeeze1_sparc.deb
 f666f3f03349d77c0f8df5cb71351459e506bc48 30310 libecpg-compat3_8.4.9-0squeeze1_sparc.deb
 a0e3f83c8e1f08bb3d18c87f04c4246c9159c0d9 52752 libpgtypes3_8.4.9-0squeeze1_sparc.deb
 197533f367af5335e67e68f77bdfd502d86d8332 5619898 postgresql-8.4_8.4.9-0squeeze1_sparc.deb
 4fd8287776a14df8adf9fadca21e1a0f79d6f544 1473624 postgresql-client-8.4_8.4.9-0squeeze1_sparc.deb
 e65bb7b35a33cf2e630e250b6f7dd140a7d0dbe7 644236 postgresql-server-dev-8.4_8.4.9-0squeeze1_sparc.deb
 8e66ad0229bbbc829b78fe80904c3f57a50cb48d 396258 postgresql-contrib-8.4_8.4.9-0squeeze1_sparc.deb
 e9e7a5dcbd1f93f67ff504fc946dbee7cee3ab25 58078 postgresql-plperl-8.4_8.4.9-0squeeze1_sparc.deb
 ec2b050d0d2c36765b2903cadfe15006224f093a 57198 postgresql-plpython-8.4_8.4.9-0squeeze1_sparc.deb
 c8b61a1375d9dc256ac717606d6c4b884c7284e8 45480 postgresql-pltcl-8.4_8.4.9-0squeeze1_sparc.deb
Checksums-Sha256: 
 c287215bd7726d65a97316a1fbdb305b3625cb545352b170932c097e3e8e4ba6 231724 libpq-dev_8.4.9-0squeeze1_sparc.deb
 87a04ffb7ca7e581086c56d73df8891213e1345ff149bb22f055eff2ab419792 153444 libpq5_8.4.9-0squeeze1_sparc.deb
 67a25b7cff6aafb704b1e15dcf9cad8cdd582652c968711335347830f5b72d5c 94546 libecpg6_8.4.9-0squeeze1_sparc.deb
 1c15c4017138c93f60704ecce3d2e265338742413774d46aa682d3a496d54bc4 252186 libecpg-dev_8.4.9-0squeeze1_sparc.deb
 51d9ba11b93ec4d6cb42d21c6378da84f494458f9e30dfc5283bd41487ae21c7 30310 libecpg-compat3_8.4.9-0squeeze1_sparc.deb
 b8bcae6c8879d24b0804d678c1224dc3f9660c5b75142e178eec4e53e8d2fedc 52752 libpgtypes3_8.4.9-0squeeze1_sparc.deb
 95eb3ab723b2b654600e6bbb290176f62ca42686a3c9a918063d1e16843269e3 5619898 postgresql-8.4_8.4.9-0squeeze1_sparc.deb
 ca338601ad2c4d056c416aac6421dc7a63f486bac24835b963aceb01a8d53ea9 1473624 postgresql-client-8.4_8.4.9-0squeeze1_sparc.deb
 03467edef762cc71fec922a6ddea37e7e20cc0a17163ff5c99f613655be9cfe1 644236 postgresql-server-dev-8.4_8.4.9-0squeeze1_sparc.deb
 c0b00263a4ce30d6138369ee53a2f5f517f7ecaa3d5f6bdafed5477f3c3fb04a 396258 postgresql-contrib-8.4_8.4.9-0squeeze1_sparc.deb
 88b4d1699f8480e549727d4bc310e541c6dd6e8de0ffffe603fecf19a4d2a8d9 58078 postgresql-plperl-8.4_8.4.9-0squeeze1_sparc.deb
 da07f9763567a37edc28e0f7a40d394380f6da328c311e3820f3c8eec357c03d 57198 postgresql-plpython-8.4_8.4.9-0squeeze1_sparc.deb
 fd2878986c8ae99189765ac60c179760ff2c4492af58f9a691e32da8243d6ecf 45480 postgresql-pltcl-8.4_8.4.9-0squeeze1_sparc.deb
Files: 
 229aad8f121f172df293af16082f77d3 231724 libdevel optional libpq-dev_8.4.9-0squeeze1_sparc.deb
 429622aa4d539ff1e4096022313f4432 153444 libs optional libpq5_8.4.9-0squeeze1_sparc.deb
 d812bfa3e54042432ccbf1e32a154971 94546 libs optional libecpg6_8.4.9-0squeeze1_sparc.deb
 34b85f8d7bac703b540eac2bcfd1cb62 252186 libdevel optional libecpg-dev_8.4.9-0squeeze1_sparc.deb
 d532820f9a01e9579bf9d488cd15107d 30310 libs optional libecpg-compat3_8.4.9-0squeeze1_sparc.deb
 d366d8749c58bd2f209c0d55e61e8648 52752 libs optional libpgtypes3_8.4.9-0squeeze1_sparc.deb
 1078b214ba9742507bf58fd074cf808e 5619898 database optional postgresql-8.4_8.4.9-0squeeze1_sparc.deb
 b9a500be430091007c029aae4596b02b 1473624 database optional postgresql-client-8.4_8.4.9-0squeeze1_sparc.deb
 d134f366740659f2cd4d178b13089e26 644236 libdevel optional postgresql-server-dev-8.4_8.4.9-0squeeze1_sparc.deb
 582696831e4831bae3c5f096ed9d1f2c 396258 database optional postgresql-contrib-8.4_8.4.9-0squeeze1_sparc.deb
 19531062d68f709a4be6cb0d7a5491a8 58078 database optional postgresql-plperl-8.4_8.4.9-0squeeze1_sparc.deb
 aed2e37830d4fe66578a94b9993b1c4a 57198 database optional postgresql-plpython-8.4_8.4.9-0squeeze1_sparc.deb
 942e979c97b8d3e1cba72bb2bfa5fa28 45480 database optional postgresql-pltcl-8.4_8.4.9-0squeeze1_sparc.deb

-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.10 (GNU/Linux)

iQIcBAEBCAAGBQJOm8tiAAoJEFDt1Ed8OSsY7esP/jnlO9BgMbpcptwVfx0lbkS/
NKoSQOEb3Esztj9H440g8p0c1nLNIPRk6MA8HVCuA0+HuLyBld3QMG5lMc91TyGT
XRay6C7kLlNx1dndubs+2evIhg9q9YjEw+sgG7YJRgKjY+Ip+MIagKdHfDkJ7rtP
dnTVp8x6KV1a+U7ouMOmz9R4lrNZmpUY0hrGf/lIBQk4hfKkA+O7bKqjaXbyYnhM
nVNIKuvhFJBnnBCAHGQBGU7pHIerVI6jc8gtcJ7PR9IpgPXX8T6K4J2PdezvZ1lq
kW/6SyMOaYqytXLe2TkgPO3jD1LGOMopLdwI7juf4mviMYXBAz/tO41FjWPgKEOV
5EbNU0h1JLqBarghxf4zCEqrhXhtWsmZKQVoqzll7YG3bEdZL1dFcNhU71O+1b7F
od4BhBu+vKW3Yi+pZkeIxev7d0PI9X518EP5LydukPfDXQYy7luNc1X4QuYjRLb7
NcOiiG4rBZYgc5dkY9GbNRn4SAQkVRfEy2S0JLUugXacscesIw/krGv0UcxFakOk
GKm9JvrqqTHnMy2TJYz2A901ExrlSj3hinaswOK9xT4AfDmrqy65rncRYiYXh7SA
WTFW3BAz1QXtDBrVAcWe0nxemAVpHy+h6RVFORaiEg09lbPvvY3ZKhVgicA8jVA/
ekJYsygQVpo24OnZrlMc
=8feN
-----END PGP SIGNATURE-----