postgresql-8.1 (8.1.11-0ubuntu0.6.06.1) dapper-security; urgency=low * New upstream security/bugfix release: - Prevent functions in indexes from executing with the privileges of the user running "VACUUM", "ANALYZE", etc. "SET ROLE" is now forbidden within a SECURITY DEFINER context. [CVE-2007-6600] - Suitably crafted regular-expression patterns could cause crashes, infinite or near-infinite looping, and/or massive memory consumption, all of which pose denial-of-service hazards for applications that accept regex search patterns from untrustworthy sources. [CVE-2007-4769, CVE-2007-4772, CVE-2007-6067] - Require non-superusers who use "/contrib/dblink" to use only password authentication, as a security measure. The fix that appeared for this in 8.2.5 was incomplete, as it plugged the hole for only some "dblink" functions. [CVE-2007-6601, CVE-2007-3278] - Fix planner failure in some cases of WHERE false AND var IN (SELECT ...). - Preserve the tablespace and storage parameters of indexes that are rebuilt by "ALTER TABLE ... ALTER COLUMN TYPE". - Make archive recovery always start a new WAL timeline, rather than only when a recovery stop time was used. This avoids a corner-case risk of trying to overwrite an existing archived copy of the last WAL segment, and seems simpler and cleaner than the original definition. - Make "VACUUM" not use all of maintenance_work_mem when the table is too small for it to be useful. - Fix potential crash in translate() when using a multibyte database encoding. - Fix overflow in extract(epoch from interval) for intervals exceeding 68 years. - Fix PL/Perl to not fail when a UTF-8 regular expression is used in a trusted function. - Fix PL/Python to not crash on long exception messages. - Fix pg_dump to correctly handle inheritance child tables that have default expressions different from their parent's. - Fix libpq crash when PGPASSFILE refers to a file that is not a plain file. - ecpg parser fixes. - Make "contrib/tablefunc"'s crosstab() handle NULL rowid as a category in its own right, rather than crashing. - Fix tsvector and tsquery output routines to escape backslashes correctly. - Fix crash of to_tsvector() on huge input strings. * Use the timezone database from the system tzdata instead of shipping our own. - debian/patches/04-timezone-symlinks.patch: Drop previous hardlink-to-symlink patch to zic, since that is irrelevant now. Replace the patch with a Makefile change that just symlinks /usr/share/zoneinfo to where postgresql previously installed its own tzdata copy. - debian/control: Add locales dependency (which contains tzdata in dapper). - debian/postgresql-8.1.install: Install the 'timezone' symlink, not the files in the dereferenced directory. - debian/postgresql-8.1.postinst: Replace the timezone directory with the symlink on upgrades, since dpkg does not do that automatically. Without this, we'd end up with an empty timezone directory. -- Martin Pitt Sat, 05 Jan 2008 19:26:49 +0100 postgresql-8.1 (8.1.10-0ubuntu0.6.06.1) dapper-proposed; urgency=low * New upstream bugfix release: - Require non-superusers who use "/contrib/dblink" to use only password authentication, as a security measure. [CVE-2007-3278, CVE-2007-3280] - Make "CREATE DOMAIN ... DEFAULT NULL" work properly. - Allow the interval data type to accept input consisting only of milliseconds or microseconds. - Speed up rtree index insertion. - Fix excessive logging of SSL error messages. - Fix logging so that log messages are never interleaved when using the syslogger process. - Fix crash when log_min_error_statement logging runs out of memory. - Fix incorrect handling of some foreign-key corner cases. - Prevent "REINDEX" and "CLUSTER" from failing due to attempting to process temporary tables of other sessions. - Update the time zone database rules, particularly New Zealand's upcoming changes. -- Martin Pitt Wed, 19 Sep 2007 10:47:22 +0200 postgresql-8.1 (8.1.9-0ubuntu0.6.06) dapper-security; urgency=low * New upstream security/bugfix release: - Support explicit placement of the temporary-table schema within search_path, and disable searching it for functions and operators. This is needed to allow a security-definer function to set a truly secure value of search_path. Without it, an unprivileged SQL user can use temporary objects to execute code with the privileges of the security-definer function (CVE-2007-2138). See "CREATE FUNCTION" for more information. - "/contrib/tsearch2" crash fixes. - Require "COMMIT PREPARED" to be executed in the same database as the transaction was prepared in. - Fix potential-data-corruption bug in how "VACUUM FULL" handles "UPDATE" chains. - Planner fixes, including improving outer join and bitmap scan selection logic. - Fix PANIC during enlargement of a hash index (bug introduced in 8.1.6). - Fix POSIX-style timezone specs to follow new USA DST rules. -- Martin Pitt Mon, 23 Apr 2007 09:44:15 +0200 postgresql-8.1 (8.1.8-0ubuntu6.06.1) dapper-security; urgency=low * No-change upload, previous upload got lost in a ssh disconnect. -- Martin Pitt Fri, 9 Feb 2007 17:48:55 +0100 postgresql-8.1 (8.1.8-0ubuntu6.06) dapper-security; urgency=low * Upgraded to new upstream microrelease: - Fix another overzealous type check. - Two handfuls of non-security, but important bug fixes. * Remove the following patches (these were backported from the 8.1.x upstrem releases): - 00upstream-disable-update-aggregates.patch - 00upstream-duration-logging-crash.patch - 00upstream-max-utf8-wchar-len.patch - 00upstream-sql-fun-typecheck.patch - 00upstream-table-plan-consistency.patch - 00upstream-unknown-array-coerce.patch - 00upstream-zzz-sql-fun-typecheck-regression.patch -- Martin Pitt Fri, 9 Feb 2007 08:59:45 +0100 postgresql-8.1 (8.1.4-0ubuntu1.3) dapper-security; urgency=low * Add debian/patches/00upstream-zzz-sql-fun-typecheck-regression.patch: Fix overzealous type checks in some cases. Closes: LP#83505 -- Martin Pitt Tue, 6 Feb 2007 18:59:38 +0100 postgresql-8.1 (8.1.4-0ubuntu1.2) dapper-security; urgency=low * SECURITY UPDATE: Read out arbitrary memory locations from the server, local DoS. * Add debian/patches/00upstream-sql-fun-typecheck.patch: - Repair insufficiently careful type checking for SQL-language functions. Not only can one trivially crash the backend, but with appropriate misuse of pass-by-reference datatypes it is possible to read out arbitrary locations in the server process's memory, which could allow retrieving database content the user should not be able to see. - Discovered by Jeff Trout. - Patch backported from 8.1.7 from CVS: http://developer.postgresql.org/cvsweb.cgi/pgsql/src/backend/executor/functions.c.diff?r1=1.98.2.2;r2=1.98.2.3 http://developer.postgresql.org/cvsweb.cgi/pgsql/src/backend/optimizer/util/clauses.c.diff?r1=1.201.2.1;r2=1.201.2.2 - CVE-2007-0555 * Add debian/patches/00upstream-table-plan-consistency.patch: - Check that a table is still compatible with a previously made query plan. Use of ALTER COLUMN TYPE creates a hazard for cached query plans: they could contain vars that claim a column has a different type than it now has. Not only can one trivially crash the backend, but with appropriate misuse of pass-by-reference datatypes it is possible to read out arbitrary locations in the server process's memory, which could allow retrieving database content the user should not be able to see. - Discovered by Jeff Trout. - Patch backported from 8.1.7 from CVS: http://developer.postgresql.org/cvsweb.cgi/pgsql/src/backend/commands/tablecmds.c.diff?r1=1.174.2.3;r2=1.174.2.4 http://developer.postgresql.org/cvsweb.cgi/pgsql/src/backend/executor/execQual.c.diff?r1=1.183.2.4;r2=1.183.2.5 http://developer.postgresql.org/cvsweb.cgi/pgsql/src/backend/executor/execScan.c.diff?r1=1.37.2.1;r2=1.37.2.2 http://developer.postgresql.org/cvsweb.cgi/pgsql/src/backend/executor/execUtils.c.diff?r1=1.126.2.3;r2=1.126.2.4 http://developer.postgresql.org/cvsweb.cgi/pgsql/src/backend/executor/nodeAgg.c.diff?r1=1.135.2.1;r2=1.135.2.2 http://developer.postgresql.org/cvsweb.cgi/pgsql/src/backend/executor/nodeGroup.c.diff?r1=1.62;r2=1.62.2.1 http://developer.postgresql.org/cvsweb.cgi/pgsql/src/backend/executor/nodeHashjoin.c.diff?r1=1.75.2.3;r2=1.75.2.4 http://developer.postgresql.org/cvsweb.cgi/pgsql/src/backend/executor/nodeMergejoin.c.diff?r1=1.75.2.2;r2=1.75.2.3 http://developer.postgresql.org/cvsweb.cgi/pgsql/src/backend/executor/nodeNestloop.c.diff?r1=1.39.2.1;r2=1.39.2.2 http://developer.postgresql.org/cvsweb.cgi/pgsql/src/backend/executor/nodeResult.c.diff?r1=1.32.2.1;r2=1.32.2.2 http://developer.postgresql.org/cvsweb.cgi/pgsql/src/backend/executor/nodeSubplan.c.diff?r1=1.70.2.1;r2=1.70.2.2 http://developer.postgresql.org/cvsweb.cgi/pgsql/src/include/executor/executor.h.diff?r1=1.120.2.2;r2=1.120.2.3 - CVE-2007-0556 * Add debian/patches/00upstream-max-utf8-wchar-len.patch: - Update various string functions to support the maximum UTF-8 sequence length for 4-byte character set to prevent buffer overflows. - Patch backported from 8.1.7 from CVS: http://developer.postgresql.org/cvsweb.cgi/pgsql/src/backend/utils/mb/wchar.c.diff?r1=1.47.2.4;r2=1.47.2.5 -- Martin Pitt Mon, 5 Feb 2007 09:31:44 +0100 postgresql-8.1 (8.1.4-0ubuntu1.1) dapper-security; urgency=low * SECURITY UPDATE: Local DoS. * Add debian/patches/00upstream-disable-update-aggregates.patch: - Disallow aggregate functions in UPDATE commands (unless within a sub-SELECT). It is disallowed by the SQL spec and causes crashes. - Patch backported from 8.1.5: http://developer.postgresql.org/cvsweb.cgi/pgsql/src/backend/parser/analyze.c.diff?r1=1.326.2.1&r2=1.326.2.2 - CVE-2006-5540 * Add debian/patches/00upstream-duration-logging-crash.patch: - Fix crash in duration logging for a V3-protocol Execute message when what's being executed is a COMMIT or ROLLBACK. - Patch backported from 8.1.5: http://developer.postgresql.org/cvsweb.cgi/pgsql/src/backend/tcop/postgres.c.diff?r1=1.468.2.5&r2=1.468.2.6 - CVE-2006-5542 * Add debian/patches/00upstream-unknown-array-coerce.patch: - Repair incorrect check for coercion of unknown literal to ANYARRAY, which could cause a backend crash. - Patch backported from 8.1.5: http://developer.postgresql.org/cvsweb.cgi/pgsql/src/backend/parser/parse_coerce.c.diff?r1=2.132.2.3&r2=2.132.2.4 - CVE-2006-5541 -- Martin Pitt Mon, 23 Oct 2006 18:21:40 +0200 postgresql-8.1 (8.1.4-0ubuntu1) dapper-security; urgency=medium * SECURITY UPDATE: Remote arbitrary SQL injection. * This is based on Debian's 8.1.4-1 plus the shlibs fix from bzr head. * New upstream security and bug fix release: - The server now rejects invalidly-encoded multibyte characters in all cases to defend against SQL-injection attacks. [CVE-2006-2313] - Reject unsafe uses of \' in string literals (for client encodings that allow SQL injection with this, like SJIS, BIG5, GBK, GB18030, or UHC). A new configuration parameter backslash_quote is available to adjust this behavior when needed. [CVE-2006-2314] - Modify libpq's string-escaping routines to be aware of encoding considerations and standard_conforming_strings This fixes libpq-using applications for the security issues described in CVE-2006-2313 and CVE-2006-2314, and also future-proofs them against the planned changeover to SQL-standard string literal syntax. Applications that use multiple PostgreSQL connections concurrently should migrate to PQescapeStringConn() and PQescapeByteaConn() to ensure that escaping is done correctly for the settings in use in each database connection. Applications that do string escaping "by hand" should be modified to rely on library routines instead. - Various bug fixes, see upstream changelog for details. * Remove debian/patches/12-krb5-multiusers.patch: Fixed upstream. * debian/postgresql-8.1.init: Add a comment to point out that environment variables need to be set in the 'environment' file, not in the init script. * debian/postgresql-8.1.init, debian/postgresql-8.1.postinst: Do not fail if init.d-functions/maintscripts-functions are not present, which happens if postgresql-{8.1,common} are removed, but not purged. Closes: #362488 * Bump Standards-Version to 3.7.2. * Add debian/libpq4.shlibs and bump it to >= 8.1.4, to respect the introduction of PQescapeStringConn() and PQescapeByteaConn(). * debian/postgresql-8.1.postrm, clean_dir(): Do not use rmdir's --ignore-fail-on-nonempty, since that still falls apart when the directory is a mountpoint. Just ignore errors. -- Martin Pitt Thu, 1 Jun 2006 22:38:19 +0200 postgresql-8.1 (8.1.3-4) unstable; urgency=low * debian/rules: - Put --as-needed into LDFLAGS instead of CFLAGS to avoid warnings when building extension modules. Closes: #360759 - Fix a bashism. * debian/control: Suggest oidentd | ident-server (oidentd prefered since it works with IPv6). Closes: #359193 * libecpg-dev: Move manpage to /usr/share/man/man1 where it belongs to. Closes: #360817 * debian/rules: Ship the tutorial's Makefile and ship the SQL *.source files (not the generated *.sql files) to get the correct path to the built libraries. Closes: #360469 * Add debian/patches/13-tutorial-README.patch: Remove confusing note about make and point out that p-server-dev-8.1 is required for building the tutorial. * debian/postgresql-contrib-8.1.install, 50-contrib-oracle-enable.patch: Move Ora2Pg.pm to /usr/share/postgresql/8.1 and adapt the library search path in ora2pg.pl accordingly. Closes: #360818 -- Martin Pitt Mon, 10 Apr 2006 22:43:11 +0200 postgresql-8.1 (8.1.3-3) unstable; urgency=low * debian/postgresql-8.1.init: Use shell 'sh -e' instead of bash. * debian/postgresql-contrib-8.1.install: Ship ora2pg.pl and Ora2Pg.pm. * debian/control: Updated contrib package description. Closes: #355172 * debian/rules: Don't special-case HPPA for --enable-thread-safety-force; the current kernel seems to cope with threads quite well, so that the configure check does not hang any more. Closes: #315440 * debian/control: Build server packages on mips and mipsel again, even if they do not work. No need to block testing migration forever (the ftp-masters seem reluctant to remove the mips binaries, see #344487), and the bug is in binutils, not PostgreSQL itself (see #357603). -- Martin Pitt Sat, 1 Apr 2006 22:13:03 +0200 postgresql-8.1 (8.1.3-2) unstable; urgency=low * Re-enable 'do not run as root' check from upstream: - Move debian/patches/08-disable-root-check.patch to debian/disable-root-check.patch. - debian/rules: Move test suite to binary/predeb and apply disable-root-check.patch manually right before calling the test suite. Unapply debian/disable-root-check.patch after executing the test suite to not break subsequent package builds. - With this, the test suite can happily run as (fake)root during package build without disabling the check in the actual packages. * postgresql-doc-8.1: Ship tutorial C and SQL files. (https://launchpad.net/bugs/30233) * debian/control, postgresql-client-8.1: Depend on postgresql-client-common instead of postgresql-common. -- Martin Pitt Sat, 18 Mar 2006 15:21:27 +0100 postgresql-8.1 (8.1.3-1) unstable; urgency=low * New upstream security and bug fix release: - Fix bug that allowed any logged-in user to "SET ROLE" to any other database user id (CVE-2006-0553). - See upstream changelog for detailled changes. * Remove debian/patches/80-cvs-pg_restore-COPY.patch: Upstream now. * debian/rules: Use --as-needed linker option to avoid excessive library dependencies. * debian/control: Remove unnecessary dependencies from PL/Python and PL/Tcl packages. -- Martin Pitt Tue, 14 Feb 2006 17:46:31 +0100 postgresql-8.1 (8.1.2-2) unstable; urgency=low * debian/patches/09-relax-sslkey-permscheck.patch: Do not check for any particular group if the SSL key is group readable, to allow sharing a common SSL certificate with other server processes. * debian/control: Add ${shlibs:Depends} to packages which need it. Closes: #348066 * debian/control, libecpg5: Remove obsolete Provides/Conflicts to ecpg. * Add debian/patches/80-cvs-pg_restore-COPY.patch: - Fix pg_restore to properly discard COPY data when trying to continue after an error in a COPY statement. Formerly it thought the COPY data was SQL commands, and got quite confused. - Patch from Stephen Frost, taken from upstream CVS. * Add debian/patches/12-krb5-multiusers.patch: - Fix krb5 credential handling in libpq for multiple connections with different users: Don't keep credentials in global variables, but pass them around in a new krb5_info struct. - Patch from Stephen Frost, proposed to be adopted upstream. -- Martin Pitt Mon, 6 Feb 2006 21:07:31 +0100 postgresql-8.1 (8.1.2-1) unstable; urgency=medium * New upstream bugfix release: - Fix bug introduced in 8.0 that could allow ReadBuffer to return an already-used page as new, potentially causing loss of recently-committed data. - Fix for protocol-level Describe messages issued outside a transaction or in a failed transaction. - Fix character string comparison for locales that consider different character combinations as equal, such as Hungarian. This might require "REINDEX" to fix existing indexes on textual columns. - Set locale environment variables during postmaster startup to ensure that plperl won't change the locale later. This fixes a problem that occurred if the postmaster was started with environment variables specifying a different locale than what initdb had been told. Under these conditions, any use of plperl was likely to lead to corrupt indexes. You may need "REINDEX" to fix existing indexes on textual columns if this has happened to you. (postgresql-common checks and aborts on this condition.) - Allow more flexible relocation of installation directories. Previous releases supported relocation only if all installation directory paths were the same except for the last component. This makes the test suite work with Debian's directory structure, so that the horology test can find the timezones again and pass. - Prevent crashes caused by the use of ISO-8859-5 and ISO-8859-9 encodings. - Fix longstanding bug in strpos() and regular expression handling in certain rarely used Asian multi-byte character sets. - Fix bug where COPY CSV mode considered any \. to terminate the copy data. The new code requires \. to appear alone on a line, as per documentation. - Make COPY CSV mode quote a literal data value of \. to ensure it cannot be interpreted as the end-of-data marker. - Various fixes for functions returning RECORDs. - Fix processing of "postgresql.conf" so a final line with no newline is processed properly. - Fix bug in "/contrib/pgcrypto" gen_salt, which caused it not to use all available salt space for MD5 and XDES algorithms. Salts for Blowfish and standard DES are unaffected. - Fix autovacuum crash when processing expression indexes. - Fix "/contrib/dblink" to throw an error, rather than crashing, when the number of columns specified is different from what's actually returned by the query. * Remove debian/patches/12-readline-prompt-ignore.patch: Adopted upstream. * Bump postgresql-common dependencies to >= 39. This will ensure more robust upgrades and other bug fixes. -- Martin Pitt Mon, 9 Jan 2006 18:34:31 +0100 postgresql-8.1 (8.1.1-2) unstable; urgency=low * Do not build postgresql-8.1, p-contrib-8.1, and the PL/ packages on mips and mipsel, since the postmaster just SIGBUSes on these architectures and nobody seems to be able to fix that. * Add debian/patches/12-readline-prompt-ignore.patch: Do not prepend a '\001' before the 'prompt ignore begin/end' readline commands; this is a bash quirk, not a readline feature. Thanks to Aaron Schrab. Closes: #343616 -- Martin Pitt Thu, 22 Dec 2005 19:13:21 +0100 postgresql-8.1 (8.1.1-1) unstable; urgency=low * New upstream bug fix release. * Remove debian/patches/80_cvs_crash_deform_tuple.patch, upstream now. * debian/postgresql-8.1.postrm: Also clean start.conf if purging without pg_dropcluster. * debian/postgresql-8.1.postrm: Check if a /etc/postgresql/8.1 subdirectory is really a cluster directory before trying to remove it. Closes: #339810 * Ship upstream changelog. -- Martin Pitt Mon, 12 Dec 2005 17:27:57 +0100 postgresql-8.1 (8.1.0-3) unstable; urgency=low * debian/rules: Remove superfluous R include path. * debian/control: Version the libpq-dev dependency of -server-dev-8.1 to avoid horrible breakage. * Add debian/patches/80_cvs_crash_deform_tuple.patch: - Fix crash in tuple deformator (stolen from CVS head). - Closes: #339527 * Add debian/patches/52-contrib-dbase-enable-iconv.patch: - Enable iconv support for 'dbf2pg' contrib module. - Closes: #338645 -- Martin Pitt Sun, 20 Nov 2005 17:01:53 +0100 postgresql-8.1 (8.1.0-2) unstable; urgency=low * Do not install pg_config and its mo files into postgresql-server-dev-8.1 any more, since libpq-dev now ships it. Closes: #338231 * debian/control: Clean up contrib description. Closes: #338308 -- Martin Pitt Wed, 9 Nov 2005 20:29:16 -0500 postgresql-8.1 (8.1.0-1) unstable; urgency=low * Final 8.1.0 upstream release, first unstable upload. * Build client libraries (-8.0 does not build them any more). * Add debian/patches/11-server-includedir.patch: Change server include directory to /usr/include/postgresql/8.1/server since we do want to keep apart server include files. -- Martin Pitt Sat, 5 Nov 2005 18:57:00 -0500 postgresql-8.1 (8.0+8.1rc1-1) experimental; urgency=low * Upgrade to 8.1rc1 release. -- Martin Pitt Mon, 31 Oct 2005 17:43:19 -0500 postgresql-8.1 (8.0+8.1beta4-2) experimental; urgency=low * Clean up the installation path ./configure arguments. - debian/rules: Use default libdir /usr/lib. - Add debian/patches/10-pkglibdir.patch: Set pkglibdir to /usr/lib/postgresql/8.1/lib instead of /usr/lib/postgresql. -- Martin Pitt Wed, 26 Oct 2005 20:45:02 +0100 postgresql-8.1 (8.0+8.1beta4-1) experimental; urgency=low * Upgrade to 8.1beta4 release. * Adopt patches to new upstream version: - 09-relax-sslkey-permscheck.patch * debian/postgresql-8.1.postrm: clean_dir(): Ensure that directory is not a symbolic link before attempting to rmdir it. Closes: #333867 * debian/rules: Remove obsolete --disable-spinlocks build option for mips. -- Martin Pitt Mon, 24 Oct 2005 16:59:53 +0200 postgresql-8.1 (8.0+8.1beta3-1) experimental; urgency=low * Upgrade to 8.1beta3 release. * Drop debian/patches/81-beta2.patch: beta2->beta3 changes are too big to be sensibly stuffed into a patch. * Adopt patches to new upstream version: - 03-gettext-domains.patch * Remove patches which are upstream now: - 52-contrib-dbf2pg-errorcheck.patch - 53-contrib-dbf2pg-textfield * debian/patches/09-relax-sslkey-permscheck.patch: Use effective rather than real group id for checking the private SSL certificate permissions. It does not make any practical difference, but is more consistent. * Rename patch 01-top-makefile.patch to 01-build-contrib.patch to give a better idea of what it does. -- Martin Pitt Thu, 13 Oct 2005 18:32:33 +0200 postgresql-8.1 (8.0+8.1beta-4) experimental; urgency=low * Add debian/patches/09-relax-sslkey-permscheck.patch: - Relax security check on private SSL key file: The file is also considered safe if it has owner and/or group "root", and if it is group-readable (unless the group is something other than root or the database owner group). - See bug #327901. -- Martin Pitt Wed, 21 Sep 2005 22:52:39 +0200 postgresql-8.1 (8.0+8.1beta-3) experimental; urgency=low * Add debian/patches/81-beta2.patch: Upgrade to 8.1beta2 release. * Remove debian/patches/80-s_lock.h-m68k.patch: Included upstream now. -- Martin Pitt Mon, 19 Sep 2005 08:31:22 +0200 postgresql-8.1 (8.0+8.1beta-2) experimental; urgency=low * debian/postgresql-8.1.postrm: Do not remove an empty /var/log/postgresql, postgresql-common now cares for it to not break log rotation. (See #325330) * Remove debian/postgresql-server-dev-8.1.manpages: Do not install the manpage, since it belongs to libpq-dev (which is currently built by postgresql-8.0). Closes: #327379 * debian/postgresql-server-dev-8.1.install: Ship pg_config. * Build-depend on libpq-dev to pull in libpq4 dependencies for binary packages. This hack is necessary as long as we build libpq from postgresql-8.0. Closes: #327765 -- Martin Pitt Tue, 13 Sep 2005 22:04:54 +0200 postgresql-8.1 (8.0+8.1beta-1) experimental; urgency=low * First public beta version. -- Martin Pitt Fri, 26 Aug 2005 09:00:47 +0200 postgresql-8.1 (8.0+8.1alpha-1) experimental; urgency=low * New upstream snapshot release. The first beta is close to be released, and I want to be prepared for that. * Package based on postgresql-8.0 8.0.3-13; don't build client libraries yet until 8.1 final is released. -- Martin Pitt Wed, 24 Aug 2005 08:34:00 +0200 postgresql-8.0 (8.0.3-13) unstable; urgency=low * debian/control: Fix libpq4 description, it is compatible with servers starting from 7.3. * Move back client include files to /usr/include/postgresql/ for now to not render all client packages unbuildable which have not yet converted to pg_config: - debian/rules: Configure with include dir /usr/include/postgresql. - debian/libecpg-dev.install, debian/libpq-dev.install: Install files from and to /usr/include/postgresql - Add debian/patches/13_server_includedir.patch: Change server include directory back to /usr/include/postgresql/8.0/server since we do want to keep apart server include files. - Closes: #322085 * Drop obsolete xml contrib module, build and ship xml2 instead: - Remove debian/patches/51-contrib-xml-enable.patch - Add debian/patches/51-contrib-xml2-enable.patch - debian/control: Add build dependency libxslt1-dev. - debian/postgresql-contrib-8.0.install: Ship pgxml.so, drop pgxml_dom.so. - Closes: #322777 * Add debian/patches/14-mips-gcc4.patch: - Add a proper test-and-set function for mips and mipsel. Thanks to Thiemo Seufer for the patch and Aurelien Jarno for his help. This now also works with gcc 4. * debian/rules: Remove the --disable-spinlocks option for mips again, now that we have a proper patch for that. -- Martin Pitt Sat, 20 Aug 2005 17:34:01 +0200 postgresql-8.0 (8.0.3-12) unstable; urgency=low * debian/rules: - Robustify log output in case of a failed test suite; also print out regression.diffs if it fails. Closes: #319218 - Don't run the test suite if DEB_BUILD_OPTIONS contains "nocheck". * Add debian/check_installed_files to check for upstream installed files which are not shipped in any deb. * debian/postgresql-contrib-8.0.install: Ship pgxml_dom.so. Closes: #318922 -- Martin Pitt Sun, 24 Jul 2005 17:35:56 +0200 postgresql-8.0 (8.0.3-11) unstable; urgency=low * Add debian/patches/12-disable-root-check.patch: Disable "am I root" test in initdb and postmaster to be able to run the test suite at build time. This check is already done in pg_createcluster. * debian/rules: Remove all the chown/setuid crack and simply call "make check" now; print the log files if the test fails. * debian/patches/10-testsuite-params.patch: Disable authentication in the test suite db since ident authentication does not work with fakeroot. -- Martin Pitt Fri, 15 Jul 2005 13:31:51 +0300 postgresql-8.0 (8.0.3-10) unstable; urgency=low * debian/rules: If the test suite fails, don't let the build fail but rather cat the log files. Once the test suite calling works reliably, the previous behaviour can be restored. -- Martin Pitt Thu, 14 Jul 2005 14:19:30 +0300 postgresql-8.0 (8.0.3-9) unstable; urgency=low * Bump Standards-Version to 3.6.2. * debian/rules: Use start-stop-daemon instead of su to call the test suite since su requires a terminal. * debian/rules: Disable spinlocks on mips and mipsel for now since they FTBFS with gcc-4.0. -- Martin Pitt Wed, 13 Jul 2005 22:22:59 +0300 postgresql-8.0 (8.0.3-8) unstable; urgency=low * postgresql-client-8.0: Now suggest postgresql-8.0; clarified the description wrt the server package (see #313247). * Fix README.Debian symlink. * Add debian/patches/10-testsuite-params.patch: Use /tmp as the socket directory when running the test suite. * debian/rules: Call the test suite when building the package. Since creating databases as root is not permitted, do this as "nobody" if run by root (as on the buildds); don't do it at all if run with fakeroot. -- Martin Pitt Tue, 12 Jul 2005 19:10:03 +0300 postgresql-8.0 (8.0.3-7) unstable; urgency=low * Removed some redundant configure options which cdbs applies anyway. * configure with --enable-thread-safety-force on HPPA since the configure check triggers a kernel bug on the buildd. (See #315440) * debian/postgresql-8.0.init: autovac-* functions in postgresql-common were renamed to autovac_* to comply to POSIX shell standard (see #315551). Adaped dependencies. -- Martin Pitt Sun, 26 Jun 2005 14:23:32 +0200 postgresql-8.0 (8.0.3-6) unstable; urgency=low * Added debian/postgresql-8.0.links: Symlink README.Debian from postgresql-common. * Added debian/patches/08-timezone-inttimestamps.patch (stolen from CVS head): Fix integer timestamps in time zone handling. Closes: #249417, #311533. * debian/rules: Fix POT file generation. * Added debian/patches/09-libpq-defaultsocketdir.patch: - Set default socket directory for libpq to /var/run/postgresql. Closes: #313507, #313602 * Adjusted packages to follow upstream library SONAME change in 8.0.3: libecpg4 -> libecpg5, libecpg-compat1 -> libecpg-compat2, libpgtypes1 -> libpgtypes2. Closes: #313452, #313453, #313454 -- Martin Pitt Tue, 14 Jun 2005 19:58:10 +0200 postgresql-8.0 (8.0.3-5) unstable; urgency=low * debian/rules: Generate POT files to help translators. * Added debian/libpq-dev.manpages: Install pg_wrapper(1) manpage. Closes: #311671 * debian/control: Restrict libpq-dev conflict to postgresql-dev to versions << 7.5. Closes: #312827 -- Martin Pitt Fri, 10 Jun 2005 19:01:20 +0200 postgresql-8.0 (8.0.3-4) unstable; urgency=low * First unstable upload. * debian/control: Now build with libreadline5-dev instead of version 4. -- Martin Pitt Tue, 7 Jun 2005 12:15:43 +0200 postgresql-8.0 (8.0.3-3) experimental; urgency=low * Added libpq4 dependency to libpq-dev. * postgresql-contrib-8.0.install: Correct paths to install missing shared files and documentation. (Closes: #311553) * libpq-dev.install: Install some more header files from server/ which are required by client libraries. -- Martin Pitt Mon, 6 Jun 2005 12:24:57 +0200 postgresql-8.0 (8.0.3-2) experimental; urgency=low * Added CAN numbers to previous changelog entries. * debian/patches/07-postgresql.conf.patch: Enable listen_addresses = '*' by default. * debian/control, libpq-dev: Conflict to and replace postgresql-dev. -- Martin Pitt Tue, 31 May 2005 11:09:48 +0200 postgresql-8.0 (8.0.3-1) experimental; urgency=low * New upstream release: - Prevent calling conversion functions by users. [CAN-2005-1409] - Prevent calling tsearch2 functions by users. [CAN-2005-1410] * debian/libpq-dev.{install,links}: Install pg_config into /usr/lib/postgresql/8.0/bin to make it print correct paths, and install a symlink into /usr/bin instead. Closes: #305200 * debian/rules: Change include dir configure option to /usr/include/postgresql/8.0, so that different versions of postgresql-server-dev- do not conflict with each other. Since applications using the libpq-dev are supposed to use pg_config, this should not break them either. -- Martin Pitt Thu, 12 May 2005 23:37:56 +0200 postgresql-8.0 (8.0.2-1) experimental; urgency=low * New upstream release: - Removed debian/patches/02-libpq-soname.patch, upstream adopted SONAME change to libpq4. * Ship "reindexdb" in -contrib. * Added debian/patches/02_pager.patch: Use /usr/bin/pager as default pager in psql. Closes: #304459 * Added debian/postgresql-doc-8.0.doc-base: Register doc package in doc-base. -- Martin Pitt Tue, 19 Apr 2005 21:19:50 +1000 postgresql-8.0 (8.0.1-4) experimental; urgency=low * Ship pg_config in libpq-dev instead of postgresql-8.0; added proper package conflict. Closes: #303257 * Install pg_config in /usr/bin instead of 8.0-specific bin dir. Closes: #302368 * debian/postgresql-8.0.init: Added autovacuum functions. -- Martin Pitt Tue, 5 Apr 2005 23:15:31 +0200 postgresql-8.0 (8.0.1-3) experimental; urgency=low * Dropped pgxs package, the Makefiles are now part of postgresql-server-dev. * -contrib: Only recommend, not depend on libpg-perl and libdbd-pg-perl. * Renamed packages pg-pl*-8.0 to postgresql-pl*-8.0 for consistency. * Added debian/patches/07-postgresql.conf.patch: - Patch for Debian changes to the default configuration. - Enable stats_row_level to allow pg_autovacuum to work. -- Martin Pitt Sat, 2 Apr 2005 18:21:57 +0200 postgresql-8.0 (8.0.1-2) experimental; urgency=low * Changed dependency of pg-pltcl-8.0 from libtcl8.4 to tcl8.4 * Now depend on postgresql-common >= 3 which provides more maintainer script functions. * Compress manpages. -- Martin Pitt Sun, 20 Mar 2005 21:23:10 +0100 postgresql-8.0 (8.0.1-1) experimental; urgency=low * New upstream release. Closes: #274043, #291350 - Ignores shell backticks with invalid meta-commands. Closes: #285844 - Fixes uninitialized error strings when connecting to a server which is down. Closes: #264603, #277757 - configure script supports GNU/Hurd and GNU/k*BSD. Closes: #262081 - Fixes comma splices in HTML documentation. Closes: #243781 - Now upper() and lower() work also for Unicode characters. Closes: #139389, #290118, #290399 - New configuration variable max_stack_depth which prevents DoS situations due to infinite recursion. Closes: #239811 - Reportedly works with Turkish locale. Closes: #305886 - This version is not vulnerable against the following security issues: . Load arbitrary shared libs, execute startup function [CAN-2005-0227] . Execute functions with aggregate wrapper [CAN-2005-0244] . Buffer overflow and 64-bit issues in contrib/intagg [CAN-2005-0246] . Buffer overflows in the PL/PGSQL parser in gram.y [CAN-2005-0247] . Insecure temporary files in make_oidjoins_check [CAN-2004-0977] * Splitted development package into libpq-dev and postgresql-server-dev. Closes: #280417 * Splitted libecpg4 into libecpg4, libecpg-compat1 and libpgtypes1. * Old libpgtcl package does not exist any more. The PL/TCL procedural language is now shipped in pg-pltcl8.0, the TCL client library is not shipped by PostgreSQL any more. Closes: #280418 * Now use /var/lib/postgresql/ as (default) data directory. Closes: #285929 -- Martin Pitt Sun, 20 Feb 2005 19:17:17 +0100