2009
postgresql-7.4 (1:7.4.26-0etch1) oldstable-security; urgency=low
* New upstream security/bug fix release:
- Disallow "RESET ROLE" and "RESET SESSION AUTHORIZATION" inside
security-definer functions. This covers a case that was missed in the
previous patch that disallowed "SET ROLE" and "SET SESSION
AUTHORIZATION" inside security-definer functions. (See CVE-2007-6600)
- Fix handling of sub-SELECTs appearing in the arguments of an
outer-level aggregate function.
- Fix hash calculation for data type interval.
This corrects wrong results for hash joins on interval values. It
also changes the contents of hash indexes on interval columns. If
you have any such indexes, you must "REINDEX" them after updating.
- Fix overflow for INTERVAL 'x ms' when "x" is more than 2 million
and integer datetimes are in use.
- Fix calculation of distance between a point and a line segment.
This led to incorrect results from a number of geometric operators.
- Fix money data type to work in locales where currency amounts have
no fractional digits, e.g. Japan.
- Properly round datetime input like
00:12:57.9999999999999999999999999999.
- Fix poor choice of page split point in GiST R-tree operator classes.
- Fix portability issues in plperl initialization.
- Improve robustness of libpq's code to recover from errors during
"COPY FROM STDIN".
- Avoid including conflicting readline and editline header files when
both libraries are installed.
-- Martin Pitt <mpitt@debian.org> Fri, 18 Sep 2009 15:14:19 +0200
postgresql-7.4 (1:7.4.25-0etch1) oldstable; urgency=low
* New upstream bug fix release 7.4.25:
- Prevent error recursion crashes when encoding conversion fails.
This change extends fixes made in the last two minor releases for
related failure scenarios. The previous fixes were narrowly
tailored for the original problem reports, but we have now
recognized that any error thrown by an encoding conversion
function could potentially lead to infinite recursion while trying
to report the error. The solution therefore is to disable
translation and encoding conversion and report the plain-ASCII form
of any error message, if we find we have gotten into a recursive
error reporting situation.
- Disallow "CREATE CONVERSION" with the wrong encodings for the
specified conversion function. This prevents one possible scenario for
encoding conversion failure. The previous change is a backstop to guard
against other kinds of failures in the same area.
- Fix core dump when to_char() is given format codes that are
inappropriate for the type of the data argument.
- Add MUST (Mauritius Island Summer Time) to the default list of
known timezone abbreviations.
* New upstream bug fix release 7.4.24:
- Improve handling of URLs in headline() function.
- Improve handling of overlength headlines in headline() function.
- Prevent possible Assert failure or misconversion if an encoding
conversion is created with the wrong conversion function for the
specified pair of encodings.
- Avoid unnecessary locking of small tables in "VACUUM".
- Fix uninitialized variables in "contrib/tsearch2"'s get_covers()
function.
- Fix bug in to_char()'s handling of TH format codes.
- Make all documentation reference pgsql-bugs and/or pgsql-hackers as
appropriate, instead of the now-decommissioned pgsql-ports and
pgsql-patches mailing lists.
-- Martin Pitt <mpitt@debian.org> Sat, 14 Mar 2009 20:16:10 +0100
2008
postgresql-7.4 (1:7.4.23-0etch1) stable; urgency=low
* New upstream bug fix release 7.4.23:
- Fix backend crash when the client encoding cannot represent a
localized error message.
- Fix incorrect tsearch2 headline generation when single query item
matches first word of text.
- Fix improper display of fractional seconds in interval values when
using a non-ISO datestyle in an "--enable-integer-datetimes" build.
- Ensure SPI_getvalue and SPI_getbinval behave correctly when the
passed tuple and tuple descriptor have different numbers of columns.
This situation is normal when a table has had columns added or
removed, but these two functions didn't handle it properly. The
only likely consequence is an incorrect error indication.
- Fix ecpg's parsing of "CREATE USER".
* New upstream bug fix release 7.4.22:
- Fix datetime input functions to correctly detect integer overflow
when running on a 64-bit platform.
- Improve performance of writing very long log messages to syslog.
- Fix bug in backwards scanning of a cursor on a SELECT DISTINCT ON
query.
- Fix planner to estimate that GROUP BY expressions yielding boolean
results always result in two groups, regardless of the expressions'
contents. This is very substantially more accurate than the regular
GROUP BY estimate for certain boolean tests like "col" IS NULL.
- Improve pg_dump and pg_restore's error reporting after failure to
send a SQL command.
* New upstream bug fix release 7.4.21:
- Make pg_get_ruledef() parenthesize negative constants.
Before this fix, a negative constant in a view or rule might be
dumped as, say, -42::integer, which is subtly incorrect: it should
be (-42)::integer due to operator precedence rules. Usually this
would make little difference, but it could interact with another
recent patch to cause PostgreSQL to reject what had been a valid
"SELECT DISTINCT" view query. Since this could result in pg_dump
output failing to reload, it is being treated as a high-priority
fix. The only released versions in which dump output is actually
incorrect are 8.3.1 and 8.2.7.
* New upstream bug fix release 7.4.20:
- Fix conversions between ISO-8859-5 and other encodings to handle
Cyrillic "Yo" characters (e and E with two dots).
- Fix a few datatype input functions that were allowing unused bytes
in their results to contain uninitialized, unpredictable values.
This could lead to failures in which two apparently identical
literal values were not seen as equal, resulting in the parser
complaining about unmatched ORDER BY and DISTINCT expressions.
- Fix a corner case in regular-expression substring matching
(substring(string from pattern)). The problem occurs when there is a
match to the pattern overall but the user has specified a parenthesized
subexpression and that subexpression hasn't got a match. An example is
substring('foo' from 'foo(bar)?'). This should return NULL, since (bar)
isn't matched, but it was mistakenly returning the whole-pattern match
instead (ie, foo).
- Fix incorrect result from ecpg's PGTYPEStimestamp_sub() function.
- Fix longstanding "LISTEN"/"NOTIFY" race condition. In rare cases a
session that had just executed a "LISTEN" might not get a notification,
even though one would be expected because the concurrent transaction
executing "NOTIFY" was observed to commit later.
A side effect of the fix is that a transaction that has executed a
not-yet-committed "LISTEN" command will not see any row in
pg_listener for the "LISTEN", should it choose to look; formerly it
would have. This behavior was never documented one way or the
other, but it is possible that some applications depend on the old
behavior.
- Fix display of constant expressions in ORDER BY and GROUP BY.
An explictly casted constant would be shown incorrectly. This could
for example lead to corruption of a view definition during dump and
reload.
- Fix libpq to handle NOTICE messages correctly during COPY OUT.
This failure has only been observed to occur when a user-defined
datatype's output routine issues a NOTICE, but there is no
guarantee it couldn't happen due to other causes.
-- Martin Pitt <mpitt@debian.org> Fri, 31 Oct 2008 20:23:35 +0100
postgresql-7.4 (1:7.4.19-0etch1) stable-security; urgency=low
* New upstream bugfix release 7.4.18:
- Require non-superusers who use "/contrib/dblink" to use only
password authentication, as a security measure.
[CVE-2007-3278, CVE-2007-3280]
- Make "CREATE DOMAIN ... DEFAULT NULL" work properly.
- Fix excessive logging of SSL error messages.
- Fix crash when log_min_error_statement logging runs out of memory.
- Prevent "CLUSTER" from failing due to attempting to process
temporary tables of other sessions.
* New upstream security/bugfix release 7.4.19:
- Prevent functions in indexes from executing with the privileges of
the user running "VACUUM", "ANALYZE", etc. "SET ROLE" is now forbidden
within a SECURITY DEFINER context. [CVE-2007-6600]
- Suitably crafted regular-expression patterns could cause crashes,
infinite or near-infinite looping, and/or massive memory
consumption, all of which pose denial-of-service hazards for
applications that accept regex search patterns from untrustworthy
sources. [CVE-2007-4769, CVE-2007-4772, CVE-2007-6067]
- Require non-superusers who use "/contrib/dblink" to use only
password authentication, as a security measure.
The fix that appeared for this in 8.2.5 was incomplete, as it
plugged the hole for only some "dblink" functions. [CVE-2007-6601,
CVE-2007-3278]
- Fix planner failure in some cases of WHERE false AND var IN (SELECT
...).
- Fix potential crash in translate() when using a multibyte database
encoding.
- Fix PL/Python to not crash on long exception messages.
- ecpg parser fixes.
- Make "contrib/tablefunc"'s crosstab() handle NULL rowid as a
category in its own right, rather than crashing.
- Fix tsvector and tsquery output routines to escape backslashes
correctly.
- Fix crash of to_tsvector() on huge input strings.
* debian/patches/21_krb5_check_hostname.patch: Adapt to new upstream
release.
-- Martin Pitt <mpitt@debian.org> Fri, 04 Jan 2008 15:31:29 +0100
2007
postgresql-7.4 (1:7.4.17-0etch1) stable-security; urgency=low
* New upstream security/bugfix release:
- Support explicit placement of the temporary-table schema within
search_path, and disable searching it for functions and operators
This is needed to allow a security-definer function to set a truly
secure value of search_path. Without it, an unprivileged SQL user
can use temporary objects to execute code with the privileges of
the security-definer function (CVE-2007-2138). See "CREATE
FUNCTION" for more information.
- "/contrib/tsearch2" crash fixes.
- Fix potential-data-corruption bug in how "VACUUM FULL" handles
"UPDATE" chains.
- Fix PANIC during enlargement of a hash index (bug introduced in
7.4.15).
* debian/control: Fix duplicate Conflicts: field.
-- Martin Pitt <mpitt@debian.org> Sat, 21 Apr 2007 19:38:57 +0200
postgresql-7.4 (1:7.4.16-1) unstable; urgency=high
* New upstream security and bug fix release:
- Remove security vulnerability that allowed connected users to read
backend memory.
The vulnerability involves suppressing the normal check that a SQL
function returns the data type it's declared to, or changing the
data type of a table column used in a SQL function (CVE-2007-0555).
This error can easily be exploited to cause a backend crash, and in
principle might be used to read database content that the user
should not be able to access.
- Fix rare bug wherein btree index page splits could fail due to
choosing an infeasible split point.
- Fix for rare Assert() crash triggered by UNION.
- Tighten security of multi-byte character processing for UTF8
sequences over three bytes long.
* Urgency high: security relevant changes and critical bug fixes.
-- Martin Pitt <mpitt@debian.org> Sun, 4 Feb 2007 20:05:24 +0100
postgresql-7.4 (1:7.4.15-1) unstable; urgency=medium
* Urgency medium since these are important bug fixes that should reach Etch.
* New upstream bugfix release:
- Fix "failed to re-find parent key" errors in "VACUUM".
- Fix bugs affecting multi-gigabyte hash indexes.
- Fix error when constructing an ARRAY[] made up of multiple empty
elements.
- to_number() and to_char(numeric) are now STABLE, not IMMUTABLE, for
new initdb installs. This is because lc_numeric can potentially change
the output of these functions.
- Improve index usage of regular expressions that use parentheses.
This improves psql \d performance also.
-- Martin Pitt <mpitt@debian.org> Mon, 8 Jan 2007 18:56:56 +0100
2006
postgresql-7.4 (1:7.4.14-2) unstable; urgency=medium
* Urgency medium, since only trivial bug fixes. * Add watch file. * debian/control: Fix spelling of 'Tcl'. (See #401191)
-- Martin Pitt <mpitt@debian.org> Fri, 8 Dec 2006 22:36:30 +0100
postgresql-7.4 (1:7.4.14-1) unstable; urgency=low
* New upstream bugfix release:
- Fix core dump when an untyped literal is taken as ANYARRAY.
- Fix string_to_array() to handle overlapping matches for the
separator string. For example, string_to_array('123xx456xxx789', 'xx').
- Fix corner cases in pattern matching for psql's \d commands.
- Fix index-corrupting bugs in /contrib/ltree.
- Fix backslash escaping in /contrib/dbmirror.
- Adjust regression tests for recent changes in US DST laws.
* Remove debian/patches/37_contrib-dbmirror_quoteparsing.patch: Applied
upstream.
-- Martin Pitt <mpitt@debian.org> Sun, 15 Oct 2006 17:28:13 +0200
postgresql-7.4 (1:7.4.13-7) unstable; urgency=low
* debian/control: Add explicit p-client-7.4 dependency to -contrib, since
-contrib needs libpq3.
* debian/patches/15_unnecessary_libs.patch: Remove unnecessary NEEDED
libraries from PL/*, too.
-- Martin Pitt <mpitt@debian.org> Fri, 6 Oct 2006 19:15:31 +0200
postgresql-7.4 (1:7.4.13-6) unstable; urgency=low
* Remove libpq3 package. No package in testing uses it any more (just one in
unstable which is unmaintained, see #390461). Ship the library in
postgresql-client-7.4 instead. Enable rpath so that
/usr/lib/postgresql/7.4/lib/libpq.so is found by the client programs.
* Move pg_dumplo and vacuumlo from -client to -contrib, since these are
contributed scripts. Add appropriate Replaces:.
* Add debian/patches/15_unnecessary_libs.patch: Remove all unnecessary -lfoo
library references from Makefiles to clean up unnecessary library
dependencies. Thanks to Christian Aichinger for his neat checklib system!
-- Martin Pitt <mpitt@debian.org> Sun, 1 Oct 2006 15:27:39 +0200
postgresql-7.4 (1:7.4.13-5) unstable; urgency=low
* debian/postgresql-7.4.install: Remove files which do not actually exist
(this fails with debhelper compat 5).
* Transition for private python extension in p-plpython-7.4:
- debian/control:
+ Bump cdbs/debhelper build dependency versions.
+ Add {XS,XB}-Python-Version attributes.
- debian/compat: Use compat level 5.
- Add debian/pycompat: Use compat level 2.
- debian/rules: Call dh_pycentral and dh_python for p-plpython-7.4.
- Closes: #380896
-- Martin Pitt <mpitt@debian.org> Sat, 5 Aug 2006 23:49:02 +0200
postgresql-7.4 (1:7.4.13-4) unstable; urgency=low
* Add debian/patches/37_contrib-dbmirror_quoteparsing.patch: Fix parsing of
quotes escaped as '' in PendingData table. Closes: #375744
* debian/rules: Build with -fPIC everywhere to improve the proactive
security effectivity of address space layout randomization. This has no
measurable performance impact on at least i386, amd64, and powerpc.
* debian/postgresql-7.4.init: Add LSB magic comment header (provide both
postgresql-7.4 and a generic postgresql service). Closes: #377495
* debian/postgresql-7.4.init: Silently exit if init.d-functions does not
exist. (See bug #362488 for postgresql-8.1)
* debian/rules: Install init script at priority 19, since Apache and web
applications usually reside on priority 20, but often require a running
database. This follows a recent change in the MySQL package, thanks to
Christian Hammers for pointing this out. Closes: #379145
* Build server-related packages on mips and mipsel again. The SIGBUS problem
turned out to be a kernel bug, which is fixed on 2.6.16 and later. Thanks
to Thiemo Seufer for his investigations!
-- Martin Pitt <mpitt@debian.org> Sat, 22 Jul 2006 17:17:04 +0200
postgresql-7.4 (1:7.4.13-3) unstable; urgency=medium
* debian/rules: Do not completely fail the build when the test suite fails,
so that mips and mipsel at least get the client side packages.
* debian/control: Do not build the server-related packags on mips and
mipsel.
-- Martin Pitt <mpitt@debian.org> Fri, 9 Jun 2006 14:01:04 +0200
postgresql-7.4 (1:7.4.13-2) unstable; urgency=medium
* Add debian/libpq3.shlibs and bump it to >= 7.4.13, to respect the
introduction of PQescapeStringConn() and PQescapeByteaConn().
* debian/postgresql-7.4.postrm, clean_dir(): Do not use rmdir's
--ignore-fail-on-nonempty, since that still falls apart when the
directory is a mountpoint. Just ignore errors.
-- Martin Pitt <mpitt@debian.org> Thu, 1 Jun 2006 23:12:51 +0200
postgresql-7.4 (1:7.4.13-1) unstable; urgency=medium
* New upstream security and bug fix release:
- The server now rejects invalidly-encoded multibyte characters in all
cases to defend against SQL-injection attacks. [CVE-2006-2313]
- Reject unsafe uses of \' in string literals (for client encodings that
allow SQL injection with this, like SJIS, BIG5, GBK, GB18030, or UHC). A
new configuration parameter backslash_quote is available to adjust this
behavior when needed. [CVE-2006-2314]
- Modify libpq's string-escaping routines to be aware of encoding
considerations and standard_conforming_strings
This fixes libpq-using applications for the security issues
described in CVE-2006-2313 and CVE-2006-2314, and also
future-proofs them against the planned changeover to SQL-standard
string literal syntax. Applications that use multiple PostgreSQL
connections concurrently should migrate to PQescapeStringConn() and
PQescapeByteaConn() to ensure that escaping is done correctly for
the settings in use in each database connection. Applications that
do string escaping "by hand" should be modified to rely on library
routines instead.
- Various bug fixes, see upstream changelog for details.
-- Martin Pitt <mpitt@debian.org> Mon, 22 May 2006 10:35:58 +0200
postgresql-7.4 (1:7.4.12-4) unstable; urgency=low
* Bump Standards-Version.
* debian/rules: Remove --as-needed linker option again since it now causes
an FTBFS. Closes: #366828
-- Martin Pitt <mpitt@debian.org> Sun, 14 May 2006 22:53:45 +0200
postgresql-7.4 (1:7.4.12-3) unstable; urgency=low
* debian/control, postgresql-client-7.4: Depend on postgresql-client-common
instead of postgresql-common.
* debian/rules: Unapply debian/disable-root-check.patch after running the
test suite to not break subsequent builds.
* debian/postgresql-7.4.init: Use shell 'sh -e' instead of bash.
-- Martin Pitt <mpitt@debian.org> Wed, 29 Mar 2006 23:12:52 +0200
postgresql-7.4 (1:7.4.12-2) unstable; urgency=low
* debian/patches/11_relax_sslkey_permscheck.patch: Do not check for any
particular group if the SSL key is group readable, to allow sharing a
common SSL certificate with other server processes.
* Fix CVE in previous changelog.
* Re-enable 'do not run as root' check from upstream:
- Move debian/patches/20_disable_root_check.patch to
debian/disable-root-check.patch.
- debian/rules: Move test suite to binary/predeb and apply
disable-root-check.patch manually right before calling the test suite.
- With this, the test suite can happily run as (fake)root during package
build without disabling the check in the actual packages.
-- Martin Pitt <mpitt@debian.org> Fri, 10 Mar 2006 17:12:09 +0100
postgresql-7.4 (1:7.4.12-1) unstable; urgency=low
* New upstream bugfix release:
- Fix potential crash in "SET SESSION AUTHORIZATION" (CVE-2006-0678)
An unprivileged user could crash the server process, resulting in
momentary denial of service to other users, if the server has been
compiled with Asserts enabled (which is not the default). Thanks to
Akio Ishida for reporting this problem.
- Fix bug with row visibility logic in self-inserted rows. Under rare
circumstances a row inserted by the current command could be seen as
already valid, when it should not be. Repairs bug created in 7.4.9 and
7.3.11 releases.
- Fix race condition that could lead to "file already exists" errors
during pg_clog file creation.
- Properly check DOMAIN constraints for UNKNOWN parameters in
prepared statements.
- Fix to allow restoring dumps that have cross-schema references to
custom operators.
- Portability fix for testing presence of finite and isinf during
configure.
* debian/control: Add some forgotten ${shlibs:Depends}.
* debian/rules: Use --as-needed linker option to avoid excessive library
dependencies.
* debian/control: Remove unnecessary dependencies from PL/Python and PL/Tcl
packages.
-- Martin Pitt <mpitt@debian.org> Fri, 17 Feb 2006 13:06:53 +0100
postgresql-7.4 (1:7.4.11-1) unstable; urgency=low
* New upstream bugfix release:
- Fix for protocol-level Describe messages issued outside a
transaction or in a failed transaction.
- Fix character string comparison for locales that consider different
character combinations as equal, such as Hungarian. This might require
"REINDEX" to fix existing indexes on textual columns.
- Set locale environment variables during postmaster startup to
ensure that plperl won't change the locale later.
This fixes a problem that occurred if the postmaster was started
with environment variables specifying a different locale than what
initdb had been told. Under these conditions, any use of plperl was
likely to lead to corrupt indexes. You may need "REINDEX" to fix
existing indexes on textual columns if this has happened to you.
(postgresql-common checks and aborts on this condition.)
- Fix longstanding bug in strpos() and regular expression handling in
certain rarely used Asian multi-byte character sets.
- Fix bug in "/contrib/pgcrypto" gen_salt, which caused it not to use
all available salt space for MD5 and XDES algorithms. Salts for Blowfish
and standard DES are unaffected.
- Fix "/contrib/dblink" to throw an error, rather than crashing, when
the number of columns specified is different from what's actually
returned by the query.
* Add debian/patches/53_testsuite-ignore-horology.patch: New upstream
version has the horology test now which fails on the buildds for known
reasons. 8.0 fix for make_relative_path is not easy to backport, so ignore
this failure for 7.4.
-- Martin Pitt <mpitt@debian.org> Mon, 9 Jan 2006 19:16:30 +0100
2005
postgresql-7.4 (1:7.4.10-4) unstable; urgency=low
* Drop debian/patches/51_testsuite-localhost_ip.patch, replace it with
debian/patches/51_testsuite-localhost_ip.patch: Simply ignore a failing
stats test until the buildds are fixed. Fixes FTBFS on s390.
-- Martin Pitt <mpitt@debian.org> Thu, 22 Dec 2005 20:33:30 +0100
postgresql-7.4 (1:7.4.10-3) unstable; urgency=low
* Rename patch 19_testsuite_params.patch to
50_testsuite-socket_in_tmp.patch.
* Add debian/patches/51_testsuite-localhost_ip.patch: Use '127.0.0.1'
instead of 'localhost' for PGHOST in the test suite since some broken
buildds cannot resolve 'localhost', which lets the stats test fail.
* Add debian/patches/52_testsuite-ignore-point.patch: Ignore failures in the
'point' regression test since on arm we get a different precision for some
test for some reason.
-- Martin Pitt <mpitt@debian.org> Thu, 22 Dec 2005 18:07:06 +0100
postgresql-7.4 (1:7.4.10-2) unstable; urgency=low
* debian/rules: Fail the build if the test suite fails. This will happen on
mips and mipsel, PostgreSQL does not work on these architectures. The mips
and mipsel binaries will be removed from sid and testing. Closes: #329197
-- Martin Pitt <mpitt@debian.org> Mon, 19 Dec 2005 12:58:57 +0100
postgresql-7.4 (1:7.4.10-1) unstable; urgency=low
* New upstream bugfix release:
- Fix race condition in transaction log management.
There was a narrow window in which an I/O operation could be
initiated for the wrong page, leading to an Assert failure or data
corruption.
- Prevent failure if client sends Bind protocol message when current
transaction is already aborted.
- "/contrib/ltree" fixes.
- AIX and HPUX compile fixes.
- Fix longstanding planning error for outer joins.
This bug sometimes caused a bogus error "RIGHT JOIN is only
supported with merge-joinable join conditions".
- Prevent core dump in pg_autovacuum when a table has been dropped.
* Ship upstream changelog.
* debian/postgresql-7.4.postrm: Check if a /etc/postgresql/7.4 subdirectory
is really a cluster directory before trying to remove it. Closes: #342350
-- Martin Pitt <mpitt@debian.org> Mon, 12 Dec 2005 17:31:31 +0100
postgresql-7.4 (1:7.4.9-2) unstable; urgency=low
* debian/postgresql-7.4.postrm: clean_dir(): Ensure that directory is not a
symbolic link before attempting to rmdir it. Closes: #334968
* Rebuild against OpenSSL 0.9.8.
-- Martin Pitt <mpitt@debian.org> Tue, 22 Nov 2005 14:13:34 +0100
postgresql-7.4 (1:7.4.9-1) unstable; urgency=low
* New upstream bugfix release.
* Adapted patches for new release:
- 03_check_rlimit_nofile.patch
- 12_gettext_domains.patch
* Removed patches which are upstream now:
- 15_timezone_inttimestamps.patch
* Fix installation of gettext MO files to actually ship them.
* debian/postgresql-7.4.postrm: Do not remove an empty /var/log/postgresql,
postgresql-common now cares for it to not break log rotation. (See
#325330)
* Add debian/patches/11_relax_sslkey_permscheck.patch:
- Relax security check on private SSL key file: The file is also
considered safe if it has owner and/or group "root", and if it is
group-readable (unless the group is something other than root or the
database owner group).
- See bug #327901.
* Build with gcc 3.3 on ia64, hppa, mips, mipsel, and sparc. Building with
gcc 4.0 causes bus errors. Closes: #329197.
* Add debian/patches/13_krb5_virtualserver.patch:
- Fix Kerberos authentication when using virtual hosts. Thanks to
pod@herald.ox.ac.uk for the patch.
- Closes: #320049
* debian/rules: Fix typo that prevented execution of the test suite.
-- Martin Pitt <mpitt@debian.org> Thu, 6 Oct 2005 23:05:22 +0200
postgresql-7.4 (1:7.4.8-17) unstable; urgency=low
* Add debian/patches/22_mips_gcc4.patch:
- Add a proper test-and-set function for mips and mipsel. Thanks to Thiemo
Seufer for the patch and Aurelien Jarno for his help. This now also
works with gcc 4.
* debian/control, debian/rules: Revert the "gcc 3.3 on mips" hack again.
* Remove debian/patches/11_default_authmethod.patch and
debian/patches/13_postgresql.conf.patch: pg_createcluster now does the
default configuration; bump version dependency for p-common accordingly.
-- Martin Pitt <mpitt@debian.org> Tue, 23 Aug 2005 19:54:29 +0200
postgresql-7.4 (1:7.4.8-16) unstable; urgency=low
* Use gcc-3.3, not 3.4 on mips/mipsel since 3.4 fails as well. Grrr.
-- Martin Pitt <mpitt@debian.org> Tue, 16 Aug 2005 11:36:41 +0200
postgresql-7.4 (1:7.4.8-15) unstable; urgency=low
* Add debian/patches/21_krb5_check_hostname.patch:
- Check that the hostname is actually set before attempting a KRB5
authenticated remote connection; this avoids a segfault if hostname is
not set. Closes: #320805.
* debian/rules: Additionally call make install-all-headers to get server
include files and make postgresql-server-dev-7.4 actually useful.
* debian/rules, mips[el] build:
- Remove the --disable-spinlock setting for mips[el] again since this does
not work.
- Instead build with gcc-3.4 on these platforms.
- debian/control: Add build dependency gcc-3.4 on mips and mipsel.
-- Martin Pitt <mpitt@debian.org> Tue, 16 Aug 2005 00:08:57 +0200
postgresql-7.4 (1:7.4.8-14) unstable; urgency=low
* debian/postgresql-contrib-7.4.install: Ship pgxml_dom.so. Closes: #319107 * debian/rules: - Robustify log output in case of a failed test suite; also print out regression.diffs if it fails. Closes: #319209 - Don't run the test suite if DEB_BUILD_OPTIONS contains "nocheck".
-- Martin Pitt <mpitt@debian.org> Wed, 20 Jul 2005 00:24:19 +0200
postgresql-7.4 (1:7.4.8-13) unstable; urgency=low
* Add debian/patches/20_disable_root_check.patch: Disable "am I root" test
in initdb and postmaster to be able to run the test suite at build time.
This check is already done in pg_createcluster.
* debian/rules: Remove all the chown/setuid crack and simply call "make
check" now; print the log files if the test fails.
* debian/patches/19_testsuite_params.patch: Disable authentication in the
test suite db since ident authentication does not work with fakeroot.
-- Martin Pitt <mpitt@debian.org> Fri, 15 Jul 2005 11:06:01 +0300
postgresql-7.4 (1:7.4.8-12) unstable; urgency=low
* debian/rules: Use start-stop-daemon instead of su to call the test suite
since su requires a terminal.
* debian/rules: Disable spinlocks on mips and mipsel for now since they
FTBFS with gcc-4.0.
-- Martin Pitt <mpitt@debian.org> Wed, 13 Jul 2005 22:24:49 +0300
postgresql-7.4 (1:7.4.8-11) unstable; urgency=low
* postgresql-client-7.4: Now suggest postgresql-7.4; clarified the
description wrt the server package (see #313247).
* Fix README.Debian symlink.
* Add debian/patches/18_build_kfreebsd.patch: Fix configure[.in] to work on
GNU/kFreeBSD. Thanks to Aurelien Jarno for the patch. Closes: #317368
* Add debian/patches/19_testsuite_params.patch: Use /tmp as the socket
directory when running the test suite.
* debian/rules: Call the test suite when building the package. Since
creating databases as root is not permitted, do this as "nobody" if run by
root (as on the buildds); don't do it at all if run with fakeroot.
* Bump Standards-Version to 3.6.2.
-- Martin Pitt <mpitt@debian.org> Tue, 12 Jul 2005 21:40:50 +0300
postgresql-7.4 (1:7.4.8-10) unstable; urgency=low
* postgresql-server-dev-7.4: Ship /usr/lib/postgresql/7.4/bin/pg_config.
Closes: #314636
* debian/postgresql-7.4.init: autovac-* functions in postgresql-common were
renamed to autovac_* to comply to POSIX shell standard (see #315551).
Adapted dependencies.
-- Martin Pitt <mpitt@debian.org> Sun, 26 Jun 2005 14:34:16 +0200
postgresql-7.4 (1:7.4.8-9) unstable; urgency=low
* debian/rules: Fix POT file generation.
* Added debian/patches/16_libpq_defaultsocketdir.patch:
- Set default socket directory for libpq to /var/run/postgresql.
Closes: #313608
* Added debian/patches/17_garbage_error_messages.patch:
- src/port/thread.c: Return NULL instead of uninitialized buffer if
strerror_r() fails.
- This fixes garbage error messages on failed connections.
Closes: #264603, #277757
- Backported from 8.0 tree.
-- Martin Pitt <mpitt@debian.org> Tue, 14 Jun 2005 19:48:33 +0200
postgresql-7.4 (1:7.4.8-8) unstable; urgency=low
* debian/rules: Generate POT files to help translators.
* Added debian/postgresql-7.4.links: Symlink README.Debian from
postgresql-common.
* Added debian/patches/15_timezone_inttimestamps.patch (stolen from CVS
head): Fix integer timestamps in time zone handling.
(Bugs #249417, #311533; closed in 8.0 upload).
* debian/control: Now build with libreadline5.
* Added debian/postgresql-server-dev-7.4.install, which was forgotten to be
committed into the arch repository and caused an empty package.
-- Martin Pitt <mpitt@debian.org> Mon, 13 Jun 2005 13:11:13 +0200
postgresql-7.4 (1:7.4.8-7) unstable; urgency=low
* First unstable upload.
-- Martin Pitt <mpitt@debian.org> Tue, 7 Jun 2005 12:24:18 +0200
postgresql-7.4 (1:7.4.8-6) experimental; urgency=low
* postgresql-contrib-7.4.install: Correct paths to install missing shared
files and documentation. (See bug #311553, closed in 8.0 upload).
-- Martin Pitt <mpitt@debian.org> Mon, 6 Jun 2005 11:25:24 +0200
postgresql-7.4 (1:7.4.8-5) experimental; urgency=low
* debian/postgresql-7.4.install: Install pg_encoding to enable encodings
other than SQL_ASCII.
-- Martin Pitt <mpitt@debian.org> Wed, 1 Jun 2005 22:52:59 +0200
postgresql-7.4 (1:7.4.8-4) experimental; urgency=low
* Add CAN numbers to previous changelogs. * debian/patches/13_postgresql.conf.patch: Enable tcpip_socket by default.
-- Martin Pitt <mpitt@debian.org> Sun, 29 May 2005 22:49:17 +0200
postgresql-7.4 (1:7.4.8-3) experimental; urgency=low
* Skipping version 7.4.8-2 since this already exists in unstable from the
legacy packages.
* debian/rules: Fixed documentation path configure option. Closes: #308986
-- Martin Pitt <mpitt@debian.org> Thu, 19 May 2005 18:20:27 +0200
postgresql-7.4 (1:7.4.8-1) experimental; urgency=low
* New upstream version:
- Prevent calling conversion functions by users. [CAN-2005-1409]
- Prevent calling tsearch2 functions by users. [CAN-2005-1410]
- Fix buffer overflows in the PL/PGSQL parser in gram.y. [CAN-2005-0247]
* Removed patch debian/patches/50_CAN-2005-0247.patch (contained in new
upstream version).
* Added postgresql-server-dev-7.4 package.
-- Martin Pitt <mpitt@debian.org> Thu, 12 May 2005 23:47:00 +0200
postgresql-7.4 (1:7.4.7-5) experimental; urgency=low
* Ship reindexdb in -contrib.
* Added debian/patches/14_pager.patch: Use /usr/bin/pager instead of more as
default pager in psql. (Bug #304459)
* Added debian/postgresql-doc-7.4.doc-base: Register doc package in
doc-base.
-- Martin Pitt <mpitt@debian.org> Tue, 19 Apr 2005 21:24:21 +1000
postgresql-7.4 (1:7.4.7-4) experimental; urgency=low
* Do not install pg_config, client applications are supposed to use
libpq-dev from 8.0.
* debian/postgresql-7.4.init: Added autovacuum functions.
-- Martin Pitt <mpitt@debian.org> Tue, 5 Apr 2005 22:42:58 +0200
postgresql-7.4 (1:7.4.7-3) experimental; urgency=low
* Renamed packages pg-pl*-7.4 to postgresql-pl*-7.4 for consistency.
* -contrib: Only recommend, not depend on libpg-perl and libdbd-pg-perl.
* Added debian/patches/13_postgresql.conf.patch:
- Patch for Debian changes to the default configuration.
- Enable stats_row_level to allow pg_autovacuum to work.
-- Martin Pitt <mpitt@debian.org> Sat, 2 Apr 2005 18:28:12 +0200
postgresql-7.4 (1:7.4.7-2) experimental; urgency=low
* Corrected pg-pltcl-7.4 dependency from libtcl8.4 to tcl8.4
* Now depend on postgresql-common >= 3 which provides more maintainer script
functions.
* Call new common maintainer script functions in postinst/postrm scripts.
* Compress manpages.
-- Martin Pitt <mpitt@debian.org> Sun, 20 Mar 2005 21:21:20 +0100
postgresql-7.4 (1:7.4.7-1) experimental; urgency=low
* First release for the multiversion/multicluster architecture.
* This version is not vulnerable to the following security vulnerabilities:
. Load arbitrary shared libs, execute startup function [CAN-2005-0227]
. Execute functions with aggregate wrapper [CAN-2005-0244]
. Buffer overflow and 64-bit issues in contrib/intagg [CAN-2005-0246]
. Insecure temporary files in make_oidjoins_check [CAN-2004-0977]
* Introduced epoch "1" to force libpq3 from this new architecture to be
always newer than the version from the legacy package.
-- Martin Pitt <mpitt@debian.org> Sun, 20 Feb 2005 23:49:14 +0100