[Pkg-postgresql-public] postgresql-9.2_9.2.4-1_amd64.changes ACCEPTED into experimental

Debian FTP Masters ftpmaster at ftp-master.debian.org
Thu Apr 4 13:34:20 UTC 2013 


Accepted:

-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA256

Format: 1.8
Date: Tue, 02 Apr 2013 10:13:55 +0200
Source: postgresql-9.2
Binary: libpq-dev libpq5 libecpg6 libecpg-dev libecpg-compat3 libpgtypes3 postgresql-9.2 postgresql-9.2-dbg postgresql-client-9.2 postgresql-server-dev-9.2 postgresql-doc-9.2 postgresql-contrib-9.2 postgresql-plperl-9.2 postgresql-plpython-9.2 postgresql-plpython3-9.2 postgresql-pltcl-9.2
Architecture: source amd64 all
Version: 9.2.4-1
Distribution: experimental
Urgency: low
Maintainer: Debian PostgreSQL Maintainers <pkg-postgresql-public at lists.alioth.debian.org>
Changed-By: Martin Pitt <mpitt at debian.org>
Description: 
 libecpg-compat3 - older version of run-time library for ECPG programs
 libecpg-dev - development files for ECPG (Embedded PostgreSQL for C)
 libecpg6   - run-time library for ECPG programs
 libpgtypes3 - shared library libpgtypes for PostgreSQL 9.2
 libpq-dev  - header files for libpq5 (PostgreSQL library)
 libpq5     - PostgreSQL C client library
 postgresql-9.2 - object-relational SQL database, version 9.2 server
 postgresql-9.2-dbg - debug symbols for postgresql-9.2
 postgresql-client-9.2 - front-end programs for PostgreSQL 9.2
 postgresql-contrib-9.2 - additional facilities for PostgreSQL
 postgresql-doc-9.2 - documentation for the PostgreSQL database management system
 postgresql-plperl-9.2 - PL/Perl procedural language for PostgreSQL 9.2
 postgresql-plpython-9.2 - PL/Python procedural language for PostgreSQL 9.2
 postgresql-plpython3-9.2 - PL/Python 3 procedural language for PostgreSQL 9.2
 postgresql-pltcl-9.2 - PL/Tcl procedural language for PostgreSQL 9.2
 postgresql-server-dev-9.2 - development files for PostgreSQL 9.2 server-side programming
Changes: 
 postgresql-9.2 (9.2.4-1) experimental; urgency=low
 .
   * New upstream security/bug fix release:
     - Fix insecure parsing of server command-line switches.
       A connection request containing a database name that begins with
       "-" could be crafted to damage or destroy files within the server's
       data directory, even if the request is eventually rejected.
       [CVE-2013-1899]
     - Reset OpenSSL randomness state in each postmaster child process.
       This avoids a scenario wherein random numbers generated by
       "contrib/pgcrypto" functions might be relatively easy for another
       database user to guess. The risk is only significant when the
       postmaster is configured with ssl = on but most connections don't
       use SSL encryption. [CVE-2013-1900]
     - Make REPLICATION privilege checks test current user not
       authenticated user.
       An unprivileged database user could exploit this mistake to call
       pg_start_backup() or pg_stop_backup(), thus possibly interfering
       with creation of routine backups. [CVE-2013-1901]
     - Fix GiST indexes to not use "fuzzy" geometric comparisons when it's
       not appropriate to do so.
       The core geometric types perform comparisons using "fuzzy"
       equality, but gist_box_same must do exact comparisons, else GiST
       indexes using it might become inconsistent. After installing this
       update, users should "REINDEX" any GiST indexes on box, polygon,
       circle, or point columns, since all of these use gist_box_same.
     - Fix erroneous range-union and penalty logic in GiST indexes that
       use "contrib/btree_gist" for variable-width data types, that is
       text, bytea, bit, and numeric columns.
       These errors could result in inconsistent indexes in which some
       keys that are present would not be found by searches, and also in
       useless index bloat. Users are advised to "REINDEX" such indexes
       after installing this update.
     - Fix bugs in GiST page splitting code for multi-column indexes.
       These errors could result in inconsistent indexes in which some
       keys that are present would not be found by searches, and also in
       indexes that are unnecessarily inefficient to search. Users are
       advised to "REINDEX" multi-column GiST indexes after installing
       this update.
     - See HISTORY/changelog.gz for details about other bug fixes.
   * Bump Standards-Version to 3.9.4 (no changes necessary).
Checksums-Sha1: 
 075aa988ddacd7aef699097b47baeb8d40e2553c 3321 postgresql-9.2_9.2.4-1.dsc
 75b53c884cb10ed9404747b51677358f12082152 16395184 postgresql-9.2_9.2.4.orig.tar.bz2
 841b466894de1390c71156dd355ed5f01eeafa1a 22725 postgresql-9.2_9.2.4-1.debian.tar.gz
 1014d2159bd42310cbc90096efab04d8a2fe496a 598370 libpq-dev_9.2.4-1_amd64.deb
 80fae17cd0e75cff76e77053ac78b8e2f16aac07 536444 libpq5_9.2.4-1_amd64.deb
 410f18de80d86b6698a703fa27fee24d2818a37e 495530 libecpg6_9.2.4-1_amd64.deb
 47e29a98e488ddcb63853764b0d1996a063dbe6f 627628 libecpg-dev_9.2.4-1_amd64.deb
 7c1362ce4562fcda9e008b1351646f4046599290 433228 libecpg-compat3_9.2.4-1_amd64.deb
 d89a5be23422dc0f54a6236432acca1a1bb81886 454628 libpgtypes3_9.2.4-1_amd64.deb
 f698ebd45cbafe151543abe1518e47e8d36dd883 3770544 postgresql-9.2_9.2.4-1_amd64.deb
 f9be511d9312af2c5505130e05876fb7dd9fe0d9 7530160 postgresql-9.2-dbg_9.2.4-1_amd64.deb
 c8fba6266868032163d5e3a55698c8708485360e 1395908 postgresql-client-9.2_9.2.4-1_amd64.deb
 f4e2faf188b67a6a3fc528a5bba9ebbe4c7a7e2f 990986 postgresql-server-dev-9.2_9.2.4-1_amd64.deb
 2a196f0bbbc009d2ef7d358251fc49936ae11809 2093138 postgresql-doc-9.2_9.2.4-1_all.deb
 7c3d21d5ac50a3f0caada07c973e19c9bf104f00 802142 postgresql-contrib-9.2_9.2.4-1_amd64.deb
 1aa395402dfdbdb8ad21db27ff51907a849ae145 473460 postgresql-plperl-9.2_9.2.4-1_amd64.deb
 0572b70cab67c58add0933b02ce767c3f5d642f3 462102 postgresql-plpython-9.2_9.2.4-1_amd64.deb
 4453a79f75bddf24a2742230530459f37abcd94d 461760 postgresql-plpython3-9.2_9.2.4-1_amd64.deb
 dd105ee8eb7b424efc8ba385180be7af0adef9f8 447826 postgresql-pltcl-9.2_9.2.4-1_amd64.deb
Checksums-Sha256: 
 c48b5ee900364828243ef67366d917f46c07f76f01d4c7796205c1c167f44f7f 3321 postgresql-9.2_9.2.4-1.dsc
 d97dd918a88a4449225998f46aafa85216a3f89163a3411830d6890507ffae93 16395184 postgresql-9.2_9.2.4.orig.tar.bz2
 91b419b4f057b4bc3206ab21b4af39f1803fa9f163402144c4ba0c166f89a205 22725 postgresql-9.2_9.2.4-1.debian.tar.gz
 d554bb05093af6f4fcaae7b3d9cf42021bd514757eb70c2ee31eeadfa0cd5c21 598370 libpq-dev_9.2.4-1_amd64.deb
 e747858ec5bbfc3bc1d7acefdb7c8cf4dac67af4db2fc8c7f4d63a510fa9cafe 536444 libpq5_9.2.4-1_amd64.deb
 f3ea94daa5a93f1ba3d2c4201d299ee4dc4f9dd8ad8836772c1fb1218a8a56cc 495530 libecpg6_9.2.4-1_amd64.deb
 9dcbae46e0c0efa53f11e790e18b69396cd70c07008ed4c8a55ab641d428da38 627628 libecpg-dev_9.2.4-1_amd64.deb
 0255cb9c260b644ae7489c85cc5a2fe98e7f93b9c22a0223d950c80a4f49f37c 433228 libecpg-compat3_9.2.4-1_amd64.deb
 78b44ad3954fdab5768ecf596295c30bb475df3508781777be4e3be8516551ac 454628 libpgtypes3_9.2.4-1_amd64.deb
 0287a9ea6e533ce1867e8928a7435cbacf0aa8d2cdd4b3fe0f52b7ea1c6b8160 3770544 postgresql-9.2_9.2.4-1_amd64.deb
 01d6d5c591b191e4217ea0a085eb741397c1db6887ee936c30cb06ea3ac75d4a 7530160 postgresql-9.2-dbg_9.2.4-1_amd64.deb
 cd3a5a667e9ec5bd7d5fd3bcd008125e223e16fde7d457c6c5c1793f22548a82 1395908 postgresql-client-9.2_9.2.4-1_amd64.deb
 a0b8e2cc9c3c4f3958cfd5c58424eee6efed3b71c8ad5079b1dcbeb341c69f68 990986 postgresql-server-dev-9.2_9.2.4-1_amd64.deb
 16c735e0e737474815b661f9975d3fefc4ba6c5768dad46f1bfca6734996a985 2093138 postgresql-doc-9.2_9.2.4-1_all.deb
 8c0183be055139d1429440a1fcbe61824dfbceb10019cd61b7dd0a9521ca3446 802142 postgresql-contrib-9.2_9.2.4-1_amd64.deb
 f2a683bb2b11185ced5f08a2c587237b7c94c6a765715951f3d50fe4d58ff1e9 473460 postgresql-plperl-9.2_9.2.4-1_amd64.deb
 4020165dde02f26343f5d260ea09697fca6aa5115ceb85b74871635237f8e8f4 462102 postgresql-plpython-9.2_9.2.4-1_amd64.deb
 ec6cd90e33e546cd12092677cd4589ff3a0eff5f2eab861584e55fe630b8f6a9 461760 postgresql-plpython3-9.2_9.2.4-1_amd64.deb
 a355ca2213abbe9bc60f5af88568f57c4eeb8fe6497fee82fda571a5e53fc0ec 447826 postgresql-pltcl-9.2_9.2.4-1_amd64.deb
Files: 
 fa46709568c3d9411224bab5bec06221 3321 database optional postgresql-9.2_9.2.4-1.dsc
 6ee5bb53b97da7c6ad9cb0825d3300dd 16395184 database optional postgresql-9.2_9.2.4.orig.tar.bz2
 22229c61494076e98ab374674d148630 22725 database optional postgresql-9.2_9.2.4-1.debian.tar.gz
 712d644c8594b918217cb396bf1458e6 598370 libdevel optional libpq-dev_9.2.4-1_amd64.deb
 147980865847b6bc87344a8637abb217 536444 libs optional libpq5_9.2.4-1_amd64.deb
 98772cd15325b394d8e458e87b31e70b 495530 libs optional libecpg6_9.2.4-1_amd64.deb
 387dd91ce8e2c733383a0f3134000cc1 627628 libdevel optional libecpg-dev_9.2.4-1_amd64.deb
 a70a12eb24310e4ca18daba2235c6b07 433228 libs optional libecpg-compat3_9.2.4-1_amd64.deb
 b463c2b1e917373a8ea77785ca018188 454628 libs optional libpgtypes3_9.2.4-1_amd64.deb
 2f1700276b6b0e0ab7f8cf7b740a10ec 3770544 database optional postgresql-9.2_9.2.4-1_amd64.deb
 cc864b5af93ad26a763bfaf8f046c1db 7530160 debug extra postgresql-9.2-dbg_9.2.4-1_amd64.deb
 18736e9b4f953d57a2476afe516227fb 1395908 database optional postgresql-client-9.2_9.2.4-1_amd64.deb
 460d30c9e0735eff1740125af275f771 990986 libdevel optional postgresql-server-dev-9.2_9.2.4-1_amd64.deb
 2d83e988468c1844e543e809ac46e2f8 2093138 doc optional postgresql-doc-9.2_9.2.4-1_all.deb
 43a8dc0e4d16434b6a6230a4a9d67441 802142 database optional postgresql-contrib-9.2_9.2.4-1_amd64.deb
 30b24d532558e73b9c3cb3a84b5e638a 473460 database optional postgresql-plperl-9.2_9.2.4-1_amd64.deb
 d457fa0fa3bd56d419a8a6eeaf00ba08 462102 database optional postgresql-plpython-9.2_9.2.4-1_amd64.deb
 e7a91d2d03cb0d9e1078c51fc070493e 461760 database optional postgresql-plpython3-9.2_9.2.4-1_amd64.deb
 5909c0208b6932838aac39e328324ee2 447826 database optional postgresql-pltcl-9.2_9.2.4-1_amd64.deb

-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.12 (GNU/Linux)

iQIcBAEBCAAGBQJRWpbCAAoJEPmIJawmtHufzVoP/2zT8kiNYY0MCQoDtmQ583SZ
6lZl5Rja0159sFkLWA+B8P8B1RLAhzYYR0WQ0rJaB9zr9ZxCQsRkNp0vsS4nwhtu
Oi1waAjquUy8HAHyvewL1ubrt4091Kx4Jiq2s23aVlqNMfyvf3fnixmOb0nzxEk6
5gcyHUl12/O2N31/K6u+mwrcRwegzUg0W6J3UXOEv4hiudpFcPFymEz9dnPNPmYk
RlAUoVSXEU+nT0PTiSTyrAy5trqyqSWeIlCFqaCx5ilM1zFk6gownASzJxLp7ObM
DdUQ/hJ6Fnv9XVc2ENsZWkAfH8ZuU/vRSiGvi8OKNsISJZ/VDrbDeFJM1NDYLamO
7yqEX8VSkCXrVgR7WxXaYNHzGAjf+Eacy58c6QyUAykLuUoCvcr2zNLPagoPuCuK
FiTI16QelWwLDt3nbTj5Dwa+HEegbdcDNjmf3NVFZF1xAY1mq+bopUWol166Kmev
3XTvUL6ZiJaz9GbqHgSUkQLwxnB9YuEX4eTXOlTCEFPl20kNNsVytz7LRcLhDa8m
deXv1mYDb3qP72H/d7U4StgQ5tCl0yJNJ2Z+PAsis7kWlSiJzY/Pf43iJwotQHrg
GDfqH4o9Gc5bz8qvNa7U/iGjGwIrkY4KmouGGzJRVJHrQ6ORgUP1DN9z1EVW1asH
O/jdNIg9XGyg3+xIN8HT
=9PRx
-----END PGP SIGNATURE-----


Thank you for your contribution to Debian.

More information about the Pkg-postgresql-public mailing list