Changelog for
postgresql-devel-8.3.14-0.4.2.x86_64.rpm :
Fri Apr 1 14:00:00 2011 wrAATTrosenauer.org
- Security and bugfix release 8.3.14
CVE-2010-4014 CVE-2010-4015 (bnc#660478)
Thu Oct 7 14:00:00 2010 maxAATTsuse.de
- Security and bugfix release 8.3.12 (bnc#643771):
* Use a separate interpreter for each calling SQL userid in
PL/Perl and PL/Tcl (CVE-2010-3433).
* Prevent possible crashes in pg_get_expr() by disallowing it
from being called with an argument that is not one of the
system catalog columns it\'s intended to be used with.
* Fix incorrect usage of non-strict OR joinclauses in Append
indexscans.
* Fix possible duplicate scans of UNION ALL member relations.
* Fix \"cannot handle unplanned sub-select\" error.
* Fix failure to mark cached plans as transient.
* Reduce PANIC to ERROR in some occasionally-reported btree
failure cases, and provide additional detail in the resulting
error messages.
* Prevent show_session_authorization() from crashing within
autovacuum processes.
* Defend against functions returning setof record where not all
the returned rows are actually of the same rowtype.
* Fix possible failure when hashing a pass-by-reference function
result.
* Improve merge join\'s handling of NULLs in the join columns.
* Take care to fsync the contents of lockfiles (both
postmaster.pid and the socket lockfile) while writing them.
* Avoid recursion while assigning XIDs to heavily-nested
subtransactions.
* Avoid holding open old WAL segments in the walwriter process.
* Fix log_line_prefix\'s %i escape, which could produce junk
early in backend startup.
* Fix possible data corruption in ALTER TABLE ... SET TABLESPACE
when archiving is enabled.
* Allow CREATE DATABASE and ALTER DATABASE ... SET TABLESPACE to
be interrupted by query-cancel.
* Fix REASSIGN OWNED to handle operator classes and families.
* Fix possible core dump when comparing two empty tsquery
values.
* Fix LIKE\'s handling of patterns containing % followed by _
* In PL/Python, defend against null pointer results from
PyCObject_AsVoidPtr and PyCObject_FromVoidPtr.
* Make psql recognize DISCARD ALL as a command that should not
be encased in a transaction block in autocommit-off mode.
* Fix ecpg to process data from RETURNING clauses correctly.
* Improve contrib/dblink\'s handling of tables containing
columns.
* Fix connection leak after \"duplicate connection name\" errors
in contrib/dblink.
* Fix contrib/dblink to handle connection names longer than 62
bytes correctly.
* Add hstore(text, text) function to contrib/hstore.
Fri May 21 14:00:00 2010 maxAATTsuse.de
- Security and bugfix release 8.3.11 (bnc#607778):
* Enforce restrictions in plperl using an opmask applied to the
whole interpreter, instead of using Safe.pm
Recent developments have convinced us that Safe.pm is too
insecure to rely on for making plperl trustable. This change
removes use of Safe.pm altogether, in favor of using a
separate interpreter with an opcode mask that is always
applied. Pleasant side effects of the change include that it
is now possible to use Perl\'s strict pragma in a natural way
in plperl, and that Perl\'s $a and $b variables work as
expected in sort routines, and that function compilation is
significantly faster. (CVE-2010-1169)
* Prevent PL/Tcl from executing untrustworthy code from
pltcl_modules.
PL/Tcl\'s feature for autoloading Tcl code from a database
table could be exploited for trojan-horse attacks, because
there was no restriction on who could create or insert into
that table. This change disables the feature unless
pltcl_modules is owned by a superuser. (However, the
permissions on the table are not checked, so installations
that really need a less-than-secure modules table can still
grant suitable privileges to trusted non-superusers.) Also,
prevent loading code into the unrestricted \"normal\" Tcl
interpreter unless we are really going to execute a pltclu
function. (CVE-2010-1170)
* Fix possible crash if a cache reset message is received during
rebuild of a relcache entry. This error was introduced in
8.3.10 while fixing a related failure.
* Apply per-function GUC settings while running the language
validator for the function. This avoids failures if the
function\'s code is invalid without the setting; an example is
that SQL functions may not parse if the search_path is not
correct.
* Do not allow an unprivileged user to reset superuser-only
parameter settings. Previously, if an unprivileged user ran
ALTER USER ... RESET ALL for himself, or ALTER DATABASE
... RESET ALL for a database he owns, this would remove all
special parameter settings for the user or database, even ones
that are only supposed to be changeable by a superuser. Now,
the ALTER will only remove the parameters that the user has
permission to change.
* Avoid possible crash during backend shutdown if shutdown
occurs when a CONTEXT addition would be made to log entries.
In some cases the context-printing function would fail because
the current transaction had already been rolled back when it
came time to print a log message.
* Ensure the archiver process responds to changes in
archive_command as soon as possible.
* Update pl/perl\'s ppport.h for modern Perl versions.
* Fix assorted memory leaks in pl/python.
* Prevent infinite recursion in psql when expanding a variable
that refers to itself.
* Fix psql\'s \\copy to not add spaces around a dot within \\copy
(select ...). Addition of spaces around the decimal point in
a numeric literal would result in a syntax error.
* Fix unnecessary \"GIN indexes do not support whole-index scans\"
errors for unsatisfiable queries using contrib/intarray
operators.
* Ensure that contrib/pgstattuple functions respond to cancel
interrupts promptly.
* Make server startup deal properly with the case that shmget()
returns EINVAL for an existing shared memory segment.
* This behavior has been observed on BSD-derived kernels
including OS X. It resulted in an entirely-misleading startup
failure complaining that the shared memory request size was
too large.
* Add PKST (Pakistan Summer Time) to the default set of timezone
abbreviations.
Mon Mar 29 14:00:00 2010 maxAATTsuse.de
- Security and bugfix release 8.3.10:
* Add new configuration parameter ssl_renegotiation_limit to
control how often we do session key renegotiation for an SSL
connection.
This can be set to zero to disable renegotiation completely,
which may be required if a broken SSL library is used. In
particular, some vendors are shipping stopgap patches for
CVE-2009-3555 that cause renegotiation attempts to fail.
* Fix possible deadlock during backend startup.
* Fix possible crashes due to not handling errors during relcache
reload cleanly.
* Fix possible crash due to use of dangling pointer to a cached
plan.
* Fix possible crashes when trying to recover from a failure in
subtransaction start.
* Fix server memory leak associated with use of savepoints and a
client encoding different from server\'s encoding.
* Fix incorrect WAL data emitted during end-of-recovery cleanup
of a GIST index page split. This would result in index
corruption, or even more likely an error during WAL replay, if
we were unlucky enough to crash during end-of-recovery cleanup
after having completed an incomplete GIST insertion.
* Make substring() for bit types treat any negative length as
meaning \"all the rest of the string\". The previous coding
treated only -1 that way, and would produce an invalid result
value for other negative values, possibly leading to a crash
(CVE-2010-0442).
* Fix integer-to-bit-string conversions to handle the first
fractional byte correctly when the output bit width is wider
than the given integer by something other than a multiple of 8
bits.
* Fix some cases of pathologically slow regular expression
matching.
* Fix assorted crashes in xml processing caused by sloppy memory
management. This is a back-patch of changes first applied in
8.4. The 8.3 code was known buggy, but the new code was
sufficiently different to not want to back-patch it until it
had gotten some field testing.
* Fix bug with trying to update a field of an element of a
composite-type array column.
* Fix the STOP WAL LOCATION entry in backup history files to
report the next WAL segment\'s name when the end location is
exactly at a segment boundary.
* Fix some more cases of temporary-file leakage. This corrects a
problem introduced in the previous minor release. One case
that failed is when a plpgsql function returning set is called
within another function\'s exception handler.
* Improve constraint exclusion processing of boolean-variable
cases, in particular make it possible to exclude a partition
that has a \"bool_column = false\" constraint.
* When reading \"pg_hba.conf\" and related files, do not treat
AATTsomething as a file inclusion request if the AATT appears inside
quote marks; also, never treat AATT by itself as a file inclusion
request. This prevents erratic behavior if a role or database
name starts with AATT. If you need to include a file whose path
name contains spaces, you can still do so, but you must write
AATT\"/path to/file\" rather than putting the quotes around the
whole construct.
* Prevent infinite loop on some platforms if a directory is named as
an inclusion target in \"pg_hba.conf\" and related files.
* Fix possible infinite loop if SSL_read or SSL_write fails
without setting errno. This is reportedly possible with some
Windows versions of openssl.
* Disallow GSSAPI authentication on local connections, since it
requires a hostname to function correctly.
* Make ecpg report the proper SQLSTATE if the connection
disappears.
* Fix psql\'s numericlocale option to not format strings it
shouldn\'t in latex and troff output formats.
* Make psql return the correct exit status (3) when ON_ERROR_STOP
and --single-transaction are both specified and an error occurs
during the implied \"COMMIT\".
* Fix plpgsql failure in one case where a composite column is set
to NULL.
* Fix possible failure when calling PL/Perl functions from
PL/PerlU or vice versa.
* Add volatile markings in PL/Python to avoid possible
compiler-specific misbehavior.
* Ensure PL/Tcl initializes the Tcl interpreter fully. The only
known symptom of this oversight is that the Tcl clock command
misbehaves if using Tcl 8.5 or later.
* Prevent crash in \"contrib/dblink\" when too many key columns are
specified to a dblink_build_sql_
* function.
* Allow zero-dimensional arrays in \"contrib/ltree\" operations.
This case was formerly rejected as an error, but it\'s more
convenient to treat it the same as a zero-element array. In
particular this avoids unnecessary failures when an ltree
operation is applied to the result of ARRAY(SELECT ...) and the
sub-select returns no rows.
* Fix assorted crashes in \"contrib/xml2\" caused by sloppy memory
management.
Thu Dec 17 13:00:00 2009 maxAATTsuse.de
- security and bugfix release 8.3.9:
* Protect against indirect security threats caused by index
functions changing session-local state. This change prevents
allegedly-immutable index functions from possibly subverting a
superuser\'s session (CVE-2009-4136).
* Reject SSL certificates containing an embedded null byte in
the common name (CN) field. This prevents unintended matching
of a certificate to a server or client name during SSL
validation (CVE-2009-4034).
* Fix possible crash during backend-startup-time cache
initialization.
* Avoid crash on empty thesaurus dictionary.
* Prevent signals from interrupting VACUUM at unsafe times. This
fix prevents a PANIC if a VACUUM FULL is cancelled after it\'s
already committed its tuple movements, as well as transient
errors if a plain VACUUM is interrupted after having truncated
the table.
* Fix possible crash due to integer overflow in hash table size
calculation. This could occur with extremely large planner
estimates for the size of a hashjoin\'s result.
* Fix very rare crash in inet/cidr comparisons.
* Ensure that shared tuple-level locks held by prepared
transactions are not ignored.
* Fix premature drop of temporary files used for a cursor that
is accessed within a subtransaction.
* Fix memory leak in syslogger process when rotating to a new
CSV logfile.
* Fix incorrect logic for GiST index page splits, when the split
depends on a non-first column of the index.
* Don\'t error out if recycling or removing an old WAL file fails
at the end of checkpoint. It\'s better to treat the problem as
non-fatal and allow the checkpoint to complete. Future
checkpoints will retry the removal. Such problems are not
expected in normal operation, but have been seen to be caused
by misdesigned Windows anti-virus and backup software.
* Ensure WAL files aren\'t repeatedly archived on Windows. This
is another symptom that could happen if some other process
interfered with deletion of a no-longer-needed file.
* Fix PAM password processing to be more robust. The previous
code is known to fail with the combination of the Linux
pam_krb5 PAM module with Microsoft Active Directory as the
domain controller. It might have problems elsewhere too, since
it was making unjustified assumptions about what arguments the
PAM stack would pass to it.
* Raise the maximum authentication token (Kerberos ticket) size
in GSSAPI and SSPI authentication methods. While the old
2000-byte limit was more than enough for Unix Kerberos
implementations, tickets issued by Windows Domain Controllers
can be much larger.
* Re-enable collection of access statistics for sequences. This
used to work but was broken in 8.3.
* Fix processing of ownership dependencies during CREATE OR
REPLACE FUNCTION.
* Fix incorrect handling of WHERE \"x\"=\"x\" conditions. In some
cases these could get ignored as redundant, but they aren\'t --
they\'re equivalent to \"x\" IS NOT NULL.
* Make text search parser accept underscores in XML attributes.
* Fix encoding handling in xml binary input. If the XML header
doesn\'t specify an encoding, we now assume UTF-8 by default;
the previous handling was inconsistent.
* Fix bug with calling plperl from plperlu or vice versa. An
error exit from the inner function could result in crashes due
to failure to re-select the correct Perl interpreter for the
outer function.
* Fix session-lifespan memory leak when a PL/Perl function is
redefined.
* Ensure that Perl arrays are properly converted to PostgreSQL
arrays when returned by a set-returning PL/Perl function.
This worked correctly already for non-set-returning functions.
* Fix rare crash in exception processing in PL/Python.
* Ensure psql\'s flex module is compiled with the correct system
header definitions. This fixes build failures on platforms
where --enable-largefile causes incompatible changes in the
generated code.
* Make the postmaster ignore any application_name parameter in
connection request packets, to improve compatibility with
future libpq versions.
* Update the timezone abbreviation files to match current
reality. This includes adding IDT and SGT to the default
timezone abbreviation set.
Tue Sep 15 14:00:00 2009 maxAATTsuse.de
- New patchlevel: 8.3.8
- Security fixes (bnc#537706):
* Disallow RESET ROLE and RESET SESSION AUTHORIZATION inside
security-definer functions. This covers a case that was missed
in the previous patch that disallowed SET ROLE and SET SESSION
AUTHORIZATION inside security-definer functions. (See
CVE-2007-6600)
* Make LOAD of an already-loaded loadable module into a no-op.
Formerly, LOAD would attempt to unload and re-load the module,
but this is unsafe and not all that useful.
* Disallow empty passwords during LDAP authentication.
- For the other bug fixes, see the release notes at
http://www.postgresql.org/docs/current/static/release-8-3-8.html
Mon Mar 23 13:00:00 2009 maxAATTsuse.de
- Security release 8.3.7
* Fixes a vulnerability that allowed remote authenticated
users to cause a denial of service (stack consumption)
via mismatched encoding conversion requests.
* Details of the other bugfixes contained in this and
previous releases can be found here:
http://www.postgresql.org/docs/8.3/static/release.html
/usr/share/doc/packages/postgresql/HISTORY
- Users of GiST indexes should \"REINDEX\" them after installing
this update.
- Re-added libpgport.a to the devel package, as some apps require
it, although it is meant to be internal to the PostgreSQL
backend.
- Fix removal of leftover files on database startup (bnc#473644).
Wed Jan 7 13:00:00 2009 olhAATTsuse.de
- obsolete old -XXbit packages (bnc#437293)
Wed Nov 5 13:00:00 2008 maxAATTsuse.de
- Bugfix release: 8.3.5
* Fix GiST index corruption due to marking the wrong index
entry \"dead\" after a deletion. This would result in index
searches failing to find rows they should have found.
* Fix backend crash when the client encoding cannot represent a
localized error message.
* Fix possible crash in bytea-to-XML mapping.
* Fix possible crash when deeply nested functions are invoked
from a trigger.
* Improve optimization of \"expression\" IN (\"expression-list\")
queries.
* Fix mis-expansion of rule queries when a sub-SELECT appears
in a function call in FROM, a multi-row VALUES list, or a
RETURNING list.
* Fix Assert failure during rescan of an IS NULL search of
a GiST index.
* Fix memory leak during rescan of a hashed aggregation plan.
* Ensure an error is reported when a newly-defined PL/pgSQL
trigger function is invoked as a normal function.
* Force a checkpoint before \"CREATE DATABASE\" starts to copy
files This prevents a possible failure if files had recently
been deleted in the source database.
* Prevent possible collision of relfilenode numbers when moving
a table to another tablespace with \"ALTER SET TABLESPACE\".
* Fix incorrect text search headline generation when single
query item matches first word of text.
* Fix improper display of fractional seconds in interval
values when using a non-ISO datestyle in an
\"--enable-integer-datetimes\" build.
* Make ILIKE compare characters case-insensitively even when
they\'re escaped.
* Ensure \"DISCARD\" is handled properly by statement logging.
* Fix incorrect logging of last-completed-transaction time
during PITR recovery.
* Ensure SPI_getvalue and SPI_getbinval behave correctly when
the passed tuple and tuple descriptor have different numbers
of columns.
* Fix small memory leak when using libpq\'s gsslib parameter.
* Ensure libgssapi is linked into libpq if needed.
* Fix ecpg\'s parsing of \"CREATE ROLE\".
* Fix recent breakage of pg_ctl restart.
Thu Sep 25 14:00:00 2008 maxAATTsuse.de
- Bugfix release: 8.3.4
- Issues fixed include autovacuum crashes reported by several
users, two Heap Only Tuple bugs, a foreign key failure
condition, a too-small lock address space, two Write Ahead Log
bugs, several planner mistakes, and numerous \"corner condition\"
bugs.
Fri Sep 5 14:00:00 2008 maxAATTsuse.de
- New version: 8.3.3 with countless bug fixes over 8.3.1.
- For details, see
http://www.postgresql.org/docs/8.3/static/release-8-3-2.html ,
http://www.postgresql.org/docs/8.3/static/release-8-3-3.html ,
or /usr/share/doc/packages/postgresql/HISTORY .
Thu Aug 28 14:00:00 2008 cthielAATTsuse.de
- fix init script
Mon May 19 14:00:00 2008 schwabAATTsuse.de
- Fix broken configure check.
Fri May 9 14:00:00 2008 ajAATTsuse.de
- Add baselibs.conf.
Fri Apr 18 14:00:00 2008 maxAATTsuse.de
- Removed static libs from postgresql-devel.
- Removed more old Obsoletes: tags.
- Fixed path to pid file in init script.
- Moved \"make check\" to %check section
- Silence some bogus rpmlint warnings
Thu Apr 10 14:00:00 2008 maxAATTsuse.de
- Adopt the 8.3.1 package from Peter Eisentraut\'s OBS project.
- New features in PostgreSQL 8.3 include:
* Full text search is integrated into the core database system
* Support for the SQL/XML standard, including new operators and
an XML data type
* Enumerated data types (ENUM)
* Arrays of composite types
* Universally Unique Identifier (UUID) data type
* Add control over whether NULLs sort first or last
* Updatable cursors
* Server configuration parameters can now be set on a
per-function basis
* User-defined types can now have type modifiers
* Automatically re-plan cached queries when table definitions
change or statistics are updated
* Numerous improvements in logging and statistics collection
* Support multiple concurrent autovacuum processes, and other
autovacuum improvements
- Remove old provides/obsoletes tags for way-back package renames.
Thu Apr 10 14:00:00 2008 roAATTsuse.de
- added baselibs.conf file to build xxbit packages
for multilib support
Thu Jan 10 13:00:00 2008 maxAATTsuse.de
- Update to 8.2.6 to fix five security issues:
- Index Functions Privilege Escalation: CVE-2007-6600
- Regular Expression Denial-of-Service: CVE-2007-4772,
CVE-2007-6067, CVE-2007-4769, #329282
- DBLink Privilege Escalation: CVE-2007-6601, #328403
Wed Jun 6 14:00:00 2007 maxAATTsuse.de
- New version: 8.2.4
- The list of changes between the 8.1 and 8.2 series is too long
to reproduce here. It can be found under
/usr/share/doc/packages/postgresql/HISTORY when the postgresql
package is installed or online at http://www.postgresql.org.
- Splited the postgresql-pl package into individual packages for
PL/Perl, PL/Python and PL/Tcl.
- Added a config file for SuSEfirewall2 (#247370).
Thu Mar 29 14:00:00 2007 rguentherAATTsuse.de
- Add bison, flex and zlib-devel BuildRequires.
Tue Oct 17 14:00:00 2006 maxAATTsuse.de
- New patchlevel release: 8.1.5
- Disallow aggregate functions in \"UPDATE\" commands, except within
sub-SELECTs. The behavior of such an aggregate was unpredictable,
and in 8.1.X could cause a crash, so it has been disabled.
- Fix core dump when an untyped literal is taken as ANYARRAY.
- Fix core dump in duration logging for extended query protocol when
a \"COMMIT\" or \"ROLLBACK\" is executed.
- Fix mishandling of AFTER triggers when query contains a SQL function
returning multiple rows.
- Fix \"ALTER TABLE ... TYPE\" to recheck NOT NULL for USING clause.
- Fix string_to_array() to handle overlapping matches for the
separator string.
- Fix to_timestamp() for AM/PM formats.
- Fix autovacuum\'s calculation that decides whether \"ANALYZE\" is
needed.
- Fix corner cases in pattern matching for psql\'s \\d commands.
- Fix index-corrupting bugs in /contrib/ltree.
- Numerous robustness fixes in ecpg.
- Fix backslash escaping in /contrib/dbmirror.
- Minor fixes in /contrib/dblink and /contrib/tsearch2.
- Efficiency improvements in hash tables and bitmap index scans.