SEARCH
NEW RPMS
DIRECTORIES
ABOUT
FAQ
VARIOUS
BLOG

 
 
Changelog for postgresql-docs-8.0.13-1tr.i586.rpm :
Wed Apr 25 14:00:00 2007 Bipin S 8.0.13-1tr
- New upstream.
- SECURITY Fix: A vulnerability has been identified, which could
be exploited by malicious users to obtain elevated privileges.
This issue is caused by an insecure \"search_path\" settings,
which could be exploited by unprivileged users to gain the SQL
privileges of the owner of any SECURITY DEFINER function they
are allowed to call

The Common Vulnerabilities and Exposures project (cve.mitre.org) has
assigned the name CVE-2007-2138 to this issue.

Thu Feb 8 13:00:00 2007 Bipin S 8.0.12-1tr
- New upstream, fixes type-casting bug induced by previous security fix.

Wed Feb 7 13:00:00 2007 Bipin S 8.0.11-1tr
- New upstream.
- SECURITY Fix: An unspecified error can be used to suppress certain
checks, which ensure that SQL functions return the correct data type.
This can be exploited to crash the database backend or disclose
potentially sensitive information.
- An unspecified error when changing the data type of a table column
can be exploited to crash the database backend or disclose potentially
sensitive information.

The Common Vulnerabilities and Exposures project (cve.mitre.org) has
assigned the names CVE-2007-0555 and CVE-2007-0556 to these issues.

Wed Oct 25 14:00:00 2006 Bipin S 8.0.9-1tr
- New Upstream.
- SECURITY Fix: Some vulnerabilities have been reported in PostgreSQL,
which can be exploited by malicious users to cause a DoS (SA22562).
- An incorrect type check before coercing unknown literals
into the ANYARRY type can be exploited to cause a crash when converting
certain literals into ANYARRAY.
- An error exists within the handling of aggregate functions in UPDATE
statements, which can be exploited to crash the server backend.
- An error within the logging of V3-protocol execute messages of ROLLBACK
or COMMIT statements can be exploited to cause a crash.

Mon May 29 14:00:00 2006 Nived Gopalan 8.0.8-1tr
- New Upstream.
- SECURITY Fix: Akio Ishida and Yasuo Ohgaki have reported vulnerabilities
in PostgreSQL, which potentially can be exploited by malicious people
to conduct SQL injection attacks.
- The first issue is due to an input validation error when handling a
parameter containing invalidly-encoded multibyte characters, which
could be exploited by malicious people to bypass standard string-escaping
methods and conduct SQL injection attacks via a supposedly secure script.
- The second issue is due to an error when escaping ASCII single quote \"\'\"
characters (by turning them into \"\\\'\") and operating in multibyte
encodings that allow using the \"0x5c\" ASCII code (backslash) as the
trailing byte of a multibyte character, which could be exploited by
attackers to inject arbitrary SQL queries.

The Common Vulnerabilities and Exposures project (cve.mitre.org) has
assigned the names CVE-2006-2313 and CVE-2006-2314 to these issues.

Thu Feb 16 13:00:00 2006 Nived Gopalan 8.0.7-1tr
- New Upstream.
- SECURITY Fix: Akio Ishida has reported an error in \"SET SESSION
AUTHORIZATION\" command which can be exploited to crash the server
process, if it has been compiled with Asserts enabled.

The Common Vulnerabilities and Exposures project (cve.mitre.org) has
assigned the name CVE-2006-0678 to this issue.

Thu Jan 12 13:00:00 2006 Nived Gopalan 8.0.6-1tr
- New Upstream.

Wed Oct 5 14:00:00 2005 Ajith Thampi 8.0.4-1tr
- New Upstream

Mon Jun 13 14:00:00 2005 Bipin S 8.0.3-5tr
- Changed case (NAME=postgresql)

Fri Jun 10 14:00:00 2005 Bipin S 8.0.3-4tr
- Fixed Bug #888
- Changed NAME=Postgresql in initscript

Mon May 16 14:00:00 2005 Syed Shabir Zakiullah 8.0.3-2tr
- Rebuilt with -O2 -fomit-frame-pointer -pipe -s -mtune=pentium -march=pentium -fexpensive-optimizations -D_FILE_OFFSET_BITS=64 -D_LARGE_FILES=1 -D_LARGEFILE64_SOURCE=1=\"-02\" to fix segmentation fault while running initdb.

Wed May 11 14:00:00 2005 Ajith Thampi 8.0.3-1tr
- New Upstream
- Vendor Security Fix for CAN-2005-1409 and CAN-2005-1410

Fri May 6 14:00:00 2005 Ajith Thampi 8.0.2-3tr
- Fix Character Conversion Vulnerability, gives public EXECUTE access to
certain character conversion functions, which allows unprivileged
users to call those functions with malicious values, with unknown
impact. (CAN-2005-1409).
- Fix DOS Vulnerability, the (1) dex_init, (2) snb_en_init, (3) snb_ru_init,
(4) spell_init, and (5) syn_init functions as \"internal\" even when they
do not take an internal argument, which allows attackers to cause a
denial of service (application crash). (CAN-2005-1410)

Tue Apr 26 14:00:00 2005 Ajith Thampi 8.0.2-2tr
- Fix GCC-4.0.0 Build

Tue Apr 19 14:00:00 2005 Ajith Thampi 8.0.2-1tr
- New Upstream

Thu Apr 7 14:00:00 2005 Syed Shabir Zakiullah 8.0.1-4tr
- Rebuilt against new readline

Thu Mar 31 14:00:00 2005 Ajith Thampi 8.0.1-3tr
- Rebuilt with perl.req fix

Fri Mar 18 13:00:00 2005 Hasher Jamaludeen 8.0.1-2tr
- Rebuilt, added unpackaged files.

Fri Feb 4 13:00:00 2005 Erlend Midttun 8.0.1-1tr
- New upstream.

Thu Jan 20 13:00:00 2005 Erlend Midttun 8.0.0-1tr
- Official release.

Sun Dec 12 13:00:00 2004 Erlend Midttun 8.0.0-0.rc1-2tr
- Added conflicts to make swup manually upgrade

Thu Dec 9 13:00:00 2004 Erlend Midttun 8.0.0-0.rc1-1tr
- New upstream.

Fri Dec 3 13:00:00 2004 Erlend Midttun 8.0.0-0.beta5.2tr
- Now even do echo in stop().

Mon Nov 29 13:00:00 2004 Erlend Midttun 8.0.0-0.beta5.1tr
- New upstream.

Wed Nov 10 13:00:00 2004 Erlend Midttun 8.0.0-0.beta4.3tr
- Fix file conflict.

Tue Nov 9 13:00:00 2004 Oystein Viggen 8.0.0-0.beta4.2tr
- Rebuild with shared openssl

Thu Aug 26 14:00:00 2004 Erlend Midttun 7.4.5-1tr
- New upstream that fixes potential data loss bug.

Mon Mar 15 13:00:00 2004 Chr. Toldnes 7.4.2-1tr
- New upstream version
- Binary incompatible with all earier versions, thus manual-upgrade

Tue Feb 3 13:00:00 2004 Chr. Toldnes 7.4.1-3tr
- Removed support for tcl
- Cleanup

Tue Jan 20 13:00:00 2004 Jan�ke R�nnblom 7.4.1-2jr
- missing information_schema.sql, sql_features.txt
- missing buildrequire for readline-devel, ncurses-devel, zlib-devel,
openssl-devel, pam-devel
- /etc/sysconfig/postgresql has wrong paths, should be postgresql now
- /etc/init.d/postgresql had 7.3 instead of 7.4 which caused a error
message on startup

Mon Jan 19 13:00:00 2004 Erlend Midttun 7.4.1-1tr
- New upstream.

Tue Nov 25 13:00:00 2003 Erlend Midttun 7.4-1tr
- New upstream. Will need a dump of your current databases to work.
- Now use \"postgresql\" consistently.
- Removed jdbc drivers.

Thu Nov 6 13:00:00 2003 Chr. Toldnes 7.3.4-1tr
- New upstream version fixes buffer overflow.

Wed Jun 18 14:00:00 2003 Erlend Midttun 7.3.3-2tr
- Big rebuild

Tue Jun 10 14:00:00 2003 Erlend Midttun 7.3.3-1em
- New upstream.
- No longer delete postgreq user/group when uninstalling.
- Make initscript run initdb correctly.

Thu Jun 5 14:00:00 2003 Erlend Midttun 7.3.2-9em
- Try to resolve file conflicts.

Sat May 10 14:00:00 2003 Gerald Dachs 7.3.2-8gd
- moved /etc/postgresql/postgresql.conf to package postgresql

Fri May 9 14:00:00 2003 Gerald Dachs 7.3.2-7gd
- changed /var/run/pgsql to /var/run/postgresql
- added config files so that postgresql starts out of the box

Sat May 3 14:00:00 2003 Erlend Midttun 7.3.2-6em
- Try to fix the /var/log/pgsql file to directory conversion again.

Sat Mar 29 13:00:00 2003 Christian H. Toldnes 7.3.2-5ct
- Added some Debian patches. This one needs _lots_ of testing now, also
we should add a initscript configfile which control what interfaces to bind
to.

Fri Mar 28 13:00:00 2003 Erlend Midttun 7.3.2-4em
- Nothing

Fri Mar 28 13:00:00 2003 Erlend Midttun 7.3.2-3em
- Changed init script to hopefully work this time.
- Removed i18n stuff from init script and moved it into the rpm.
- Added logging.

Mon Mar 24 13:00:00 2003 Erlend Midttun 7.3.2-2em
- Rebuilt against glibc 2.3.2.

Thu Mar 13 13:00:00 2003 Erlend Midttun 7.3.2-1em
- Upgraded to 7.3.2.
- Threw out the C++ and the ODBC interfaces as they are no longer part
of the main PostgreSQL package.

Wed Jan 22 13:00:00 2003 Tor Hveem 7.2.2-7th
- fixed $INITLOCK

Fri Jan 17 13:00:00 2003 Gerald Dachs 7.2.2-6gd
- recompiled against openssl-0.9.7

Wed Dec 4 13:00:00 2002 Christian H. Toldnes 7.2.2-5ct
- postgresql initscript now follows policy.

Mon Nov 4 13:00:00 2002 Erlend Midttun 7.2.2-4em
- New bison.

Mon Sep 23 14:00:00 2002 Erlend Midttun 7.2.2-3em
- The file patch2 used to patch is dynamically generated. Therefore
the patch fails every now and again -> Making it a sed script instead.

Wed Sep 11 14:00:00 2002 Erlend Midttun 7.2.2-2em
- Fixed includes.

Wed Sep 4 14:00:00 2002 Erlend Midttun 7.2.2-1tr
- New upstream version, fixes four security holes. From the advisory:
- in handling long datetime input
- in repeat()
- in lpad() and rpad() with multibyte
- in SET TIME ZONE and TZ env var

Fri Aug 23 14:00:00 2002 Christian H. Toldnes 7.2.1-1ct
- New upstream version
- Major cleanup, but still a bit messy
- Built for TSL-2.0 on gcc-3.2

Mon Mar 18 13:00:00 2002 Christian H. Toldnes
- Added \" that arised when we added \"zlib >= 1.1.4\"

Fri Mar 15 13:00:00 2002 Christian H. Toldnes
- Package cleanup, new release to ensure restart due to broken zlib.
- Added Prereq zlib >= 1.1.4

Thu Jul 5 14:00:00 2001 Oystein Viggen
- Although we want it, we don\'t have python 2.0 yet.

Mon Jun 18 14:00:00 2001 Olaf Trygve Berglihn
- Added patch for python 2.0 support.

Mon Jun 18 14:00:00 2001 Oystein Viggen
- Fix problem with postgres account creation.

Mon Jun 11 14:00:00 2001 Oystein Viggen
- Snapshot for TSL
- Don\'t include tk and jdbc (java)

Sat Jun 9 14:00:00 2001 Lamar Owen
- Sync up with Trond\'s set.

Thu Jun 7 14:00:00 2001 Trond Eivind Glomsr�d
- Don\'t create postgres\' .bashrc from the server post script: include it instead
- Move the test packages from /usr/share/pgsql to /usr/lib/pgsql
- Move the symlinks libpq.so, libecpg.so, libpq++.so and libpgeasy.so to the devel subpackage from
libs
- Source the i18n data from the .bashrc instead of in the initscript

Mon May 28 14:00:00 2001 Trond Eivind Glomsr�d
- Handle i18n for database startup - backend needs to have the same locale everytime,
but this certainly can\'t be hardcoded to C either
- Fix stop, restart in initscript (#42217)
- Make database init _much_ less verbose
- other minor fixes to the initscript

Fri May 25 14:00:00 2001 Trond Eivind Glomsr�d
- 7.1.2

Thu May 24 14:00:00 2001 Lamar Owen
- 7.1.2-0.1.1.PGDG PRERELEASE
- Changed versioning and release numbering a little for better flexibility,
-- particularly for distribution packagers.
- Release numbering comment at top of spec, where it\'s more useful.
- Trimmed changelog to 7.1.x. See the last 7.0.3\'s specfile for the 7.0
-- changlog, and the last 6.5.3\'s specfile for the changelog prior to
-- 7.0.

Sun May 20 14:00:00 2001 Lamar Owen
- 7.1.1-4.PGDG
- _really_ got Python version agnosticism working.

Sat May 19 14:00:00 2001 Lamar Owen
- 7.1.1-3.PGDG Release
- Python version agnosticism.....

Tue May 15 14:00:00 2001 Trond Eivind Glomsr�d
- Use openssl
- Make it obsolete subpackages if they aren\'t built

Mon May 14 14:00:00 2001 Lamar Owen
- 7.1.1-2.PGDG Release.
- Appended .PGDG to release string to differentiate our RPM set from the others.
- /bin/sh fix in initscript
- README.rpm-dist updates.

Mon May 14 14:00:00 2001 Bernhard Rosenkraenzer 7.1.1-0.7
- Rebuild with new readline

Thu May 10 14:00:00 2001 Trond Eivind Glomsr�d
- Initial 7.1.1

Mon May 7 14:00:00 2001 Trond Eivind Glomsr�d
- Specify shell when running commands through su in the initscript, to avoid problems
when people switch the postgres user to use tcsh

Thu Apr 19 14:00:00 2001 Trond Eivind Glomsr�d
- JDBC driver for Postgresql 7.1

Sun Apr 15 14:00:00 2001 Trond Eivind Glomsr�d
- slightly different versioning scheming, will go back to the official
later when I\'m sure the package is ready to use

Fri Apr 13 14:00:00 2001 Lamar Owen
- 7.1 RELEASE
- 7.1-1 RPM RELEASE
- Change to COPTS -- strip out -ffastmath -- Considered Harmful.
- Back to old versioning scheme, kept teg\'s other fixes.
- README.rpm-dist updated.
- PGVERSION updated all-around (hopefully!)
- Couple of fixes from Peter E.
- Rearrange dependencies -- only the -libs subpackage is required for most stuff
- Removed broken and confusing logrotate script.

Mon Apr 9 14:00:00 2001 Trond Eivind Glomsr�d
- chown considered harmful - removed
- fix dangling symlimks (pg_crc.c)
- libpq.so changes for maximum compatiblity
- different versioning scheme, to avoid trouble later
- remove temporary perl file from the file list
- fix spelling error in tcl description
- mark odbcinst.ini as a config file
- use %defattr on packages which didn\'t have it

Sat Apr 7 14:00:00 2001 Lamar Owen
- Integrated the PL/Perl stuff from Karl DeBisschop --conditional.
- Packaging reorg: added contrib and docs subpackages.
- Removed sgml source docs from main package --> docs subpackage.
- Removed contrib tree from main package --> contrib subpackage.
- Contrib tree is now prebuilt -- HOWEVER, very little install work is
-- currently done with this.

Fri Apr 6 14:00:00 2001 Lamar Owen
- Quickie RC3. There will be a 7.1RC3-2 shortly with other stuff.

Tue Apr 3 14:00:00 2001 Lamar Owen
- RC2
- eliminate versioning information for ancilliary files in prep for CVS.
- Fix docs mixup.

Tue Mar 27 14:00:00 2001 Lamar Owen
- RC1 quickie.

Tue Mar 20 13:00:00 2001 Lamar Owen
- Beta 6 initial build.
- Use make install-all-headers instead of cpio hack for devel headers.
- Split out the libs into the libs subpackage.
- Updated initscript to use pg_ctl to stop
- Updated initscript to initdb and start postmaster with LC_ALL=C to
-- prevent index corruption.

Sun Jan 28 13:00:00 2001 Lamar Owen
- Beta4
- Return to \'pgsql\' directories instead of \'postgresql\'
- Better perl patches.

Mon Jan 15 13:00:00 2001 Lamar Owen
- Edit patches to get rid of some cruft.
- Eliminate some more pre-7.1 specfile baggage that is no longer necessary.
- Moved pg_id to server
- added Makefile.global and pg_config to devel
- Corrected /usr/include/pgsql to /usr/include/postgresql
- Fixed some configure options. Will be trying the configure macro next release
- Since it is terminally ill in this version pg_upgrade is _gone_.
- Thanks to Peter E for a good review.

Sun Jan 14 13:00:00 2001 Lamar Owen
- Running regression. 1 on the release-o-meter.
- Minor patches to get regression running right.
- Initscript tweaking -- the old test for a database structure fails with 7.1\'s new structure.

Sat Jan 13 13:00:00 2001 Lamar Owen
- Perl 5 needs to be built with PREFIX set on the Makefile, not GNUmakefile....
- The 7.1 build is different from the 7.0 build -- see the configure line.
- NOTE: many files that used to be in /usr/share/postgresql are now in /usr/share/postgresql!
- by request, conditional packages are now supported. See the top of the spec.
- Fixed the server postinstall problems.

Mon Jan 8 13:00:00 2001 Lamar Owen
- First 7.1 beta test-build


  
ICM