1
postgresql-9.1 (9.1.8-0ubuntu11.10) oneiric-security; urgency=low
3
* New upstream security/bug fix release: (LP: #1116336)
4
- Prevent execution of enum_recv from SQL
5
The function was misdeclared, allowing a simple SQL command to crash the
6
server. In principle an attacker might be able to use it to examine the
7
contents of server memory. Our thanks to Sumit Soni (via Secunia SVCRP)
8
for reporting this issue. (CVE-2013-0255)
9
- See HISTORY/changelog.gz for the other bug fixes.
11
-- Martin Pitt <martin.pitt@ubuntu.com> Tue, 05 Feb 2013 18:13:52 +0100
13
postgresql-9.1 (9.1.7-0ubuntu11.10) oneiric-proposed; urgency=low
15
* New upstream bug fix release: (LP: #1088393)
16
- Fix multiple bugs associated with "CREATE INDEX CONCURRENTLY".
17
Fix "CREATE INDEX CONCURRENTLY" to use in-place updates when
18
changing the state of an index's pg_index row. This prevents race
19
conditions that could cause concurrent sessions to miss updating
20
the target index, thus resulting in corrupt concurrently-created
22
Also, fix various other operations to ensure that they ignore
23
invalid indexes resulting from a failed "CREATE INDEX CONCURRENTLY"
24
command. The most important of these is "VACUUM", because an
25
auto-vacuum could easily be launched on the table before corrective
26
action can be taken to fix or remove the invalid index.
27
- Fix buffer locking during WAL replay.
28
The WAL replay code was insufficiently careful about locking
29
buffers when replaying WAL records that affect more than one page.
30
This could result in hot standby queries transiently seeing
31
inconsistent states, resulting in wrong answers or unexpected
33
- See HISTORY/changelog.gz for the other bug fixes.
35
-- Martin Pitt <martin.pitt@ubuntu.com> Mon, 10 Dec 2012 15:04:42 +0100
37
postgresql-9.1 (9.1.6-0ubuntu11.10) oneiric-proposed; urgency=low
39
* New upstream bug fix release: (LP: #1055944)
40
- Fix persistence marking of shared buffers during WAL replay.
41
This mistake can result in buffers not being written out during
42
checkpoints, resulting in data corruption if the server later
43
crashes without ever having written those buffers. Corruption can
44
occur on any server following crash recovery, but it is
45
significantly more likely to occur on standby slave servers since
46
those perform much more WAL replay. There is a low probability of
47
corruption of btree and GIN indexes. There is a much higher
48
probability of corruption of table "visibility maps". Fortunately,
49
visibility maps are non-critical data in 9.1, so the worst
50
consequence of such corruption in 9.1 installations is transient
51
inefficiency of vacuuming. Table data proper cannot be corrupted by
53
While no index corruption due to this bug is known to have occurred
54
in the field, as a precautionary measure it is recommended that
55
production installations "REINDEX" all btree and GIN indexes at a
56
convenient time after upgrading to 9.1.6.
57
Also, if you intend to do an in-place upgrade to 9.2.X, before
58
doing so it is recommended to perform a "VACUUM" of all tables
59
while having vacuum_freeze_table_age set to zero. This will ensure
60
that any lingering wrong data in the visibility maps is corrected
61
before 9.2.X can depend on it. vacuum_cost_delay can be adjusted to
62
reduce the performance impact of vacuuming, while causing it to
63
take longer to finish.
64
- See HISTORY/changelog.gz for the other bug fixes.
66
-- Martin Pitt <martin.pitt@ubuntu.com> Tue, 25 Sep 2012 07:25:37 +0200
1
68
postgresql-9.1 (9.1.5-0ubuntu11.10) oneiric-security; urgency=low
3
70
* New upstream bug fix/security release:
added
removed
debian/changelog
