Publishing details
Changelog
postgresql-9.5 (9.5.2-1) unstable; urgency=medium
* New upstream version.
+ Disable abbreviated keys for string sorting in non-C locales
(Robert Haas)
PostgreSQL 9.5 introduced logic for speeding up comparisons of string
data types by using the standard C library function strxfrm() as a
substitute for strcoll(). It now emerges that most versions of glibc
(Linux's implementation of the C library) have buggy implementations of
strxfrm() that, in some locales, can produce string comparison results
that do not match strcoll(). Until this problem can be better
characterized, disable the optimization in all non-C locales. (C locale
is safe since it uses neither strcoll() nor strxfrm().)
Unfortunately, this problem affects not only sorting but also entry
ordering in B-tree indexes, which means that B-tree indexes on text,
varchar, or char columns may now be corrupt if they sort according to an
affected locale and were built or modified under PostgreSQL 9.5.0 or
9.5.1. Users should REINDEX indexes that might be affected.
It is not possible at this time to give an exhaustive list of
known-affected locales. C locale is known safe, and there is no
evidence of trouble in English-based locales such as en_US, but some
other popular locales such as de_DE are affected in most glibc versions.
+ Maintain row-security status properly in cached plans (Stephen Frost)
In a session that performs queries as more than one role, the plan cache
might incorrectly re-use a plan that was generated for another role ID,
thus possibly applying the wrong set of policies when row-level security
(RLS) is in use. (CVE-2016-2193)
+ Add must-be-superuser checks to some new contrib/pageinspect functions
(Andreas Seltenreich)
Most functions in the pageinspect extension that inspect bytea values
disallow calls by non-superusers, but brin_page_type() and
brin_metapage_info() failed to do so. Passing contrived bytea values to
them might crash the server or disclose a few bytes of server memory.
Add the missing permissions checks to prevent misuse. (CVE-2016-3065)
* 02-relax-sslkey-permscheck.patch: Replace with what went upstream in 9.6.
* Stop suggesting the use of identd.
* Modernize server package description.
* Recommend sysstat.
-- Christoph Berg <email address hidden> Tue, 29 Mar 2016 12:22:08 +0200
Builds
Built packages
-
libecpg-compat3
older version of run-time library for ECPG programs
-
libecpg-compat3-dbgsym
debug symbols for package libecpg-compat3
-
libecpg-dev
development files for ECPG (Embedded PostgreSQL for C)
-
libecpg-dev-dbgsym
debug symbols for package libecpg-dev
-
libecpg6
run-time library for ECPG programs
-
libecpg6-dbgsym
debug symbols for package libecpg6
-
libpgtypes3
shared library libpgtypes for PostgreSQL 9.5
-
libpgtypes3-dbgsym
debug symbols for package libpgtypes3
-
libpq-dev
header files for libpq5 (PostgreSQL library)
-
libpq-dev-dbgsym
debug symbols for package libpq-dev
-
libpq5
PostgreSQL C client library
-
libpq5-dbgsym
debug symbols for package libpq5
-
postgresql-9.5
object-relational SQL database, version 9.5 server
-
postgresql-9.5-dbg
debug symbols for postgresql-9.5
-
postgresql-9.5-dbgsym
debug symbols for package postgresql-9.5
-
postgresql-client-9.5
front-end programs for PostgreSQL 9.5
-
postgresql-client-9.5-dbgsym
debug symbols for package postgresql-client-9.5
-
postgresql-contrib-9.5
additional facilities for PostgreSQL
-
postgresql-contrib-9.5-dbgsym
debug symbols for package postgresql-contrib-9.5
-
postgresql-doc-9.5
documentation for the PostgreSQL database management system
-
postgresql-plperl-9.5
PL/Perl procedural language for PostgreSQL 9.5
-
postgresql-plperl-9.5-dbgsym
debug symbols for package postgresql-plperl-9.5
-
postgresql-plpython-9.5
PL/Python procedural language for PostgreSQL 9.5
-
postgresql-plpython-9.5-dbgsym
debug symbols for package postgresql-plpython-9.5
-
postgresql-plpython3-9.5
PL/Python 3 procedural language for PostgreSQL 9.5
-
postgresql-plpython3-9.5-dbgsym
debug symbols for package postgresql-plpython3-9.5
-
postgresql-pltcl-9.5
PL/Tcl procedural language for PostgreSQL 9.5
-
postgresql-pltcl-9.5-dbgsym
debug symbols for package postgresql-pltcl-9.5
-
postgresql-server-dev-9.5
development files for PostgreSQL 9.5 server-side programming
-
postgresql-server-dev-9.5-dbgsym
debug symbols for package postgresql-server-dev-9.5
Package files