Package "postgresql-client-8.4"

  postgresql-8.4 (8.4.17-0ubuntu12.04) precise-security; urgency=low

  * New upstream security/bug fix release: (LP: #1163184)
    - Reset OpenSSL randomness state in each postmaster child process.
      This avoids a scenario wherein random numbers generated by
      "contrib/pgcrypto" functions might be relatively easy for another
      database user to guess. The risk is only significant when the
      postmaster is configured with ssl = on but most connections don't
      use SSL encryption. [CVE-2013-1900]
    - Fix GiST indexes to not use "fuzzy" geometric comparisons when it's
      not appropriate to do so.
      The core geometric types perform comparisons using "fuzzy"
      equality, but gist_box_same must do exact comparisons, else GiST
      indexes using it might become inconsistent. After installing this
      update, users should "REINDEX" any GiST indexes on box, polygon,
      circle, or point columns, since all of these use gist_box_same.
    - Fix erroneous range-union and penalty logic in GiST indexes that
      use "contrib/btree_gist" for variable-width data types, that is
      text, bytea, bit, and numeric columns.
      These errors could result in inconsistent indexes in which some
      keys that are present would not be found by searches, and also in
      useless index bloat. Users are advised to "REINDEX" such indexes
      after installing this update.
    - Fix bugs in GiST page splitting code for multi-column indexes.
      These errors could result in inconsistent indexes in which some
      keys that are present would not be found by searches, and also in
      indexes that are unnecessarily inefficient to search. Users are
      advised to "REINDEX" multi-column GiST indexes after installing
      this update.
    - See HISTORY/changelog.gz for the other bug fixes.
 -- Martin Pitt <email address hidden> Tue, 02 Apr 2013 12:13:22 +0200

  postgresql-8.4 (8.4.16-0ubuntu12.04) precise-security; urgency=low

  * New upstream security/bug fix release: (LP: #1116336)
    - Prevent execution of enum_recv from SQL
      The function was misdeclared, allowing a simple SQL command to crash the
      server. In principle an attacker might be able to use it to examine the
      contents of server memory. Our thanks to Sumit Soni (via Secunia SVCRP)
      for reporting this issue. (CVE-2013-0255)
    - See HISTORY/changelog.gz for the other bug fixes.
 -- Martin Pitt <email address hidden> Tue, 05 Feb 2013 16:27:57 +0100

  postgresql-8.4 (8.4.15-0ubuntu12.04) precise-proposed; urgency=low

  * New upstream bug fix release: (LP: #1088393)
    - Fix multiple bugs associated with "CREATE INDEX CONCURRENTLY"
      Fix "CREATE INDEX CONCURRENTLY" to use in-place updates when
      changing the state of an index's pg_index row. This prevents race
      conditions that could cause concurrent sessions to miss updating
      the target index, thus resulting in corrupt concurrently-created
      indexes.
      Also, fix various other operations to ensure that they ignore
      invalid indexes resulting from a failed "CREATE INDEX CONCURRENTLY"
      command. The most important of these is "VACUUM", because an
      auto-vacuum could easily be launched on the table before corrective
      action can be taken to fix or remove the invalid index.
    - See HISTORY/changelog.gz for details about other bug fixes.
 -- Martin Pitt <email address hidden> Mon, 10 Dec 2012 15:38:48 +0100

  postgresql-8.4 (8.4.14-0ubuntu12.04.2) precise-proposed; urgency=low

  * debian/postgresql-8.4.preinst: Drop check for existing
    /etc/init.d/postgresql-common, as this depends on the unpack order.
    Instead bump the dependency on postgresql-common. (LP: #1058218)
 -- Martin Pitt <email address hidden> Fri, 12 Oct 2012 11:36:30 +0200

  postgresql-8.4 (8.4.14-0ubuntu12.04.1) precise-proposed; urgency=low

  * debian/postgresql-8.4.preinst: Do not only clean up the old -8.4 specific
    init script when upgrading from << 8.4.4-2, as we have newer upstream
    versions in lucid-updates. Instead, remove the version specific init
    script if we have the versionless one from postgresql-common. This fixes
    postgresql-8.4 not restarting after the upgrade. (LP: #1058218)