Invalid changelog.gz is supplied with postgresql-9.5 package

Bug #1829197 reported by Bogdan
16
This bug affects 3 people
Affects Status Importance Assigned to Milestone
postgresql-9.5 (Ubuntu)
Expired
Undecided
Unassigned

Bug Description

Hello!

# lsb_release -r
Release: 16.04
# apt-cache policy postgresql-9.5
postgresql-9.5:
  Installed: 9.5.17-0ubuntu0.16.04.1
  Candidate: 9.5.17-0ubuntu0.16.04.1
  Version table:
 *** 9.5.17-0ubuntu0.16.04.1 500
        500 http://nl.archive.ubuntu.com/ubuntu xenial-updates/main amd64 Packages
        500 http://security.ubuntu.com/ubuntu xenial-security/main amd64 Packages
        100 /var/lib/dpkg/status
     9.5.2-1 500
        500 http://nl.archive.ubuntu.com/ubuntu xenial/main amd64 Packages

Today we received recent version of postgresql via unattanded upgrades. I've checked the changelog and see no reason for such update there, it looks like pretty old changelog from old postgresql-11 buid:

# zcat /usr/share/doc/postgresql-9.5/changelog.Debian.gz | head
postgresql-11 (11.2-1.pgdg14.04+1) trusty-pgdg; urgency=medium

  * Rebuild for trusty-pgdg.
  * Changes applied by generate-pgdg-source:
    + Using old-style -dbg packages in debian/control.
    + Using old-style PIE config in debian/rules.
    + Disable llvm jit support.
    + Disable systemd support.

 -- PostgreSQL on Debian and Ubuntu <email address hidden> Wed, 30 Jan 2019 13:23:14 +0100

I expect an information about CVE caused the update.

Thank you.

ProblemType: Bug
DistroRelease: Ubuntu 16.04
Package: postgresql-9.5 9.5.17-0ubuntu0.16.04.1
ProcVersionSignature: Ubuntu 4.4.0-146.172-generic 4.4.177
Uname: Linux 4.4.0-146-generic x86_64
ApportVersion: 2.20.1-0ubuntu2.18
Architecture: amd64
Date: Wed May 15 10:06:29 2019
InstallationDate: Installed on 2015-12-15 (1247 days ago)
InstallationMedia: Ubuntu-Server 14.04.3 LTS "Trusty Tahr" - Beta amd64 (20150805)
ProcEnviron:
 TERM=xterm-256color
 PATH=(custom, no user)
 LANG=en_US.UTF-8
 SHELL=/bin/bash
SourcePackage: postgresql-9.5
UpgradeStatus: Upgraded to xenial on 2019-03-26 (50 days ago)

CVE References

Revision history for this message
Bogdan (bogdar) wrote :
Revision history for this message
Launchpad Janitor (janitor) wrote :

Status changed to 'Confirmed' because the bug affects multiple users.

Changed in postgresql-9.5 (Ubuntu):
status: New → Confirmed
Revision history for this message
Christian Ehrhardt  (paelzer) wrote :

Hi, at least as of today this seems to match well:

root@x:~# apt-cache policy postgresql-9.5
postgresql-9.5:
  Installed: 9.5.19-0ubuntu0.16.04.1
  Candidate: 9.5.19-0ubuntu0.16.04.1
  Version table:
 *** 9.5.19-0ubuntu0.16.04.1 500
        500 http://archive.ubuntu.com/ubuntu xenial-updates/main amd64 Packages
        500 http://security.ubuntu.com/ubuntu xenial-security/main amd64 Packages
        100 /var/lib/dpkg/status
     9.5.2-1 500
        500 http://archive.ubuntu.com/ubuntu xenial/main amd64 Packages

And the changelog is on 9.5.19
root@x:~# zcat /usr/share/doc/postgresql-9.5/changelog.Debian.gz | head
postgresql-9.5 (9.5.19-0ubuntu0.16.04.1) xenial-security; urgency=medium

  * SECURITY UPDATE: New upstream release (LP: #1839058)
    - Require schema qualification to cast to a temporary type when using
      functional cast syntax (CVE-2019-10208)
    - Fix failure of ALTER TABLE ... ALTER COLUMN TYPE when altering multiple
      columns' types in one command. This fixes a regression introduced in the
      most recent minor releases
    - Details about these and many further changes can be found at:
      https://www.postgresql.org/docs/9.5/static/release-9-5-19.html

You listed:
postgresql-11 (11.2-1.pgdg14.04+1) trusty-pgdg

That never existed in the Ubuntu archive.
It is most likely that you installed from upstreams PPA at https://wiki.postgresql.org/wiki/Apt
They produce such versions and it most likely is a conflict or remainder of that.

You'd need to clear out all non-Ubuntu-Archive packages to resolve this, as it isn't a Ubuntu packager there isn't much Ubuntu can do about it :-/

Changed in postgresql-9.5 (Ubuntu):
status: Confirmed → Incomplete
Revision history for this message
Christian Ehrhardt  (paelzer) wrote :

Thank you for taking the time to report this bug and helping to make Ubuntu better.

Since it seems likely to me that this is a local configuration problem, rather than a bug in Ubuntu, I'm marking this bug as Incomplete.

If indeed this is a local configuration problem, you can find pointers to get help for this sort of problem here: http://www.ubuntu.com/support/community

Or if you believe that this is really a bug, then you may find it helpful to read "How to report bugs effectively" http://www.chiark.greenend.org.uk/~sgtatham/bugs.html. We'd be grateful if you would then provide a more complete description of the problem, explain why you believe this is a bug in Ubuntu rather than a problem specific to your system, and then change the bug status back to New.

Revision history for this message
Launchpad Janitor (janitor) wrote :

[Expired for postgresql-9.5 (Ubuntu) because there has been no activity for 60 days.]

Changed in postgresql-9.5 (Ubuntu):
status: Incomplete → Expired
To post a comment you must log in.
This report contains Public information  
Everyone can see this information.

Other bug subscribers

Remote bug watches

Bug watches keep track of this bug in other bug trackers.