-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA512 Format: 1.8 Date: Tue, 06 Feb 2024 13:54:51 +0100 Source: postgresql-13 Binary: libecpg-compat3 libecpg-compat3-dbgsym libecpg-dev libecpg-dev-dbgsym libecpg6 libecpg6-dbgsym libpgtypes3 libpgtypes3-dbgsym libpq-dev libpq5 libpq5-dbgsym postgresql-13 postgresql-13-dbgsym postgresql-client-13 postgresql-client-13-dbgsym postgresql-plperl-13 postgresql-plperl-13-dbgsym postgresql-plpython3-13 postgresql-plpython3-13-dbgsym postgresql-pltcl-13 postgresql-pltcl-13-dbgsym postgresql-server-dev-13 Architecture: amd64 Version: 13.14-0+deb11u1 Distribution: bullseye-security Urgency: medium Maintainer: amd64 / i386 Build Daemon (x86-ubc-01) Changed-By: Christoph Berg Description: libecpg-compat3 - older version of run-time library for ECPG programs libecpg-dev - development files for ECPG (Embedded PostgreSQL for C) libecpg6 - run-time library for ECPG programs libpgtypes3 - shared library libpgtypes for PostgreSQL 13 libpq-dev - header files for libpq5 (PostgreSQL library) libpq5 - PostgreSQL C client library postgresql-13 - The World's Most Advanced Open Source Relational Database postgresql-client-13 - front-end programs for PostgreSQL 13 postgresql-plperl-13 - PL/Perl procedural language for PostgreSQL 13 postgresql-plpython3-13 - PL/Python 3 procedural language for PostgreSQL 13 postgresql-pltcl-13 - PL/Tcl procedural language for PostgreSQL 13 postgresql-server-dev-13 - development files for PostgreSQL 13 server-side programming Changes: postgresql-13 (13.14-0+deb11u1) bullseye-security; urgency=medium . * New upstream version. . * Tighten security restrictions within REFRESH MATERIALIZED VIEW CONCURRENTLY (Heikki Linnakangas) . One step of a concurrent refresh command was run under weak security restrictions. If a materialized view's owner could persuade a superuser or other high-privileged user to perform a concurrent refresh on that view, the view's owner could control code executed with the privileges of the user running REFRESH. Fix things so that all user-determined code is run as the view's owner, as expected. . The PostgreSQL Project thanks Pedro Gallegos for reporting this problem. (CVE-2024-0985) Checksums-Sha1: 25ac4f3118a6da1200e4378b63b9422bdce0100d 38096 libecpg-compat3-dbgsym_13.14-0+deb11u1_amd64.deb 84c8c9ec2cc8a5c527af0b3ecc5877f238e08997 27140 libecpg-compat3_13.14-0+deb11u1_amd64.deb bf16a8fcad5194cecb24efd97cafb6aef452ac5b 225968 libecpg-dev-dbgsym_13.14-0+deb11u1_amd64.deb acd453c20cb92f607ef59292bfe8d4a2cb49c895 285912 libecpg-dev_13.14-0+deb11u1_amd64.deb 1bd16034accedca08aed648bc6e0709aadf64db5 111240 libecpg6-dbgsym_13.14-0+deb11u1_amd64.deb 338703d9035bfb223f704b86fdeeff0654892b30 63020 libecpg6_13.14-0+deb11u1_amd64.deb 3a3ad0db4fde27f4fddf6eed317906973eee1792 89080 libpgtypes3-dbgsym_13.14-0+deb11u1_amd64.deb 4ed916fc896bb0eb39f402e816213b637eebfc77 49380 libpgtypes3_13.14-0+deb11u1_amd64.deb ff3a8b4e9edfd8e4ce35db84754880f0283d023d 141464 libpq-dev_13.14-0+deb11u1_amd64.deb 496b1eab03a5c3b3d2732b1a5cdd64bff0947b6c 254060 libpq5-dbgsym_13.14-0+deb11u1_amd64.deb 1572e560178d577d93fd3dd4c9b0ddf953543ea5 181912 libpq5_13.14-0+deb11u1_amd64.deb 366498502578b551cb5c48e21e665eebef7d6aaa 15024084 postgresql-13-dbgsym_13.14-0+deb11u1_amd64.deb 6525b22cb80835fdda2fb0965a8eb5b52be4f5dd 16393 postgresql-13_13.14-0+deb11u1_amd64-buildd.buildinfo 7165104f1967e016cce2e113908bfbbe63bd7666 15177068 postgresql-13_13.14-0+deb11u1_amd64.deb aa5b4d57175e62f70122035a23aa2fc26a56ddae 1855852 postgresql-client-13-dbgsym_13.14-0+deb11u1_amd64.deb 89d5e7d45e6ea5b208f0676f0619ce8a887e857a 1513108 postgresql-client-13_13.14-0+deb11u1_amd64.deb 1ccca57881a03e4babd552eabf1c454311624c17 157820 postgresql-plperl-13-dbgsym_13.14-0+deb11u1_amd64.deb dd79d9578f643a0492e20a653b2cb40fd48c3f4c 89492 postgresql-plperl-13_13.14-0+deb11u1_amd64.deb d4d5fd0e54f75d5e81469b5d154602efe2d5ea03 159348 postgresql-plpython3-13-dbgsym_13.14-0+deb11u1_amd64.deb 04fc109c142344a8f7da1be3af099a342a3ca974 109504 postgresql-plpython3-13_13.14-0+deb11u1_amd64.deb bb4c0aa0ff83a1795aa196d7459371c860975257 74676 postgresql-pltcl-13-dbgsym_13.14-0+deb11u1_amd64.deb 08d721477d95a1cc1d040b95936e8dde39da6889 43340 postgresql-pltcl-13_13.14-0+deb11u1_amd64.deb 5a03d6f3209c1a587276b2a8fc17ac5f3e31578b 1042488 postgresql-server-dev-13_13.14-0+deb11u1_amd64.deb Checksums-Sha256: 69439fb12a08040faefccdfcfe48587b22458d9bd1e81d8b6d539fa77668c5c2 38096 libecpg-compat3-dbgsym_13.14-0+deb11u1_amd64.deb baabf21f2d23bd38d3db02200b76d58c61c1ef2cfac1e5e248a3c804a122102e 27140 libecpg-compat3_13.14-0+deb11u1_amd64.deb 58fccde0bf535620f28637dc729ef471a9df60b091765b4f3425f7d4283eacc9 225968 libecpg-dev-dbgsym_13.14-0+deb11u1_amd64.deb 92441b9ed1b30cd365d416514d93b4513bb7b569844fec719343f533767b300b 285912 libecpg-dev_13.14-0+deb11u1_amd64.deb 5b9b33be3df718d9d6c40d460058e8464a023b285e2e9207b348cb74fa1b516d 111240 libecpg6-dbgsym_13.14-0+deb11u1_amd64.deb 82673845d25bf49555de95b25b5fcf33570b78cf02c6e49b56c104c57d3c3b49 63020 libecpg6_13.14-0+deb11u1_amd64.deb 6c870738d1e0a77b1bfae85edec05e79d9b02eed41e359be952461b5bc41b54d 89080 libpgtypes3-dbgsym_13.14-0+deb11u1_amd64.deb ec7a38a32ee585db1ea7903307d9973c4a2496558d2b2d008977a27c2ac61134 49380 libpgtypes3_13.14-0+deb11u1_amd64.deb 46c461f9d283b841933350aef425bf0fdb025846401da500974f7ca60a97b5a5 141464 libpq-dev_13.14-0+deb11u1_amd64.deb 9d0348f31bfd69d58f9c5cd4a2480db713cd00c79f9315cffa59c412a8bf7346 254060 libpq5-dbgsym_13.14-0+deb11u1_amd64.deb 2b6f5e6537b35b2a1e64d8793941ccdeb4fa96ae87ebbadbe7381e99ca5868cf 181912 libpq5_13.14-0+deb11u1_amd64.deb b76421e1fc0e11b425ff1c0bffa3b115f3e1127870eeeaad2c212a74c6cfa656 15024084 postgresql-13-dbgsym_13.14-0+deb11u1_amd64.deb cc37b9b0a8ed2361c7d4f719fde8aeaf087acd1f30cb1700d3cbdd6b31466fc3 16393 postgresql-13_13.14-0+deb11u1_amd64-buildd.buildinfo 5f66a2dfd353217e638c993ed868bda4ee3323c01967313c5f736380e0ad12db 15177068 postgresql-13_13.14-0+deb11u1_amd64.deb ed4038faf09d82fb9c8757e2f95112fb905b3105318ed80dc7b904ef82222ef1 1855852 postgresql-client-13-dbgsym_13.14-0+deb11u1_amd64.deb 76dbdaae53aaeb68518acfc777895d16ac5112307aabfbde3884917003d0b641 1513108 postgresql-client-13_13.14-0+deb11u1_amd64.deb 984ec66ad97b7fd6e51e2c69e8afd2e8d46f35aabb2a92ae9bc94747445800d4 157820 postgresql-plperl-13-dbgsym_13.14-0+deb11u1_amd64.deb 0f7898ff45c10ffeb6833412db482dca2b5eadcbf8d9fdd54ed4f76a458ba6ab 89492 postgresql-plperl-13_13.14-0+deb11u1_amd64.deb bbbafe8f83acbcfbee0c84e3dbc949ef5b6cd1f29217362e37015abbaf3ab844 159348 postgresql-plpython3-13-dbgsym_13.14-0+deb11u1_amd64.deb ef238489f99b667907ff8e9403e3b37d0a1c52eb0244e20e81ee0b23459ecf83 109504 postgresql-plpython3-13_13.14-0+deb11u1_amd64.deb 51fba60401436fcb02a4a567b1990935359466863804c1326f752b9e1599d8d9 74676 postgresql-pltcl-13-dbgsym_13.14-0+deb11u1_amd64.deb b52dfb0c9f0ac957f24a174abc9efe4e0c8ce976a734c992d2d91f4d2d23690f 43340 postgresql-pltcl-13_13.14-0+deb11u1_amd64.deb 52bbbe8206cde793822d3f8a0bd2c2a1fd261f2a0cb9e659de75d50c18155d64 1042488 postgresql-server-dev-13_13.14-0+deb11u1_amd64.deb Files: 82730540c9f7197e216a1a102c1b3627 38096 debug optional libecpg-compat3-dbgsym_13.14-0+deb11u1_amd64.deb 97909deaa9d518d60f8bdb5efa4ed203 27140 libs optional libecpg-compat3_13.14-0+deb11u1_amd64.deb 6551d53d5db75cbe7ba58614a00317db 225968 debug optional libecpg-dev-dbgsym_13.14-0+deb11u1_amd64.deb 1a69863b26690d50a872e74a50b6b46c 285912 libdevel optional libecpg-dev_13.14-0+deb11u1_amd64.deb 2db068e1f7d0486f9e7aa331b511ac3a 111240 debug optional libecpg6-dbgsym_13.14-0+deb11u1_amd64.deb 917f0a719f27a8832a2ac4b19ee529b0 63020 libs optional libecpg6_13.14-0+deb11u1_amd64.deb acea4ca8c6875fe89746bb1811dd39ff 89080 debug optional libpgtypes3-dbgsym_13.14-0+deb11u1_amd64.deb 5ba119042cc2960a9be1065b216dd4fe 49380 libs optional libpgtypes3_13.14-0+deb11u1_amd64.deb 6b156236ca394697ba04a13b20aee81b 141464 libdevel optional libpq-dev_13.14-0+deb11u1_amd64.deb dd0692e1d8734b734e102fc168597db6 254060 debug optional libpq5-dbgsym_13.14-0+deb11u1_amd64.deb 136c9c1768ae3ec27486d77ce6b84f5a 181912 libs optional libpq5_13.14-0+deb11u1_amd64.deb 284fbd8f172dd0d30cb8a7d484d22554 15024084 debug optional postgresql-13-dbgsym_13.14-0+deb11u1_amd64.deb 433a76f7c3cbcb57b333f3bfb1da90fc 16393 database optional postgresql-13_13.14-0+deb11u1_amd64-buildd.buildinfo 232f234bfacef9b750e5a5822df4da3d 15177068 database optional postgresql-13_13.14-0+deb11u1_amd64.deb f77a83be609e38c05942925354ad2b38 1855852 debug optional postgresql-client-13-dbgsym_13.14-0+deb11u1_amd64.deb 0e77f8f0e60f33ec39f0863782893ce4 1513108 database optional postgresql-client-13_13.14-0+deb11u1_amd64.deb e331f5348b117fbb298f136a9d492b91 157820 debug optional postgresql-plperl-13-dbgsym_13.14-0+deb11u1_amd64.deb d146d37998bfbfb547dac864ad2eac70 89492 database optional postgresql-plperl-13_13.14-0+deb11u1_amd64.deb 55ebd38d69974de09936765b230267c3 159348 debug optional postgresql-plpython3-13-dbgsym_13.14-0+deb11u1_amd64.deb 5052a3bd0274a5f773cfef514c02f918 109504 database optional postgresql-plpython3-13_13.14-0+deb11u1_amd64.deb 27b473cc4899a1253d53a2b4fe4e4c82 74676 debug optional postgresql-pltcl-13-dbgsym_13.14-0+deb11u1_amd64.deb e406fd425e4d7baa98066f43eb5e06e0 43340 database optional postgresql-pltcl-13_13.14-0+deb11u1_amd64.deb bcebe88cab36da2f454961cb340d9774 1042488 libdevel optional postgresql-server-dev-13_13.14-0+deb11u1_amd64.deb -----BEGIN PGP SIGNATURE----- iQIzBAEBCgAdFiEEfSHphWe6nwpTFrNNZXl/6h5+iU4FAmXMxb8ACgkQZXl/6h5+ iU7yLxAAhYiRyQoLmxVMBKy4YCLSr8kiJb1wrJE7ZfxwPKPAoLhY2XEe+ACsBcXg gmaMc+s5WbppmFeLy8gj5bSbNtxDpq134sbsnhTKVpqnDXOR2xLhj0Wtp03MbwM6 O/uTELCcYv4ug6KuWr0eybPbg2D33R3aZVUEi2RgBPvqC8rWF+BreFQY+5sZsiTw hTEo8X2CRxHJFKzfrbZLS73RdjdkMKbUnBMkRUgf54NoI9azmTkVJEMSvXHQuRWY y9JKsNhqA23Hpu+MWFEGlyml0ajVQBne0y1WQu323lYXVJEH+ML9mJIdrcjUEcSL op1P7oFto5+vl/UwhS4bxMpTkUkg6K5qJgQsog5fCScJLYQ8dMB5HpQzbAFU4Sjo Csua+cOYaWvtA5TtDi5ybdzpZXLr0+zFmAKzIK2TqDkmMSXImPY8StyABHk+qhnw M+OFfHKppqzL7qcfgFOJhNNJ93FOtSpVKdvxDVNoIJ1uVsLQsfpx1JIbGkioYMjP vU/vaZLmn2TTlneXhM4z8T7jkuSGkrBw1OZ/CT9cUgKS0asKH4Gz+v7+l/gXr9vU SJgdlnE/nmIpYbwyewYvAg5isE62STvB80Q0dpTYggksJUl+JnjSp3P4tHA49K/4 UCCNIuxJAd4/Wbx3Jubja6yNA3UacuoRn1LhsOuRaJhexqJhVgA= =X1Jr -----END PGP SIGNATURE-----