-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA512 Format: 1.8 Date: Tue, 06 Feb 2024 13:54:51 +0100 Source: postgresql-13 Binary: libecpg-compat3 libecpg-compat3-dbgsym libecpg-dev libecpg-dev-dbgsym libecpg6 libecpg6-dbgsym libpgtypes3 libpgtypes3-dbgsym libpq-dev libpq5 libpq5-dbgsym postgresql-13 postgresql-13-dbgsym postgresql-client-13 postgresql-client-13-dbgsym postgresql-plperl-13 postgresql-plperl-13-dbgsym postgresql-plpython3-13 postgresql-plpython3-13-dbgsym postgresql-pltcl-13 postgresql-pltcl-13-dbgsym postgresql-server-dev-13 Architecture: armel Version: 13.14-0+deb11u1 Distribution: bullseye-security Urgency: medium Maintainer: arm Build Daemon (arm-ubc-05) Changed-By: Christoph Berg Description: libecpg-compat3 - older version of run-time library for ECPG programs libecpg-dev - development files for ECPG (Embedded PostgreSQL for C) libecpg6 - run-time library for ECPG programs libpgtypes3 - shared library libpgtypes for PostgreSQL 13 libpq-dev - header files for libpq5 (PostgreSQL library) libpq5 - PostgreSQL C client library postgresql-13 - The World's Most Advanced Open Source Relational Database postgresql-client-13 - front-end programs for PostgreSQL 13 postgresql-plperl-13 - PL/Perl procedural language for PostgreSQL 13 postgresql-plpython3-13 - PL/Python 3 procedural language for PostgreSQL 13 postgresql-pltcl-13 - PL/Tcl procedural language for PostgreSQL 13 postgresql-server-dev-13 - development files for PostgreSQL 13 server-side programming Changes: postgresql-13 (13.14-0+deb11u1) bullseye-security; urgency=medium . * New upstream version. . * Tighten security restrictions within REFRESH MATERIALIZED VIEW CONCURRENTLY (Heikki Linnakangas) . One step of a concurrent refresh command was run under weak security restrictions. If a materialized view's owner could persuade a superuser or other high-privileged user to perform a concurrent refresh on that view, the view's owner could control code executed with the privileges of the user running REFRESH. Fix things so that all user-determined code is run as the view's owner, as expected. . The PostgreSQL Project thanks Pedro Gallegos for reporting this problem. (CVE-2024-0985) Checksums-Sha1: 094dd7a97922e9ee3c57fa88210a7d0fff9c93b6 36364 libecpg-compat3-dbgsym_13.14-0+deb11u1_armel.deb f2390ae6178dd71694111ba658d9a7c7dbc0411a 25044 libecpg-compat3_13.14-0+deb11u1_armel.deb de64f60c69baff959d4f0223b5a9cb2c370b930f 216500 libecpg-dev-dbgsym_13.14-0+deb11u1_armel.deb 7d9cf086d5ff6b77307a1d586e995b1f55c4ec7a 262236 libecpg-dev_13.14-0+deb11u1_armel.deb 9cd144cdf03e349bfd7ed12dc2dc531639186698 106980 libecpg6-dbgsym_13.14-0+deb11u1_armel.deb 4b3189adb6d7d98c135593a0c11b2c3a5a963829 56284 libecpg6_13.14-0+deb11u1_armel.deb 9d1a4619351b73f87a9c84ea5ea26baf2d1aaba2 84224 libpgtypes3-dbgsym_13.14-0+deb11u1_armel.deb 6d8ccb139f4f25879968f14065ea0b5488d28095 45164 libpgtypes3_13.14-0+deb11u1_armel.deb 56a6b93d8ce6b1dea5d824dbf5136ac5e050c191 130624 libpq-dev_13.14-0+deb11u1_armel.deb ed1b69d812967ef6c9e9843e5cf190f46008d92a 242600 libpq5-dbgsym_13.14-0+deb11u1_armel.deb 85caff6e887273620fa557c5d17358c7c4c7538b 163244 libpq5_13.14-0+deb11u1_armel.deb a0ec2d56826188dafb7bc2e4441dc2519843b527 14174420 postgresql-13-dbgsym_13.14-0+deb11u1_armel.deb 5700983d4f3180bf281dd3425dafcc3f2e57e4fc 16182 postgresql-13_13.14-0+deb11u1_armel-buildd.buildinfo b1eac9c9a778831f38851e7288da37d04bd5e626 14532096 postgresql-13_13.14-0+deb11u1_armel.deb 2dcefe06a61ea5362b1396469a96afe49dfb4dca 1800292 postgresql-client-13-dbgsym_13.14-0+deb11u1_armel.deb f7375e567be08769f2dbc9c296eb616731d0f00b 1432624 postgresql-client-13_13.14-0+deb11u1_armel.deb 477a5ed29a15664bc6c2d7b9dbf466f0966ad9f0 152080 postgresql-plperl-13-dbgsym_13.14-0+deb11u1_armel.deb 6a0179935f6621df85b37d8624b464486b9c8f46 85904 postgresql-plperl-13_13.14-0+deb11u1_armel.deb d38203300a00e7274af3de6d0860855e30514a6d 154372 postgresql-plpython3-13-dbgsym_13.14-0+deb11u1_armel.deb d2ce9aabefa0fd2e801eb5491177976b1ae3f379 104304 postgresql-plpython3-13_13.14-0+deb11u1_armel.deb afa962d34bfcffa1feaef95174b513f99cda8fd7 72220 postgresql-pltcl-13-dbgsym_13.14-0+deb11u1_armel.deb 9dbc8b5ec0c838aee721e09768566f60aa5d563f 40724 postgresql-pltcl-13_13.14-0+deb11u1_armel.deb aba76e0789968ca1835e1867369ee02a5e87d39c 1029496 postgresql-server-dev-13_13.14-0+deb11u1_armel.deb Checksums-Sha256: 3a18f97e1f84fecd893130d5138b134e0e4713465552408163bfbdc8f15a5c3b 36364 libecpg-compat3-dbgsym_13.14-0+deb11u1_armel.deb feac457369fd2681b12bd1b054b9f381c11a688c3fb5618b9c185ba71f32f709 25044 libecpg-compat3_13.14-0+deb11u1_armel.deb cfd9c62a6247a98fafa8a226688998008ffca68c3264b4a3ef1914692b375219 216500 libecpg-dev-dbgsym_13.14-0+deb11u1_armel.deb ee111f3770c194d7190c313c41e25b95c949b20929d97c95bc08d0f9c59bc960 262236 libecpg-dev_13.14-0+deb11u1_armel.deb 5850cce34a497f1ace7d4ddf862396aaddbb05623249ca2bef16624d82bc4755 106980 libecpg6-dbgsym_13.14-0+deb11u1_armel.deb d96f018e01580d37dad08ac1c60e4c2705d39e68ad3f4fda4a7fd24805f4d443 56284 libecpg6_13.14-0+deb11u1_armel.deb af411f13706e5f6f1cfa7384bb8759da6b2071d396a9aa71b40775d75517076e 84224 libpgtypes3-dbgsym_13.14-0+deb11u1_armel.deb f3c82a511d0a49f8af91af47c82cd019873a99ef6786ec84d257ab3c3ebc7c1c 45164 libpgtypes3_13.14-0+deb11u1_armel.deb ceec662a2055d2d3eff965bc2aede3e386db11f964dd6dc56fa6639db37d4324 130624 libpq-dev_13.14-0+deb11u1_armel.deb 03fbd19f6e0da8fa96fc3f87d3716fb461fd9d7da3877461853dbfba268a6c00 242600 libpq5-dbgsym_13.14-0+deb11u1_armel.deb 1c9ac5a815abad3d64d34a0289b8f38329e1061a1047b974dadf5f310ff21056 163244 libpq5_13.14-0+deb11u1_armel.deb dd7eb944738710bd39f524acac29a8c2bf373b0c09f17dd17e2e5343998fdf7d 14174420 postgresql-13-dbgsym_13.14-0+deb11u1_armel.deb f7a70f7c5255dbc9d50d6bca7cb58a96947c5f737a38b5895114bf1a7cfdb7a5 16182 postgresql-13_13.14-0+deb11u1_armel-buildd.buildinfo d07144e95b7ed3668853c52cbe87032b821b2d333783c30f99430aaf0ced255d 14532096 postgresql-13_13.14-0+deb11u1_armel.deb fd5cb357f664361e3bd62af9439e7f03c8c1c8d107ddeb445e6ede2ab88a0df0 1800292 postgresql-client-13-dbgsym_13.14-0+deb11u1_armel.deb af65d9778fc53d27f0b9343e24f0406eed1537797fa545fbf528424348472d81 1432624 postgresql-client-13_13.14-0+deb11u1_armel.deb 8115d3c65202d7fd30a516fac770567fbc0156442e52dd4b054d8b82b0809e8c 152080 postgresql-plperl-13-dbgsym_13.14-0+deb11u1_armel.deb c930a39150f57fcac5d9ed4dcdb10bf6d40d18637be30945cef9562e91c094e6 85904 postgresql-plperl-13_13.14-0+deb11u1_armel.deb bb9c684e51a9920a41cb06dee08f8a57e6509d92dca1110c4eab82d4c09bbf03 154372 postgresql-plpython3-13-dbgsym_13.14-0+deb11u1_armel.deb 29e545cb4b9c6d1c1eded3ec46c61025a59cbf25ef42da85cc356d0f1397b38b 104304 postgresql-plpython3-13_13.14-0+deb11u1_armel.deb c84719112a6aeb55f224386e536b67213d19a368d95b1596a687c82ebb12d33f 72220 postgresql-pltcl-13-dbgsym_13.14-0+deb11u1_armel.deb 6510127f360d01f7f06c31f6d04679ecd4d8e8ea195f3ec49aa42c68110e3925 40724 postgresql-pltcl-13_13.14-0+deb11u1_armel.deb 6e4f921cbcd74f8856d2c3266ad2c9f637d5087aac18d97d3128a40a917c77d3 1029496 postgresql-server-dev-13_13.14-0+deb11u1_armel.deb Files: 8c35137e964a02626b6b5e9d943926da 36364 debug optional libecpg-compat3-dbgsym_13.14-0+deb11u1_armel.deb cc9ba4fd0a4e233c7df472beee2af30a 25044 libs optional libecpg-compat3_13.14-0+deb11u1_armel.deb e0a94d9e7d71d17e72a1f7017d494878 216500 debug optional libecpg-dev-dbgsym_13.14-0+deb11u1_armel.deb ae4b7dbe197640a0d546087dc63569d0 262236 libdevel optional libecpg-dev_13.14-0+deb11u1_armel.deb 0f79be6c4477eab8ded704c7d511e341 106980 debug optional libecpg6-dbgsym_13.14-0+deb11u1_armel.deb b524c65dfa849032a6ad05547c4c0348 56284 libs optional libecpg6_13.14-0+deb11u1_armel.deb 497ab54efc0e1e66469b2aa4414b62eb 84224 debug optional libpgtypes3-dbgsym_13.14-0+deb11u1_armel.deb bc6c84be25b80e1221ef1ef45595cecb 45164 libs optional libpgtypes3_13.14-0+deb11u1_armel.deb 4ffbd3045116e6a6709d4247d8680a73 130624 libdevel optional libpq-dev_13.14-0+deb11u1_armel.deb 350bfde76105a497fa4bada1ec549e04 242600 debug optional libpq5-dbgsym_13.14-0+deb11u1_armel.deb dca7f574d3def52c686c644d305c3440 163244 libs optional libpq5_13.14-0+deb11u1_armel.deb 200d642af3901d3f879311dbc981d445 14174420 debug optional postgresql-13-dbgsym_13.14-0+deb11u1_armel.deb dead8341dd02e56143b7c0a14c0772f8 16182 database optional postgresql-13_13.14-0+deb11u1_armel-buildd.buildinfo 5e8569673584e32b1b5a28fed45e1b66 14532096 database optional postgresql-13_13.14-0+deb11u1_armel.deb 3b1dbcb67ee35e75e54814cc02e474f2 1800292 debug optional postgresql-client-13-dbgsym_13.14-0+deb11u1_armel.deb c8f25c58280d3bd2957b96de8d3e5af1 1432624 database optional postgresql-client-13_13.14-0+deb11u1_armel.deb 146e234b9c088d0b958f87770f78c890 152080 debug optional postgresql-plperl-13-dbgsym_13.14-0+deb11u1_armel.deb 2a248b071f5bb14b04ac6e47a88df6ea 85904 database optional postgresql-plperl-13_13.14-0+deb11u1_armel.deb 1f86dc27ad273ad7afaac6d965fba163 154372 debug optional postgresql-plpython3-13-dbgsym_13.14-0+deb11u1_armel.deb 141ef7f409b2af3df1674dc54fe43275 104304 database optional postgresql-plpython3-13_13.14-0+deb11u1_armel.deb 64e489311beb9cca2287508f19b541fd 72220 debug optional postgresql-pltcl-13-dbgsym_13.14-0+deb11u1_armel.deb 2a7ac1eff9e812b975a81aeccd418fd9 40724 database optional postgresql-pltcl-13_13.14-0+deb11u1_armel.deb 13359a6534b56657b579729910e49e23 1029496 libdevel optional postgresql-server-dev-13_13.14-0+deb11u1_armel.deb -----BEGIN PGP SIGNATURE----- iQIzBAEBCgAdFiEEKGUG2wrbdK8nNLJy1gmokJM6hDEFAmXM2pcACgkQ1gmokJM6 hDFWPA//Xuk9dTlVrwxoYmdUuMOaXAdCDRhNbADRGVPsgMYxexeDVJu8m2J0rAmc E+lxxy3RF6IayNUlZbHQutYbbg6h2gh+VPxh0QEp3g0TOdmdzUSo6CeakCCBHkde XUdYo8gOaiObRpspMbRPTp0r03+R0yJ9hqN55l0Ukjq/G5gZE7Ljlo3uSTdK2gv4 H5isRCOcoxTy/Wz/7QheySC1SIO44fiN9IjHEr15G+Zl2BHvzzCqrXvtE3tRcTrL lWubEuZ9zU2A9hmRSERi/1fTEjbLevskYhixNTHcSWFmWCK6p94s6qYJtRAGn0xZ g19qeVPThMQOxj7ptoN7fsmuakK+LS/iIRG13tgMUuZ80sgs6zUsRUFb5FAY3ZSM NuShkLhFp+qfgNA1xa2v1tRU6wNEfoCZa28fTsnGyEHUPw2SaR0Zo7slEEdDyQTr WMbtBNXPg6wq1KfyUm0/zFUgXqdaicSi5uwppswV+N7KT0XaqVMSDYErpM4pRj9b +kl6EjwE6aJoCpFOvyHfpwcAmg6U54TzGNvLSmgPx6RVAOeiCEn+px2JncMq9bct m6Xyn7HohTZIarYbsRqW5vQ0J1JnEtJBeHEFGHVtqv2/otomNY8D+hZsnFaeZfuF xABrcMbXd3wN36AgYFwHPSle2qSgGJV72IeIxhVotSzuITNX2mU= =9cY2 -----END PGP SIGNATURE-----