-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA512

Format: 1.8
Date: Tue, 11 Feb 2025 11:27:41 +0100
Source: postgresql-15
Binary: libecpg-compat3 libecpg-compat3-dbgsym libecpg-dev libecpg-dev-dbgsym libecpg6 libecpg6-dbgsym libpgtypes3 libpgtypes3-dbgsym libpq-dev libpq5 libpq5-dbgsym postgresql-15 postgresql-15-dbgsym postgresql-client-15 postgresql-client-15-dbgsym postgresql-plperl-15 postgresql-plperl-15-dbgsym postgresql-plpython3-15 postgresql-plpython3-15-dbgsym postgresql-pltcl-15 postgresql-pltcl-15-dbgsym postgresql-server-dev-15
Architecture: i386
Version: 15.11-0+deb12u1
Distribution: bookworm
Urgency: medium
Maintainer: all / amd64 / i386 Build Daemon (x86-conova-02) <buildd_amd64-x86-conova-02@buildd.debian.org>
Changed-By: Christoph Berg <myon@debian.org>
Description:
 libecpg-compat3 - older version of run-time library for ECPG programs
 libecpg-dev - development files for ECPG (Embedded PostgreSQL for C)
 libecpg6   - run-time library for ECPG programs
 libpgtypes3 - shared library libpgtypes for PostgreSQL 15
 libpq-dev  - header files for libpq5 (PostgreSQL library)
 libpq5     - PostgreSQL C client library
 postgresql-15 - The World's Most Advanced Open Source Relational Database
 postgresql-client-15 - front-end programs for PostgreSQL 15
 postgresql-plperl-15 - PL/Perl procedural language for PostgreSQL 15
 postgresql-plpython3-15 - PL/Python 3 procedural language for PostgreSQL 15
 postgresql-pltcl-15 - PL/Tcl procedural language for PostgreSQL 15
 postgresql-server-dev-15 - development files for PostgreSQL 15 server-side programming
Changes:
 postgresql-15 (15.11-0+deb12u1) bookworm; urgency=medium
 .
   * New upstream version 15.11.
 .
     + Harden PQescapeString and allied functions against invalidly-encoded
       input strings (Andres Freund, Noah Misch)
 .
       Data-quoting functions supplied by libpq now fully check the encoding
       validity of their input.  If invalid characters are detected, they
       report an error if possible.  For the ones that lack an error return
       convention, the output string is adjusted to ensure that the server will
       report invalid encoding and no intervening processing will be fooled by
       bytes that might happen to match single quote, backslash, etc.
 .
       The purpose of this change is to guard against SQL-injection attacks
       that are possible if one of these functions is used to quote crafted
       input.  There is no hazard when the resulting string is sent directly to
       a PostgreSQL server (which would check its encoding anyway), but there
       is a risk when it is passed through psql or other client-side code.
       Historically such code has not carefully vetted encoding, and in many
       cases it's not clear what it should do if it did detect such a problem.
 .
       This fix is effective only if the data-quoting function, the server, and
       any intermediate processing agree on the character encoding that's being
       used.  Applications that insert untrusted input into SQL commands should
       take special care to ensure that that's true.
 .
       Applications and drivers that quote untrusted input without using these
       libpq functions may be at risk of similar problems.  They should first
       confirm the data is valid in the encoding expected by the server.
 .
       The PostgreSQL Project thanks Stephen Fewer for reporting this problem.
       (CVE-2025-1094)
Checksums-Sha1:
 09bcb9e8a0da8999b8a736695761960748b611da 14404 libecpg-compat3-dbgsym_15.11-0+deb12u1_i386.deb
 fed372d17d817ff6d0e02934e1b8464306beb28b 18956 libecpg-compat3_15.11-0+deb12u1_i386.deb
 e680e3c1eb18c2884a1c4d10b91c12ccbc6c7fdf 270672 libecpg-dev-dbgsym_15.11-0+deb12u1_i386.deb
 7d6ba14169eb5ef6059c0b5bd22a56b41c2046fa 307032 libecpg-dev_15.11-0+deb12u1_i386.deb
 2fbf586a09791cf39efa104e40ff3ec5d11d1c0c 102320 libecpg6-dbgsym_15.11-0+deb12u1_i386.deb
 41613d04516b94e0818c8900dde4d5a83883d842 66536 libecpg6_15.11-0+deb12u1_i386.deb
 f0adfe2cb58f7d953b53df51e695d8fdd031482e 80772 libpgtypes3-dbgsym_15.11-0+deb12u1_i386.deb
 d8be3c6a2f4328b7ab621ecc2426574add9db228 48344 libpgtypes3_15.11-0+deb12u1_i386.deb
 06e8a164c4d7e84fe562b6652966883b11d660bd 155636 libpq-dev_15.11-0+deb12u1_i386.deb
 659278f289b4c6056153673d7968fa4f97ef61d9 242176 libpq5-dbgsym_15.11-0+deb12u1_i386.deb
 1972581846fa17a057fdc3b671d980bdbd006ae8 198356 libpq5_15.11-0+deb12u1_i386.deb
 faf6ecc2aa17ae30780c4c06f37dedbc8cec3bc7 15368532 postgresql-15-dbgsym_15.11-0+deb12u1_i386.deb
 e68e65c35a9bbd6bea57aae3b855b99470ecf0f7 16948 postgresql-15_15.11-0+deb12u1_i386-buildd.buildinfo
 0d5a91c2586625d50dc20522a576f4f794efccbb 17078472 postgresql-15_15.11-0+deb12u1_i386.deb
 b74278481ab328ff7034768d89e0cb46fbf569bc 2260256 postgresql-client-15-dbgsym_15.11-0+deb12u1_i386.deb
 108be11dd6dfd35c9d18123750b2dfb6a8cf1de6 1742752 postgresql-client-15_15.11-0+deb12u1_i386.deb
 b448a30197320ad2054f76e729d5dc389a395779 173972 postgresql-plperl-15-dbgsym_15.11-0+deb12u1_i386.deb
 d11d118e5336c2b6782bd0c4b30727a71bdc96f6 95096 postgresql-plperl-15_15.11-0+deb12u1_i386.deb
 db250d84506a1aab539997648a1157c9669b8a1d 163996 postgresql-plpython3-15-dbgsym_15.11-0+deb12u1_i386.deb
 dc4e719c9d1711c79cf9ab380a9cbdbf2aad0010 115440 postgresql-plpython3-15_15.11-0+deb12u1_i386.deb
 f9c11fafc9ed0c5600790ec204c85fecb5c63e56 74144 postgresql-pltcl-15-dbgsym_15.11-0+deb12u1_i386.deb
 00772ea1b3652976a458cc1411166dcda5399163 45128 postgresql-pltcl-15_15.11-0+deb12u1_i386.deb
 a3060022c34bb213b8c9833940bb4e6f13910482 1163144 postgresql-server-dev-15_15.11-0+deb12u1_i386.deb
Checksums-Sha256:
 a6e7fc24f7a374515cc71a06c5ad800d58882a80e0bea47fa6880c294a9c39e9 14404 libecpg-compat3-dbgsym_15.11-0+deb12u1_i386.deb
 a5fab7ce593a352c30305c15ad288d7c947026f178b790f027c4fe976a0cd821 18956 libecpg-compat3_15.11-0+deb12u1_i386.deb
 c3d4c947fc07afa36ac6e2a93ea925c8351f70c69108065557517231fffcd922 270672 libecpg-dev-dbgsym_15.11-0+deb12u1_i386.deb
 c1d07f8b08e96b625ef4b0041bbd57d108a6bcfaefde59f0c62982369c802f26 307032 libecpg-dev_15.11-0+deb12u1_i386.deb
 d560d94f68fbf9d8a0bdc6309b277c4f4fa42cfd4e4d48a37ed738f9efc36f82 102320 libecpg6-dbgsym_15.11-0+deb12u1_i386.deb
 fef0aed2be33293056597917af9f967555d43a32a204161dd63a57b3610f8d1a 66536 libecpg6_15.11-0+deb12u1_i386.deb
 5e8e7ff890258957e398e817988a3a503cb4cfe13b1fc22d057f02df48665555 80772 libpgtypes3-dbgsym_15.11-0+deb12u1_i386.deb
 4282a4031a31564255baf87a643ae318cc577e42134b2a9ea80d8e050338749a 48344 libpgtypes3_15.11-0+deb12u1_i386.deb
 3d23e71b2999444d3494e9bf71260a11e99d2c031a42e4038f151ea409058e4e 155636 libpq-dev_15.11-0+deb12u1_i386.deb
 63ea99445df11ff9d215eca53f8354c6a0896bfab8874a19510469667bc82205 242176 libpq5-dbgsym_15.11-0+deb12u1_i386.deb
 f8f9ca60c686ddef1a08fa71d5dc0df8cd760ce346eb9259f3631539bf97367b 198356 libpq5_15.11-0+deb12u1_i386.deb
 80df3ebd97901e9ebc8213cd3c4ea7cd71f651eb25d1d642298d0a17f4010c28 15368532 postgresql-15-dbgsym_15.11-0+deb12u1_i386.deb
 5a36019e0bd8ebdd3c1290e0f21fed711899a46d37dd8a56dac3237f4b8bb298 16948 postgresql-15_15.11-0+deb12u1_i386-buildd.buildinfo
 79e94880a1cc3c24b5cdc453db70571b84a5f2e9ca84b2c3d3d353364f777b36 17078472 postgresql-15_15.11-0+deb12u1_i386.deb
 a89ac253e2c51d976a2a36a2a281b74b23f55f5948870901d26aed0e167540bd 2260256 postgresql-client-15-dbgsym_15.11-0+deb12u1_i386.deb
 d7686434c1a1250e0e80d7a2ee970299a70199cd4148c7b485d6f0665acb8265 1742752 postgresql-client-15_15.11-0+deb12u1_i386.deb
 d77a436f6a749ed3f3b43c6f5cf08242264cb761c179e21127638a0b675c8b5f 173972 postgresql-plperl-15-dbgsym_15.11-0+deb12u1_i386.deb
 77cbd0b16da2b0078479a5b511bc18fdbd4bfaeb5e5b46c7424ef75bcbb41fcf 95096 postgresql-plperl-15_15.11-0+deb12u1_i386.deb
 d36db590f8246466253f627975881f54d4ced15a9a9b8f2dfea5025a5b8722ac 163996 postgresql-plpython3-15-dbgsym_15.11-0+deb12u1_i386.deb
 c7874767e81f7e1b9814f2405ac5ed989e3637574fe1c85c2f1c2688fb8c3c76 115440 postgresql-plpython3-15_15.11-0+deb12u1_i386.deb
 2f335ed73625fe5bae17b0b07c7df80c05763fd632cf66e46e9192f2049c3edd 74144 postgresql-pltcl-15-dbgsym_15.11-0+deb12u1_i386.deb
 d01e8fe6ad5850bda4d48d788acd4e3b400757efdaef025a5c78b755a9507c21 45128 postgresql-pltcl-15_15.11-0+deb12u1_i386.deb
 c93a5cee76b56cc52f430d15454e6078a481747954b9753e589d660cd4e7fce0 1163144 postgresql-server-dev-15_15.11-0+deb12u1_i386.deb
Files:
 8fcb01b9b3774200a4e358c98a01d5c2 14404 debug optional libecpg-compat3-dbgsym_15.11-0+deb12u1_i386.deb
 f5b2a511114fd2c0f946d67091c0ea86 18956 libs optional libecpg-compat3_15.11-0+deb12u1_i386.deb
 564859ce8110a4dac6d7972bbc97afb5 270672 debug optional libecpg-dev-dbgsym_15.11-0+deb12u1_i386.deb
 c49d96cd81f272bc2826f6512b78d34a 307032 libdevel optional libecpg-dev_15.11-0+deb12u1_i386.deb
 be515d50023a0f5e873b9b334f228b16 102320 debug optional libecpg6-dbgsym_15.11-0+deb12u1_i386.deb
 d0c0c3af3ca11e7b690e07ed40e73e64 66536 libs optional libecpg6_15.11-0+deb12u1_i386.deb
 a2a851d6d6ccba3cbc7d305cd829dff0 80772 debug optional libpgtypes3-dbgsym_15.11-0+deb12u1_i386.deb
 3c007fdb9ab224b4d90dbf1997584397 48344 libs optional libpgtypes3_15.11-0+deb12u1_i386.deb
 5a6f7edbaf1d546534a28146e904de43 155636 libdevel optional libpq-dev_15.11-0+deb12u1_i386.deb
 a1597fd2f4821f8fe7b07dd11431c1f9 242176 debug optional libpq5-dbgsym_15.11-0+deb12u1_i386.deb
 0e5bf66f21eaaaca8b1a7ce12b7f4d55 198356 libs optional libpq5_15.11-0+deb12u1_i386.deb
 5a6381814723938c9998e96d8f0199fc 15368532 debug optional postgresql-15-dbgsym_15.11-0+deb12u1_i386.deb
 d6a5721d7a2251d81c7292635fbbab0b 16948 database optional postgresql-15_15.11-0+deb12u1_i386-buildd.buildinfo
 f541b877d63e64ecb44fa89f76911efb 17078472 database optional postgresql-15_15.11-0+deb12u1_i386.deb
 5d43d48abdef6a8099bb084e1af89c4e 2260256 debug optional postgresql-client-15-dbgsym_15.11-0+deb12u1_i386.deb
 1715f32243578266982cac05bffbab18 1742752 database optional postgresql-client-15_15.11-0+deb12u1_i386.deb
 a8125e86b47c491acb5774ddf969c681 173972 debug optional postgresql-plperl-15-dbgsym_15.11-0+deb12u1_i386.deb
 2a3d23998c3c2a552c98489769cebe56 95096 database optional postgresql-plperl-15_15.11-0+deb12u1_i386.deb
 dc3a6530b828d53c1156da2e921a0935 163996 debug optional postgresql-plpython3-15-dbgsym_15.11-0+deb12u1_i386.deb
 c944ee12a076a60df151f369a8876987 115440 database optional postgresql-plpython3-15_15.11-0+deb12u1_i386.deb
 a4d6cd035f9c63bd17eb7ac558e61423 74144 debug optional postgresql-pltcl-15-dbgsym_15.11-0+deb12u1_i386.deb
 e34fcd8e13b96f21ded4da6ddba28ddc 45128 database optional postgresql-pltcl-15_15.11-0+deb12u1_i386.deb
 72c3fe4dc0fe88557aacbbe54f17b49e 1163144 libdevel optional postgresql-server-dev-15_15.11-0+deb12u1_i386.deb

-----BEGIN PGP SIGNATURE-----

iQIzBAEBCgAdFiEErEDrIdpJkzFMm6K+PyQET5WCY90FAmeyCxcACgkQPyQET5WC
Y93klw//a1gtM/dnnkcrJNdpjFtibiPjvR97lY52ZdrUH6Y1sYXVoEd5OkQrOVJ+
lg3Bup0eN4ILeJFekHxSvu6tG0MK+jK/uMECbJ0mBq/MPrZL2VcB2YTmWiWANVHr
p291vRAkRF7lRf45SzEwPLpk7XbB/oWbXXQo4pQ0QYF0vYt1yh0mchXl/Xa/NQpm
7/SFKzbiF5IhDyyxHX3053mmyOXve7pozX7/m3XpvyV176cfq+ERYdojxfKhn7yP
N+oewDvwe/SR9yJ5Nr6/lJi09HYRkmvOS/5Yi9j9bJINOuY4g0oYhQKmBVVRNX/7
QPd6xJ4ovJ4WpYkx5CD8V64Gr7osK6mEKDLto+5AUFDizeHHkS0Jo0ypDG3/x5IO
7Az/tdISRn9YcfJ8FnwxRIeA8xSFDypmQQAts1yD0pmgFi8HLomCQxqBAZjSe6TY
wlPup095UfkuVXgOcvjSF2WYiU8jy5NeapyrMB7A2Mh0b7jhVhg5p1dKWPk3LGcC
rdoLFfcebs3TMGzCZRskq9UTqIPLfoJ9K8/l6xy8a97G3hWOJGPJBKEegcYfz3/x
sgkV46uUmRh780B2vybb5tkLvtdcDti7/Bcwjt+eI8pz3Y/R5Mq2b3jSleaG2Bie
/E+RDGfRNMHEThQnL/vz10252Mw19gk2yqbl6Tsr9ybciGXnWSE=
=Ky9N
-----END PGP SIGNATURE-----