-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA512

Format: 1.8
Date: Tue, 11 Feb 2025 11:27:41 +0100
Source: postgresql-15
Binary: libecpg-compat3 libecpg-compat3-dbgsym libecpg-dev libecpg-dev-dbgsym libecpg6 libecpg6-dbgsym libpgtypes3 libpgtypes3-dbgsym libpq-dev libpq5 libpq5-dbgsym postgresql-15 postgresql-15-dbgsym postgresql-client-15 postgresql-client-15-dbgsym postgresql-plperl-15 postgresql-plperl-15-dbgsym postgresql-plpython3-15 postgresql-plpython3-15-dbgsym postgresql-pltcl-15 postgresql-pltcl-15-dbgsym postgresql-server-dev-15
Architecture: amd64
Version: 15.11-0+deb12u1
Distribution: bookworm
Urgency: medium
Maintainer: all / amd64 / i386 Build Daemon (x86-grnet-03) <buildd_amd64-x86-grnet-03@buildd.debian.org>
Changed-By: Christoph Berg <myon@debian.org>
Description:
 libecpg-compat3 - older version of run-time library for ECPG programs
 libecpg-dev - development files for ECPG (Embedded PostgreSQL for C)
 libecpg6   - run-time library for ECPG programs
 libpgtypes3 - shared library libpgtypes for PostgreSQL 15
 libpq-dev  - header files for libpq5 (PostgreSQL library)
 libpq5     - PostgreSQL C client library
 postgresql-15 - The World's Most Advanced Open Source Relational Database
 postgresql-client-15 - front-end programs for PostgreSQL 15
 postgresql-plperl-15 - PL/Perl procedural language for PostgreSQL 15
 postgresql-plpython3-15 - PL/Python 3 procedural language for PostgreSQL 15
 postgresql-pltcl-15 - PL/Tcl procedural language for PostgreSQL 15
 postgresql-server-dev-15 - development files for PostgreSQL 15 server-side programming
Changes:
 postgresql-15 (15.11-0+deb12u1) bookworm; urgency=medium
 .
   * New upstream version 15.11.
 .
     + Harden PQescapeString and allied functions against invalidly-encoded
       input strings (Andres Freund, Noah Misch)
 .
       Data-quoting functions supplied by libpq now fully check the encoding
       validity of their input.  If invalid characters are detected, they
       report an error if possible.  For the ones that lack an error return
       convention, the output string is adjusted to ensure that the server will
       report invalid encoding and no intervening processing will be fooled by
       bytes that might happen to match single quote, backslash, etc.
 .
       The purpose of this change is to guard against SQL-injection attacks
       that are possible if one of these functions is used to quote crafted
       input.  There is no hazard when the resulting string is sent directly to
       a PostgreSQL server (which would check its encoding anyway), but there
       is a risk when it is passed through psql or other client-side code.
       Historically such code has not carefully vetted encoding, and in many
       cases it's not clear what it should do if it did detect such a problem.
 .
       This fix is effective only if the data-quoting function, the server, and
       any intermediate processing agree on the character encoding that's being
       used.  Applications that insert untrusted input into SQL commands should
       take special care to ensure that that's true.
 .
       Applications and drivers that quote untrusted input without using these
       libpq functions may be at risk of similar problems.  They should first
       confirm the data is valid in the encoding expected by the server.
 .
       The PostgreSQL Project thanks Stephen Fewer for reporting this problem.
       (CVE-2025-1094)
Checksums-Sha1:
 00dd219d4d649d532badf692575c6dabbe3bd123 16644 libecpg-compat3-dbgsym_15.11-0+deb12u1_amd64.deb
 d8cfca10466b98eb53d1026a2fbdfc566a731ecb 18488 libecpg-compat3_15.11-0+deb12u1_amd64.deb
 88bd0604695ba56c67dbd2199d9ae3c0b75ffdf2 281940 libecpg-dev-dbgsym_15.11-0+deb12u1_amd64.deb
 afb1dd61f8a4402ab6b4ca671b735a87b82d42a9 296780 libecpg-dev_15.11-0+deb12u1_amd64.deb
 7649003fe457a3c7f90a9b45a23ab8b766d29665 113704 libecpg6-dbgsym_15.11-0+deb12u1_amd64.deb
 e2efb49dfb189062c32ddf5a11d6b52e050500cd 62712 libecpg6_15.11-0+deb12u1_amd64.deb
 e31a4f9dc77d7a48f34246a9e2199e878b91830e 88252 libpgtypes3-dbgsym_15.11-0+deb12u1_amd64.deb
 e68c6f91ed1db2f225a2fc75e5abc6da18fbd4a2 46260 libpgtypes3_15.11-0+deb12u1_amd64.deb
 1927f388ca454fbb88b38775e4a7b2c407fec3f2 146088 libpq-dev_15.11-0+deb12u1_amd64.deb
 0bd8ab7482ca9e0518e331137e219dd0cd045e10 277820 libpq5-dbgsym_15.11-0+deb12u1_amd64.deb
 78d9db8e659d64b6f021fed18b7e22c26d7a97f8 190868 libpq5_15.11-0+deb12u1_amd64.deb
 ecc1de91e27e83e880233870bd8e0ec9dc7768f5 16977544 postgresql-15-dbgsym_15.11-0+deb12u1_amd64.deb
 034607b0dcafac9dca422e445c35b6e780a76927 17068 postgresql-15_15.11-0+deb12u1_amd64-buildd.buildinfo
 2654c48347d46d43e7198a249c91102ebbe2714e 16846496 postgresql-15_15.11-0+deb12u1_amd64.deb
 eb48e1e1d517ee681d6edfe613f77a756f87aa22 2623680 postgresql-client-15-dbgsym_15.11-0+deb12u1_amd64.deb
 0f7f959ba47324dd70f0b314dfd86d712dd7eeac 1722828 postgresql-client-15_15.11-0+deb12u1_amd64.deb
 49317878fdc703f032ea0af192a41cc8e92b1b57 186788 postgresql-plperl-15-dbgsym_15.11-0+deb12u1_amd64.deb
 c28b3c2e18e1b0bc642555de7a6b26704ab0878d 91720 postgresql-plperl-15_15.11-0+deb12u1_amd64.deb
 0fcd765778582259082a04c1f67aee1b2227d38f 178804 postgresql-plpython3-15-dbgsym_15.11-0+deb12u1_amd64.deb
 85ad20dcb933b584a5deab7801245a71aea762fb 112724 postgresql-plpython3-15_15.11-0+deb12u1_amd64.deb
 fc49cff974690cc0e1e03ab7a726d4982a4c1cfa 79636 postgresql-pltcl-15-dbgsym_15.11-0+deb12u1_amd64.deb
 1f5a18ccb8d7bdfd08b0370cd7be7a1e32eefb32 43540 postgresql-pltcl-15_15.11-0+deb12u1_amd64.deb
 3bcb3e16959d76fcbdd3af1b44dc4af3b9853d35 1149252 postgresql-server-dev-15_15.11-0+deb12u1_amd64.deb
Checksums-Sha256:
 ffd737f92e73f25172c9a983595867a5220a92a10c43e74ddb7b8ec0c5d7967e 16644 libecpg-compat3-dbgsym_15.11-0+deb12u1_amd64.deb
 e4d0d437fc46f16f077907a4d7864cc5c5ee6b7985211ea9805d7aa7fef3be3a 18488 libecpg-compat3_15.11-0+deb12u1_amd64.deb
 5de0c7c6ba1cc71a19c1218e7c9ff52dbdf17f1fc7f1db56229702f1959d66c0 281940 libecpg-dev-dbgsym_15.11-0+deb12u1_amd64.deb
 a81b2eb2ff39facca720224c33c2f30c67a063f6e01a4b4586ad9f1570d61583 296780 libecpg-dev_15.11-0+deb12u1_amd64.deb
 27381726c703ad1e03e6b1a14937b373bd8732130a467052110618aa75d80c06 113704 libecpg6-dbgsym_15.11-0+deb12u1_amd64.deb
 b74229a2ce626b5a4f1eaba38c4c3dbbff487a16a51511eb544336a2a1f427c7 62712 libecpg6_15.11-0+deb12u1_amd64.deb
 ee40d0e23cb67f39eff85182238c285b471cea3c521182497cec421eff568400 88252 libpgtypes3-dbgsym_15.11-0+deb12u1_amd64.deb
 18b9f2246e5eb4197da44e44fc322de98ba11b66f43aedaa94052dede838c39c 46260 libpgtypes3_15.11-0+deb12u1_amd64.deb
 f30c96e098f6a3f74bd7eff61fbbe07a06b07de4421171762158e48872bce9b3 146088 libpq-dev_15.11-0+deb12u1_amd64.deb
 ca7d281aff1a29bb643b5e8147066b41df8baa7b78d6f9485f303c84958855c0 277820 libpq5-dbgsym_15.11-0+deb12u1_amd64.deb
 3843d612b2696113d5fdfce9873be35e4b9d58a834f8661076349322b31cc772 190868 libpq5_15.11-0+deb12u1_amd64.deb
 de9e14740219e424821573df7c64bf4992ce2c00cd4f9a5d138af70901dd9ada 16977544 postgresql-15-dbgsym_15.11-0+deb12u1_amd64.deb
 5cc0f0f5de52ba44e3aeeee48cd9150a98bda8921027d41e2464f6e8d6f3adaa 17068 postgresql-15_15.11-0+deb12u1_amd64-buildd.buildinfo
 204c5f857fb17bab56614ffc46bc740f604be0315ff7dcfea14b29c9abcd0999 16846496 postgresql-15_15.11-0+deb12u1_amd64.deb
 8e60bc75c023cf31756609d12c753148e1daa2a06d4b5777bbc54d15dfdf8193 2623680 postgresql-client-15-dbgsym_15.11-0+deb12u1_amd64.deb
 566898ca39ead48f02309c50023a2aa49851a76f6959263b8dc9aab073d6f8ca 1722828 postgresql-client-15_15.11-0+deb12u1_amd64.deb
 e795a3b57a2f65ccdbf556601dfd19cf0cddae5aa5c67adeeda4747749245190 186788 postgresql-plperl-15-dbgsym_15.11-0+deb12u1_amd64.deb
 09544fbfd1b8851f612131f5dda19631e9693b24e025cac2236e0bced6f6baea 91720 postgresql-plperl-15_15.11-0+deb12u1_amd64.deb
 04892c16042860f8658aee7c4200dbda04dc82c90df6f16f669efd191f039b5f 178804 postgresql-plpython3-15-dbgsym_15.11-0+deb12u1_amd64.deb
 df46fe4f1be342f788a4f9092f0fa52b453342e9f0e4db9f0a6a3f385f34a92d 112724 postgresql-plpython3-15_15.11-0+deb12u1_amd64.deb
 82aab649860bc33f506d944033ddbb5a4843a8b460e883365e35d1c25659c5e9 79636 postgresql-pltcl-15-dbgsym_15.11-0+deb12u1_amd64.deb
 962a74299df71cd23ec8021f3ea6300cc0c49ebc917c7acff61dac84a403a018 43540 postgresql-pltcl-15_15.11-0+deb12u1_amd64.deb
 bf321226533784f554b1ef971d587606c0bdfbafa0b8dc466c8523aff0aa6cbe 1149252 postgresql-server-dev-15_15.11-0+deb12u1_amd64.deb
Files:
 648404506e9c6a9422bc36b516246ab1 16644 debug optional libecpg-compat3-dbgsym_15.11-0+deb12u1_amd64.deb
 0e81e95eb884d4fafcde7530a462308f 18488 libs optional libecpg-compat3_15.11-0+deb12u1_amd64.deb
 5dffc073be7b979e736f0aa6c906be92 281940 debug optional libecpg-dev-dbgsym_15.11-0+deb12u1_amd64.deb
 389e5f7303a954722db84cfd3864042f 296780 libdevel optional libecpg-dev_15.11-0+deb12u1_amd64.deb
 732f5f0cabc73c342f1bb6c82913915b 113704 debug optional libecpg6-dbgsym_15.11-0+deb12u1_amd64.deb
 13a55c0474b0f8a65503bf2704898c50 62712 libs optional libecpg6_15.11-0+deb12u1_amd64.deb
 306419e234c7edef9d935dde325f26c2 88252 debug optional libpgtypes3-dbgsym_15.11-0+deb12u1_amd64.deb
 d6e990837b5e2660f63008d4f7e71648 46260 libs optional libpgtypes3_15.11-0+deb12u1_amd64.deb
 f7892078ed1cd43ac6fb5d9e0481895f 146088 libdevel optional libpq-dev_15.11-0+deb12u1_amd64.deb
 94e98308ed9d7d1205e3e07a91be1be8 277820 debug optional libpq5-dbgsym_15.11-0+deb12u1_amd64.deb
 67317b81edd657211e1c6d277fb57623 190868 libs optional libpq5_15.11-0+deb12u1_amd64.deb
 42ba474b72045b6c9068ee8ca9c22ba2 16977544 debug optional postgresql-15-dbgsym_15.11-0+deb12u1_amd64.deb
 2eb382c4164d511febdeb4f26544c1c0 17068 database optional postgresql-15_15.11-0+deb12u1_amd64-buildd.buildinfo
 718a4544fddbdf2709811771c279d480 16846496 database optional postgresql-15_15.11-0+deb12u1_amd64.deb
 ace0f20a2b06dd2548aba28c318564b6 2623680 debug optional postgresql-client-15-dbgsym_15.11-0+deb12u1_amd64.deb
 dd3c8dd52fa7e9ac7842ded476645870 1722828 database optional postgresql-client-15_15.11-0+deb12u1_amd64.deb
 43f9b9e92ba1eedac766aad33d580700 186788 debug optional postgresql-plperl-15-dbgsym_15.11-0+deb12u1_amd64.deb
 f64a4734094e249e1c1d2dcfa2ea8ecd 91720 database optional postgresql-plperl-15_15.11-0+deb12u1_amd64.deb
 59607aae62836ba2e82f6eb67371351d 178804 debug optional postgresql-plpython3-15-dbgsym_15.11-0+deb12u1_amd64.deb
 4ba5121f71f074e6e795c875d147d4c3 112724 database optional postgresql-plpython3-15_15.11-0+deb12u1_amd64.deb
 4d592a6068a48fccea4f12eecdf78c0f 79636 debug optional postgresql-pltcl-15-dbgsym_15.11-0+deb12u1_amd64.deb
 270ef780aad18c36f067bba0553702ec 43540 database optional postgresql-pltcl-15_15.11-0+deb12u1_amd64.deb
 f1f82843075b4d57d316555788e64aab 1149252 libdevel optional postgresql-server-dev-15_15.11-0+deb12u1_amd64.deb

-----BEGIN PGP SIGNATURE-----

iQIzBAEBCgAdFiEEe8x49oT2k+seQstpgDm7h4zfCpIFAmeyCjMACgkQgDm7h4zf
CpK9Lg/7BFWARrJxJ5VzFaxXXPqzkzE7KG0a2uaVp/UeJxTpPQMNIfZn2+zS37vC
DZONupRAXegM21wMqTSgrORLAhijy0Up+r47BsU0c7fxguyz+2DrvSyDLCJQL7xW
8bH9XsrKTGZuf5MijX8ME5/yvg331E7wXoBANqQ0WD/OLymIY2V+vM+ly4bXukNT
0fXm5lvb7lw7rsFnQk31OgVQfVQ6bqvkoe6jiFlu/VrTGT2luI5IApJY9sBJy15L
Af5vwfnMviqx8GRdkhP+Zo2wC/mYt84bZW67meRwIN6xhu8SwYzpjZv7azrUlCpf
uLWXSS/XMFDAxJ5Bb3dIqZlfTb94CnAApqQ9QNygeVaV4KI+oDwYEI3kOTFQ227s
Jao7aTSm99EkI/CyclYJBMupOuWVDKjEbZ9irpLM8DGpWC+MtF5kQRvgKo8O/FSA
OEFmdFRPEfAy9Ej1AsWSmCTL6+rwWkTCtKiyPLKW1CMDyOD9+wAQzNVaXyHBskgG
QFrQRtpl6REUg/bdSs372LDuqYTmXc9yqoJimLwCD3rqMxzeHsrNVNUwfGxVWTMM
xd6tsnY4gFTZbVZCYtu9Q8c6YwupBjCVCwcVUkIwWO+6lIe40v5TokZOEBb/JZ31
Yh2GMO6qPehDJtDosd3d6vBrCqTRs2iy+e2mkoodi3XfsGRf+Fo=
=JzKf
-----END PGP SIGNATURE-----