Format: 1.8 Date: Wed, 07 Aug 2024 15:24:37 +0200 Source: postgresql-15 Binary: libecpg-compat3 libecpg-compat3-dbgsym libecpg-dev libecpg-dev-dbgsym libecpg6 libecpg6-dbgsym libpgtypes3 libpgtypes3-dbgsym libpq-dev libpq5 libpq5-dbgsym postgresql-15 postgresql-15-dbgsym postgresql-client-15 postgresql-client-15-dbgsym postgresql-doc-15 postgresql-plperl-15 postgresql-plperl-15-dbgsym postgresql-plpython3-15 postgresql-plpython3-15-dbgsym postgresql-pltcl-15 postgresql-pltcl-15-dbgsym postgresql-server-dev-15 Architecture: amd64 all Version: 15.8-0+deb12u1 Distribution: bookworm Urgency: medium Maintainer: Debian PostgreSQL Maintainers Changed-By: Christoph Berg Description: libecpg-compat3 - older version of run-time library for ECPG programs libecpg-dev - development files for ECPG (Embedded PostgreSQL for C) libecpg6 - run-time library for ECPG programs libpgtypes3 - shared library libpgtypes for PostgreSQL 15 libpq-dev - header files for libpq5 (PostgreSQL library) libpq5 - PostgreSQL C client library postgresql-15 - The World's Most Advanced Open Source Relational Database postgresql-client-15 - front-end programs for PostgreSQL 15 postgresql-doc-15 - documentation for the PostgreSQL database management system postgresql-plperl-15 - PL/Perl procedural language for PostgreSQL 15 postgresql-plpython3-15 - PL/Python 3 procedural language for PostgreSQL 15 postgresql-pltcl-15 - PL/Tcl procedural language for PostgreSQL 15 postgresql-server-dev-15 - development files for PostgreSQL 15 server-side programming Changes: postgresql-15 (15.8-0+deb12u1) bookworm-security; urgency=medium . * New upstream version. . + Prevent unauthorized code execution during pg_dump (Masahiko Sawada) . An attacker able to create and drop non-temporary objects could inject SQL code that would be executed by a concurrent pg_dump session with the privileges of the role running pg_dump (which is often a superuser). The attack involves replacing a sequence or similar object with a view or foreign table that will execute malicious code. To prevent this, introduce a new server parameter restrict_nonsystem_relation_kind that can disable expansion of non-builtin views as well as access to foreign tables, and teach pg_dump to set it when available. Note that the attack is prevented only if both pg_dump and the server it is dumping from are new enough to have this fix. . The PostgreSQL Project thanks Noah Misch for reporting this problem. (CVE-2024-7348) . * Refresh debian/patches/focal-arm64-outline-atomics. Checksums-Sha1: 9f939a1c1a315a7d61e17703befbff125f227ab3 38108 libecpg-compat3-dbgsym_15.8-0+deb12u1_amd64.deb 76938d2a24110f35daa1353bca0921b625b77bfa 22576 libecpg-compat3_15.8-0+deb12u1_amd64.deb 8c530b5de6e2b3eb4acb224f8fbf1c1072824a41 280884 libecpg-dev-dbgsym_15.8-0+deb12u1_amd64.deb 6862fb7da46cb80dc8a82cdee0e565c4b650d784 295392 libecpg-dev_15.8-0+deb12u1_amd64.deb d733e6be988a237679ce48be78690a7b863cc3c2 113160 libecpg6-dbgsym_15.8-0+deb12u1_amd64.deb 09cab1289a60818b8afdc0632d1f2ad2b6ebfb2e 60672 libecpg6_15.8-0+deb12u1_amd64.deb 90844f6c11aee5153eeee92893caad1e4d7016c9 88324 libpgtypes3-dbgsym_15.8-0+deb12u1_amd64.deb 12b1f75a75e5740c18d6dd9b78221c550854e4c1 44264 libpgtypes3_15.8-0+deb12u1_amd64.deb 5ea4e70d99dad5213f30e6a1444ae6d7c77d51d4 143764 libpq-dev_15.8-0+deb12u1_amd64.deb c9ba739ec24687d034bf87b771f8ff974ed896a6 277124 libpq5-dbgsym_15.8-0+deb12u1_amd64.deb 91f5daa17d6780fb653a7e4346ea68094f49ecc9 188308 libpq5_15.8-0+deb12u1_amd64.deb 723b9c5d7741dd63d97b15e23dc58792b7d73c4e 16883336 postgresql-15-dbgsym_15.8-0+deb12u1_amd64.deb 18422687b0c8732e691247a40817f611320b4586 16568 postgresql-15_15.8-0+deb12u1_amd64.buildinfo 287e50fcfea93283405a2fb8d6ff8de05e9ca6a9 16801768 postgresql-15_15.8-0+deb12u1_amd64.deb db1d895e58d06367f86bb90461aeb67507ce750c 2420168 postgresql-client-15-dbgsym_15.8-0+deb12u1_amd64.deb ec41111402c38f60104d4fa9b6175637e41ecf36 1701264 postgresql-client-15_15.8-0+deb12u1_amd64.deb 9e7a4fe7e15b9240a486b3aa93b7a6d1cc50948f 2043012 postgresql-doc-15_15.8-0+deb12u1_all.deb 9adf2020e98db40ce030e0dbebec9239b1c3054c 186756 postgresql-plperl-15-dbgsym_15.8-0+deb12u1_amd64.deb f2e456590bf813f62b3c6a3defd7d7734b426be4 89584 postgresql-plperl-15_15.8-0+deb12u1_amd64.deb babe0f385434b2dae39c028c2918b9efb6141673 178368 postgresql-plpython3-15-dbgsym_15.8-0+deb12u1_amd64.deb 1df49b7079bfa68841ecb55cd77761cd98595fb9 110992 postgresql-plpython3-15_15.8-0+deb12u1_amd64.deb 00e0a6242aa7185e47d561e58b88b8196f904119 79580 postgresql-pltcl-15-dbgsym_15.8-0+deb12u1_amd64.deb 790639478518fa87d38bdc445d70ba0c124ea159 41688 postgresql-pltcl-15_15.8-0+deb12u1_amd64.deb ac316f6b54a94dd089fa55b46b042ea244ca898d 1143564 postgresql-server-dev-15_15.8-0+deb12u1_amd64.deb Checksums-Sha256: cd786d5e984948995e398fe42cc390ec087d4b945a269377651e14c7648b7e39 38108 libecpg-compat3-dbgsym_15.8-0+deb12u1_amd64.deb e0147f9cec8e3e47e49dada8d61d17b85d308e09243deda1026008577c94c6dd 22576 libecpg-compat3_15.8-0+deb12u1_amd64.deb cbe20eca71f1f556eab234295069251f334ab25ae31d3fcde926ba585a3386e6 280884 libecpg-dev-dbgsym_15.8-0+deb12u1_amd64.deb eb5a19272b885b31edea1086277efa8714b3f5eab6da93544ae0667e6a9e043d 295392 libecpg-dev_15.8-0+deb12u1_amd64.deb 9fc77e921abc466fb45ff01171017bcee5aaaee4cf5df10ed961a5d26174e5f9 113160 libecpg6-dbgsym_15.8-0+deb12u1_amd64.deb 9b36508135c6297f0186878ed38a469a7c2a4be41370a0f84ec7b52b866fa06d 60672 libecpg6_15.8-0+deb12u1_amd64.deb 8c0666569b0aa0a61482c4faf75aae32e2e8c0905db2b1681b18c127ea5c514f 88324 libpgtypes3-dbgsym_15.8-0+deb12u1_amd64.deb 47580186218910f0f366619dc72d020dad268a2317d9152f5d68a2661c248d2c 44264 libpgtypes3_15.8-0+deb12u1_amd64.deb d412a5b703076456955b73825606f00a31a56858961ecbfd2b99597d43e36365 143764 libpq-dev_15.8-0+deb12u1_amd64.deb 0b9f3a36c54556f4c573d609c558bd6cf3ea16f1d96b6f4e11eb7ed8c25a7058 277124 libpq5-dbgsym_15.8-0+deb12u1_amd64.deb 22375713de4c05255fcb4d7285b0fd02b3e645f3dad61261cbd5010cd84bd9de 188308 libpq5_15.8-0+deb12u1_amd64.deb cae3b76054f6d3d9fd2b50aa6cf110f3184297323ca36d1b42937bb933642c0b 16883336 postgresql-15-dbgsym_15.8-0+deb12u1_amd64.deb a13392d38faf689704adad9b09d9ed6a16854ba9110dd4370fb2d4572a129481 16568 postgresql-15_15.8-0+deb12u1_amd64.buildinfo b9e2fe8d8b9f2bcac5679d17ede537ee52f71e38587346c4ef9682f1ba54a282 16801768 postgresql-15_15.8-0+deb12u1_amd64.deb 56f2fbae32233ea9fa2eeef980132ceff30b59fcf5fcb1ee8a1758c5b3ece876 2420168 postgresql-client-15-dbgsym_15.8-0+deb12u1_amd64.deb 203adef21bb13871ab1122b098c2074144d676cc925023e9e5fd869fff95e6f4 1701264 postgresql-client-15_15.8-0+deb12u1_amd64.deb 9540abf01606cc8993ffb4f6c875de27ca130eeda7d51814afacf11a5d0e607d 2043012 postgresql-doc-15_15.8-0+deb12u1_all.deb 3bbead00b3c9b1cc4e76ea4f74c9d03737335a9e95f67a991b3fbac3f7dc7b4a 186756 postgresql-plperl-15-dbgsym_15.8-0+deb12u1_amd64.deb e2846c29a15380472bbded77dff497d793ed47c7e29bf6fd08ad207d180d88ec 89584 postgresql-plperl-15_15.8-0+deb12u1_amd64.deb 07608c25f592a348178c01eef8d0cfe32e2bfd6824c732bf04df7458dc2b2252 178368 postgresql-plpython3-15-dbgsym_15.8-0+deb12u1_amd64.deb 4ea1ea4cfa226327ced358fe0df8035cd90a2e47d6ea3f8ccbd912b0e7944b57 110992 postgresql-plpython3-15_15.8-0+deb12u1_amd64.deb 6e382dd12d2f44c3360f125800d5b63763a7b44874d980f4db265b9e7d602212 79580 postgresql-pltcl-15-dbgsym_15.8-0+deb12u1_amd64.deb d3a0c0d622a64c7563e0a9d76411bd046a89cfeaf17d3aa5be1b7966dd07fc3c 41688 postgresql-pltcl-15_15.8-0+deb12u1_amd64.deb a54a10312720a84f40c092b7c81de782cced429fa96798ca521f682c320ddc80 1143564 postgresql-server-dev-15_15.8-0+deb12u1_amd64.deb Files: 0e96f32c7295174e96e21a137c548c10 38108 debug optional libecpg-compat3-dbgsym_15.8-0+deb12u1_amd64.deb b6d3ade20bf13d7be1307c3b476138b1 22576 libs optional libecpg-compat3_15.8-0+deb12u1_amd64.deb 66f32f0f296517b122f3701e913254ba 280884 debug optional libecpg-dev-dbgsym_15.8-0+deb12u1_amd64.deb db0b21fbb2f70ad4b7766057dd5e2b76 295392 libdevel optional libecpg-dev_15.8-0+deb12u1_amd64.deb 107297016cdaa7f9d8b9fee3eaad6344 113160 debug optional libecpg6-dbgsym_15.8-0+deb12u1_amd64.deb 56783d82b9d5aa26913c006ae83b6088 60672 libs optional libecpg6_15.8-0+deb12u1_amd64.deb 5a45bc8b9d5794bc9fd57b842ac75f7f 88324 debug optional libpgtypes3-dbgsym_15.8-0+deb12u1_amd64.deb 8d7c97d11a5cbdb387d16510d5f2a260 44264 libs optional libpgtypes3_15.8-0+deb12u1_amd64.deb 5db5c109b124aecc339499f02e225572 143764 libdevel optional libpq-dev_15.8-0+deb12u1_amd64.deb 0368cfe52337f1038d2dca186766550b 277124 debug optional libpq5-dbgsym_15.8-0+deb12u1_amd64.deb a4e948800c76478520c8b16b192c1d42 188308 libs optional libpq5_15.8-0+deb12u1_amd64.deb e759813e734b7053734b4350e79bad26 16883336 debug optional postgresql-15-dbgsym_15.8-0+deb12u1_amd64.deb 76c0014daef4e05e6b1123969599d2cd 16568 database optional postgresql-15_15.8-0+deb12u1_amd64.buildinfo 55b0e35bd04897544c573608405d7d0b 16801768 database optional postgresql-15_15.8-0+deb12u1_amd64.deb b54c974d792471e0dbb046534da1575a 2420168 debug optional postgresql-client-15-dbgsym_15.8-0+deb12u1_amd64.deb b4ee6fce221e5400687e45c8cfc82f66 1701264 database optional postgresql-client-15_15.8-0+deb12u1_amd64.deb 53ec4b05468e19f08baa2c03ab32958f 2043012 doc optional postgresql-doc-15_15.8-0+deb12u1_all.deb bdf967b04172baa371d962b12963d173 186756 debug optional postgresql-plperl-15-dbgsym_15.8-0+deb12u1_amd64.deb 034a65b5b2ba7deb5e5ca09a1e8b8c44 89584 database optional postgresql-plperl-15_15.8-0+deb12u1_amd64.deb dfe30dba853b3e3f3108dab200c1bf0c 178368 debug optional postgresql-plpython3-15-dbgsym_15.8-0+deb12u1_amd64.deb 2b64230ae2e43e687aa40007eaa5132b 110992 database optional postgresql-plpython3-15_15.8-0+deb12u1_amd64.deb a51d4ce1a864ac3e4dc4d9c80f2822d6 79580 debug optional postgresql-pltcl-15-dbgsym_15.8-0+deb12u1_amd64.deb c5a766ab9c1add747b88c59441b2e6f9 41688 database optional postgresql-pltcl-15_15.8-0+deb12u1_amd64.deb ffc2979a8af483d4e19db38a92ed7afa 1143564 libdevel optional postgresql-server-dev-15_15.8-0+deb12u1_amd64.deb