Format: 1.8 Date: Wed, 07 Aug 2024 15:24:37 +0200 Source: postgresql-15 Binary: libecpg-compat3 libecpg-compat3-dbgsym libecpg-dev libecpg-dev-dbgsym libecpg6 libecpg6-dbgsym libpgtypes3 libpgtypes3-dbgsym libpq-dev libpq5 libpq5-dbgsym postgresql-15 postgresql-15-dbgsym postgresql-client-15 postgresql-client-15-dbgsym postgresql-doc-15 postgresql-plperl-15 postgresql-plperl-15-dbgsym postgresql-plpython3-15 postgresql-plpython3-15-dbgsym postgresql-pltcl-15 postgresql-pltcl-15-dbgsym postgresql-server-dev-15 Architecture: amd64 all Version: 15.8-0+deb12u1 Distribution: bookworm Urgency: medium Maintainer: Debian PostgreSQL Maintainers Changed-By: Christoph Berg Description: libecpg-compat3 - older version of run-time library for ECPG programs libecpg-dev - development files for ECPG (Embedded PostgreSQL for C) libecpg6 - run-time library for ECPG programs libpgtypes3 - shared library libpgtypes for PostgreSQL 15 libpq-dev - header files for libpq5 (PostgreSQL library) libpq5 - PostgreSQL C client library postgresql-15 - The World's Most Advanced Open Source Relational Database postgresql-client-15 - front-end programs for PostgreSQL 15 postgresql-doc-15 - documentation for the PostgreSQL database management system postgresql-plperl-15 - PL/Perl procedural language for PostgreSQL 15 postgresql-plpython3-15 - PL/Python 3 procedural language for PostgreSQL 15 postgresql-pltcl-15 - PL/Tcl procedural language for PostgreSQL 15 postgresql-server-dev-15 - development files for PostgreSQL 15 server-side programming Changes: postgresql-15 (15.8-0+deb12u1) bookworm-security; urgency=medium . * New upstream version. . + Prevent unauthorized code execution during pg_dump (Masahiko Sawada) . An attacker able to create and drop non-temporary objects could inject SQL code that would be executed by a concurrent pg_dump session with the privileges of the role running pg_dump (which is often a superuser). The attack involves replacing a sequence or similar object with a view or foreign table that will execute malicious code. To prevent this, introduce a new server parameter restrict_nonsystem_relation_kind that can disable expansion of non-builtin views as well as access to foreign tables, and teach pg_dump to set it when available. Note that the attack is prevented only if both pg_dump and the server it is dumping from are new enough to have this fix. . The PostgreSQL Project thanks Noah Misch for reporting this problem. (CVE-2024-7348) . * Refresh debian/patches/focal-arm64-outline-atomics. Checksums-Sha1: 9f939a1c1a315a7d61e17703befbff125f227ab3 38108 libecpg-compat3-dbgsym_15.8-0+deb12u1_amd64.deb 76938d2a24110f35daa1353bca0921b625b77bfa 22576 libecpg-compat3_15.8-0+deb12u1_amd64.deb 8c530b5de6e2b3eb4acb224f8fbf1c1072824a41 280884 libecpg-dev-dbgsym_15.8-0+deb12u1_amd64.deb 6862fb7da46cb80dc8a82cdee0e565c4b650d784 295392 libecpg-dev_15.8-0+deb12u1_amd64.deb d733e6be988a237679ce48be78690a7b863cc3c2 113160 libecpg6-dbgsym_15.8-0+deb12u1_amd64.deb 09cab1289a60818b8afdc0632d1f2ad2b6ebfb2e 60672 libecpg6_15.8-0+deb12u1_amd64.deb 90844f6c11aee5153eeee92893caad1e4d7016c9 88324 libpgtypes3-dbgsym_15.8-0+deb12u1_amd64.deb 12b1f75a75e5740c18d6dd9b78221c550854e4c1 44264 libpgtypes3_15.8-0+deb12u1_amd64.deb 5ea4e70d99dad5213f30e6a1444ae6d7c77d51d4 143764 libpq-dev_15.8-0+deb12u1_amd64.deb c9ba739ec24687d034bf87b771f8ff974ed896a6 277124 libpq5-dbgsym_15.8-0+deb12u1_amd64.deb 91f5daa17d6780fb653a7e4346ea68094f49ecc9 188308 libpq5_15.8-0+deb12u1_amd64.deb 337b3716f43f19693de929b002a7f770f0a6a249 16873580 postgresql-15-dbgsym_15.8-0+deb12u1_amd64.deb 2dee72262fdc7a0174de4605e1a28501926672a3 16574 postgresql-15_15.8-0+deb12u1_amd64.buildinfo e0bd2272490a23482ed214eb77d277cf0bf63bc2 16800428 postgresql-15_15.8-0+deb12u1_amd64.deb db1d895e58d06367f86bb90461aeb67507ce750c 2420168 postgresql-client-15-dbgsym_15.8-0+deb12u1_amd64.deb ec41111402c38f60104d4fa9b6175637e41ecf36 1701264 postgresql-client-15_15.8-0+deb12u1_amd64.deb 9e7a4fe7e15b9240a486b3aa93b7a6d1cc50948f 2043012 postgresql-doc-15_15.8-0+deb12u1_all.deb 9adf2020e98db40ce030e0dbebec9239b1c3054c 186756 postgresql-plperl-15-dbgsym_15.8-0+deb12u1_amd64.deb 6ce0101e57ba34a03ecd7dd91971b70902c96ed9 89408 postgresql-plperl-15_15.8-0+deb12u1_amd64.deb babe0f385434b2dae39c028c2918b9efb6141673 178368 postgresql-plpython3-15-dbgsym_15.8-0+deb12u1_amd64.deb da59cd8965a4e1da6e766224b64936dea41c8a26 111640 postgresql-plpython3-15_15.8-0+deb12u1_amd64.deb 00e0a6242aa7185e47d561e58b88b8196f904119 79580 postgresql-pltcl-15-dbgsym_15.8-0+deb12u1_amd64.deb 790639478518fa87d38bdc445d70ba0c124ea159 41688 postgresql-pltcl-15_15.8-0+deb12u1_amd64.deb ac316f6b54a94dd089fa55b46b042ea244ca898d 1143564 postgresql-server-dev-15_15.8-0+deb12u1_amd64.deb Checksums-Sha256: cd786d5e984948995e398fe42cc390ec087d4b945a269377651e14c7648b7e39 38108 libecpg-compat3-dbgsym_15.8-0+deb12u1_amd64.deb e0147f9cec8e3e47e49dada8d61d17b85d308e09243deda1026008577c94c6dd 22576 libecpg-compat3_15.8-0+deb12u1_amd64.deb cbe20eca71f1f556eab234295069251f334ab25ae31d3fcde926ba585a3386e6 280884 libecpg-dev-dbgsym_15.8-0+deb12u1_amd64.deb eb5a19272b885b31edea1086277efa8714b3f5eab6da93544ae0667e6a9e043d 295392 libecpg-dev_15.8-0+deb12u1_amd64.deb 9fc77e921abc466fb45ff01171017bcee5aaaee4cf5df10ed961a5d26174e5f9 113160 libecpg6-dbgsym_15.8-0+deb12u1_amd64.deb 9b36508135c6297f0186878ed38a469a7c2a4be41370a0f84ec7b52b866fa06d 60672 libecpg6_15.8-0+deb12u1_amd64.deb 8c0666569b0aa0a61482c4faf75aae32e2e8c0905db2b1681b18c127ea5c514f 88324 libpgtypes3-dbgsym_15.8-0+deb12u1_amd64.deb 47580186218910f0f366619dc72d020dad268a2317d9152f5d68a2661c248d2c 44264 libpgtypes3_15.8-0+deb12u1_amd64.deb d412a5b703076456955b73825606f00a31a56858961ecbfd2b99597d43e36365 143764 libpq-dev_15.8-0+deb12u1_amd64.deb 0b9f3a36c54556f4c573d609c558bd6cf3ea16f1d96b6f4e11eb7ed8c25a7058 277124 libpq5-dbgsym_15.8-0+deb12u1_amd64.deb 22375713de4c05255fcb4d7285b0fd02b3e645f3dad61261cbd5010cd84bd9de 188308 libpq5_15.8-0+deb12u1_amd64.deb 643609df96bdf8efc57f074e4ba52e3d87c6855e10305b74f980d6b5df2f5f50 16873580 postgresql-15-dbgsym_15.8-0+deb12u1_amd64.deb 1b1f5e2eb862e5c139907cb4df269c8c854054e8cce225783384fa4a235dd941 16574 postgresql-15_15.8-0+deb12u1_amd64.buildinfo 850ac5f575f7105f249fb1778ed0d61e5164f4c5c09b23452d7ffa766b7e1152 16800428 postgresql-15_15.8-0+deb12u1_amd64.deb 56f2fbae32233ea9fa2eeef980132ceff30b59fcf5fcb1ee8a1758c5b3ece876 2420168 postgresql-client-15-dbgsym_15.8-0+deb12u1_amd64.deb 203adef21bb13871ab1122b098c2074144d676cc925023e9e5fd869fff95e6f4 1701264 postgresql-client-15_15.8-0+deb12u1_amd64.deb 9540abf01606cc8993ffb4f6c875de27ca130eeda7d51814afacf11a5d0e607d 2043012 postgresql-doc-15_15.8-0+deb12u1_all.deb 3bbead00b3c9b1cc4e76ea4f74c9d03737335a9e95f67a991b3fbac3f7dc7b4a 186756 postgresql-plperl-15-dbgsym_15.8-0+deb12u1_amd64.deb d89947cc3ccf3d13e1a7f3d9e9fbcfecd1b5357d9a702676851ce2f8cec5d4d6 89408 postgresql-plperl-15_15.8-0+deb12u1_amd64.deb 07608c25f592a348178c01eef8d0cfe32e2bfd6824c732bf04df7458dc2b2252 178368 postgresql-plpython3-15-dbgsym_15.8-0+deb12u1_amd64.deb a4306e2ef498f893e8ae12ed2b75a9b1f72ae6c656aa6a5ec11d95ec69d5ae37 111640 postgresql-plpython3-15_15.8-0+deb12u1_amd64.deb 6e382dd12d2f44c3360f125800d5b63763a7b44874d980f4db265b9e7d602212 79580 postgresql-pltcl-15-dbgsym_15.8-0+deb12u1_amd64.deb d3a0c0d622a64c7563e0a9d76411bd046a89cfeaf17d3aa5be1b7966dd07fc3c 41688 postgresql-pltcl-15_15.8-0+deb12u1_amd64.deb a54a10312720a84f40c092b7c81de782cced429fa96798ca521f682c320ddc80 1143564 postgresql-server-dev-15_15.8-0+deb12u1_amd64.deb Files: 0e96f32c7295174e96e21a137c548c10 38108 debug optional libecpg-compat3-dbgsym_15.8-0+deb12u1_amd64.deb b6d3ade20bf13d7be1307c3b476138b1 22576 libs optional libecpg-compat3_15.8-0+deb12u1_amd64.deb 66f32f0f296517b122f3701e913254ba 280884 debug optional libecpg-dev-dbgsym_15.8-0+deb12u1_amd64.deb db0b21fbb2f70ad4b7766057dd5e2b76 295392 libdevel optional libecpg-dev_15.8-0+deb12u1_amd64.deb 107297016cdaa7f9d8b9fee3eaad6344 113160 debug optional libecpg6-dbgsym_15.8-0+deb12u1_amd64.deb 56783d82b9d5aa26913c006ae83b6088 60672 libs optional libecpg6_15.8-0+deb12u1_amd64.deb 5a45bc8b9d5794bc9fd57b842ac75f7f 88324 debug optional libpgtypes3-dbgsym_15.8-0+deb12u1_amd64.deb 8d7c97d11a5cbdb387d16510d5f2a260 44264 libs optional libpgtypes3_15.8-0+deb12u1_amd64.deb 5db5c109b124aecc339499f02e225572 143764 libdevel optional libpq-dev_15.8-0+deb12u1_amd64.deb 0368cfe52337f1038d2dca186766550b 277124 debug optional libpq5-dbgsym_15.8-0+deb12u1_amd64.deb a4e948800c76478520c8b16b192c1d42 188308 libs optional libpq5_15.8-0+deb12u1_amd64.deb d8df5a2e9f7720375d1fa7da92f115db 16873580 debug optional postgresql-15-dbgsym_15.8-0+deb12u1_amd64.deb 1007304049314b5f52a07c630ecede48 16574 database optional postgresql-15_15.8-0+deb12u1_amd64.buildinfo 2108bff42e86bbd306d0c68f6e33d3d6 16800428 database optional postgresql-15_15.8-0+deb12u1_amd64.deb b54c974d792471e0dbb046534da1575a 2420168 debug optional postgresql-client-15-dbgsym_15.8-0+deb12u1_amd64.deb b4ee6fce221e5400687e45c8cfc82f66 1701264 database optional postgresql-client-15_15.8-0+deb12u1_amd64.deb 53ec4b05468e19f08baa2c03ab32958f 2043012 doc optional postgresql-doc-15_15.8-0+deb12u1_all.deb bdf967b04172baa371d962b12963d173 186756 debug optional postgresql-plperl-15-dbgsym_15.8-0+deb12u1_amd64.deb a567c7b46571b2382d400e6ec439ca81 89408 database optional postgresql-plperl-15_15.8-0+deb12u1_amd64.deb dfe30dba853b3e3f3108dab200c1bf0c 178368 debug optional postgresql-plpython3-15-dbgsym_15.8-0+deb12u1_amd64.deb df8627874b250b89c546c5a61b6e679b 111640 database optional postgresql-plpython3-15_15.8-0+deb12u1_amd64.deb a51d4ce1a864ac3e4dc4d9c80f2822d6 79580 debug optional postgresql-pltcl-15-dbgsym_15.8-0+deb12u1_amd64.deb c5a766ab9c1add747b88c59441b2e6f9 41688 database optional postgresql-pltcl-15_15.8-0+deb12u1_amd64.deb ffc2979a8af483d4e19db38a92ed7afa 1143564 libdevel optional postgresql-server-dev-15_15.8-0+deb12u1_amd64.deb