-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA512 Format: 1.8 Date: Tue, 06 Feb 2024 13:37:19 +0100 Source: postgresql-15 Binary: libecpg-compat3 libecpg-compat3-dbgsym libecpg-dev libecpg-dev-dbgsym libecpg6 libecpg6-dbgsym libpgtypes3 libpgtypes3-dbgsym libpq-dev libpq5 libpq5-dbgsym postgresql-15 postgresql-15-dbgsym postgresql-client-15 postgresql-client-15-dbgsym postgresql-plperl-15 postgresql-plperl-15-dbgsym postgresql-plpython3-15 postgresql-plpython3-15-dbgsym postgresql-pltcl-15 postgresql-pltcl-15-dbgsym postgresql-server-dev-15 Architecture: i386 Version: 15.6-0+deb12u1 Distribution: bookworm-security Urgency: medium Maintainer: i386 Build Daemon (x86-grnet-01) Changed-By: Christoph Berg Description: libecpg-compat3 - older version of run-time library for ECPG programs libecpg-dev - development files for ECPG (Embedded PostgreSQL for C) libecpg6 - run-time library for ECPG programs libpgtypes3 - shared library libpgtypes for PostgreSQL 15 libpq-dev - header files for libpq5 (PostgreSQL library) libpq5 - PostgreSQL C client library postgresql-15 - The World's Most Advanced Open Source Relational Database postgresql-client-15 - front-end programs for PostgreSQL 15 postgresql-plperl-15 - PL/Perl procedural language for PostgreSQL 15 postgresql-plpython3-15 - PL/Python 3 procedural language for PostgreSQL 15 postgresql-pltcl-15 - PL/Tcl procedural language for PostgreSQL 15 postgresql-server-dev-15 - development files for PostgreSQL 15 server-side programming Changes: postgresql-15 (15.6-0+deb12u1) bookworm-security; urgency=medium . * New upstream version. . * Tighten security restrictions within REFRESH MATERIALIZED VIEW CONCURRENTLY (Heikki Linnakangas) . One step of a concurrent refresh command was run under weak security restrictions. If a materialized view's owner could persuade a superuser or other high-privileged user to perform a concurrent refresh on that view, the view's owner could control code executed with the privileges of the user running REFRESH. Fix things so that all user-determined code is run as the view's owner, as expected. . The PostgreSQL Project thanks Pedro Gallegos for reporting this problem. (CVE-2024-0985) Checksums-Sha1: 0d1ea031dfd269c0d9c26661d71f64d952156e30 34616 libecpg-compat3-dbgsym_15.6-0+deb12u1_i386.deb afeb852d4608eecae24f88182d8f059d4223b5f5 22252 libecpg-compat3_15.6-0+deb12u1_i386.deb 3b04124a1f164562a919a99f0e595f76a77748e7 271136 libecpg-dev-dbgsym_15.6-0+deb12u1_i386.deb 9d3bf4ed812363530a8e0a5a382015c1d78cb082 304700 libecpg-dev_15.6-0+deb12u1_i386.deb 0bae99442378feb0cf3cb2fb0d075f16be0122b4 101816 libecpg6-dbgsym_15.6-0+deb12u1_i386.deb 70d362c8dacc523d112e6727e994065f0efeb5aa 63460 libecpg6_15.6-0+deb12u1_i386.deb b106b5d1508e58101b4185214dd306deed08fafe 80812 libpgtypes3-dbgsym_15.6-0+deb12u1_i386.deb 6db2c9a7dfbdd7e780d8735911a4f3ccaf2bd8f8 45324 libpgtypes3_15.6-0+deb12u1_i386.deb 176c8e8084a76feecaf33709984ab7f3f33959fa 151656 libpq-dev_15.6-0+deb12u1_i386.deb 674bfcd66928c61ba575df3b66db07f82b75d831 241188 libpq5-dbgsym_15.6-0+deb12u1_i386.deb 6af8f46df134bedd1034e038da94650c539ce547 195008 libpq5_15.6-0+deb12u1_i386.deb 4a15161a723f5fd44ac1cee890047e01261e51c0 15253488 postgresql-15-dbgsym_15.6-0+deb12u1_i386.deb b1c6a4d5090fa6e4c78265e6e1feb28c05f0735e 16725 postgresql-15_15.6-0+deb12u1_i386-buildd.buildinfo 8c4ede080903cde88daaa6b1a0d52aaa7909f023 17012664 postgresql-15_15.6-0+deb12u1_i386.deb 16b149e6f3f0d5b930958eb844a66d8b8124a8a1 2058952 postgresql-client-15-dbgsym_15.6-0+deb12u1_i386.deb 377bf0e7b5619a69f79bd54b25e9438cc7382fff 1721496 postgresql-client-15_15.6-0+deb12u1_i386.deb 69e0709503037ba2f7b5fa5a65ec699442a0ffe7 173676 postgresql-plperl-15-dbgsym_15.6-0+deb12u1_i386.deb 27a7a789f628d6ee7d5bd7335c4de2b7e37bb15e 91820 postgresql-plperl-15_15.6-0+deb12u1_i386.deb 7e312d1602f11443a219ed063b1424a261d030c3 162840 postgresql-plpython3-15-dbgsym_15.6-0+deb12u1_i386.deb 971d7ebcb4631630935bddee314f19132e215181 112384 postgresql-plpython3-15_15.6-0+deb12u1_i386.deb 73ae8057ed77b479b1a5c4d15f6f133f18e0af5a 74032 postgresql-pltcl-15-dbgsym_15.6-0+deb12u1_i386.deb bd1620675b22fa2d2e22e9165dd81a6b9f94e43b 41768 postgresql-pltcl-15_15.6-0+deb12u1_i386.deb 981a6614e4504ca59da4e4baa58b02d68e7870ad 1155280 postgresql-server-dev-15_15.6-0+deb12u1_i386.deb Checksums-Sha256: 73795ca69e3de2ea554e7b5d603ff8d39d169f5b48c08e49073ab662e9df56f6 34616 libecpg-compat3-dbgsym_15.6-0+deb12u1_i386.deb 2420e899289334b3a9581a3df482d0f6ed8953f8b626780366ad3a6e376e1694 22252 libecpg-compat3_15.6-0+deb12u1_i386.deb e605f6fb22c6a4b6159b4a7c377de9d8948f44a981ea3f1daec5480080bdd51c 271136 libecpg-dev-dbgsym_15.6-0+deb12u1_i386.deb 3bfd5628fd52d04c307c1ab5966ce172845f1095cc1783e0c35e75fdd5758fce 304700 libecpg-dev_15.6-0+deb12u1_i386.deb 3b27c532d0930ccadcc739e66ff0131fd17d8e5d553fae5e546770a1a5f8c2ce 101816 libecpg6-dbgsym_15.6-0+deb12u1_i386.deb 9be09138786620b685fe1144175e9e1f2238bf60be695b67763419fbd0ccfbdb 63460 libecpg6_15.6-0+deb12u1_i386.deb 08d191290db098412f148386c25531a89db5f7fd428084ab39aec617f115d248 80812 libpgtypes3-dbgsym_15.6-0+deb12u1_i386.deb ed5bcd3ec11e6954010d5dd8d180665b8c0cc1eb1338c881f94e2975eeb2f5fa 45324 libpgtypes3_15.6-0+deb12u1_i386.deb 2c6450829fe1ed71ecd7c5fd10a3250e5c4b0f5fd06d7383a8c910c59960d5e9 151656 libpq-dev_15.6-0+deb12u1_i386.deb 2390d9d4f16929511c238bc967ab22241cd83bd1ba633bfce67e78209e8f6f85 241188 libpq5-dbgsym_15.6-0+deb12u1_i386.deb 40caac0254573ec0ed7463068e282aafdc2ef888be3da28be1b6a96e62dd3df0 195008 libpq5_15.6-0+deb12u1_i386.deb 1023c19babcfa4a326aac1abcf22f8ba6e7ab60a1941ad2433d8013fae46b5ce 15253488 postgresql-15-dbgsym_15.6-0+deb12u1_i386.deb 813e67093c57f8fea0cf286aa343c43817a0374ad9330f14147e4e9b3059c33a 16725 postgresql-15_15.6-0+deb12u1_i386-buildd.buildinfo f2b4b4d2410c5b770a453e88c597af85976cca2f3258ab7a9d7d98eb95a7630b 17012664 postgresql-15_15.6-0+deb12u1_i386.deb 81d663bd932a3499d2ef1f29f6908f99bfe4ea5945245803eea7a99a0c1e9042 2058952 postgresql-client-15-dbgsym_15.6-0+deb12u1_i386.deb ff43de1720b510c4a5ff68e8339f5f562b1f89da5db34b0491f943d5501f86ae 1721496 postgresql-client-15_15.6-0+deb12u1_i386.deb 8fee77630a523a8628ef52975af1aba3625a2080283ff0e5d90358faa8a2905b 173676 postgresql-plperl-15-dbgsym_15.6-0+deb12u1_i386.deb a2b7599d07c8ecabb09991887a3ae149027a1daadd40a3f88ff425618361ea93 91820 postgresql-plperl-15_15.6-0+deb12u1_i386.deb 3a4de2d0151bf4e5e3f9be4c2ace7b80b99f930ac4e0ca669f82cc377b518c21 162840 postgresql-plpython3-15-dbgsym_15.6-0+deb12u1_i386.deb 1510b28c5aceabbf4fddda9a2cbce68e7b5c5efd59dea6fafbab417912892bfe 112384 postgresql-plpython3-15_15.6-0+deb12u1_i386.deb 915f75a5782bf1e56462140337257f658983672d52db335b7074a60ecd7b12f6 74032 postgresql-pltcl-15-dbgsym_15.6-0+deb12u1_i386.deb 8611dd1451e117cb6de991795900e81a1e0cdf894b53ad6d42443b419d255477 41768 postgresql-pltcl-15_15.6-0+deb12u1_i386.deb ab23ad1ba349962854a00e131328c0e7162c95ae43e1afc5fa96b02ddb0df5e8 1155280 postgresql-server-dev-15_15.6-0+deb12u1_i386.deb Files: 5d06b29161b71e1d32a7e051da1bae44 34616 debug optional libecpg-compat3-dbgsym_15.6-0+deb12u1_i386.deb 490d710033c6ab5b5b0141dd0bdc9d78 22252 libs optional libecpg-compat3_15.6-0+deb12u1_i386.deb d3efc27f792ea4c3801d2e83a42e68d2 271136 debug optional libecpg-dev-dbgsym_15.6-0+deb12u1_i386.deb f840bf4c29f53ff784ac0ff228c45b07 304700 libdevel optional libecpg-dev_15.6-0+deb12u1_i386.deb c0f7d4cbeaef28bdd48a0fbfc78c85a5 101816 debug optional libecpg6-dbgsym_15.6-0+deb12u1_i386.deb 00f8ffd57b5dc09d68d92cfa3b00ed6a 63460 libs optional libecpg6_15.6-0+deb12u1_i386.deb 9d9950e86eee0bb558974c9a1dc19380 80812 debug optional libpgtypes3-dbgsym_15.6-0+deb12u1_i386.deb ba96e14a72e0b8afefd2bce8433acc1e 45324 libs optional libpgtypes3_15.6-0+deb12u1_i386.deb 1077f0b1272aa739ade9e5969cab6b85 151656 libdevel optional libpq-dev_15.6-0+deb12u1_i386.deb 27337603244fba8b635657442d65d6de 241188 debug optional libpq5-dbgsym_15.6-0+deb12u1_i386.deb 2828904a53e1611f84433cf3b32271a3 195008 libs optional libpq5_15.6-0+deb12u1_i386.deb 13dc782d2c0fbc8751203cdd971c881c 15253488 debug optional postgresql-15-dbgsym_15.6-0+deb12u1_i386.deb 65e71c1bd80d72b1c67db1a7219603cf 16725 database optional postgresql-15_15.6-0+deb12u1_i386-buildd.buildinfo 347eaa394a77f9f7e9a7d47c53658f52 17012664 database optional postgresql-15_15.6-0+deb12u1_i386.deb 8b1147bc75d2774c4f94c3a0f77c7681 2058952 debug optional postgresql-client-15-dbgsym_15.6-0+deb12u1_i386.deb dc9514db2312812082694e7f524b2f1f 1721496 database optional postgresql-client-15_15.6-0+deb12u1_i386.deb ce12c088523363584b305f81effb3cca 173676 debug optional postgresql-plperl-15-dbgsym_15.6-0+deb12u1_i386.deb e2ad43e08176d543027db6e0995de793 91820 database optional postgresql-plperl-15_15.6-0+deb12u1_i386.deb 14e6cc14ea962c4f9cbbeb6579af737f 162840 debug optional postgresql-plpython3-15-dbgsym_15.6-0+deb12u1_i386.deb b946885fe7253a2b06074841e96a681a 112384 database optional postgresql-plpython3-15_15.6-0+deb12u1_i386.deb 99089f98d475b302b2cb248a3747dd9b 74032 debug optional postgresql-pltcl-15-dbgsym_15.6-0+deb12u1_i386.deb 1db431d915fbdaf03723fd624e3629b7 41768 database optional postgresql-pltcl-15_15.6-0+deb12u1_i386.deb ac14ae9d96a16c7054a5c5ae2b8d7c93 1155280 libdevel optional postgresql-server-dev-15_15.6-0+deb12u1_i386.deb -----BEGIN PGP SIGNATURE----- iQIzBAEBCgAdFiEEqYm4ZPyuLwhx8Meo2VckltclZ4AFAmXMwrMACgkQ2Vckltcl Z4BbKQ/+PhmqfVF5cDTuBD8xXScT1JjdXouCt/xTO5cLFKfmy0daLqFVSh5rxLuH ewIdyvL/20Tjrb8iOpZNj9QTEDoAoRvI8/6Xm+GPkgXahp0k5BWC1N7RAPcgBpau NA5Sw8RlZLacJ2jwzkaANUF5+iX/OnqojrzYAM4ARAPEr1GaSywKF64kNnJzdlaI cWf/HldkW2xqVT/RK/t9/QpNUkvJ13RApSX+zYTVbEUkw1bekeaGbajdom4nEkKe wkxK79CfHN46CQvVY+3wLQjxqzjRsKiif3V8hOaQuUOEJsskaeyVNxhwETHum410 3iTrBNGjH3OVLua2gHjzROynyQL9doqQGvy3Qro6dxA35uYaUAQIu9O/RKCUEpFG 9zDs6D4ZX5h5VXQ7iydzSjWvJJBumxujDCp32Lbpgg3wx8qUQqZfSXyoQfHPaXbY Tjwt65LjGzDjcH0pfc+j3KWC2oUjmEvCPAz9iiXDVNKDb83JFokQv7bKRdIv1dGj YkIMogxt3U2htm5w8Oa4fjiBtQpPP2lPBaa7xNeUQjdGfjU0JLGkGNpkKkcVXTUQ M/dw1ThAmoaLm2FFF+TvPXBaElPdb/E40DYZW2hv4jBU2XV8rFYAJcG401GM4Yf3 OdtCAm82K87i+f6uSW7wvRud9mu9pCwAEAb50GaRApI04e0z5eU= =GnbV -----END PGP SIGNATURE-----