-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA512

Format: 1.8
Date: Tue, 12 Nov 2024 15:06:10 +0100
Source: postgresql-15
Binary: libecpg-compat3 libecpg-compat3-dbgsym libecpg-dev libecpg-dev-dbgsym libecpg6 libecpg6-dbgsym libpgtypes3 libpgtypes3-dbgsym libpq-dev libpq5 libpq5-dbgsym postgresql-15 postgresql-15-dbgsym postgresql-client-15 postgresql-client-15-dbgsym postgresql-plperl-15 postgresql-plperl-15-dbgsym postgresql-plpython3-15 postgresql-plpython3-15-dbgsym postgresql-pltcl-15 postgresql-pltcl-15-dbgsym postgresql-server-dev-15
Architecture: mips64el
Version: 15.9-0+deb12u1
Distribution: bookworm-security
Urgency: medium
Maintainer: mipsel Build Daemon (mipsel-osuosl-03) <buildd_mips64el-mipsel-osuosl-03@buildd.debian.org>
Changed-By: Christoph Berg <myon@debian.org>
Description:
 libecpg-compat3 - older version of run-time library for ECPG programs
 libecpg-dev - development files for ECPG (Embedded PostgreSQL for C)
 libecpg6   - run-time library for ECPG programs
 libpgtypes3 - shared library libpgtypes for PostgreSQL 15
 libpq-dev  - header files for libpq5 (PostgreSQL library)
 libpq5     - PostgreSQL C client library
 postgresql-15 - The World's Most Advanced Open Source Relational Database
 postgresql-client-15 - front-end programs for PostgreSQL 15
 postgresql-plperl-15 - PL/Perl procedural language for PostgreSQL 15
 postgresql-plpython3-15 - PL/Python 3 procedural language for PostgreSQL 15
 postgresql-pltcl-15 - PL/Tcl procedural language for PostgreSQL 15
 postgresql-server-dev-15 - development files for PostgreSQL 15 server-side programming
Changes:
 postgresql-15 (15.9-0+deb12u1) bookworm-security; urgency=medium
 .
   * New upstream version 15.9.
 .
     + Ensure cached plans are marked as dependent on the calling role when RLS
       applies to a non-top-level table reference (Nathan Bossart)
 .
       If a CTE, subquery, sublink, security invoker view, or coercion
       projection in a query references a table with row-level security
       policies, we neglected to mark the resulting plan as potentially
       dependent on which role is executing it.  This could lead to later query
       executions in the same session using the wrong plan, and then returning
       or hiding rows that should have been hidden or returned instead.
 .
       The PostgreSQL Project thanks Wolfgang Walther for reporting this
       problem. (CVE-2024-10976)
 .
     + Make libpq discard error messages received during SSL or GSS protocol
       negotiation (Jacob Champion)
 .
       An error message received before encryption negotiation is completed
       might have been injected by a man-in-the-middle, rather than being real
       server output.  Reporting it opens the door to various security hazards;
       for example, the message might spoof a query result that a careless user
       could mistake for correct output.  The best answer seems to be to
       discard such data and rely only on libpq's own report of the connection
       failure.
 .
       The PostgreSQL Project thanks Jacob Champion for reporting this problem.
       (CVE-2024-10977)
 .
     + Fix unintended interactions between SET SESSION AUTHORIZATION and SET
       ROLE (Tom Lane)
 .
       The SQL standard mandates that SET SESSION AUTHORIZATION have a
       side-effect of doing SET ROLE NONE.  Our implementation of that was
       flawed, creating more interaction between the two settings than
       intended. Notably, rolling back a transaction that had done SET SESSION
       AUTHORIZATION would revert ROLE to NONE even if that had not been the
       previous state, so that the effective user ID might now be different
       from what it had been before the transaction.  Transiently setting
       session_authorization in a function SET clause had a similar effect. A
       related bug was that if a parallel worker inspected
       current_setting('role'), it saw none even when it should see something
       else.
 .
       The PostgreSQL Project thanks Tom Lane for reporting this problem.
       (CVE-2024-10978)
 .
     + Prevent trusted PL/Perl code from changing environment variables
       (Andrew Dunstan, Noah Misch)
 .
       The ability to manipulate process environment variables such as PATH
       gives an attacker opportunities to execute arbitrary code.  Therefore,
       trusted PLs must not offer the ability to do that.  To fix plperl,
       replace %ENV with a tied hash that rejects any modification attempt with
       a warning. Untrusted plperlu retains the ability to change the
       environment.
 .
       The PostgreSQL Project thanks Coby Abrams for reporting this problem.
       (CVE-2024-10979)
Checksums-Sha1:
 79d92b35b9d5f65726fe9ed279dc389f9254ea68 18096 libecpg-compat3-dbgsym_15.9-0+deb12u1_mips64el.deb
 754517e69ae4e6596f3d639eafb9f161e0473d4e 17276 libecpg-compat3_15.9-0+deb12u1_mips64el.deb
 5a468f9de6f2333f69018e07db59825c2558c28c 249636 libecpg-dev-dbgsym_15.9-0+deb12u1_mips64el.deb
 38b88fab27d886235dd7a3a65ea0c50d2c5bd796 287104 libecpg-dev_15.9-0+deb12u1_mips64el.deb
 3f2039251375daeed60944f8cfd1a351f44d10c5 116796 libecpg6-dbgsym_15.9-0+deb12u1_mips64el.deb
 a5c25901be7a44efa31fb19dfd02cd71bcb493b8 58580 libecpg6_15.9-0+deb12u1_mips64el.deb
 e8da1215564ec7c57ce45f0b8e31dfa17363e43a 92596 libpgtypes3-dbgsym_15.9-0+deb12u1_mips64el.deb
 7be27b0911f9530e5498b2d41dd60525940921aa 43712 libpgtypes3_15.9-0+deb12u1_mips64el.deb
 fb543ba833c3ca8025dd2749876d83f051c86ee2 150492 libpq-dev_15.9-0+deb12u1_mips64el.deb
 4f87ac00d5893a13ac48e8f5b2739c8704a8e6e6 286140 libpq5-dbgsym_15.9-0+deb12u1_mips64el.deb
 4c48cc40c1564371d7a0675f023003e1833af01c 178608 libpq5_15.9-0+deb12u1_mips64el.deb
 7c439f1201d5831cd2fe063f7a12ad4b0f013edb 17025548 postgresql-15-dbgsym_15.9-0+deb12u1_mips64el.deb
 b763a30aa5c364bca560af26ba1678e43545ca79 16994 postgresql-15_15.9-0+deb12u1_mips64el-buildd.buildinfo
 27d37cb2668828b96f5ad191497d3272ec741cf0 16355888 postgresql-15_15.9-0+deb12u1_mips64el.deb
 1203946c76f218d142a9e3f31bcd0068d0cfdcce 2404260 postgresql-client-15-dbgsym_15.9-0+deb12u1_mips64el.deb
 427df3d12ed4191c121c1be8426a016c5881c130 1648164 postgresql-client-15_15.9-0+deb12u1_mips64el.deb
 18132ee81345e24b441e7b4437893423a27733e3 190172 postgresql-plperl-15-dbgsym_15.9-0+deb12u1_mips64el.deb
 190a041f2453c9fe621046bc6b34b13e05244894 85856 postgresql-plperl-15_15.9-0+deb12u1_mips64el.deb
 5e2c1a1cfdb62781b441080fe7c7e8a11da2cd70 182568 postgresql-plpython3-15-dbgsym_15.9-0+deb12u1_mips64el.deb
 0e8087d82213862d225ed25e46c1f28e989da112 104768 postgresql-plpython3-15_15.9-0+deb12u1_mips64el.deb
 58902b817bb4a1239a9094e71c7bb08f060f941a 81424 postgresql-pltcl-15-dbgsym_15.9-0+deb12u1_mips64el.deb
 9ae7f276d0615a5780b87ab34156db4b2d8a4d23 40116 postgresql-pltcl-15_15.9-0+deb12u1_mips64el.deb
 e8fbe688362ee3484de7f51dda676ca7b7e6856f 1153036 postgresql-server-dev-15_15.9-0+deb12u1_mips64el.deb
Checksums-Sha256:
 a88cc8d459e0169460a77e69da788a2fe7ca66b4169a3f7b04e7a3eb7c2785fc 18096 libecpg-compat3-dbgsym_15.9-0+deb12u1_mips64el.deb
 14a6d3b3b9990cc4d00d314fc428f4a0191ba64f59671833f9b2210c42a11cfd 17276 libecpg-compat3_15.9-0+deb12u1_mips64el.deb
 45ca2324df147e71e1548943f3f7f783ec8a83b628e1d33c291707e416f3f4ea 249636 libecpg-dev-dbgsym_15.9-0+deb12u1_mips64el.deb
 1636bdb3ba6a4108c05f8742e8a15850ee67390875ed488491719e680c0c4e45 287104 libecpg-dev_15.9-0+deb12u1_mips64el.deb
 a3f5f87691fe70b3cc55d8a8ef8df9b69450301b1906d77514cd5665d71f587b 116796 libecpg6-dbgsym_15.9-0+deb12u1_mips64el.deb
 cb6dd6dd16fb77359ebc215985f8feefa33c168264378cc3d63939f59ac9e741 58580 libecpg6_15.9-0+deb12u1_mips64el.deb
 5a3179df679561a6d7b5464a95673948cbb5a18c46e9f5db832f5d86bdae16f3 92596 libpgtypes3-dbgsym_15.9-0+deb12u1_mips64el.deb
 866c9602e1d87d6b05cb51f9959ccb7274fac047af8daceb860b9ae0006c3053 43712 libpgtypes3_15.9-0+deb12u1_mips64el.deb
 5d1834f16c454c8fed491f8b487b7f027287de7fe2d1cf7d47d7f064ff469867 150492 libpq-dev_15.9-0+deb12u1_mips64el.deb
 5d17aff7156d254c66e0ab5cc175623f6164d78e6fd0dcffbbc3d2f4f3e893fe 286140 libpq5-dbgsym_15.9-0+deb12u1_mips64el.deb
 e12cc4d0806bb3b5b5e895a1cca15b9cd1ebd2536562c15b3aee2eb5f7eca5c8 178608 libpq5_15.9-0+deb12u1_mips64el.deb
 3cb708b7ce85b4bdb2a16a6e95b97eae0a2e5315b326bbc0175605a459ed647a 17025548 postgresql-15-dbgsym_15.9-0+deb12u1_mips64el.deb
 faf517e9d45830b45236787eb4cbfec8632ee452754cc999c72751ae9a8e5731 16994 postgresql-15_15.9-0+deb12u1_mips64el-buildd.buildinfo
 6769c5ff7beeb1707556977f77c8ba093cd7b5b258055425cb32243d31c4681d 16355888 postgresql-15_15.9-0+deb12u1_mips64el.deb
 83486c603e592da0da0b6c67c59eacba7e1c104771337df6291ca644d39d0f95 2404260 postgresql-client-15-dbgsym_15.9-0+deb12u1_mips64el.deb
 c841bd6ac088af51372d8b1206724a6aa0ebb0ccef086bba6ee5d6372f24e8a7 1648164 postgresql-client-15_15.9-0+deb12u1_mips64el.deb
 b3f401679c7497242691bc5feb50c4cbeb79ec653e6629232438e20860e7ba90 190172 postgresql-plperl-15-dbgsym_15.9-0+deb12u1_mips64el.deb
 d26768f21ec4d99217e47c30b98d6ff317af348b8747880ff9fbf7230cbb0bb7 85856 postgresql-plperl-15_15.9-0+deb12u1_mips64el.deb
 5679d84c3c7471e4d02cc4d3cfe5af0ada4f4802a6f3b69536f5993b2bf558e3 182568 postgresql-plpython3-15-dbgsym_15.9-0+deb12u1_mips64el.deb
 5e45e95c393ec4f7d549b8b6195fa298d7363220708d6eaa0e48bfad72ca302b 104768 postgresql-plpython3-15_15.9-0+deb12u1_mips64el.deb
 75020800061a56b39bb99cac8ab2db296c64445cc3d01530817efb07b45dedc3 81424 postgresql-pltcl-15-dbgsym_15.9-0+deb12u1_mips64el.deb
 f53b5ab690aaeee63cc0157663e5b7fce2f64e7dc37076622cbd8d6d13691a36 40116 postgresql-pltcl-15_15.9-0+deb12u1_mips64el.deb
 5324ffd7f45b8d57ac4abb0534fdfe08b0e40fc5d9504f96942bab69b0168105 1153036 postgresql-server-dev-15_15.9-0+deb12u1_mips64el.deb
Files:
 84c573f5e23ee410a681616e81c268cb 18096 debug optional libecpg-compat3-dbgsym_15.9-0+deb12u1_mips64el.deb
 8a83fb3b4e7e9ce296e594e9754aade8 17276 libs optional libecpg-compat3_15.9-0+deb12u1_mips64el.deb
 d504159bf75690f149820ccff1730dff 249636 debug optional libecpg-dev-dbgsym_15.9-0+deb12u1_mips64el.deb
 614ced41451a99ba483cd025f53ba447 287104 libdevel optional libecpg-dev_15.9-0+deb12u1_mips64el.deb
 e59ac60e0f20cada4b80c25a0afdca4a 116796 debug optional libecpg6-dbgsym_15.9-0+deb12u1_mips64el.deb
 7573625e24396c7a5ea7b50f9befaa9c 58580 libs optional libecpg6_15.9-0+deb12u1_mips64el.deb
 f7eed246e91cef50fdf820ac9e81f89d 92596 debug optional libpgtypes3-dbgsym_15.9-0+deb12u1_mips64el.deb
 3ba4e258a8b91ac64afc1b1398f06b03 43712 libs optional libpgtypes3_15.9-0+deb12u1_mips64el.deb
 2d1dda9e540efdbf5ae9d4e49c6bb68d 150492 libdevel optional libpq-dev_15.9-0+deb12u1_mips64el.deb
 923dd6d049853ba89100c71500fadbb2 286140 debug optional libpq5-dbgsym_15.9-0+deb12u1_mips64el.deb
 cdc7b2235988249fdd073bcd3da6f115 178608 libs optional libpq5_15.9-0+deb12u1_mips64el.deb
 6c826d223667c9bb4ae17e0567fb5458 17025548 debug optional postgresql-15-dbgsym_15.9-0+deb12u1_mips64el.deb
 77511b90166ce05651cf807615ea25b8 16994 database optional postgresql-15_15.9-0+deb12u1_mips64el-buildd.buildinfo
 f3a5f322d3b97b4128d5ddb7ad6cc378 16355888 database optional postgresql-15_15.9-0+deb12u1_mips64el.deb
 cae8cd48bff0c2a941903973aa103271 2404260 debug optional postgresql-client-15-dbgsym_15.9-0+deb12u1_mips64el.deb
 4ed6ad3119580e47d9acc266642ebe55 1648164 database optional postgresql-client-15_15.9-0+deb12u1_mips64el.deb
 17a057d6f2159daf36c999aa8927a861 190172 debug optional postgresql-plperl-15-dbgsym_15.9-0+deb12u1_mips64el.deb
 38e99f34bf29843f30e8c6b73ff23f1f 85856 database optional postgresql-plperl-15_15.9-0+deb12u1_mips64el.deb
 4fc292ebdfa4e8ff991d8d2f6a14c824 182568 debug optional postgresql-plpython3-15-dbgsym_15.9-0+deb12u1_mips64el.deb
 df45f23cbbffa52df898374e0273ec05 104768 database optional postgresql-plpython3-15_15.9-0+deb12u1_mips64el.deb
 446eee8ac3675e906659e00271456e8a 81424 debug optional postgresql-pltcl-15-dbgsym_15.9-0+deb12u1_mips64el.deb
 9a6f59fb1db82137d5a385919abca41f 40116 database optional postgresql-pltcl-15_15.9-0+deb12u1_mips64el.deb
 325c08caa71721f2d5c1360c1cb6a3c7 1153036 libdevel optional postgresql-server-dev-15_15.9-0+deb12u1_mips64el.deb

-----BEGIN PGP SIGNATURE-----

iQIzBAEBCgAdFiEEunmvxaaGKuI+hxxClmZGXOM83t8FAmcziOoACgkQlmZGXOM8
3t/NgxAA1AUt4MsE7ljFuP6EDAF1fbkXaWfrOc6choJrnSqN6TPzlS+ZVxVdfZ1x
gXAhrwNoWs93P4cxpNbYQiZrHFgBKCDcuazFxHphLVyOeIohd1w7Es7dhadKofkT
h95r/XfRYeQgHz3gMdoUMWXX2ERL7nvDMNtdGsMc/fnUEf15tavcFYwA2D5Ke2OV
D0gcBit16rREqTiY2U9liBkQX/eBIoAdtu/PntauNfz9YW8CK4k2dm7GoAAGEpb/
U/cJDZa3Xzlq5ERjGpsn/u3UKKNQ0BQIO9ZyvVOMAxqdcYpOJ3hEwPtfIHiqSrwu
U30YYqwfCF8K79HgO7nzw5SM6afiRVScdaLUQBn/vSeCw32xaEAOvD7cZrD0iIJ1
mdcYMEad9jy+MJi5rbwIEx6Fuo4+SiZchjHwjdZYj9EjxbJQKoIHtUmSX0Mh2tRn
WsA522zgHfjNmHkQFKpfzxzd5SDXjEem/y4/6ZBoIZ6dKnwj2MRX0bSNR9ewT1mG
yXIIcF8RdUVBqZX2tBy2pCPYPJ5N2Zw88C9pCYuOk++iGakk5ufJ8Tp1LmYVw1Y2
GqEF6ff21NRtzL4BX7PcB0CTjqQcGZYV+3CWmlW/GBy1Q5u4DNhDl/Npp5DUnQeU
j+ZzDOSOwbL7E1fBh0v3CXSpD0rje2S0dtxAWTyLvjI3/nTr00g=
=eUtL
-----END PGP SIGNATURE-----