-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA512 Format: 1.8 Date: Tue, 06 Feb 2024 13:37:19 +0100 Source: postgresql-15 Binary: libecpg-compat3 libecpg-compat3-dbgsym libecpg-dev libecpg-dev-dbgsym libecpg6 libecpg6-dbgsym libpgtypes3 libpgtypes3-dbgsym libpq-dev libpq5 libpq5-dbgsym postgresql-15 postgresql-15-dbgsym postgresql-client-15 postgresql-client-15-dbgsym postgresql-plperl-15 postgresql-plperl-15-dbgsym postgresql-plpython3-15 postgresql-plpython3-15-dbgsym postgresql-pltcl-15 postgresql-pltcl-15-dbgsym postgresql-server-dev-15 Architecture: amd64 Version: 15.6-0+deb12u1 Distribution: bookworm-security Urgency: medium Maintainer: all / amd64 / i386 Build Daemon (x86-conova-01) Changed-By: Christoph Berg Description: libecpg-compat3 - older version of run-time library for ECPG programs libecpg-dev - development files for ECPG (Embedded PostgreSQL for C) libecpg6 - run-time library for ECPG programs libpgtypes3 - shared library libpgtypes for PostgreSQL 15 libpq-dev - header files for libpq5 (PostgreSQL library) libpq5 - PostgreSQL C client library postgresql-15 - The World's Most Advanced Open Source Relational Database postgresql-client-15 - front-end programs for PostgreSQL 15 postgresql-plperl-15 - PL/Perl procedural language for PostgreSQL 15 postgresql-plpython3-15 - PL/Python 3 procedural language for PostgreSQL 15 postgresql-pltcl-15 - PL/Tcl procedural language for PostgreSQL 15 postgresql-server-dev-15 - development files for PostgreSQL 15 server-side programming Changes: postgresql-15 (15.6-0+deb12u1) bookworm-security; urgency=medium . * New upstream version. . * Tighten security restrictions within REFRESH MATERIALIZED VIEW CONCURRENTLY (Heikki Linnakangas) . One step of a concurrent refresh command was run under weak security restrictions. If a materialized view's owner could persuade a superuser or other high-privileged user to perform a concurrent refresh on that view, the view's owner could control code executed with the privileges of the user running REFRESH. Fix things so that all user-determined code is run as the view's owner, as expected. . The PostgreSQL Project thanks Pedro Gallegos for reporting this problem. (CVE-2024-0985) Checksums-Sha1: 6410e204e18981d4c2974f5ea8c4396eab49e4e5 38108 libecpg-compat3-dbgsym_15.6-0+deb12u1_amd64.deb 1c616d55fd0ded8aab0fb8dfb3713d60c9bdac4b 21544 libecpg-compat3_15.6-0+deb12u1_amd64.deb 5fde064064d3e57e0793c15a3a94c74630c4eb49 281164 libecpg-dev-dbgsym_15.6-0+deb12u1_amd64.deb 981be2bd6b320576ff9c20b490231ba9e271c224 293892 libecpg-dev_15.6-0+deb12u1_amd64.deb 8dacbcad084b9a48b7f16beaba07c682023beee9 113020 libecpg6-dbgsym_15.6-0+deb12u1_amd64.deb 61a4643f4fe9828683b7f6609b4887e248cbcdc5 59564 libecpg6_15.6-0+deb12u1_amd64.deb 337625754aaa2d46464db1f37bf6d0e1f4dc7d4f 88332 libpgtypes3-dbgsym_15.6-0+deb12u1_amd64.deb bbe20ace802fbc406574f181dc19f6310e21e0fb 43252 libpgtypes3_15.6-0+deb12u1_amd64.deb a2cb982018a9226a5b9586edcc69ec69749753f3 142484 libpq-dev_15.6-0+deb12u1_amd64.deb b697129c0d7fe8f1c278247ab22df55c5205c919 276804 libpq5-dbgsym_15.6-0+deb12u1_amd64.deb 782ca5ad0c6e6f75e84c9607dbc11852677d6e53 187788 libpq5_15.6-0+deb12u1_amd64.deb 83997b85ba0ff55a46d52a9fb9fa6c80f05bec4a 16858612 postgresql-15-dbgsym_15.6-0+deb12u1_amd64.deb 12dbf01757c31c6f10481b6271ebfcb663de9aa9 16829 postgresql-15_15.6-0+deb12u1_amd64-buildd.buildinfo a42c33d89cbede8a738036b3f52f5c73845c6c5f 16791908 postgresql-15_15.6-0+deb12u1_amd64.deb 34d3370a70b0a0a954f835a5d079c5d3933af8da 2419576 postgresql-client-15-dbgsym_15.6-0+deb12u1_amd64.deb c7143d12f17403821fe7111ff8ac3de3884cf96e 1697276 postgresql-client-15_15.6-0+deb12u1_amd64.deb 81fb3b667bdc26e16e2bb87100fd86e1d8046c9e 186796 postgresql-plperl-15-dbgsym_15.6-0+deb12u1_amd64.deb 714a5ebbff992c35bd3be71f7a438c397428c0b2 88452 postgresql-plperl-15_15.6-0+deb12u1_amd64.deb 4147f639d740650f14644766b12ead622d499d9f 178256 postgresql-plpython3-15-dbgsym_15.6-0+deb12u1_amd64.deb ff058a988fd6d8714a9dc0508601adc1c1102db3 109796 postgresql-plpython3-15_15.6-0+deb12u1_amd64.deb 6f5fbf91f9eddc9a65419be392ff2e2695fd2162 79516 postgresql-pltcl-15-dbgsym_15.6-0+deb12u1_amd64.deb 929b1149d4a61441ccc4e230505dae91fd89d07f 40196 postgresql-pltcl-15_15.6-0+deb12u1_amd64.deb 0154de14d136991f9e9a6b52a822840c4f0f1407 1141072 postgresql-server-dev-15_15.6-0+deb12u1_amd64.deb Checksums-Sha256: 4d417d23eff56ae14041e90d9119fdccf2436cd5f7c18c0537f6c8e07d44c178 38108 libecpg-compat3-dbgsym_15.6-0+deb12u1_amd64.deb 79cb62903001d88b8289cc0853581c9a4e3d8b9ad176fef642c852abe0a8843f 21544 libecpg-compat3_15.6-0+deb12u1_amd64.deb 57da4f32bd86b7260ed345b01a6aa3cf2f4808c43e2330ae05e042c32b7d8143 281164 libecpg-dev-dbgsym_15.6-0+deb12u1_amd64.deb 473bac6efc368e2e82a871158d9fe61dc18151e1ef59204d03b4703eed0335c8 293892 libecpg-dev_15.6-0+deb12u1_amd64.deb c76181f23a62b85b6a51bca99252daab721a7b1ae7fa38e2d322c27e22565fe7 113020 libecpg6-dbgsym_15.6-0+deb12u1_amd64.deb 9c7bfcc56fc881856f1d120f9ea80f782b62b27a2b717fd35e59b7126a5255ee 59564 libecpg6_15.6-0+deb12u1_amd64.deb 521d893b574636e13b7e548e9cbc7ccfb47c8baa658b77f388fb583c68314f01 88332 libpgtypes3-dbgsym_15.6-0+deb12u1_amd64.deb 263c0f4bddc792676a8ca5c83348e180bb0a1468650d81b13cadc01884b65708 43252 libpgtypes3_15.6-0+deb12u1_amd64.deb e80088949a704f9992f0db01ff4292bb70543567e2ab7548948da6a43f3b2319 142484 libpq-dev_15.6-0+deb12u1_amd64.deb b50ad3ec09a25697afc8a2e2b6b20e662099233f56cc0fc8c4cbb7a384ae15e9 276804 libpq5-dbgsym_15.6-0+deb12u1_amd64.deb 1b0b82bdf54dab8ee7ae10e4d560273e5f439090f19adead0c3a8b52bd7c09f4 187788 libpq5_15.6-0+deb12u1_amd64.deb c34ad3349fe05f2a22d95bc98346da583a9628d6e75c7115f5ff92d8c73e2b33 16858612 postgresql-15-dbgsym_15.6-0+deb12u1_amd64.deb 3079129aa690abc8848f6d41b6ecd58f1eed70fd1b03a80a922efe55c5587711 16829 postgresql-15_15.6-0+deb12u1_amd64-buildd.buildinfo d3f8f950a571148499b1ccd486ec254e06568fab5fc66266cd9143b1a9e11e31 16791908 postgresql-15_15.6-0+deb12u1_amd64.deb 34038fc7b1352e01df865f2d1dc0dac962430f91b6cfd6f4fe817a9418dca256 2419576 postgresql-client-15-dbgsym_15.6-0+deb12u1_amd64.deb f601421f0f075c78df0ee289fbe075f38f52d08362ff2907d1710c26d5e53c39 1697276 postgresql-client-15_15.6-0+deb12u1_amd64.deb e0f0068e874b464ff2abf0bc7268b4b64588e7f4d750a4770962bd761d559232 186796 postgresql-plperl-15-dbgsym_15.6-0+deb12u1_amd64.deb 4b965f6863e57ebed0463b3fd7ea892fd8318d2d0443ba34078d4fe7b69164ac 88452 postgresql-plperl-15_15.6-0+deb12u1_amd64.deb 549c99c1d4a597d1e4fa0f03859c6e648016adf8dcc312fcca82514c91e9fa79 178256 postgresql-plpython3-15-dbgsym_15.6-0+deb12u1_amd64.deb 0baa59253403320df148aab8318ec3558fd2089f7448b02da6d41643e1bbd782 109796 postgresql-plpython3-15_15.6-0+deb12u1_amd64.deb d5fcdba9a485e6a5d2405fb6b3c4d49e4232ef81ed5be6d778571738d97ef38e 79516 postgresql-pltcl-15-dbgsym_15.6-0+deb12u1_amd64.deb 6608e79bbe1c2712ddc9f6e96d40a96fa58bf473a59227403f80123922a4c0d7 40196 postgresql-pltcl-15_15.6-0+deb12u1_amd64.deb 4cb399ad342e2198a195573363bffd90fea3c9f969a903884e3f606e48111d15 1141072 postgresql-server-dev-15_15.6-0+deb12u1_amd64.deb Files: 80f365a7ce048beecdce9f54297f9708 38108 debug optional libecpg-compat3-dbgsym_15.6-0+deb12u1_amd64.deb 640a938fa1c37c602ffc5cc89157c442 21544 libs optional libecpg-compat3_15.6-0+deb12u1_amd64.deb 9f7c4546116b1534835b4ff8dd091dae 281164 debug optional libecpg-dev-dbgsym_15.6-0+deb12u1_amd64.deb b3c540f559222bec19a3e6fdfa8b9089 293892 libdevel optional libecpg-dev_15.6-0+deb12u1_amd64.deb 8e9ff0408362979af3e17ee2fd1dc0e0 113020 debug optional libecpg6-dbgsym_15.6-0+deb12u1_amd64.deb a5d89ba1aff05d4072abdd2f5443d3c7 59564 libs optional libecpg6_15.6-0+deb12u1_amd64.deb 7eec5473f26ab45c63b2a86c13f1011a 88332 debug optional libpgtypes3-dbgsym_15.6-0+deb12u1_amd64.deb c30e083338b46ddda0502dd624dc674c 43252 libs optional libpgtypes3_15.6-0+deb12u1_amd64.deb d88b970d8258f847c7e5ef4b58841464 142484 libdevel optional libpq-dev_15.6-0+deb12u1_amd64.deb 2fe09b1b4b71f3929ae1fad0ba18a969 276804 debug optional libpq5-dbgsym_15.6-0+deb12u1_amd64.deb fc531e6c0d6843227c199086fa7d3504 187788 libs optional libpq5_15.6-0+deb12u1_amd64.deb 574583d94000535eb68b72d42ce2b083 16858612 debug optional postgresql-15-dbgsym_15.6-0+deb12u1_amd64.deb 36c262c17f1d054beb1d4710751eb1b6 16829 database optional postgresql-15_15.6-0+deb12u1_amd64-buildd.buildinfo aa14222730aa716e89bd61bb48d6424b 16791908 database optional postgresql-15_15.6-0+deb12u1_amd64.deb 6014bc6f294b6a53f0cc1e2bc7223ede 2419576 debug optional postgresql-client-15-dbgsym_15.6-0+deb12u1_amd64.deb 57b8e3aba1e810e8c09a983cc42a121f 1697276 database optional postgresql-client-15_15.6-0+deb12u1_amd64.deb 0169d4af1a3ebd72493ee1c9a5d60368 186796 debug optional postgresql-plperl-15-dbgsym_15.6-0+deb12u1_amd64.deb 6818176196d3ba9c1667d22202face11 88452 database optional postgresql-plperl-15_15.6-0+deb12u1_amd64.deb 1fd9e597ad8646a2b0484676c90abd98 178256 debug optional postgresql-plpython3-15-dbgsym_15.6-0+deb12u1_amd64.deb 6971b7ed143881ce522d022d8b160a26 109796 database optional postgresql-plpython3-15_15.6-0+deb12u1_amd64.deb 31f31720cd482390e1bf6d40fc499f0a 79516 debug optional postgresql-pltcl-15-dbgsym_15.6-0+deb12u1_amd64.deb f82a89463d21a18c32aa3fcc2fb2808c 40196 database optional postgresql-pltcl-15_15.6-0+deb12u1_amd64.deb e85e9cb01ac67230066c39a6b0496137 1141072 libdevel optional postgresql-server-dev-15_15.6-0+deb12u1_amd64.deb -----BEGIN PGP SIGNATURE----- iQIzBAEBCgAdFiEEi/TVpVg0yb7dq8QfDZWW6X29YdoFAmXMwagACgkQDZWW6X29 YdorVhAAr5yBsAbBe47d38jD8psudZRDVU5385pwv2HTEKRzLqapvAOnhuW91fG0 zOqN3tQ3JWoagMlYQaOM2/e5VntuT8P5b6sQhry8i+7bsdS673OKEfR+uPZMrATG duLeBahgn8rs7yvH/gUjNFprowOpgtVbKH5OdsX3Fozf2+e0lalShenbfUrgShba j4KSRKUrlwnyEAS37ln7w13XtxIPp9phHxJ4hlXP/iIoLHUJ8rnGRwzwhNCEoKFk GzdNM0LccQWrQiLp7kx9XTcry0zHs4B9tMclE2oL9/IG98HUxZS6Kly4wL5IdWht uBa0dgiWz5k6yGmEjocudSJ7w5CRddEThnzgnc/YyQ1L6eg4LQ31Jg3Uw7H9xDJZ kQBTyZImYXoE8xifxoyxTqDvN+cpwDf/BlEgv9CdHHBZy7IOe08UY3e182cBTlUx ye/UT1bAhTvTsWAyvyDChRoTKRZEwf6GwKK3/9E31Uzdkk3tJCKuash/lIhQpvfK DXuyFMANb4aPe6LTzqBNRbFAu6pYNajHQMVKDQKuHowret4wdWyq728lbcxBF055 MgMnH7jhYlfL+M/EEkWnXO3/iOuH2ep9UbeAw2oYsai4mj/5iNekazal59VOefNG BgmGB4VmpWOe6jQbS4iUzUUO7Bd1ssSW+E88OL+FfDDgh1NM+YM= =T/Hv -----END PGP SIGNATURE-----