-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA512

Format: 1.8
Date: Wed, 13 Aug 2025 20:13:29 +0200
Source: postgresql-15
Binary: postgresql-doc-15
Architecture: all
Version: 15.14-0+deb12u1
Distribution: bookworm
Urgency: medium
Maintainer: all Build Daemon (x86-csail-02) <buildd_all-x86-csail-02@buildd.debian.org>
Changed-By: Christoph Berg <myon@debian.org>
Description:
 postgresql-doc-15 - documentation for the PostgreSQL database management system
Changes:
 postgresql-15 (15.14-0+deb12u1) bookworm; urgency=medium
 .
   * New upstream version 15.14.
 .
     + Tighten security checks in planner estimation functions (Dean Rasheed)
 .
       The fix for CVE-2017-7484, plus followup fixes, intended to prevent
       leaky functions from being applied to statistics data for columns that
       the calling user does not have permission to read.  Two gaps in that
       protection have been found.  One gap applies to partitioning and
       inheritance hierarchies where RLS policies on the tables should restrict
       access to statistics data, but did not.
 .
       The other gap applies to cases where the query accesses a table via a
       view, and the view owner has permissions to read the underlying table
       but the calling user does not have permissions on the view. The view
       owner's permissions satisfied the security checks, and the leaky
       function would get applied to the underlying table's statistics before
       we check the calling user's permissions on the view.  This has been
       fixed by making security checks on views occur at the start of planning.
       That might cause permissions failures to occur earlier than before.
 .
       The PostgreSQL Project thanks Dean Rasheed for reporting this problem.
       (CVE-2025-8713)
 .
     + Prevent pg_dump scripts from being used to attack the user running the
       restore (Nathan Bossart)
 .
       Since dump/restore operations typically involve running SQL commands as
       superuser, the target database installation must trust the source
       server.  However, it does not follow that the operating system user who
       executes psql to perform the restore should have to trust the source
       server.  The risk here is that an attacker who has gained
       superuser-level control over the source server might be able to cause it
       to emit text that would be interpreted as psql meta-commands. That would
       provide shell-level access to the restoring user's own account,
       independently of access to the target database.
 .
       To provide a positive guarantee that this can't happen, extend psql with
       a \restrict command that prevents execution of further meta-commands,
       and teach pg_dump to issue that before any data coming from the source
       server.
 .
       The PostgreSQL Project thanks Martin Rakhmanov, Matthieu Denais, and
       RyotaK for reporting this problem. (CVE-2025-8714)
 .
     + Convert newlines to spaces in names included in comments in pg_dump
       output (Noah Misch)
 .
       Object names containing newlines offered the ability to inject arbitrary
       SQL commands into the output script.  (Without the preceding fix,
       injection of psql meta-commands would also be possible this way.)
       CVE-2012-0868 fixed this class of problem at the time, but later work
       reintroduced several cases.
 .
       The PostgreSQL Project thanks Noah Misch for reporting this problem.
       (CVE-2025-8715)
Checksums-Sha1:
 2e4d16711a95b58bbcd14d217399e63834b617f6 10660 postgresql-15_15.14-0+deb12u1_all-buildd.buildinfo
 c6f05a29a4c22a73659a3a774579ad180c2afb49 2077692 postgresql-doc-15_15.14-0+deb12u1_all.deb
Checksums-Sha256:
 43e0ac008081af7127201dfeb942fbbb449b8967801d64bbd9cbb62356525049 10660 postgresql-15_15.14-0+deb12u1_all-buildd.buildinfo
 228cd118354a4de709db07e5b08bfe881c80ae8c8201e5682b57bc4e56f0b233 2077692 postgresql-doc-15_15.14-0+deb12u1_all.deb
Files:
 5facd08d0acb929c3d7b7d127924e060 10660 database optional postgresql-15_15.14-0+deb12u1_all-buildd.buildinfo
 3aaf4029935723ed0b354d0f3f58dc58 2077692 doc optional postgresql-doc-15_15.14-0+deb12u1_all.deb

-----BEGIN PGP SIGNATURE-----

iQIzBAEBCgAdFiEELusn8jY95Sf7obGlx30Wh8LXl/YFAmiomL4ACgkQx30Wh8LX
l/YeKw/+JEToofjTeeYbAinyjrSAi3gM6q/ks8a/fynoh4ULZBihogaz2MGXkbwr
wiJIV0WvEkJTLeIdgHJvqJ/hKeBUDCIbUmbZudToAXcPc+ImGgStJ0heGi6iPYsY
wE6DkBJ7Zq5lgNBsSYe82aQ26kB2iX2WpTT5Bs9oie2Nnwp7BtrRK9oJuR6xj505
isg2XoxaEEHEqnHKnbg5S8RJoPOyrgqp74ctguzox8RMwiar/viamMufTkIbT5rl
9gjG6q4bzTXUzNykz/efAEv3EHLuuc2Kx5rRG0+c2K/4i9AlzaoV5fZD8H3+EzzX
UZB1pHKB66R13xGyRQfAuQInOfJG05Y334J8n+LYRpfGb7xfa1nDF2CFpuNWxQNv
Q0OBLO1iJwUB6rPMGozwGZXikvZ66Sp6i0vMw/RfmDaIrv1p1JT4tAIDSwWlaRCp
fg+wDO6SxoEmBpMgTAIrWom3a9I03stW6vEQaW2jbTPjpMOx8evpYjjp315zOa1a
PGwuzibwoFd2m4Q20P2M+ESZOF5q5janeXHmbVbWONwB5hWA5zUyfgian1g2rcc0
H40VbliGRH1qYssicAkN+flN5QntihplbIzbCik7mew9Ntv5wtOHtJJAeRdt2u1o
mdwIa5kdcLpzvA/3Lm4ocj7trdtOA0yiHh75iQC7nPwtWzusols=
=2HD1
-----END PGP SIGNATURE-----