-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA512

Format: 1.8
Date: Wed, 13 Aug 2025 20:13:29 +0200
Source: postgresql-15
Binary: libecpg-compat3 libecpg-compat3-dbgsym libecpg-dev libecpg-dev-dbgsym libecpg6 libecpg6-dbgsym libpgtypes3 libpgtypes3-dbgsym libpq-dev libpq5 libpq5-dbgsym postgresql-15 postgresql-15-dbgsym postgresql-client-15 postgresql-client-15-dbgsym postgresql-plperl-15 postgresql-plperl-15-dbgsym postgresql-plpython3-15 postgresql-plpython3-15-dbgsym postgresql-pltcl-15 postgresql-pltcl-15-dbgsym postgresql-server-dev-15
Architecture: mips64el
Version: 15.14-0+deb12u1
Distribution: bookworm
Urgency: medium
Maintainer: mipsel Build Daemon (mipsel-osuosl-03) <buildd_mips64el-mipsel-osuosl-03@buildd.debian.org>
Changed-By: Christoph Berg <myon@debian.org>
Description:
 libecpg-compat3 - older version of run-time library for ECPG programs
 libecpg-dev - development files for ECPG (Embedded PostgreSQL for C)
 libecpg6   - run-time library for ECPG programs
 libpgtypes3 - shared library libpgtypes for PostgreSQL 15
 libpq-dev  - header files for libpq5 (PostgreSQL library)
 libpq5     - PostgreSQL C client library
 postgresql-15 - The World's Most Advanced Open Source Relational Database
 postgresql-client-15 - front-end programs for PostgreSQL 15
 postgresql-plperl-15 - PL/Perl procedural language for PostgreSQL 15
 postgresql-plpython3-15 - PL/Python 3 procedural language for PostgreSQL 15
 postgresql-pltcl-15 - PL/Tcl procedural language for PostgreSQL 15
 postgresql-server-dev-15 - development files for PostgreSQL 15 server-side programming
Changes:
 postgresql-15 (15.14-0+deb12u1) bookworm; urgency=medium
 .
   * New upstream version 15.14.
 .
     + Tighten security checks in planner estimation functions (Dean Rasheed)
 .
       The fix for CVE-2017-7484, plus followup fixes, intended to prevent
       leaky functions from being applied to statistics data for columns that
       the calling user does not have permission to read.  Two gaps in that
       protection have been found.  One gap applies to partitioning and
       inheritance hierarchies where RLS policies on the tables should restrict
       access to statistics data, but did not.
 .
       The other gap applies to cases where the query accesses a table via a
       view, and the view owner has permissions to read the underlying table
       but the calling user does not have permissions on the view. The view
       owner's permissions satisfied the security checks, and the leaky
       function would get applied to the underlying table's statistics before
       we check the calling user's permissions on the view.  This has been
       fixed by making security checks on views occur at the start of planning.
       That might cause permissions failures to occur earlier than before.
 .
       The PostgreSQL Project thanks Dean Rasheed for reporting this problem.
       (CVE-2025-8713)
 .
     + Prevent pg_dump scripts from being used to attack the user running the
       restore (Nathan Bossart)
 .
       Since dump/restore operations typically involve running SQL commands as
       superuser, the target database installation must trust the source
       server.  However, it does not follow that the operating system user who
       executes psql to perform the restore should have to trust the source
       server.  The risk here is that an attacker who has gained
       superuser-level control over the source server might be able to cause it
       to emit text that would be interpreted as psql meta-commands. That would
       provide shell-level access to the restoring user's own account,
       independently of access to the target database.
 .
       To provide a positive guarantee that this can't happen, extend psql with
       a \restrict command that prevents execution of further meta-commands,
       and teach pg_dump to issue that before any data coming from the source
       server.
 .
       The PostgreSQL Project thanks Martin Rakhmanov, Matthieu Denais, and
       RyotaK for reporting this problem. (CVE-2025-8714)
 .
     + Convert newlines to spaces in names included in comments in pg_dump
       output (Noah Misch)
 .
       Object names containing newlines offered the ability to inject arbitrary
       SQL commands into the output script.  (Without the preceding fix,
       injection of psql meta-commands would also be possible this way.)
       CVE-2012-0868 fixed this class of problem at the time, but later work
       reintroduced several cases.
 .
       The PostgreSQL Project thanks Noah Misch for reporting this problem.
       (CVE-2025-8715)
Checksums-Sha1:
 2e0c427c33a06b5bf137a5a5c991169ed67544f8 18104 libecpg-compat3-dbgsym_15.14-0+deb12u1_mips64el.deb
 2a4fc65aac059fc266116b974ea901e0ab2bb14b 19684 libecpg-compat3_15.14-0+deb12u1_mips64el.deb
 6901efcd8c807536a0689d557793796ad0f43291 250464 libecpg-dev-dbgsym_15.14-0+deb12u1_mips64el.deb
 5e24bf2dc8fd837407b3f2c6d47c5710c6e4a17b 289196 libecpg-dev_15.14-0+deb12u1_mips64el.deb
 956a3279769b95f23be5090d2ec1c671c3dd743b 117300 libecpg6-dbgsym_15.14-0+deb12u1_mips64el.deb
 359d98197a05e78f9dde537b388dccbc2b591cb3 61012 libecpg6_15.14-0+deb12u1_mips64el.deb
 f00de65783355b26c459724994153db7b131dc1d 92596 libpgtypes3-dbgsym_15.14-0+deb12u1_mips64el.deb
 c635ad38103192c440eeb67113d7c519aebf5002 46144 libpgtypes3_15.14-0+deb12u1_mips64el.deb
 9642ec264fc5a6f6245db612f799526c0a525cec 153240 libpq-dev_15.14-0+deb12u1_mips64el.deb
 745672fcd3b82ebcf206530168091f7a23624ff0 286768 libpq5-dbgsym_15.14-0+deb12u1_mips64el.deb
 db60bd099975becda0d5fa00d57bce1e8af9ceec 182100 libpq5_15.14-0+deb12u1_mips64el.deb
 8d3ce1b33a582d15b56fa1d63abb0f55f6d6d268 17129196 postgresql-15-dbgsym_15.14-0+deb12u1_mips64el.deb
 f3527e8389e8f92d8faaeeacda6cb7c91a6c906b 17281 postgresql-15_15.14-0+deb12u1_mips64el-buildd.buildinfo
 819df733871865cf06f57a5137e0c395990f7dc3 16418740 postgresql-15_15.14-0+deb12u1_mips64el.deb
 06722caf00614391abe43b3dc7be9dc47ed9c278 2595244 postgresql-client-15-dbgsym_15.14-0+deb12u1_mips64el.deb
 df9a50ce9808ee9d62f6ff4ee4b48cd6d65be8c4 1666268 postgresql-client-15_15.14-0+deb12u1_mips64el.deb
 c94ce39b0593826ba26fe55cde02b54b15cded52 190000 postgresql-plperl-15-dbgsym_15.14-0+deb12u1_mips64el.deb
 484c80baad011347546b7296f2bac02ed08effdf 88188 postgresql-plperl-15_15.14-0+deb12u1_mips64el.deb
 41f4ef73f4441c6db9ce90fae7d7b79664e53208 182216 postgresql-plpython3-15-dbgsym_15.14-0+deb12u1_mips64el.deb
 be958c6ff4d170dc883204398903087bbe9db3b3 106888 postgresql-plpython3-15_15.14-0+deb12u1_mips64el.deb
 214f1354266321abeb6fa38c4709801096426f81 81384 postgresql-pltcl-15-dbgsym_15.14-0+deb12u1_mips64el.deb
 b7e137509d721ee401b35b9055557998f24dcff8 42528 postgresql-pltcl-15_15.14-0+deb12u1_mips64el.deb
 3b5b696491dd95d539228e9ea10facd400fab29a 1159828 postgresql-server-dev-15_15.14-0+deb12u1_mips64el.deb
Checksums-Sha256:
 83f6ec6cc59f865dc9f992397b59d3970c7a1f49ce614e9a3761df89b45e2b48 18104 libecpg-compat3-dbgsym_15.14-0+deb12u1_mips64el.deb
 d275663b7108b784e2f796af6bd72970305196551ebcd00566536e2202d47d38 19684 libecpg-compat3_15.14-0+deb12u1_mips64el.deb
 0849a17ceeabe6ec63b5438f416ec5a995a8e7f1fce9dbfd49a256c410c9e3fe 250464 libecpg-dev-dbgsym_15.14-0+deb12u1_mips64el.deb
 31d9cad7ab3272d7db7d1d74ca6bc040b509bcacedf3b5629adfe15a3fdb6913 289196 libecpg-dev_15.14-0+deb12u1_mips64el.deb
 b6f70ee10f9343da08eed426b07bb374c8b5d31b6263a4de0b84af9c104ed3c2 117300 libecpg6-dbgsym_15.14-0+deb12u1_mips64el.deb
 962606b240940ff20ce01eba5c026e0e2f8d401cab20bc6d3de4073eb618a0d4 61012 libecpg6_15.14-0+deb12u1_mips64el.deb
 edff13ded08f170cf91d766fada96eb89ca2ffbae79d403d089e4b9fc84064fb 92596 libpgtypes3-dbgsym_15.14-0+deb12u1_mips64el.deb
 f5460e5097080cedc7e386a33f01ae9929df41c4ae5e3c9a75540f3a3025bc5e 46144 libpgtypes3_15.14-0+deb12u1_mips64el.deb
 9225b1fa124ccb63b996632b2920f0be60e33ae0b8a84c7a4e45d52177f57ca8 153240 libpq-dev_15.14-0+deb12u1_mips64el.deb
 9ff7458bde79e1c8a780a5b03840e0522ea81d92920dd3e88160807555ba5d84 286768 libpq5-dbgsym_15.14-0+deb12u1_mips64el.deb
 b04fc12917fde32e394c9530246145946980f86b859a2d12c5e9c1042f980524 182100 libpq5_15.14-0+deb12u1_mips64el.deb
 7fd0562dbb727273bff0d014a591fab808ab0d76e8626708826dbf53254cfa6c 17129196 postgresql-15-dbgsym_15.14-0+deb12u1_mips64el.deb
 107b089b48b2d6f339565380faac39861da2e4c9459347162800f429dab2b090 17281 postgresql-15_15.14-0+deb12u1_mips64el-buildd.buildinfo
 99a606337f19cbe9613a72352bc0dcee83a96b7116dfe642a62d420e35a5086d 16418740 postgresql-15_15.14-0+deb12u1_mips64el.deb
 95da25db06080480028dd52724b65fb1297d90c560aed1abe18d80eedcb858ca 2595244 postgresql-client-15-dbgsym_15.14-0+deb12u1_mips64el.deb
 d6bbcfbe8c741681334bfdb8ee3fbc564730e3fd63140ad1d569b5cd3ab5d07c 1666268 postgresql-client-15_15.14-0+deb12u1_mips64el.deb
 fe273740fa67c91e62043347ac0a626962d511a8ba7010df117bb7939bdf5028 190000 postgresql-plperl-15-dbgsym_15.14-0+deb12u1_mips64el.deb
 ca811c5c12f2fa51c06b884806d1b270502c066c7b69d822b5a4426888e058aa 88188 postgresql-plperl-15_15.14-0+deb12u1_mips64el.deb
 eb1a491c5a31c91b1fe826a2079e8b9f39fd2e16c58feb2a22845710c16d250b 182216 postgresql-plpython3-15-dbgsym_15.14-0+deb12u1_mips64el.deb
 036f469495f73370714ddffbff20dacf8b1f06bd100d1a27d61b5af15f2b4118 106888 postgresql-plpython3-15_15.14-0+deb12u1_mips64el.deb
 60f0a0af2470634217e674ccea6e28391bf141499f782daaae6ec86611f03bb8 81384 postgresql-pltcl-15-dbgsym_15.14-0+deb12u1_mips64el.deb
 4f195ccb5dd8bbd19e6634a2dd89d32dc34bbea9706bcdce46d8fcf6e0080f6b 42528 postgresql-pltcl-15_15.14-0+deb12u1_mips64el.deb
 90462b10c5b230e1adc0263800e55f15ee09aeb67875b6656efda7e236ce2236 1159828 postgresql-server-dev-15_15.14-0+deb12u1_mips64el.deb
Files:
 e3b64785b5547691dc3bcb6d527b07b0 18104 debug optional libecpg-compat3-dbgsym_15.14-0+deb12u1_mips64el.deb
 9c352eb5571a0d2fe961ec91782c352a 19684 libs optional libecpg-compat3_15.14-0+deb12u1_mips64el.deb
 2e2d700cff7c776810335e457ba2cd38 250464 debug optional libecpg-dev-dbgsym_15.14-0+deb12u1_mips64el.deb
 35b6d4e479069fc09d3731dfc8df3354 289196 libdevel optional libecpg-dev_15.14-0+deb12u1_mips64el.deb
 041c079e33e22992902ee717bb300dc0 117300 debug optional libecpg6-dbgsym_15.14-0+deb12u1_mips64el.deb
 cf15e214dd8906e8a9f9ad2086dab7ec 61012 libs optional libecpg6_15.14-0+deb12u1_mips64el.deb
 104fc173e88fb215f61e087767c2e265 92596 debug optional libpgtypes3-dbgsym_15.14-0+deb12u1_mips64el.deb
 0fc3f9fe4ba541aeb328532e647a258d 46144 libs optional libpgtypes3_15.14-0+deb12u1_mips64el.deb
 980a0b22f082987fde0ccec3f3ea664f 153240 libdevel optional libpq-dev_15.14-0+deb12u1_mips64el.deb
 171ac29ce519124fc59242c831209d85 286768 debug optional libpq5-dbgsym_15.14-0+deb12u1_mips64el.deb
 972f5749a66d5d8e29a736cba678d857 182100 libs optional libpq5_15.14-0+deb12u1_mips64el.deb
 3f240c69ddbeb33ad43dcbf88579fc0e 17129196 debug optional postgresql-15-dbgsym_15.14-0+deb12u1_mips64el.deb
 544a5cc5fe9f8a432f3618c735ee3491 17281 database optional postgresql-15_15.14-0+deb12u1_mips64el-buildd.buildinfo
 478377b9e683af3f24d6415da3c38a5f 16418740 database optional postgresql-15_15.14-0+deb12u1_mips64el.deb
 6c682a3bd872f4ebe18ad959976fc13e 2595244 debug optional postgresql-client-15-dbgsym_15.14-0+deb12u1_mips64el.deb
 a0f4229aff50113dca4f61722c48cf28 1666268 database optional postgresql-client-15_15.14-0+deb12u1_mips64el.deb
 9fe145addd5e0efb10e48bd88072f026 190000 debug optional postgresql-plperl-15-dbgsym_15.14-0+deb12u1_mips64el.deb
 6f8a6be748e4ca940e8ebf584651560b 88188 database optional postgresql-plperl-15_15.14-0+deb12u1_mips64el.deb
 d29fdd1f04b27ab84ba9624cbe7f7954 182216 debug optional postgresql-plpython3-15-dbgsym_15.14-0+deb12u1_mips64el.deb
 e608c2dc649795c68acf531a5cde10fa 106888 database optional postgresql-plpython3-15_15.14-0+deb12u1_mips64el.deb
 03aa403ae56fbed6bf2e265354375830 81384 debug optional postgresql-pltcl-15-dbgsym_15.14-0+deb12u1_mips64el.deb
 1cba2eaf30f9a13ac992c3a0abce0b57 42528 database optional postgresql-pltcl-15_15.14-0+deb12u1_mips64el.deb
 28cc0d2169e5b146ad4ee8ed6d12310d 1159828 libdevel optional postgresql-server-dev-15_15.14-0+deb12u1_mips64el.deb

-----BEGIN PGP SIGNATURE-----

iQIzBAEBCgAdFiEEesE3YcWKZXIkRPMemf85J+x5/aoFAmiotSoACgkQmf85J+x5
/aoFSQ/+OYsBQLjGdzWD3UakJ8TLUbV38/zkcQBmeR6/03I55ewNoY5zC+IAh9Uy
0fqQEBb86EyBxjzOhx4kty/xdKT4VnSD3+BlHN/K714Ln2R1yG15++D5gQl5XI9j
ND7AdJTlG1sc9eobe+Gt28WyTTTLiY71SSJJYdddqE6a4XNnoKtnBggqOxIKCF/4
J+f7em2jmUsoO9/Ya3oAJbdoCVCXSPD28USV7MpsSoDQCBiLlzDCDMYsg9mCOhUx
UTlpJD+nbIQRtWc1/pF6iFTZUg7wGndulXeOYrEqIVIdZE6Z0MGYpkGPEwLYIl5V
9TqImqqtHpSyJZ4y1mfuEHVOK2U7OFSOnZ2jnBQZl/JLOwQej23XIzblBc3mQITf
/u18FZGV81S5Q7vHl9TWB/bKn1VNDO7xTxMXJNQ//SJbweBxm7fIMOUyW7naIUPm
D5N1O3qYWDLoXUPFWtFILs9j3aIIQQ+HgQoPtHbgv14iDRnVsoSTdp25oEvwRl7a
RC26PROzafuqiGH5pPLChaTye/n1/uTwNeaTtCkQZ4tgTxmUct8HX2HctuqrKzsX
L0KshS5kzVebW9ZgODAioQpnyNzZidssyX46w2eg9UKdbm0KK7uA9RamBA9mjL8c
6u4VATZ85ddTRMCgFG+R1CX0lBjR53d/G99OmvVUmB0IKQlkyrc=
=p0Qg
-----END PGP SIGNATURE-----