-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA512

Format: 1.8
Date: Wed, 13 Aug 2025 20:13:29 +0200
Source: postgresql-15
Binary: libecpg-compat3 libecpg-compat3-dbgsym libecpg-dev libecpg-dev-dbgsym libecpg6 libecpg6-dbgsym libpgtypes3 libpgtypes3-dbgsym libpq-dev libpq5 libpq5-dbgsym postgresql-15 postgresql-15-dbgsym postgresql-client-15 postgresql-client-15-dbgsym postgresql-plperl-15 postgresql-plperl-15-dbgsym postgresql-plpython3-15 postgresql-plpython3-15-dbgsym postgresql-pltcl-15 postgresql-pltcl-15-dbgsym postgresql-server-dev-15
Architecture: ppc64el
Version: 15.14-0+deb12u1
Distribution: bookworm
Urgency: medium
Maintainer: ppc64el Build Daemon (ppc64el-osuosl-02) <buildd_ppc64el-ppc64el-osuosl-02@buildd.debian.org>
Changed-By: Christoph Berg <myon@debian.org>
Description:
 libecpg-compat3 - older version of run-time library for ECPG programs
 libecpg-dev - development files for ECPG (Embedded PostgreSQL for C)
 libecpg6   - run-time library for ECPG programs
 libpgtypes3 - shared library libpgtypes for PostgreSQL 15
 libpq-dev  - header files for libpq5 (PostgreSQL library)
 libpq5     - PostgreSQL C client library
 postgresql-15 - The World's Most Advanced Open Source Relational Database
 postgresql-client-15 - front-end programs for PostgreSQL 15
 postgresql-plperl-15 - PL/Perl procedural language for PostgreSQL 15
 postgresql-plpython3-15 - PL/Python 3 procedural language for PostgreSQL 15
 postgresql-pltcl-15 - PL/Tcl procedural language for PostgreSQL 15
 postgresql-server-dev-15 - development files for PostgreSQL 15 server-side programming
Changes:
 postgresql-15 (15.14-0+deb12u1) bookworm; urgency=medium
 .
   * New upstream version 15.14.
 .
     + Tighten security checks in planner estimation functions (Dean Rasheed)
 .
       The fix for CVE-2017-7484, plus followup fixes, intended to prevent
       leaky functions from being applied to statistics data for columns that
       the calling user does not have permission to read.  Two gaps in that
       protection have been found.  One gap applies to partitioning and
       inheritance hierarchies where RLS policies on the tables should restrict
       access to statistics data, but did not.
 .
       The other gap applies to cases where the query accesses a table via a
       view, and the view owner has permissions to read the underlying table
       but the calling user does not have permissions on the view. The view
       owner's permissions satisfied the security checks, and the leaky
       function would get applied to the underlying table's statistics before
       we check the calling user's permissions on the view.  This has been
       fixed by making security checks on views occur at the start of planning.
       That might cause permissions failures to occur earlier than before.
 .
       The PostgreSQL Project thanks Dean Rasheed for reporting this problem.
       (CVE-2025-8713)
 .
     + Prevent pg_dump scripts from being used to attack the user running the
       restore (Nathan Bossart)
 .
       Since dump/restore operations typically involve running SQL commands as
       superuser, the target database installation must trust the source
       server.  However, it does not follow that the operating system user who
       executes psql to perform the restore should have to trust the source
       server.  The risk here is that an attacker who has gained
       superuser-level control over the source server might be able to cause it
       to emit text that would be interpreted as psql meta-commands. That would
       provide shell-level access to the restoring user's own account,
       independently of access to the target database.
 .
       To provide a positive guarantee that this can't happen, extend psql with
       a \restrict command that prevents execution of further meta-commands,
       and teach pg_dump to issue that before any data coming from the source
       server.
 .
       The PostgreSQL Project thanks Martin Rakhmanov, Matthieu Denais, and
       RyotaK for reporting this problem. (CVE-2025-8714)
 .
     + Convert newlines to spaces in names included in comments in pg_dump
       output (Noah Misch)
 .
       Object names containing newlines offered the ability to inject arbitrary
       SQL commands into the output script.  (Without the preceding fix,
       injection of psql meta-commands would also be possible this way.)
       CVE-2012-0868 fixed this class of problem at the time, but later work
       reintroduced several cases.
 .
       The PostgreSQL Project thanks Noah Misch for reporting this problem.
       (CVE-2025-8715)
Checksums-Sha1:
 e22e50e5a44d7d19be8e137720b0253ff5a58e6e 17576 libecpg-compat3-dbgsym_15.14-0+deb12u1_ppc64el.deb
 df3bc845c219dd0b8cfc3bb8d546a6b50b0b25cf 21004 libecpg-compat3_15.14-0+deb12u1_ppc64el.deb
 cbdbf90b97d37881927e6d545be8efaf18d7e3c0 224128 libecpg-dev-dbgsym_15.14-0+deb12u1_ppc64el.deb
 294b44099b1107a44fc5f86ef9237943e484541d 302664 libecpg-dev_15.14-0+deb12u1_ppc64el.deb
 4f99adb6949974b15767c5e3382aa6ac7792ce67 113940 libecpg6-dbgsym_15.14-0+deb12u1_ppc64el.deb
 b1332f632d05d948f947dcd7bd6c3db640ff77c0 67992 libecpg6_15.14-0+deb12u1_ppc64el.deb
 fd4f6882bb8212f4ae9ae995530abd3725169f23 90912 libpgtypes3-dbgsym_15.14-0+deb12u1_ppc64el.deb
 32997ccf0cb306465551b687a703a327d0b5b034 51596 libpgtypes3_15.14-0+deb12u1_ppc64el.deb
 d3e0b9fe312d8261e8b006f6464550764982c7cf 159824 libpq-dev_15.14-0+deb12u1_ppc64el.deb
 4de5b17baafe9b8445f0aff35799b403a2c3afc9 286256 libpq5-dbgsym_15.14-0+deb12u1_ppc64el.deb
 6e9775167ce89fac1614e5563c7d1f9425667457 205020 libpq5_15.14-0+deb12u1_ppc64el.deb
 548d36b038d68f7267dfeb9996eae87b41e0fbdf 16796804 postgresql-15-dbgsym_15.14-0+deb12u1_ppc64el.deb
 db2c1c574eef9f5df45386ce026d9c07f582e83e 17429 postgresql-15_15.14-0+deb12u1_ppc64el-buildd.buildinfo
 5be21c2e0d3b197833fee83dc07878f128ab3d72 17213244 postgresql-15_15.14-0+deb12u1_ppc64el.deb
 61e787e01b51958343c88b8c17dd6351f11a4b92 2520312 postgresql-client-15-dbgsym_15.14-0+deb12u1_ppc64el.deb
 29d9eca52031fa7826c6bb37c1d21e0364710e9f 1757236 postgresql-client-15_15.14-0+deb12u1_ppc64el.deb
 d48b4fab4b99be79bcaef35cbc616ad2d2e96797 186452 postgresql-plperl-15-dbgsym_15.14-0+deb12u1_ppc64el.deb
 3266a54f13c2b0fcb419f7b9fb87650d7461120b 93808 postgresql-plperl-15_15.14-0+deb12u1_ppc64el.deb
 dbc3839782f6b47c8c3b5ec5053f564436698c2d 176408 postgresql-plpython3-15-dbgsym_15.14-0+deb12u1_ppc64el.deb
 bc1b4f37cd97c8c32650fac384dbd4c67ee235de 114292 postgresql-plpython3-15_15.14-0+deb12u1_ppc64el.deb
 c1ca3314a131938f190c3f51869aaf4635d5b341 80020 postgresql-pltcl-15-dbgsym_15.14-0+deb12u1_ppc64el.deb
 a39b894450ecf85c2e6c548f7f61c79d4c22f1a2 45204 postgresql-pltcl-15_15.14-0+deb12u1_ppc64el.deb
 5df3bda50403f3a6e5d08a710f24e1d367441ef2 1167124 postgresql-server-dev-15_15.14-0+deb12u1_ppc64el.deb
Checksums-Sha256:
 2f81a415ca570432a4af691b7827c4906c78337a1c5940c102977dc2adae9629 17576 libecpg-compat3-dbgsym_15.14-0+deb12u1_ppc64el.deb
 63546e7ad5c999d06ce34472a94730ba7d3cd12e7625a3f788f51084b30620a2 21004 libecpg-compat3_15.14-0+deb12u1_ppc64el.deb
 be8b92756c4098a0774dfd4605f011c09175b67d03dd929dd1c8163dfa804dea 224128 libecpg-dev-dbgsym_15.14-0+deb12u1_ppc64el.deb
 0704beb5daa1f32c0dcbcf18b25d1f746b597f268b7ae506153b2f68a55071fa 302664 libecpg-dev_15.14-0+deb12u1_ppc64el.deb
 004c4cdb846ee43e62149b34d9b6b71590edfb3819fc57917a0736e75580d018 113940 libecpg6-dbgsym_15.14-0+deb12u1_ppc64el.deb
 5bdaade236d8dd1788b15724a6fdcc603f64003b5914f46e2f464f239b554753 67992 libecpg6_15.14-0+deb12u1_ppc64el.deb
 79d2aa0bfa0c04c8395722315d56ac3dff92723c5bf556d22722a52335e8c4bf 90912 libpgtypes3-dbgsym_15.14-0+deb12u1_ppc64el.deb
 33fa9964c0dab0eeaeef2bccf83624fe4e3ce20a9cee103ddefa54aa928b7219 51596 libpgtypes3_15.14-0+deb12u1_ppc64el.deb
 aaa2265939f2d7d1c3f8b1992225e11422f7a52858bb1abdc98a1b0d6418e3ee 159824 libpq-dev_15.14-0+deb12u1_ppc64el.deb
 6ffbe957e4dc674ab5c9cc2f943d1e214fa6c3be5d2ccb95e018da8ad647ec8e 286256 libpq5-dbgsym_15.14-0+deb12u1_ppc64el.deb
 646ca862c24a440922040e4afce576dccf42c75931d6b4b4b4215f79ab76d631 205020 libpq5_15.14-0+deb12u1_ppc64el.deb
 918e5a4290787a915c9cb99ce463ebbf47b333ff560777f42db1ff67fdfb8e23 16796804 postgresql-15-dbgsym_15.14-0+deb12u1_ppc64el.deb
 fe75feb70ef915952a97d16d6c3613435302ae172f294f3226663ebe0166cd8b 17429 postgresql-15_15.14-0+deb12u1_ppc64el-buildd.buildinfo
 1b408a71ba24fcb3ad0401c7c92cfb42c8aca0e0e0d59dc3d2d25b1ebe207516 17213244 postgresql-15_15.14-0+deb12u1_ppc64el.deb
 94f1f6a18d9a7f0b1017ce4ea7efee48e359bcabfa6b2cb29d4094ee56e95d5f 2520312 postgresql-client-15-dbgsym_15.14-0+deb12u1_ppc64el.deb
 41ac0eda950879bc76c90c28fb41e6eec0f187de9df039641aa57d353ba13b4a 1757236 postgresql-client-15_15.14-0+deb12u1_ppc64el.deb
 e33bfc936b25ddc74b4aa10c00151e86086010ae9ffb1c38aa978459ead0c7e1 186452 postgresql-plperl-15-dbgsym_15.14-0+deb12u1_ppc64el.deb
 5c4886c61125ec248c08b87153bef22e045d88d5fcc39eaa2edcd2601552335c 93808 postgresql-plperl-15_15.14-0+deb12u1_ppc64el.deb
 5152b1a9dcf31117155ddddbdab743466c42b45d75ccdca86b8661066cb09aaf 176408 postgresql-plpython3-15-dbgsym_15.14-0+deb12u1_ppc64el.deb
 b275715101c15f419ea8ed0804ed4a528591ba265dae8a2e75c98624ee465c2b 114292 postgresql-plpython3-15_15.14-0+deb12u1_ppc64el.deb
 5e1c60769b5982bcd3b403fd42798315bbad839835d60cb2b77c07d5084c4cc9 80020 postgresql-pltcl-15-dbgsym_15.14-0+deb12u1_ppc64el.deb
 6a013048130872653eb3a1bc38abec8debef1b9f0efe8cbcce3cfa70674d8258 45204 postgresql-pltcl-15_15.14-0+deb12u1_ppc64el.deb
 3b58500895a65699e584825827f6854edf7945b8f2bfa8caae716adfdea39c89 1167124 postgresql-server-dev-15_15.14-0+deb12u1_ppc64el.deb
Files:
 a6e6239c7e526382120306b2e6642172 17576 debug optional libecpg-compat3-dbgsym_15.14-0+deb12u1_ppc64el.deb
 af3d3b3ea1b41c3c9b9f8fefead2bd6b 21004 libs optional libecpg-compat3_15.14-0+deb12u1_ppc64el.deb
 210210bbd51978712d6c3a321c9d5596 224128 debug optional libecpg-dev-dbgsym_15.14-0+deb12u1_ppc64el.deb
 b27b00d7a08bff6d3229d2a2ab96b091 302664 libdevel optional libecpg-dev_15.14-0+deb12u1_ppc64el.deb
 cdc9ba899011b0520aed02d2e425feda 113940 debug optional libecpg6-dbgsym_15.14-0+deb12u1_ppc64el.deb
 7710ad0155916af9c779ab95b5cc0c86 67992 libs optional libecpg6_15.14-0+deb12u1_ppc64el.deb
 7f13a3cd3e221d534d2f300b79329b1a 90912 debug optional libpgtypes3-dbgsym_15.14-0+deb12u1_ppc64el.deb
 6517261a8d0c023a08c4c39f4ee2176a 51596 libs optional libpgtypes3_15.14-0+deb12u1_ppc64el.deb
 d2310ebc798504530ec1da998b5e8e68 159824 libdevel optional libpq-dev_15.14-0+deb12u1_ppc64el.deb
 1bd96bebd62a5cfac83802c4d4ecb8ea 286256 debug optional libpq5-dbgsym_15.14-0+deb12u1_ppc64el.deb
 6bec800162132a9f0c8ea68e80e0da92 205020 libs optional libpq5_15.14-0+deb12u1_ppc64el.deb
 315f0ae094e17b06f0a606128ef48617 16796804 debug optional postgresql-15-dbgsym_15.14-0+deb12u1_ppc64el.deb
 edd69fb953f1fae0e3630792b6cf8d1e 17429 database optional postgresql-15_15.14-0+deb12u1_ppc64el-buildd.buildinfo
 cec66769a2250e21187e9e1b868093ee 17213244 database optional postgresql-15_15.14-0+deb12u1_ppc64el.deb
 46688db3ee64a35d453276e003acedd4 2520312 debug optional postgresql-client-15-dbgsym_15.14-0+deb12u1_ppc64el.deb
 983b389a4de9144333f6ea890596810e 1757236 database optional postgresql-client-15_15.14-0+deb12u1_ppc64el.deb
 3e7eb10115de2297598907262adb3fd2 186452 debug optional postgresql-plperl-15-dbgsym_15.14-0+deb12u1_ppc64el.deb
 d1d02933c486dd4e980aaedef19354d1 93808 database optional postgresql-plperl-15_15.14-0+deb12u1_ppc64el.deb
 87fd300f66c3979261113e76506b5e2c 176408 debug optional postgresql-plpython3-15-dbgsym_15.14-0+deb12u1_ppc64el.deb
 11f8693125b4def2555acb8786eee2e1 114292 database optional postgresql-plpython3-15_15.14-0+deb12u1_ppc64el.deb
 5e08502cbd83ad3e8066337b0a89647d 80020 debug optional postgresql-pltcl-15-dbgsym_15.14-0+deb12u1_ppc64el.deb
 ea446f9b99d53a03db50f45f0c15e068 45204 database optional postgresql-pltcl-15_15.14-0+deb12u1_ppc64el.deb
 9b65682446d246a906fff80768ea174a 1167124 libdevel optional postgresql-server-dev-15_15.14-0+deb12u1_ppc64el.deb

-----BEGIN PGP SIGNATURE-----

iQIzBAEBCgAdFiEEYo4fOZBRi9qmvTxH1PowSTJ8+YQFAmioongACgkQ1PowSTJ8
+YRnjg/9Eb8bDAF/L6wmXRZHJR55jXBkfiD/NEhIUXwXDBwoikkQJZ4Xk37NK3fb
h6+LgW4yimNrzLbVBvLMZlVzUrfbadymrBpTscAHQKOYx3igplhuJMjRK3Hq2c/T
3v61Ddu9oPdc55669vZxrV8zswnne1FMVJ2TaOjvyJgeZFM4jJ5vkdmXNmVsodJy
k2sXE8HMt3pleLZ+WLxM72cV+FjqxAZuvxQt1JPicQnJ1rfve2OpOfzlO/Z/O3H+
VU7dGx4N8A2dGAVuzWRv7jajaFne2Ej+yJeI7i1lwaoh3So6sSEI2G0WcizotX2d
RJg7ZDgMudErYkJhZ8cqzffTh2Dcu+ppuQyxS1pWmUz1iQ+pYFZXO3C8mlvW1cWU
pB6rSaZVBZGopG7EoyZkBJH/rmHTstrdssdDn5aNU2NW1S3sY1B+n23xFNLMQWP+
9JFJK77cjHHRi5ViLA0gMck+DVND7JmUOuuOpIdUsyiOxn7MJM+vODFgeYVAu+Fv
QHe3lsniL47le3gVu73HjJspRWNUqrW/2AD4vQ4kUlQ4KxlkwM3V15xeyB05M370
vREo6DAkj9HEY8taikBvfKzkParDANy5Ft8+OvuWQ7I/2M/b9uDPAdbvhQdwsTWW
MQmk8RpmuJ0yS+5cjCaQXSKe0xrQ4NBQ0C1f6sH2HPrQrlwPXG0=
=lwfh
-----END PGP SIGNATURE-----