-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA512

Format: 1.8
Date: Wed, 13 Aug 2025 13:03:55 +0200
Source: postgresql-17
Binary: postgresql-doc-17
Architecture: all
Version: 17.6-0+deb13u1
Distribution: trixie
Urgency: medium
Maintainer: all / amd64 / i386 Build Daemon (x86-grnet-03) <buildd_amd64-x86-grnet-03@buildd.debian.org>
Changed-By: Christoph Berg <myon@debian.org>
Description:
 postgresql-doc-17 - documentation for the PostgreSQL database management system
Closes: 1107984
Changes:
 postgresql-17 (17.6-0+deb13u1) trixie; urgency=medium
 .
   * New upstream version 17.6.
 .
     + Tighten security checks in planner estimation functions (Dean Rasheed)
 .
       The fix for CVE-2017-7484, plus followup fixes, intended to prevent
       leaky functions from being applied to statistics data for columns that
       the calling user does not have permission to read.  Two gaps in that
       protection have been found.  One gap applies to partitioning and
       inheritance hierarchies where RLS policies on the tables should restrict
       access to statistics data, but did not.
 .
       The other gap applies to cases where the query accesses a table via a
       view, and the view owner has permissions to read the underlying table
       but the calling user does not have permissions on the view. The view
       owner's permissions satisfied the security checks, and the leaky
       function would get applied to the underlying table's statistics before
       we check the calling user's permissions on the view.  This has been
       fixed by making security checks on views occur at the start of planning.
       That might cause permissions failures to occur earlier than before.
 .
       The PostgreSQL Project thanks Dean Rasheed for reporting this problem.
       (CVE-2025-8713)
 .
     + Prevent pg_dump scripts from being used to attack the user running the
       restore (Nathan Bossart)
 .
       Since dump/restore operations typically involve running SQL commands as
       superuser, the target database installation must trust the source
       server.  However, it does not follow that the operating system user who
       executes psql to perform the restore should have to trust the source
       server.  The risk here is that an attacker who has gained
       superuser-level control over the source server might be able to cause it
       to emit text that would be interpreted as psql meta-commands. That would
       provide shell-level access to the restoring user's own account,
       independently of access to the target database.
 .
       To provide a positive guarantee that this can't happen, extend psql with
       a \restrict command that prevents execution of further meta-commands,
       and teach pg_dump to issue that before any data coming from the source
       server.
 .
       The PostgreSQL Project thanks Martin Rakhmanov, Matthieu Denais, and
       RyotaK for reporting this problem. (CVE-2025-8714)
 .
     + Convert newlines to spaces in names included in comments in pg_dump
       output (Noah Misch)
 .
       Object names containing newlines offered the ability to inject arbitrary
       SQL commands into the output script.  (Without the preceding fix,
       injection of psql meta-commands would also be possible this way.)
       CVE-2012-0868 fixed this class of problem at the time, but later work
       reintroduced several cases.
 .
       The PostgreSQL Project thanks Noah Misch for reporting this problem.
       (CVE-2025-8715)
 .
   * Add Turkish debconf translation by Atila KOÇ, thanks! (Closes: #1107984)
   * Drop hurd-iovec patch, implemented upstream.
Checksums-Sha1:
 2e77d67097654c371c2b6145fbc59b57923b22da 10022 postgresql-17_17.6-0+deb13u1_all-buildd.buildinfo
 c63eb2afbfe5a92e70ef994db36ce9e13fa42580 2143468 postgresql-doc-17_17.6-0+deb13u1_all.deb
Checksums-Sha256:
 a681ce487555da2ec6c5d82f2c2b574d380299e7823462c2e145f56d3d1f9a2f 10022 postgresql-17_17.6-0+deb13u1_all-buildd.buildinfo
 c7ed93fe3f0e2f37324a9f3ff4ef6a53ac41d5753f29e6b5238053d144234dd5 2143468 postgresql-doc-17_17.6-0+deb13u1_all.deb
Files:
 b30697cea28cdd364c20c27aaa165482 10022 database optional postgresql-17_17.6-0+deb13u1_all-buildd.buildinfo
 c3ee2b139e7ca1c169ab5d5faa7242d6 2143468 doc optional postgresql-doc-17_17.6-0+deb13u1_all.deb

-----BEGIN PGP SIGNATURE-----

iQIzBAEBCgAdFiEEHqtYLkdKRyCY94K8fUw6/tXbAmMFAmio25kACgkQfUw6/tXb
AmMFRw/+JxOMAkdp/fmoxS5knNmvM8eH4pj7vH4DDwL+uOtmk+bVgolJoDl+MWhD
mHHHIsWfxZWJmpRZiPEftvsgbMWAJprhXk+XN6uZZJ01SHq7gqhWCk3h8XL5Hun6
hP+YWVDgQsOWxPzVWP9a0hxLJOuythfDfNstdBITOlxtHF1ik41XXBjVwTO5/Bfl
pxzwMf1om2Ps/1THtaejXTJtdpmdyMsVr3UYziFWrpdDv0pYcjRlOisNKd18uQLE
WAz0L+PKjoC/UVHuyv1vkCJ+xYxEE3OslQVkS7sPbS7O4IBmQ971ikzFyXwzGHnK
G++wmNe2PMbNqhAi47u8KcSsVvyh0tn8YEUKzatp5x0a8C2+fiXNZVIEhwfSIWBf
WxVf1tFTPYgDJny5BCemZMV0Y1/9gE9I7sDgrQFg8f7axEif8poqNhT1fdt2V7Wk
+9MnELna5b77qfGDKySD6kpE3LcYQ0Oun5XwrAEqXL9WroB1FRQPNnTtP3Uthhot
ydQnyshEapaYqlprerGcA2Eet2VKwPT33ms1t9bD0qmpIZVXt3VRORuVWaO6NuPi
3jkzwuEWzco6N1bJsgwKFmm4YYDfrbX0sHmi3rLgPpSqdDImT5C0/Z/vi3lah8Jo
BySzeVWytwupDk8wY1/YnCcm7bXw8uQSx9pkiyyai+kUYFx1Ho8=
=mu0l
-----END PGP SIGNATURE-----