-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA512

Format: 1.8
Date: Wed, 13 Aug 2025 13:03:55 +0200
Source: postgresql-17
Binary: libecpg-compat3 libecpg-compat3-dbgsym libecpg-dev libecpg-dev-dbgsym libecpg6 libecpg6-dbgsym libpgtypes3 libpgtypes3-dbgsym libpq-dev libpq5 libpq5-dbgsym postgresql-17 postgresql-17-dbgsym postgresql-client-17 postgresql-client-17-dbgsym postgresql-plperl-17 postgresql-plperl-17-dbgsym postgresql-plpython3-17 postgresql-plpython3-17-dbgsym postgresql-pltcl-17 postgresql-pltcl-17-dbgsym postgresql-server-dev-17 postgresql-server-dev-17-dbgsym
Architecture: i386
Version: 17.6-0+deb13u1
Distribution: trixie
Urgency: medium
Maintainer: amd64 / i386 Build Daemon (x86-ubc-01) <buildd_amd64-x86-ubc-01@buildd.debian.org>
Changed-By: Christoph Berg <myon@debian.org>
Description:
 libecpg-compat3 - older version of run-time library for ECPG programs
 libecpg-dev - development files for ECPG (Embedded PostgreSQL for C)
 libecpg6   - run-time library for ECPG programs
 libpgtypes3 - shared library libpgtypes for PostgreSQL 17
 libpq-dev  - header files for libpq5 (PostgreSQL library)
 libpq5     - PostgreSQL C client library
 postgresql-17 - The World's Most Advanced Open Source Relational Database
 postgresql-client-17 - front-end programs for PostgreSQL 17
 postgresql-plperl-17 - PL/Perl procedural language for PostgreSQL 17
 postgresql-plpython3-17 - PL/Python 3 procedural language for PostgreSQL 17
 postgresql-pltcl-17 - PL/Tcl procedural language for PostgreSQL 17
 postgresql-server-dev-17 - development files for PostgreSQL 17 server-side programming
Closes: 1107984
Changes:
 postgresql-17 (17.6-0+deb13u1) trixie; urgency=medium
 .
   * New upstream version 17.6.
 .
     + Tighten security checks in planner estimation functions (Dean Rasheed)
 .
       The fix for CVE-2017-7484, plus followup fixes, intended to prevent
       leaky functions from being applied to statistics data for columns that
       the calling user does not have permission to read.  Two gaps in that
       protection have been found.  One gap applies to partitioning and
       inheritance hierarchies where RLS policies on the tables should restrict
       access to statistics data, but did not.
 .
       The other gap applies to cases where the query accesses a table via a
       view, and the view owner has permissions to read the underlying table
       but the calling user does not have permissions on the view. The view
       owner's permissions satisfied the security checks, and the leaky
       function would get applied to the underlying table's statistics before
       we check the calling user's permissions on the view.  This has been
       fixed by making security checks on views occur at the start of planning.
       That might cause permissions failures to occur earlier than before.
 .
       The PostgreSQL Project thanks Dean Rasheed for reporting this problem.
       (CVE-2025-8713)
 .
     + Prevent pg_dump scripts from being used to attack the user running the
       restore (Nathan Bossart)
 .
       Since dump/restore operations typically involve running SQL commands as
       superuser, the target database installation must trust the source
       server.  However, it does not follow that the operating system user who
       executes psql to perform the restore should have to trust the source
       server.  The risk here is that an attacker who has gained
       superuser-level control over the source server might be able to cause it
       to emit text that would be interpreted as psql meta-commands. That would
       provide shell-level access to the restoring user's own account,
       independently of access to the target database.
 .
       To provide a positive guarantee that this can't happen, extend psql with
       a \restrict command that prevents execution of further meta-commands,
       and teach pg_dump to issue that before any data coming from the source
       server.
 .
       The PostgreSQL Project thanks Martin Rakhmanov, Matthieu Denais, and
       RyotaK for reporting this problem. (CVE-2025-8714)
 .
     + Convert newlines to spaces in names included in comments in pg_dump
       output (Noah Misch)
 .
       Object names containing newlines offered the ability to inject arbitrary
       SQL commands into the output script.  (Without the preceding fix,
       injection of psql meta-commands would also be possible this way.)
       CVE-2012-0868 fixed this class of problem at the time, but later work
       reintroduced several cases.
 .
       The PostgreSQL Project thanks Noah Misch for reporting this problem.
       (CVE-2025-8715)
 .
   * Add Turkish debconf translation by Atila KOÇ, thanks! (Closes: #1107984)
   * Drop hurd-iovec patch, implemented upstream.
Checksums-Sha1:
 d774d7605c7e07208b2ff0ae2c099f63188727f7 14336 libecpg-compat3-dbgsym_17.6-0+deb13u1_i386.deb
 d79b8fc7e384c0cb9870358b6c6f93d83555856b 17152 libecpg-compat3_17.6-0+deb13u1_i386.deb
 3c4e4837a15d36c69887a64253f5158b1bc721d5 274196 libecpg-dev-dbgsym_17.6-0+deb13u1_i386.deb
 52e5c90d8fcef07cec2553bb25832d31d729715a 311084 libecpg-dev_17.6-0+deb13u1_i386.deb
 17a35500c015987ee2739eda574823f23a71413f 102896 libecpg6-dbgsym_17.6-0+deb13u1_i386.deb
 209c2825e06768b47d417652a26a96d3e4c1ac78 65640 libecpg6_17.6-0+deb13u1_i386.deb
 ea7137d47fd67291d12ed13471bc0fe360c245b3 83416 libpgtypes3-dbgsym_17.6-0+deb13u1_i386.deb
 f06b116b15c5f8a7e2a56360a733b5c6f2c96b51 47372 libpgtypes3_17.6-0+deb13u1_i386.deb
 590aa7914bde291898d29b214332488d2bb4673b 159668 libpq-dev_17.6-0+deb13u1_i386.deb
 cabb087f26d346a3af3167eb19f97571b26d059f 257780 libpq5-dbgsym_17.6-0+deb13u1_i386.deb
 8a818a5fce4896df2cd8828504c604b31f9ef26d 237512 libpq5_17.6-0+deb13u1_i386.deb
 68617aba20e4ce754eed87506a5c0d95a03e15a7 17674328 postgresql-17-dbgsym_17.6-0+deb13u1_i386.deb
 79bb823483e894eb4f21626f555ade2cd97462ca 16819 postgresql-17_17.6-0+deb13u1_i386-buildd.buildinfo
 db575d4d35e4403b161bbb3d6376111ceadeddd4 16784468 postgresql-17_17.6-0+deb13u1_i386.deb
 def0d2bde42feb8aa7adc93fdb108125bf82f5dc 2577144 postgresql-client-17-dbgsym_17.6-0+deb13u1_i386.deb
 af7e7ee02f1c72a2a51fad1b213f058ff0060566 2058768 postgresql-client-17_17.6-0+deb13u1_i386.deb
 1f67578f293b681e931bfba374ba1ae2a2d00ad1 190184 postgresql-plperl-17-dbgsym_17.6-0+deb13u1_i386.deb
 78aee572f98f745135088693ec76cf3841847a0b 88432 postgresql-plperl-17_17.6-0+deb13u1_i386.deb
 8138fa103b838cd927eec99280fed8f4de0faf2d 187696 postgresql-plpython3-17-dbgsym_17.6-0+deb13u1_i386.deb
 a80456bb3db7d08e7e15f926ac9fe9631dfde1b4 112732 postgresql-plpython3-17_17.6-0+deb13u1_i386.deb
 53382e3aac4c146ff96fc2b519f1fbc23ff373a8 78132 postgresql-pltcl-17-dbgsym_17.6-0+deb13u1_i386.deb
 553a341ea7787bd764a7f823e5d30fc4bcb307df 44028 postgresql-pltcl-17_17.6-0+deb13u1_i386.deb
 f349c96af74b773b72fb8db1ca39acf87d3ac084 53996 postgresql-server-dev-17-dbgsym_17.6-0+deb13u1_i386.deb
 7023708f33cc37b728f95560e88a3558aa67fcde 1337876 postgresql-server-dev-17_17.6-0+deb13u1_i386.deb
Checksums-Sha256:
 169143f5ba149887a5cc006ba96d6f3efba54c417b84645e473c83bcdb7e5e37 14336 libecpg-compat3-dbgsym_17.6-0+deb13u1_i386.deb
 670a8338c7745357ec7a35e8af04209f548da77ab93ae78f8215e86b41d5e12c 17152 libecpg-compat3_17.6-0+deb13u1_i386.deb
 6388fe8fdb939a0dad3eaa764ff810719ee73ceaea73df7b1505abd7aa76ddd3 274196 libecpg-dev-dbgsym_17.6-0+deb13u1_i386.deb
 b3d47a366536bd4404d954f076cc548092e7446e610e35973c518c278bad3154 311084 libecpg-dev_17.6-0+deb13u1_i386.deb
 1c14844377c4787dd297839a2e771790cdbb1a6e06c2f04c3013db8ddc947d13 102896 libecpg6-dbgsym_17.6-0+deb13u1_i386.deb
 4197a38f17a49dfb646361abb68cc89bcbcb343a1d75b8bb559e761304cb8c3b 65640 libecpg6_17.6-0+deb13u1_i386.deb
 d8a86df8803ea5952fabc40d0f8ba591be0f3b0eff3b9e4d7271012c6b76e003 83416 libpgtypes3-dbgsym_17.6-0+deb13u1_i386.deb
 5ee0f59b69345707f0c76c315fc02af925521eb2954d03d61aae652af2e1fcfb 47372 libpgtypes3_17.6-0+deb13u1_i386.deb
 91268737f812124c43e76f9ed5a33520a20266c5801252c6318691e23a1e121a 159668 libpq-dev_17.6-0+deb13u1_i386.deb
 00aeff0c67f63c8dc3fcd769cd0817fd0350bab3829d2f548173c43909600fd8 257780 libpq5-dbgsym_17.6-0+deb13u1_i386.deb
 26163eaff640ae500105b076849b53f84a1a10fb757e386c93daf162e95876f1 237512 libpq5_17.6-0+deb13u1_i386.deb
 c861e7b9bed4da22c7bb07853f38005a24e30df55b861c0a8ced81bc1126b061 17674328 postgresql-17-dbgsym_17.6-0+deb13u1_i386.deb
 5d77b8beb4ad2213de2eaac4dbcf6ca57eace5c62bbfc269a308b8363ba35ff0 16819 postgresql-17_17.6-0+deb13u1_i386-buildd.buildinfo
 ed17b42eb54bd422a3189a0556d1f81ca6ad99a9bfa8c889430e40565e5ed027 16784468 postgresql-17_17.6-0+deb13u1_i386.deb
 dbab5a663f6e4b9519237b3e2634b621fe770b95c4d725e38937c8a631148da0 2577144 postgresql-client-17-dbgsym_17.6-0+deb13u1_i386.deb
 41d864bb347ef656890c54234dcdb523492989c1454f6d60c9d372e73a344df0 2058768 postgresql-client-17_17.6-0+deb13u1_i386.deb
 5f692fc9d61acbccd6b03551a77e99517ebdd72f5ebdab89a0a46b65e4010ca0 190184 postgresql-plperl-17-dbgsym_17.6-0+deb13u1_i386.deb
 eef1acaaf14b2592ba01fbd9f55d86b96ba4ec8cb9de4cac43429c063bd72fc3 88432 postgresql-plperl-17_17.6-0+deb13u1_i386.deb
 6bd105687c52880826bca727ac07f1fd1edabaee33366d13b8a530b9a3599c33 187696 postgresql-plpython3-17-dbgsym_17.6-0+deb13u1_i386.deb
 0b86342dc4d74f797fa2c0d0d698815e1dcaa55b7627f4044431fca977789fa2 112732 postgresql-plpython3-17_17.6-0+deb13u1_i386.deb
 5f1e6926832f5d641a9e3349103f53a48dcb0962460034520f01adf4b0492e08 78132 postgresql-pltcl-17-dbgsym_17.6-0+deb13u1_i386.deb
 8d63a0fceb3201fccdc88167c8321be02a343981199a1b32118664148148a160 44028 postgresql-pltcl-17_17.6-0+deb13u1_i386.deb
 28bdcdd47a3cd97e0b4e90e6a11ffc97f70647ee1dc7b18a4e68046c68788e4c 53996 postgresql-server-dev-17-dbgsym_17.6-0+deb13u1_i386.deb
 a7b4de065201bceff5fe0846756ceb51dc0f45546c6c892d83039667f02b2591 1337876 postgresql-server-dev-17_17.6-0+deb13u1_i386.deb
Files:
 124b49ee75dc80822e88c4efc3eaaec7 14336 debug optional libecpg-compat3-dbgsym_17.6-0+deb13u1_i386.deb
 45993f01f75f8d658fc64a0d55d22355 17152 libs optional libecpg-compat3_17.6-0+deb13u1_i386.deb
 e797bfa3e16a6e19b8d1c6b260ab8937 274196 debug optional libecpg-dev-dbgsym_17.6-0+deb13u1_i386.deb
 34719dab5b717d49ab527cb6b669566d 311084 libdevel optional libecpg-dev_17.6-0+deb13u1_i386.deb
 832ec7de13d39ae0bafa816e85c74713 102896 debug optional libecpg6-dbgsym_17.6-0+deb13u1_i386.deb
 a252ee96edeafb7c87fa25e24fdd0215 65640 libs optional libecpg6_17.6-0+deb13u1_i386.deb
 f5f0a30613e7a7f4feb021ef4b34988a 83416 debug optional libpgtypes3-dbgsym_17.6-0+deb13u1_i386.deb
 d57d1c46c5499a9cac3333a21729eb45 47372 libs optional libpgtypes3_17.6-0+deb13u1_i386.deb
 adca9b20250c7fb7cc6911e5bc735f97 159668 libdevel optional libpq-dev_17.6-0+deb13u1_i386.deb
 a68906ea4fb5a29f6c7487a7ab215242 257780 debug optional libpq5-dbgsym_17.6-0+deb13u1_i386.deb
 740b024685a375b6f23e777eb6986653 237512 libs optional libpq5_17.6-0+deb13u1_i386.deb
 c1330625f2304316320c85df3d7c55c1 17674328 debug optional postgresql-17-dbgsym_17.6-0+deb13u1_i386.deb
 0f7b9a78c2a2ae971a5f90f72e580b4c 16819 database optional postgresql-17_17.6-0+deb13u1_i386-buildd.buildinfo
 251ffe482c40234d2e2a882235bb6a68 16784468 database optional postgresql-17_17.6-0+deb13u1_i386.deb
 c0d922d2ef0f43ca67216e028e134b15 2577144 debug optional postgresql-client-17-dbgsym_17.6-0+deb13u1_i386.deb
 20e8b9225f4ef558d13a91b7834ad026 2058768 database optional postgresql-client-17_17.6-0+deb13u1_i386.deb
 c67fe9136dbdad4f7730283a7f2f283b 190184 debug optional postgresql-plperl-17-dbgsym_17.6-0+deb13u1_i386.deb
 97edabc2ba9054a96efc192e33167832 88432 database optional postgresql-plperl-17_17.6-0+deb13u1_i386.deb
 a5eab950511e7e380c6c07db16ee02d3 187696 debug optional postgresql-plpython3-17-dbgsym_17.6-0+deb13u1_i386.deb
 f0318230376a0d049e0e6e2baf6489b9 112732 database optional postgresql-plpython3-17_17.6-0+deb13u1_i386.deb
 91a7a1d186c5e0db1f21bd49d46fe319 78132 debug optional postgresql-pltcl-17-dbgsym_17.6-0+deb13u1_i386.deb
 5927965324ee51ccc1346b5d42c3b11a 44028 database optional postgresql-pltcl-17_17.6-0+deb13u1_i386.deb
 31310c2d5f5992b21668244950cdc85c 53996 debug optional postgresql-server-dev-17-dbgsym_17.6-0+deb13u1_i386.deb
 c04119305818aa0aa0b1a97f50ac7fb6 1337876 libdevel optional postgresql-server-dev-17_17.6-0+deb13u1_i386.deb

-----BEGIN PGP SIGNATURE-----

iQIzBAEBCgAdFiEEnw0rdzqckKx6dwRTEbCLukZn24oFAmio5xkACgkQEbCLukZn
24px3hAAmqt5FTHah1A2hFynfU3enqUNIBhsweg7zstiMcyz4DORk7nH8o0yzD4m
NuUGMcjql5X6mN1nvEAQMdPN1sByUn+2br5fIGq0d3GU0PUfRuY+UuRikVqewR4w
Gb+T6FfhfLt5fCYNRqMXuUiovKdu5lNuz5G9A5GOHhJAaJcqy7vpIdSvgqXm4Ljd
0NRe2vMnrSsnj/SFLltvH/MPYR60cg8P/yV+C3hPL+KjpVRh58dOfTSDNGdE5wok
9QwauzIHesyOMIBrmaS2FLQTEDFntAL/N6U+su7quzCHy/Tre5bR4lkvqyiJ40mS
6n9IRx5kCync2zw8GaCkI+ky2SUioQO1qBpirGabIZvoUvTc4ePMYzmD2oK5nYMw
pwjxr5jQHluNTcF3dCWr6eIxW3Sljqc0lKdPqeKpsXNAX+oBLTKJGAVDfey+aR34
D9VQIl0/LBsJ7b/wiknF9tFukEEoJ9jFk0wtAS8YAPxFyfR1qIObkdSOjT0aTH3S
P5NpF1Yq5OkveeW3fI/M5ETntDQHxQyMNfivPIy5L4dXXYv6+d5jJ5lEQikJEM3/
LjbQb3GTnoiE7uNJZl60jqqt5YMFQg82HWOBW2Y93OobrAZFRmGaon/TDnfyHuWx
jb2DMgTr2i0iNJoVgqCEudtli+441Nr1t/zzKn/Fv199QV6Wo/w=
=DJTz
-----END PGP SIGNATURE-----