1. Forum
  2. Usenet
  3. LINUX.DEBIAN.CHANGES

  • Accepted postgresql-15 15.8-0+deb12u1 (source) into proposed-updates

    From Debian FTP Masters@21:1/5 to All on Mon Aug 12 22:40:02 2024
    -----BEGIN PGP SIGNED MESSAGE-----
    Hash: SHA256

    Format: 1.8
    Date: Wed, 07 Aug 2024 15:24:37 +0200
    Source: postgresql-15
    Architecture: source
    Version: 15.8-0+deb12u1
    Distribution: bookworm-security
    Urgency: medium
    Maintainer: Debian PostgreSQL Maintainers <team+postgresql@tracker.debian.org> Changed-By: Christoph Berg <myon@debian.org>
    Changes:
    postgresql-15 (15.8-0+deb12u1) bookworm-security; urgency=medium
    .
    * New upstream version.
    .
    + Prevent unauthorized code execution during pg_dump (Masahiko Sawada)
    .
    An attacker able to create and drop non-temporary objects could inject
    SQL code that would be executed by a concurrent pg_dump session with the
    privileges of the role running pg_dump (which is often a superuser).
    The attack involves replacing a sequence or similar object with a view
    or foreign table that will execute malicious code. To prevent this,
    introduce a new server parameter restrict_nonsystem_relation_kind that
    can disable expansion of non-builtin views as well as access to foreign
    tables, and teach pg_dump to set it when available. Note that the
    attack is prevented only if both pg_dump and the server it is dumping
    from are new enough to have this fix.
    .
    The PostgreSQL Project thanks Noah Misch for reporting this problem.
    (CVE-2024-7348)
    .
    * Refresh debian/patches/focal-arm64-outline-atomics.
    Checksums-Sha1:
    37fcb91398dd283de89e34fd5a5f23e889e7ca26 3919 postgresql-15_15.8-0+deb12u1.dsc
    4decf90a7557c41fc61312e8696f59e0f7123d2a 23119460 postgresql-15_15.8.orig.tar.bz2
    1a507b731b529206899be375aef4efce6538a387 26132 postgresql-15_15.8-0+deb12u1.debian.tar.xz
    Checksums-Sha256:
    79ec6c54824ad3653a75400593e9741fd69d2a6fa9bf73fa95785562ee25c3b0 3919 postgresql-15_15.8-0+deb12u1.dsc
    4403515f9a69eeb3efebc98f30b8c696122bfdf895e92b3b23f5b8e769edcb6a 23119460 postgresql-15_15.8.orig.tar.bz2
    7587beb629016891e3493f1458bbcc2d774012b82fb5cc40e55b53c248a9bb79 26132 postgresql-15_15.8-0+deb12u1.debian.tar.xz
    Files:
    db8f62cb8d1d0cfbce3699ca932b24b2 3919 database optional postgresql-15_15.8-0+deb12u1.dsc
    66fad6344ae2b748f6ef4db19589bf07 23119460 database optional postgresql-15_15.8.orig.tar.bz2
    15244f20fc7bc5ad0fde2050a87a22a9 26132 database optional postgresql-15_15.8-0+deb12u1.debian.tar.xz

    -----BEGIN PGP SIGNATURE-----

    iQIzBAEBCAAdFiEEXEj+YVf0kXlZcIfGTFprqxLSp64FAma0zmQACgkQTFprqxLS p6704g//Vd/0G+CeMCkB2p7oeGDlRoZBUre+GvsBqZWjABPv/AWnSaYSQMaT6EDu hjlloxAJJOODq8gZvOgQMBlhi3CB6RjJ7aXKB2LV0VOMGCWwRsfn3cRNemK3DOI1 m+6a1nobmXw32jBl2AA7cPp6xQXm0o5XBVTf2Lk7M6/IjOUb8KkUdbg7f9P9DWu8 s/COAJX6a9vCQh7TuO2odwYHisfNCqCN7QgHv1phy3fcIoLpzk5HSPlwShyza3Lk r3PNLa8cPVCkjtlC9BIdIqsOzHR72lNBR3P+q7T9a1F70PFkD7L8RsbDKzVq3Sqj lgq7Zu7NRtTD5yM1XeEkg8H+cxz1qRZl3TpZ0ycUVK4mK0Di6g+hXlPM0BMbWBba bvAW2kELrD/8Qp3y6SMIev3RjnmvnfM6bmBMD7kFBJT+YFdZfwYHWDzTvJGXn7jh coqDx7OeINMNfkkV3fVZ/hj9FjKNKUfJneOWC0MfLp/67xVyg0NspedhDf1HXGWk AwyOHtj4AI1m+WiY0KAWCX4lVFEM38wxYci27fqJppEfZZt7YT+QT8qq9PK4Rlp2 6zQuu+Jh21aeS0LV/tkCVCEd/p7OIlgB0QKuusPJxcVe8VbUpn23ateT3vHnUjqr GZHJt8tdECDrtFED5s3HXXjbYoV0mludYlkHP3/VybCehheVhiQ=
    =1Gg/
    -----END PGP SIGNATURE-----


    --==============G00001377087750838=Content-Type: application/pgp-signature

    -----BEGIN PGP SIGNATURE-----

    iHUEABYIAB0WIQTziqJOuF8J+ZI8pJSb9qggYcy5IQUCZrpxpQAKCRCb9qggYcy5 ITxDAP9G/rqM2YyqlveIXxtohrkT5Q4U4R3Zkdx9hRIHuLQScgEA9vljrEfqsmDM QCmTba6R/sxgaqLZFgn/Jtu6TdWT8AE=YhAA
    -----END PGP SIGNATURE-----

    --- SoupGate-Win32 v1.05
    * Origin: fsxNet Usenet Gateway (21:1/5)