Format: 1.8 Date: Wed, 22 Nov 2023 21:50:50 -0500 Source: postgresql-12 Binary: libecpg-compat3 libecpg-dev libecpg6 libpgtypes3 libpq-dev libpq5 postgresql-12 postgresql-client-12 postgresql-plperl-12 postgresql-plpython3-12 postgresql-pltcl-12 postgresql-server-dev-12 Architecture: ppc64el ppc64el_translations Version: 12.17-0ubuntu0.20.04.1 Distribution: focal Urgency: medium Maintainer: Launchpad Build Daemon Changed-By: Sergio Durigan Junior Description: libecpg-compat3 - older version of run-time library for ECPG programs libecpg-dev - development files for ECPG (Embedded PostgreSQL for C) libecpg6 - run-time library for ECPG programs libpgtypes3 - shared library libpgtypes for PostgreSQL 12 libpq-dev - header files for libpq5 (PostgreSQL library) libpq5 - PostgreSQL C client library postgresql-12 - object-relational SQL database, version 12 server postgresql-client-12 - front-end programs for PostgreSQL 12 postgresql-plperl-12 - PL/Perl procedural language for PostgreSQL 12 postgresql-plpython3-12 - PL/Python 3 procedural language for PostgreSQL 12 postgresql-pltcl-12 - PL/Tcl procedural language for PostgreSQL 12 postgresql-server-dev-12 - development files for PostgreSQL 12 server-side programming Launchpad-Bugs-Fixed: 2040469 Changes: postgresql-12 (12.17-0ubuntu0.20.04.1) focal-security; urgency=medium . * New upstream version (LP: #2040469). . + A dump/restore is not required for those running 12.X. . + However, if you use GiST indexes, it may be advisable to reindex them. . + Also, if you are upgrading from a version earlier than 12.16, see those release notes as well please. . + Fix handling of unknown-type arguments in DISTINCT "any" aggregate functions (Tom Lane) . This error led to a text-type value being interpreted as an unknown-type value (that is, a zero-terminated string) at runtime. This could result in disclosure of server memory following the text value. (CVE-2023-5868) . + Detect integer overflow while computing new array dimensions (Tom Lane) . When assigning new elements to array subscripts that are outside the current array bounds, an undetected integer overflow could occur in edge cases. Memory stomps that are potentially exploitable for arbitrary code execution are possible, and so is disclosure of server memory. (CVE-2023-5869) . + Prevent the pg_signal_backend role from signalling background workers and autovacuum processes (Noah Misch, Jelte Fennema-Nio) . The documentation says that pg_signal_backend cannot issue signals to superuser-owned processes. It was able to signal these background processes, though, because they advertise a role OID of zero. Treat that as indicating superuser ownership. The security implications of cancelling one of these process types are fairly small so far as the core code goes (we'll just start another one), but extensions might add background workers that are more vulnerable. . Also ensure that the is_superuser parameter is set correctly in such processes. No specific security consequences are known for that oversight, but it might be significant for some extensions. (CVE-2023-5870) . + Fix misbehavior during recursive page split in GiST index build (Heikki Linnakangas) . Fix a case where the location of a page downlink was incorrectly tracked, and introduce some logic to allow recovering from such situations rather than silently doing the wrong thing. This error could result in incorrect answers from subsequent index searches. It may be advisable to reindex all GiST indexes after installing this update. . + Details about these and many further changes can be found at: https://www.postgresql.org/docs/12/release-12-17.html. . * d/p/libpgport-pkglibdir: Adjust patch to reflect upstream changes. . * d/p/50-per-version-dirs.patch: Adjust TestLib.pm's scan_server_header and check_pg_config to account for unrelocatability of pg_config. These changes are needed because, during build time, we want to be able to run the upstream tests using the pg_config binary from inside the "debian/" directory, but that doesn't work out of the box because it will print includedir paths that also point to "debian/", instead of to "/usr/include". Therefore, we need to catch this specific scenario and print the proper includedir paths instead. Checksums-Sha1: 01838609660b804402b30a36c7257a5c7104d527 19536 libecpg-compat3-dbgsym_12.17-0ubuntu0.20.04.1_ppc64el.ddeb 83fb87434173b671b005012fba3b7cef32e0f409 13296 libecpg-compat3_12.17-0ubuntu0.20.04.1_ppc64el.deb 71d88b850fce9ab0357a50cb949acedfea01958b 253448 libecpg-dev-dbgsym_12.17-0ubuntu0.20.04.1_ppc64el.ddeb ad4aca3672acdc0797228caaf05c9acd6823690c 243608 libecpg-dev_12.17-0ubuntu0.20.04.1_ppc64el.deb 5828f3ef1f6569c12257658bf207ca67d23dbb93 134936 libecpg6-dbgsym_12.17-0ubuntu0.20.04.1_ppc64el.ddeb 007846367976f6da13636797112d516aeffe95c7 47500 libecpg6_12.17-0ubuntu0.20.04.1_ppc64el.deb d16c5c4ed2b74ad8f6d9ba447a7e99a80db49d83 102020 libpgtypes3-dbgsym_12.17-0ubuntu0.20.04.1_ppc64el.ddeb 4cc13550088fc7e3877b71dbb3ea4694d5d33521 49072 libpgtypes3_12.17-0ubuntu0.20.04.1_ppc64el.deb c7c2b13115d5373fc6a4f1952ad68b144b615c42 153192 libpq-dev_12.17-0ubuntu0.20.04.1_ppc64el.deb 8cb9dd1ed81466103981e05bfa4cb57c715efd18 352228 libpq5-dbgsym_12.17-0ubuntu0.20.04.1_ppc64el.ddeb d8badd32f5bfe842d691de54779aca13a65899d3 133000 libpq5_12.17-0ubuntu0.20.04.1_ppc64el.deb 0225bd1f63b7844e4154a5f3f3404daa8339732a 23185292 postgresql-12-dbgsym_12.17-0ubuntu0.20.04.1_ppc64el.ddeb adcfb4c7e2f66b1aa353cab4effd014a44c44470 16970 postgresql-12_12.17-0ubuntu0.20.04.1_ppc64el.buildinfo b529b0b44163e8c91b16c502968d38263abf752d 14072684 postgresql-12_12.17-0ubuntu0.20.04.1_ppc64el.deb 29cc2a253e482d446818319edff741341b11f76d 8614118 postgresql-12_12.17-0ubuntu0.20.04.1_ppc64el_translations.tar.gz e338ac88eb96f637f140886c5ff030c36d25d6f5 2546936 postgresql-client-12-dbgsym_12.17-0ubuntu0.20.04.1_ppc64el.ddeb e651c73e4e1607f2f1acce20c072373da684f74b 1105772 postgresql-client-12_12.17-0ubuntu0.20.04.1_ppc64el.deb a7873e544642edbdbbde3b0abfbaf8cc9d99f7bd 272640 postgresql-plperl-12-dbgsym_12.17-0ubuntu0.20.04.1_ppc64el.ddeb d3ea490d7094c9fc88d91401d02405f142bcf7f7 69504 postgresql-plperl-12_12.17-0ubuntu0.20.04.1_ppc64el.deb 2e657d96694dee0ea6f117d7d86c4f840d3a1d80 357696 postgresql-plpython3-12-dbgsym_12.17-0ubuntu0.20.04.1_ppc64el.ddeb c5ea70d5f70f51490b587db5449e3cdbc41a2fb6 76132 postgresql-plpython3-12_12.17-0ubuntu0.20.04.1_ppc64el.deb c5e40a490ebbd5ffcb62ce0f71ee0ffc6cac9712 104368 postgresql-pltcl-12-dbgsym_12.17-0ubuntu0.20.04.1_ppc64el.ddeb 6dd26f6ffac161c1611d1f6af3da1913d53c8757 30404 postgresql-pltcl-12_12.17-0ubuntu0.20.04.1_ppc64el.deb fbd9b1b0d49720a5c2b722df0bcb27bf582efb3f 1012268 postgresql-server-dev-12_12.17-0ubuntu0.20.04.1_ppc64el.deb Checksums-Sha256: 1ba331a8e497b044b04759a281105b81fdb27c8ce2a2eaa5c4bac05613fc2e7f 19536 libecpg-compat3-dbgsym_12.17-0ubuntu0.20.04.1_ppc64el.ddeb c1a63ceca08bdc516242e3cb7c90070266738814c40b4e578e20b1b7cf0a7550 13296 libecpg-compat3_12.17-0ubuntu0.20.04.1_ppc64el.deb 8078108076f7ed4652216acb655b37738cb6640e1d81b1c18d6fedbacbdbfa66 253448 libecpg-dev-dbgsym_12.17-0ubuntu0.20.04.1_ppc64el.ddeb e9fff1e0ff3530236f1aaa6fdacabd9b02c1d76e7cf1569e2505606e2a61e337 243608 libecpg-dev_12.17-0ubuntu0.20.04.1_ppc64el.deb b29d2cdf4a8459982ad9288bd36b3668211b4c2640e6ef897dae62d8ba8b3a70 134936 libecpg6-dbgsym_12.17-0ubuntu0.20.04.1_ppc64el.ddeb 92090ed145e5a6cb4335cff09e213e485c473c7a0b3c6673f1a6995a9bcf3b52 47500 libecpg6_12.17-0ubuntu0.20.04.1_ppc64el.deb 30582eb98a26ad47e5b5e5fc6c250261b403fb78eccab36cb52bcaff4165100c 102020 libpgtypes3-dbgsym_12.17-0ubuntu0.20.04.1_ppc64el.ddeb e783285be46bdc9466d712b36cb151aeb2fef1c4947804f5b6a430701fd8cbed 49072 libpgtypes3_12.17-0ubuntu0.20.04.1_ppc64el.deb 22900b993d8ecedc18284948df5e39785e7683fe81d9536d19f20925d067fe58 153192 libpq-dev_12.17-0ubuntu0.20.04.1_ppc64el.deb f1dc766198f8182d228dc179a37b1b07256a7ef55d8c4cad8c15f03f738d894d 352228 libpq5-dbgsym_12.17-0ubuntu0.20.04.1_ppc64el.ddeb 3d5c88c977cc13cf3f7d53ce6b22a4d6b915323f6e4b1424249955f491cef6f2 133000 libpq5_12.17-0ubuntu0.20.04.1_ppc64el.deb baba8ef58089f719c5c16ee8c26e217176166cf4201a1cb62b59a90a5ebc2812 23185292 postgresql-12-dbgsym_12.17-0ubuntu0.20.04.1_ppc64el.ddeb 5e2c5303f269912022646034aa34386a9cba8d047ce03596c93e240c2e8e783d 16970 postgresql-12_12.17-0ubuntu0.20.04.1_ppc64el.buildinfo 42270c283dec457bdc2037fb8a8e04daae50bf67535891ef9153aa9811a51d4e 14072684 postgresql-12_12.17-0ubuntu0.20.04.1_ppc64el.deb 1e86482716f6b850354be4cdd1c4fdfac5b532ae43237c8beb55f3e8477bfc42 8614118 postgresql-12_12.17-0ubuntu0.20.04.1_ppc64el_translations.tar.gz 6fb6553400a10e4fd159cf4cdcbe6f44ceb1e13913bd168f8ebd1fdb02a30ba4 2546936 postgresql-client-12-dbgsym_12.17-0ubuntu0.20.04.1_ppc64el.ddeb 4b36a7f3d96595f44a98e4a634184799fb87d23fed0a22a26c673c7737f01c26 1105772 postgresql-client-12_12.17-0ubuntu0.20.04.1_ppc64el.deb 0aaa0b7dda61fc2bf62a112c8c34a9fe2f778f990398c85ec18ec6141e10f760 272640 postgresql-plperl-12-dbgsym_12.17-0ubuntu0.20.04.1_ppc64el.ddeb 3e4b2bfbd2058c8e0eb057412fc6464f3d2e2c16b4200cb27a77d8271c105cb0 69504 postgresql-plperl-12_12.17-0ubuntu0.20.04.1_ppc64el.deb 87f3adf5b2caa03523f67b4182b6a52c48ab4f1b2a6707e3d9f76bf98e11947a 357696 postgresql-plpython3-12-dbgsym_12.17-0ubuntu0.20.04.1_ppc64el.ddeb b026ebc52719cfdcbfc4cd8865e8b75c75b966de961a014d78181d1779446352 76132 postgresql-plpython3-12_12.17-0ubuntu0.20.04.1_ppc64el.deb d7bd41c8677b76c86520596ab2e9bd09f8da031f7710bd6b94a9b8dc7e1f7466 104368 postgresql-pltcl-12-dbgsym_12.17-0ubuntu0.20.04.1_ppc64el.ddeb 61ecffb1dec404f039667c3e75725801daa330eee49ac514e1430538fd3e8d72 30404 postgresql-pltcl-12_12.17-0ubuntu0.20.04.1_ppc64el.deb 775019de9376c6f2848ae43212aaf654f90ab94f12fb46a0629d6a437ec4dfd8 1012268 postgresql-server-dev-12_12.17-0ubuntu0.20.04.1_ppc64el.deb Files: 12f901903876ca3b23444a83687d513b 19536 debug optional libecpg-compat3-dbgsym_12.17-0ubuntu0.20.04.1_ppc64el.ddeb 4d1db03c015f3826ac02defff0813744 13296 libs optional libecpg-compat3_12.17-0ubuntu0.20.04.1_ppc64el.deb 5dc322e1618675fc99188c4321ce4d2d 253448 debug optional libecpg-dev-dbgsym_12.17-0ubuntu0.20.04.1_ppc64el.ddeb ea9618b3c2f2c1c1a33cccb6a3a7fbd4 243608 libdevel optional libecpg-dev_12.17-0ubuntu0.20.04.1_ppc64el.deb c747c9647053218a78546299fb2506c2 134936 debug optional libecpg6-dbgsym_12.17-0ubuntu0.20.04.1_ppc64el.ddeb 76f68f1ebaebffafe2caa7f015882f4f 47500 libs optional libecpg6_12.17-0ubuntu0.20.04.1_ppc64el.deb d44bb602bba348a0f7b530c58c767298 102020 debug optional libpgtypes3-dbgsym_12.17-0ubuntu0.20.04.1_ppc64el.ddeb 7a3d0beef4655a0ff421b058511b0af0 49072 libs optional libpgtypes3_12.17-0ubuntu0.20.04.1_ppc64el.deb a88f67cd99b8376ffe98e2125692ab9e 153192 libdevel optional libpq-dev_12.17-0ubuntu0.20.04.1_ppc64el.deb c5e7a1f65a8f29f400a7273d3ac5298d 352228 debug optional libpq5-dbgsym_12.17-0ubuntu0.20.04.1_ppc64el.ddeb 6da6005ef77edf753b8d708e3fe6ca4e 133000 libs optional libpq5_12.17-0ubuntu0.20.04.1_ppc64el.deb f936d44197c3548d072664e7ddada034 23185292 debug optional postgresql-12-dbgsym_12.17-0ubuntu0.20.04.1_ppc64el.ddeb c1482cb50d0e15660aa83732c64774eb 16970 database optional postgresql-12_12.17-0ubuntu0.20.04.1_ppc64el.buildinfo 686cedf04f8c711d207e2bc04ae0e48e 14072684 database optional postgresql-12_12.17-0ubuntu0.20.04.1_ppc64el.deb 038005fda167eb4fe5f35c655a7d7bac 8614118 raw-translations - postgresql-12_12.17-0ubuntu0.20.04.1_ppc64el_translations.tar.gz 0b344d77b36e9b4895dc8ead0ea951fa 2546936 debug optional postgresql-client-12-dbgsym_12.17-0ubuntu0.20.04.1_ppc64el.ddeb ac641c8136787e3c70870ebd8386fa04 1105772 database optional postgresql-client-12_12.17-0ubuntu0.20.04.1_ppc64el.deb 8540c7f1efcee32261be2b8a8d0ccedd 272640 debug optional postgresql-plperl-12-dbgsym_12.17-0ubuntu0.20.04.1_ppc64el.ddeb 3f0c81e6ccac66dc825274162e042c1d 69504 database optional postgresql-plperl-12_12.17-0ubuntu0.20.04.1_ppc64el.deb 9dd731c5ed1728b43716ea34585b997d 357696 debug optional postgresql-plpython3-12-dbgsym_12.17-0ubuntu0.20.04.1_ppc64el.ddeb 67ad7eacc8813ec4a59a3f4892f203d0 76132 database optional postgresql-plpython3-12_12.17-0ubuntu0.20.04.1_ppc64el.deb 235aaa27b23667c87220b98599fc2f5e 104368 debug optional postgresql-pltcl-12-dbgsym_12.17-0ubuntu0.20.04.1_ppc64el.ddeb 74e0797a313702701ce256572a00575e 30404 database optional postgresql-pltcl-12_12.17-0ubuntu0.20.04.1_ppc64el.deb 545c7e25693760dc6770d5d4b7020d4b 1012268 libdevel optional postgresql-server-dev-12_12.17-0ubuntu0.20.04.1_ppc64el.deb Original-Maintainer: Debian PostgreSQL Maintainers