Package: release.debian.org Severity: normal Tags: trixie X-Debbugs-Cc: [email protected] Control: affects -1 + src:postgresql-17 User: [email protected] Usertags: pu
New postgresql-17 package with a few low-profile CVEs that didn't warrant a DSA. [ Tests ] Lots of upstream tests and extensive postgresql-common testsuite coverage. Christoph
diff --git a/debian/changelog b/debian/changelog index 6be7c5f..033ccb0 100644 --- a/debian/changelog +++ b/debian/changelog @@ -1,3 +1,66 @@ +postgresql-17 (17.6-0+deb13u1) trixie; urgency=medium + + * New upstream version 17.6. + + + Tighten security checks in planner estimation functions (Dean Rasheed) + + The fix for CVE-2017-7484, plus followup fixes, intended to prevent + leaky functions from being applied to statistics data for columns that + the calling user does not have permission to read. Two gaps in that + protection have been found. One gap applies to partitioning and + inheritance hierarchies where RLS policies on the tables should restrict + access to statistics data, but did not. + + The other gap applies to cases where the query accesses a table via a + view, and the view owner has permissions to read the underlying table + but the calling user does not have permissions on the view. The view + owner's permissions satisfied the security checks, and the leaky + function would get applied to the underlying table's statistics before + we check the calling user's permissions on the view. This has been + fixed by making security checks on views occur at the start of planning. + That might cause permissions failures to occur earlier than before. + + The PostgreSQL Project thanks Dean Rasheed for reporting this problem. + (CVE-2025-8713) + + + Prevent pg_dump scripts from being used to attack the user running the + restore (Nathan Bossart) + + Since dump/restore operations typically involve running SQL commands as + superuser, the target database installation must trust the source + server. However, it does not follow that the operating system user who + executes psql to perform the restore should have to trust the source + server. The risk here is that an attacker who has gained + superuser-level control over the source server might be able to cause it + to emit text that would be interpreted as psql meta-commands. That would + provide shell-level access to the restoring user's own account, + independently of access to the target database. + + To provide a positive guarantee that this can't happen, extend psql with + a \restrict command that prevents execution of further meta-commands, + and teach pg_dump to issue that before any data coming from the source + server. + + The PostgreSQL Project thanks Martin Rakhmanov, Matthieu Denais, and + RyotaK for reporting this problem. (CVE-2025-8714) + + + Convert newlines to spaces in names included in comments in pg_dump + output (Noah Misch) + + Object names containing newlines offered the ability to inject arbitrary + SQL commands into the output script. (Without the preceding fix, + injection of psql meta-commands would also be possible this way.) + CVE-2012-0868 fixed this class of problem at the time, but later work + reintroduced several cases. + + The PostgreSQL Project thanks Noah Misch for reporting this problem. + (CVE-2025-8715) + + * Add Turkish debconf translation by Atila KOÇ, thanks! (Closes: #1107984) + * Drop hurd-iovec patch, implemented upstream. + + -- Christoph Berg <[email protected]> Wed, 13 Aug 2025 13:03:55 +0200 + postgresql-17 (17.5-1) unstable; urgency=medium * New upstream version 17.5. diff --git a/debian/patches/hurd-iovec b/debian/patches/hurd-iovec deleted file mode 100644 index e5255f0..0000000 --- a/debian/patches/hurd-iovec +++ /dev/null @@ -1,26 +0,0 @@ -hurd-i386 does not define IOV_MAX - ---- a/src/include/port/pg_iovec.h -+++ b/src/include/port/pg_iovec.h -@@ -20,9 +20,6 @@ - - #else - --/* POSIX requires at least 16 as a maximum iovcnt. */ --#define IOV_MAX 16 -- - /* Define our own POSIX-compatible iovec struct. */ - struct iovec - { -@@ -32,6 +29,11 @@ struct iovec - - #endif - -+/* POSIX requires at least 16 as a maximum iovcnt. */ -+#ifndef IOV_MAX -+#define IOV_MAX 16 -+#endif -+ - /* Define a reasonable maximum that is safe to use on the stack. */ - #define PG_IOV_MAX Min(IOV_MAX, 32) - diff --git a/debian/patches/series b/debian/patches/series index e1346aa..988f8dc 100644 --- a/debian/patches/series +++ b/debian/patches/series @@ -10,5 +10,4 @@ extension_destdir autoconf2.69 focal-arm64-outline-atomics jit-s390x -hurd-iovec pgstat-report-conflicts-immediately.patch diff --git a/debian/po/tr.po b/debian/po/tr.po new file mode 100644 index 0000000..e0bc253 --- /dev/null +++ b/debian/po/tr.po @@ -0,0 +1,41 @@ +# Turkish debconf translation of postgresql +# Copyright (C) 2025 Debian Turkish L10n Team +# This file is distributed under the same license as the postgresql package. +# +# Translators: +# Atila KOÇ <[email protected]>, 2025. +# +msgid "" +msgstr "" +"Project-Id-Version: postgresql 17\n" +"Report-Msgid-Bugs-To: \n" +"POT-Creation-Date: 2025-04-29 17:06+0000\n" +"PO-Revision-Date: 2025-05-18 11:57+0300\n" +"Last-Translator: Atila KOÇ <[email protected]>\n" +"Language-Team: Turkish <[email protected]>\n" +"Language: tr\n" +"MIME-Version: 1.0\n" +"Content-Type: text/plain; charset=UTF-8\n" +"Content-Transfer-Encoding: 8bit\n" +"Plural-Forms: nplurals=2; plural=(n > 1);\n" +"X-Generator: Poedit 3.6\n" + +#. Type: boolean +#. Description +#: ../postgresql-17.templates:1001 +msgid "Remove PostgreSQL directories when package is purged?" +msgstr "" +"PostgreSQL paketi temizlenerek kaldırıldığında, dizinleri de silinsin mi?" + +#. Type: boolean +#. Description +#: ../postgresql-17.templates:1001 +msgid "" +"Removing the PostgreSQL server package will leave existing database clusters " +"intact, i.e. their configuration, data, and log directories will not be " +"removed. On purging the package, the directories can optionally be removed." +msgstr "" +"PostgreSQL sunucu paketi kaldırıldığında varolan veritabanı kümelerini " +"öylece bırakır; örneğin onların yapılandırma dosyaları, verileri ve kayıt " +"dizinleri silinmez. Paket temizlenerek kaldırıldığında ise, bu dizinler " +"isteğe bağlı olarak silinebilir."
