Accepted postgresql-17 17.4-1 (source) into unstable

Thu, 20 Feb 2025 06:50:17 -0800 

-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA512

Format: 1.8
Date: Thu, 20 Feb 2025 12:22:31 +0100
Source: postgresql-17
Architecture: source
Version: 17.4-1
Distribution: unstable
Urgency: medium
Maintainer: Debian PostgreSQL Maintainers <team+postgre...@tracker.debian.org>
Changed-By: Christoph Berg <m...@debian.org>
Closes: 1096243
Changes:
 postgresql-17 (17.4-1) unstable; urgency=medium
 .
   * New upstream version 17.4.
 .
     + Improve behavior of libpq's quoting functions (Andres Freund, Tom Lane)
 .
       The changes made for CVE-2025-1094 had one serious oversight:
       PQescapeLiteral() and PQescapeIdentifier() failed to honor their string
       length parameter, instead always reading to the input string's trailing
       null.  This resulted in including unwanted text in the output, if the
       caller intended to truncate the string via the length parameter.  With
       very bad luck it could cause a crash due to reading off the end of
       memory.
 .
       In addition, modify all these quoting functions so that when invalid
       encoding is detected, an invalid sequence is substituted for just the
       first byte of the presumed character, not all of it.  This reduces the
       risk of problems if a calling application performs additional processing
       on the quoted string.
 .
   * Build-depend on openssl. (Closes: #1096243)
   * Added po-debconf Catalan translation by Carles Pina i Estany, thanks!
Checksums-Sha1:
 f82eecda902e670859e021c94c0928386c1678ce 4245 postgresql-17_17.4-1.dsc
 fa4c871a9bf9de36c11992d80e054f07d95fffa5 21519810 
postgresql-17_17.4.orig.tar.bz2
 2452cd0f9937c11238b03ed5bd26029f3f8b4d2e 27248 
postgresql-17_17.4-1.debian.tar.xz
Checksums-Sha256:
 0dcc2ad1fbbc28312d47c5e5454859c99074b0ed4eb34519e6419b09656e70ce 4245 
postgresql-17_17.4-1.dsc
 c4605b73fea11963406699f949b966e5d173a7ee0ccaef8938dec0ca8a995fe7 21519810 
postgresql-17_17.4.orig.tar.bz2
 b648e84ce8dea0e4403797a8f8ba6477426ba6c2840fdc84e3578bad3b010f80 27248 
postgresql-17_17.4-1.debian.tar.xz
Files:
 f61d203b2b2bb66ffba1753f8b0be5e8 4245 database optional 
postgresql-17_17.4-1.dsc
 4d5f4119cabe4adeb5ce8b5377928578 21519810 database optional 
postgresql-17_17.4.orig.tar.bz2
 2431977491ea6d5b1fb134d3353825f2 27248 database optional 
postgresql-17_17.4-1.debian.tar.xz

-----BEGIN PGP SIGNATURE-----

iQIzBAEBCgAdFiEEXEj+YVf0kXlZcIfGTFprqxLSp64FAme3NoIACgkQTFprqxLS
p67fwQ/+LpRfxFBdnfep3Gl2LTZ2O4WxtVRR49hOPB5LL0z4jzTBLq7h5XE8p9UQ
cmyBOn2YtodFqVqtiU/gTCbZY+FxWwQg3hr7+D3SLd0r1o4JMN0VUIWZDVp9YDfx
vuWrirNpCRtdTfAmIE402JxmcCi6zhigm3IOhnJqr0CKsj3qejVWCaNmQ5cj73bG
iMrpgfdYOC9Q5PMUBuPBpra0DYUfKLjyFOcwnJERwuCtTbNmFpdqZhU71P2JQTYe
8HP23ebDM4IaRKVYGXLFOq1NP7e9MV4yqYpA0y3+dQfMhceaWUrct+TZmgAUM+c0
sPxGrL5l7VBhAr2CxkiTXDMg5YfJBZ3tqonM6bj68Sy0jCRP/d7/8M8sc93eGgf4
vlCeEwU6JvWAkc5BfzFnMC7TVB/xer5XdsIimhOL+zXEoSg22yp7c2zhF2lk/zcV
rTEXlW4HrcckMdMcGqH9OlOmuif9fdCz47iIME7zliGi8oScTFcf841j6cUDl4Ou
xBkQ3Qb2dRpgfa13au1H6fLhcNAfWTw28NMrOeaZqMc/JSUzNTqZas3JkbJPsixK
T/oZneEz3cpBM/0LM+y0tY4dE6zhv0uo26bB9Qy+5nrSJ8ZthveD0Y3mJxpWmAfx
NorXTsJRi+pt8K6mVfUoqwkgp3ppKcJgiTc9WB9bi/mnGbLpWfA=
=XU2X
-----END PGP SIGNATURE-----

Attachment: pgpG6W75R9TN6.pgp
Description: PGP signature

Reply via email to