-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA512

Format: 1.8
Date: Tue, 01 Dec 2020 10:04:12 +0100
Source: postgresql-11
Binary: libecpg-compat3 libecpg-compat3-dbgsym libecpg-dev libecpg-dev-dbgsym libecpg6 libecpg6-dbgsym libpgtypes3 libpgtypes3-dbgsym libpq-dev libpq5 libpq5-dbgsym postgresql-11 postgresql-11-dbgsym postgresql-client-11 postgresql-client-11-dbgsym postgresql-plperl-11 postgresql-plperl-11-dbgsym postgresql-plpython-11 postgresql-plpython-11-dbgsym postgresql-plpython3-11 postgresql-plpython3-11-dbgsym postgresql-pltcl-11 postgresql-pltcl-11-dbgsym postgresql-server-dev-11 postgresql-server-dev-11-dbgsym
Architecture: arm64
Version: 11.10-0+deb10u1
Distribution: buster
Urgency: medium
Maintainer: arm Build Daemon (arm-arm-04) <buildd_arm64-arm-arm-04@buildd.debian.org>
Changed-By: Christoph Berg <myon@debian.org>
Description:
 libecpg-compat3 - older version of run-time library for ECPG programs
 libecpg-dev - development files for ECPG (Embedded PostgreSQL for C)
 libecpg6   - run-time library for ECPG programs
 libpgtypes3 - shared library libpgtypes for PostgreSQL 11
 libpq-dev  - header files for libpq5 (PostgreSQL library)
 libpq5     - PostgreSQL C client library
 postgresql-11 - object-relational SQL database, version 11 server
 postgresql-client-11 - front-end programs for PostgreSQL 11
 postgresql-plperl-11 - PL/Perl procedural language for PostgreSQL 11
 postgresql-plpython-11 - PL/Python procedural language for PostgreSQL 11
 postgresql-plpython3-11 - PL/Python 3 procedural language for PostgreSQL 11
 postgresql-pltcl-11 - PL/Tcl procedural language for PostgreSQL 11
 postgresql-server-dev-11 - development files for PostgreSQL 11 server-side programming
Closes: 974063
Changes:
 postgresql-11 (11.10-0+deb10u1) buster; urgency=medium
 .
   * New upstream version.
     + Fixes timetz regression test failures. (Closes: #974063)
 .
     + Block DECLARE CURSOR ... WITH HOLD and firing of deferred triggers
       within index expressions and materialized view queries (Noah Misch)
 .
       This is essentially a leak in the security restricted operation sandbox
       mechanism.  An attacker having permission to create non-temporary SQL
       objects could parlay this leak to execute arbitrary SQL code as a
       superuser.
 .
       The PostgreSQL Project thanks Etienne Stalmans for reporting this
       problem. (CVE-2020-25695)
 .
     + Fix usage of complex connection-string parameters in pg_dump,
       pg_restore, clusterdb, reindexdb, and vacuumdb (Tom Lane)
 .
       The -d parameter of pg_dump and pg_restore, or the --maintenance-db
       parameter of the other programs mentioned, can be a connection string
       containing multiple connection parameters rather than just a database
       name.  In cases where these programs need to initiate additional
       connections, such as parallel processing or processing of multiple
       databases, the connection string was forgotten and just the basic
       connection parameters (database name, host, port, and username) were
       used for the additional connections.  This could lead to connection
       failures if the connection string included any other essential
       information, such as non-default SSL or GSS parameters. Worse, the
       connection might succeed but not be encrypted as intended, or be
       vulnerable to man-in-the-middle attacks that the intended connection
       parameters would have prevented. (CVE-2020-25694)
 .
     + When psql's \connect command re-uses connection parameters, ensure that
       all non-overridden parameters from a previous connection string are
       re-used (Tom Lane)
 .
       This avoids cases where reconnection might fail due to omission of
       relevant parameters, such as non-default SSL or GSS options. Worse, the
       reconnection might succeed but not be encrypted as intended, or be
       vulnerable to man-in-the-middle attacks that the intended connection
       parameters would have prevented. This is largely the same problem as
       just cited for pg_dump et al, although psql's behavior is more complex
       since the user may intentionally override some connection parameters.
       (CVE-2020-25694)
 .
     + Prevent psql's \gset command from modifying specially-treated variables
       (Noah Misch)
 .
       \gset without a prefix would overwrite whatever variables the server
       told it to.  Thus, a compromised server could set specially-treated
       variables such as PROMPT1, giving the ability to execute arbitrary shell
       code in the user's session.
 .
       The PostgreSQL Project thanks Nick Cleaton for reporting this problem.
       (CVE-2020-25696)
Checksums-Sha1:
 2b41aa428bd75db791c8213ade8b58391c8a1198 19168 libecpg-compat3-dbgsym_11.10-0+deb10u1_arm64.deb
 6895127dcde4f7631fbeefeaf2c9ea8779817bc2 18308 libecpg-compat3_11.10-0+deb10u1_arm64.deb
 7e78252f756af1e1d819b74f3ed3c55a29bfdc25 207236 libecpg-dev-dbgsym_11.10-0+deb10u1_arm64.deb
 e2e387295cad0785302793d6ee1d99108bda1351 225436 libecpg-dev_11.10-0+deb10u1_arm64.deb
 0745a4b15bbead864580867be7c32be4b8bef41e 112468 libecpg6-dbgsym_11.10-0+deb10u1_arm64.deb
 66c4cb84d80c466326dcc7963e89d30881926c3b 85628 libecpg6_11.10-0+deb10u1_arm64.deb
 4b7c38248c49597a680a69c7ec64198dea646141 77124 libpgtypes3-dbgsym_11.10-0+deb10u1_arm64.deb
 01d1aa5ce22bd2a58c68df1c79e538bd7fcaf3f6 39376 libpgtypes3_11.10-0+deb10u1_arm64.deb
 98acef0c0206faf9c459b6ff52bd24c3f43452b4 161344 libpq-dev_11.10-0+deb10u1_arm64.deb
 a49bae64db8226857821b10082905bdd460304b6 294664 libpq5-dbgsym_11.10-0+deb10u1_arm64.deb
 8cd166a7ad066a00b93d24189481d259d5ec6125 162128 libpq5_11.10-0+deb10u1_arm64.deb
 eefee30a02e9431598f3c4c4a17c3f6354bd53f6 19262144 postgresql-11-dbgsym_11.10-0+deb10u1_arm64.deb
 ffbb3ba5ddbe99438825126ef9a0e1febd3405fc 16417 postgresql-11_11.10-0+deb10u1_arm64-buildd.buildinfo
 ca3473bf231ef7483273491db6958c620a287d19 13739020 postgresql-11_11.10-0+deb10u1_arm64.deb
 1d0eea66d37b6b3358e6b0a0517688e51ecd629d 1914504 postgresql-client-11-dbgsym_11.10-0+deb10u1_arm64.deb
 a5091e6cd4a04e8708afb2102d49cb51c5fea510 1375172 postgresql-client-11_11.10-0+deb10u1_arm64.deb
 82fbd058a556b0b9932c1f751888d371c4cd8c60 246636 postgresql-plperl-11-dbgsym_11.10-0+deb10u1_arm64.deb
 dc503ac3b6ddfa76777ef8dca7aef58ca9abd4f3 63760 postgresql-plperl-11_11.10-0+deb10u1_arm64.deb
 8833a03551e400d123e3e482a869d7a9392825b3 306964 postgresql-plpython-11-dbgsym_11.10-0+deb10u1_arm64.deb
 3b53b01a914cc423ece32c00d185d175d3bbf8ef 53740 postgresql-plpython-11_11.10-0+deb10u1_arm64.deb
 fb2e93d2190651faf16454972c2ad7dece6486d2 334232 postgresql-plpython3-11-dbgsym_11.10-0+deb10u1_arm64.deb
 9fe18a86c12daa2753f4738aaf823dc7041bedbe 69760 postgresql-plpython3-11_11.10-0+deb10u1_arm64.deb
 b65d8fbf4d3a88c01289a9385f3afa863c3ece46 99476 postgresql-pltcl-11-dbgsym_11.10-0+deb10u1_arm64.deb
 8353aad18f210518d730f513141f75f67f5313d2 38132 postgresql-pltcl-11_11.10-0+deb10u1_arm64.deb
 05819099d7f7653276bd0ba1dabad0f325746999 104404 postgresql-server-dev-11-dbgsym_11.10-0+deb10u1_arm64.deb
 bc36798b05f6701510a15971e736a9f666090214 936436 postgresql-server-dev-11_11.10-0+deb10u1_arm64.deb
Checksums-Sha256:
 2ac24355964aba6181f78a55865d45330f817e90819e887ec0e9118d5edd1709 19168 libecpg-compat3-dbgsym_11.10-0+deb10u1_arm64.deb
 6e97b8568c7356f9ff4c214de82f3e3bd5ed00f00b19c4b6ca7c7618b63da493 18308 libecpg-compat3_11.10-0+deb10u1_arm64.deb
 0eb3d60d3f7c7d95ccbd7327dff1fafefed5d5295e035d2eec42280e52a92ece 207236 libecpg-dev-dbgsym_11.10-0+deb10u1_arm64.deb
 6b044f56514cdaac802966bb460a11a0b7c415ee3b6e036e8c0b0b5d33e6aa76 225436 libecpg-dev_11.10-0+deb10u1_arm64.deb
 5de69cd1cea590e84e1437b36c168d6c9772425de66c36d30c9ab947e6ba0fea 112468 libecpg6-dbgsym_11.10-0+deb10u1_arm64.deb
 5a5431c28f0e4e96ee64ff45d891431bb36290f15cedd9147efb060393a3dbac 85628 libecpg6_11.10-0+deb10u1_arm64.deb
 53c29e65e38a8c6c57a5ad1c4bba6c66bcc3d0ff819133be3772df3b43ddb438 77124 libpgtypes3-dbgsym_11.10-0+deb10u1_arm64.deb
 b712447f1cf78cba98c47aff7223121702021e360abc80a754d9a51bbdf5f465 39376 libpgtypes3_11.10-0+deb10u1_arm64.deb
 37ade5b851fd7650baf31e6a2426589b79f011662f4a743e885c1af3fe2c9051 161344 libpq-dev_11.10-0+deb10u1_arm64.deb
 9d2359bb92386ad910c44de5f2e8fea38e5584298f3b4bef699e3f9a66f979b1 294664 libpq5-dbgsym_11.10-0+deb10u1_arm64.deb
 f7154b3e46d76d656d258edfe3a324f52bd879d52965198395ed383c1db51ebe 162128 libpq5_11.10-0+deb10u1_arm64.deb
 cfa50a8b8bd5516bf6d6edb22261308c776f2f21a91e45b8731ed7b04930487d 19262144 postgresql-11-dbgsym_11.10-0+deb10u1_arm64.deb
 593d972abb233325f344f6da1bc69ee594255ba7722246a7b7a83ad776331127 16417 postgresql-11_11.10-0+deb10u1_arm64-buildd.buildinfo
 030fb7a436759678c9ac2eb26213fde4ed85317e44d359515c26e9f9041fce08 13739020 postgresql-11_11.10-0+deb10u1_arm64.deb
 27822cad995b0bb6079ad0f721227382085f0640b6c6c203e8aaa52749111aed 1914504 postgresql-client-11-dbgsym_11.10-0+deb10u1_arm64.deb
 38c21966f3dd159a62dc82e3f5d2c0385705dc8a7c1eb81d3ea180667aded624 1375172 postgresql-client-11_11.10-0+deb10u1_arm64.deb
 c993701cef70474b54563209f5110c20271ee1d3a0078db3bb609557c7fa1058 246636 postgresql-plperl-11-dbgsym_11.10-0+deb10u1_arm64.deb
 a99dbb640011b8fc47179e0aaf66be9ec181963de7b66b1c2954be0f4e4a9384 63760 postgresql-plperl-11_11.10-0+deb10u1_arm64.deb
 5be1638fcbae24dc9f5d752e45a5afb647d8fef6ae6bb3915c9685dbfa64b489 306964 postgresql-plpython-11-dbgsym_11.10-0+deb10u1_arm64.deb
 25ebd3e44d07993c8ee23eb96edee35632016dd83d47342d480a5239c79f9c7c 53740 postgresql-plpython-11_11.10-0+deb10u1_arm64.deb
 b31dec0d6953f5c4d062a58ae64839d839d3276337e912bce5aedbf4e6cf3ac5 334232 postgresql-plpython3-11-dbgsym_11.10-0+deb10u1_arm64.deb
 2e9f95a71805f710e35d05ef66798739db1a2c9b4d122f49a6fe006030928795 69760 postgresql-plpython3-11_11.10-0+deb10u1_arm64.deb
 6042b1da7bb9affa57eb5fa28560f87357f8eb384852ec15a8ef04284bdadda6 99476 postgresql-pltcl-11-dbgsym_11.10-0+deb10u1_arm64.deb
 10709123def0f1ae47176be1dbe37784a8b43aa39fcba98662809554d0acddc9 38132 postgresql-pltcl-11_11.10-0+deb10u1_arm64.deb
 3245f6111bb8f24b2727aac7bc59c6d87d308ba6e91a822e0fba6875ba357f0e 104404 postgresql-server-dev-11-dbgsym_11.10-0+deb10u1_arm64.deb
 08cd747bf5df7d4fb2971a39998ab254b16bed6a0b2173d9623d353f85b6262a 936436 postgresql-server-dev-11_11.10-0+deb10u1_arm64.deb
Files:
 74e6f5ff5803117b91d77f13ac371149 19168 debug optional libecpg-compat3-dbgsym_11.10-0+deb10u1_arm64.deb
 49cec1021d1593093f77117ecab6466b 18308 libs optional libecpg-compat3_11.10-0+deb10u1_arm64.deb
 6c5230f7bfeadc28eda4d5bbfb5a87ea 207236 debug optional libecpg-dev-dbgsym_11.10-0+deb10u1_arm64.deb
 dd1eb1311287834f38c0f9afee249458 225436 libdevel optional libecpg-dev_11.10-0+deb10u1_arm64.deb
 f6b31ed75916b557bc99f5bf5711a19a 112468 debug optional libecpg6-dbgsym_11.10-0+deb10u1_arm64.deb
 b52e20217a5522f3956eb039d334a0a4 85628 libs optional libecpg6_11.10-0+deb10u1_arm64.deb
 ebe0cfddb200faff4bec8e2629b6d0a6 77124 debug optional libpgtypes3-dbgsym_11.10-0+deb10u1_arm64.deb
 531e598806a6201bae30781a8b07a255 39376 libs optional libpgtypes3_11.10-0+deb10u1_arm64.deb
 4b79afa93f179ab874f8777987305def 161344 libdevel optional libpq-dev_11.10-0+deb10u1_arm64.deb
 44ca068a288c384f1c9aaadcd487da87 294664 debug optional libpq5-dbgsym_11.10-0+deb10u1_arm64.deb
 8900e6ded1c05709b91643f84a357f03 162128 libs optional libpq5_11.10-0+deb10u1_arm64.deb
 0c40e73bbb2f4fba26f232d3353270e1 19262144 debug optional postgresql-11-dbgsym_11.10-0+deb10u1_arm64.deb
 5b5305274cc1f8c044d27999092a4d60 16417 database optional postgresql-11_11.10-0+deb10u1_arm64-buildd.buildinfo
 497e446d4d9c3cabe8fcab3715110619 13739020 database optional postgresql-11_11.10-0+deb10u1_arm64.deb
 a1d1c9c0f9a19c7a9603bf54a8d4e49c 1914504 debug optional postgresql-client-11-dbgsym_11.10-0+deb10u1_arm64.deb
 4fbd4edb1444845ef6bfded769de09e2 1375172 database optional postgresql-client-11_11.10-0+deb10u1_arm64.deb
 78d4a1fb53c890856f6acd034ee6ac32 246636 debug optional postgresql-plperl-11-dbgsym_11.10-0+deb10u1_arm64.deb
 c7d663c43952ae836a40efd88b1f8b9b 63760 database optional postgresql-plperl-11_11.10-0+deb10u1_arm64.deb
 a2b873353c9a689ecae3e8fea2f1793e 306964 debug optional postgresql-plpython-11-dbgsym_11.10-0+deb10u1_arm64.deb
 d41fe60a4f91266953bbf87d1a9d7f2b 53740 database optional postgresql-plpython-11_11.10-0+deb10u1_arm64.deb
 e3884dcb9902c5aa3c312a1c7a3b064b 334232 debug optional postgresql-plpython3-11-dbgsym_11.10-0+deb10u1_arm64.deb
 acf2b084c543bff498e5778456ce4b43 69760 database optional postgresql-plpython3-11_11.10-0+deb10u1_arm64.deb
 c315e036f67427b2d764dc678c059a88 99476 debug optional postgresql-pltcl-11-dbgsym_11.10-0+deb10u1_arm64.deb
 a06778dda243719be75ef46b3c15b5df 38132 database optional postgresql-pltcl-11_11.10-0+deb10u1_arm64.deb
 0373e9f8b7902b8c7ace10b9758552a1 104404 debug optional postgresql-server-dev-11-dbgsym_11.10-0+deb10u1_arm64.deb
 1c611d7982face3ac7c29f54caf93a38 936436 libdevel optional postgresql-server-dev-11_11.10-0+deb10u1_arm64.deb

-----BEGIN PGP SIGNATURE-----

iQIzBAEBCgAdFiEERSHeCaz1VetCmLWuPwOtoMI3ZYAFAl/Nn6IACgkQPwOtoMI3
ZYAqRxAA3N/S/nMancIeQ5fUHru0/4zOulQndgZOLOuYpupI/RXRIfQUaTo09Bd4
KfNzyaSWKxZOpkxLNOFFwAJt6cJNtmBMG385xarexyPys4Y5XKKTzFFRtqThHPTG
jETgCdnpP1PE0DzS50nINKicANKPCYNJ4v8olk1T/hAClZuuzPTmJqF+Jy2Yc4z2
aMLzSN/5/YUv623SqzSz9iYCfZRJXvFIFlrtN7Jr+afb296e1VpZYvnOnsf3p9EV
26811+uAySZY3q+lGFYwXQ/WfwaOzV2cqY88xR8JZ6fhYk10neCHKIfaKd0fxo97
P0s8E8QWmlwqOT2OOLym18pXUXYj55oohY2N6ncgtHraS3waRUw8tnv84cdhkXUy
SlgvnHE16V8iDVCX1B2IYfsFbZhdv33sm5RN7sYhfUnZD00F+wUBV8jfyYB4js4M
pittN1Y1Dt+NWwiDs8KHuV/ap1s6eo1+bJzYxITNikfcfpSYzREIpak0KYhXseqw
RmIdvNiwkiePwjWV0L2YI6AXJD7XGTvenDf3KhfSw0BEd+E1NX0u6zzwuMKg+ouZ
jQk8ZvFYDy7BIzyI1LSgIL0nGvqlkWnseWYsRNgeCefe/YKPDCv0yeHYn0jSFE65
Ak2IRh87gxLfR/JP72LgL6zpzcX1dYJubFO7OkW2x3Hlq5gCkVk=
=HWkm
-----END PGP SIGNATURE-----