-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA512

Format: 1.8
Date: Tue, 01 Dec 2020 10:04:12 +0100
Source: postgresql-11
Binary: libecpg-compat3 libecpg-compat3-dbgsym libecpg-dev libecpg-dev-dbgsym libecpg6 libecpg6-dbgsym libpgtypes3 libpgtypes3-dbgsym libpq-dev libpq5 libpq5-dbgsym postgresql-11 postgresql-11-dbgsym postgresql-client-11 postgresql-client-11-dbgsym postgresql-plperl-11 postgresql-plperl-11-dbgsym postgresql-plpython-11 postgresql-plpython-11-dbgsym postgresql-plpython3-11 postgresql-plpython3-11-dbgsym postgresql-pltcl-11 postgresql-pltcl-11-dbgsym postgresql-server-dev-11 postgresql-server-dev-11-dbgsym
Architecture: mips
Version: 11.10-0+deb10u1
Distribution: buster
Urgency: medium
Maintainer: mips Build Daemon (mips-manda-01) <buildd_mips-mips-manda-01@buildd.debian.org>
Changed-By: Christoph Berg <myon@debian.org>
Description:
 libecpg-compat3 - older version of run-time library for ECPG programs
 libecpg-dev - development files for ECPG (Embedded PostgreSQL for C)
 libecpg6   - run-time library for ECPG programs
 libpgtypes3 - shared library libpgtypes for PostgreSQL 11
 libpq-dev  - header files for libpq5 (PostgreSQL library)
 libpq5     - PostgreSQL C client library
 postgresql-11 - object-relational SQL database, version 11 server
 postgresql-client-11 - front-end programs for PostgreSQL 11
 postgresql-plperl-11 - PL/Perl procedural language for PostgreSQL 11
 postgresql-plpython-11 - PL/Python procedural language for PostgreSQL 11
 postgresql-plpython3-11 - PL/Python 3 procedural language for PostgreSQL 11
 postgresql-pltcl-11 - PL/Tcl procedural language for PostgreSQL 11
 postgresql-server-dev-11 - development files for PostgreSQL 11 server-side programming
Closes: 974063
Changes:
 postgresql-11 (11.10-0+deb10u1) buster; urgency=medium
 .
   * New upstream version.
     + Fixes timetz regression test failures. (Closes: #974063)
 .
     + Block DECLARE CURSOR ... WITH HOLD and firing of deferred triggers
       within index expressions and materialized view queries (Noah Misch)
 .
       This is essentially a leak in the security restricted operation sandbox
       mechanism.  An attacker having permission to create non-temporary SQL
       objects could parlay this leak to execute arbitrary SQL code as a
       superuser.
 .
       The PostgreSQL Project thanks Etienne Stalmans for reporting this
       problem. (CVE-2020-25695)
 .
     + Fix usage of complex connection-string parameters in pg_dump,
       pg_restore, clusterdb, reindexdb, and vacuumdb (Tom Lane)
 .
       The -d parameter of pg_dump and pg_restore, or the --maintenance-db
       parameter of the other programs mentioned, can be a connection string
       containing multiple connection parameters rather than just a database
       name.  In cases where these programs need to initiate additional
       connections, such as parallel processing or processing of multiple
       databases, the connection string was forgotten and just the basic
       connection parameters (database name, host, port, and username) were
       used for the additional connections.  This could lead to connection
       failures if the connection string included any other essential
       information, such as non-default SSL or GSS parameters. Worse, the
       connection might succeed but not be encrypted as intended, or be
       vulnerable to man-in-the-middle attacks that the intended connection
       parameters would have prevented. (CVE-2020-25694)
 .
     + When psql's \connect command re-uses connection parameters, ensure that
       all non-overridden parameters from a previous connection string are
       re-used (Tom Lane)
 .
       This avoids cases where reconnection might fail due to omission of
       relevant parameters, such as non-default SSL or GSS options. Worse, the
       reconnection might succeed but not be encrypted as intended, or be
       vulnerable to man-in-the-middle attacks that the intended connection
       parameters would have prevented. This is largely the same problem as
       just cited for pg_dump et al, although psql's behavior is more complex
       since the user may intentionally override some connection parameters.
       (CVE-2020-25694)
 .
     + Prevent psql's \gset command from modifying specially-treated variables
       (Noah Misch)
 .
       \gset without a prefix would overwrite whatever variables the server
       told it to.  Thus, a compromised server could set specially-treated
       variables such as PROMPT1, giving the ability to execute arbitrary shell
       code in the user's session.
 .
       The PostgreSQL Project thanks Nick Cleaton for reporting this problem.
       (CVE-2020-25696)
Checksums-Sha1:
 684678c1acaf992090ded41cb5f8feb2ed7babfa 18776 libecpg-compat3-dbgsym_11.10-0+deb10u1_mips.deb
 d45c7fad9f33e7cad226b75df658072a3ccb37fb 17664 libecpg-compat3_11.10-0+deb10u1_mips.deb
 a6a5e7f57aa45b48e43326c90fdf66e09761dcc7 258896 libecpg-dev-dbgsym_11.10-0+deb10u1_mips.deb
 5a1d30489168d0fc0e9f15137e271f618845efb7 223204 libecpg-dev_11.10-0+deb10u1_mips.deb
 9caedcc5a543f7130349cd73368cb22a56f99601 111164 libecpg6-dbgsym_11.10-0+deb10u1_mips.deb
 3a3b142961ff1e018f2c0a76a41a784c873be232 84948 libecpg6_11.10-0+deb10u1_mips.deb
 6ea7d0a354fb97b1f136b82de9776f35356c02eb 79896 libpgtypes3-dbgsym_11.10-0+deb10u1_mips.deb
 c8dba961c9b20f90223a944d5eb8f69f41ba82ec 39988 libpgtypes3_11.10-0+deb10u1_mips.deb
 df46dcd16d42a1d4f1051ac73840e5a870ea4302 165708 libpq-dev_11.10-0+deb10u1_mips.deb
 c0e1f7f9b317bcb6baf46c145519425404554987 292456 libpq5-dbgsym_11.10-0+deb10u1_mips.deb
 3b2c684af4fd1ea203f2b648b30421a34daead51 156572 libpq5_11.10-0+deb10u1_mips.deb
 f124fa37392fafc803c718c9cedf66f0b4f99251 19202208 postgresql-11-dbgsym_11.10-0+deb10u1_mips.deb
 776d7c7ff66e4ff7436c937b6938982ef472ddd5 16329 postgresql-11_11.10-0+deb10u1_mips-buildd.buildinfo
 b0c6962e1c5648df4d8edbec0f0e388bf6b7e7e2 13596928 postgresql-11_11.10-0+deb10u1_mips.deb
 0d1c9d5e55d4fe96259a7e5d56781b6f0a0ac4e4 1936824 postgresql-client-11-dbgsym_11.10-0+deb10u1_mips.deb
 57f2025ab55d334e49ea255423a0909a552c6cba 1337236 postgresql-client-11_11.10-0+deb10u1_mips.deb
 2739aa3de1b5146813a20de097e281bca390974b 244180 postgresql-plperl-11-dbgsym_11.10-0+deb10u1_mips.deb
 eadd40b63690304ab90dbc2656cac58bdd2ce18b 60480 postgresql-plperl-11_11.10-0+deb10u1_mips.deb
 25718ff9eae44e541efcefcb0632ba400178f167 302168 postgresql-plpython-11-dbgsym_11.10-0+deb10u1_mips.deb
 5a8af654f49d706e24b10e97e7ee346954493cf4 50352 postgresql-plpython-11_11.10-0+deb10u1_mips.deb
 c5dad2e526c3ef0cddd9c4e8c44f0a53b560030f 330896 postgresql-plpython3-11-dbgsym_11.10-0+deb10u1_mips.deb
 e874ddc33ae511d9267414f3cb84c5cc4b76b086 66752 postgresql-plpython3-11_11.10-0+deb10u1_mips.deb
 4d17e8b2e11e1a2dcab41ad3bf310db1a030ccb8 97460 postgresql-pltcl-11-dbgsym_11.10-0+deb10u1_mips.deb
 3e7c40dcfb5ff3aef10797a1a645434df9610f0c 36520 postgresql-pltcl-11_11.10-0+deb10u1_mips.deb
 cc8310e67422f2c06bbbbd6f7b9a99d25370e00a 105456 postgresql-server-dev-11-dbgsym_11.10-0+deb10u1_mips.deb
 249fb1d246c47194bac5b7f8a7d77b06956044af 938192 postgresql-server-dev-11_11.10-0+deb10u1_mips.deb
Checksums-Sha256:
 3001a5ffec5973e15f8025e3548cdd12adfec49e85dc3a1d190e082c04a21f22 18776 libecpg-compat3-dbgsym_11.10-0+deb10u1_mips.deb
 5617197517251d3b6032bb02e91a835df5f1a55be4520515729be400b41afc1c 17664 libecpg-compat3_11.10-0+deb10u1_mips.deb
 0abce9a5be93fa598eab2c496ee39153ca56b2b2864dea8b4b487cab1dc10162 258896 libecpg-dev-dbgsym_11.10-0+deb10u1_mips.deb
 39a80f457cd76a68183160cbba7876c6436de62417f626cdff4b0286db6f2ad0 223204 libecpg-dev_11.10-0+deb10u1_mips.deb
 a304432fb59073567724a239bb2a454bac4495e0fb3007b06a6d4c40be51fc3a 111164 libecpg6-dbgsym_11.10-0+deb10u1_mips.deb
 695e225abb2d0f155520aa429bc0006552b0a6282421e22acb2016b0bad43a8e 84948 libecpg6_11.10-0+deb10u1_mips.deb
 02fb3de7bc8f63faea5ec08a308eabaa6795f8ac62deb5a5af5880d2fb095a8d 79896 libpgtypes3-dbgsym_11.10-0+deb10u1_mips.deb
 0ea32a58990c8084cb1a1c4ae97f1f96d17db4a8326a1d686e795212ccae8bca 39988 libpgtypes3_11.10-0+deb10u1_mips.deb
 33263cd058dfff3e1a23f0faca6de1a11c6b3edd8f64424e7dc85a391c9f68c3 165708 libpq-dev_11.10-0+deb10u1_mips.deb
 cfbbe211d38a85f46f672a0bc0ddcb7dddde78b1db97221d1370f477a3904dcb 292456 libpq5-dbgsym_11.10-0+deb10u1_mips.deb
 444253a97d0af61d6fc9dd93fc7ad0661fa7ab74d964cae76c03d1ee648ff144 156572 libpq5_11.10-0+deb10u1_mips.deb
 b0d2d66ea856671695f0a6e651670dbd1b64020b17e4145414c9ea8c6d6480c0 19202208 postgresql-11-dbgsym_11.10-0+deb10u1_mips.deb
 7978343803295dc8f9f50b7eb2bde5806063170475d2ef939c32e62f57b12744 16329 postgresql-11_11.10-0+deb10u1_mips-buildd.buildinfo
 a3f9245cede514a35b64667749cee4cdfec5292ec59f8ceba40bd64873ac9980 13596928 postgresql-11_11.10-0+deb10u1_mips.deb
 0127042cbb368b892550294d794e60fa64846a58c4889311f610cc52969e392f 1936824 postgresql-client-11-dbgsym_11.10-0+deb10u1_mips.deb
 867ad7b1ba1bdbd86830b5f5c5df3c1bee912292205ae8b30afb781d0cbbfd3b 1337236 postgresql-client-11_11.10-0+deb10u1_mips.deb
 534e11e256c14a65de818e180bcf766eee0dd0ee4a483c9af0e382072220c2ea 244180 postgresql-plperl-11-dbgsym_11.10-0+deb10u1_mips.deb
 36c0a4db212d329b2e54ca3fb345f71f85d4f31d3a8cb9c95eecdec28ecfc8a5 60480 postgresql-plperl-11_11.10-0+deb10u1_mips.deb
 0d2c31fba796130c9307f8a415d59be2ea3247bc16f2aee436efcf09c0d97131 302168 postgresql-plpython-11-dbgsym_11.10-0+deb10u1_mips.deb
 736bf42ecc546539e89038ea5b9b9e2e644c61b6ef52ec062f293322a9e30189 50352 postgresql-plpython-11_11.10-0+deb10u1_mips.deb
 d45f4d320be0a296ebf0482dfb8ace156e13b493ff20bd59091bf2d3c572cbbe 330896 postgresql-plpython3-11-dbgsym_11.10-0+deb10u1_mips.deb
 31f7430a20e4f6acb7f09e92b5b13538fe9f0e5da760b528f60d9baf1c8b1111 66752 postgresql-plpython3-11_11.10-0+deb10u1_mips.deb
 e3153e02db41f65342fcc36cbc8349454337340210467a858be040c51c377793 97460 postgresql-pltcl-11-dbgsym_11.10-0+deb10u1_mips.deb
 d1f6bc3c9a1ee1ddf55ae17e61488ff71be618b13f89dc8e79f2aff1d6124af3 36520 postgresql-pltcl-11_11.10-0+deb10u1_mips.deb
 613c2863c6533a4b8536133fdce00660248d3616269819940541e7886cb5f9d8 105456 postgresql-server-dev-11-dbgsym_11.10-0+deb10u1_mips.deb
 64521c80284a3e1a5b5691541a0becca2062a6818ee3684ca3061c8cdbaa8c46 938192 postgresql-server-dev-11_11.10-0+deb10u1_mips.deb
Files:
 07bccb2b4260f327a3ba3955226a9454 18776 debug optional libecpg-compat3-dbgsym_11.10-0+deb10u1_mips.deb
 ffd2d584c7c58c01f5b02734330212f3 17664 libs optional libecpg-compat3_11.10-0+deb10u1_mips.deb
 32dc86ee4cf9c9005a616fe0d40d6aae 258896 debug optional libecpg-dev-dbgsym_11.10-0+deb10u1_mips.deb
 0b550a93b9d24c65b451196502fa5157 223204 libdevel optional libecpg-dev_11.10-0+deb10u1_mips.deb
 d78f489437b145a6cf459cdc70155970 111164 debug optional libecpg6-dbgsym_11.10-0+deb10u1_mips.deb
 9e7b9c86ee1073d33e986586eacd7455 84948 libs optional libecpg6_11.10-0+deb10u1_mips.deb
 f98dc38a9f475141bdbcb74f8c4ff16e 79896 debug optional libpgtypes3-dbgsym_11.10-0+deb10u1_mips.deb
 9aa6581330bfe0319388d686465d4992 39988 libs optional libpgtypes3_11.10-0+deb10u1_mips.deb
 a3d5f3c739b670f1c5fbd42b34d3d9b5 165708 libdevel optional libpq-dev_11.10-0+deb10u1_mips.deb
 2d4dcffdb8559c9060f526c2a36e2a36 292456 debug optional libpq5-dbgsym_11.10-0+deb10u1_mips.deb
 ba8f7b5bda84203cdd35add19c319cfc 156572 libs optional libpq5_11.10-0+deb10u1_mips.deb
 d9fc3d4c1de54c6bf36125672ad687bd 19202208 debug optional postgresql-11-dbgsym_11.10-0+deb10u1_mips.deb
 f40673f9cd71447707650076e351b990 16329 database optional postgresql-11_11.10-0+deb10u1_mips-buildd.buildinfo
 f15082544444f8297af040e24045759c 13596928 database optional postgresql-11_11.10-0+deb10u1_mips.deb
 b0ead4fbf5033cbbdb0a3930c09e5303 1936824 debug optional postgresql-client-11-dbgsym_11.10-0+deb10u1_mips.deb
 515838beadfc7ab8f269964597402db5 1337236 database optional postgresql-client-11_11.10-0+deb10u1_mips.deb
 5f2076966f4c14b182bbc7eb47ee1eae 244180 debug optional postgresql-plperl-11-dbgsym_11.10-0+deb10u1_mips.deb
 18c0f5dc22312ce3144b8fab8c8a1284 60480 database optional postgresql-plperl-11_11.10-0+deb10u1_mips.deb
 a94de2ff9d35eedb444a01142cfafd40 302168 debug optional postgresql-plpython-11-dbgsym_11.10-0+deb10u1_mips.deb
 c475a8a7d100a87bc11df84b6c606672 50352 database optional postgresql-plpython-11_11.10-0+deb10u1_mips.deb
 0eed9dd237aa2a18f8e7c0240b09b70b 330896 debug optional postgresql-plpython3-11-dbgsym_11.10-0+deb10u1_mips.deb
 2ba52e6557f33d736e466b0fc165f599 66752 database optional postgresql-plpython3-11_11.10-0+deb10u1_mips.deb
 7f07995c36f49c364602aac9af9506da 97460 debug optional postgresql-pltcl-11-dbgsym_11.10-0+deb10u1_mips.deb
 f6987371340fe2d904674f0a24cf68e3 36520 database optional postgresql-pltcl-11_11.10-0+deb10u1_mips.deb
 0036852bebf77e19f6745d7ac7a7e20d 105456 debug optional postgresql-server-dev-11-dbgsym_11.10-0+deb10u1_mips.deb
 a07b570d96c99b22c2c3c5acadfcc2ec 938192 libdevel optional postgresql-server-dev-11_11.10-0+deb10u1_mips.deb

-----BEGIN PGP SIGNATURE-----

iQIzBAEBCgAdFiEEApLZsOzOwrGcFKRP0d6GGe6X4nAFAl/NsaMACgkQ0d6GGe6X
4nDstxAAwYolVKlneGdydyY8MXPuoIE/NsTTN12PlBPKcjlzS/xYBR92MoxYbsQ6
CUFmEzTqLixj4BsM5b1iWr22Omi1mBYZTD6jBr2yFLTG+AnD9Nclvs6E2yCxbW03
u/cHoHWAxwmg/J0lUKqCPKNChtCmHUx8pr0V0iR4ZEuPBugcyvNk/Zq+EOdPSlNF
jB/jp+uiD/hvqUH7NgVZg298B38pwRn7o+sUFAphNYdFU6O1DE5MscicsBsN+KBg
QsNH1YMDAZgscEFybW93mSaFBTBWN0ANDr34fFc9taGzeEDYAtybSD7P9u/8dh7e
+3PE1vtI0QS7KqJqrqbNnKT7X36ELh2PYLBlIX2TTse9xm24v5Y26Gb9fYYZWziB
LC0QuvU0TzTzUuKEvATuIt5We5MzDrVhjBm3wuY4JMtuExNxKVeAbZ9itE0u8Ql3
pt0/eHa6MuBSlmQbxzcR4LyDo+3LeT3GyltzIpecDfohwhGKlpWJnNokn5VdBT6M
UKj0I2xJPyPAr99zLNdd0NSyc/Pqhx6Bwt+VWW89Y2gihoLcNGVVV3COSOPYFj4T
ge9weOX48LqqrAOWI8nUbd/gsGA9oFuuLS6m4PgpltDfGZqqz6ApWbg//FotUeUQ
KKTuuvoWf0b+iPZIdyIACpz2hB8/2WkTJe1ian0FQ6iZgvZdti4=
=Mcxl
-----END PGP SIGNATURE-----