-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA512

Format: 1.8
Date: Tue, 01 Dec 2020 10:04:12 +0100
Source: postgresql-11
Binary: libecpg-compat3 libecpg-compat3-dbgsym libecpg-dev libecpg-dev-dbgsym libecpg6 libecpg6-dbgsym libpgtypes3 libpgtypes3-dbgsym libpq-dev libpq5 libpq5-dbgsym postgresql-11 postgresql-11-dbgsym postgresql-client-11 postgresql-client-11-dbgsym postgresql-plperl-11 postgresql-plperl-11-dbgsym postgresql-plpython-11 postgresql-plpython-11-dbgsym postgresql-plpython3-11 postgresql-plpython3-11-dbgsym postgresql-pltcl-11 postgresql-pltcl-11-dbgsym postgresql-server-dev-11 postgresql-server-dev-11-dbgsym
Architecture: mips64el
Version: 11.10-0+deb10u1
Distribution: buster
Urgency: medium
Maintainer: mipsel Build Daemon (mipsel-manda-04) <buildd_mips64el-mipsel-manda-04@buildd.debian.org>
Changed-By: Christoph Berg <myon@debian.org>
Description:
 libecpg-compat3 - older version of run-time library for ECPG programs
 libecpg-dev - development files for ECPG (Embedded PostgreSQL for C)
 libecpg6   - run-time library for ECPG programs
 libpgtypes3 - shared library libpgtypes for PostgreSQL 11
 libpq-dev  - header files for libpq5 (PostgreSQL library)
 libpq5     - PostgreSQL C client library
 postgresql-11 - object-relational SQL database, version 11 server
 postgresql-client-11 - front-end programs for PostgreSQL 11
 postgresql-plperl-11 - PL/Perl procedural language for PostgreSQL 11
 postgresql-plpython-11 - PL/Python procedural language for PostgreSQL 11
 postgresql-plpython3-11 - PL/Python 3 procedural language for PostgreSQL 11
 postgresql-pltcl-11 - PL/Tcl procedural language for PostgreSQL 11
 postgresql-server-dev-11 - development files for PostgreSQL 11 server-side programming
Closes: 974063
Changes:
 postgresql-11 (11.10-0+deb10u1) buster; urgency=medium
 .
   * New upstream version.
     + Fixes timetz regression test failures. (Closes: #974063)
 .
     + Block DECLARE CURSOR ... WITH HOLD and firing of deferred triggers
       within index expressions and materialized view queries (Noah Misch)
 .
       This is essentially a leak in the security restricted operation sandbox
       mechanism.  An attacker having permission to create non-temporary SQL
       objects could parlay this leak to execute arbitrary SQL code as a
       superuser.
 .
       The PostgreSQL Project thanks Etienne Stalmans for reporting this
       problem. (CVE-2020-25695)
 .
     + Fix usage of complex connection-string parameters in pg_dump,
       pg_restore, clusterdb, reindexdb, and vacuumdb (Tom Lane)
 .
       The -d parameter of pg_dump and pg_restore, or the --maintenance-db
       parameter of the other programs mentioned, can be a connection string
       containing multiple connection parameters rather than just a database
       name.  In cases where these programs need to initiate additional
       connections, such as parallel processing or processing of multiple
       databases, the connection string was forgotten and just the basic
       connection parameters (database name, host, port, and username) were
       used for the additional connections.  This could lead to connection
       failures if the connection string included any other essential
       information, such as non-default SSL or GSS parameters. Worse, the
       connection might succeed but not be encrypted as intended, or be
       vulnerable to man-in-the-middle attacks that the intended connection
       parameters would have prevented. (CVE-2020-25694)
 .
     + When psql's \connect command re-uses connection parameters, ensure that
       all non-overridden parameters from a previous connection string are
       re-used (Tom Lane)
 .
       This avoids cases where reconnection might fail due to omission of
       relevant parameters, such as non-default SSL or GSS options. Worse, the
       reconnection might succeed but not be encrypted as intended, or be
       vulnerable to man-in-the-middle attacks that the intended connection
       parameters would have prevented. This is largely the same problem as
       just cited for pg_dump et al, although psql's behavior is more complex
       since the user may intentionally override some connection parameters.
       (CVE-2020-25694)
 .
     + Prevent psql's \gset command from modifying specially-treated variables
       (Noah Misch)
 .
       \gset without a prefix would overwrite whatever variables the server
       told it to.  Thus, a compromised server could set specially-treated
       variables such as PROMPT1, giving the ability to execute arbitrary shell
       code in the user's session.
 .
       The PostgreSQL Project thanks Nick Cleaton for reporting this problem.
       (CVE-2020-25696)
Checksums-Sha1:
 d3e0b62f1b4e2fe18cb294d9f3ed0523124831d2 19628 libecpg-compat3-dbgsym_11.10-0+deb10u1_mips64el.deb
 1e8b6c177d8df23324ea1413116218bcc4ef4850 18064 libecpg-compat3_11.10-0+deb10u1_mips64el.deb
 76dd924e225be40b13a3fb9beb7424e1fb4b22eb 220348 libecpg-dev-dbgsym_11.10-0+deb10u1_mips64el.deb
 8af9b24f420cc76e0a7a2f7123fd6146125f4406 229096 libecpg-dev_11.10-0+deb10u1_mips64el.deb
 964e2b27a3eea5cd14311bc37d4b6dbb9d9e69ce 115012 libecpg6-dbgsym_11.10-0+deb10u1_mips64el.deb
 ed2ce1e95eca4eb3e10afe4efbdae39dfee55e9e 84608 libecpg6_11.10-0+deb10u1_mips64el.deb
 d184477ca03ce46bb6d4699246c1afe4e028c9d3 81368 libpgtypes3-dbgsym_11.10-0+deb10u1_mips64el.deb
 47e2d3470e4382d291df5a9348a94ae77e26004b 39696 libpgtypes3_11.10-0+deb10u1_mips64el.deb
 cab6fd647d5d9d8138cbd63187b77fc44d585be8 171612 libpq-dev_11.10-0+deb10u1_mips64el.deb
 83dcbaabeac80e93c435cc0cad681eaadd376adc 304608 libpq5-dbgsym_11.10-0+deb10u1_mips64el.deb
 b67741244f781602ec1a4e11daf426e448cb3e9e 160260 libpq5_11.10-0+deb10u1_mips64el.deb
 c128e6eff009de6d72e91bc4ddefa8c82feb7b0b 19800768 postgresql-11-dbgsym_11.10-0+deb10u1_mips64el.deb
 3d9f7021af9b671ce4430dfb4c1e0643c8ca3a0b 16569 postgresql-11_11.10-0+deb10u1_mips64el-buildd.buildinfo
 16b96c9a92423894268940223e6e17011840e5c5 13735324 postgresql-11_11.10-0+deb10u1_mips64el.deb
 d01d0832ea49a0937126ad620966834f8c631b19 2014584 postgresql-client-11-dbgsym_11.10-0+deb10u1_mips64el.deb
 4e349556c8f31ba93f6332213d4b307d63f12448 1347384 postgresql-client-11_11.10-0+deb10u1_mips64el.deb
 363a5e98ad705bb8c40eec858d894161e5b3ba8e 254780 postgresql-plperl-11-dbgsym_11.10-0+deb10u1_mips64el.deb
 27352d09d1e4957dc52048cd7f6430ff6acbb5a9 61288 postgresql-plperl-11_11.10-0+deb10u1_mips64el.deb
 457846b04cc82ea4cc9ed91f791b9d1cfc8bc695 313552 postgresql-plpython-11-dbgsym_11.10-0+deb10u1_mips64el.deb
 042b5cfb405b41e0e5b3c0e03758146e92e1ec60 50972 postgresql-plpython-11_11.10-0+deb10u1_mips64el.deb
 1617bef4895fb0cf9eaad384fbfa556cb42eeacc 341432 postgresql-plpython3-11-dbgsym_11.10-0+deb10u1_mips64el.deb
 61a2fd14ded211c249cf1905fe6d053da91d1682 68272 postgresql-plpython3-11_11.10-0+deb10u1_mips64el.deb
 1d0dfffc5de30209be19c806bf3b5cdfc3c51f6c 101120 postgresql-pltcl-11-dbgsym_11.10-0+deb10u1_mips64el.deb
 e24ac540455b8b6f978c543d93f6d6405851291b 36736 postgresql-pltcl-11_11.10-0+deb10u1_mips64el.deb
 8cb553e6cccbc24f14065e784625b79e09b7e831 110144 postgresql-server-dev-11-dbgsym_11.10-0+deb10u1_mips64el.deb
 e771016ff2b7099446c0f55f0e166f0bcbd8b56c 943124 postgresql-server-dev-11_11.10-0+deb10u1_mips64el.deb
Checksums-Sha256:
 568099507ff5c7397df9e9b5001bfc1f07b0f3b4fc9e5f76a98dd4197c4b39ee 19628 libecpg-compat3-dbgsym_11.10-0+deb10u1_mips64el.deb
 11fa4ccee2ec152c61262bf89e54de46b049e4a74ec09c6a2312f38b663d2467 18064 libecpg-compat3_11.10-0+deb10u1_mips64el.deb
 43142e1170b7b8ee0ea64863533a4d2213a6c5abf1c0f7074954b1fbaa0641fe 220348 libecpg-dev-dbgsym_11.10-0+deb10u1_mips64el.deb
 92961150ab15cf7238c5963f5b97bb239e6830e2deec57272031d4e0452312b6 229096 libecpg-dev_11.10-0+deb10u1_mips64el.deb
 82db99c4338b04690376f0b592f442b91857289b9ea39cea2ed171994cbc0de1 115012 libecpg6-dbgsym_11.10-0+deb10u1_mips64el.deb
 186e19ff6b5788b947da635884eef5f5966e2e0e3388a45905a71b3caf6f3002 84608 libecpg6_11.10-0+deb10u1_mips64el.deb
 1531ebd7041ce82e2ad0815d04c0b1ca12e1dc4cbba3fa15b2329ff60bf7a0dd 81368 libpgtypes3-dbgsym_11.10-0+deb10u1_mips64el.deb
 8ec7a8dd0ca3a4143a5733b15031dc3b7ac270a0f7097cd338c2524c24237adf 39696 libpgtypes3_11.10-0+deb10u1_mips64el.deb
 7ad20f7c281c772dc3c601a3840d782e41ab65e7dfd066da01e14b80eb338396 171612 libpq-dev_11.10-0+deb10u1_mips64el.deb
 a4f5c47d43ff18ad0c04eb7216dfe5f02bba427fd63bfabb932e64254eee4884 304608 libpq5-dbgsym_11.10-0+deb10u1_mips64el.deb
 e76ecbb8c3633d7c004d9eb55f9087d9dfbb93a2019dc531ba364f91be4cf191 160260 libpq5_11.10-0+deb10u1_mips64el.deb
 1798d61eed1e885d1333d714f2488534ea130d41b5c796f88e893b6763bfaa2b 19800768 postgresql-11-dbgsym_11.10-0+deb10u1_mips64el.deb
 4e6e5b291066bf6d82b2aaffb47547362cdb30ebd003fa32e76512f761dfe4bb 16569 postgresql-11_11.10-0+deb10u1_mips64el-buildd.buildinfo
 b586fe55590a8abe0f8f8fe287153b91d4df7870a1281bcfc28a38ae80f401ba 13735324 postgresql-11_11.10-0+deb10u1_mips64el.deb
 84c0c3ef4512835339a08c624ed120b1f9e3412cf493681b2f7acfdbf6e22b6c 2014584 postgresql-client-11-dbgsym_11.10-0+deb10u1_mips64el.deb
 d620a9a9d17d1ea4d9eddc7d62bd8a2a78cd87fce6a19635ffb7ce1118dc5160 1347384 postgresql-client-11_11.10-0+deb10u1_mips64el.deb
 2b61a39d0cd7297536a4657d7e0e8fbc1933a0320548db62a4ba50abe8e71ea5 254780 postgresql-plperl-11-dbgsym_11.10-0+deb10u1_mips64el.deb
 f401f12afa6a5e25cfbf059e2f63849df044a2dc78bb65c7c3e727308644e5e2 61288 postgresql-plperl-11_11.10-0+deb10u1_mips64el.deb
 4b8f6f9743b3b53dc8ca4e54c51546bbb4ab6e3611bb382ab2bc75e9cc75da5c 313552 postgresql-plpython-11-dbgsym_11.10-0+deb10u1_mips64el.deb
 8f616c9b818a5e10d6c3de763155f55b0422321e7cbf9362efdc8d698eda3b18 50972 postgresql-plpython-11_11.10-0+deb10u1_mips64el.deb
 735cce67331f1fd837f7be25d7f4aa92632a83b1b11f85bb3f8c580537c2d58f 341432 postgresql-plpython3-11-dbgsym_11.10-0+deb10u1_mips64el.deb
 6a687273d207b8d60fd25cd957d11ce15508ae2936aa7022c9a5e82267b1de36 68272 postgresql-plpython3-11_11.10-0+deb10u1_mips64el.deb
 3e348f67ac6311929d2f32f49ec06d19d591bf94e83c4374123019554853b557 101120 postgresql-pltcl-11-dbgsym_11.10-0+deb10u1_mips64el.deb
 bddc34146a88763525bdcf6d7a3d37860f9014d971bb2c53af78fa0872e73a1b 36736 postgresql-pltcl-11_11.10-0+deb10u1_mips64el.deb
 047b46901bd3d6e4c2a038edb2816d94444a7b3264f1902b7516b262f386bf45 110144 postgresql-server-dev-11-dbgsym_11.10-0+deb10u1_mips64el.deb
 bd1d8ff89a76eec64444a90614a8d5ca4670aec9b292cc1d7927ca3f650ef007 943124 postgresql-server-dev-11_11.10-0+deb10u1_mips64el.deb
Files:
 d415f2931eb59d906b6fe7bc590fb6ae 19628 debug optional libecpg-compat3-dbgsym_11.10-0+deb10u1_mips64el.deb
 642e3cc945c606bb019464fd7c2f005b 18064 libs optional libecpg-compat3_11.10-0+deb10u1_mips64el.deb
 237f51c15e178c52a952c9ab5bab0f44 220348 debug optional libecpg-dev-dbgsym_11.10-0+deb10u1_mips64el.deb
 10d1de845a681f84023cb71719ce146b 229096 libdevel optional libecpg-dev_11.10-0+deb10u1_mips64el.deb
 7dbe4d6d788b8cb561ae2620e8dfb6c7 115012 debug optional libecpg6-dbgsym_11.10-0+deb10u1_mips64el.deb
 b7901cbd4e981289d94923286c73131f 84608 libs optional libecpg6_11.10-0+deb10u1_mips64el.deb
 5b3e3bf3a3d08ada1b8eca3234f7c5c5 81368 debug optional libpgtypes3-dbgsym_11.10-0+deb10u1_mips64el.deb
 e137becac84effc2af408687dc557584 39696 libs optional libpgtypes3_11.10-0+deb10u1_mips64el.deb
 838a007caf36df41f943cfeba30a94de 171612 libdevel optional libpq-dev_11.10-0+deb10u1_mips64el.deb
 f93c54d44240f33c6338af0ffd8d2d73 304608 debug optional libpq5-dbgsym_11.10-0+deb10u1_mips64el.deb
 0ac2b248f574ac3b319539d9e2ad37cd 160260 libs optional libpq5_11.10-0+deb10u1_mips64el.deb
 f5342dee191e19aeedcb31f6d89e768f 19800768 debug optional postgresql-11-dbgsym_11.10-0+deb10u1_mips64el.deb
 c8135c9b166d88724461e388e165c99b 16569 database optional postgresql-11_11.10-0+deb10u1_mips64el-buildd.buildinfo
 ff3a1b7a8e17721f196a1fe5da17d16b 13735324 database optional postgresql-11_11.10-0+deb10u1_mips64el.deb
 2407d226194707fc0cfee01cd7dcaf48 2014584 debug optional postgresql-client-11-dbgsym_11.10-0+deb10u1_mips64el.deb
 a124ddd6ec3f35a820825fb83fc310c5 1347384 database optional postgresql-client-11_11.10-0+deb10u1_mips64el.deb
 eebfc6d3cc5732a88bd60276f2a97528 254780 debug optional postgresql-plperl-11-dbgsym_11.10-0+deb10u1_mips64el.deb
 3bdc80d9eebc5ba5acab9f8bc1a473a2 61288 database optional postgresql-plperl-11_11.10-0+deb10u1_mips64el.deb
 9073754db6ce767d9000fbe7d1fa883f 313552 debug optional postgresql-plpython-11-dbgsym_11.10-0+deb10u1_mips64el.deb
 a6efd64b0eddc389d4f5a679da23dfd7 50972 database optional postgresql-plpython-11_11.10-0+deb10u1_mips64el.deb
 372bf4c21b32ae3b5f1454297a458d9e 341432 debug optional postgresql-plpython3-11-dbgsym_11.10-0+deb10u1_mips64el.deb
 a33800e3b72a5a8b61a5bbbf33cd2576 68272 database optional postgresql-plpython3-11_11.10-0+deb10u1_mips64el.deb
 f54f96a67858ff6088e8d63390d64bf9 101120 debug optional postgresql-pltcl-11-dbgsym_11.10-0+deb10u1_mips64el.deb
 eb89e5438987396e4602c625f747dca7 36736 database optional postgresql-pltcl-11_11.10-0+deb10u1_mips64el.deb
 881ffd74866f5321a8f5c78e469454d8 110144 debug optional postgresql-server-dev-11-dbgsym_11.10-0+deb10u1_mips64el.deb
 4cd9b7b9682ba9b902ba60520c931d80 943124 libdevel optional postgresql-server-dev-11_11.10-0+deb10u1_mips64el.deb

-----BEGIN PGP SIGNATURE-----

iQIzBAEBCgAdFiEE3ScFd/C5XooG8cTOSlWhEcfpBVMFAl/NsuQACgkQSlWhEcfp
BVNsdhAAk75jRs4CYYsahClIZkz2niNdeH58Vr5a4gQCsGUSfkkv8rokV6pQNtuO
PB52+eApb8bn983opkrSvGFqgyc0mzprtuATGHJ1zuF23V7YvqvSgRc6Z3OcrAcq
Ulhx6Sv78DHS1qMs0xTfqyFFNLP4rmuu9UBQ2uBOUEGaPF2N2mSqC9tGEgxWc/rO
OyriCT6S0qfFGoZp08SEZPutv22XwX2uG8QzT5n4+AaPsMvO0i7aTLh9Z0eIvou7
wxxAmjHtVYZgNAnFrJaer8xYQH85i9sN6F50nQp16Ph1VhT2EzNB3ifr6ErTNiuy
rNHRFeWa+bqwdruJ6aL5/eDLXkLmOq9A/47tNECWODjcJDYqs1TVOXNVNWN89Zgx
sLvRVlbPWAxZ/B75nrcEVJNka94ZBgVnyfR5SLXmDczG6vyRjFT7aRiMDrXG7bO3
PZ3M81RhPlJSRTr4aQ+5nfKR17cwBL3DRf2zI+1N1A9Xd3QTvX7Ro9f+tHKKZ1s5
wD/PU8E/Gn0rduhQNe9/I9i1nKws/ZC/Hy3ofYXZAhaqXbPyKWQ30N1OLRtoaGNT
cIiNaH9SiGgts3WGGwUXOCvCB1s+ae+bsviRO5gZ3AUGSTOqQe3GjbhTlqooUseW
7PCTheWIsB+MSG+srtCISZYlUan2fMCFLxDF5602MpbymiEUVMw=
=NwuK
-----END PGP SIGNATURE-----