-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA512

Format: 1.8
Date: Tue, 01 Dec 2020 10:04:12 +0100
Source: postgresql-11
Binary: libecpg-compat3 libecpg-compat3-dbgsym libecpg-dev libecpg-dev-dbgsym libecpg6 libecpg6-dbgsym libpgtypes3 libpgtypes3-dbgsym libpq-dev libpq5 libpq5-dbgsym postgresql-11 postgresql-11-dbgsym postgresql-client-11 postgresql-client-11-dbgsym postgresql-plperl-11 postgresql-plperl-11-dbgsym postgresql-plpython-11 postgresql-plpython-11-dbgsym postgresql-plpython3-11 postgresql-plpython3-11-dbgsym postgresql-pltcl-11 postgresql-pltcl-11-dbgsym postgresql-server-dev-11 postgresql-server-dev-11-dbgsym
Architecture: mipsel
Version: 11.10-0+deb10u1
Distribution: buster
Urgency: medium
Maintainer: mipsel Build Daemon (mipsel-sil-01) <buildd_mips64el-mipsel-sil-01@buildd.debian.org>
Changed-By: Christoph Berg <myon@debian.org>
Description:
 libecpg-compat3 - older version of run-time library for ECPG programs
 libecpg-dev - development files for ECPG (Embedded PostgreSQL for C)
 libecpg6   - run-time library for ECPG programs
 libpgtypes3 - shared library libpgtypes for PostgreSQL 11
 libpq-dev  - header files for libpq5 (PostgreSQL library)
 libpq5     - PostgreSQL C client library
 postgresql-11 - object-relational SQL database, version 11 server
 postgresql-client-11 - front-end programs for PostgreSQL 11
 postgresql-plperl-11 - PL/Perl procedural language for PostgreSQL 11
 postgresql-plpython-11 - PL/Python procedural language for PostgreSQL 11
 postgresql-plpython3-11 - PL/Python 3 procedural language for PostgreSQL 11
 postgresql-pltcl-11 - PL/Tcl procedural language for PostgreSQL 11
 postgresql-server-dev-11 - development files for PostgreSQL 11 server-side programming
Closes: 974063
Changes:
 postgresql-11 (11.10-0+deb10u1) buster; urgency=medium
 .
   * New upstream version.
     + Fixes timetz regression test failures. (Closes: #974063)
 .
     + Block DECLARE CURSOR ... WITH HOLD and firing of deferred triggers
       within index expressions and materialized view queries (Noah Misch)
 .
       This is essentially a leak in the security restricted operation sandbox
       mechanism.  An attacker having permission to create non-temporary SQL
       objects could parlay this leak to execute arbitrary SQL code as a
       superuser.
 .
       The PostgreSQL Project thanks Etienne Stalmans for reporting this
       problem. (CVE-2020-25695)
 .
     + Fix usage of complex connection-string parameters in pg_dump,
       pg_restore, clusterdb, reindexdb, and vacuumdb (Tom Lane)
 .
       The -d parameter of pg_dump and pg_restore, or the --maintenance-db
       parameter of the other programs mentioned, can be a connection string
       containing multiple connection parameters rather than just a database
       name.  In cases where these programs need to initiate additional
       connections, such as parallel processing or processing of multiple
       databases, the connection string was forgotten and just the basic
       connection parameters (database name, host, port, and username) were
       used for the additional connections.  This could lead to connection
       failures if the connection string included any other essential
       information, such as non-default SSL or GSS parameters. Worse, the
       connection might succeed but not be encrypted as intended, or be
       vulnerable to man-in-the-middle attacks that the intended connection
       parameters would have prevented. (CVE-2020-25694)
 .
     + When psql's \connect command re-uses connection parameters, ensure that
       all non-overridden parameters from a previous connection string are
       re-used (Tom Lane)
 .
       This avoids cases where reconnection might fail due to omission of
       relevant parameters, such as non-default SSL or GSS options. Worse, the
       reconnection might succeed but not be encrypted as intended, or be
       vulnerable to man-in-the-middle attacks that the intended connection
       parameters would have prevented. This is largely the same problem as
       just cited for pg_dump et al, although psql's behavior is more complex
       since the user may intentionally override some connection parameters.
       (CVE-2020-25694)
 .
     + Prevent psql's \gset command from modifying specially-treated variables
       (Noah Misch)
 .
       \gset without a prefix would overwrite whatever variables the server
       told it to.  Thus, a compromised server could set specially-treated
       variables such as PROMPT1, giving the ability to execute arbitrary shell
       code in the user's session.
 .
       The PostgreSQL Project thanks Nick Cleaton for reporting this problem.
       (CVE-2020-25696)
Checksums-Sha1:
 27f7487027fc518d60dd66ce9268e0dd6de79393 18592 libecpg-compat3-dbgsym_11.10-0+deb10u1_mipsel.deb
 25aad859703367baf6f978364c887a2e104ec103 17772 libecpg-compat3_11.10-0+deb10u1_mipsel.deb
 8800452623e17003ed2fc8282d11a6994b7d4b2b 237608 libecpg-dev-dbgsym_11.10-0+deb10u1_mipsel.deb
 4e2fbcfa1335329d6a4c92c143fa925b7a04d275 227084 libecpg-dev_11.10-0+deb10u1_mipsel.deb
 8564c7dad9ef4ddad9237bcefc7f9b558e22e1d8 109080 libecpg6-dbgsym_11.10-0+deb10u1_mipsel.deb
 81593c4b06e724757644a559f2c6ba052e9f1aaf 85224 libecpg6_11.10-0+deb10u1_mipsel.deb
 13a404f39926d7d33f029f2c76f10502b11e9341 78236 libpgtypes3-dbgsym_11.10-0+deb10u1_mipsel.deb
 bdcd40c0ef6882a0ed04c32e418ff21525d2c6dc 40336 libpgtypes3_11.10-0+deb10u1_mipsel.deb
 228ac34b9af92a169b766715c4575f0d4e002dca 170968 libpq-dev_11.10-0+deb10u1_mipsel.deb
 847c97dae7d47fc709303bd444e2138381d49925 287560 libpq5-dbgsym_11.10-0+deb10u1_mipsel.deb
 bfc6aee24a024aa2a46cfd48528de36679ec609c 159280 libpq5_11.10-0+deb10u1_mipsel.deb
 26a26caf3e4eadcf8258eb10e533893002c45ab3 18935696 postgresql-11-dbgsym_11.10-0+deb10u1_mipsel.deb
 e619bc194baac1c4def255ab4e22cb0c71ea8cb6 16485 postgresql-11_11.10-0+deb10u1_mipsel-buildd.buildinfo
 a6a8b95aeadcda07f53facd868566f88bbe293de 13664572 postgresql-11_11.10-0+deb10u1_mipsel.deb
 fd033a174ff68bbde1346add5a07223ff18beac6 1893148 postgresql-client-11-dbgsym_11.10-0+deb10u1_mipsel.deb
 70185f2b57c5e99f9dee649091be25471d2ecc24 1348244 postgresql-client-11_11.10-0+deb10u1_mipsel.deb
 4d03783c5402a039035955324a6f7d3897775142 243648 postgresql-plperl-11-dbgsym_11.10-0+deb10u1_mipsel.deb
 c5e1e2ebb9cc229f998eada85a2df6cb596a6fcc 61124 postgresql-plperl-11_11.10-0+deb10u1_mipsel.deb
 1b1a6a17da40133e11fb722c8881debc293c57db 301308 postgresql-plpython-11-dbgsym_11.10-0+deb10u1_mipsel.deb
 4cd7efd10e7e80c45ca996b31b5f93d3f917fe71 51004 postgresql-plpython-11_11.10-0+deb10u1_mipsel.deb
 483fcfbf94c73feada3850689c06ddd098cc570d 328220 postgresql-plpython3-11-dbgsym_11.10-0+deb10u1_mipsel.deb
 d170b517a53bb024771d92d0524ab3f18ce25593 67404 postgresql-plpython3-11_11.10-0+deb10u1_mipsel.deb
 4680f2cd9614928c8360e65c3cdf22fc853e6498 97224 postgresql-pltcl-11-dbgsym_11.10-0+deb10u1_mipsel.deb
 36cc583c17b6a596c224be73d48c01accf10ce3e 36828 postgresql-pltcl-11_11.10-0+deb10u1_mipsel.deb
 e3ef44c5672b472bb857fc1e320efd11ece64687 103752 postgresql-server-dev-11-dbgsym_11.10-0+deb10u1_mipsel.deb
 0a04cb2403d3acfe9a3d5cede330c8cbff8a26fd 942492 postgresql-server-dev-11_11.10-0+deb10u1_mipsel.deb
Checksums-Sha256:
 611dc54c909d007c17d5a9f972c203afda1a3941a15e756b378aaedfbe8bd42e 18592 libecpg-compat3-dbgsym_11.10-0+deb10u1_mipsel.deb
 cb4bf32dc138ad0d9869745577c5bd8d679e198e2ed2996440f646cef3815a14 17772 libecpg-compat3_11.10-0+deb10u1_mipsel.deb
 73ed485de1fef6892c52c999f9e23d4754e5f345ef2566604a6bea68b31f3d1a 237608 libecpg-dev-dbgsym_11.10-0+deb10u1_mipsel.deb
 d25d9c6fc8d204e1c51cd2e5397b464446c03a3672e690541d76d43e0549e4a6 227084 libecpg-dev_11.10-0+deb10u1_mipsel.deb
 597b243988ae9ddfef1069816ad46c44e8ce5ff2f77132d503ed0b9695405ae8 109080 libecpg6-dbgsym_11.10-0+deb10u1_mipsel.deb
 fe9e530e39e73b3176d31405cf37208fa0de4f2d1bc7f297affb7ee99320f854 85224 libecpg6_11.10-0+deb10u1_mipsel.deb
 991b3122a6c1da8a1573383f9d21321bc83fc6665a0443156af9496480a5af75 78236 libpgtypes3-dbgsym_11.10-0+deb10u1_mipsel.deb
 39ca784b03456fa05dcc2eb942e6d4e7431d310106091e8cf6650f6ad46c1d50 40336 libpgtypes3_11.10-0+deb10u1_mipsel.deb
 dcdff3e4c44036b7f08ade8957564491c2e66d6dad99a77bd3d3ab679e722158 170968 libpq-dev_11.10-0+deb10u1_mipsel.deb
 86a4c3648bb47d1eba988f216fd0b4b663e7d60e9f233b7791dae8ebf5bf19cb 287560 libpq5-dbgsym_11.10-0+deb10u1_mipsel.deb
 d6952f58154e512d36e98136776c73ed9e19a6475bbad99197df6e8f1341fcb1 159280 libpq5_11.10-0+deb10u1_mipsel.deb
 a04b922a108b6fef2191dee1b019aee605497c7d05abf5d75cbc06fbbaf152d9 18935696 postgresql-11-dbgsym_11.10-0+deb10u1_mipsel.deb
 efe4f46420030ca05bc49f65f81716e2d24d54a311293ccf2f2e6f6f0e4911a7 16485 postgresql-11_11.10-0+deb10u1_mipsel-buildd.buildinfo
 2631299a7a4161459b1979dde5200b1a3ef0d5e449f7e5f847451ff636997bd4 13664572 postgresql-11_11.10-0+deb10u1_mipsel.deb
 3631d1b6f49085da76d7b35bf734c478df2a30504ba8dd3dc7114a22deb8bfe4 1893148 postgresql-client-11-dbgsym_11.10-0+deb10u1_mipsel.deb
 76dfa19b5349cb297d7d1ade8b965fdaee53b5294b6331e9663a9b036562a2e3 1348244 postgresql-client-11_11.10-0+deb10u1_mipsel.deb
 5432caeed1b2b3ef6a95b6addfce4030eb0290809a256b7ee3341263d90840e3 243648 postgresql-plperl-11-dbgsym_11.10-0+deb10u1_mipsel.deb
 ac47e6dc5a5ef7d68bb580083c4a9d3e1555bdb5c7bc4e8332733a93910abc2a 61124 postgresql-plperl-11_11.10-0+deb10u1_mipsel.deb
 50042b02983feaede02104d1af97d6fc5f425d43e2fe7e60477068d59be83a7c 301308 postgresql-plpython-11-dbgsym_11.10-0+deb10u1_mipsel.deb
 a2bda47fd7fb0acc5202fa1f83931cce1bc9d4dcf3368e1b71660abab51c1d65 51004 postgresql-plpython-11_11.10-0+deb10u1_mipsel.deb
 03a126880e0140a7d6ba8ad0f063ce9b4a0d3fbfdf40a74d2d1bd12b6936a5a4 328220 postgresql-plpython3-11-dbgsym_11.10-0+deb10u1_mipsel.deb
 9c92f151378202cc6835eaa525913bf56fe79bfdaf30ba2f0b013b1ae3cafa99 67404 postgresql-plpython3-11_11.10-0+deb10u1_mipsel.deb
 eeefaebac580c75d33dd9b7cbe04530db33c81a4114917b7f54a98572b71a50e 97224 postgresql-pltcl-11-dbgsym_11.10-0+deb10u1_mipsel.deb
 26dd603b39e92b44a075d2668cce919906fedb2fbf853b8f5661661d4ee7fe53 36828 postgresql-pltcl-11_11.10-0+deb10u1_mipsel.deb
 e56a47ed4b265e5f5c2f119732aa92b0468eda83772c0f69c12a9b3855147fb7 103752 postgresql-server-dev-11-dbgsym_11.10-0+deb10u1_mipsel.deb
 53922e55fe34460b6769decfab8fd3fc22ca2d37c230377aea81865b28e44b68 942492 postgresql-server-dev-11_11.10-0+deb10u1_mipsel.deb
Files:
 f53dbd9ad4a87a64d0ab5829b928f6b6 18592 debug optional libecpg-compat3-dbgsym_11.10-0+deb10u1_mipsel.deb
 aa3e868abfff65cc829fe581c33239c0 17772 libs optional libecpg-compat3_11.10-0+deb10u1_mipsel.deb
 f4ecf5f2b862e3f740464679217b61ff 237608 debug optional libecpg-dev-dbgsym_11.10-0+deb10u1_mipsel.deb
 6310dfe7c3a9cf70fb4d3f6860eb3fe7 227084 libdevel optional libecpg-dev_11.10-0+deb10u1_mipsel.deb
 889bf81b61f333bdb3c6caa259221457 109080 debug optional libecpg6-dbgsym_11.10-0+deb10u1_mipsel.deb
 f26d77332873f671cdb27c8563b46f15 85224 libs optional libecpg6_11.10-0+deb10u1_mipsel.deb
 a03268cf5bcfe94c4e1cd208d67d39de 78236 debug optional libpgtypes3-dbgsym_11.10-0+deb10u1_mipsel.deb
 e416666fb743131457430b5e3fe3877e 40336 libs optional libpgtypes3_11.10-0+deb10u1_mipsel.deb
 316280da528f1392a9eaa2b3c9859cc0 170968 libdevel optional libpq-dev_11.10-0+deb10u1_mipsel.deb
 30d62382266b9d4f53de5c22e421ed22 287560 debug optional libpq5-dbgsym_11.10-0+deb10u1_mipsel.deb
 72217fda197bcf9e39db0d1c1f010e1a 159280 libs optional libpq5_11.10-0+deb10u1_mipsel.deb
 6b4188d1635932c9b2c0e0c9b4afd4de 18935696 debug optional postgresql-11-dbgsym_11.10-0+deb10u1_mipsel.deb
 d3808f953f36c069db2db5f6fa658c60 16485 database optional postgresql-11_11.10-0+deb10u1_mipsel-buildd.buildinfo
 9f254c9fcdb5e415cd2024f8000e24f9 13664572 database optional postgresql-11_11.10-0+deb10u1_mipsel.deb
 43b4c06ccd8c16c7a759202f0fedc7aa 1893148 debug optional postgresql-client-11-dbgsym_11.10-0+deb10u1_mipsel.deb
 0c7c3b0c44e4611a176c53f025c26971 1348244 database optional postgresql-client-11_11.10-0+deb10u1_mipsel.deb
 90bee2110b18188e636f5b628c9f0b56 243648 debug optional postgresql-plperl-11-dbgsym_11.10-0+deb10u1_mipsel.deb
 69e5953b295f00f9e34ced4c9ea86766 61124 database optional postgresql-plperl-11_11.10-0+deb10u1_mipsel.deb
 94f375e15a855a300d6e08190070c8c3 301308 debug optional postgresql-plpython-11-dbgsym_11.10-0+deb10u1_mipsel.deb
 1fe79cf8f6b2a45a8a03a2a24c0a6b6d 51004 database optional postgresql-plpython-11_11.10-0+deb10u1_mipsel.deb
 524e33f9dc13b7b5be8002b7d3905d23 328220 debug optional postgresql-plpython3-11-dbgsym_11.10-0+deb10u1_mipsel.deb
 552147e24543a4c75c812364c9cdbb00 67404 database optional postgresql-plpython3-11_11.10-0+deb10u1_mipsel.deb
 57ce069649224856cb668105b39b09f2 97224 debug optional postgresql-pltcl-11-dbgsym_11.10-0+deb10u1_mipsel.deb
 1865d38bdc4b6d8131669fd91830d4ec 36828 database optional postgresql-pltcl-11_11.10-0+deb10u1_mipsel.deb
 eac73e7ab4fbef739e252775a4e9f5ef 103752 debug optional postgresql-server-dev-11-dbgsym_11.10-0+deb10u1_mipsel.deb
 d58f09b402a37c2282a5a715920e4348 942492 libdevel optional postgresql-server-dev-11_11.10-0+deb10u1_mipsel.deb

-----BEGIN PGP SIGNATURE-----

iQIzBAEBCgAdFiEEh6f0f+9QkseX9rByheMUpvgkncUFAl/Nw+YACgkQheMUpvgk
ncVklxAAvRbsT6jNR9XbovL0isbCTlrQYslFpIV+kui55p4ChiXqWv58uP2jU8GN
5hm5yEZ4t4EGjMddfTyqBpeTLYToihXzg9k4cQqNIk/KRt69JsBKPt3BJEkLLTjT
1eS/ouYrdCb68AdhLw3eygZYmews18wyh6zG9HgC7S8y1+MB1R/b1e+J3muuO5gA
JZ1FYHs/1Gn6U09Tv1CXrsuoFS1UXlmKhitBuRk/lbKWAj8dj8hBay5kcdIV4djw
EYf5mEAGYryyLam7I+Zzw8IwwmJw+nC1o/ZvdDjYaNO0W7D68019uvjJ1/Kzahtf
6AESpxbJgEW5f472x5CCKYcH/F9O8wyna6+/9jyn+jhDU0Tf5AHw+FC76dnseUTo
W7uQseUo/B+2e/5k2bmpkVA09oAkES7f4FTKwzeoMDCtdAuhGzGxPsQ/igugc33y
5GWPAd2i90BEMQ7NyldmGUtirXH7vjGoflGxUTrlRkdeqLQZjFETQkEHUrpoE/BA
/JIS/aIy+RTMmRMyoOf2I6nRwrbmO+o8rzLF0teVFnu+oDz+Eck7/yyYuqq7mr0C
tUf2sRAfp/N+96ba4Cv6TfQmidktkyZSJmC7choQEhJ/Pw0yDSGkM1iCPqG3sSzd
d+/pmrhrGQiv5qziYUxQ/ByAvClNmE/hNDHM0dH/HdtoxO9FUbA=
=pP7g
-----END PGP SIGNATURE-----