-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA512

Format: 1.8
Date: Tue, 01 Dec 2020 10:04:12 +0100
Source: postgresql-11
Binary: libecpg-compat3 libecpg-compat3-dbgsym libecpg-dev libecpg-dev-dbgsym libecpg6 libecpg6-dbgsym libpgtypes3 libpgtypes3-dbgsym libpq-dev libpq5 libpq5-dbgsym postgresql-11 postgresql-11-dbgsym postgresql-client-11 postgresql-client-11-dbgsym postgresql-plperl-11 postgresql-plperl-11-dbgsym postgresql-plpython-11 postgresql-plpython-11-dbgsym postgresql-plpython3-11 postgresql-plpython3-11-dbgsym postgresql-pltcl-11 postgresql-pltcl-11-dbgsym postgresql-server-dev-11 postgresql-server-dev-11-dbgsym
Architecture: ppc64el
Version: 11.10-0+deb10u1
Distribution: buster
Urgency: medium
Maintainer: ppc64el Build Daemon (ppc64el-osuosl-01) <buildd_ppc64el-ppc64el-osuosl-01@buildd.debian.org>
Changed-By: Christoph Berg <myon@debian.org>
Description:
 libecpg-compat3 - older version of run-time library for ECPG programs
 libecpg-dev - development files for ECPG (Embedded PostgreSQL for C)
 libecpg6   - run-time library for ECPG programs
 libpgtypes3 - shared library libpgtypes for PostgreSQL 11
 libpq-dev  - header files for libpq5 (PostgreSQL library)
 libpq5     - PostgreSQL C client library
 postgresql-11 - object-relational SQL database, version 11 server
 postgresql-client-11 - front-end programs for PostgreSQL 11
 postgresql-plperl-11 - PL/Perl procedural language for PostgreSQL 11
 postgresql-plpython-11 - PL/Python procedural language for PostgreSQL 11
 postgresql-plpython3-11 - PL/Python 3 procedural language for PostgreSQL 11
 postgresql-pltcl-11 - PL/Tcl procedural language for PostgreSQL 11
 postgresql-server-dev-11 - development files for PostgreSQL 11 server-side programming
Closes: 974063
Changes:
 postgresql-11 (11.10-0+deb10u1) buster; urgency=medium
 .
   * New upstream version.
     + Fixes timetz regression test failures. (Closes: #974063)
 .
     + Block DECLARE CURSOR ... WITH HOLD and firing of deferred triggers
       within index expressions and materialized view queries (Noah Misch)
 .
       This is essentially a leak in the security restricted operation sandbox
       mechanism.  An attacker having permission to create non-temporary SQL
       objects could parlay this leak to execute arbitrary SQL code as a
       superuser.
 .
       The PostgreSQL Project thanks Etienne Stalmans for reporting this
       problem. (CVE-2020-25695)
 .
     + Fix usage of complex connection-string parameters in pg_dump,
       pg_restore, clusterdb, reindexdb, and vacuumdb (Tom Lane)
 .
       The -d parameter of pg_dump and pg_restore, or the --maintenance-db
       parameter of the other programs mentioned, can be a connection string
       containing multiple connection parameters rather than just a database
       name.  In cases where these programs need to initiate additional
       connections, such as parallel processing or processing of multiple
       databases, the connection string was forgotten and just the basic
       connection parameters (database name, host, port, and username) were
       used for the additional connections.  This could lead to connection
       failures if the connection string included any other essential
       information, such as non-default SSL or GSS parameters. Worse, the
       connection might succeed but not be encrypted as intended, or be
       vulnerable to man-in-the-middle attacks that the intended connection
       parameters would have prevented. (CVE-2020-25694)
 .
     + When psql's \connect command re-uses connection parameters, ensure that
       all non-overridden parameters from a previous connection string are
       re-used (Tom Lane)
 .
       This avoids cases where reconnection might fail due to omission of
       relevant parameters, such as non-default SSL or GSS options. Worse, the
       reconnection might succeed but not be encrypted as intended, or be
       vulnerable to man-in-the-middle attacks that the intended connection
       parameters would have prevented. This is largely the same problem as
       just cited for pg_dump et al, although psql's behavior is more complex
       since the user may intentionally override some connection parameters.
       (CVE-2020-25694)
 .
     + Prevent psql's \gset command from modifying specially-treated variables
       (Noah Misch)
 .
       \gset without a prefix would overwrite whatever variables the server
       told it to.  Thus, a compromised server could set specially-treated
       variables such as PROMPT1, giving the ability to execute arbitrary shell
       code in the user's session.
 .
       The PostgreSQL Project thanks Nick Cleaton for reporting this problem.
       (CVE-2020-25696)
Checksums-Sha1:
 870e9cdf86f2a471c19f35ca11dbba8152457b29 19200 libecpg-compat3-dbgsym_11.10-0+deb10u1_ppc64el.deb
 0028b78d4f7020ba28724993f4a09baeb071d8ef 19436 libecpg-compat3_11.10-0+deb10u1_ppc64el.deb
 c3d7519135116cc66aaf6eff40ffb50317361817 197696 libecpg-dev-dbgsym_11.10-0+deb10u1_ppc64el.deb
 376673028f20a9f0a87249eb87a67a4cff543075 242860 libecpg-dev_11.10-0+deb10u1_ppc64el.deb
 caa150679b9de95be533865a7302d22a183970f3 112228 libecpg6-dbgsym_11.10-0+deb10u1_ppc64el.deb
 33bba54399cda2f9805549d1aaea911351ba8408 91644 libecpg6_11.10-0+deb10u1_ppc64el.deb
 ab56033606be21d21deb2588f785534ac64c2092 79052 libpgtypes3-dbgsym_11.10-0+deb10u1_ppc64el.deb
 095a417ef74ba2bd05dc7ea8e4ff2d2a517e519b 45012 libpgtypes3_11.10-0+deb10u1_ppc64el.deb
 05ab00987ab9832e61597f1129a5efcf3275b84c 180052 libpq-dev_11.10-0+deb10u1_ppc64el.deb
 2a29ff62f290b15e9889c14d727679fd81c91312 301108 libpq5-dbgsym_11.10-0+deb10u1_ppc64el.deb
 0195e8f293bf06e317005a7f33bfbdee0d53eae8 180800 libpq5_11.10-0+deb10u1_ppc64el.deb
 cec303498af45efe0e8e46436036d3e7c6c8ce19 19394412 postgresql-11-dbgsym_11.10-0+deb10u1_ppc64el.deb
 f979329ecc71decc012b04ea9761833708c01bdb 16632 postgresql-11_11.10-0+deb10u1_ppc64el-buildd.buildinfo
 49bf07b9c367462e61cbd91c260b7d12b523fd52 14448772 postgresql-11_11.10-0+deb10u1_ppc64el.deb
 afa0245cb538f23098b19a7e6c133df535a60bb5 1944244 postgresql-client-11-dbgsym_11.10-0+deb10u1_ppc64el.deb
 35f618857378772f16990342e33f84fa8953265b 1432128 postgresql-client-11_11.10-0+deb10u1_ppc64el.deb
 009e86844e20148ebd93d05c436360f1cf6893c8 250624 postgresql-plperl-11-dbgsym_11.10-0+deb10u1_ppc64el.deb
 ac7cb58a2ba170cee64ff01824416879b05433eb 67116 postgresql-plperl-11_11.10-0+deb10u1_ppc64el.deb
 d3830db34a3427de69e18fd07243fc226f384644 308860 postgresql-plpython-11-dbgsym_11.10-0+deb10u1_ppc64el.deb
 703118ef2bbc4bac1a50dfc30ecc6d56adcdd35c 57660 postgresql-plpython-11_11.10-0+deb10u1_ppc64el.deb
 834ec577cbe090c5a4394e47cbbc0889e7ce432b 336476 postgresql-plpython3-11-dbgsym_11.10-0+deb10u1_ppc64el.deb
 e75b145c74441f58101f979c0d123977e35cfb0b 74032 postgresql-plpython3-11_11.10-0+deb10u1_ppc64el.deb
 7bfa59f14411cf0a9bb4fbf0102239aa119a2814 100624 postgresql-pltcl-11-dbgsym_11.10-0+deb10u1_ppc64el.deb
 8a0bc7090204f5c554a8ec872f4248ac83f54f9e 39940 postgresql-pltcl-11_11.10-0+deb10u1_ppc64el.deb
 0cf0ab41982bccb17a9642d75136543a44ca2c69 104684 postgresql-server-dev-11-dbgsym_11.10-0+deb10u1_ppc64el.deb
 b49ce54eecf7b1e8236cee2e1b12f050f990ff2f 948892 postgresql-server-dev-11_11.10-0+deb10u1_ppc64el.deb
Checksums-Sha256:
 048f815a3df7b1ec0249f68c3afbaae7868a5c145ccd6968970ec985ee940f7f 19200 libecpg-compat3-dbgsym_11.10-0+deb10u1_ppc64el.deb
 56ab2363cea009136952545f42814d4dc17fc27538403e9f82a74c852e43d52a 19436 libecpg-compat3_11.10-0+deb10u1_ppc64el.deb
 506be42eda6051a557e242f7146d06fa0bbf03d6aa57305914b182a43cd14240 197696 libecpg-dev-dbgsym_11.10-0+deb10u1_ppc64el.deb
 a3019e078a6cb3df663a5f197e5876937be7ea01b31ffff6c730d7210827d60e 242860 libecpg-dev_11.10-0+deb10u1_ppc64el.deb
 ae76ecb0a2c77e724c213ad6d07738aa3f1b52deabbb6a136a4145ec92b48f41 112228 libecpg6-dbgsym_11.10-0+deb10u1_ppc64el.deb
 129336da222a9bc9811403f9db475f9b7ded7bead78fa78cde1d20ec1a04940e 91644 libecpg6_11.10-0+deb10u1_ppc64el.deb
 c5faa3716c0a4e7e9e440f3318c200a0577ddc47bc6654ae801cd52e16fc044d 79052 libpgtypes3-dbgsym_11.10-0+deb10u1_ppc64el.deb
 79e00e9d46c93a15358dfa0dff7d6431ffa7877dfc9392f6170affd5e0768719 45012 libpgtypes3_11.10-0+deb10u1_ppc64el.deb
 ba653147e8f3fd5d697a4d8f27e4d37bb95c6d109c67529a8a1abbb548e849ba 180052 libpq-dev_11.10-0+deb10u1_ppc64el.deb
 d4e3b88c4b9333f9843100e1eeb90c193bceae4138652dbb1cf61d0861ea6b76 301108 libpq5-dbgsym_11.10-0+deb10u1_ppc64el.deb
 81ab89cbe6877457e05f4eb43b2a4dcdb2b49d1cbfa1ee5538adcf526ae0bd99 180800 libpq5_11.10-0+deb10u1_ppc64el.deb
 de73dd850e5c268c8907d64d432ea2fe890cb00504d3921e9ff4e3cbe9066df2 19394412 postgresql-11-dbgsym_11.10-0+deb10u1_ppc64el.deb
 30f3549b4a8e35a10c3464e5d1db980a371d73b17d9397b97689e8012584b390 16632 postgresql-11_11.10-0+deb10u1_ppc64el-buildd.buildinfo
 1c4148068d4091e0dea28137f9ec695c722fc9753901790ef64fc97e84394efa 14448772 postgresql-11_11.10-0+deb10u1_ppc64el.deb
 38c07dd5091b5f5924ca6efb220767e71e1f767a36f09189f4cdaf99c2070ef5 1944244 postgresql-client-11-dbgsym_11.10-0+deb10u1_ppc64el.deb
 512ced07524a1b3fef5b02ac7647da0f0e7d1537e0c9c41576fb9d3ecd019106 1432128 postgresql-client-11_11.10-0+deb10u1_ppc64el.deb
 4fede80655bb1d9aba891a6a61cbf4ffb36c7f04168142c856866d8e38f459a3 250624 postgresql-plperl-11-dbgsym_11.10-0+deb10u1_ppc64el.deb
 8070436a38e2ab5ca95e7af2b180c09e499e284e618e5845d2d9e5bc5984541b 67116 postgresql-plperl-11_11.10-0+deb10u1_ppc64el.deb
 a794cde3b4520ad92f193e73033a04ed545cabdbf20c1ebee29b951950d1f415 308860 postgresql-plpython-11-dbgsym_11.10-0+deb10u1_ppc64el.deb
 9b41b4b0b76935af51630b9cb1306c422866731d0324d130be109469389f9f86 57660 postgresql-plpython-11_11.10-0+deb10u1_ppc64el.deb
 724dd3961428a8fd37e249ab8b2f6ffdf747073dda3ca7d246e008ee166fdaeb 336476 postgresql-plpython3-11-dbgsym_11.10-0+deb10u1_ppc64el.deb
 5a1df1fa82074442fde9f5882fa6295efc5118bc6dfee5b51444ddb2d19e4c79 74032 postgresql-plpython3-11_11.10-0+deb10u1_ppc64el.deb
 5ce8d94cb23b431f587e5c673a574af0efab2533c41dafceaeb9e89e77cbc014 100624 postgresql-pltcl-11-dbgsym_11.10-0+deb10u1_ppc64el.deb
 a7b07ff752da346d2a7b293247fd1a48fc5caf8bd6bb9f6f68f577bab17fc4c5 39940 postgresql-pltcl-11_11.10-0+deb10u1_ppc64el.deb
 9fbcea0fd1fb4fcae5caabf8f4beb772485bbdf73f322ee4af2d34afdb36f123 104684 postgresql-server-dev-11-dbgsym_11.10-0+deb10u1_ppc64el.deb
 86650908e629a6bc57dff92f11f3b9472ac828d85f49ba42e4730d33f1c6e8fe 948892 postgresql-server-dev-11_11.10-0+deb10u1_ppc64el.deb
Files:
 aad093bc3b98ca104d1ad738f97ed082 19200 debug optional libecpg-compat3-dbgsym_11.10-0+deb10u1_ppc64el.deb
 9f67a62d253c84a30a84964a8b0e09e8 19436 libs optional libecpg-compat3_11.10-0+deb10u1_ppc64el.deb
 1d6b8e7bfc0f2e16248557eb0f814eb4 197696 debug optional libecpg-dev-dbgsym_11.10-0+deb10u1_ppc64el.deb
 1ff356f251efb005668ef5374a56c991 242860 libdevel optional libecpg-dev_11.10-0+deb10u1_ppc64el.deb
 111228688241db32e70ce2e9fe49a896 112228 debug optional libecpg6-dbgsym_11.10-0+deb10u1_ppc64el.deb
 d562bd9de2710d12d74da55b041d0ea4 91644 libs optional libecpg6_11.10-0+deb10u1_ppc64el.deb
 8cf31097a1c25886e37f9fccdfe53cb9 79052 debug optional libpgtypes3-dbgsym_11.10-0+deb10u1_ppc64el.deb
 558f5e254a35125333ef184f787db9b2 45012 libs optional libpgtypes3_11.10-0+deb10u1_ppc64el.deb
 4fde477f7164a6ac71ad1a3f391e5140 180052 libdevel optional libpq-dev_11.10-0+deb10u1_ppc64el.deb
 042541cc8889c3d90b7f51748e2cf534 301108 debug optional libpq5-dbgsym_11.10-0+deb10u1_ppc64el.deb
 cc862ce1a33a6135ad617b6ffe18e377 180800 libs optional libpq5_11.10-0+deb10u1_ppc64el.deb
 803b016dcd211ba79fd44f1343f3aa26 19394412 debug optional postgresql-11-dbgsym_11.10-0+deb10u1_ppc64el.deb
 d23d7b3aa6454cd4785a62001117da79 16632 database optional postgresql-11_11.10-0+deb10u1_ppc64el-buildd.buildinfo
 4ae094d288381a10427355a77cec112a 14448772 database optional postgresql-11_11.10-0+deb10u1_ppc64el.deb
 fc54705c14c612ec1d73f197344dfb7a 1944244 debug optional postgresql-client-11-dbgsym_11.10-0+deb10u1_ppc64el.deb
 7fb6c93009f6d1426096d83133b2b0fb 1432128 database optional postgresql-client-11_11.10-0+deb10u1_ppc64el.deb
 074294aa8c13315b17e6cce69bd50938 250624 debug optional postgresql-plperl-11-dbgsym_11.10-0+deb10u1_ppc64el.deb
 5081ec5f910a2b25a86b1f919b70a68a 67116 database optional postgresql-plperl-11_11.10-0+deb10u1_ppc64el.deb
 b85ac62b2dfbd50c64f7319cd5d046f3 308860 debug optional postgresql-plpython-11-dbgsym_11.10-0+deb10u1_ppc64el.deb
 43213875adaf67041576e7d9312bae3d 57660 database optional postgresql-plpython-11_11.10-0+deb10u1_ppc64el.deb
 53623d236c51b592a349270f46c6eac6 336476 debug optional postgresql-plpython3-11-dbgsym_11.10-0+deb10u1_ppc64el.deb
 8fcb3e7388c8945412670ffd8160a713 74032 database optional postgresql-plpython3-11_11.10-0+deb10u1_ppc64el.deb
 f881a56fd5569213f346b500fa5c9999 100624 debug optional postgresql-pltcl-11-dbgsym_11.10-0+deb10u1_ppc64el.deb
 417475cfd795e6b9959b4e669034e852 39940 database optional postgresql-pltcl-11_11.10-0+deb10u1_ppc64el.deb
 a112ff9293144ffda2a972744de50a42 104684 debug optional postgresql-server-dev-11-dbgsym_11.10-0+deb10u1_ppc64el.deb
 f747affed26c18a7a87cc2423915940d 948892 libdevel optional postgresql-server-dev-11_11.10-0+deb10u1_ppc64el.deb

-----BEGIN PGP SIGNATURE-----

iQIzBAEBCgAdFiEEyl4agJ4TauxiSNGQursC4Iy2jF0FAl/NnfkACgkQursC4Iy2
jF3roBAAykou57tA3EPslbAzjCwleSxF7UwfXGmnN1chgtZyxP/+lPtLF8Z0SDPv
W09X5YMa0+psYfQs28QTa4K3FwLnV4ahzUy9UfUM76CveSTuXml0tz8K0CDF3fhy
zEBDSiEcAg4M2W8CVfiEXSNpAmbwDMeBVPNPoBkXId+1rbh9LriBheHHxg+cwdDv
nNmHmi7gb+vf+mlh7x3r6+yRVKZwUTc6gApFz6w1/OLPDw8bIZGy7y/vMGMxW9v1
eiFfhPKqxUinRJrPoDZtaD01WtNA9ja3EcYL8rOlOfNowJWQZnKjf1mI2ZQb8Z4E
U9XzMa84H3D5+kVKORJBU4Q7oDtjYIaT9q0oDfQa6S/b792fFojmn4pSa/DO4Wg9
lmlGHWGgc4r/QC4ZUCegKgN8NqbldJngdB1vd+W3hJh9+0s+p2As+On5kEwl233v
opUl+T3LI8cpq2P1FRFzVcBMPD+5LFkJLKvdFhtdJYoHbDY++SYLWzrmWtkoUOs2
N+8CoqG4ckZ2suE04Wcypw4wQcj8524wzNJ2b3bdxeRGvl6dvgv/NUsqJAjW8xrN
KzqOAZ2rUrHP0zw3B6da96nzzhXhRIAnrG88Yqw+BkrSFcJVQqCaR44ku0A1pwTf
MxZ7hIINUpcVGv5FwK2PxZ1vBByM4UW+CwiqsN0rqyxr1AhHusk=
=prAP
-----END PGP SIGNATURE-----