-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA512

Format: 1.8
Date: Tue, 01 Dec 2020 10:04:12 +0100
Source: postgresql-11
Binary: libecpg-compat3 libecpg-compat3-dbgsym libecpg-dev libecpg-dev-dbgsym libecpg6 libecpg6-dbgsym libpgtypes3 libpgtypes3-dbgsym libpq-dev libpq5 libpq5-dbgsym postgresql-11 postgresql-11-dbgsym postgresql-client-11 postgresql-client-11-dbgsym postgresql-plperl-11 postgresql-plperl-11-dbgsym postgresql-plpython-11 postgresql-plpython-11-dbgsym postgresql-plpython3-11 postgresql-plpython3-11-dbgsym postgresql-pltcl-11 postgresql-pltcl-11-dbgsym postgresql-server-dev-11 postgresql-server-dev-11-dbgsym
Architecture: s390x
Version: 11.10-0+deb10u1
Distribution: buster
Urgency: medium
Maintainer: s390x Build Daemon (zandonai) <buildd_s390x-zandonai@buildd.debian.org>
Changed-By: Christoph Berg <myon@debian.org>
Description:
 libecpg-compat3 - older version of run-time library for ECPG programs
 libecpg-dev - development files for ECPG (Embedded PostgreSQL for C)
 libecpg6   - run-time library for ECPG programs
 libpgtypes3 - shared library libpgtypes for PostgreSQL 11
 libpq-dev  - header files for libpq5 (PostgreSQL library)
 libpq5     - PostgreSQL C client library
 postgresql-11 - object-relational SQL database, version 11 server
 postgresql-client-11 - front-end programs for PostgreSQL 11
 postgresql-plperl-11 - PL/Perl procedural language for PostgreSQL 11
 postgresql-plpython-11 - PL/Python procedural language for PostgreSQL 11
 postgresql-plpython3-11 - PL/Python 3 procedural language for PostgreSQL 11
 postgresql-pltcl-11 - PL/Tcl procedural language for PostgreSQL 11
 postgresql-server-dev-11 - development files for PostgreSQL 11 server-side programming
Closes: 974063
Changes:
 postgresql-11 (11.10-0+deb10u1) buster; urgency=medium
 .
   * New upstream version.
     + Fixes timetz regression test failures. (Closes: #974063)
 .
     + Block DECLARE CURSOR ... WITH HOLD and firing of deferred triggers
       within index expressions and materialized view queries (Noah Misch)
 .
       This is essentially a leak in the security restricted operation sandbox
       mechanism.  An attacker having permission to create non-temporary SQL
       objects could parlay this leak to execute arbitrary SQL code as a
       superuser.
 .
       The PostgreSQL Project thanks Etienne Stalmans for reporting this
       problem. (CVE-2020-25695)
 .
     + Fix usage of complex connection-string parameters in pg_dump,
       pg_restore, clusterdb, reindexdb, and vacuumdb (Tom Lane)
 .
       The -d parameter of pg_dump and pg_restore, or the --maintenance-db
       parameter of the other programs mentioned, can be a connection string
       containing multiple connection parameters rather than just a database
       name.  In cases where these programs need to initiate additional
       connections, such as parallel processing or processing of multiple
       databases, the connection string was forgotten and just the basic
       connection parameters (database name, host, port, and username) were
       used for the additional connections.  This could lead to connection
       failures if the connection string included any other essential
       information, such as non-default SSL or GSS parameters. Worse, the
       connection might succeed but not be encrypted as intended, or be
       vulnerable to man-in-the-middle attacks that the intended connection
       parameters would have prevented. (CVE-2020-25694)
 .
     + When psql's \connect command re-uses connection parameters, ensure that
       all non-overridden parameters from a previous connection string are
       re-used (Tom Lane)
 .
       This avoids cases where reconnection might fail due to omission of
       relevant parameters, such as non-default SSL or GSS options. Worse, the
       reconnection might succeed but not be encrypted as intended, or be
       vulnerable to man-in-the-middle attacks that the intended connection
       parameters would have prevented. This is largely the same problem as
       just cited for pg_dump et al, although psql's behavior is more complex
       since the user may intentionally override some connection parameters.
       (CVE-2020-25694)
 .
     + Prevent psql's \gset command from modifying specially-treated variables
       (Noah Misch)
 .
       \gset without a prefix would overwrite whatever variables the server
       told it to.  Thus, a compromised server could set specially-treated
       variables such as PROMPT1, giving the ability to execute arbitrary shell
       code in the user's session.
 .
       The PostgreSQL Project thanks Nick Cleaton for reporting this problem.
       (CVE-2020-25696)
Checksums-Sha1:
 b168db5f3370c70cc5f500c5a25dc88a6bf588c5 18880 libecpg-compat3-dbgsym_11.10-0+deb10u1_s390x.deb
 c8a716f88c3780c630d29ae1b54d2362ecc205f9 18208 libecpg-compat3_11.10-0+deb10u1_s390x.deb
 bb628611f66894a46e22beb5522c6da05aed6e68 232936 libecpg-dev-dbgsym_11.10-0+deb10u1_s390x.deb
 cc3270fe149e5d79be6cc0fd086280ddfd7f7e0b 225640 libecpg-dev_11.10-0+deb10u1_s390x.deb
 391c1170073ccbf89fe8a310434049887f6a4693 112896 libecpg6-dbgsym_11.10-0+deb10u1_s390x.deb
 df4ed8c60bb4f168d62a73720898d1d4f7801cb0 85484 libecpg6_11.10-0+deb10u1_s390x.deb
 71d6100fea2d9f308432ea99fb45708d22ede23b 79724 libpgtypes3-dbgsym_11.10-0+deb10u1_s390x.deb
 6dd41d9dc27f67e722c9cfac1a396b5a07a13679 40008 libpgtypes3_11.10-0+deb10u1_s390x.deb
 6ad91aec90b31a5cc7bde6df797260ff67141ca9 157528 libpq-dev_11.10-0+deb10u1_s390x.deb
 01dfc279104d88bbd0f41b5b00b930d38a419883 298464 libpq5-dbgsym_11.10-0+deb10u1_s390x.deb
 7915271c1f2d9987418123a45c5cb5b63637ccc5 160484 libpq5_11.10-0+deb10u1_s390x.deb
 9cf2c3bc93bfec4c28003dfa2e94a35d1556c5d6 19667412 postgresql-11-dbgsym_11.10-0+deb10u1_s390x.deb
 c6a759daa2fa7509d2a9b3828fe2367ef8c73bc7 16396 postgresql-11_11.10-0+deb10u1_s390x-buildd.buildinfo
 22d2faf1e2f18afd09fbe7d173964f8985c264e9 13891288 postgresql-11_11.10-0+deb10u1_s390x.deb
 988b6dc756b11c7fbdea0babad2ab9524280e875 1937320 postgresql-client-11-dbgsym_11.10-0+deb10u1_s390x.deb
 3be199357608437c1d843aab61256128986f8870 1361744 postgresql-client-11_11.10-0+deb10u1_s390x.deb
 cc071887a4e4e00207350092bb33b98353e3ce17 248588 postgresql-plperl-11-dbgsym_11.10-0+deb10u1_s390x.deb
 2e91ac4c5708107f22f2bc67ae0b4e0086fe1e16 63016 postgresql-plperl-11_11.10-0+deb10u1_s390x.deb
 44a23875ada4ae74d6953cd7ef8a2142c167c11b 306868 postgresql-plpython-11-dbgsym_11.10-0+deb10u1_s390x.deb
 b2dbe89a125b3c5b01900bb72af53434f6864c38 52904 postgresql-plpython-11_11.10-0+deb10u1_s390x.deb
 8d1db53a0a0fc4cd9fa9991d6ad8423bebfb5ee3 335260 postgresql-plpython3-11-dbgsym_11.10-0+deb10u1_s390x.deb
 7c893bc0bfcd48f03085b7296404788644321990 69808 postgresql-plpython3-11_11.10-0+deb10u1_s390x.deb
 cc9ef683c8b281996775c2d6618097708955b259 99052 postgresql-pltcl-11-dbgsym_11.10-0+deb10u1_s390x.deb
 13a849fcb541fba1a5dbd341387b40283778edbd 37996 postgresql-pltcl-11_11.10-0+deb10u1_s390x.deb
 583e3d6daa89198c1cc7190868ec0155e5b661fc 104128 postgresql-server-dev-11-dbgsym_11.10-0+deb10u1_s390x.deb
 45a671243201c35d1f7562001657c49228a928c1 931416 postgresql-server-dev-11_11.10-0+deb10u1_s390x.deb
Checksums-Sha256:
 98e88145186cced8f1958ea2fe0b8fe671b09921eb1813524c017591e42aea38 18880 libecpg-compat3-dbgsym_11.10-0+deb10u1_s390x.deb
 28ffcb244d5ae02f4d29c6d8c389f037b7a411e67b6714ba29b0e60c0c165e86 18208 libecpg-compat3_11.10-0+deb10u1_s390x.deb
 c9af67973c85a6156afbe9b836c5e3337434d60ee7646c6914abd10006d74be2 232936 libecpg-dev-dbgsym_11.10-0+deb10u1_s390x.deb
 d9f469251e3418ab73c25e6dd8ec52bb1ec95b0d8be348518a94adaad527646a 225640 libecpg-dev_11.10-0+deb10u1_s390x.deb
 1c155c34eaf48c5734af2100b75660c4631bfc05a7ded84f9ed37ea92f0fb1cc 112896 libecpg6-dbgsym_11.10-0+deb10u1_s390x.deb
 4bc7a5f421487e87ccd363385401315e124ccaa90942b18f18574f00418cc06c 85484 libecpg6_11.10-0+deb10u1_s390x.deb
 45f6ab0b0fe8962f3c894f941979cb82f052a0fa6821b574d500ecbdade6d61e 79724 libpgtypes3-dbgsym_11.10-0+deb10u1_s390x.deb
 6b3c871ded76055cb50dc61572ede9106c91f006ad40da2a1c6343cc7be1b486 40008 libpgtypes3_11.10-0+deb10u1_s390x.deb
 1a677b87cb3be9bfd969006e244b576732d53689a22888c8bde046b259f76099 157528 libpq-dev_11.10-0+deb10u1_s390x.deb
 440ad1e82e8bbcd17c6d3c81d4a4fea7a802395f2134f921167a895cfc0e794d 298464 libpq5-dbgsym_11.10-0+deb10u1_s390x.deb
 a802c3a87d9e4dba613261a4c03ef3d60ab4e52bcc39b3241f3f33e93913ed5c 160484 libpq5_11.10-0+deb10u1_s390x.deb
 bbcc341a2f54e6f6e37353239ef9cccec854aa23bca7c4421c7b41825fd89fe0 19667412 postgresql-11-dbgsym_11.10-0+deb10u1_s390x.deb
 6af48579beae3a3cfaee642c672a08cf8c42f1e610464af845cc51fe269b09cd 16396 postgresql-11_11.10-0+deb10u1_s390x-buildd.buildinfo
 c0090a9d6b6bb126c020a58efc49fb292e2662b9bcb6e8c18424244f5ab9d2ca 13891288 postgresql-11_11.10-0+deb10u1_s390x.deb
 0eaf51c62da783b3d55b62fa43c4ee26b77861d79f1f46aa649d5683b58a17b4 1937320 postgresql-client-11-dbgsym_11.10-0+deb10u1_s390x.deb
 ff2949333a5929425e7265cfa52ef2f6d0502570ba758e20e11b8a3a86b712f1 1361744 postgresql-client-11_11.10-0+deb10u1_s390x.deb
 702195537e7aae51459041b449a7967ffe49b584e381f5fa882969976f2e06a3 248588 postgresql-plperl-11-dbgsym_11.10-0+deb10u1_s390x.deb
 dd3b46f23c9fb2975ebb2d2ab3e4a55a4307c9fff09974560707c3bfec6187a4 63016 postgresql-plperl-11_11.10-0+deb10u1_s390x.deb
 ce513c9d9a4a9d89408a1668e40ce53aac94ab14ad684ccc8708c14a4aab739c 306868 postgresql-plpython-11-dbgsym_11.10-0+deb10u1_s390x.deb
 b0521fcd27d9ccb87eedb9fb2802741422189beb82f742fab0cbd7b44074e735 52904 postgresql-plpython-11_11.10-0+deb10u1_s390x.deb
 e5b26bf3df1ee5c8bafc425dc88340f7db70d379da17ac1d06ed6c2dc9f1c379 335260 postgresql-plpython3-11-dbgsym_11.10-0+deb10u1_s390x.deb
 a9f88bd9aa85894df7d22b14d709161cc892ac966c498d76f22eb4f124377a05 69808 postgresql-plpython3-11_11.10-0+deb10u1_s390x.deb
 3d958e51cd5a5b650748610fe081e84650723f0a4fec2ffd6a22eaa90e9e98ce 99052 postgresql-pltcl-11-dbgsym_11.10-0+deb10u1_s390x.deb
 26337ddf7f21eb6879a7780a3d63edf05c7f924a17e4f2d9d85844c6938f7974 37996 postgresql-pltcl-11_11.10-0+deb10u1_s390x.deb
 db0de3b52782d3fab7ba493d6fb2ef5c7ed3d2bc7feaa666791933b7c3deb8d1 104128 postgresql-server-dev-11-dbgsym_11.10-0+deb10u1_s390x.deb
 27baf13f51d2d454360a059be81a5bf069342c8c973fca5ecb71b83a4226c5f1 931416 postgresql-server-dev-11_11.10-0+deb10u1_s390x.deb
Files:
 4f8b0467bafa695656b2b52880a4a3f1 18880 debug optional libecpg-compat3-dbgsym_11.10-0+deb10u1_s390x.deb
 73e26979ea76648b03f1dfb54f46f1a1 18208 libs optional libecpg-compat3_11.10-0+deb10u1_s390x.deb
 d4bfe91960131e1bfb0f403bcf5bdc90 232936 debug optional libecpg-dev-dbgsym_11.10-0+deb10u1_s390x.deb
 e960e3e5d1b4cbbfba84bff8c5d4639d 225640 libdevel optional libecpg-dev_11.10-0+deb10u1_s390x.deb
 9169ecebbf9cac72a3cf118f7c65cef9 112896 debug optional libecpg6-dbgsym_11.10-0+deb10u1_s390x.deb
 7c98d349cf0b065a1dea201c4fbf1e5c 85484 libs optional libecpg6_11.10-0+deb10u1_s390x.deb
 0f65bd3ad2f9eb144fe893c128c6257b 79724 debug optional libpgtypes3-dbgsym_11.10-0+deb10u1_s390x.deb
 8c04fa8a5b9015d2b3eac76954f0604c 40008 libs optional libpgtypes3_11.10-0+deb10u1_s390x.deb
 95d3af03193bc3693f0e14756ea8c79c 157528 libdevel optional libpq-dev_11.10-0+deb10u1_s390x.deb
 30455500a97a4db3d408072aaef931e5 298464 debug optional libpq5-dbgsym_11.10-0+deb10u1_s390x.deb
 aa0db742dd11f7b29f1fef72062cc3aa 160484 libs optional libpq5_11.10-0+deb10u1_s390x.deb
 f2306989edd7685131fdd17f4a2e52b4 19667412 debug optional postgresql-11-dbgsym_11.10-0+deb10u1_s390x.deb
 e904f50564eaa18e0e8a7139546a7325 16396 database optional postgresql-11_11.10-0+deb10u1_s390x-buildd.buildinfo
 172c1df41e1e1fe26136be6e60d14d26 13891288 database optional postgresql-11_11.10-0+deb10u1_s390x.deb
 ac5ef12a38e10007ae4ce03a5f81d289 1937320 debug optional postgresql-client-11-dbgsym_11.10-0+deb10u1_s390x.deb
 992c48899df7f834fbbc9d6418bf26f3 1361744 database optional postgresql-client-11_11.10-0+deb10u1_s390x.deb
 7dd2cf424a58c76cde8a25c588f65a8d 248588 debug optional postgresql-plperl-11-dbgsym_11.10-0+deb10u1_s390x.deb
 40bfb4b490e1fe99bf64db8b9f3061ab 63016 database optional postgresql-plperl-11_11.10-0+deb10u1_s390x.deb
 a076346ced36b6bf13f24b664b827586 306868 debug optional postgresql-plpython-11-dbgsym_11.10-0+deb10u1_s390x.deb
 54ef5e25432ba478fe3ea39b562c02a8 52904 database optional postgresql-plpython-11_11.10-0+deb10u1_s390x.deb
 905393198d6a65663d463f09e39b8823 335260 debug optional postgresql-plpython3-11-dbgsym_11.10-0+deb10u1_s390x.deb
 f721dc38afb3f1404c635c73e418ac52 69808 database optional postgresql-plpython3-11_11.10-0+deb10u1_s390x.deb
 0df2ea4f899f275f5ecd8b187d4a9c15 99052 debug optional postgresql-pltcl-11-dbgsym_11.10-0+deb10u1_s390x.deb
 18485d1f9b8a8376b3c1c0b33356662b 37996 database optional postgresql-pltcl-11_11.10-0+deb10u1_s390x.deb
 828284c4e12a959086dabc98e2a47bab 104128 debug optional postgresql-server-dev-11-dbgsym_11.10-0+deb10u1_s390x.deb
 b82d0488f072754217802cc915d794e4 931416 libdevel optional postgresql-server-dev-11_11.10-0+deb10u1_s390x.deb

-----BEGIN PGP SIGNATURE-----

iQIzBAEBCgAdFiEE8uw0yPYSamvqvOJhtbaPnIRkZ18FAl/Nm1cACgkQtbaPnIRk
Z1+X2w//bBQkrpomzgtw2Gi1d3soGL/RWHgHQCpkRdmtiFDK0hrlG8GqL82mDgPa
Kec4DgEEkAUGjfxmb+coQyeuIclGnXzlANQ/6w75YmHYZ9jerOj5D2ItS7QS44zx
xQjf7hddwP6Q+VlMd7DJ2YZ40S4WLaca5PVmPyWg0nOGFcP3x87BoT8mAzMmqCdI
Joe2QcPZlDT9ro9/6XMLv6dd7HZXPPd3lGGclQwfmZPmnPksuDA8mZsWQNFIGYn6
H1BVhdYXoBJPBM1zdrc7GeFsdcr9gJet1NopSjmTeRrE5AsvVfUYFKkcHlx27hLp
sihB1GHDcZjAfDvcRd0erj3j8NZTYq6N14HnPewzHXb3kAik/xbxv8ehq04QaHRQ
XmiaxxfW/KUTPiUYiZl/VzAlJ7DvBkO3l+3zttdl2YoWkGsHWdBlHB2zMOWkSZAV
ZXIPc40nAUHugP6Dx1lx4bJbLEMhMPNrpPWIUQytPqS14rs/q/uya+Bzgjie12KN
uQS9FwxiS8D8g5Gc2olEQl+CD7XOl47wmy9ZUSUCVbWEAUYiw9OK2vBLwBw2qMWA
lvNqO339WqTnebTfc4dXpFhIriHBhgb9dm0a0CiiFSpZr3WUCeA9K7UfWGwcLdIT
xDYc2doPTfgqKaonyp0uhxlB79Ae9F2OgABs/EMQ1IK0rDup+Zc=
=Ejbd
-----END PGP SIGNATURE-----