pgpool2 (4.1.4-3+deb11u2) bullseye-security; urgency=medium * Non-maintainer upload by the Debian LTS Team. * Fix CVE-2025-46801 (Closes: #1106119) Pgpool-II contains an authentication bypass by primary weakness vulnerability. if the vulnerability is exploited, an attacker may be able to log in to the system as an arbitrary user, allowing them to read or tamper with data in the database, and/or disable the database. . If enable_pool_hba = on, it's auth method is "password", no password is registered in pool_passwd, and auth method in pg_hba.conf is "scram-sha-256" or "md5", for the first time when a client connects to pgpool, authentication is performed as expected. But if a client connects to the cached connection, any password from the client is accepted. . This vulnerability affects systems where the authentication configuration matches one of the following patterns: . Pattern 1: This vulnerability occurs when all of the following conditions are met: . - The password authentication method is used in pool_hba.conf - allow_clear_text_frontend_auth = off - The user's password is not set in pool_passwd - The scram-sha-256 or md5 authentication method is used in pg_hba.conf . Pattern 2: This vulnerability occurs when all of the following conditions are met: . - enable_pool_hba = off - One of the following authentication methods is used in pg_hba.conf: password, pam, or ldap . Pattern 3: This vulnerability occurs when all of the following conditions are met: . - Raw mode is used (backend_clustering_mode = 'raw') - The md5 authentication method is used in pool_hba.conf - allow_clear_text_frontend_auth = off - The user's password is registered in pool_passwd in plain text or AES format - One of the following authentication methods is used in pg_hba.conf: password, pam, or ldap . Alternatively, you can modify your settings so that they do not match any of the vulnerable configuration patterns. * debian/tests/jdbc-tests: Use scram-sha-256 authentication. -- Bastien Roucariès Sun, 12 Oct 2025 11:02:59 +0200 pgpool2 (4.1.4-3+deb11u1) bullseye-security; urgency=medium * Non-maintainer upload by the Debian LTS Team. * Fix CVE-2023-22332, CVE-2024-45624 -- Abhijith PA Tue, 10 Dec 2024 20:14:24 +0530 pgpool2 (4.1.4-3) unstable; urgency=medium * Fix connection count when query is canceled. (Closes: #987183, upstream #656, git 6d6e4cc3). -- Christoph Berg Mon, 19 Apr 2021 17:43:35 +0200 pgpool2 (4.1.4-2) unstable; urgency=medium * Bump test-dependency on pg-common for `pg_buildext psql`. * Test-depend on locales-all instead of generating locales ourselves. * R³: no. -- Christoph Berg Fri, 09 Oct 2020 16:48:13 +0200 pgpool2 (4.1.4-1) unstable; urgency=medium * New upstream version. * Upload for PostgreSQL 13. * debian/tests: Use pg_buildext psql. -- Christoph Berg Tue, 06 Oct 2020 15:43:01 +0200 pgpool2 (4.1.2-2) unstable; urgency=medium * debian/tests/jdbc-tests: pgjdbc 42.2.15 adds gssEncMode, disable it here since pgpool2 doesn't support it yet. -- Christoph Berg Tue, 11 Aug 2020 15:22:55 +0200 pgpool2 (4.1.2-1) unstable; urgency=medium [ Debian Janitor ] * Trim trailing whitespace. * Remove unnecessary XS-Testsuite field in debian/control. * Replace use of deprecated $ADTTMP with $AUTOPKGTEST_TMP. [ Christoph Berg ] * New upstream version. * DH 13: drop explicit dh_autoreconf, dh_systemd, and fail-missing. * Bump S-V. * pgpool2: Add misc:Pre-Depends as per Lintian. -- Christoph Berg Mon, 25 May 2020 13:27:39 +0200 pgpool2 (4.1.1-2) unstable; urgency=medium * postgresql-*-pgpool2: Relax dependency on libpgpool0 so module packages for older PG versions don't become uninstallable once the libpgpool0 version advances. -- Christoph Berg Fri, 28 Feb 2020 12:01:10 +0100 pgpool2 (4.1.1-1) unstable; urgency=medium * New upstream version. -- Christoph Berg Thu, 27 Feb 2020 13:12:23 +0100 pgpool2 (4.1.0-1) unstable; urgency=medium * New upstream version. * Disable hurd-i386. (Closes: #876939) -- Christoph Berg Mon, 11 Nov 2019 14:13:39 +0100 pgpool2 (4.0.6-2) unstable; urgency=medium * Upload for PostgreSQL 12. -- Christoph Berg Wed, 30 Oct 2019 09:32:36 +0100 pgpool2 (4.0.6-1) unstable; urgency=medium * New upstream version. -- Christoph Berg Mon, 26 Aug 2019 13:20:32 +0200 pgpool2 (4.0.5-1) experimental; urgency=medium * New upstream version. -- Christoph Berg Fri, 31 May 2019 15:11:21 +0200 pgpool2 (4.0.4-1) experimental; urgency=medium * New upstream version. -- Christoph Berg Fri, 12 Apr 2019 09:17:45 +0200 pgpool2 (4.0.2-1) unstable; urgency=medium * New upstream version. -- Christoph Berg Mon, 03 Dec 2018 14:39:30 +0100 pgpool2 (3.7.5-2) unstable; urgency=medium * Upload for PostgreSQL 11. -- Christoph Berg Fri, 12 Oct 2018 13:43:34 +0200 pgpool2 (3.7.5-1) unstable; urgency=medium * New upstream version. -- Christoph Berg Wed, 11 Jul 2018 22:36:50 +0200 pgpool2 (3.7.4-1) unstable; urgency=medium * New upstream version. * Move maintainer address to team+postgresql@tracker.debian.org. -- Christoph Berg Sun, 08 Jul 2018 17:35:17 +0200 pgpool2 (3.7.3-1) unstable; urgency=medium * New upstream version. -- Christoph Berg Sun, 27 May 2018 22:39:13 +0200 pgpool2 (3.7.2-1) unstable; urgency=medium * New upstream version. * Use SIGINT to stop service. Suggested by Gunnar Bluth, thanks! (Closes: #828769) * Move packaging repository to salsa.debian.org -- Christoph Berg Sun, 18 Feb 2018 12:52:30 +0100 pgpool2 (3.6.7-1) unstable; urgency=medium * New upstream version. + Supports OpenSSL 1.1. (Closes: #859552) * Remove pgpool2-dbg package. * Fix path of pg_md5 and pcp_recovery_node in scripts. (Closes: #877851) -- Christoph Berg Thu, 16 Nov 2017 20:59:45 +0100 pgpool2 (3.6.6-2) unstable; urgency=medium * Remove rpath from pgpool_adm.so. -- Christoph Berg Mon, 25 Sep 2017 18:37:22 +0200 pgpool2 (3.6.6-1) unstable; urgency=medium * Team upload for PostgreSQL 10 support. * New upstream version. -- Christoph Berg Fri, 22 Sep 2017 11:40:11 +0200 pgpool2 (3.6.5-1) unstable; urgency=medium * New upstream version. -- Christoph Berg Sat, 22 Jul 2017 20:43:10 +0200 pgpool2 (3.6.4-1) experimental; urgency=medium * Team upload. * New upstream version. -- Christoph Berg Mon, 15 May 2017 16:28:17 +0200 pgpool2 (3.6.2-1) experimental; urgency=medium * New upstream version. -- Christoph Berg Tue, 28 Mar 2017 22:10:10 +0200 pgpool2 (3.6.1-1) unstable; urgency=medium * Team upload. * New upstream version. -- Christoph Berg Thu, 12 Jan 2017 10:51:06 +0100 pgpool2 (3.6.0-1) unstable; urgency=medium * New upstream version. * B-D on libssl1.0-dev. (Closes: #828497) * Add B-D to build sgml docs and the grammar. -- Christoph Berg Sat, 17 Dec 2016 18:25:14 +0100 pgpool2 (3.5.4-2) unstable; urgency=medium * Upload with 9.6 support. -- Christoph Berg Tue, 27 Sep 2016 19:39:54 +0200 pgpool2 (3.5.4-1) unstable; urgency=medium * New upstream version. -- Adrian Vondendriesch Fri, 16 Sep 2016 19:37:38 +0200 pgpool2 (3.5.3-1) unstable; urgency=medium * Imported Upstream version 3.5.3 (Closes: 828769). * Add myself to uploaders. * Bump standards version to 3.9.8. * Ship empty pool_passwd file to prevent startup failure. * Add flex to B-D. -- Adrian Vondendriesch Sat, 18 Jun 2016 13:01:33 +0200 pgpool2 (3.5.0-1~1.gbp815608) unstable; urgency=medium ** SNAPSHOT build @81560881464342d9cdd0b992673274a62036ab64 ** [ Christoph Berg ] * Add reload capability to init script, thanks to Gunnar "Nick" Bluth for the patch! [ Marco Nenciarini ] * Update debian/watch file * Imported Upstream version 3.5.0 -- Marco Nenciarini Wed, 24 Feb 2016 00:02:49 +0100 pgpool2 (3.4.3-1) unstable; urgency=medium [ Marco Nenciarini ] * Imported Upstream version 3.4.3 * Adapt packaging to 3.4 source layout * Disable parser and timestamp tests because they are broken * Bump Standards-Version to 3.9.6 (no changes required) * Remove old lintian overrides and svn-buildpackage config * Install the new pgpool.8 manpage * Add pgpool2-dbg debug package * Add myself to Uploaders * Remove support for pgpool extensions with Postgres versions less than 9.3 * Fix jdbc tests when systemd is active * Build for PostgreSQL 9.5 (Closes: #810636) [ Christoph Berg ] * Explicitly bind to 127.0.0.1 when running tests -- Marco Nenciarini Tue, 02 Feb 2016 22:56:38 +0100 pgpool2 (3.3.4-1) unstable; urgency=medium * New upstream release. * Remove test patches that no longer apply. * Skip installcheck test on 8.4/9.0. * Add systemd service file, initial patch by Michael Stapelberg, thanks! Closes: #756453. -- Christoph Berg Wed, 15 Oct 2014 21:36:17 +0200 pgpool2 (3.3.3-3) unstable; urgency=medium * debian/tests/jdbc-tests: Depend postgresql-common >= 159 for locale_gen. * Build 9.4 extension. * Add installcheck test with CREATE EXTENSION. -- Christoph Berg Sun, 27 Jul 2014 11:29:49 +0200 pgpool2 (3.3.3-2) unstable; urgency=medium * Set team as maintainer. * debian/tests/jdbc-tests: Generate missing locale. -- Christoph Berg Thu, 24 Apr 2014 14:19:27 +0200 pgpool2 (3.3.3-1) unstable; urgency=medium * New upstream release. * Use dh-autoreconf. Closes: #732928. * Add some fixes to run test/regression/ tests (WIP). * Fix test/timestamp tests, thanks Julian Schauder. * Fix test/jdbc/BatchTest2.java. -- Christoph Berg Tue, 22 Apr 2014 16:02:05 +0200 pgpool2 (3.3.2-1) unstable; urgency=low * New upstream release. * postinst: Do not die if pgpool2.conf was removed by the user (ucf will preserve this). * debian/tests/jdbc-tests: Reenable batch and insert tests. -- Christoph Berg Thu, 06 Feb 2014 16:18:08 +0100 pgpool2 (3.3.1-1) unstable; urgency=low * New upstream release. * Enable memcached support. Closes: #721216. * Use "all" in debian/pgversions and B-D on pg-server-dev-all >= 148. * Prepend includedir-server to CFLAGS when building pgpool_adm. * walrecrunning is gone, remove it from description. -- Christoph Berg Thu, 12 Sep 2013 11:48:29 +0200 pgpool2 (3.3.0-1) unstable; urgency=low * New upstream release. (Closes: #710558: Exceptions on COMMIT cause abnormal pgpool process termination and disconnects) * sql/pgpool-walrecrunning is gone, remove patch for it. * Fix two -Werror=format-security errors in watchdog/wd_packet.c. -- Christoph Berg Wed, 14 Aug 2013 08:47:45 +0200 pgpool2 (3.2.4-2) unstable; urgency=low [ Martin Pitt ] * debian/tests/jdbc-tests: Fix $ADTTMP permissions to make tests work when running under adt-run. [ Christoph Berg ] * Enable OpenSSL and PAM support. * pgpool2.postinst: Only use first port number found in pgpool2.conf. -- Christoph Berg Tue, 11 Jun 2013 13:21:11 +0200 pgpool2 (3.2.4-1) unstable; urgency=low * New upstream release. * debian/tests/jdbc-tests: Disable batch and insert tests, they hang. -- Christoph Berg Sat, 11 May 2013 21:31:41 -0700 pgpool2 (3.2.3-1) experimental; urgency=low * New upstream release. -- Christoph Berg Tue, 16 Apr 2013 11:19:55 +0200 pgpool2 (3.2.2-4) experimental; urgency=low * Remove "| libpg-java" again. Blame: #693540. -- Christoph Berg Wed, 10 Apr 2013 11:29:20 +0200 pgpool2 (3.2.2-3) experimental; urgency=low * Create /var/run/postgresql on startup when missing. Closes: #703696. * debian/tests/control: Depend on | libpg-java for squeeze compatibility. -- Christoph Berg Wed, 10 Apr 2013 10:48:54 +0200 pgpool2 (3.2.2-2) experimental; urgency=low * Build-Depend on bison, flex, and ruby and run tests in test/parser and test/timestamp. * Add autopkgtest support; run tests in test/jdbc. * pool.h: Point DEFAULT_PID_FILE_NAME at /var/run/postgresql/. * postinst: Fix permissions of /etc/pgpool2/pgpool.conf if it isn't readable for postgres. -- Christoph Berg Fri, 15 Feb 2013 16:06:22 +0100 pgpool2 (3.2.2-1) experimental; urgency=low * New upstream release. * Update Vcs fields to point to git. -- Christoph Berg Tue, 12 Feb 2013 10:21:42 +0100 pgpool2 (3.2.1-1) experimental; urgency=low * New upstream release. -- Christoph Berg Sat, 13 Oct 2012 12:17:10 +0200 pgpool2 (3.2.0-1) experimental; urgency=low * New upstream release. * When installing a new config file, use group postgres/640. * Bump debhelper compat level to 9. * Add 9.2 to supported versions. -- Christoph Berg Fri, 12 Oct 2012 00:26:18 +0200 pgpool2 (3.1.3-3) unstable; urgency=low * Remove /etc/pgpool2/pgpool.conf on purge, ucf doesn't do that by itself. Closes: #674238. -- Christoph Berg Mon, 11 Jun 2012 18:05:32 +0200 pgpool2 (3.1.3-2) unstable; urgency=low * Use ucf to handle /etc/pgpool2/pgpool.conf. Closes: #671359. Also, try to keep the port number used instead of calling next_free_port on every upgrade. -- Christoph Berg Tue, 22 May 2012 14:40:44 +0200 pgpool2 (3.1.3-1) unstable; urgency=low * New upstream release. -- Christoph Berg Wed, 25 Apr 2012 17:13:51 +0200 pgpool2 (3.1.2-1) unstable; urgency=low * New upstream release. -- Christoph Berg Tue, 20 Mar 2012 16:37:29 +0100 pgpool2 (3.1.1-2) unstable; urgency=low * debian/control.in - libpgpool0: set Breaks to solve "fails to upgrade from squeeze" Thanks to Hideki Yamane for the patch. Closes: #657418. -- Christoph Berg Sat, 28 Jan 2012 20:04:00 +0100 pgpool2 (3.1.1-1) unstable; urgency=low * New upstream release. Closes: #646116. Change the lock method of insert_lock. The previous insert_lock uses row locking against the sequence relation, but the current one uses row locking against pgpool_catalog.insert_lock table. The reason is that PostgreSQL core developers decided to disallow row locking against the sequence relation to avoid an internal error which it leads. So creating insert_lock table in all databases which are accessed via pgpool-II beforehand is required. If does not exist insert_lock table, pgpool-II locks the insert target table. This behavior is same as pgpool-II 2.2 and 2.3 series. * Build pgpool-recovery pgpool-regclass pgpool-walrecrunning server modules. Closes: #630465. * Build pgpool_adm server module. * Split libpcp.so into a separate package. There is already another libpcp in Debian, libpcp3/libpcp3-dev, therefore we call our packages libpgpool0/libpgpool-dev. We have a file conflict with /usr/lib/libpcp.{a,so}, so libpgpool-dev conflicts with libpcp3-dev. As they are already at SONAME 3 while we are at 0, the other package will not problems with our files in /usr/lib. (The alternative solution of putting libpcp.so.* in /usr/lib/pgpool2 would require setting RPATH in several places, which was both unsupported by the current build system (despite the documentation claiming otherwise) and also pretty ugly.) -- Christoph Berg Thu, 22 Dec 2011 18:40:04 +0100 pgpool2 (3.0.4-1) unstable; urgency=low * New upstream release * Use format 3.0 (quilt). -- Christoph Berg Fri, 10 Jun 2011 10:18:29 +0200 pgpool2 (3.0.3-2) unstable; urgency=low * Upload to unstable. -- Christoph Berg Thu, 31 Mar 2011 11:53:04 +0200 pgpool2 (3.0.3-1) experimental; urgency=low * New maintainer, thanks Rodolphe for the permission to take over. * New upstream version. + Builds correctly. Closes: #556059, #607841. * Convert to use quilt and dh 7. * Move example files to /usr/share/doc. * Patch example config files, thanks Andre Felipe Machado. Also remove manpage page. Closes: #590570. -- Christoph Berg Wed, 30 Mar 2011 17:23:22 +0200 pgpool2 (2.2.5-2) experimental; urgency=low * Auto-configure listen port in postinst -- Rodolphe Quiédeville Mon, 16 Nov 2009 18:23:56 +0100 pgpool2 (2.2.5-1) experimental; urgency=low [ Rodolphe Quiédeville ] * New upstream release. (Closes: #464345) * New Maintainer. (Closes: #471826, #491893) * Move pid file to /var/run/postgresql [ Andreas Putzo ] * Bumped policy to 3.8.0, without changes. * Update init script to source correct default/pgpool2. (Closes: #497952) * Move conffiles to /etc/pgpool2/ in preinst/postinst. Explain new config file location in README.Debian. (Closes: #428802) * Mention license of parser/gram.c in debian/copyright. * Add manpage.patch to fix a typo that caused a lintian warning. -- Rodolphe Quiédeville Mon, 12 Oct 2009 14:37:47 +0200 pgpool2 (1.3-2) unstable; urgency=low * Updated standards version * Fixed LSB headers in init.d script (closes: #471100) * Added Vcs-* control fields * Added linker option --as-needed -- Peter Eisentraut Thu, 20 Mar 2008 13:49:05 +0100 pgpool2 (1.3-1) unstable; urgency=low * New upstream release -- Peter Eisentraut Mon, 19 Nov 2007 10:48:32 +0100 pgpool2 (1.2.1-1) unstable; urgency=low * New upstream release * Added Homepage control field * Install pool_hba.conf by default -- Peter Eisentraut Sat, 06 Oct 2007 12:34:20 +0200 pgpool2 (1.2-1) unstable; urgency=low * New upstream release -- Peter Eisentraut Fri, 10 Aug 2007 12:03:41 +0200 pgpool2 (1.1.1-1) unstable; urgency=low * New upstream release -- Peter Eisentraut Fri, 15 Jun 2007 21:45:16 +0200 pgpool2 (1.0.2-1) unstable; urgency=low * Initial release (closes: #390515) -- Peter Eisentraut Wed, 21 Mar 2007 13:18:33 +0100