-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA256 Format: 1.8 Date: Thu, 08 Aug 2019 16:53:00 +0200 Source: postgresql-9.4 Binary: libpq-dev libpq5 libecpg6 libecpg-dev libecpg-compat3 libpgtypes3 postgresql-9.4 postgresql-9.4-dbg postgresql-client-9.4 postgresql-server-dev-9.4 postgresql-doc-9.4 postgresql-contrib-9.4 postgresql-plperl-9.4 postgresql-plpython-9.4 postgresql-plpython3-9.4 postgresql-pltcl-9.4 Architecture: source amd64 all Version: 9.4.24-0+deb8u1 Distribution: jessie-security Urgency: medium Maintainer: Debian PostgreSQL Maintainers <team+postgresql@tracker.debian.org> Changed-By: Christoph Berg <myon@debian.org> Description: libecpg-compat3 - older version of run-time library for ECPG programs libecpg-dev - development files for ECPG (Embedded PostgreSQL for C) libecpg6 - run-time library for ECPG programs libpgtypes3 - shared library libpgtypes for PostgreSQL 9.4 libpq-dev - header files for libpq5 (PostgreSQL library) libpq5 - PostgreSQL C client library postgresql-9.4 - object-relational SQL database, version 9.4 server postgresql-9.4-dbg - debug symbols for postgresql-9.4 postgresql-client-9.4 - front-end programs for PostgreSQL 9.4 postgresql-contrib-9.4 - additional facilities for PostgreSQL postgresql-doc-9.4 - documentation for the PostgreSQL database management system postgresql-plperl-9.4 - PL/Perl procedural language for PostgreSQL 9.4 postgresql-plpython-9.4 - PL/Python procedural language for PostgreSQL 9.4 postgresql-plpython3-9.4 - PL/Python 3 procedural language for PostgreSQL 9.4 postgresql-pltcl-9.4 - PL/Tcl procedural language for PostgreSQL 9.4 postgresql-server-dev-9.4 - development files for PostgreSQL 9.4 server-side programming Closes: 911940 932247 933368 Changes: postgresql-9.4 (9.4.24-0+deb8u1) jessie-security; urgency=medium . * New upstream security release. + Fixes regression in ALTER TABLE on multiple columns. (Closes: #932247) . + Require schema qualification to cast to a temporary type when using functional cast syntax (Noah Misch) . We have long required invocations of temporary functions to explicitly specify the temporary schema, that is pg_temp.func_name(args). Require this as well for casting to temporary types using functional notation, for example pg_temp.type_name(arg). Otherwise it's possible to capture a function call using a temporary object, allowing privilege escalation in much the same ways that we blocked in CVE-2007-2138. (CVE-2019-10208) . * Move maintainer address to tracker. * On purge, ask the user if they want to remove clusters. (Closes: #911940, #933368) Checksums-Sha1: c1fe86a3136e1d8529a70f0358e6e7d207723b98 3535 postgresql-9.4_9.4.24-0+deb8u1.dsc c1b28864ff6a3799de897921b50c75301fad2d29 16842941 postgresql-9.4_9.4.24.orig.tar.bz2 d41aacfef1fa0f54c5d7aa597939f9958cf18282 32108 postgresql-9.4_9.4.24-0+deb8u1.debian.tar.xz 528777632a5b32fb292be937a39aa742fe0924ef 168066 libpq-dev_9.4.24-0+deb8u1_amd64.deb fc56d5dd5d502d829f16f80b93be96005be30e61 128428 libpq5_9.4.24-0+deb8u1_amd64.deb e955f165196289b5e6a0b8b70eae53caafc0b7da 83738 libecpg6_9.4.24-0+deb8u1_amd64.deb 12f11f9a409b43993e70594e22efd0fd3703f357 221280 libecpg-dev_9.4.24-0+deb8u1_amd64.deb 1b47ba8ae1f8f1fe10deb9a600116279e2c063f2 18940 libecpg-compat3_9.4.24-0+deb8u1_amd64.deb 2dfe5ae541077de19cf481948cd5bffa1e073a1e 40938 libpgtypes3_9.4.24-0+deb8u1_amd64.deb cd3eee9d79019ccfa444ac9d8eeca10287655d97 3721466 postgresql-9.4_9.4.24-0+deb8u1_amd64.deb 1feba8fc18da2738ae69eb7a187ad98a46b4187f 12288532 postgresql-9.4-dbg_9.4.24-0+deb8u1_amd64.deb ac57960f99425905e23da93dc85ea9b2604495de 1100514 postgresql-client-9.4_9.4.24-0+deb8u1_amd64.deb a60ffba0c9046ebc200bc1db80796317b5c24ca4 648612 postgresql-server-dev-9.4_9.4.24-0+deb8u1_amd64.deb fe65152efefc31c25f13e8c0ae273e90a53f0cc3 1592472 postgresql-doc-9.4_9.4.24-0+deb8u1_all.deb d4ff84bbeedbc666fd61389aa65cb75dda62a6bb 457862 postgresql-contrib-9.4_9.4.24-0+deb8u1_amd64.deb 757a45cdcd06c8beb592c3f7b4e624a193fbaff9 56932 postgresql-plperl-9.4_9.4.24-0+deb8u1_amd64.deb e91a86d1d37fee7b26feb807a037ccedad399a61 48530 postgresql-plpython-9.4_9.4.24-0+deb8u1_amd64.deb 69bf7ecaa61f961609263ed4ac6ab9b6760d55a3 48118 postgresql-plpython3-9.4_9.4.24-0+deb8u1_amd64.deb 8e08580359b402432d0df5ca2407a27a128633f6 33798 postgresql-pltcl-9.4_9.4.24-0+deb8u1_amd64.deb Checksums-Sha256: 292e1b09d9649f9757a052d3f56fc25ddc564e04044e62ca97de815a0503b65f 3535 postgresql-9.4_9.4.24-0+deb8u1.dsc 52253d67dd46a7463a9d7c5e82bf959931fa4c11ec56293150210fa82a0f9429 16842941 postgresql-9.4_9.4.24.orig.tar.bz2 c97f3e8dcd0209782b7681cf47a060120685cc2bbba010e9d4fcbed0d54e4985 32108 postgresql-9.4_9.4.24-0+deb8u1.debian.tar.xz 59e80ebd5325b30f071123c1c4fc64f6a6fb0f7a8347e08029ca2fda96f4c6e7 168066 libpq-dev_9.4.24-0+deb8u1_amd64.deb 3f8ba41952f5c72e231044cab37fdab3c0c309c477b710b8ef827aca1272f337 128428 libpq5_9.4.24-0+deb8u1_amd64.deb 59d15cc72d4ad7c52e7b3c6738402ea7baafd4a50084ad589e64743c7edcd61d 83738 libecpg6_9.4.24-0+deb8u1_amd64.deb d4869dee8a20d3804703f957b4f1c070b3d9a3940d970c28c02049885d19c1ca 221280 libecpg-dev_9.4.24-0+deb8u1_amd64.deb 4b47b6bd0e5018c2951d2dbd7aa6146e646d0fb2d9a813427fc8cce0a53dd52f 18940 libecpg-compat3_9.4.24-0+deb8u1_amd64.deb b580f89472a68b85117655d2583ea397d0c9b3914457e8465f3a8978f0909a6c 40938 libpgtypes3_9.4.24-0+deb8u1_amd64.deb c5cac185b39b3e0b1793f768f40913f038aedfd69dfe552aaa25d6a539fa5dce 3721466 postgresql-9.4_9.4.24-0+deb8u1_amd64.deb dca9244684e56c7c590e2dcccf752904860d3adbe52ce16ee27414a11abfce12 12288532 postgresql-9.4-dbg_9.4.24-0+deb8u1_amd64.deb f2a5b4d7fe613a20d468c624f1b96365ee251f4afed3ea4bda7d897907831772 1100514 postgresql-client-9.4_9.4.24-0+deb8u1_amd64.deb 8740692446f46a5cd87eefe6cc9502d5af0afd42377f92e47e68c023b85a6505 648612 postgresql-server-dev-9.4_9.4.24-0+deb8u1_amd64.deb d91f0f00484a8e36f1325a448e6d2b9ba4193e10a1af1524461052b6c2b4a328 1592472 postgresql-doc-9.4_9.4.24-0+deb8u1_all.deb 3ac2a410c3137eede66f80231d7eba487bcbc4c6424b48d92138f3f3207466ed 457862 postgresql-contrib-9.4_9.4.24-0+deb8u1_amd64.deb f6a31b6eceabe04fa6a46744dbf377285767c059f66fc519afd8ec984be8ef62 56932 postgresql-plperl-9.4_9.4.24-0+deb8u1_amd64.deb 964bba655e4830db57918a6319cc95db8d4886b47fcb71710f9edfd5e863a01f 48530 postgresql-plpython-9.4_9.4.24-0+deb8u1_amd64.deb 27536efc523a92fae1f4eb4446d981d78466be29d3d6ba7314b528c2048a7dbc 48118 postgresql-plpython3-9.4_9.4.24-0+deb8u1_amd64.deb 54fd101061ae8cd19aca3894be4391ff1fb9d8d8ff8723d3638a466aa4cf7f83 33798 postgresql-pltcl-9.4_9.4.24-0+deb8u1_amd64.deb Files: b52e7a43b851ea87d0fb401b12faca7b 3535 database optional postgresql-9.4_9.4.24-0+deb8u1.dsc 5ba0ffe7cb9b97a7d39a2ab7bab9e86c 16842941 database optional postgresql-9.4_9.4.24.orig.tar.bz2 73e705ed228cbe4d1fdad23b71924758 32108 database optional postgresql-9.4_9.4.24-0+deb8u1.debian.tar.xz 5a3c7c6fa6700d49f163f6a4f72697ea 168066 libdevel optional libpq-dev_9.4.24-0+deb8u1_amd64.deb a05386e9dbec0aee32945183ed87bdb9 128428 libs optional libpq5_9.4.24-0+deb8u1_amd64.deb c502ba2f87d9deadc7ac2d8da2813d0f 83738 libs optional libecpg6_9.4.24-0+deb8u1_amd64.deb 5b3be1f379f03309f7eb78a6da6da6db 221280 libdevel optional libecpg-dev_9.4.24-0+deb8u1_amd64.deb 721743efe48a234a0fe380bb9a443706 18940 libs optional libecpg-compat3_9.4.24-0+deb8u1_amd64.deb 4ba7a75807f9c4b769020077329ddcdd 40938 libs optional libpgtypes3_9.4.24-0+deb8u1_amd64.deb 103f76b048b9207f4383f52e86f1099c 3721466 database optional postgresql-9.4_9.4.24-0+deb8u1_amd64.deb 9a8e768f876924f3ef36bf92fbaf4703 12288532 debug extra postgresql-9.4-dbg_9.4.24-0+deb8u1_amd64.deb 2994c1b6a655cbe766bb7ac2988f85e7 1100514 database optional postgresql-client-9.4_9.4.24-0+deb8u1_amd64.deb 8333c0afefc926b453bf6572131e1f43 648612 libdevel optional postgresql-server-dev-9.4_9.4.24-0+deb8u1_amd64.deb 0ad57b26488921c3f81cabe4cf0c5caa 1592472 doc optional postgresql-doc-9.4_9.4.24-0+deb8u1_all.deb d3f9e31afbbd89dc23d3c78c19f32895 457862 database optional postgresql-contrib-9.4_9.4.24-0+deb8u1_amd64.deb e626558d3508990570ea659ca11315a7 56932 database optional postgresql-plperl-9.4_9.4.24-0+deb8u1_amd64.deb 19be4d581e9c7a2daaab405afe87b8d3 48530 database optional postgresql-plpython-9.4_9.4.24-0+deb8u1_amd64.deb ffe96973aa62f7190a154d90523e66af 48118 database optional postgresql-plpython3-9.4_9.4.24-0+deb8u1_amd64.deb a0b52e6e7506052afdbee6510dcb2ad0 33798 database optional postgresql-pltcl-9.4_9.4.24-0+deb8u1_amd64.deb -----BEGIN PGP SIGNATURE----- iQIzBAEBCAAdFiEEXEj+YVf0kXlZcIfGTFprqxLSp64FAl1MPFEACgkQTFprqxLS p653Kg//S0KMxk/f+6+2p3+4fAzmyDQiXnCWdYlakTsAsR5645hlpNG0wtfajGUX 2XPMGDLbEfTZsK5sijHxUZaqs/uYfBlsyixTUxXfb4Wz8n4e8IplwHEBspTfbkPH OszuacXUU70vow4qweajXyixsgheCqi5PtxZ1oaTM5gfri71vpHJnSJLjH5DTMns gb3bMEXYjpNuQXp4OxzLYpZ531vEqhSxAPlGfbdouuPE8adwTenF6jGC2oBu+Q5/ ongiOVupmGpSBzOnJmpItRPEo1zRBxXqoNYbH0Ef93VnGrsur/HMqv9OYWFwCCMx CTk3fIpZSBHtdSeF41mdpxYlaFUvvI2cIaLqDTFsitv2DnYq9DYbFgW+0jhhrNkh X1nbx0sOf6Zl1lkO4R+gj2qaDRzAtXrz5ZoIip0KnlXbcWXqi7BAG4QwgZZxhGoO 3QWRlfJRCk15OTazYEKzHboSCvlfV5VF3rGuo5JeZHKwIHK6KpRYriiP4fQ5OaRg JeB2p4El0l2mvlQ+fj8ma4MH/F78FaCUYmR/yjFPwotcBIDPLchJkdHqqj5TO6gw bDfVm7iKSroZ61Z5FX1D7h1Q5Kg6f+Snv6Scnx2l7CQPwraLd/45pgjWwTmLcDCi EL01Lh3VmnqCFyi9hoLHqguaeLSaUX8q3LgWeD3CMywvexuZ9Tw= =6RNl -----END PGP SIGNATURE-----