-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA256
Format: 1.8
Date: Thu, 13 Aug 2020 15:56:23 +0200
Source: postgresql-11
Architecture: source
Version: 11.9-0+deb10u1
Distribution: buster
Urgency: medium
Maintainer: Debian PostgreSQL Maintainers <team+postgresql@tracker.debian.org>
Changed-By: Christoph Berg <myon@debian.org>
Changes:
postgresql-11 (11.9-0+deb10u1) buster; urgency=medium
.
* New upstream version.
+ Set a secure search_path in logical replication walsenders and apply
workers (Noah Misch)
.
A malicious user of either the publisher or subscriber database could
potentially cause execution of arbitrary SQL code by the role running
replication, which is often a superuser. Some of the risks here are
equivalent to those described in CVE-2018-1058, and are mitigated in
this patch by ensuring that the replication sender and receiver execute
with empty search_path settings. (As with CVE-2018-1058, that change
might cause problems for under-qualified names used in replicated
tables' DDL.) Other risks are inherent in replicating objects that
belong to untrusted roles; the most we can do is document that there is
a hazard to consider. (CVE-2020-14349)
.
+ Make contrib modules' installation scripts more secure (Tom Lane)
.
Attacks similar to those described in CVE-2018-1058 could be carried out
against an extension installation script, if the attacker can create
objects in either the extension's target schema or the schema of some
prerequisite extension. Since extensions often require superuser
privilege to install, this can open a path to obtaining superuser
privilege. To mitigate this risk, be more careful about the search_path
used to run an installation script; disable check_function_bodies within
the script; and fix catalog-adjustment queries used in some contrib
modules to ensure they are secure. Also provide documentation to help
third-party extension authors make their installation scripts secure.
This is not a complete solution; extensions that depend on other
extensions can still be at risk if installed carelessly.
(CVE-2020-14350)
Checksums-Sha1:
62f1eac429a780e92de4236a6a4696d4b7259a7e 3738 postgresql-11_11.9-0+deb10u1.dsc
aedb423d7f42a46fccf64ff1411fd8f5180f51e7 19959019 postgresql-11_11.9.orig.tar.bz2
16246b1d84cddaffca69b17d6956902a6524060b 25536 postgresql-11_11.9-0+deb10u1.debian.tar.xz
Checksums-Sha256:
d4538af8c4f86e48ada0a32c113b0d10df21c640d190e2eac8bfee63a11ec3ed 3738 postgresql-11_11.9-0+deb10u1.dsc
35618aa72e0372091f923c42389c6febd07513157b4fbb9408371706afbb6635 19959019 postgresql-11_11.9.orig.tar.bz2
7044369b5353aa91e672fae6122812682b863468db4fa631d952d34daf8baf36 25536 postgresql-11_11.9-0+deb10u1.debian.tar.xz
Files:
15c1045a52d7b2ed81408cab25f70fc8 3738 database optional postgresql-11_11.9-0+deb10u1.dsc
2d20502cbce1c7531bb69e56f5c5c65a 19959019 database optional postgresql-11_11.9.orig.tar.bz2
f7ba276546d52c8f36b1bebfcea2be9a 25536 database optional postgresql-11_11.9-0+deb10u1.debian.tar.xz
-----BEGIN PGP SIGNATURE-----
iQIzBAEBCAAdFiEEXEj+YVf0kXlZcIfGTFprqxLSp64FAl81Rv4ACgkQTFprqxLS
p66kkRAAln47MM5B2PWLeBET83HSmxoHxlzNCO98SeU6GO+ZRNb86sf8J+0PJ+JQ
TkgQUWHafS+FxRsl5fRVm2Q4Tg3/TatzSr3Uh7XRXdHusL1gmCGyCoUWBO64UFw0
AJQfStbGcErGrKqUS90EcGvzAKuaoqPJc3HIQo6HLgOim6ni3RMuxZ4F9qaPc7DA
FjdW+IZavVleI+Ltl9XXDZUXYOHISdFcau0VHE2W0/FtjhXIpDWMBdJd6hTR/F/4
tVOKuOb80AwTnY0VZu94+/yudzL3kEsSQV/wiSxSw0wzebNNq+TvIkhJKtFnMYp+
JtU3o4vJEJp1JLHY/LUTIY3tY0pzL6wEMUCeISg68xWXOaW5ABKj2qIr4yepjkdG
H6r1/b/zF1ypN6zZhsEH1VPC6ikEJZ2AsL0CZTRlFK3lN3BrmuAI8vBefkeAeYbY
Gyf6nBoWLizsqt0daIfmCgPgaIajSMqLcOfZF8RSJRdG7e4wZNGoGzthFfKLSt3r
WpBjJukASigkrRe+UT4zLDwE4V4K8pWSKoZTPmqjW3gfmK8qPjZNoZ+gw8Jg2Hi4
17B6KS28F4spNUJ/adN2ir0pQRStvY+wQav0IlMdGa5bq5PCiCtbSrVw+MHnz2MU
pR06gTH22oCn3GzOhsO6N7KX2kQ5/OuBe/R5rheM26p71fwfF0Q=
=QGM1
-----END PGP SIGNATURE-----
