-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA512 Format: 1.8 Date: Tue, 11 Feb 2025 11:27:41 +0100 Source: postgresql-17 Architecture: source Version: 17.3-1 Distribution: unstable Urgency: medium Maintainer: Debian PostgreSQL Maintainers <team+postgresql@tracker.debian.org> Changed-By: Christoph Berg <myon@debian.org> Closes: 1093414 Changes: postgresql-17 (17.3-1) unstable; urgency=medium . * New upstream version 17.3. . + Harden PQescapeString and allied functions against invalidly-encoded input strings (Andres Freund, Noah Misch) . Data-quoting functions supplied by libpq now fully check the encoding validity of their input. If invalid characters are detected, they report an error if possible. For the ones that lack an error return convention, the output string is adjusted to ensure that the server will report invalid encoding and no intervening processing will be fooled by bytes that might happen to match single quote, backslash, etc. . The purpose of this change is to guard against SQL-injection attacks that are possible if one of these functions is used to quote crafted input. There is no hazard when the resulting string is sent directly to a PostgreSQL server (which would check its encoding anyway), but there is a risk when it is passed through psql or other client-side code. Historically such code has not carefully vetted encoding, and in many cases it's not clear what it should do if it did detect such a problem. . This fix is effective only if the data-quoting function, the server, and any intermediate processing agree on the character encoding that's being used. Applications that insert untrusted input into SQL commands should take special care to ensure that that's true. . Applications and drivers that quote untrusted input without using these libpq functions may be at risk of similar problems. They should first confirm the data is valid in the encoding expected by the server. . The PostgreSQL Project thanks Stephen Fewer for reporting this problem. (CVE-2025-1094) . + Adjust tests to tzdata 2025a changes. (Closes: #1093414) . * B-D on postgresql-common-dev. * Test-depend only our server packages, i.e. allow libpq5 to be newer. Checksums-Sha1: 8f9ca0ced73921a470496984e245e35323dd09c5 4236 postgresql-17_17.3-1.dsc d25d6ec5e6a8332b59bdf84350c3ce278ffe5afb 21520115 postgresql-17_17.3.orig.tar.bz2 51ae4f3a7535a8a0af4103396fc5e99a104e5b96 26568 postgresql-17_17.3-1.debian.tar.xz Checksums-Sha256: 8d925d750066227a79ea70a850315e5e68c6e5789ae367e243ef977be66dcd12 4236 postgresql-17_17.3-1.dsc 13c18b35bf67a97bd639925fc581db7fd2aae4d3548eac39fcdb8da74ace2bea 21520115 postgresql-17_17.3.orig.tar.bz2 a77be8b3ec2982abfde59f7cdd47681ca02dca0e89e488074d29cd4f5160d2cc 26568 postgresql-17_17.3-1.debian.tar.xz Files: 22fe5dba6b4e4731eb3cfabb59490c6d 4236 database optional postgresql-17_17.3-1.dsc d229389aae99b76dca2573ae898deb2d 21520115 database optional postgresql-17_17.3.orig.tar.bz2 0f3bb97f428a0c8b9625c0367f4c73ae 26568 database optional postgresql-17_17.3-1.debian.tar.xz -----BEGIN PGP SIGNATURE----- iQIzBAEBCgAdFiEEXEj+YVf0kXlZcIfGTFprqxLSp64FAmet374ACgkQTFprqxLS p67q+xAAmmUXhxcidm8ejUvepiwDHbY+dEYF8PdzBhoSYSYI8jiLNZ5OqQEEjfSP YVZzXyWj4DXlzDDaoSPX2vLZJasLWaej1wEMUfisk6p4ELumh3Mdyl4WxA33PwZ6 QureNPqLnaDTqV9p0/TXSV1d9Ihu1rocEWFa+4uSIPP5OgngtFrNIx4jt+jXO90o DvqOh8ynt9CI5CpWotmVe2eaiw7HdqffLWvItch+mYsDLIdReeXSL1NhypFF4Hph 3Eo+EiZ7OyXxSohNIooywWYlj6cggPUIeTtvEIVBUaNG1qfKTxzKqAD0xjOdml3L 6y3eGQ2hMzAprHfK5kREWiassSHenO/TUH0DHIHAN7jc5N9cD0BkyAD0KsUMoToU 9x5h5RbXZ6z28CldcZv6tYVwMMQnf5OAnFlIT7VA5gA+DGgRaacEcbh6pl5zyMpW zeHteqcVWSgit9ayX5NIZHDd0aM7iWwxEMEFJANq+z+z3oHkaKofkOrSSKE6e0Iq vylSPnAKLUGElXsfAR7BTJlGca6Pi64Wj/l/FDGn4OR+2bvmt9jFM6D0LW4ZhrmH qdx3CJ/7/ZThkNYnYy5mwpRyi84aVADBnD9ADEEoe/b+GZDhZDLqpvFQ2le2lUQx uhg3XTQ+f7R3CF7B5iRiNitkwpJIG0LkdA0+fwOR797xLfGCvH0= =kqZr -----END PGP SIGNATURE-----
