Debian Package Tracker

From: Debian FTP Masters <ftpmaster@ftp-master.debian.org>
To: <dispatch@tracker.debian.org> , <debian-lts-changes@lists.debian.org>
Subject: Accepted postgresql-13 13.21-0+deb11u1 (source) into oldstable-security
Date: Thu, 08 May 2025 20:40:21 +0000
Signed by: Christoph Berg <myon@debian.org>

-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA256

Format: 1.8
Date: Tue, 06 May 2025 17:55:19 +0200
Source: postgresql-13
Architecture: source
Version: 13.21-0+deb11u1
Distribution: bullseye-security
Urgency: medium
Maintainer: Debian PostgreSQL Maintainers <team+postgresql@tracker.debian.org>
Changed-By: Christoph Berg <myon@debian.org>
Changes:
 postgresql-13 (13.21-0+deb11u1) bullseye-security; urgency=medium
 .
   * New upstream version 13.21.
 .
     + Avoid one-byte buffer overread when examining invalidly-encoded strings
       that are claimed to be in GB18030 encoding (Noah Misch, Andres Freund)
 .
       While unlikely, a SIGSEGV crash could occur if an incomplete multibyte
       character appeared at the end of memory.  This was possible both in the
       server and in libpq-using applications. (CVE-2025-4207)
Checksums-Sha1:
 2625d2a5d84f7b1139f9c759bac8c583aa1b6577 3703 postgresql-13_13.21-0+deb11u1.dsc
 e6615cdda1e42cc3429aa93bf9194804bac2c397 21759813 postgresql-13_13.21.orig.tar.bz2
 bc0547baf40650f9dcf0585140747fac940b9089 36304 postgresql-13_13.21-0+deb11u1.debian.tar.xz
Checksums-Sha256:
 10753fa323c6245b74c21a142714cd27f6bbd729fb5422f5360b3f8aa7fefb23 3703 postgresql-13_13.21-0+deb11u1.dsc
 dcda1294df45f033b0656cf7a8e4afbbc624c25e1b144aec79530f74d7ef4ab4 21759813 postgresql-13_13.21.orig.tar.bz2
 d5d60374a8ca22eeeccfafe7dd0fe83b155a7c3d7293efe78df1887748039701 36304 postgresql-13_13.21-0+deb11u1.debian.tar.xz
Files:
 058d4bf566c870962270c274ca847c21 3703 database optional postgresql-13_13.21-0+deb11u1.dsc
 9bcdbfcba417ee15287edc63b1c41763 21759813 database optional postgresql-13_13.21.orig.tar.bz2
 20f00d01b477df269b5c4a0c09e30f70 36304 database optional postgresql-13_13.21-0+deb11u1.debian.tar.xz

-----BEGIN PGP SIGNATURE-----

iQIzBAEBCAAdFiEEXEj+YVf0kXlZcIfGTFprqxLSp64FAmgdEvIACgkQTFprqxLS
p66m+w/+O3oCassaC48PidpZvtPYr2YNNiQv9mgIeE6t6ge6zxJsSS7Mi6uODpMM
V2AV10RVrnAQDkdk8xWtu6t4h9jO7eOqswRzuVhvZ9kCf9jdYefx6b7KsZQsWdt1
zmOsnirZ65a5xXVrG6PWScGZyCUPP1JrN0kbpy5mfILOXmKy6RreRmTyAejg6S88
BDsHS3xRNwBfgfN0hHYnKPVyWkytGIWa1JQiLPidl46qQmb0elS5VuB1z974iB8e
BPVDwpAyNq3BcFU7qXOcKsck1Vc2OsHnOJxfqFyVXtzlKecRQpibuz/udxjUxcDy
4BwoEvYO0SINykhT4ZgCb+VnEJWqIZi17gQDcEAB5CkMRoX4O4ZDK51GVZyJm6QE
nhcrrjYGrssNi8Ie3JGP1kmsdn9yrkUifCqHuTOKeNRJNRTx014ETdWewH16HwrU
EgEcp+rzaKyqqLckV3OAZkTeGN0iOmceGoS4Op2w110q7TgO6or6qo/NYOKjmC24
4WiGf2eW3qVlqCN8D4Z9v6CEqE1kkUc+hQi6huyRP/c2epFx1p4j4HiOsx53YKc0
A9Xjk7iVPneILNUQVblCWQkStZwgZgGEfWNRuf91nbzlg503dESNHZSr/FeJlF4C
0HguXx0seN7BpaRR6Ov2bV/MsftP2AXKcKZIsjajo6DogTMoaf8=
=bpoU
-----END PGP SIGNATURE-----

News for package postgresql-13