-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA512
Format: 1.8
Date: Tue, 24 Feb 2026 12:48:56 +0100
Source: postgresql-18
Architecture: source
Version: 18.3-1
Distribution: unstable
Urgency: medium
Maintainer: Debian PostgreSQL Maintainers <team+postgresql@tracker.debian.org>
Changed-By: Christoph Berg <myon@debian.org>
Changes:
postgresql-18 (18.3-1) unstable; urgency=medium
.
* New upstream version 18.3.
.
+ Fix failure after replaying a multixid truncation record from WAL that
was generated by an older minor version (Heikki Linnakangas)
.
Erroneous logic for coping with the way that previous versions handled
multixid wraparound led to replay failure, with messages like "could not
access status of transaction". A typical scenario in which this could
occur is a standby server of the latest minor version consuming WAL from
a primary server of an older version.
.
+ Avoid incorrect complaint of invalid encoding when substring() is
applied to toasted data (Noah Misch)
.
The fix for CVE-2026-2006 was too aggressive and could raise an error
about an incomplete character in cases that are actually valid.
.
+ Fix oversight in the fix for CVE-2026-2007 (Zsolt Parragi)
.
If the bounds array needed to be expanded, because the input contained
more trigrams than the initial guess, generate_trgm_only didn't return
the modified array pointer to its caller. That would lead to incorrect
output from strict_word_similarity() and related functions, or in rare
cases a crash. The faulty code is reached if the input string becomes
longer when it's converted to lower case. The only known instances of
that occur when an ICU locale is used with certain single-byte
encodings.
.
+ Fix the volatility marking of json_strip_nulls() and jsonb_strip_nulls()
(Andrew Dunstan)
.
These functions have always been considered immutable, but refactoring
in version 18 accidentally marked them stable instead. That prevents
their use in index expressions and could cause unnecessary repeat
evaluations in queries. This fix corrects the marking in
newly-initialized database clusters (including clusters that are
pg_upgrade'd to 18.3 or later). However it will not help existing
clusters made using 18.0 through 18.2.
.
If this mistake affects your usage of these functions, the recommended
fix for an existing cluster is a manual catalog update. As superuser,
perform
.
UPDATE pg_catalog.pg_proc SET provolatile = 'i' WHERE oid IN ('3261','3262');
.
in each affected database. Update template0 and template1 as well, so
that databases made in future will have the fix.
Checksums-Sha1:
d868f673f37dc330daac706a9a17e8e31988f779 4752 postgresql-18_18.3-1.dsc
715414a7dcf6ca491588b1c243610f11acdc501b 22497924 postgresql-18_18.3.orig.tar.bz2
7a3acb1b40e0f0e656510805ad84aea6ec458378 25136 postgresql-18_18.3-1.debian.tar.xz
Checksums-Sha256:
38b360aa0386959b74b7af48d32beb1c645a44f7f2010c2426b4309d6f4a0f0e 4752 postgresql-18_18.3-1.dsc
d95663fbbf3a80f81a9d98d895266bdcb74ba274bcc04ef6d76630a72dee016f 22497924 postgresql-18_18.3.orig.tar.bz2
c93635968686b8ee5c81092feb1ecafd8d70c8a7b506ecdddcc8ff887ec04c99 25136 postgresql-18_18.3-1.debian.tar.xz
Files:
ea9e7c3cedd6e6ac1b2e44c7571c4865 4752 database optional postgresql-18_18.3-1.dsc
b5843c3f76958d0efe0134eafa1d4c45 22497924 database optional postgresql-18_18.3.orig.tar.bz2
d4c72740724c82a251205364af3e2c33 25136 database optional postgresql-18_18.3-1.debian.tar.xz
-----BEGIN PGP SIGNATURE-----
iQIzBAEBCgAdFiEEXEj+YVf0kXlZcIfGTFprqxLSp64FAmmgHW8ACgkQTFprqxLS
p65PMw//U1JDYOJ9gTeOPtQ/KLL0C9EZ1tcVU17uJ8rPVth9d+a1CJrI3H6PFr2l
zmGK2BWW5P0VhuD7izw2tSS2SD30XG203NpyrPpuQJTsBZhL5UiWyOIykm67UfqV
++7nQB7EJ4WIHwS+svwTasS6+9aCiyCVCKxJZmGcB2w2MRnUv33QAMKZCbzEixYZ
Q4EY7/IP3ie+ypXeghJuifOU4qN2+p9MgKUA79m7dk3jW6DSvWQvBdvdbDDTknr+
0Ch/xW0W6BQNEMK8OzHdXww0R6eyPJLw+SejqumMC5a2Xw3RZ2U+bHq4vwAp+Jla
DrpCa6B+WBLMS5L6N9eoxjQKYYrGQqzJlmwyZ6ARZsATWNVadjOTazRCO3Zzwjq/
pQcepq9cCgSRZP4Ds9ZU3YDmsNdzq0ApJjxVYqNbms3plsTOSafMSaAJOBSDqwi/
5W2OI9hQ3u10KgKOOGYlahLTfF/62zrXbPrQ7ffZw88IHPF6sY+CqsHRSNeZTUZH
DTwlM22ke+1bh7Dhoaq3rPi7ffK9EQiTbt7ALePZ4/nCliH+WDurzGB8IIpmLjh0
WMwcPKSX3PLLuBqh49RHO0Kvvm9II1WnTyecNdSvr5TTCzzBbQyN6jWP6tjXe5LM
FuPOGCiKUIM4OWysbKL5ojigVz+LqTlzAJsRr3Ndcx+plF/Ywag=
=He+0
-----END PGP SIGNATURE-----
