Debian Package Tracker

From: Debian FTP Masters <ftpmaster@ftp-master.debian.org>
To: <debian-devel-changes@lists.debian.org>
Subject: Accepted pg-squeeze 1.9.2-1 (source) into unstable
Date: Fri, 05 Jun 2026 13:33:54 +0000
Signed by: Christoph Berg <myon@debian.org>

-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA512

Format: 1.8
Date: Fri, 05 Jun 2026 13:50:37 +0200
Source: pg-squeeze
Architecture: source
Version: 1.9.2-1
Distribution: unstable
Urgency: medium
Maintainer: Debian PostgreSQL Maintainers <team+postgresql@tracker.debian.org>
Changed-By: Christoph Berg <myon@debian.org>
Changes:
 pg-squeeze (1.9.2-1) unstable; urgency=medium
 .
   * New upstream version 1.9.2.
 .
     + Fix possible escalation of privileges
 .
       Index functions used to run as the superuser. If they contained
       malicious code, it would have the superuser privileges too. This is
       fixed by changing the current user to the table owner before any index
       function can be executed.
 .
     + pg_squeeze could use SQL operators other than the built-in ones when
       checking table metadata (i.e. when checking which table is bloated
       enough to need squeezing). This is fixed by restricting the search path
       to "pg_catalog, pg_temp" before running any SQL query.
Checksums-Sha1:
 6e28325400b48bee59a994af3ce02b8614fa3771 2158 pg-squeeze_1.9.2-1.dsc
 3c14c7b3807006ad6acb1016a115f3dedb61c34b 87553 pg-squeeze_1.9.2.orig.tar.gz
 c06711bd3f24a16d77d3b677e1575ee90db9d8ae 3044 pg-squeeze_1.9.2-1.debian.tar.xz
Checksums-Sha256:
 c4bfeab0df142e1a80e6b7882a93d943573c750d531bee0b7678aa46ddc1b4ba 2158 pg-squeeze_1.9.2-1.dsc
 4e0133479b41cc9a90a5db8b275b950bfa65e8a14abe92f77d830f74e0c4996c 87553 pg-squeeze_1.9.2.orig.tar.gz
 84d05f0bdd80ea8b403cd9ae644077ca6ddec421bcc0890890c3365a2969591e 3044 pg-squeeze_1.9.2-1.debian.tar.xz
Files:
 1001259d45e7d9ea15ab516a514df7b5 2158 database optional pg-squeeze_1.9.2-1.dsc
 f1e8d2ccfb699ca395a8a2128bcd0c7a 87553 database optional pg-squeeze_1.9.2.orig.tar.gz
 a6058f2e646b7994a510c6bb1e455cb6 3044 database optional pg-squeeze_1.9.2-1.debian.tar.xz

-----BEGIN PGP SIGNATURE-----

iQIzBAEBCgAdFiEEXEj+YVf0kXlZcIfGTFprqxLSp64FAmoizmUACgkQTFprqxLS
p64PWg//Wpj6hAUamwjR0XA2V4yDKQpjKyI10oXENA6QMMiHcMbO6trvfWATGkIo
eVvA+uRdwR1D9JJ2ni7TNCf9ttPGlghzjzzPsGCzL9hzRdnFdwkxjk7A9GC6pa48
FkiF38bBXPlIQjXmfqxGl8TRkIWQttNGLwkayRZe3VRAwEZNBwvBfZGZyaQZeyjy
+EJl/1NIRB1lAzO/HWyftGKWklzGLC+4dSVuEDcbIwb41QzUYtq2BMLefq3FrMOO
yJWCm5lmJk8n2inS1tk8wvIkQvbsCzMwtZwWkpX3/PNBPke30P63M5tgjo+X4ee5
hHW75NSc8Kv8gqrgtKWMRX+CuaYEJ894ez2W+j2Yn4weuLAP1MRkSF1vSBfrjKcd
iHGufDhViNLV09bUa4hEBO8vmsh17sVPKqVntCRFdH5LKviePBRftTOQ0gxBVAt6
R7YQn7+b44UclTQBfi9RPkYjrkhz2INQaPuEFX8A+3kvF3WHB/s2r1CEXgT3kh09
hrgZbm8zfApR4sMFLbNibUwft0J7t+T1BqHJkZ1mWV3MqK6KeWkrV6ppMinG4UCv
5r0YeXXtzU0mV9xPsHXMdf7xNtNFS4rzm0i1Y/wirKM0b+7dpOAB06nBMGdwGVyP
Cyi3oS3O2+DnuX3sO0pkn18PpuBNrrXLGqrlA4aTFbvbbGK1h3Q=
=46Vd
-----END PGP SIGNATURE-----

News for package pg-squeeze