Accepted postgresql-13 13.11-0+deb11u1 (source) into proposed-updates

To: debian-changes@lists.debian.org
Subject: Accepted postgresql-13 13.11-0+deb11u1 (source) into proposed-updates
From: Debian FTP Masters <ftpmaster@ftp-master.debian.org>
Date: Sun, 14 May 2023 17:20:51 +0000
Message-id: <[🔎] E1pyFOt-004I92-2x@fasolo.debian.org>
Mail-followup-to: debian-devel@lists.debian.org
Reply-to: debian-devel@lists.debian.org

-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA256

Format: 1.8
Date: Wed, 10 May 2023 20:35:39 +0200
Source: postgresql-13
Architecture: source
Version: 13.11-0+deb11u1
Distribution: bullseye-security
Urgency: medium
Maintainer: Debian PostgreSQL Maintainers <team+postgresql@tracker.debian.org>
Changed-By: Christoph Berg <myon@debian.org>
Changes:
 postgresql-13 (13.11-0+deb11u1) bullseye-security; urgency=medium
 .
   * New upstream version.
 .
     + Prevent CREATE SCHEMA from defeating changes in search_path
       (Report and fix by Alexander Lakhin, CVE-2023-2454)
 .
       Within a CREATE SCHEMA command, objects in the prevailing search_path,
       as well as those in the newly-created schema, would be visible even
       within a called function or script that attempted to set a secure
       search_path.  This could allow any user having permission to create a
       schema to hijack the privileges of a security definer function or
       extension script.
 .
     + Enforce row-level security policies correctly after inlining a
       set-returning function (Report by Wolfgang Walther, CVE-2023-2455)
 .
       If a set-returning SQL-language function refers to a table having
       row-level security policies, and it can be inlined into a calling query,
       those RLS policies would not get enforced properly in some cases
       involving re-using a cached plan under a different role. This could
       allow a user to see or modify rows that should have been invisible.
Checksums-Sha1:
 9575212f6f3bebc97ef6ed7d958197de8d495e88 3703 postgresql-13_13.11-0+deb11u1.dsc
 501acb24ba8539c08ba12b08adecd7559bf87e1b 21519655 postgresql-13_13.11.orig.tar.bz2
 93dc0d58d69d1ebecd6e062ac3502d787eb3c060 30160 postgresql-13_13.11-0+deb11u1.debian.tar.xz
Checksums-Sha256:
 eaa5b109ae2d02a847dc7e6dc5263539ccb79dee6a130fd1228e59aa375831c7 3703 postgresql-13_13.11-0+deb11u1.dsc
 4992ff647203566b670d4e54dc5317499a26856c93576d0ea951bdf6bee50bfb 21519655 postgresql-13_13.11.orig.tar.bz2
 f4dc062b966ab53fece8116eb4919629a8d4bbe2045786b0015f893fa7852ea1 30160 postgresql-13_13.11-0+deb11u1.debian.tar.xz
Files:
 da018b47f1ba68026ada09807b67379b 3703 database optional postgresql-13_13.11-0+deb11u1.dsc
 b4fcb4a73180840f23cb3a09cd01d9dc 21519655 database optional postgresql-13_13.11.orig.tar.bz2
 37a1dd004a8dc5762435c86ba2e77e3e 30160 database optional postgresql-13_13.11-0+deb11u1.debian.tar.xz

-----BEGIN PGP SIGNATURE-----

iQIzBAEBCAAdFiEEXEj+YVf0kXlZcIfGTFprqxLSp64FAmRb5t8ACgkQTFprqxLS
p65CURAAlAkCrbbE28ia+NBGo94PiC1XkTriafEEpETz8uPOU+q2sReoP8x1ICdU
2TJRyXBUzCIfB6qfx+YhDXzs7ZjKFAkkSqX+GKOHG51aRyTmz4/2ZSsMh7lADRgh
QsjdfFan+Pi/aqx9TFhHOTzSY3oZScEe0FBa2MnoOpJjY8sM7AQZZQsRZvsxTTyj
1PZIuDvslTlANlTgrsA23nVAeJCcrAhJe1sKr9BtJgLL4+gGdNM5sweQ1ionqZyC
X0DszyYTXve/l7BIRQqGtOcmshXjIISWaxzjf8FEzjv74MW6kUJ+kodlMJJo8DE5
WgFZq24u+OOIO3FerX5Ur5lLXhSPHR+uyOVIlZH3zUpzAgLvTkAFZ4EL7iS5vEio
JjNT2FWyedhy1osotKh2hvqcXjetWv7V7fCe7kkakEm1X1yBq+XcPohKynFbqf05
9i8he4hSxX1flbCNafcfz7JLMIdKhGrqNVqFslYCgCUrp29HzC6oSHh/VK2NGXWU
w2fSA41FpTLci7EijUGUibia6FjGSuavxf4vSDhh1q9Azq0c/CBCFryDVje1lyvG
L/wwa+Y6nbWA1Kh3YP7ma7Ixho02DEL2/XfJIXjQs/hubY8AlYpAjhQFmhBKgxEg
sUzZOgyiTDNvIahkqDCsxEyfxWKE3YCkxEzFo+VKJPI6AeARUdY=
=xv7O
-----END PGP SIGNATURE-----

Reply to:

Prev by Date: Accepted linux-signed-i386 5.10.179+1 (source) into proposed-updates
Next by Date: Accepted thunderbird 1:102.11.0-1~deb11u1 (source) into proposed-updates
Previous by thread: Accepted linux-signed-i386 5.10.179+1 (source) into proposed-updates
Next by thread: Accepted thunderbird 1:102.11.0-1~deb11u1 (source) into proposed-updates
Index(es):
- Date
- Thread