-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA512
Format: 1.8
Date: Tue, 11 Feb 2025 11:27:41 +0100
Source: postgresql-17
Architecture: source
Version: 17.3-1
Distribution: unstable
Urgency: medium
Maintainer: Debian PostgreSQL Maintainers <team+postgresql@tracker.debian.org>
Changed-By: Christoph Berg <myon@debian.org>
Closes: 1093414
Changes:
postgresql-17 (17.3-1) unstable; urgency=medium
.
* New upstream version 17.3.
.
+ Harden PQescapeString and allied functions against invalidly-encoded
input strings (Andres Freund, Noah Misch)
.
Data-quoting functions supplied by libpq now fully check the encoding
validity of their input. If invalid characters are detected, they
report an error if possible. For the ones that lack an error return
convention, the output string is adjusted to ensure that the server will
report invalid encoding and no intervening processing will be fooled by
bytes that might happen to match single quote, backslash, etc.
.
The purpose of this change is to guard against SQL-injection attacks
that are possible if one of these functions is used to quote crafted
input. There is no hazard when the resulting string is sent directly to
a PostgreSQL server (which would check its encoding anyway), but there
is a risk when it is passed through psql or other client-side code.
Historically such code has not carefully vetted encoding, and in many
cases it's not clear what it should do if it did detect such a problem.
.
This fix is effective only if the data-quoting function, the server, and
any intermediate processing agree on the character encoding that's being
used. Applications that insert untrusted input into SQL commands should
take special care to ensure that that's true.
.
Applications and drivers that quote untrusted input without using these
libpq functions may be at risk of similar problems. They should first
confirm the data is valid in the encoding expected by the server.
.
The PostgreSQL Project thanks Stephen Fewer for reporting this problem.
(CVE-2025-1094)
.
+ Adjust tests to tzdata 2025a changes. (Closes: #1093414)
.
* B-D on postgresql-common-dev.
* Test-depend only our server packages, i.e. allow libpq5 to be newer.
Checksums-Sha1:
8f9ca0ced73921a470496984e245e35323dd09c5 4236 postgresql-17_17.3-1.dsc
d25d6ec5e6a8332b59bdf84350c3ce278ffe5afb 21520115 postgresql-17_17.3.orig.tar.bz2
51ae4f3a7535a8a0af4103396fc5e99a104e5b96 26568 postgresql-17_17.3-1.debian.tar.xz
Checksums-Sha256:
8d925d750066227a79ea70a850315e5e68c6e5789ae367e243ef977be66dcd12 4236 postgresql-17_17.3-1.dsc
13c18b35bf67a97bd639925fc581db7fd2aae4d3548eac39fcdb8da74ace2bea 21520115 postgresql-17_17.3.orig.tar.bz2
a77be8b3ec2982abfde59f7cdd47681ca02dca0e89e488074d29cd4f5160d2cc 26568 postgresql-17_17.3-1.debian.tar.xz
Files:
22fe5dba6b4e4731eb3cfabb59490c6d 4236 database optional postgresql-17_17.3-1.dsc
d229389aae99b76dca2573ae898deb2d 21520115 database optional postgresql-17_17.3.orig.tar.bz2
0f3bb97f428a0c8b9625c0367f4c73ae 26568 database optional postgresql-17_17.3-1.debian.tar.xz
-----BEGIN PGP SIGNATURE-----
iQIzBAEBCgAdFiEEXEj+YVf0kXlZcIfGTFprqxLSp64FAmet374ACgkQTFprqxLS
p67q+xAAmmUXhxcidm8ejUvepiwDHbY+dEYF8PdzBhoSYSYI8jiLNZ5OqQEEjfSP
YVZzXyWj4DXlzDDaoSPX2vLZJasLWaej1wEMUfisk6p4ELumh3Mdyl4WxA33PwZ6
QureNPqLnaDTqV9p0/TXSV1d9Ihu1rocEWFa+4uSIPP5OgngtFrNIx4jt+jXO90o
DvqOh8ynt9CI5CpWotmVe2eaiw7HdqffLWvItch+mYsDLIdReeXSL1NhypFF4Hph
3Eo+EiZ7OyXxSohNIooywWYlj6cggPUIeTtvEIVBUaNG1qfKTxzKqAD0xjOdml3L
6y3eGQ2hMzAprHfK5kREWiassSHenO/TUH0DHIHAN7jc5N9cD0BkyAD0KsUMoToU
9x5h5RbXZ6z28CldcZv6tYVwMMQnf5OAnFlIT7VA5gA+DGgRaacEcbh6pl5zyMpW
zeHteqcVWSgit9ayX5NIZHDd0aM7iWwxEMEFJANq+z+z3oHkaKofkOrSSKE6e0Iq
vylSPnAKLUGElXsfAR7BTJlGca6Pi64Wj/l/FDGn4OR+2bvmt9jFM6D0LW4ZhrmH
qdx3CJ/7/ZThkNYnYy5mwpRyi84aVADBnD9ADEEoe/b+GZDhZDLqpvFQ2le2lUQx
uhg3XTQ+f7R3CF7B5iRiNitkwpJIG0LkdA0+fwOR797xLfGCvH0=
=kqZr
-----END PGP SIGNATURE-----
Attachment:
pgptXyMDHhy0G.pgp
Description: PGP signature