Accepted postgresql-15 15.3-1 (source) into experimental

To: debian-experimental-changes@lists.debian.org, debian-devel-changes@lists.debian.org
Subject: Accepted postgresql-15 15.3-1 (source) into experimental
From: Debian FTP Masters <ftpmaster@ftp-master.debian.org>
Date: Thu, 11 May 2023 17:21:44 +0000
Message-id: <[🔎] E1px9z6-00AWPf-DS@fasolo.debian.org>
Mail-followup-to: debian-devel@lists.debian.org
Reply-to: debian-devel@lists.debian.org

-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA256

Format: 1.8
Date: Tue, 09 May 2023 19:05:02 +0200
Source: postgresql-15
Architecture: source
Version: 15.3-1
Distribution: experimental
Urgency: medium
Maintainer: Debian PostgreSQL Maintainers <team+postgresql@tracker.debian.org>
Changed-By: Christoph Berg <myon@debian.org>
Changes:
 postgresql-15 (15.3-1) experimental; urgency=medium
 .
   * New upstream version.
 .
     + Prevent CREATE SCHEMA from defeating changes in search_path
       (Report and fix by Alexander Lakhin, CVE-2023-2454)
 .
       Within a CREATE SCHEMA command, objects in the prevailing search_path,
       as well as those in the newly-created schema, would be visible even
       within a called function or script that attempted to set a secure
       search_path.  This could allow any user having permission to create a
       schema to hijack the privileges of a security definer function or
       extension script.
 .
     + Enforce row-level security policies correctly after inlining a
       set-returning function (Report by Wolfgang Walther, CVE-2023-2455)
 .
       If a set-returning SQL-language function refers to a table having
       row-level security policies, and it can be inlined into a calling query,
       those RLS policies would not get enforced properly in some cases
       involving re-using a cached plan under a different role. This could
       allow a user to see or modify rows that should have been invisible.
 .
   * Reenable JIT on s390x using workaround patch from SUSE.
Checksums-Sha1:
 3ff1259459aac034b947ba6e3c7dcf89b876c753 3864 postgresql-15_15.3-1.dsc
 a3888ef8f3a548a55b49429d9a076b19d5547899 22819107 postgresql-15_15.3.orig.tar.bz2
 59ca35cd107e1040c275703c614eebf9c4a3064a 24808 postgresql-15_15.3-1.debian.tar.xz
Checksums-Sha256:
 3cc3634c409bc7ec0a93475d2ca3bd1b81e6b474b3c28d2d92f6c4c6a2adbf23 3864 postgresql-15_15.3-1.dsc
 ffc7d4891f00ffbf5c3f4eab7fbbced8460b8c0ee63c5a5167133b9e6599d932 22819107 postgresql-15_15.3.orig.tar.bz2
 7ca35a57d5bfe369fcaffc5f86d1b35e03727454b7d334d51c495762ddb807b2 24808 postgresql-15_15.3-1.debian.tar.xz
Files:
 650e7ab9fbccfc8b22a355f86b52cdc9 3864 database optional postgresql-15_15.3-1.dsc
 7cb75773ff8fbe533701562c3278206b 22819107 database optional postgresql-15_15.3.orig.tar.bz2
 f640f4b63be5febbd476e322b2acb73f 24808 database optional postgresql-15_15.3-1.debian.tar.xz

-----BEGIN PGP SIGNATURE-----

iQIzBAEBCAAdFiEEXEj+YVf0kXlZcIfGTFprqxLSp64FAmRb4UgACgkQTFprqxLS
p65otA//bBKBlvj+QcoS7wbCJezSqSElz9r+YhwQ/WAPyS+TVzTB5cbD+CVrTtvx
eSsS53KS6G3eJIjrm8R9gEmU2b8H+fRiRDuScviExB0bkVjqjY4TGCta5lNOk7T3
5jKB1d4V93BaGaf/74V6c4r1d9ir8mvVwNarVztseK4ZbIJN7gDmb6uDnaw1dmd4
faOgDjKbXf11iKHu3CqRFGNLl5Ua1sQy6HDUgVyO4MP19cMWhmywKCDrC3gLdrct
/6dQdBE4asH2nqjl8Zccah5R7S7pOxIegMwYNAUnBjQliJ9l9aAG1FvBV5r+y/ID
5P/Vbt2wg2VZGhw8Z/fPZC8XeasdYiLNswUGRzP+AVkkaWYnQNfAFJSz8XpaXFFY
cDZmRnTheFLYxsKhNgPPcye2EghaO3ZTojhdO187BrjyLM1Okt/KNbRQ7xlxNopL
VgCG8x/BHFMduaePNMxQFIhcdn0ESsKK3kw/M2kH3ZXEtr9ZSWI32wKu7uIiJcrn
I3C0iG3jUkZlPCwJrgylQRdTf8/YCqPC8Y5w1/JmsJaHE9B+IXdwitNJfPlmeDUk
wWwfCnKMUvJgKF7dvH2Jpiof7X2woApa1NgSf2ZSu+tuBRS08jUQHPA7suAn4+d3
5wUbepVL/nlGpM4sAnJaWL5b40H7ARjDbhIciMduh0D6GN52rno=
=z4HO
-----END PGP SIGNATURE-----

Reply to:

Prev by Date: Accepted xterm 380-1 (source) into experimental
Next by Date: Accepted obs-scene-as-transition 1.1.0+20230419.ce423a3-1 (source amd64) into experimental
Previous by thread: Accepted xterm 380-1 (source) into experimental
Next by thread: Accepted obs-scene-as-transition 1.1.0+20230419.ce423a3-1 (source amd64) into experimental
Index(es):
- Date
- Thread