-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA512
Format: 1.8
Date: Mon, 26 May 2025 18:37:03 +0200
Source: pgbouncer
Architecture: source
Version: 1.15.0-1+deb11u1
Distribution: bullseye-security
Urgency: medium
Maintainer: Debian PostgreSQL Maintainers <team+postgresql@tracker.debian.org>
Changed-By: Andreas Henriksson <andreas@fatal.se>
Changes:
pgbouncer (1.15.0-1+deb11u1) bullseye-security; urgency=medium
.
* Non-maintainer upload by the LTS Security Team.
.
[ Christoph Berg ]
* CVE-2021-3539: d/p/e4453c9151a2f5af0a9cb049b302a3f9f9654453.patch
Make PgBouncer acting as a server reject extraneous data after an
SSL or GSS encryption handshake.
.
A man-in-the-middle with the ability to inject data into the TCP
connection could stuff some cleartext data into the start of a
supposedly encryption-protected database session. This could be
abused to send faked SQL commands to the server, although that would
only work if PgBouncer did not demand any authentication data.
(However, a PgBouncer setup relying on SSL certificate
authentication might well not do so.)
.
(Similar to CVE-2021-23214 in the PostgreSQL server.)
.
[ Andreas Henriksson ]
* CVE-2025-2291: d/p/9912ee7f1af2e1b81d4d624a0da1cb49075ee78a.patch
Account for VALID UNTIL in auth_query (fixes CVE-2025-2291)
Previously PgBouncer did not take into account the VALID UNTIL of a user
password when querying for password hashes using its auth_query. So if
PgBouncer is used as a transparent proxy in front of Postgres it could
allow passwords that had already expired.
.
To solve this issue this changes the default auth_query and the examples
of custom auth_query functions in the documentation to take VALID UNTIL
into account.
.
Since this can be considered a security issue in setups where VALID
UNTIL is used to limit exposure of leaked passwords, this is tracked as
CVE-2025-2291.
Checksums-Sha1:
a9332563a611e21137f18ab8a4437f7c93ac12d0 2245 pgbouncer_1.15.0-1+deb11u1.dsc
ea7e9dbcab178f439a0fa402a78a7f1e4f43e6d4 588042 pgbouncer_1.15.0.orig.tar.gz
6f7500fd3e813c7a7cd37c31fc748acdfc574219 13540 pgbouncer_1.15.0-1+deb11u1.debian.tar.xz
89528d66cab300f5d46966937153e58564bdbf77 6920 pgbouncer_1.15.0-1+deb11u1_source.buildinfo
Checksums-Sha256:
c3b8130e45a5b11b2d7d840c6ef28eef18567e009e479770640ad95cde996041 2245 pgbouncer_1.15.0-1+deb11u1.dsc
e05a9e158aa6256f60aacbcd9125d3109155c1001a1d1c15d33a37c685d31380 588042 pgbouncer_1.15.0.orig.tar.gz
130b3fa74eff89722a4fcf91b91c9547dfeaa9f2db17114d2c1b78b4511e3cee 13540 pgbouncer_1.15.0-1+deb11u1.debian.tar.xz
1282bdf8ecf3f60f8e71836e279bdb6409dc12c9e11ae00aa55d2ed16fe4ed24 6920 pgbouncer_1.15.0-1+deb11u1_source.buildinfo
Files:
4ab3c7538b32ec6ceaf5b494f92eef61 2245 database optional pgbouncer_1.15.0-1+deb11u1.dsc
1276f106df7dc49bac756ddd31abc558 588042 database optional pgbouncer_1.15.0.orig.tar.gz
5faa8044ee0a1a3857e0f7a22624a7f6 13540 database optional pgbouncer_1.15.0-1+deb11u1.debian.tar.xz
803e6a712e47fca7fedbd5c638dc3402 6920 database optional pgbouncer_1.15.0-1+deb11u1_source.buildinfo
-----BEGIN PGP SIGNATURE-----
iQIzBAEBCgAdFiEE+uHltkZSvnmOJ4zCC8R9xk0TUwYFAmg01IkACgkQC8R9xk0T
Uwa6gg/+Koi48QkW1f4ck8g+yBuJaxtzwmhr98Diw5EqjNn5Fz2iFmBTtzbMlO+I
aXGcQhymAWBdt/9QO9pVvNSea2EDat+tFX71Wm/y9wUCbtn4lZQmBt0DECwP/01v
KZpKHwzxcLIL8EHqSU77SGv9V9dBCRxxS2YUUKw/h4+ri/zat2oChLHRygmqWYV3
xJmnndEcdw0QBCYVJ+tuQLaEjP8qPkyNeUJKfXgW8djxBVxAedfb0xBXEfPUvizd
NahD4D+fT9mehcWkXmi+L3le8NoSUyRb2+r1yLkIpjR5D3K+zFCWiW20pmsIsW/0
ShIyeW1jD7K5zbfzgibMsHNSmEA3u4OgidLi8L5Sm0IN0b/hTzk+W8lsJ1SHVw7V
lCYgkrh/EzxakdrZ2g2OVe1F4aLvOktOO7HXrYkX2ovPPJ/TXGChyhu8PCtilo6j
UhoVL3qR+uqXG3Ue0k/XHyaLbGnS+6XQcRStsPSef/d71i9KWBmsvBcsTqNoA2RZ
jRrCmKnzktaIbeizq+Kf/iI1TCLHEv27FaYY2fw6e1XQE//pgIQUhut1deSdGEkN
+WtIn4e4zDNbhqWG2N6GQNmvVb+xB+7Q7X33jk3RPXF38govC7AosLoj/dsZUQHM
aYU96HYnk3U8EvnHcilJ3ALZhqAruQkCvUSCr4Q1ZsneSJ5KKdc=
=HTg5
-----END PGP SIGNATURE-----
Attachment:
pgpNOusCcC5tH.pgp
Description: PGP signature