Bug#1111075: trixie-pu: package postgresql-17/17.6-0+deb13u1

To: Debian Bug Tracking System <submit@bugs.debian.org>
Subject: Bug#1111075: trixie-pu: package postgresql-17/17.6-0+deb13u1
From: Christoph Berg <myon@debian.org>
Date: Thu, 14 Aug 2025 14:58:36 +0200
Message-id: <[🔎] aJ3dfE0KGJJD6iHy@msg.df7cb.de>
Reply-to: Christoph Berg <myon@debian.org>, 1111075@bugs.debian.org

Package: release.debian.org
Severity: normal
Tags: trixie
X-Debbugs-Cc: postgresql-17@packages.debian.org
Control: affects -1 + src:postgresql-17
User: release.debian.org@packages.debian.org
Usertags: pu

New postgresql-17 package with a few low-profile CVEs that didn't
warrant a DSA.

[ Tests ]
Lots of upstream tests and extensive postgresql-common testsuite
coverage.

Christoph

diff --git a/debian/changelog b/debian/changelog
index 6be7c5f..033ccb0 100644
--- a/debian/changelog
+++ b/debian/changelog
@@ -1,3 +1,66 @@
+postgresql-17 (17.6-0+deb13u1) trixie; urgency=medium
+
+  * New upstream version 17.6.
+
+    + Tighten security checks in planner estimation functions (Dean Rasheed)
+
+      The fix for CVE-2017-7484, plus followup fixes, intended to prevent
+      leaky functions from being applied to statistics data for columns that
+      the calling user does not have permission to read.  Two gaps in that
+      protection have been found.  One gap applies to partitioning and
+      inheritance hierarchies where RLS policies on the tables should restrict
+      access to statistics data, but did not.
+
+      The other gap applies to cases where the query accesses a table via a
+      view, and the view owner has permissions to read the underlying table
+      but the calling user does not have permissions on the view. The view
+      owner's permissions satisfied the security checks, and the leaky
+      function would get applied to the underlying table's statistics before
+      we check the calling user's permissions on the view.  This has been
+      fixed by making security checks on views occur at the start of planning.
+      That might cause permissions failures to occur earlier than before.
+
+      The PostgreSQL Project thanks Dean Rasheed for reporting this problem.
+      (CVE-2025-8713)
+
+    + Prevent pg_dump scripts from being used to attack the user running the
+      restore (Nathan Bossart)
+
+      Since dump/restore operations typically involve running SQL commands as
+      superuser, the target database installation must trust the source
+      server.  However, it does not follow that the operating system user who
+      executes psql to perform the restore should have to trust the source
+      server.  The risk here is that an attacker who has gained
+      superuser-level control over the source server might be able to cause it
+      to emit text that would be interpreted as psql meta-commands. That would
+      provide shell-level access to the restoring user's own account,
+      independently of access to the target database.
+
+      To provide a positive guarantee that this can't happen, extend psql with
+      a \restrict command that prevents execution of further meta-commands,
+      and teach pg_dump to issue that before any data coming from the source
+      server.
+
+      The PostgreSQL Project thanks Martin Rakhmanov, Matthieu Denais, and
+      RyotaK for reporting this problem. (CVE-2025-8714)
+
+    + Convert newlines to spaces in names included in comments in pg_dump
+      output (Noah Misch)
+
+      Object names containing newlines offered the ability to inject arbitrary
+      SQL commands into the output script.  (Without the preceding fix,
+      injection of psql meta-commands would also be possible this way.)
+      CVE-2012-0868 fixed this class of problem at the time, but later work
+      reintroduced several cases.
+
+      The PostgreSQL Project thanks Noah Misch for reporting this problem.
+      (CVE-2025-8715)
+
+  * Add Turkish debconf translation by Atila KOÇ, thanks! (Closes: #1107984)
+  * Drop hurd-iovec patch, implemented upstream.
+
+ -- Christoph Berg <myon@debian.org>  Wed, 13 Aug 2025 13:03:55 +0200
+
 postgresql-17 (17.5-1) unstable; urgency=medium
 
   * New upstream version 17.5.
diff --git a/debian/patches/hurd-iovec b/debian/patches/hurd-iovec
deleted file mode 100644
index e5255f0..0000000
--- a/debian/patches/hurd-iovec
+++ /dev/null
@@ -1,26 +0,0 @@
-hurd-i386 does not define IOV_MAX
-
---- a/src/include/port/pg_iovec.h
-+++ b/src/include/port/pg_iovec.h
-@@ -20,9 +20,6 @@
- 
- #else
- 
--/* POSIX requires at least 16 as a maximum iovcnt. */
--#define IOV_MAX 16
--
- /* Define our own POSIX-compatible iovec struct. */
- struct iovec
- {
-@@ -32,6 +29,11 @@ struct iovec
- 
- #endif
- 
-+/* POSIX requires at least 16 as a maximum iovcnt. */
-+#ifndef IOV_MAX
-+#define IOV_MAX 16
-+#endif
-+
- /* Define a reasonable maximum that is safe to use on the stack. */
- #define PG_IOV_MAX Min(IOV_MAX, 32)
- 
diff --git a/debian/patches/series b/debian/patches/series
index e1346aa..988f8dc 100644
--- a/debian/patches/series
+++ b/debian/patches/series
@@ -10,5 +10,4 @@ extension_destdir
 autoconf2.69
 focal-arm64-outline-atomics
 jit-s390x
-hurd-iovec
 pgstat-report-conflicts-immediately.patch
diff --git a/debian/po/tr.po b/debian/po/tr.po
new file mode 100644
index 0000000..e0bc253
--- /dev/null
+++ b/debian/po/tr.po
@@ -0,0 +1,41 @@
+# Turkish debconf translation of postgresql
+# Copyright (C) 2025 Debian Turkish L10n Team
+# This file is distributed under the same license as the postgresql package.
+#
+# Translators:
+# Atila KOÇ <atilakoc@yahoo.com>, 2025.
+#
+msgid ""
+msgstr ""
+"Project-Id-Version: postgresql 17\n"
+"Report-Msgid-Bugs-To: \n"
+"POT-Creation-Date: 2025-04-29 17:06+0000\n"
+"PO-Revision-Date: 2025-05-18 11:57+0300\n"
+"Last-Translator: Atila KOÇ <atilakoc@yahoo.com>\n"
+"Language-Team: Turkish <debian-l10n-turkish@lists.debian.org>\n"
+"Language: tr\n"
+"MIME-Version: 1.0\n"
+"Content-Type: text/plain; charset=UTF-8\n"
+"Content-Transfer-Encoding: 8bit\n"
+"Plural-Forms: nplurals=2; plural=(n > 1);\n"
+"X-Generator: Poedit 3.6\n"
+
+#. Type: boolean
+#. Description
+#: ../postgresql-17.templates:1001
+msgid "Remove PostgreSQL directories when package is purged?"
+msgstr ""
+"PostgreSQL paketi temizlenerek kaldırıldığında, dizinleri de silinsin mi?"
+
+#. Type: boolean
+#. Description
+#: ../postgresql-17.templates:1001
+msgid ""
+"Removing the PostgreSQL server package will leave existing database clusters "
+"intact, i.e. their configuration, data, and log directories will not be "
+"removed. On purging the package, the directories can optionally be removed."
+msgstr ""
+"PostgreSQL sunucu paketi kaldırıldığında varolan veritabanı kümelerini "
+"öylece bırakır; örneğin onların yapılandırma dosyaları, verileri ve kayıt "
+"dizinleri silinmez. Paket temizlenerek kaldırıldığında ise, bu dizinler "
+"isteğe bağlı olarak silinebilir."

Reply to:

Follow-Ups:
- Processed: trixie-pu: package postgresql-17/17.6-0+deb13u1
  - From: "Debian Bug Tracking System" <owner@bugs.debian.org>
- Bug#1111075: postgresql-17 17.6-0+deb13u1 flagged for acceptance
  - From: Adam D Barratt <adam@adam-barratt.org.uk>
- Bug#1111075: trixie-pu: package postgresql-17/17.6-0+deb13u1
  - From: "Adam D. Barratt" <adam@adam-barratt.org.uk>

Prev by Date: Processed: trixie-pu: package postgresql-17/17.6-0+deb13u1
Next by Date: Processed: bookworm-pu: package postgresql-15/15.14-0+deb12u1
Previous by thread: Bug#1110207: marked as done (unblock: kmailtransport/24.12.3-2)
Next by thread: Processed: trixie-pu: package postgresql-17/17.6-0+deb13u1
Index(es):
- Date
- Thread