Accepted pgpool2 4.3.5-1 (source) into unstable
- To: debian-devel-changes@lists.debian.org
- Subject: Accepted pgpool2 4.3.5-1 (source) into unstable
- From: Debian FTP Masters <ftpmaster@ftp-master.debian.org>
- Date: Wed, 01 Mar 2023 10:34:13 +0000
- Debian: DAK
- Debian-architecture: source
- Debian-archive-action: accept
- Debian-changes: pgpool2_4.3.5-1_source.changes
- Debian-source: pgpool2
- Debian-suite: unstable
- Debian-version: 4.3.5-1
- Dkim-signature: v=1; a=rsa-sha256; q=dns/txt; c=relaxed/relaxed; d=ftp-master.debian.org; s=smtpauto.fasolo; h=Date:Message-Id: Content-Transfer-Encoding:Content-Type:Subject:MIME-Version:To:Reply-To:From: Cc:Content-ID:Content-Description:In-Reply-To:References; bh=evqbGuMMC7WLle1Mini7R4zz3C7gvva4fpwChonAf8o=; b=qE1biZh7hfZfxTVz8Wlj3DEYxh 4e3gQ4xKFeGurWHVO7CFrVCp2c0KqVR9FZWPaX2pjC+vkc3xGgMYYeIOcb7YOv68Hlsxt5ns9gDtA OhRqdQ05rBR86ckYJH6jvA+id/MyAQoCQJXKaYUSz0la2pYJ2zqreeMWcfm8EgIE99RolM2hbYWNo tZHmmZblB79eLTdZmpWtvK7ajURJFyroeRI+lHupX/c8PqBeY0cNo/OZJICMvjBc49RGvk/sfk6dH DUkeqxdgVM2EbAkS20ds0s0PdKs1Mrh9LRQx8y4vbwe28k8gfnp4YBt8HXW/QR09yy5PikOHCtR2D gIC88KLg==;
- Mail-followup-to: debian-devel@lists.debian.org
- Message-id: <E1pXJmn-00EmU8-Vc@fasolo.debian.org>
- Reply-to: debian-devel@lists.debian.org
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA256
Format: 1.8
Date: Wed, 01 Mar 2023 11:09:35 +0100
Source: pgpool2
Architecture: source
Version: 4.3.5-1
Distribution: unstable
Urgency: medium
Maintainer: Debian PostgreSQL Maintainers <team+postgresql@tracker.debian.org>
Changed-By: Christoph Berg <myon@debian.org>
Closes: 1030048
Changes:
pgpool2 (4.3.5-1) unstable; urgency=medium
.
* New upstream version 4.3.5. (Closes: #1030048)
.
+ Fixes Information disclosure vulnerability CVE-2023-22332:
.
A specific database user's authentication information may be obtained
by another database user. As a result, the information stored in the
database may be altered and/or database may be suspended by a remote
attacker who successfully logged in the product with the obtained
credentials.
.
* debian/pgpool2.service: Start after network.target.
Checksums-Sha1:
1775469a7678ad9c3e78407703d207c76d067aa2 2645 pgpool2_4.3.5-1.dsc
9cfac112e459d3581072b110ad90bf536e2efb40 4785896 pgpool2_4.3.5.orig.tar.gz
30a77dba3c143b124c326153ad2428b9225cd9da 13764 pgpool2_4.3.5-1.debian.tar.xz
Checksums-Sha256:
ca45b7fad6539375f761a0c50569db8bf326f4524d6b91e9964293e4454eb496 2645 pgpool2_4.3.5-1.dsc
c220bfd78da0601bc46d22b1555b0f18550c5528ce8c40d32741cefaed23e234 4785896 pgpool2_4.3.5.orig.tar.gz
5dd753a1b47e6de57cae01ad5cf7248fe099719062eaf4c99aa9536cf635bcfd 13764 pgpool2_4.3.5-1.debian.tar.xz
Files:
e6077ffac2d4385ea68ee527b8218ba2 2645 database optional pgpool2_4.3.5-1.dsc
b2a0f3a09c9db2279224cb96a78ff0e5 4785896 database optional pgpool2_4.3.5.orig.tar.gz
a9b79fac41f1b5c259139640e61fc957 13764 database optional pgpool2_4.3.5-1.debian.tar.xz
-----BEGIN PGP SIGNATURE-----
iQIzBAEBCAAdFiEEXEj+YVf0kXlZcIfGTFprqxLSp64FAmP/KKIACgkQTFprqxLS
p65hBg/+NpYl4zXdp7alkvE6XPAel3XJEtDFZqwGFT9oekwEXyCpvrPRO2l4deer
GfNQ1O0IlFUEEJe2qwR38ulZwP/2tdzYj7kS9FN36jB2CvWloQzSfMjt76chjiC9
owLmRqKCXkdn+T/BUb0SY8MxYKnELOCbPVdFawAF0HOB16BvJvTIK+/7NYEYp1Xi
aRF71G5YWOa3YJaI/AQyzdH6rrkg6dqhk0FYRLKYpfOxaqRBcKfAaKsr8jII40H1
jIUap+ldogiGFG/N1Ld8CIX/34Epwx+kER+Bon3Ou9lSE4q3U5xAmYjoBSD17Rav
M/DV3kXFaIJSmvDhxeCVql4nBY1DRYdB5D4K28LveqO6UGgvJ6TGWGO6OW2egx4i
a/G+KDdE2qRgF0k79K/dczwrpMykw1+NntJTobAdMqFucLnIPs5ILXo3sqn8slDU
wUL7PoULq6TovdhAbTRHzlo4pCCI8RTqxXzL8Y7tcGAv8CMIzFmr5icLPfyr43Y9
aO1DAAtconj6BNl9hvgns3KZVTkyM7dPoEEzLfc796+Z5Q1FeuZJeP5cM/kITj1W
8gjOmgzP3T6x+zvr9QzP07hFiclaxh0PajOpOy1CPgSke7QVOn2f7l9DfxdA/S0Z
Sc2cpQWSvBORdcfc7IKkVq+WL+iC/Y59PAvtWlJna2ihIimOMUc=
=f2Kp
-----END PGP SIGNATURE-----