Back to postgresql-13 PTS page

Accepted postgresql-13 13.14-0+deb11u1 (source) into oldstable-proposed-updates

To: debian-changes@lists.debian.org
Subject: Accepted postgresql-13 13.14-0+deb11u1 (source) into oldstable-proposed-updates
From: Debian FTP Masters <ftpmaster@ftp-master.debian.org>
Date: Thu, 15 Feb 2024 11:32:28 +0000
Debian: DAK
Debian-architecture: source
Debian-archive-action: accept
Debian-changes: postgresql-13_13.14-0+deb11u1_source.changes
Debian-source: postgresql-13
Debian-suite: oldstable-proposed-updates
Debian-version: 13.14-0+deb11u1
Dkim-signature: v=1; a=rsa-sha256; q=dns/txt; c=relaxed/relaxed; d=ftp-master.debian.org; s=smtpauto.fasolo; h=Date:Message-Id:Content-Type: Subject:MIME-Version:To:Reply-To:From:Cc:Content-Transfer-Encoding:Content-ID :Content-Description:In-Reply-To:References; bh=Lf6SjujcTJ5ak6iJNXXdymVNwyQey8eF7H2W4SlWSlk=; b=bASPZh+peh/fzgQ5URwXoUhBko AVNRp7bh5O/QW6+Gz2ibvgBAgM9Jj5o/nYp9Enx5rho3XAmIhsXBs8ILzRdrNobBfRKkoLO62IW1I oh0OML80t7YN4eyQG5+F+BWsa3UAlpNo92GvEXGoPa/9MLicuOx1pS3yrwb2UI/9d2fcnvfYk+O21 wLdYxv5vAymr8mpAop7/ZAgRvhWugsblxxXHRiW4H+1tHH0xSMoltYCGXktPjPiRziv81H25Rz2xl vuufcOL8QHa/iGV8s3QIvr1r/zCFQWB3uFJqwk8fuhfTh/RF+JJ23JJ/hR8e+oQKmOjEh31RJ8ZL6 tcx3Svqg==;
Mail-followup-to: debian-devel@lists.debian.org
Message-id: <E1raZye-009ZCc-SU@fasolo.debian.org>
Reply-to: debian-devel@lists.debian.org

-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA256

Format: 1.8
Date: Tue, 06 Feb 2024 13:54:51 +0100
Source: postgresql-13
Architecture: source
Version: 13.14-0+deb11u1
Distribution: bullseye-security
Urgency: medium
Maintainer: Debian PostgreSQL Maintainers <team+postgresql@tracker.debian.org>
Changed-By: Christoph Berg <myon@debian.org>
Changes:
 postgresql-13 (13.14-0+deb11u1) bullseye-security; urgency=medium
 .
   * New upstream version.
 .
     * Tighten security restrictions within REFRESH MATERIALIZED VIEW
       CONCURRENTLY (Heikki Linnakangas)
 .
       One step of a concurrent refresh command was run under weak security
       restrictions.  If a materialized view's owner could persuade a superuser
       or other high-privileged user to perform a concurrent refresh on that
       view, the view's owner could control code executed with the privileges
       of the user running REFRESH. Fix things so that all user-determined code
       is run as the view's owner, as expected.
 .
       The PostgreSQL Project thanks Pedro Gallegos for reporting this problem.
       (CVE-2024-0985)
Checksums-Sha1:
 2d758e5b0e5bae20ba52c26e487a93a74e9b6a1d 3703 postgresql-13_13.14-0+deb11u1.dsc
 79dbababe688d5589fa1d255656bf2e8e35730ce 21584146 postgresql-13_13.14.orig.tar.bz2
 fdc6b36d45b7b613d280ca5324c7533d7560864b 34724 postgresql-13_13.14-0+deb11u1.debian.tar.xz
Checksums-Sha256:
 50ce2b604ada87ca68f2206d9968aa55dc4e5e4733daeee8734471c4a43bb860 3703 postgresql-13_13.14-0+deb11u1.dsc
 b8df078551898960bd500dc5d38a177e9905376df81fe7f2b660a1407fa6a5ed 21584146 postgresql-13_13.14.orig.tar.bz2
 801200e90899fd6f9468f4c16f9cbc9fa56588e0f2cd751f953fb494f8589472 34724 postgresql-13_13.14-0+deb11u1.debian.tar.xz
Files:
 2ac9c3c2f0cb1d4b63bca347433d639d 3703 database optional postgresql-13_13.14-0+deb11u1.dsc
 ed4b42c9b53c04d7d601327eacfcd231 21584146 database optional postgresql-13_13.14.orig.tar.bz2
 6177d5bd434361aec9b09e1f52783733 34724 database optional postgresql-13_13.14-0+deb11u1.debian.tar.xz

-----BEGIN PGP SIGNATURE-----

iQIzBAEBCAAdFiEEXEj+YVf0kXlZcIfGTFprqxLSp64FAmXMtHAACgkQTFprqxLS
p64Mkw//fTwPZmtReA3o/Dp9sS58ZKH+vKPE65/uWWon9MvMKixdWA9W4koHuYaz
TPPwY2iB4AmjYWivorHqAu6cem8JurDpx1joTBkaW7QWnCmZC1zbUdL3JUdDobNB
0EtNmA9WQrM+DK/CKwyuNo3JagLG+DhKk+cHKN5UJUCoNJ0gqNclFS+Xn6ph83Se
fduiW4b0C9DQbtIVr0UNCscMYcOC7FEtS3cgA6uotOeaCtja/6NEJGz2noR3kuJQ
OO1SB9qaI3Ckk+5rYNjLdyPNtRX3IFwPq0ZtTLIMVyrp6AT1TmHleiP8pQthrHi9
un1yK5Qo1r40gKHk/MPg2ipf3tXSU9l/zmbqszMb27r1QfOMI/hNK0i3fcUL+8kQ
Ak0HqiulbquUYGsSXpU+7q/P/y+gd0pK9b8PExME8u7RtkPUCUCzWSVbCT6OmBLt
kv4btAZ2hefa2D6XOXARVU+21OwqvwxvijVzp3bt8xTrIzZ5v4eoOIf5WH4e8Mw5
jOpC35r69Pm34iW4/qZ2edtn8xx23f1iZrNYqEkE0Pe+i2E6LHrvHHAsWEZZeTFM
pobZzIqxktbBHRvWOVd/t6RjVjtZkU1kicmxJSLlB70Lw9ftiO7G0H4Z3Dz2pbD8
bv/qs1Dan5qEyqr3znSsqM+dM2K0DcvRT8JBW1NTsRkCILLRszo=
=yyvu
-----END PGP SIGNATURE-----

Attachment: pgpBdvan0lBcZ.pgp
Description: PGP signature