[Pkg-postgresql-public] postgresql-9.6_9.6.6-0+deb9u1_source.changes ACCEPTED into proposed-updates->stable-new, proposed-updates

Debian FTP Masters ftpmaster at ftp-master.debian.org
Sun Nov 12 15:34:22 UTC 2017 


Accepted:

-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA256

Format: 1.8
Date: Wed, 08 Nov 2017 10:40:59 +0100
Source: postgresql-9.6
Binary: libpq-dev libpq5 libecpg6 libecpg-dev libecpg-compat3 libpgtypes3 postgresql-9.6 postgresql-9.6-dbg postgresql-client-9.6 postgresql-server-dev-9.6 postgresql-doc-9.6 postgresql-contrib-9.6 postgresql-plperl-9.6 postgresql-plpython-9.6 postgresql-plpython3-9.6 postgresql-pltcl-9.6
Architecture: source
Version: 9.6.6-0+deb9u1
Distribution: stretch-security
Urgency: medium
Maintainer: Debian PostgreSQL Maintainers <pkg-postgresql-public at lists.alioth.debian.org>
Changed-By: Christoph Berg <christoph.berg at credativ.de>
Description:
 libecpg-compat3 - older version of run-time library for ECPG programs
 libecpg-dev - development files for ECPG (Embedded PostgreSQL for C)
 libecpg6   - run-time library for ECPG programs
 libpgtypes3 - shared library libpgtypes for PostgreSQL 9.6
 libpq-dev  - header files for libpq5 (PostgreSQL library)
 libpq5     - PostgreSQL C client library
 postgresql-9.6 - object-relational SQL database, version 9.6 server
 postgresql-9.6-dbg - debug symbols for postgresql-9.6
 postgresql-client-9.6 - front-end programs for PostgreSQL 9.6
 postgresql-contrib-9.6 - additional facilities for PostgreSQL
 postgresql-doc-9.6 - documentation for the PostgreSQL database management system
 postgresql-plperl-9.6 - PL/Perl procedural language for PostgreSQL 9.6
 postgresql-plpython-9.6 - PL/Python procedural language for PostgreSQL 9.6
 postgresql-plpython3-9.6 - PL/Python 3 procedural language for PostgreSQL 9.6
 postgresql-pltcl-9.6 - PL/Tcl procedural language for PostgreSQL 9.6
 postgresql-server-dev-9.6 - development files for PostgreSQL 9.6 server-side programming
Changes:
 postgresql-9.6 (9.6.6-0+deb9u1) stretch-security; urgency=medium
 .
   * New upstream version.
 .
     + Ensure that INSERT ... ON CONFLICT DO UPDATE checks table permissions
       and RLS policies in all cases (Dean Rasheed)
 .
       The update path of INSERT ... ON CONFLICT DO UPDATE requires SELECT
       permission on the columns of the arbiter index, but it failed to check
       for that in the case of an arbiter specified by constraint name. In
       addition, for a table with row level security enabled, it failed to
       check updated rows against the table's SELECT policies (regardless of
       how the arbiter index was specified). (CVE-2017-15099)
 .
     + Fix crash due to rowtype mismatch in json{b}_populate_recordset()
       (Michael Paquier, Tom Lane)
 .
       These functions used the result rowtype specified in the FROM ... AS
       clause without checking that it matched the actual rowtype of the
       supplied tuple value.  If it didn't, that would usually result in a
       crash, though disclosure of server memory contents seems possible as
       well. (CVE-2017-15098)
 .
     + Fix BRIN index summarization to handle concurrent table extension
       correctly (Álvaro Herrera)
 .
       Previously, a race condition allowed some table rows to be omitted from
       the index.  It may be necessary to reindex existing BRIN indexes to
       recover from past occurrences of this problem.
Checksums-Sha1:
 dc443ecff8da540c9933815568de1cc3e8fe19bc 3694 postgresql-9.6_9.6.6-0+deb9u1.dsc
 bd911c2a2ee25086cfebe03f3483f82c38210cdb 19605724 postgresql-9.6_9.6.6.orig.tar.bz2
 9cd1d83923be23136310183bb3b27f94f333c7e1 21644 postgresql-9.6_9.6.6-0+deb9u1.debian.tar.xz
 2e51375f681139596c1b9253db01638e60fc3f49 8555 postgresql-9.6_9.6.6-0+deb9u1_source.buildinfo
Checksums-Sha256:
 1aae9e0c6960f7466b883211fe165612545d14166a6ca80ebfef5fe8b2fa54cf 3694 postgresql-9.6_9.6.6-0+deb9u1.dsc
 399cdffcb872f785ba67e25d275463d74521566318cfef8fe219050d063c8154 19605724 postgresql-9.6_9.6.6.orig.tar.bz2
 e20cde135f7a74f7efa0785e8405c063d0fc1f2091f8aee933f81ce277938dbc 21644 postgresql-9.6_9.6.6-0+deb9u1.debian.tar.xz
 3917d6daeac2da931c63e4b348fbb56e21448b16aa2c20c08e2043ce0d11536d 8555 postgresql-9.6_9.6.6-0+deb9u1_source.buildinfo
Files:
 86fc471f7fa47c6c58d4507c5b92f5c9 3694 database optional postgresql-9.6_9.6.6-0+deb9u1.dsc
 7c65858172597de7937efd88f208969b 19605724 database optional postgresql-9.6_9.6.6.orig.tar.bz2
 dc43771b58faa1a08c75d9e4a837dbf6 21644 database optional postgresql-9.6_9.6.6-0+deb9u1.debian.tar.xz
 b0e34d85abcf788dcbb66dae56f182e9 8555 database optional postgresql-9.6_9.6.6-0+deb9u1_source.buildinfo

-----BEGIN PGP SIGNATURE-----

iQIzBAEBCAAdFiEEXEj+YVf0kXlZcIfGTFprqxLSp64FAloDG4UACgkQTFprqxLS
p66wxw/8DoRvpise2P5tSSXIt5J+pKNIGgHy34g8fWNV6n0elxdVl4Y8qPl+3lIB
Od3OXw8dwTIyAHIgnRgXSE4CZSUv2kOxeoKtxRJZQVuAWfQrjg/md4gOn9K3KpEw
Mahl+yk5ZVNfDodLGktLaGPmGgj7gH1PMloBQ2cQoA6uIHy6xIRkMx3mg6/1peV+
J7qXM0fkFaIhAXh3HtZAhJ38qJkNojDZqiGkm14O7DunGCW3etlagiCkT+9Gwjl/
1NYG06Avc20vKjManpVNedz6n5fOLwMr2Z95riu0/+YH49Pyay5qUlLo+L3k5C3N
KR5LNhh/yNtAs2YRAANjG5j/A+W+Dw3W6C5gRY9dLcQbqvIRqI/ysPGf1UfmJVLO
QZABdZSygbcscpYIHxCmkgVlup4i7vhTweT3QotX0qnkeNdXLUJbRRyX5oxqsQv5
RHhrAXgiQLRU+tZtvtd8cJYfDOd6RZZEKBSXIQ/tk7KWZdHYuM6yvnQjhL9DL/W/
gveAJkvWrMvkFMhtPNBHC35sppiLSeG9jGTFtMmQuZmdOHdKlVVVYFPYbld4H24K
mMZJRqOz6bPHs8H/gsEYBesJfwX+AwRxPTxV4jzSYIvZYukj3WKwUQeiiM4kFXYc
e85q2n9Z0ltc0GeEyJEpOhS6M/cEvwKBi+f4NPL8DpLOZYhEw2I=
=9/9R
-----END PGP SIGNATURE-----


Thank you for your contribution to Debian.

More information about the Pkg-postgresql-public mailing list