Debian
postgresql-11 package

postgresql-11 11.16-0+deb10u1 source package in Debian

Changelog

postgresql-11 (11.16-0+deb10u1) buster-security; urgency=medium

  * New upstream release.

    * Confine additional operations within security restricted operation
      sandboxes (Sergey Shinderuk, Noah Misch)

      Autovacuum, CLUSTER, CREATE INDEX, REINDEX, REFRESH MATERIALIZED VIEW,
      and pg_amcheck activated the security restricted operation protection
      mechanism too late, or even not at all in some code paths. A user having
      permission to create non-temporary objects within a database could
      define an object that would execute arbitrary SQL code with superuser
      permissions the next time that autovacuum processed the object, or that
      some superuser ran one of the affected commands against it.

      The PostgreSQL Project thanks Alexander Lakhin for reporting this
      problem. (CVE-2022-1552)

 -- Christoph Berg <email address hidden>  Wed, 11 May 2022 15:15:30 +0200

Upload details

Uploaded by:
Debian PostgreSQL Maintainers
Uploaded to:
Buster
Original maintainer:
Debian PostgreSQL Maintainers
Architectures:
any all
Section:
misc
Urgency:
Medium Urgency

See full publishing history Publishing

Series Pocket Published Component Section
Buster release main misc

Builds

Downloads

File Size SHA-256 Checksum
postgresql-11_11.16-0+deb10u1.dsc 3.7 KiB a5260ef4b2622d0c2c1ea8bcadade0c03824f5455fe2475db713edb80f522e5a
postgresql-11_11.16.orig.tar.bz2 19.4 MiB 2dd9e111f0a5949ee7cacc065cea0fb21092929bae310ce05bf01b4ffc5103a5
postgresql-11_11.16-0+deb10u1.debian.tar.xz 27.6 KiB 7fcd14f517983bea39a6f97dcd99333e359be6c6f2985e12aa7ccf637c6c504b

No changes file available.

Binary packages built by this source