Publishing details
Changelog
postgresql-15 (15.6-0ubuntu0.23.10.1) mantic-security; urgency=medium
* New upstream version (LP: #2052850).
+ A dump/restore is not required for those running 15.X.
+ However, one bug was fixed that could have resulted in corruption of
GIN indexes during concurrent updates. If you suspect such
corruption, reindex affected indexes after installing this update.
+ Also, if you are upgrading from a version earlier than 15.5, see
those release notes as well please.
+ Tighten security restrictions within REFRESH MATERIALIZED
VIEW CONCURRENTLY (Heikki Linnakangas)
One step of a concurrent refresh command was run under weak security
restrictions. If a materialized view's owner could persuade a
superuser or other high-privileged user to perform a concurrent
refresh on that view, the view's owner could control code executed
with the privileges of the user running REFRESH.
Fix things so that all user-determined code is run as the view's
owner, as expected.
The only known exploit for this error does not work in PostgreSQL
16.0 and later, so it may be that v16 is not vulnerable in practice.
The PostgreSQL Project thanks Pedro Gallegos for reporting this
problem.
(CVE-2024-0985)
+ Details about these and many further changes can be found at:
https://www.postgresql.org/docs/15/release-15-6.html.
* d/postgresql-15.NEWS: Update.
-- Sergio Durigan Junior <email address hidden> Fri, 09 Feb 2024 19:43:36 -0500
Builds
Built packages
-
libecpg-compat3
older version of run-time library for ECPG programs
-
libecpg-compat3-dbgsym
debug symbols for libecpg-compat3
-
libecpg-dev
development files for ECPG (Embedded PostgreSQL for C)
-
libecpg-dev-dbgsym
debug symbols for libecpg-dev
-
libecpg6
run-time library for ECPG programs
-
libecpg6-dbgsym
debug symbols for libecpg6
-
libpgtypes3
shared library libpgtypes for PostgreSQL 15
-
libpgtypes3-dbgsym
debug symbols for libpgtypes3
-
libpq-dev
header files for libpq5 (PostgreSQL library)
-
libpq5
PostgreSQL C client library
-
libpq5-dbgsym
debug symbols for libpq5
-
postgresql-15
The World's Most Advanced Open Source Relational Database
-
postgresql-15-dbgsym
debug symbols for postgresql-15
-
postgresql-client-15
front-end programs for PostgreSQL 15
-
postgresql-client-15-dbgsym
debug symbols for postgresql-client-15
-
postgresql-doc-15
documentation for the PostgreSQL database management system
-
postgresql-plperl-15
PL/Perl procedural language for PostgreSQL 15
-
postgresql-plperl-15-dbgsym
debug symbols for postgresql-plperl-15
-
postgresql-plpython3-15
PL/Python 3 procedural language for PostgreSQL 15
-
postgresql-plpython3-15-dbgsym
debug symbols for postgresql-plpython3-15
-
postgresql-pltcl-15
PL/Tcl procedural language for PostgreSQL 15
-
postgresql-pltcl-15-dbgsym
debug symbols for postgresql-pltcl-15
-
postgresql-server-dev-15
development files for PostgreSQL 15 server-side programming
Package files