Format: 1.8 Date: Thu, 23 Nov 2023 11:27:03 -0300 Source: postgresql-15 Binary: libecpg-compat3 libecpg-dev libecpg6 libpgtypes3 libpq-dev libpq5 postgresql-15 postgresql-client-15 postgresql-plperl-15 postgresql-plpython3-15 postgresql-pltcl-15 postgresql-server-dev-15 Built-For-Profiles: noudeb Architecture: riscv64 riscv64_translations Version: 15.5-0ubuntu0.23.04.1 Distribution: lunar Urgency: medium Maintainer: Launchpad Build Daemon Changed-By: Athos Ribeiro Description: libecpg-compat3 - older version of run-time library for ECPG programs libecpg-dev - development files for ECPG (Embedded PostgreSQL for C) libecpg6 - run-time library for ECPG programs libpgtypes3 - shared library libpgtypes for PostgreSQL 15 libpq-dev - header files for libpq5 (PostgreSQL library) libpq5 - PostgreSQL C client library postgresql-15 - The World's Most Advanced Open Source Relational Database postgresql-client-15 - front-end programs for PostgreSQL 15 postgresql-plperl-15 - PL/Perl procedural language for PostgreSQL 15 postgresql-plpython3-15 - PL/Python 3 procedural language for PostgreSQL 15 postgresql-pltcl-15 - PL/Tcl procedural language for PostgreSQL 15 postgresql-server-dev-15 - development files for PostgreSQL 15 server-side programming Launchpad-Bugs-Fixed: 2040469 Changes: postgresql-15 (15.5-0ubuntu0.23.04.1) lunar-security; urgency=medium . * New upstream version (LP: #2040469). . + A dump/restore is not required for those running 15.X. . + However, several mistakes have been discovered that could lead to certain types of indexes yielding wrong search results or being unnecessarily inefficient. It is advisable to REINDEX potentially-affected indexes after installing this update. . + Also, if you are upgrading from a version earlier than 15.4, see those release notes as well please. . + Fix handling of unknown-type arguments in DISTINCT "any" aggregate functions (Tom Lane) . This error led to a text-type value being interpreted as an unknown-type value (that is, a zero-terminated string) at runtime. This could result in disclosure of server memory following the text value. (CVE-2023-5868) . + Detect integer overflow while computing new array dimensions (Tom Lane) . When assigning new elements to array subscripts that are outside the current array bounds, an undetected integer overflow could occur in edge cases. Memory stomps that are potentially exploitable for arbitrary code execution are possible, and so is disclosure of server memory. (CVE-2023-5869) . + Prevent the pg_signal_backend role from signalling background workers and autovacuum processes (Noah Misch, Jelte Fennema-Nio) . The documentation says that pg_signal_backend cannot issue signals to superuser-owned processes. It was able to signal these background processes, though, because they advertise a role OID of zero. Treat that as indicating superuser ownership. The security implications of cancelling one of these process types are fairly small so far as the core code goes (we'll just start another one), but extensions might add background workers that are more vulnerable. . Also ensure that the is_superuser parameter is set correctly in such processes. No specific security consequences are known for that oversight, but it might be significant for some extensions. (CVE-2023-5870) . + Fix misbehavior during recursive page split in GiST index build (Heikki Linnakangas) . Fix a case where the location of a page downlink was incorrectly tracked, and introduce some logic to allow recovering from such situations rather than silently doing the wrong thing. This error could result in incorrect answers from subsequent index searches. It may be advisable to reindex all GiST indexes after installing this update. . + Prevent de-duplication of btree index entries for interval columns (Noah Misch) . There are interval values that are distinguishable but compare equal, for example 24:00:00 and 1 day. This breaks assumptions made by btree de-duplication, so interval columns need to be excluded from de-duplication. This oversight can cause incorrect results from index-only scans. Moreover, after updating amcheck will report an error for almost all such indexes. Users should reindex any btree indexes on interval columns. . + Process date values more sanely in BRIN datetime_minmax_multi_ops indexes (Tomas Vondra) . The distance calculation for dates was backward, causing poor decisions about which entries to merge. The index still produces correct results, but is much less efficient than it should be. Reindexing BRIN minmax_multi indexes on date columns is advisable. . + Process large timestamp and timestamptz values more sanely in BRIN datetime_minmax_multi_ops indexes (Tomas Vondra) . Infinities were mistakenly treated as having distance zero rather than a large distance from other values, causing poor decisions about which entries to merge. Also, finite-but-very-large values (near the endpoints of the representable timestamp range) could result in internal overflows, again causing poor decisions. The index still produces correct results, but is much less efficient than it should be. Reindexing BRIN minmax_multi indexes on timestamp and timestamptz columns is advisable if the column contains, or has contained, infinities or large finite values. . + Details about these and many further changes can be found at: https://www.postgresql.org/docs/15/release-15-5.html. . * d/p/libpgport-pkglibdir: adjust patch for new release. Checksums-Sha1: 622c39fef93b93dd18ca5f721021024047c2f28f 36844 libecpg-compat3-dbgsym_15.5-0ubuntu0.23.04.1_riscv64.ddeb 8313342f29d55ea7226eb97612d06103b375287c 16620 libecpg-compat3_15.5-0ubuntu0.23.04.1_riscv64.deb 9aa261a2f4cbe9207a6ce6d2fd0b8ed904528e16 279392 libecpg-dev-dbgsym_15.5-0ubuntu0.23.04.1_riscv64.ddeb 454a7f35a8d1adcca048126bb4a7d920e4fa9e4d 356486 libecpg-dev_15.5-0ubuntu0.23.04.1_riscv64.deb 53b27f5da1478ce81e616cc7fd3dc1c5f16afcc2 107322 libecpg6-dbgsym_15.5-0ubuntu0.23.04.1_riscv64.ddeb af97f3dbcc0508ea4134751d0624efc65363636d 39278 libecpg6_15.5-0ubuntu0.23.04.1_riscv64.deb eaa654a02b0aa9fb6080df0148d5adb559416f31 85424 libpgtypes3-dbgsym_15.5-0ubuntu0.23.04.1_riscv64.ddeb 2b67b177ed92a596a2a7cf44bfb099a350ee4b32 41624 libpgtypes3_15.5-0ubuntu0.23.04.1_riscv64.deb f44965711d18a62c3004cc31bbc7d69872c89232 262928 libpq-dev_15.5-0ubuntu0.23.04.1_riscv64.deb 02e9de753179cb68d455263244f22b064794d430 271236 libpq5-dbgsym_15.5-0ubuntu0.23.04.1_riscv64.ddeb 0dce48c87255812ed83db12e31e5e2cf357c5140 123438 libpq5_15.5-0ubuntu0.23.04.1_riscv64.deb 42528a9da26a6618bd39958efcb6b9696ee24009 13355344 postgresql-15-dbgsym_15.5-0ubuntu0.23.04.1_riscv64.ddeb f2e7698ec53d57d2d6dbd4e4f239cb6b80f5b91a 16758 postgresql-15_15.5-0ubuntu0.23.04.1_riscv64.buildinfo 494f13f0af19d21a0f7dc74ed511be23b7789b77 4522394 postgresql-15_15.5-0ubuntu0.23.04.1_riscv64.deb 99050418225305c4ec96140c3fbc54f710cb3694 9625728 postgresql-15_15.5-0ubuntu0.23.04.1_riscv64_translations.tar.gz e6c0423087e76faca7b6bd01b8c37977595c76aa 2234302 postgresql-client-15-dbgsym_15.5-0ubuntu0.23.04.1_riscv64.ddeb b8d756cc57e03ae27f23e85c3fbb17f0baa72899 1190438 postgresql-client-15_15.5-0ubuntu0.23.04.1_riscv64.deb 31d4cfe6fe8322f42333a268f9aa3459bde49304 179830 postgresql-plperl-15-dbgsym_15.5-0ubuntu0.23.04.1_riscv64.ddeb e9c982894bcdfce7e758685e9081cab2d29cbdac 46010 postgresql-plperl-15_15.5-0ubuntu0.23.04.1_riscv64.deb 5611e599345553050eb077acf3d343459d53f29c 164082 postgresql-plpython3-15-dbgsym_15.5-0ubuntu0.23.04.1_riscv64.ddeb 48219175d9e689b6874fcdc2f68171a6431cd8b7 51998 postgresql-plpython3-15_15.5-0ubuntu0.23.04.1_riscv64.deb 206c5f98b0293abcad2676efdadcb0f1a6823529 78056 postgresql-pltcl-15-dbgsym_15.5-0ubuntu0.23.04.1_riscv64.ddeb 59e69057baa9f176331a947a251d4e6fe7446aea 28620 postgresql-pltcl-15_15.5-0ubuntu0.23.04.1_riscv64.deb 970f155f5d5ed825f487747f6843872d487a9e3b 1362762 postgresql-server-dev-15_15.5-0ubuntu0.23.04.1_riscv64.deb Checksums-Sha256: 0a13f067a612791ea21e32efcd9e561a974e6bc62a95666ce67616f3e2a55108 36844 libecpg-compat3-dbgsym_15.5-0ubuntu0.23.04.1_riscv64.ddeb 00629851b627c3e1f617d7ba6fbba392f4dbb00b872eb86c01ddcbbaf3fc93eb 16620 libecpg-compat3_15.5-0ubuntu0.23.04.1_riscv64.deb 65a570e5ccd1722726d9a1547300f7e7e3c97965ab147d5bfc7ca2ea913b1c6f 279392 libecpg-dev-dbgsym_15.5-0ubuntu0.23.04.1_riscv64.ddeb 952aeb001aa39f506c18931b1b173c20955cfc0a9998d958d9dbc0c2a5523cfa 356486 libecpg-dev_15.5-0ubuntu0.23.04.1_riscv64.deb dd2c82f178dce5b1b78935d20f8520e113a61a690aee27683a42911b9a4c7b06 107322 libecpg6-dbgsym_15.5-0ubuntu0.23.04.1_riscv64.ddeb 8ce41f36df76e0b04d6976dba30d80d97e643a81da7e3eeaa05d7473e285b7a6 39278 libecpg6_15.5-0ubuntu0.23.04.1_riscv64.deb 6d0917c886fe5e5494fdbda0da903e595b07366f8e028527aeb77f927405be5e 85424 libpgtypes3-dbgsym_15.5-0ubuntu0.23.04.1_riscv64.ddeb d40e6ccaeb10aadb4c0d8b0fb4d2916429eeb581096f21eba790857a5384d867 41624 libpgtypes3_15.5-0ubuntu0.23.04.1_riscv64.deb ac355158b30b10b56d5bf4e6fff5dcdc72846795835482b5ea9671023f232f1a 262928 libpq-dev_15.5-0ubuntu0.23.04.1_riscv64.deb aa15288238298796e7385b932a341d9b63e5804e9fb40c85c1bf970ddd4bc740 271236 libpq5-dbgsym_15.5-0ubuntu0.23.04.1_riscv64.ddeb aaa57a3b77dcbfb7c31f724927088ccfb8f1f8b6218763e25fad3b21f18acc0b 123438 libpq5_15.5-0ubuntu0.23.04.1_riscv64.deb e1621be208541231834b520d13d356e5acaa0cfd8dd7908455fa74f5e75aa86e 13355344 postgresql-15-dbgsym_15.5-0ubuntu0.23.04.1_riscv64.ddeb 03036ea0404e7b6a2e335d8dae2d749796989fea9a71e33c332098bb55fc43d6 16758 postgresql-15_15.5-0ubuntu0.23.04.1_riscv64.buildinfo 08b117c6d4d8bdd743b685a1b7cb01bc45d94c4518f0b49a4838ca2abb053e0f 4522394 postgresql-15_15.5-0ubuntu0.23.04.1_riscv64.deb 09f40d036715729d56b0293dccf740fe10e84f54b1c41085df1f23030769a2d7 9625728 postgresql-15_15.5-0ubuntu0.23.04.1_riscv64_translations.tar.gz 20d3bd78f78d7dc84316363c8d5e580445d6d9c80610ecb44888910859d292d2 2234302 postgresql-client-15-dbgsym_15.5-0ubuntu0.23.04.1_riscv64.ddeb e01e8bd2e911588cd3a7f90bdf67404f44e30c46c4803f383b7ff048c7892ed5 1190438 postgresql-client-15_15.5-0ubuntu0.23.04.1_riscv64.deb ee3a7acd851da9953cc51bcb97ba3da9ff9c5b60eea0c526f088287355a5bad1 179830 postgresql-plperl-15-dbgsym_15.5-0ubuntu0.23.04.1_riscv64.ddeb 9a8dd949c049e31bfd61f418c5cf0389d4cf78c54d46a8a4d5d73aa2697ab878 46010 postgresql-plperl-15_15.5-0ubuntu0.23.04.1_riscv64.deb 4751b0b808980f43f6dcf210ce6682ceaceded9e41b5b4e5da294aa870d47912 164082 postgresql-plpython3-15-dbgsym_15.5-0ubuntu0.23.04.1_riscv64.ddeb 229c71c46e839548bf03c72a9bd742fc2555eaa92113f55dee654f9e41b73f68 51998 postgresql-plpython3-15_15.5-0ubuntu0.23.04.1_riscv64.deb a6854ebccaafe1a23030013198008011419dd057e8caaaf5c8c3b6f40058dbfd 78056 postgresql-pltcl-15-dbgsym_15.5-0ubuntu0.23.04.1_riscv64.ddeb 874c638e388cd3ad7ec586f3b45d7ac412f494619425fb4d6b773bad799793e5 28620 postgresql-pltcl-15_15.5-0ubuntu0.23.04.1_riscv64.deb b85b4e658f67a760e63dfa1d871b66a351f6e5ab2d327d2c83813b817cd50f06 1362762 postgresql-server-dev-15_15.5-0ubuntu0.23.04.1_riscv64.deb Files: d9be34fd82a980aadf62446463a87631 36844 debug optional libecpg-compat3-dbgsym_15.5-0ubuntu0.23.04.1_riscv64.ddeb 47211cda802a22d11ff602a0250ad747 16620 libs optional libecpg-compat3_15.5-0ubuntu0.23.04.1_riscv64.deb fd22614b724cb51c42e85987ceac1310 279392 debug optional libecpg-dev-dbgsym_15.5-0ubuntu0.23.04.1_riscv64.ddeb 72e0ebae507fde91c459e6217afba0d5 356486 libdevel optional libecpg-dev_15.5-0ubuntu0.23.04.1_riscv64.deb 26fd6e2db1891749b1daa9f418bacaee 107322 debug optional libecpg6-dbgsym_15.5-0ubuntu0.23.04.1_riscv64.ddeb 76e011651a90b77cb25df04091ca659e 39278 libs optional libecpg6_15.5-0ubuntu0.23.04.1_riscv64.deb bb4352e222fd780294b1f3a81c04a18f 85424 debug optional libpgtypes3-dbgsym_15.5-0ubuntu0.23.04.1_riscv64.ddeb 705afbf914db7105aab9eaf1f5a3f10f 41624 libs optional libpgtypes3_15.5-0ubuntu0.23.04.1_riscv64.deb ee61f34e7beabd058251db10f4c53c49 262928 libdevel optional libpq-dev_15.5-0ubuntu0.23.04.1_riscv64.deb 4d7699f41ee128449592f1397e543927 271236 debug optional libpq5-dbgsym_15.5-0ubuntu0.23.04.1_riscv64.ddeb fe761079b135c102703627a56b17cdd0 123438 libs optional libpq5_15.5-0ubuntu0.23.04.1_riscv64.deb 781f7537c5462cebe821a445108e12b6 13355344 debug optional postgresql-15-dbgsym_15.5-0ubuntu0.23.04.1_riscv64.ddeb bfb68f2801b370a5adfbe542b2040df8 16758 database optional postgresql-15_15.5-0ubuntu0.23.04.1_riscv64.buildinfo 069549cfb23a4611910a4255aec9a55a 4522394 database optional postgresql-15_15.5-0ubuntu0.23.04.1_riscv64.deb 05d9dc9df4ee37d570dcdc55bb5d30aa 9625728 raw-translations - postgresql-15_15.5-0ubuntu0.23.04.1_riscv64_translations.tar.gz 87a8ff41753d507bdbb7a69badb218ce 2234302 debug optional postgresql-client-15-dbgsym_15.5-0ubuntu0.23.04.1_riscv64.ddeb 9543269b793d1ef742c0af901019ee4b 1190438 database optional postgresql-client-15_15.5-0ubuntu0.23.04.1_riscv64.deb 9d6b91fcbd317bf6cae04e8e3ecfa03c 179830 debug optional postgresql-plperl-15-dbgsym_15.5-0ubuntu0.23.04.1_riscv64.ddeb 38f59eac649c8cb73c6dd3f51ae1b32f 46010 database optional postgresql-plperl-15_15.5-0ubuntu0.23.04.1_riscv64.deb 3c94851353f6e200dc2a6340dcb2b771 164082 debug optional postgresql-plpython3-15-dbgsym_15.5-0ubuntu0.23.04.1_riscv64.ddeb 31949d66bff5bdcca1c5fd69cf1d70d4 51998 database optional postgresql-plpython3-15_15.5-0ubuntu0.23.04.1_riscv64.deb 196501f074eea51e7f6adfa1b80e7a39 78056 debug optional postgresql-pltcl-15-dbgsym_15.5-0ubuntu0.23.04.1_riscv64.ddeb a4c394535db4265eed23a1fc1c50f0d7 28620 database optional postgresql-pltcl-15_15.5-0ubuntu0.23.04.1_riscv64.deb 0469ccf67478896e1a166f44aa2f35df 1362762 libdevel optional postgresql-server-dev-15_15.5-0ubuntu0.23.04.1_riscv64.deb Original-Maintainer: Debian PostgreSQL Maintainers