Format: 1.8 Date: Wed, 28 Feb 2018 09:59:10 +0100 Source: postgresql-9.6 Binary: libpq-dev libpq5 libecpg6 libecpg-dev libecpg-compat3 libpgtypes3 postgresql-9.6 postgresql-9.6-dbg postgresql-client-9.6 postgresql-server-dev-9.6 postgresql-doc-9.6 postgresql-contrib-9.6 postgresql-plperl-9.6 postgresql-plpython-9.6 postgresql-plpython3-9.6 postgresql-pltcl-9.6 Architecture: s390x s390x_translations Version: 9.6.8-0ubuntu0.17.10 Distribution: artful Urgency: medium Maintainer: Launchpad Build Daemon Changed-By: Christian Ehrhardt Description: libecpg-compat3 - older version of run-time library for ECPG programs libecpg-dev - development files for ECPG (Embedded PostgreSQL for C) libecpg6 - run-time library for ECPG programs libpgtypes3 - shared library libpgtypes for PostgreSQL 9.6 libpq-dev - header files for libpq5 (PostgreSQL library) libpq5 - PostgreSQL C client library postgresql-9.6 - object-relational SQL database, version 9.6 server postgresql-9.6-dbg - debug symbols for postgresql-9.6 postgresql-client-9.6 - front-end programs for PostgreSQL 9.6 postgresql-contrib-9.6 - additional facilities for PostgreSQL postgresql-doc-9.6 - documentation for the PostgreSQL database management system postgresql-plperl-9.6 - PL/Perl procedural language for PostgreSQL 9.6 postgresql-plpython-9.6 - PL/Python procedural language for PostgreSQL 9.6 postgresql-plpython3-9.6 - PL/Python 3 procedural language for PostgreSQL 9.6 postgresql-pltcl-9.6 - PL/Tcl procedural language for PostgreSQL 9.6 postgresql-server-dev-9.6 - development files for PostgreSQL 9.6 server-side programming Launchpad-Bugs-Fixed: 1752271 Changes: postgresql-9.6 (9.6.8-0ubuntu0.17.10) artful-security; urgency=medium . * New upstream release (LP: #1752271) If you run an installation in which not all users are mutually trusting, or if you maintain an application or extension that is intended for use in arbitrary situations, it is strongly recommended that you read the documentation changes described in the first changelog entry below, and take suitable steps to ensure that your installation or code is secure. . Also, the changes described in the second changelog entry below may cause functions used in index expressions or materialized views to fail during auto-analyze, or when reloading from a dump. After upgrading, monitor the server logs for such problems, and fix affected functions. . - Document how to configure installations and applications to guard against search-path-dependent trojan-horse attacks from other users . Using a search_path setting that includes any schemas writable by a hostile user enables that user to capture control of queries and then run arbitrary SQL code with the permissions of the attacked user. While it is possible to write queries that are proof against such hijacking, it is notationally tedious, and it's very easy to overlook holes. Therefore, we now recommend configurations in which no untrusted schemas appear in one's search path. (CVE-2018-1058) . - Avoid use of insecure search_path settings in pg_dump and other client programs . pg_dump, pg_upgrade, vacuumdb and other PostgreSQL-provided applications were themselves vulnerable to the type of hijacking described in the previous changelog entry; since these applications are commonly run by superusers, they present particularly attractive targets. To make them secure whether or not the installation as a whole has been secured, modify them to include only the pg_catalog schema in their search_path settings. Autovacuum worker processes now do the same, as well. . In cases where user-provided functions are indirectly executed by these programs -- for example, user-provided functions in index expressions -- the tighter search_path may result in errors, which will need to be corrected by adjusting those user-provided functions to not assume anything about what search path they are invoked under. That has always been good practice, but now it will be necessary for correct behavior. (CVE-2018-1058) . - Details about other changes can be found at https://www.postgresql.org/docs/9.6/static/release-9-6-8.html Checksums-Sha1: 6eb0db6542fef583b8ca8b18f2f4079c777d6c4e 11674 libecpg-compat3_9.6.8-0ubuntu0.17.10_s390x.deb 5fd2dff748825dc29ca9ebaeefea31ae2aeded24 211836 libecpg-dev_9.6.8-0ubuntu0.17.10_s390x.deb 92b629fd3a656839f56c28c4df251eb061f10716 34096 libecpg6_9.6.8-0ubuntu0.17.10_s390x.deb 4ed81d1e23a106030c01445e37cbf0b3bd70256f 36648 libpgtypes3_9.6.8-0ubuntu0.17.10_s390x.deb 0277fde77540dbff0ec965b404dc8e7731266765 185296 libpq-dev_9.6.8-0ubuntu0.17.10_s390x.deb 9c7a348729db2465f8450d043bd0f1f08f6ec4be 76200 libpq5_9.6.8-0ubuntu0.17.10_s390x.deb 1b9096f39a1062714a77f2348e67f5ddf54819d5 17166520 postgresql-9.6-dbg_9.6.8-0ubuntu0.17.10_s390x.deb e944a625b76fa2d9f6db1ec979d090aa2461114f 13234 postgresql-9.6_9.6.8-0ubuntu0.17.10_s390x.buildinfo c0e240663e8134fc3203a0ba21a86bda5d7a3be1 2872690 postgresql-9.6_9.6.8-0ubuntu0.17.10_s390x.deb be9d64f708d8a8b2341a853b3ae4ca5703212c25 6563891 postgresql-9.6_9.6.8-0ubuntu0.17.10_s390x_translations.tar.gz 1c12f5fb8fb79a7a4b40861c625a8d682d701151 869892 postgresql-client-9.6_9.6.8-0ubuntu0.17.10_s390x.deb 94b56b68e293fbfa493472a42c4c3cf212f3c4a1 469246 postgresql-contrib-9.6_9.6.8-0ubuntu0.17.10_s390x.deb 1b1a2f3ed3f8a7bb44a944b6aaffb2bae30430e9 40320 postgresql-plperl-9.6_9.6.8-0ubuntu0.17.10_s390x.deb d6673837833d4edc0e43318fb992955028eaee18 45724 postgresql-plpython-9.6_9.6.8-0ubuntu0.17.10_s390x.deb c51c43939b0f3621229e63978b850bce526201b4 44518 postgresql-plpython3-9.6_9.6.8-0ubuntu0.17.10_s390x.deb 826e55b3e9270b4097f93d01c8a3bf997757a251 29110 postgresql-pltcl-9.6_9.6.8-0ubuntu0.17.10_s390x.deb 9ff8a19aa0cfbe0cf43bfd9f6b1310e51d613405 759014 postgresql-server-dev-9.6_9.6.8-0ubuntu0.17.10_s390x.deb Checksums-Sha256: d0d7a703022516c0006f70ffe166b0941f17865631bb8cf9a7cf5f6a8622d7a6 11674 libecpg-compat3_9.6.8-0ubuntu0.17.10_s390x.deb f718ad1469be219ad725a02975eb5bce071e200b246b972a3b4c4a4e212a5d10 211836 libecpg-dev_9.6.8-0ubuntu0.17.10_s390x.deb 537f622cd88dfc0a17442f2ebe24dff12cff269a0534c2c98bce8e7fe494d85c 34096 libecpg6_9.6.8-0ubuntu0.17.10_s390x.deb 4adc6237d763f1bb84f24083a64144b13e0d12097b1874d0448e62d609e42506 36648 libpgtypes3_9.6.8-0ubuntu0.17.10_s390x.deb f6faf2c6104869dd424825388e6c745750e089b8ae3e24e30608dc111ad8c648 185296 libpq-dev_9.6.8-0ubuntu0.17.10_s390x.deb 102950730d78f2f2efde869721faacbc4368bee835da2016127d4bcfb4ac2a1c 76200 libpq5_9.6.8-0ubuntu0.17.10_s390x.deb 031bfea7d9353bc3c3b6b8d49d90b02d2710040d5dab543879caf7be996e9965 17166520 postgresql-9.6-dbg_9.6.8-0ubuntu0.17.10_s390x.deb 7002ffc31fde2c8aae23a6045e734adaf36bc9ce5de596bbf73c51891145fe61 13234 postgresql-9.6_9.6.8-0ubuntu0.17.10_s390x.buildinfo b9908919e0254cb61e0bfd84c79bb0d62ccefc7b4849cd83c7c9c24d7a1a67cf 2872690 postgresql-9.6_9.6.8-0ubuntu0.17.10_s390x.deb abf365f82ecb819240cbf2451cf9854f9c6b6cae8d014886c97b0bc16227b399 6563891 postgresql-9.6_9.6.8-0ubuntu0.17.10_s390x_translations.tar.gz fdf1961b53ca3947308e27cb500db59cbdf97007f9c0512e548cd626b715fc9d 869892 postgresql-client-9.6_9.6.8-0ubuntu0.17.10_s390x.deb 2f1fe55ef065e37ac678cf7863400de634cfa4aef3a1ac0c1f634b2389798019 469246 postgresql-contrib-9.6_9.6.8-0ubuntu0.17.10_s390x.deb 4adc7c6593669b221684910698c3722de011b68558870d6e920bba3fc629bd18 40320 postgresql-plperl-9.6_9.6.8-0ubuntu0.17.10_s390x.deb 835ad537313ce12564dc96e10f09e8756c27d654ea0780d1858e329cd3dc09e5 45724 postgresql-plpython-9.6_9.6.8-0ubuntu0.17.10_s390x.deb 598a74ef9031e005e257f8125b3c45d2fee9ee88aba1d45646ae83e2e5207d23 44518 postgresql-plpython3-9.6_9.6.8-0ubuntu0.17.10_s390x.deb e217fe4efc8bd862a472c78f760e9b7be00a81ea833eb4decacae4fcfc9b310c 29110 postgresql-pltcl-9.6_9.6.8-0ubuntu0.17.10_s390x.deb af36cbfc5d610116f3c03ee47801b9c92bc2d492fdc1d593a5dde13e0ce3c557 759014 postgresql-server-dev-9.6_9.6.8-0ubuntu0.17.10_s390x.deb Files: 83ae0b259d2a7e35c9e107fdb426fe97 11674 libs optional libecpg-compat3_9.6.8-0ubuntu0.17.10_s390x.deb e4d4cda67e9b62107223aaec2879930b 211836 libdevel optional libecpg-dev_9.6.8-0ubuntu0.17.10_s390x.deb 9ac099ae71b2d8f483fbad71efe3165f 34096 libs optional libecpg6_9.6.8-0ubuntu0.17.10_s390x.deb 146fbc1e4fcc8a8c2c0e2b0a4a3b7df6 36648 libs optional libpgtypes3_9.6.8-0ubuntu0.17.10_s390x.deb 5701e6dc4164de7e542a654ddeaacc34 185296 libdevel optional libpq-dev_9.6.8-0ubuntu0.17.10_s390x.deb 2d6dcfb97d1ea9a2a046b9edee9c2b60 76200 libs optional libpq5_9.6.8-0ubuntu0.17.10_s390x.deb e4cb0a8b90ea9a9c5cea201bbbcb2f57 17166520 debug extra postgresql-9.6-dbg_9.6.8-0ubuntu0.17.10_s390x.deb 07c5156e7390d6b245893869a652e541 13234 database optional postgresql-9.6_9.6.8-0ubuntu0.17.10_s390x.buildinfo 356f73350f6c7115d38ccf552a7b8695 2872690 database optional postgresql-9.6_9.6.8-0ubuntu0.17.10_s390x.deb 299fc7536be1c35794c679547d097d5d 6563891 raw-translations - postgresql-9.6_9.6.8-0ubuntu0.17.10_s390x_translations.tar.gz c8be776ddc585204a6978472938d01e4 869892 database optional postgresql-client-9.6_9.6.8-0ubuntu0.17.10_s390x.deb 7a6b9acc7bd20923ae54c01a3472c253 469246 database optional postgresql-contrib-9.6_9.6.8-0ubuntu0.17.10_s390x.deb a8b3b6321011cdbc83af6266440b3cba 40320 database optional postgresql-plperl-9.6_9.6.8-0ubuntu0.17.10_s390x.deb db85cca70dbf0da60a35555824828bde 45724 database optional postgresql-plpython-9.6_9.6.8-0ubuntu0.17.10_s390x.deb aab8139cca08700d0c8e7220a2b7eb36 44518 database optional postgresql-plpython3-9.6_9.6.8-0ubuntu0.17.10_s390x.deb 2c595751384efc15a9d9f0ace75356c4 29110 database optional postgresql-pltcl-9.6_9.6.8-0ubuntu0.17.10_s390x.deb dd84eff90faf5cd8b59c7018874d6d9a 759014 libdevel optional postgresql-server-dev-9.6_9.6.8-0ubuntu0.17.10_s390x.deb Original-Maintainer: Debian PostgreSQL Maintainers