-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA512

Format: 1.8
Date: Sat, 20 Dec 2025 12:57:12 +0100
Source: pgbouncer
Binary: pgbouncer pgbouncer-dbgsym
Architecture: ppc64el
Version: 1.18.0-1+deb12u1
Distribution: bookworm
Urgency: medium
Maintainer: ppc64el Build Daemon (ppc64el-conova-01) <buildd_ppc64el-ppc64el-conova-01@buildd.debian.org>
Changed-By: Andreas Henriksson <andreas@fatal.se>
Description:
 pgbouncer  - lightweight connection pooler for PostgreSQL
Closes: 1103394
Changes:
 pgbouncer (1.18.0-1+deb12u1) bookworm; urgency=medium
 .
   * Non-maintainer upload by the LTS Security Team.
   * CVE-2025-2291: expired password can be used.
     Password can be used past expiry in PgBouncer due to auth_query not
     taking into account Postgres its VALID UNTIL value, which allows an
     attacker to log in with an already expired password (Closes: #1103394)
   * CVE-2025-12819: execute arbitrary SQL during authentication.
     Untrusted search path in auth_query connection handler in PgBouncer
     before 1.25.1 allows an unauthenticated attacker to execute arbitrary
     SQL during authentication via a malicious search_path parameter in the
     StartupMessage.
Checksums-Sha1:
 3be471916c9b06e5ac5f2746d00b20094f8f78d0 502100 pgbouncer-dbgsym_1.18.0-1+deb12u1_ppc64el.deb
 ae420ae56172a6d11a27755e110a74f31af6032b 8419 pgbouncer_1.18.0-1+deb12u1_ppc64el-buildd.buildinfo
 dafefd8af708fcb9e12d9f7ef9d794257f58b917 223564 pgbouncer_1.18.0-1+deb12u1_ppc64el.deb
Checksums-Sha256:
 d4a8f00544884538c8a5e09c07f765d38657cab36d883995f77f177d9c549889 502100 pgbouncer-dbgsym_1.18.0-1+deb12u1_ppc64el.deb
 ecd8015fbce12e35bc810d7c3f1d482e7847dd0d2ad86dd0caacbb2c7e34cd58 8419 pgbouncer_1.18.0-1+deb12u1_ppc64el-buildd.buildinfo
 8dc46fa293ed603c6d3c16b644dbeb211582a90b0feb4424322d2277d4f5ad9f 223564 pgbouncer_1.18.0-1+deb12u1_ppc64el.deb
Files:
 e6d6b1d0242a9ea761e6771a1dab8db2 502100 debug optional pgbouncer-dbgsym_1.18.0-1+deb12u1_ppc64el.deb
 fe9a70624e1def718b5e997f6db8e729 8419 database optional pgbouncer_1.18.0-1+deb12u1_ppc64el-buildd.buildinfo
 9b01c4d69a79aa013d7bfba6dd3df193 223564 database optional pgbouncer_1.18.0-1+deb12u1_ppc64el.deb

-----BEGIN PGP SIGNATURE-----

iQIzBAEBCgAdFiEEDoRc43uRWMOoIqIgDNLUPhbmg7MFAmlW8igACgkQDNLUPhbm
g7PO1RAAkEUBdrs5XflQrou7OPxpNogV9uts4gih5WWVUefoU3WI2BkM7/378uBe
/0/23SgCnuvZFxYmicYM/OyLIY0obICzf/ZPMcKTv3mZB10ccjIco4bC6et2WPKT
XMIvjKnNVOpwXYMqdEVMhdR6bJ3q0TOg85O0ztn/KM75LpnFYjoEYZDs69hNUS6O
a05BdixeWr3rwTS/u/9GnQAw3AVGWvsn6koTCTPUVW6KSrIsm7zOdKomckK6KVjr
DT4FT0uAPctfY5on7YbrfT/1ZjywtTbF7j+tB6L6KZ0oK0jMKR0eN4dfcXo1eXME
yAF1NwJXFgWvdQCQl7GVc9/zNIKvNHppWuWEkXmiHFpxcBHUH7+c0dhOYouRM5Hn
X+ufGloh+Y2nOFIWrSZ2UEV4Mqt71W9KjdnJbx0M8sgrwjEmJiSlRsrhoGf9dgp6
T6oNtU2oFaNl+n24lJUtUnOnYPtRXyHIIUCNYt3wwbCwvkpNoExOwiEQM8PAIuJP
To7mpkQVQJhJGSAcu1CtzDU3xwIsJgXc7MsH0cbEQKNkmHIno1mVLgHNkTzVwoXN
XymDiA4CaqNCAeY+2FtUe1pL64CWB6Gs+iVZVWlS0XCGpM+o5ErLa+1Tked6iW8x
6osGhHX3dDKyPCMHiOF/SfUBA4ntmxAlTopvoibo6gMNdL0QrmI=
=yero
-----END PGP SIGNATURE-----