-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA512

Format: 1.8
Date: Tue, 12 May 2026 12:51:10 +0200
Source: postgresql-15
Binary: libecpg-compat3 libecpg-compat3-dbgsym libecpg-dev libecpg-dev-dbgsym libecpg6 libecpg6-dbgsym libpgtypes3 libpgtypes3-dbgsym libpq-dev libpq5 libpq5-dbgsym postgresql-15 postgresql-15-dbgsym postgresql-client-15 postgresql-client-15-dbgsym postgresql-plperl-15 postgresql-plperl-15-dbgsym postgresql-plpython3-15 postgresql-plpython3-15-dbgsym postgresql-pltcl-15 postgresql-pltcl-15-dbgsym postgresql-server-dev-15
Architecture: mipsel
Version: 15.18-0+deb12u1
Distribution: bookworm-security
Urgency: medium
Maintainer: mipsel Build Daemon (mipsel-osuosl-05) <buildd_mips64el-mipsel-osuosl-05@buildd.debian.org>
Changed-By: Christoph Berg <myon@debian.org>
Description:
 libecpg-compat3 - older version of run-time library for ECPG programs
 libecpg-dev - development files for ECPG (Embedded PostgreSQL for C)
 libecpg6   - run-time library for ECPG programs
 libpgtypes3 - shared library libpgtypes for PostgreSQL 15
 libpq-dev  - header files for libpq5 (PostgreSQL library)
 libpq5     - PostgreSQL C client library
 postgresql-15 - The World's Most Advanced Open Source Relational Database
 postgresql-client-15 - front-end programs for PostgreSQL 15
 postgresql-plperl-15 - PL/Perl procedural language for PostgreSQL 15
 postgresql-plpython3-15 - PL/Python 3 procedural language for PostgreSQL 15
 postgresql-pltcl-15 - PL/Tcl procedural language for PostgreSQL 15
 postgresql-server-dev-15 - development files for PostgreSQL 15 server-side programming
Changes:
 postgresql-15 (15.18-0+deb12u1) bookworm-security; urgency=medium
 .
   * New upstream version 15.18.
 .
     + Prevent unbounded recursion while processing startup packets
       (Michael Paquier)
 .
       A malicious client could crash the connected backend by alternating
       rejected SSL and GSS encryption requests indefinitely.
 .
       The PostgreSQL Project thanks Calif.io (in collaboration with Claude and
       Anthropic Research) for reporting this problem. (CVE-2026-6479)
 .
     + Fix assorted integer overflows in memory-allocation calculations
       (Tom Lane, Nathan Bossart, Heikki Linnakangas)
 .
       Various places were incautious about the possibility of integer overflow
       in calculations of how much memory to allocate.  Overflow would lead to
       allocating a too-small buffer which the caller would then write past the
       end of.  This would at least trigger server crashes, and probably could
       be exploited for arbitrary code execution.  In many but by no means all
       cases, the hazard exists only in 32-bit builds.
 .
       The PostgreSQL Project thanks Xint Code, Bruce Dang, Sven Klemm, and
       Pavel Kohout for reporting these problems. (CVE-2026-6473)
 .
     + Reject over-length options in ts_headline() (Michael Paquier)
 .
       The StartSel, StopSel and FragmentDelimiter strings must not exceed 32Kb
       in length, but this was not checked for.  An over-length value would
       typically crash the server.
 .
       The PostgreSQL Project thanks Xint Code for reporting this problem.
       (CVE-2026-6473)
 .
     + Guard against malicious time zone names in timeofday() and pg_strftime()
       (Tom Lane)
 .
       A crafted time zone setting could pass % sequences to snprintf(),
       potentially causing crashes or disclosure of server memory.  Another
       path to similar results was to overflow the limited-size output buffer
       used by pg_strftime().
 .
       The PostgreSQL Project thanks Xint Code for reporting this problem.
       (CVE-2026-6474)
 .
     + When creating a multirange type, ensure the user has CREATE privilege on
       the schema specified for the multirange type (Jelte Fennema-Nio)
 .
       The multirange type can be put into a different schema than its parent
       range type, but we neglected to apply the required privilege check when
       doing so.
 .
       The PostgreSQL Project thanks Jelte Fennema-Nio for reporting this
       problem. (CVE-2026-6472)
 .
     + Use timing-safe string comparisons in authentication code
       (Michael Paquier)
 .
       Use timingsafe_bcmp() instead of memcpy() or strcmp() when checking
       passwords, hashes, etc.  It is not known whether the data dependency of
       those functions is usefully exploitable in any of these places, but in
       the interests of safety, replace them.
 .
       The PostgreSQL Project thanks Joe Conway for reporting this problem.
       (CVE-2026-6478)
 .
     + Mark PQfn() as unsafe, and avoid using it within libpq (Nathan Bossart)
 .
       For a non-integral result type, PQfn() is not passed the size of the
       output buffer, so it cannot check that the data returned by the server
       will fit.  A malicious server could therefore overwrite client memory.
       This is unfixable without an API change, so mark the function as
       deprecated.  Internally to libpq, use a variant version that can apply
       the missing check.
 .
       The PostgreSQL Project thanks Yu Kunpeng and Martin Heistermann for
       reporting this problem. (CVE-2026-6477)
 .
     + Prevent path traversal in pg_basebackup and pg_rewind (Michael Paquier)
 .
       These applications failed to validate output file paths read from their
       input, so that a malicious source could overwrite any file writable by
       these applications.  Constrain where data can be written by rejecting
       paths that are absolute or contain parent-directory references.
 .
       The PostgreSQL Project thanks XlabAI Team of Tencent Xuanwu Lab and
       Valery Gubanov for reporting this problem. (CVE-2026-6475)
 .
     + Guard against field overflow within contrib/intarray's query_int type
       and contrib/ltree's ltxtquery type (Tom Lane)
 .
       Parsing of these query structures did not check for overflow of 16-bit
       fields, so that construction of an invalid query tree was possible.
       This can crash the server when executing the query.
 .
       The PostgreSQL Project thanks Xint Code for reporting this problem.
       (CVE-2026-6473)
 .
     + Guard against overly long values of contrib/ltree's lquery type
       (Michael Paquier)
 .
       Values with more than 64K items caused internal overflows, potentially
       resulting in stack smashes or wrong answers.
 .
       The PostgreSQL Project thanks Vergissmeinnicht, A1ex, and Jihe Wang for
       reporting this problem. (CVE-2026-6473)
 .
     + Prevent SQL injection and buffer overruns in contrib/spi
       (Nathan Bossart)
 .
       check_foreign_key() was insufficiently careful about quoting key values,
       and also used fixed-length buffers for constructing queries.  While this
       module is only meant as example code, it still shouldn't contain such
       dangerous errors.
 .
       The PostgreSQL Project thanks Nikolay Samokhvalov for reporting this
       problem. (CVE-2026-6637)
Checksums-Sha1:
 e837177821f66f634aacda359064180f105fd96f 17872 libecpg-compat3-dbgsym_15.18-0+deb12u1_mipsel.deb
 05876abe094ad690ddb151fb747430085206f5eb 22288 libecpg-compat3_15.18-0+deb12u1_mipsel.deb
 713d123f89b5d52d1c86dd03156a2b0bad8dfa1f 265088 libecpg-dev-dbgsym_15.18-0+deb12u1_mipsel.deb
 61514abca2d726adee3824ef488c0226fbc2ad0e 288868 libecpg-dev_15.18-0+deb12u1_mipsel.deb
 e0be181427e9d75e6c5249f8f42db3e591d777ab 116164 libecpg6-dbgsym_15.18-0+deb12u1_mipsel.deb
 6df0829d58a9ca8c0b1197ecfdb6ca03a47f55e6 64460 libecpg6_15.18-0+deb12u1_mipsel.deb
 165cd8118637088f17e6e6842591edd5165877bf 91648 libpgtypes3-dbgsym_15.18-0+deb12u1_mipsel.deb
 5f1ed8cac3118fbef2ca2a69f1c61b44a21a4245 49592 libpgtypes3_15.18-0+deb12u1_mipsel.deb
 aaa66d68f59678a28506c2cefe41254afe3491a9 156692 libpq-dev_15.18-0+deb12u1_mipsel.deb
 a3097c484b07ab9165366779a1533a2893b80b0c 287656 libpq5-dbgsym_15.18-0+deb12u1_mipsel.deb
 1d781a609f5d2af8b545e2c8a49da64fc5ffe909 184268 libpq5_15.18-0+deb12u1_mipsel.deb
 afb4f509d938df680a379554d5bea490af64fa2c 16811312 postgresql-15-dbgsym_15.18-0+deb12u1_mipsel.deb
 89980812f3c64225a92c095c2f4c90b78b1c7512 17150 postgresql-15_15.18-0+deb12u1_mipsel-buildd.buildinfo
 46190c2126704442288e69f3b1b2d5cae6f29084 16359596 postgresql-15_15.18-0+deb12u1_mipsel.deb
 8db101d6e33777bbf6db8ad1ac460a71de71c2f0 2594196 postgresql-client-15-dbgsym_15.18-0+deb12u1_mipsel.deb
 5cb5e3cd789548dbfe688d31c4a5f73eef2d234b 1680984 postgresql-client-15_15.18-0+deb12u1_mipsel.deb
 fe17021aea45ae18a1ab1b9d34cc391917348c38 184656 postgresql-plperl-15-dbgsym_15.18-0+deb12u1_mipsel.deb
 62d051276ace61c9d5caf25c217401fc1e8d89cf 91088 postgresql-plperl-15_15.18-0+deb12u1_mipsel.deb
 759e1535626c2f8e3713af2a2000c6a225c9e137 175808 postgresql-plpython3-15-dbgsym_15.18-0+deb12u1_mipsel.deb
 534d1450b5ea953e232927f2524b04c512c386ef 109608 postgresql-plpython3-15_15.18-0+deb12u1_mipsel.deb
 587de247aadaf71a180a86d3906b1d3293a27d85 80148 postgresql-pltcl-15-dbgsym_15.18-0+deb12u1_mipsel.deb
 adf365adb4a81b923bb42f3a67b20696225da9fb 45404 postgresql-pltcl-15_15.18-0+deb12u1_mipsel.deb
 4c11224bfc944e5d7c4d2e5136e038ee0de0ef5e 1164580 postgresql-server-dev-15_15.18-0+deb12u1_mipsel.deb
Checksums-Sha256:
 eacfdaa4830f4bbf924492adc968011954bbb50daf11193c1f7caad9bcb7d2cc 17872 libecpg-compat3-dbgsym_15.18-0+deb12u1_mipsel.deb
 2e7658d70592ccf2723a56bbad8508180cb372961ede8544c5a92e3480d3461b 22288 libecpg-compat3_15.18-0+deb12u1_mipsel.deb
 df97bc091a81f416d4fc5a44a79076e9c88f18def0289a6086e3cbc2affd7413 265088 libecpg-dev-dbgsym_15.18-0+deb12u1_mipsel.deb
 cf74ee9c1feee9453deaad27b1d7c51ec7e2d3bc533a269d549754f3d5ab23c9 288868 libecpg-dev_15.18-0+deb12u1_mipsel.deb
 08c7cb779f255c08541a011ee5b58dc72d6502fcecb0170071683aacf8b0576c 116164 libecpg6-dbgsym_15.18-0+deb12u1_mipsel.deb
 fdfa7c347982e35b8accc20bfc815f7f046fcea96f47ee818a0f3652ef2968c9 64460 libecpg6_15.18-0+deb12u1_mipsel.deb
 5cc9320ff982b93fb0c45093d6b3f0c68e957e36506c8a744cbdb63929c3373e 91648 libpgtypes3-dbgsym_15.18-0+deb12u1_mipsel.deb
 fed0a7aa7003be61c90b760f40d69a5ca2a9f7fbb53907e0a6562842a08ddc57 49592 libpgtypes3_15.18-0+deb12u1_mipsel.deb
 fe01d173ee1db6d8d854c87d251b4a1513d59c9e1f294ec594b66a52bd20ad73 156692 libpq-dev_15.18-0+deb12u1_mipsel.deb
 6932bacbbb4ed74c7f1bf07630fd03116e1e76f9bc77ecd311b338e14595f00c 287656 libpq5-dbgsym_15.18-0+deb12u1_mipsel.deb
 634f3a735bc7dbcc4f002763856d72d89a681778204e6fe0cea20a259bf07dd8 184268 libpq5_15.18-0+deb12u1_mipsel.deb
 632a5a5c4142e93c2613771f32e62c5e76ff3d71acb6ac19c142e7011d3e4fdf 16811312 postgresql-15-dbgsym_15.18-0+deb12u1_mipsel.deb
 e4312dae3d8e286e2f8d53e6d169db56aa898c81b9dd5c489c5005d4c42e1b9e 17150 postgresql-15_15.18-0+deb12u1_mipsel-buildd.buildinfo
 63306f7ecba94336cadc71b487b404f786c72b486c4c3a7088a99fa4c3bc12bd 16359596 postgresql-15_15.18-0+deb12u1_mipsel.deb
 d95e76bfc085cebef7f127c5503df83f3f1050be11097d241f012879cbcce718 2594196 postgresql-client-15-dbgsym_15.18-0+deb12u1_mipsel.deb
 d95a6298700c2dea059e6c46a80172a6fb9aa5d72846509da6a6462f4ffad2e1 1680984 postgresql-client-15_15.18-0+deb12u1_mipsel.deb
 8d48a7c873b6ee7ec3f6d5dad1514f52dbff860fdead8b9c360724d626258972 184656 postgresql-plperl-15-dbgsym_15.18-0+deb12u1_mipsel.deb
 ceba21aea026ae048e4e109606979be2259156ba087ba5c82ab341d3b056c704 91088 postgresql-plperl-15_15.18-0+deb12u1_mipsel.deb
 da824eb85c8275718a4201846d3f499d5a52034d4f63c779bd939d9906d47585 175808 postgresql-plpython3-15-dbgsym_15.18-0+deb12u1_mipsel.deb
 89742234cdf111c42e356175d8d6db395219431020e96a596eb5247a31b3cb8b 109608 postgresql-plpython3-15_15.18-0+deb12u1_mipsel.deb
 91dba24294b9e5e6c2b0c3f64ae1e7016f60aa06247707f9904bc7d31f7fc340 80148 postgresql-pltcl-15-dbgsym_15.18-0+deb12u1_mipsel.deb
 6027bee65af7a786d3ad1d966e9975af79292176d344546f51a38a6100c0b975 45404 postgresql-pltcl-15_15.18-0+deb12u1_mipsel.deb
 cfd86d387e4e956176f7558a303b8e88f99555a3066253b94775484a2864e117 1164580 postgresql-server-dev-15_15.18-0+deb12u1_mipsel.deb
Files:
 c7285f1ff9bd74c977222c7f1b0af388 17872 debug optional libecpg-compat3-dbgsym_15.18-0+deb12u1_mipsel.deb
 f73f09f6f588caaa5e113c784f076a8b 22288 libs optional libecpg-compat3_15.18-0+deb12u1_mipsel.deb
 db80384d327dec5c606802ead69bf1a0 265088 debug optional libecpg-dev-dbgsym_15.18-0+deb12u1_mipsel.deb
 ecee397ef73ad59ca867f8753ad0d5ff 288868 libdevel optional libecpg-dev_15.18-0+deb12u1_mipsel.deb
 f10a3597574bee59c0a16edf53d6c4a0 116164 debug optional libecpg6-dbgsym_15.18-0+deb12u1_mipsel.deb
 0a803f9a455ef32ac9510a94f941b45e 64460 libs optional libecpg6_15.18-0+deb12u1_mipsel.deb
 778633dda5a16cffcc814706a65165b7 91648 debug optional libpgtypes3-dbgsym_15.18-0+deb12u1_mipsel.deb
 a21fb03b960bf3c58d836064a2884435 49592 libs optional libpgtypes3_15.18-0+deb12u1_mipsel.deb
 db64995b925adf740cf9dbc98aea0406 156692 libdevel optional libpq-dev_15.18-0+deb12u1_mipsel.deb
 12aa6e2058879b5caa75c0ae71e83de5 287656 debug optional libpq5-dbgsym_15.18-0+deb12u1_mipsel.deb
 e76b0d3d832e70c131e9e41f35001a56 184268 libs optional libpq5_15.18-0+deb12u1_mipsel.deb
 9f06743a9812333581954d4ac0f97a68 16811312 debug optional postgresql-15-dbgsym_15.18-0+deb12u1_mipsel.deb
 8d4e92f5c8e3d03389b24646401b4032 17150 database optional postgresql-15_15.18-0+deb12u1_mipsel-buildd.buildinfo
 3dedf4450b51517995dcfda759173567 16359596 database optional postgresql-15_15.18-0+deb12u1_mipsel.deb
 77fdde7614042aa3d217fccf5a0966dc 2594196 debug optional postgresql-client-15-dbgsym_15.18-0+deb12u1_mipsel.deb
 c23d99e1733fa5bb9b193c2b689f9e83 1680984 database optional postgresql-client-15_15.18-0+deb12u1_mipsel.deb
 2c5a3d1900e2c0d469932a353e56059b 184656 debug optional postgresql-plperl-15-dbgsym_15.18-0+deb12u1_mipsel.deb
 07cab2e63a169eb9a0fc569d2320efd3 91088 database optional postgresql-plperl-15_15.18-0+deb12u1_mipsel.deb
 0006c76151a3a8a7f439521b4b281f68 175808 debug optional postgresql-plpython3-15-dbgsym_15.18-0+deb12u1_mipsel.deb
 c0246796ee731d654fc52bc461244938 109608 database optional postgresql-plpython3-15_15.18-0+deb12u1_mipsel.deb
 552618ed2fc2ec593d899756fe07b830 80148 debug optional postgresql-pltcl-15-dbgsym_15.18-0+deb12u1_mipsel.deb
 3a200db62a9da36f66303c22f82c2573 45404 database optional postgresql-pltcl-15_15.18-0+deb12u1_mipsel.deb
 76677319d0bd8381518eac05603a160c 1164580 libdevel optional postgresql-server-dev-15_15.18-0+deb12u1_mipsel.deb

-----BEGIN PGP SIGNATURE-----

iQIzBAEBCgAdFiEE4ZxaH3zEHAF/GhnCHrk2gTKeWggFAmoDVQ8ACgkQHrk2gTKe
WggoWxAAg1S7NIjmPlpp4oG4etpEwo41BN6cCbqQW2iEDtSCjbpU90iA2ygGafPS
kCVHu6wwXJKdj3I7fH/HCndN/HEWWr2nU9KRI7xkMyossMwjZMEENa6KHUTK5VW6
e8Xhcwg+0uSUeNEEnOeF+/551sdzKbJaCz5ZsTBwGUt/PgJicY3EqyvKYioEAoF0
ZzAgyaHFYcqPzKCzOqbx/468S/KlFyN8owCwy1dcAAskqtIta3E0/0ZZfeG5QM+o
iDbM/w2ElscAfZ4tAG5BNQqslnR+VPRb3dwXXESRJeR+b9lTdjYSzp/j98qUJz5M
oVewKwJ3XhHlbQXndGLdQQ/DUcq4CTvlCteqSnKCmCjY/15lH6MtwzIZqJn3bsAv
UP1hyb3wwVfrRFxeevfb6eW1LFlS/z2vfz2WNb5iLUatTuqFqiOwSmsVzsXKl4L8
p/7FjSC2IkRjR+qYYR/hdYFpRLq2QKwz5CsCIBu+OhFGJaUmNpUfg2BMUAKrxyi4
064DWmNfFL6DSQrXn6D3H7bTn+41m4lTiPvRGaGAbTF21OQ8r4ZSi+BsjKqnCRLl
NPO+zAOoajEgFi1S0+oiFbKqDMgQfSZChYp1/hXjwmQCo2LCZwg4zGDJTGrETxuc
TiSVPf2jJEdTvKNOK4hpl5ysEMBiUNQqq2fjKEpn7fevX/H/twk=
=Y3zM
-----END PGP SIGNATURE-----