-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA512

Format: 1.8
Date: Mon, 11 May 2026 22:57:44 +0200
Source: postgresql-17
Binary: libecpg-compat3 libecpg-compat3-dbgsym libecpg-dev libecpg-dev-dbgsym libecpg6 libecpg6-dbgsym libpgtypes3 libpgtypes3-dbgsym libpq-dev libpq5 libpq5-dbgsym postgresql-17 postgresql-17-dbgsym postgresql-client-17 postgresql-client-17-dbgsym postgresql-plperl-17 postgresql-plperl-17-dbgsym postgresql-plpython3-17 postgresql-plpython3-17-dbgsym postgresql-pltcl-17 postgresql-pltcl-17-dbgsym postgresql-server-dev-17 postgresql-server-dev-17-dbgsym
Architecture: amd64
Version: 17.10-0+deb13u1
Distribution: trixie-security
Urgency: medium
Maintainer: all / amd64 / i386 Build Daemon (x86-conova-02) <buildd_amd64-x86-conova-02@buildd.debian.org>
Changed-By: Christoph Berg <myon@debian.org>
Description:
 libecpg-compat3 - older version of run-time library for ECPG programs
 libecpg-dev - development files for ECPG (Embedded PostgreSQL for C)
 libecpg6   - run-time library for ECPG programs
 libpgtypes3 - shared library libpgtypes for PostgreSQL 17
 libpq-dev  - header files for libpq5 (PostgreSQL library)
 libpq5     - PostgreSQL C client library
 postgresql-17 - The World's Most Advanced Open Source Relational Database
 postgresql-client-17 - front-end programs for PostgreSQL 17
 postgresql-plperl-17 - PL/Perl procedural language for PostgreSQL 17
 postgresql-plpython3-17 - PL/Python 3 procedural language for PostgreSQL 17
 postgresql-pltcl-17 - PL/Tcl procedural language for PostgreSQL 17
 postgresql-server-dev-17 - development files for PostgreSQL 17 server-side programming
Changes:
 postgresql-17 (17.10-0+deb13u1) trixie-security; urgency=medium
 .
   * New upstream version 17.10.
 .
     + Prevent unbounded recursion while processing startup packets
       (Michael Paquier)
 .
       A malicious client could crash the connected backend by alternating
       rejected SSL and GSS encryption requests indefinitely.
 .
       The PostgreSQL Project thanks Calif.io (in collaboration with Claude and
       Anthropic Research) for reporting this problem. (CVE-2026-6479)
 .
     + Fix assorted integer overflows in memory-allocation calculations
       (Tom Lane, Nathan Bossart, Heikki Linnakangas)
 .
       Various places were incautious about the possibility of integer overflow
       in calculations of how much memory to allocate.  Overflow would lead to
       allocating a too-small buffer which the caller would then write past the
       end of.  This would at least trigger server crashes, and probably could
       be exploited for arbitrary code execution.  In many but by no means all
       cases, the hazard exists only in 32-bit builds.
 .
       The PostgreSQL Project thanks Xint Code, Bruce Dang, Sven Klemm, and
       Pavel Kohout for reporting these problems. (CVE-2026-6473)
 .
     + Properly quote subscription names in pg_createsubscriber
       (Nathan Bossart)
 .
       The given subscription name was inserted into SQL commands without
       quoting, so that SQL injection could be achieved in the (perhaps
       unlikely) case that the subscription name comes from an untrusted
       source.
 .
       The PostgreSQL Project thanks Yu Kunpeng for reporting this problem.
       (CVE-2026-6476)
 .
     + Properly quote object names in logical replication origin checks
       (Pavel Kohout)
 .
       ALTER SUBSCRIPTION ... REFRESH PUBLICATION interpolated schema and
       relation names into SQL commands without quoting them, allowing
       execution of arbitrary SQL on the publisher.
 .
       The PostgreSQL Project thanks Pavel Kohout for reporting this problem.
       (CVE-2026-6638)
 .
     + Reject over-length options in ts_headline() (Michael Paquier)
 .
       The StartSel, StopSel and FragmentDelimiter strings must not exceed 32Kb
       in length, but this was not checked for.  An over-length value would
       typically crash the server.
 .
       The PostgreSQL Project thanks Xint Code for reporting this problem.
       (CVE-2026-6473)
 .
     + Guard against malicious time zone names in timeofday() and pg_strftime()
       (Tom Lane)
 .
       A crafted time zone setting could pass % sequences to snprintf(),
       potentially causing crashes or disclosure of server memory.  Another
       path to similar results was to overflow the limited-size output buffer
       used by pg_strftime().
 .
       The PostgreSQL Project thanks Xint Code for reporting this problem.
       (CVE-2026-6474)
 .
     + When creating a multirange type, ensure the user has CREATE privilege on
       the schema specified for the multirange type (Jelte Fennema-Nio)
 .
       The multirange type can be put into a different schema than its parent
       range type, but we neglected to apply the required privilege check when
       doing so.
 .
       The PostgreSQL Project thanks Jelte Fennema-Nio for reporting this
       problem. (CVE-2026-6472)
 .
     + Use timing-safe string comparisons in authentication code
       (Michael Paquier)
 .
       Use timingsafe_bcmp() instead of memcpy() or strcmp() when checking
       passwords, hashes, etc.  It is not known whether the data dependency of
       those functions is usefully exploitable in any of these places, but in
       the interests of safety, replace them.
 .
       The PostgreSQL Project thanks Joe Conway for reporting this problem.
       (CVE-2026-6478)
 .
     + Mark PQfn() as unsafe, and avoid using it within libpq (Nathan Bossart)
 .
       For a non-integral result type, PQfn() is not passed the size of the
       output buffer, so it cannot check that the data returned by the server
       will fit.  A malicious server could therefore overwrite client memory.
       This is unfixable without an API change, so mark the function as
       deprecated.  Internally to libpq, use a variant version that can apply
       the missing check.
 .
       The PostgreSQL Project thanks Yu Kunpeng and Martin Heistermann for
       reporting this problem. (CVE-2026-6477)
 .
     + Prevent path traversal in pg_basebackup and pg_rewind (Michael Paquier)
 .
       These applications failed to validate output file paths read from their
       input, so that a malicious source could overwrite any file writable by
       these applications.  Constrain where data can be written by rejecting
       paths that are absolute or contain parent-directory references.
 .
       The PostgreSQL Project thanks XlabAI Team of Tencent Xuanwu Lab and
       Valery Gubanov for reporting this problem. (CVE-2026-6475)
 .
     + Guard against field overflow within contrib/intarray's query_int type
       and contrib/ltree's ltxtquery type (Tom Lane)
 .
       Parsing of these query structures did not check for overflow of 16-bit
       fields, so that construction of an invalid query tree was possible.
       This can crash the server when executing the query.
 .
       The PostgreSQL Project thanks Xint Code for reporting this problem.
       (CVE-2026-6473)
 .
     + Guard against overly long values of contrib/ltree's lquery type
       (Michael Paquier)
 .
       Values with more than 64K items caused internal overflows, potentially
       resulting in stack smashes or wrong answers.
 .
       The PostgreSQL Project thanks Vergissmeinnicht, A1ex, and Jihe Wang for
       reporting this problem. (CVE-2026-6473)
 .
     + Prevent SQL injection and buffer overruns in contrib/spi
       (Nathan Bossart)
 .
       check_foreign_key() was insufficiently careful about quoting key values,
       and also used fixed-length buffers for constructing queries.  While this
       module is only meant as example code, it still shouldn't contain such
       dangerous errors.
 .
       The PostgreSQL Project thanks Nikolay Samokhvalov for reporting this
       problem. (CVE-2026-6637)
Checksums-Sha1:
 be25f3d450c8cf7aa17cd0cfa2ab865d758bf02d 16500 libecpg-compat3-dbgsym_17.10-0+deb13u1_amd64.deb
 63322e2e3caf3fe1807f2db19e380f16dc9878f6 19848 libecpg-compat3_17.10-0+deb13u1_amd64.deb
 d5b0d1cc4079c4cdc5106da6987baa8953db61ee 279504 libecpg-dev-dbgsym_17.10-0+deb13u1_amd64.deb
 b9117d4709e272f088e0dba1ee6f765d235018f3 306904 libecpg-dev_17.10-0+deb13u1_amd64.deb
 1d704047dec1dd57fe7b2ba130e6cb36f918b062 115052 libecpg6-dbgsym_17.10-0+deb13u1_amd64.deb
 f1e3bdd9dad4346eeae88aea953ae1265638ae82 65268 libecpg6_17.10-0+deb13u1_amd64.deb
 8ef146e7c7178cc5c14808c84ea3280e7b8cd065 90640 libpgtypes3-dbgsym_17.10-0+deb13u1_amd64.deb
 b30dc7c0f3d44a6e28a377a04f7d90c48ed4be63 48476 libpgtypes3_17.10-0+deb13u1_amd64.deb
 10f561aee210e9821bba6b3edd0fd6ce9e328bb6 153808 libpq-dev_17.10-0+deb13u1_amd64.deb
 ee9d323f9cb164a6540601a1de24d8bfa2e9e39e 298900 libpq5-dbgsym_17.10-0+deb13u1_amd64.deb
 e4c3266e3dc5dea2a89dde5f34d921480f0486ab 230332 libpq5_17.10-0+deb13u1_amd64.deb
 a508892d00ac24f20cc0fe7ba20011eb38c5264c 19735872 postgresql-17-dbgsym_17.10-0+deb13u1_amd64.deb
 51a3dd044aa6bbfc728340e0578a7844652b2e42 17374 postgresql-17_17.10-0+deb13u1_amd64-buildd.buildinfo
 8a19f02e12486b2ef6d472b77f13ef6839a06f7d 16609800 postgresql-17_17.10-0+deb13u1_amd64.deb
 b525a46283172c6a3289d90c6810ec9bf9fb3352 3068148 postgresql-client-17-dbgsym_17.10-0+deb13u1_amd64.deb
 79316c56320648d7e1ffad3f41b305f485c5b6dc 2051712 postgresql-client-17_17.10-0+deb13u1_amd64.deb
 9a5adf0ba8e23209738c58c672c282da617d15f2 203272 postgresql-plperl-17-dbgsym_17.10-0+deb13u1_amd64.deb
 c63d53bcee566ab924abefecde0f5ee27c07779c 88532 postgresql-plperl-17_17.10-0+deb13u1_amd64.deb
 6c55538ec819b6651781f0dd8db2c85f9350b760 204480 postgresql-plpython3-17-dbgsym_17.10-0+deb13u1_amd64.deb
 89a4fffc58066f134c6e32f5298ffaf4bf299cff 113524 postgresql-plpython3-17_17.10-0+deb13u1_amd64.deb
 13035a66bb1290d4b5bc99477f7533f0e9dc2af9 85120 postgresql-pltcl-17-dbgsym_17.10-0+deb13u1_amd64.deb
 ce7a67f8f1517574f9a7b2313d17606683368e6e 45768 postgresql-pltcl-17_17.10-0+deb13u1_amd64.deb
 a3ab2f79ef69d884cf331a9258754ff29be79f22 56040 postgresql-server-dev-17-dbgsym_17.10-0+deb13u1_amd64.deb
 1860b378909b061b460703c2c6e16c7c273c04ec 1326568 postgresql-server-dev-17_17.10-0+deb13u1_amd64.deb
Checksums-Sha256:
 e0c633c56009312f3b006f94654a4acb2c474bc84b56bd5442200d13eded6898 16500 libecpg-compat3-dbgsym_17.10-0+deb13u1_amd64.deb
 6ab8d80be429db30bc8813b0b59bb4d1e77d0faefd5a9171f9649c909beb4536 19848 libecpg-compat3_17.10-0+deb13u1_amd64.deb
 4bdce1a28db41422ba54fb032f2b8bd96a55a3607a9a4ff82b337cea55990e0c 279504 libecpg-dev-dbgsym_17.10-0+deb13u1_amd64.deb
 d9d8b8f4a9149268eb89fc55dfb4ed3864079b8b37d06abe077954f43643bd79 306904 libecpg-dev_17.10-0+deb13u1_amd64.deb
 2a9df63531ead9586fc3621832be9e8a0df25e6ee0f1fc7c5d67f6092b7dc98b 115052 libecpg6-dbgsym_17.10-0+deb13u1_amd64.deb
 088e4efe41d92af1b8c90079bafda566fe2c1a857e73e2d3525a1b5f77b68ebd 65268 libecpg6_17.10-0+deb13u1_amd64.deb
 3176c90148313c392adc25c0b5f335a8884493c63a08842a8aa5c0b2b947f847 90640 libpgtypes3-dbgsym_17.10-0+deb13u1_amd64.deb
 d14e37de8cc138bcd313c77019def18d8ffa3b30b658236558d6c2b7788bf9b2 48476 libpgtypes3_17.10-0+deb13u1_amd64.deb
 0cb90e8f6ca3f385e925f005ab63d55771d2acce2a0123f3c40459c2efaedb49 153808 libpq-dev_17.10-0+deb13u1_amd64.deb
 a70aafe4f81f03a294e344e68fa6c7fd389e1d7ebbb6e44cb9d50f31cc0399a2 298900 libpq5-dbgsym_17.10-0+deb13u1_amd64.deb
 bcaba7700a2afbdc4b7bf0b0bc9532f1cd49a8fd6fa47ccab125befd4ba7716a 230332 libpq5_17.10-0+deb13u1_amd64.deb
 21cd1a48f84dc2e9b75d7b83216523f546a2bbfa227be9df4cc4d5cc4539fe88 19735872 postgresql-17-dbgsym_17.10-0+deb13u1_amd64.deb
 7879ef553a63045a20678e4ce2766898d7567cfeac71dfc6079ea01452a5de0f 17374 postgresql-17_17.10-0+deb13u1_amd64-buildd.buildinfo
 3b7d9dbfd2f618d767fc091ffb7432faa6284a20f7095b430dd57644602f40dd 16609800 postgresql-17_17.10-0+deb13u1_amd64.deb
 7b3c6549ab24334487d3028ddc82a3b5cd5ead969c00a2084102e958b56a8514 3068148 postgresql-client-17-dbgsym_17.10-0+deb13u1_amd64.deb
 0f4b84e21eb9df17a000af9a5c68eeed14c7c1cad9fa911bb3cb26311ee4a5b5 2051712 postgresql-client-17_17.10-0+deb13u1_amd64.deb
 d5a54c1941719d5bf5610c9992351363c9e61d1582fde1c00e529cbdd36a3eab 203272 postgresql-plperl-17-dbgsym_17.10-0+deb13u1_amd64.deb
 0b9aa6f03bb28b1d58ddec23a51a9863dde5bbebd91187226852f45ec5dbc73b 88532 postgresql-plperl-17_17.10-0+deb13u1_amd64.deb
 2eaf4e954ab8ef7f282614d5f81b4739ca6fc578f5c4f467f479ebc720e891e1 204480 postgresql-plpython3-17-dbgsym_17.10-0+deb13u1_amd64.deb
 9891c294c806a00672e19d0e293ee88c4d8dc578c6fa4c6a65b5950a3bca6c6f 113524 postgresql-plpython3-17_17.10-0+deb13u1_amd64.deb
 a345c4637d344a0e7adb79d72a3a035be2d48c60d34a7e42321552e4d2baf712 85120 postgresql-pltcl-17-dbgsym_17.10-0+deb13u1_amd64.deb
 8ef79c28b89110b56d91fb46431dab022431648067dde2f45fbf85a1c13e1f62 45768 postgresql-pltcl-17_17.10-0+deb13u1_amd64.deb
 d9f81422167fde1620ee12556d5cc3494ceb3ef8ffb69ff341f0c81a7c01a1b5 56040 postgresql-server-dev-17-dbgsym_17.10-0+deb13u1_amd64.deb
 7e8b5864e0735bd05ef00f205dd859aa472d25006e3e857f8fe585db57387e7e 1326568 postgresql-server-dev-17_17.10-0+deb13u1_amd64.deb
Files:
 b8ff7703309be1f572ce7b46a7b11abf 16500 debug optional libecpg-compat3-dbgsym_17.10-0+deb13u1_amd64.deb
 a5e26453a10ef547912f0fd383eb7693 19848 libs optional libecpg-compat3_17.10-0+deb13u1_amd64.deb
 4a54d9a2c7ef22728ffffc0c1017dc09 279504 debug optional libecpg-dev-dbgsym_17.10-0+deb13u1_amd64.deb
 873fa67ac92ceb6677823fb1e5f4d431 306904 libdevel optional libecpg-dev_17.10-0+deb13u1_amd64.deb
 b0561849c98abee37e907dc2f3af97c3 115052 debug optional libecpg6-dbgsym_17.10-0+deb13u1_amd64.deb
 cf9509f8ac137468b0bf44636e309309 65268 libs optional libecpg6_17.10-0+deb13u1_amd64.deb
 db3ba69713dec3b62a08cfa4844e1aed 90640 debug optional libpgtypes3-dbgsym_17.10-0+deb13u1_amd64.deb
 53f60cd4470f12f3a361c797ceb56cc5 48476 libs optional libpgtypes3_17.10-0+deb13u1_amd64.deb
 102526b724d2b218f013aea495910227 153808 libdevel optional libpq-dev_17.10-0+deb13u1_amd64.deb
 da6f045f1d757d5baab2cd708d833457 298900 debug optional libpq5-dbgsym_17.10-0+deb13u1_amd64.deb
 4a8b9709a638b4090461a001cd75e209 230332 libs optional libpq5_17.10-0+deb13u1_amd64.deb
 2cb068a06c70d5e6dd9a1283259b9001 19735872 debug optional postgresql-17-dbgsym_17.10-0+deb13u1_amd64.deb
 f25224fddf35c9edf820e5c08dcaba2e 17374 database optional postgresql-17_17.10-0+deb13u1_amd64-buildd.buildinfo
 9ea8bac686a1a99dfec8b4b798a15b6f 16609800 database optional postgresql-17_17.10-0+deb13u1_amd64.deb
 eb1bd1ab2d51d94908a5a53c0e9ab54f 3068148 debug optional postgresql-client-17-dbgsym_17.10-0+deb13u1_amd64.deb
 fa6aed27e94988ae6328082b3fbd2d47 2051712 database optional postgresql-client-17_17.10-0+deb13u1_amd64.deb
 825bd991dead86c5a29a623a0f54a973 203272 debug optional postgresql-plperl-17-dbgsym_17.10-0+deb13u1_amd64.deb
 c65ec5e42e17aaa538ef1b09cd8dc8cc 88532 database optional postgresql-plperl-17_17.10-0+deb13u1_amd64.deb
 ab1a63d52dd5fd543bfe8835d120797e 204480 debug optional postgresql-plpython3-17-dbgsym_17.10-0+deb13u1_amd64.deb
 92f8325aa3f000488aef8d3186e2400b 113524 database optional postgresql-plpython3-17_17.10-0+deb13u1_amd64.deb
 8288a9730416a8ab7a4b01c7da8e6dfc 85120 debug optional postgresql-pltcl-17-dbgsym_17.10-0+deb13u1_amd64.deb
 d4f1cc6268986ada351425e572015dff 45768 database optional postgresql-pltcl-17_17.10-0+deb13u1_amd64.deb
 ad09be01cac94d86b09a2cde9922ac19 56040 debug optional postgresql-server-dev-17-dbgsym_17.10-0+deb13u1_amd64.deb
 7c6342fc272b76d6d0d7edddbaaae3e4 1326568 libdevel optional postgresql-server-dev-17_17.10-0+deb13u1_amd64.deb

-----BEGIN PGP SIGNATURE-----

iQIzBAEBCgAdFiEE+i/sCsF3puL4e7qIGNGWmfrqILEFAmoDPukACgkQGNGWmfrq
ILHEdg//RHgLHY6QmlRHISJUlmnt46XmhKVENKJK0gPKbK1Mnx0XTz0p+S7SzbGF
hF8b8xqs3cNMtN4V0eBrMMSxphkgzqBsVAnlnW/DCRWSn6ONkOsxrteC8u9bKojd
cC6sbsAzJ/Hrg8M/nM6YBQnbQO5m2FftcNECu+foUrNm4BvWrgET0fqpH1I/3Jwv
m0JlaC05ub5kQCtezYTf7lrvHVrC5gBfLgCKl86cjC5BOUAxO1TgFYnnx9hyUEM6
Kqyx9sBFNXXoXICvo/C0U0m2F4fpCd+pSd4n15TpFWOKJNcLjzKpmK+zSpKOje8o
J1m3t1SKhOlYsYJWW1QSl+t8GqPG+5FGxLoT7zTjlS9mlifDA31Lr7Hm47CQqnVV
rZY2nEK6dtJgh6+VRm/euKqco2rLPZ0hNERB77ue1BA3hFAV6QmDsGSZIumZKU8k
lHS74p02UcyQmD3CIZjz/U4PNNN9jdsJxFv6oDBe4N+VfDMqYIK8DuZPmCDOdjhv
wg18kILHKJfOsRqzSVHNCsoL+6VbGv5qP0AKFU7cYfin7QWPyuvE0kSs1NQ5dla/
N82YoXM3a41CWl7ytQxNCfXUNLk96C+Ry+yywvo+kog03JShJb8LUEzjg3ILwQmF
J4Z2RIC3m2tmASxuxu+GR6DZOthhImCO0WR7m5qrdcgZVJz44go=
=lgkp
-----END PGP SIGNATURE-----