-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA512

Format: 1.8
Date: Mon, 11 May 2026 22:57:44 +0200
Source: postgresql-17
Binary: libecpg-compat3 libecpg-compat3-dbgsym libecpg-dev libecpg-dev-dbgsym libecpg6 libecpg6-dbgsym libpgtypes3 libpgtypes3-dbgsym libpq-dev libpq5 libpq5-dbgsym postgresql-17 postgresql-17-dbgsym postgresql-client-17 postgresql-client-17-dbgsym postgresql-plperl-17 postgresql-plperl-17-dbgsym postgresql-plpython3-17 postgresql-plpython3-17-dbgsym postgresql-pltcl-17 postgresql-pltcl-17-dbgsym postgresql-server-dev-17 postgresql-server-dev-17-dbgsym
Architecture: i386
Version: 17.10-0+deb13u1
Distribution: trixie-security
Urgency: medium
Maintainer: amd64 / i386 Build Daemon (x86-ubc-02) <buildd_amd64-x86-ubc-02@buildd.debian.org>
Changed-By: Christoph Berg <myon@debian.org>
Description:
 libecpg-compat3 - older version of run-time library for ECPG programs
 libecpg-dev - development files for ECPG (Embedded PostgreSQL for C)
 libecpg6   - run-time library for ECPG programs
 libpgtypes3 - shared library libpgtypes for PostgreSQL 17
 libpq-dev  - header files for libpq5 (PostgreSQL library)
 libpq5     - PostgreSQL C client library
 postgresql-17 - The World's Most Advanced Open Source Relational Database
 postgresql-client-17 - front-end programs for PostgreSQL 17
 postgresql-plperl-17 - PL/Perl procedural language for PostgreSQL 17
 postgresql-plpython3-17 - PL/Python 3 procedural language for PostgreSQL 17
 postgresql-pltcl-17 - PL/Tcl procedural language for PostgreSQL 17
 postgresql-server-dev-17 - development files for PostgreSQL 17 server-side programming
Changes:
 postgresql-17 (17.10-0+deb13u1) trixie-security; urgency=medium
 .
   * New upstream version 17.10.
 .
     + Prevent unbounded recursion while processing startup packets
       (Michael Paquier)
 .
       A malicious client could crash the connected backend by alternating
       rejected SSL and GSS encryption requests indefinitely.
 .
       The PostgreSQL Project thanks Calif.io (in collaboration with Claude and
       Anthropic Research) for reporting this problem. (CVE-2026-6479)
 .
     + Fix assorted integer overflows in memory-allocation calculations
       (Tom Lane, Nathan Bossart, Heikki Linnakangas)
 .
       Various places were incautious about the possibility of integer overflow
       in calculations of how much memory to allocate.  Overflow would lead to
       allocating a too-small buffer which the caller would then write past the
       end of.  This would at least trigger server crashes, and probably could
       be exploited for arbitrary code execution.  In many but by no means all
       cases, the hazard exists only in 32-bit builds.
 .
       The PostgreSQL Project thanks Xint Code, Bruce Dang, Sven Klemm, and
       Pavel Kohout for reporting these problems. (CVE-2026-6473)
 .
     + Properly quote subscription names in pg_createsubscriber
       (Nathan Bossart)
 .
       The given subscription name was inserted into SQL commands without
       quoting, so that SQL injection could be achieved in the (perhaps
       unlikely) case that the subscription name comes from an untrusted
       source.
 .
       The PostgreSQL Project thanks Yu Kunpeng for reporting this problem.
       (CVE-2026-6476)
 .
     + Properly quote object names in logical replication origin checks
       (Pavel Kohout)
 .
       ALTER SUBSCRIPTION ... REFRESH PUBLICATION interpolated schema and
       relation names into SQL commands without quoting them, allowing
       execution of arbitrary SQL on the publisher.
 .
       The PostgreSQL Project thanks Pavel Kohout for reporting this problem.
       (CVE-2026-6638)
 .
     + Reject over-length options in ts_headline() (Michael Paquier)
 .
       The StartSel, StopSel and FragmentDelimiter strings must not exceed 32Kb
       in length, but this was not checked for.  An over-length value would
       typically crash the server.
 .
       The PostgreSQL Project thanks Xint Code for reporting this problem.
       (CVE-2026-6473)
 .
     + Guard against malicious time zone names in timeofday() and pg_strftime()
       (Tom Lane)
 .
       A crafted time zone setting could pass % sequences to snprintf(),
       potentially causing crashes or disclosure of server memory.  Another
       path to similar results was to overflow the limited-size output buffer
       used by pg_strftime().
 .
       The PostgreSQL Project thanks Xint Code for reporting this problem.
       (CVE-2026-6474)
 .
     + When creating a multirange type, ensure the user has CREATE privilege on
       the schema specified for the multirange type (Jelte Fennema-Nio)
 .
       The multirange type can be put into a different schema than its parent
       range type, but we neglected to apply the required privilege check when
       doing so.
 .
       The PostgreSQL Project thanks Jelte Fennema-Nio for reporting this
       problem. (CVE-2026-6472)
 .
     + Use timing-safe string comparisons in authentication code
       (Michael Paquier)
 .
       Use timingsafe_bcmp() instead of memcpy() or strcmp() when checking
       passwords, hashes, etc.  It is not known whether the data dependency of
       those functions is usefully exploitable in any of these places, but in
       the interests of safety, replace them.
 .
       The PostgreSQL Project thanks Joe Conway for reporting this problem.
       (CVE-2026-6478)
 .
     + Mark PQfn() as unsafe, and avoid using it within libpq (Nathan Bossart)
 .
       For a non-integral result type, PQfn() is not passed the size of the
       output buffer, so it cannot check that the data returned by the server
       will fit.  A malicious server could therefore overwrite client memory.
       This is unfixable without an API change, so mark the function as
       deprecated.  Internally to libpq, use a variant version that can apply
       the missing check.
 .
       The PostgreSQL Project thanks Yu Kunpeng and Martin Heistermann for
       reporting this problem. (CVE-2026-6477)
 .
     + Prevent path traversal in pg_basebackup and pg_rewind (Michael Paquier)
 .
       These applications failed to validate output file paths read from their
       input, so that a malicious source could overwrite any file writable by
       these applications.  Constrain where data can be written by rejecting
       paths that are absolute or contain parent-directory references.
 .
       The PostgreSQL Project thanks XlabAI Team of Tencent Xuanwu Lab and
       Valery Gubanov for reporting this problem. (CVE-2026-6475)
 .
     + Guard against field overflow within contrib/intarray's query_int type
       and contrib/ltree's ltxtquery type (Tom Lane)
 .
       Parsing of these query structures did not check for overflow of 16-bit
       fields, so that construction of an invalid query tree was possible.
       This can crash the server when executing the query.
 .
       The PostgreSQL Project thanks Xint Code for reporting this problem.
       (CVE-2026-6473)
 .
     + Guard against overly long values of contrib/ltree's lquery type
       (Michael Paquier)
 .
       Values with more than 64K items caused internal overflows, potentially
       resulting in stack smashes or wrong answers.
 .
       The PostgreSQL Project thanks Vergissmeinnicht, A1ex, and Jihe Wang for
       reporting this problem. (CVE-2026-6473)
 .
     + Prevent SQL injection and buffer overruns in contrib/spi
       (Nathan Bossart)
 .
       check_foreign_key() was insufficiently careful about quoting key values,
       and also used fixed-length buffers for constructing queries.  While this
       module is only meant as example code, it still shouldn't contain such
       dangerous errors.
 .
       The PostgreSQL Project thanks Nikolay Samokhvalov for reporting this
       problem. (CVE-2026-6637)
Checksums-Sha1:
 2dddd36e07c807cc092a67750513541903c4eb96 14344 libecpg-compat3-dbgsym_17.10-0+deb13u1_i386.deb
 fa577fdf02cee03d8c1c2498ecae97491dbccf34 20424 libecpg-compat3_17.10-0+deb13u1_i386.deb
 60362a50f08f8331d09846bcbdcd53abacd0bb0a 276852 libecpg-dev-dbgsym_17.10-0+deb13u1_i386.deb
 41368a54f70e53c63fea0e63a9559ea5193bbfa7 315172 libecpg-dev_17.10-0+deb13u1_i386.deb
 567b6b8030213c546721f2d24df42f8bf9984200 103276 libecpg6-dbgsym_17.10-0+deb13u1_i386.deb
 6533c5ddbe7bb1d46dc733123f792edd4ad4d073 69036 libecpg6_17.10-0+deb13u1_i386.deb
 2a1a0a6d33147a313faecaf648e75e7e63ebd595 83428 libpgtypes3-dbgsym_17.10-0+deb13u1_i386.deb
 f5731331b4b1624dd2573d2f6b92e4b55d025dd0 50672 libpgtypes3_17.10-0+deb13u1_i386.deb
 3693476007ff138603ac6b46e6f455d05b70a413 163972 libpq-dev_17.10-0+deb13u1_i386.deb
 dd9657821c9eda706759943710bd5ca4cbc796f7 261256 libpq5-dbgsym_17.10-0+deb13u1_i386.deb
 fd19fbefce46cd31e6b358118ca9e24c53c18db2 240056 libpq5_17.10-0+deb13u1_i386.deb
 19f52c588effe9d661a9fb43441706b6f38ef2fd 17764420 postgresql-17-dbgsym_17.10-0+deb13u1_i386.deb
 996d4d11d4a6b899f139028a809393baf95dfa9b 17212 postgresql-17_17.10-0+deb13u1_i386-buildd.buildinfo
 cd731e979530509c28723d2778965968d3d1e850 16861480 postgresql-17_17.10-0+deb13u1_i386.deb
 c6a0c58a3e79e18a5396e23b43a7fc2954a4d178 2629604 postgresql-client-17-dbgsym_17.10-0+deb13u1_i386.deb
 1e9894945d0d78b092aae24a060663d7b1d1f34f 2080372 postgresql-client-17_17.10-0+deb13u1_i386.deb
 cd7dc73a032d873e4f49de013393bfbc063781a4 190048 postgresql-plperl-17-dbgsym_17.10-0+deb13u1_i386.deb
 ce7047060b52ef9748b03213a539d2d29b60ec23 91676 postgresql-plperl-17_17.10-0+deb13u1_i386.deb
 59f46547ab92a09effd2314da15cc02bcb50c831 187792 postgresql-plpython3-17-dbgsym_17.10-0+deb13u1_i386.deb
 3b5f08168930888aac2334f16bf7b534d5379a48 116280 postgresql-plpython3-17_17.10-0+deb13u1_i386.deb
 6297ff6898ada6d9d8fc8d782f779f338f7d2c79 78084 postgresql-pltcl-17-dbgsym_17.10-0+deb13u1_i386.deb
 f53c336ef8e63817733370f0031bd55124fc2628 47344 postgresql-pltcl-17_17.10-0+deb13u1_i386.deb
 7f732f2a3d16389609e1b458a408f111b5a06ac8 53980 postgresql-server-dev-17-dbgsym_17.10-0+deb13u1_i386.deb
 41f8bd1833dfd5e3b46233bfe520bf6216527845 1342536 postgresql-server-dev-17_17.10-0+deb13u1_i386.deb
Checksums-Sha256:
 c047a2bd6352cec073cf3b0cd73e118a64662cffdf8701ef2794f8101d5818c6 14344 libecpg-compat3-dbgsym_17.10-0+deb13u1_i386.deb
 4e52fd234fcd820b01149f378fcea45a05fcc4655f6bfb4c87f0192ca2706aea 20424 libecpg-compat3_17.10-0+deb13u1_i386.deb
 143a9d12355983b817c2fd4bc26d75c701d1123645670ce0624ac33ae9fd3fdb 276852 libecpg-dev-dbgsym_17.10-0+deb13u1_i386.deb
 54ea422c4252d1441f1061bab959ac734c6fd6704a9dd8404645c4e89071a231 315172 libecpg-dev_17.10-0+deb13u1_i386.deb
 ae79fcaebee6e1d895723894f6d46216f70b7ae8c9f68158e3118e9adc8d48a0 103276 libecpg6-dbgsym_17.10-0+deb13u1_i386.deb
 86767b7e1f7428007c169803a595cf982be4f66bcad117870f21fc18b5fb5b47 69036 libecpg6_17.10-0+deb13u1_i386.deb
 6edf9674a2331f1f7e7af964c5d432881192e7c1beb1b863ee741b7eb3469fcb 83428 libpgtypes3-dbgsym_17.10-0+deb13u1_i386.deb
 498a8646134e796acf2ac47cf655817c15e0142f9af27f94c2bde55e485df0ab 50672 libpgtypes3_17.10-0+deb13u1_i386.deb
 7a6c40a0dc90fe76a5806642d62c6c1c56601fd5330234628a5a1d827e31b821 163972 libpq-dev_17.10-0+deb13u1_i386.deb
 13eb775c4e06d5ab1783ab4f6aa24366ad13fba6e5e1e7108bf35e1bffd077f4 261256 libpq5-dbgsym_17.10-0+deb13u1_i386.deb
 da8001c007f85a7cbeaf1c0f14dc835b03e5913b2e7fddf0cbd0c35513e2e0ed 240056 libpq5_17.10-0+deb13u1_i386.deb
 33e7c792f0f903eb61885e1d03969726989234f9f0fb19af7af747a719151f02 17764420 postgresql-17-dbgsym_17.10-0+deb13u1_i386.deb
 2dee2d1fd43e588da7e5003ca1b8d8c3823b11a111649b7350ee49e3fef3a894 17212 postgresql-17_17.10-0+deb13u1_i386-buildd.buildinfo
 b15601124e0e71445e3c0eb703b54c776fa1df41cfc306497ddff3d1b17e5101 16861480 postgresql-17_17.10-0+deb13u1_i386.deb
 36e0d731491f07ca2812a404d5fc0a527616e88ced43d2c2cdfef788ca39b722 2629604 postgresql-client-17-dbgsym_17.10-0+deb13u1_i386.deb
 59e2132e1f9c54d308d7b97a9fcfb3cc2672c6dcc3eae9561f60be8d35cc8dd7 2080372 postgresql-client-17_17.10-0+deb13u1_i386.deb
 714c1cb916ea184444492737267c4c0742ba080be5057a6c01a45b81dd76f850 190048 postgresql-plperl-17-dbgsym_17.10-0+deb13u1_i386.deb
 bdb72c0d60a0098abd528e7bade65c87dd8c4ae23354bbc26821295695dad89f 91676 postgresql-plperl-17_17.10-0+deb13u1_i386.deb
 65472a771f07d1fbc593518a7dd1c4fff9dde9419f9c41f8fb892ad9bc0321ab 187792 postgresql-plpython3-17-dbgsym_17.10-0+deb13u1_i386.deb
 eced53c195cd18cd21d6032b46a2055aad582eb06e904bd612b1304b9fe332ba 116280 postgresql-plpython3-17_17.10-0+deb13u1_i386.deb
 2b460fa8f70df7fa01d35a0bb36be6115d4dcf9059e2d63caaae95f53b74193a 78084 postgresql-pltcl-17-dbgsym_17.10-0+deb13u1_i386.deb
 ffe9a9fb32fbbfec6ba95c870d0cab7acab696c82620ea102dfa7848aa6d5294 47344 postgresql-pltcl-17_17.10-0+deb13u1_i386.deb
 3d10daae4328fade3d8611e145093cad6ca03ff3ad32fb277c4bbe0c4c1ea37a 53980 postgresql-server-dev-17-dbgsym_17.10-0+deb13u1_i386.deb
 f7db3ace9ffea02f0b019c128ac6a265f53b7853f4e4131c42b2b389edfdeff8 1342536 postgresql-server-dev-17_17.10-0+deb13u1_i386.deb
Files:
 6804f0d05932c045a1bd725cb2e0b467 14344 debug optional libecpg-compat3-dbgsym_17.10-0+deb13u1_i386.deb
 8fc09d058e5a47f06fa623395de73aa5 20424 libs optional libecpg-compat3_17.10-0+deb13u1_i386.deb
 662735cd67dce172f124013c81d2a684 276852 debug optional libecpg-dev-dbgsym_17.10-0+deb13u1_i386.deb
 1f1562b2c3a23629586de597fece122d 315172 libdevel optional libecpg-dev_17.10-0+deb13u1_i386.deb
 307a06b04ab61aa0f22d9e406cdcaf72 103276 debug optional libecpg6-dbgsym_17.10-0+deb13u1_i386.deb
 53bf084398c2b3ba41fcb411976bdb05 69036 libs optional libecpg6_17.10-0+deb13u1_i386.deb
 4bb37492b4c2904916ed815ebced9d6b 83428 debug optional libpgtypes3-dbgsym_17.10-0+deb13u1_i386.deb
 88e053ddc392f3df8c4f733220cc4949 50672 libs optional libpgtypes3_17.10-0+deb13u1_i386.deb
 6f57954064c0bf12d330198ae808334e 163972 libdevel optional libpq-dev_17.10-0+deb13u1_i386.deb
 1ebd388c0a9736c4c61df68098a29fb4 261256 debug optional libpq5-dbgsym_17.10-0+deb13u1_i386.deb
 cbcd69858e1f34855b1ace1dd3e47daf 240056 libs optional libpq5_17.10-0+deb13u1_i386.deb
 da313c6b282b1d94e85f353373cc145f 17764420 debug optional postgresql-17-dbgsym_17.10-0+deb13u1_i386.deb
 9f3de86626cd73b2397fa61ce161d44f 17212 database optional postgresql-17_17.10-0+deb13u1_i386-buildd.buildinfo
 d2e2bd759e456464f731b615c21d0ef9 16861480 database optional postgresql-17_17.10-0+deb13u1_i386.deb
 f2aa9aa59ec5d2812d701cf8f5fda118 2629604 debug optional postgresql-client-17-dbgsym_17.10-0+deb13u1_i386.deb
 493417efe928753d1e1c1d8cff27399a 2080372 database optional postgresql-client-17_17.10-0+deb13u1_i386.deb
 92a2d0fa308fdfb13bf06558a28b48b4 190048 debug optional postgresql-plperl-17-dbgsym_17.10-0+deb13u1_i386.deb
 ea5e7e3d44523f69a4903464b8f28eae 91676 database optional postgresql-plperl-17_17.10-0+deb13u1_i386.deb
 69e088b81a41724a5c4cb022dcc62bad 187792 debug optional postgresql-plpython3-17-dbgsym_17.10-0+deb13u1_i386.deb
 5279e108795a8b192e42d0097732f72d 116280 database optional postgresql-plpython3-17_17.10-0+deb13u1_i386.deb
 ab0d241e64a8355cb5018374abe14e75 78084 debug optional postgresql-pltcl-17-dbgsym_17.10-0+deb13u1_i386.deb
 7437abf763d6e42f97670dade42cedc5 47344 database optional postgresql-pltcl-17_17.10-0+deb13u1_i386.deb
 fe1dd2a2490d891b45eea48654a1409c 53980 debug optional postgresql-server-dev-17-dbgsym_17.10-0+deb13u1_i386.deb
 a2704c0e5f0c0046d8a09d121264a355 1342536 libdevel optional postgresql-server-dev-17_17.10-0+deb13u1_i386.deb

-----BEGIN PGP SIGNATURE-----

iQIzBAEBCgAdFiEEb5EwsJvHBEjqIJYIbheoBegwXLIFAmoDOvQACgkQbheoBegw
XLIi4w//VZehaPcicZAnUjlg75ciNY61etwpfpr7LM6r52OAu+a4+sja8hnTmmXw
BfOnfXHO3jLUzwP5M3mmsEteEzdCivJkLEkPA1KquSs4c67qUuGEKBRoy9+lJc6Z
BWrkRcVsfoaVk/5uxRLre7IDnxX/scIYI8Q0XbN0k9lIy/vvkoKt79pG+HST30hA
sZ9LUwUstz8BdzV/rW085z/WrAxLE5QXWtQ+zA+0z3LZ2RqDSE4IpnInT4qrIfqM
zcAC7xvAi6tRlRfMULNFWP0+g93llUPUlwy+YigTEMha1+pAAyY17hbonPjw9zJ6
kKCu7x9pfokzlHiRo/hLNai3M2TAyhrrA9SVg3MQZUvtuoVSohGiYZ+RP9R3eoXh
fNQ823eawIK8WvD6RmP49VDrFcE9FXbnCEnpMl0zIFSzsDxN1DzHVKLL2SKoa8Tj
ZHFQ6c3n4zJ/pHDc49XuyDdByOUEYzLIgFRd7+KxsOIaNucgeh0xY1mQfb2gzJM8
1RRic+jc/gOZjpp37LrVb6DgYgYWLHpQlioxr59EZ3dVHElL4vMH0NhUFvxuqdb7
/CK8zWQKuFK33+XE2jsuYm5n9rzqRuQgqK3HJAJY0CUbFqfJAaXhWsN798qrBo+2
8k4xFPPYi5u3t8rkhNmNzyZaAfGqHdN4YxfQIBfUN0gtnJdnb8I=
=CAqn
-----END PGP SIGNATURE-----