1. Forum
  2. Usenet
  3. LINUX.DEBIAN.BUGS.DIST

  • Bug#1106048: unblock: postgresql-17/17.5-1

    From Christoph Berg@21:1/5 to All on Mon May 19 11:30:01 2025
    XPost: linux.debian.devel.release

    Package: release.debian.org
    Severity: normal
    X-Debbugs-Cc: postgresql-17@packages.debian.org
    Control: affects -1 + src:postgresql-17
    User: release.debian.org@packages.debian.org
    Usertags: unblock

    Please unblock package postgresql-17

    [ Reason ]
    New upstream version, fixes CVE-2025-4207.

    [ Tests ]
    Extensive upstream and postgresql-common tests.

    unblock postgresql-17/17.5-1

    postgresql-17 (17.5-1) unstable; urgency=medium

    * New upstream version 17.5.

    + Avoid one-byte buffer overread when examining invalidly-encoded strings
    that are claimed to be in GB18030 encoding (Noah Misch, Andres Freund)

    While unlikely, a SIGSEGV crash could occur if an incomplete multibyte
    character appeared at the end of memory. This was possible both in the
    server and in libpq-using applications. (CVE-2025-4207)

    -- Christoph Berg <myon@debian.org> Tue, 06 May 2025 17:55:19 +0200

    Christoph

    --- SoupGate-Win32 v1.05
    * Origin: fsxNet Usenet Gateway (21:1/5)