pgbouncer updated to version 1.16.1-1.pgdg+1 - Mailing list pgsql-pkg-debian
| From | apt.postgresql.org Repository Update |
|---|---|
| Subject | pgbouncer updated to version 1.16.1-1.pgdg+1 |
| Date | |
| Msg-id | E1mu8MK-0007EK-Kg@atalia.postgresql.org Whole thread Raw |
| List | pgsql-pkg-debian |
The package pgbouncer was updated on apt.postgresql.org.
apt-listchanges: Changelogs
---------------------------
pgbouncer (1.16.1-1.pgdg+1) sid-pgdg; urgency=medium
* Rebuild for sid-pgdg.
* No source changes.
-- PostgreSQL on Debian and Ubuntu <pgsql-pkg-debian@lists.postgresql.org> Fri, 26 Nov 2021 11:19:53 +0100
pgbouncer (1.16.1-1) unstable; urgency=medium
* New upstream version.
Make PgBouncer acting as a server reject extraneous data after an
SSL or GSS encryption handshake.
A man-in-the-middle with the ability to inject data into the TCP
connection could stuff some cleartext data into the start of a
supposedly encryption-protected database session. This could be
abused to send faked SQL commands to the server, although that would
only work if PgBouncer did not demand any authentication data.
(However, a PgBouncer setup relying on SSL certificate
authentication might well not do so.)
(Similar to CVE-2021-23214 in the PostgreSQL server.)
-- Christoph Berg <myon@debian.org> Fri, 26 Nov 2021 11:19:53 +0100
New version 1.16.1-1.pgdg+1:
pgbouncer | 1.16.1-1.pgdg+1 | sid-pgdg | amd64, arm64, i386, ppc64el, source
pgbouncer | 1.16.1-1.pgdg120+1 | bookworm-pgdg | amd64, arm64, ppc64el, source
pgbouncer | 1.16.1-1.pgdg110+1 | bullseye-pgdg | amd64, ppc64el, source
pgbouncer | 1.16.0-1.pgdg110+1 | bullseye-pgdg | arm64
pgbouncer | 1.16.1-1.pgdg100+1 | buster-pgdg | amd64, arm64, i386, ppc64el, source
pgbouncer | 1.16.1-1.pgdg90+1 | stretch-pgdg | amd64, i386, ppc64el, source
pgbouncer | 1.16.1-1.pgdg21.10+1 | impish-pgdg | amd64, source
pgbouncer | 1.16.1-1.pgdg21.04+1 | hirsute-pgdg | amd64, source
pgbouncer | 1.16.0-1.pgdg20.10+1 | groovy-pgdg | amd64, source
pgbouncer | 1.16.1-1.pgdg20.04+1 | focal-pgdg | amd64, arm64, ppc64el, source
pgbouncer | 1.16.1-1.pgdg18.04+1 | bionic-pgdg | amd64, arm64, i386, ppc64el, source
pgbouncer | 1.15.0-1.pgdg16.04+1 | xenial-pgdg | amd64, i386, ppc64el, source
pgbouncer-dbg | 1.15.0-1.pgdg16.04+1 | xenial-pgdg | amd64, i386, ppc64el
pgbouncer-dbgsym | 1.16.1-1.pgdg+1 | sid-pgdg | amd64, arm64, i386, ppc64el
pgbouncer-dbgsym | 1.16.1-1.pgdg120+1 | bookworm-pgdg | amd64, arm64, ppc64el
pgbouncer-dbgsym | 1.16.1-1.pgdg110+1 | bullseye-pgdg | amd64, ppc64el
pgbouncer-dbgsym | 1.16.0-1.pgdg110+1 | bullseye-pgdg | arm64
pgbouncer-dbgsym | 1.16.1-1.pgdg100+1 | buster-pgdg | amd64, arm64, i386, ppc64el
pgbouncer-dbgsym | 1.16.1-1.pgdg90+1 | stretch-pgdg | amd64, i386, ppc64el
pgbouncer-dbgsym | 1.16.1-1.pgdg21.10+1 | impish-pgdg | amd64
pgbouncer-dbgsym | 1.16.1-1.pgdg21.04+1 | hirsute-pgdg | amd64
pgbouncer-dbgsym | 1.16.0-1.pgdg20.10+1 | groovy-pgdg | amd64
pgbouncer-dbgsym | 1.16.1-1.pgdg20.04+1 | focal-pgdg | amd64, arm64, ppc64el
pgbouncer-dbgsym | 1.16.1-1.pgdg18.04+1 | bionic-pgdg | amd64, arm64, i386, ppc64el
The public mirrors serving apt.postgresql.org are synced hourly,
the updated packages will be available there shortly.
pgsql-pkg-debian by date: