pgbouncer updated to version 1.16.1-1.pgdg+1 - Mailing list pgsql-pkg-debian
From | apt.postgresql.org Repository Update |
---|---|
Subject | pgbouncer updated to version 1.16.1-1.pgdg+1 |
Date | |
Msg-id | E1mu8MK-0007EK-Kg@atalia.postgresql.org Whole thread Raw |
List | pgsql-pkg-debian |
The package pgbouncer was updated on apt.postgresql.org. apt-listchanges: Changelogs --------------------------- pgbouncer (1.16.1-1.pgdg+1) sid-pgdg; urgency=medium * Rebuild for sid-pgdg. * No source changes. -- PostgreSQL on Debian and Ubuntu <pgsql-pkg-debian@lists.postgresql.org> Fri, 26 Nov 2021 11:19:53 +0100 pgbouncer (1.16.1-1) unstable; urgency=medium * New upstream version. Make PgBouncer acting as a server reject extraneous data after an SSL or GSS encryption handshake. A man-in-the-middle with the ability to inject data into the TCP connection could stuff some cleartext data into the start of a supposedly encryption-protected database session. This could be abused to send faked SQL commands to the server, although that would only work if PgBouncer did not demand any authentication data. (However, a PgBouncer setup relying on SSL certificate authentication might well not do so.) (Similar to CVE-2021-23214 in the PostgreSQL server.) -- Christoph Berg <myon@debian.org> Fri, 26 Nov 2021 11:19:53 +0100 New version 1.16.1-1.pgdg+1: pgbouncer | 1.16.1-1.pgdg+1 | sid-pgdg | amd64, arm64, i386, ppc64el, source pgbouncer | 1.16.1-1.pgdg120+1 | bookworm-pgdg | amd64, arm64, ppc64el, source pgbouncer | 1.16.1-1.pgdg110+1 | bullseye-pgdg | amd64, ppc64el, source pgbouncer | 1.16.0-1.pgdg110+1 | bullseye-pgdg | arm64 pgbouncer | 1.16.1-1.pgdg100+1 | buster-pgdg | amd64, arm64, i386, ppc64el, source pgbouncer | 1.16.1-1.pgdg90+1 | stretch-pgdg | amd64, i386, ppc64el, source pgbouncer | 1.16.1-1.pgdg21.10+1 | impish-pgdg | amd64, source pgbouncer | 1.16.1-1.pgdg21.04+1 | hirsute-pgdg | amd64, source pgbouncer | 1.16.0-1.pgdg20.10+1 | groovy-pgdg | amd64, source pgbouncer | 1.16.1-1.pgdg20.04+1 | focal-pgdg | amd64, arm64, ppc64el, source pgbouncer | 1.16.1-1.pgdg18.04+1 | bionic-pgdg | amd64, arm64, i386, ppc64el, source pgbouncer | 1.15.0-1.pgdg16.04+1 | xenial-pgdg | amd64, i386, ppc64el, source pgbouncer-dbg | 1.15.0-1.pgdg16.04+1 | xenial-pgdg | amd64, i386, ppc64el pgbouncer-dbgsym | 1.16.1-1.pgdg+1 | sid-pgdg | amd64, arm64, i386, ppc64el pgbouncer-dbgsym | 1.16.1-1.pgdg120+1 | bookworm-pgdg | amd64, arm64, ppc64el pgbouncer-dbgsym | 1.16.1-1.pgdg110+1 | bullseye-pgdg | amd64, ppc64el pgbouncer-dbgsym | 1.16.0-1.pgdg110+1 | bullseye-pgdg | arm64 pgbouncer-dbgsym | 1.16.1-1.pgdg100+1 | buster-pgdg | amd64, arm64, i386, ppc64el pgbouncer-dbgsym | 1.16.1-1.pgdg90+1 | stretch-pgdg | amd64, i386, ppc64el pgbouncer-dbgsym | 1.16.1-1.pgdg21.10+1 | impish-pgdg | amd64 pgbouncer-dbgsym | 1.16.1-1.pgdg21.04+1 | hirsute-pgdg | amd64 pgbouncer-dbgsym | 1.16.0-1.pgdg20.10+1 | groovy-pgdg | amd64 pgbouncer-dbgsym | 1.16.1-1.pgdg20.04+1 | focal-pgdg | amd64, arm64, ppc64el pgbouncer-dbgsym | 1.16.1-1.pgdg18.04+1 | bionic-pgdg | amd64, arm64, i386, ppc64el The public mirrors serving apt.postgresql.org are synced hourly, the updated packages will be available there shortly.
pgsql-pkg-debian by date: