libpgjava updated to version 42.7.11-1.pgdg+1 - Mailing list pgsql-pkg-debian
| From | apt.postgresql.org Repository Update |
|---|---|
| Subject | libpgjava updated to version 42.7.11-1.pgdg+1 |
| Date | |
| Msg-id | E1wI4nR-00000006Q0Q-3DPW@atalia.postgresql.org Whole thread |
| List | pgsql-pkg-debian |
The package libpgjava was updated on apt.postgresql.org.
apt-listchanges: Changelogs
---------------------------
libpgjava (42.7.11-1.pgdg+1) sid-pgdg; urgency=medium
* Rebuild for sid-pgdg.
* No source changes.
-- PostgreSQL on Debian and Ubuntu <pgsql-pkg-debian@lists.postgresql.org> Wed, 29 Apr 2026 11:08:43 +0200
libpgjava (42.7.11-1) unstable; urgency=medium
* New upstream version 42.7.11.
* Limit SCRAM PBKDF2 iterations accepted from the server.
pgjdbc was vulnerable to a client-side denial of service in SCRAM-SHA-256
authentication, where a malicious or compromised PostgreSQL server could
specify an extremely large PBKDF2 iteration count, causing the client to
consume unbounded CPU and potentially exhaust connection pools. The fix
introduces a new scramMaxIterations connection property (defaulting to
100,000) to cap iteration counts before computation begins.
(CVE-2026-42198)
-- Christoph Berg <myon@debian.org> Wed, 29 Apr 2026 11:08:43 +0200
New version 42.7.11-1.pgdg+1:
libpgjava | 42.7.11-1.pgdg+1 | sid-pgdg | source
libpgjava | 42.7.10-1.pgdg+1 | sid-pgdg | source
libpgjava | 42.7.11-1.pgdg14+1 | forky-pgdg | source
libpgjava | 42.7.10-1.pgdg14+1 | forky-pgdg | source
libpgjava | 42.7.11-1.pgdg13+1 | trixie-pgdg | source
libpgjava | 42.7.10-1.pgdg13+1 | trixie-pgdg | source
libpgjava | 42.7.11-1.pgdg12+1 | bookworm-pgdg | source
libpgjava | 42.7.10-1.pgdg12+1 | bookworm-pgdg | source
libpgjava | 42.7.11-1.pgdg11+1 | bullseye-pgdg | source
libpgjava | 42.7.10-1.pgdg11+1 | bullseye-pgdg | source
libpgjava | 42.7.11-1.pgdg26.04+1 | resolute-pgdg | source
libpgjava | 42.7.10-1.pgdg26.04+1 | resolute-pgdg | source
libpgjava | 42.7.11-1.pgdg25.10+1 | questing-pgdg | source
libpgjava | 42.7.10-1.pgdg25.10+1 | questing-pgdg | source
libpgjava | 42.7.11-1.pgdg24.04+1 | noble-pgdg | source
libpgjava | 42.7.10-1.pgdg24.04+1 | noble-pgdg | source
libpgjava | 42.7.11-1.pgdg22.04+1 | jammy-pgdg | source
libpgjava | 42.7.10-1.pgdg22.04+1 | jammy-pgdg | source
libpostgresql-jdbc-java | 42.7.11-1.pgdg+1 | sid-pgdg | amd64, arm64, ppc64el
libpostgresql-jdbc-java | 42.7.10-1.pgdg+1 | sid-pgdg | amd64, arm64, ppc64el
libpostgresql-jdbc-java | 42.7.11-1.pgdg14+1 | forky-pgdg | amd64, arm64, ppc64el
libpostgresql-jdbc-java | 42.7.10-1.pgdg14+1 | forky-pgdg | amd64, arm64, ppc64el
libpostgresql-jdbc-java | 42.7.11-1.pgdg13+1 | trixie-pgdg | amd64, arm64, ppc64el
libpostgresql-jdbc-java | 42.7.10-1.pgdg13+1 | trixie-pgdg | amd64, arm64, ppc64el
libpostgresql-jdbc-java | 42.7.11-1.pgdg12+1 | bookworm-pgdg | amd64, arm64, ppc64el
libpostgresql-jdbc-java | 42.7.10-1.pgdg12+1 | bookworm-pgdg | amd64, arm64, ppc64el
libpostgresql-jdbc-java | 42.7.11-1.pgdg11+1 | bullseye-pgdg | amd64, arm64, ppc64el
libpostgresql-jdbc-java | 42.7.10-1.pgdg11+1 | bullseye-pgdg | amd64, arm64, ppc64el
libpostgresql-jdbc-java | 42.7.11-1.pgdg26.04+1 | resolute-pgdg | amd64, arm64, ppc64el
libpostgresql-jdbc-java | 42.7.10-1.pgdg26.04+1 | resolute-pgdg | amd64, arm64, ppc64el
libpostgresql-jdbc-java | 42.7.11-1.pgdg25.10+1 | questing-pgdg | amd64
libpostgresql-jdbc-java | 42.7.10-1.pgdg25.10+1 | questing-pgdg | amd64
libpostgresql-jdbc-java | 42.7.11-1.pgdg24.04+1 | noble-pgdg | amd64, arm64, ppc64el
libpostgresql-jdbc-java | 42.7.10-1.pgdg24.04+1 | noble-pgdg | amd64, arm64, ppc64el
libpostgresql-jdbc-java | 42.7.11-1.pgdg22.04+1 | jammy-pgdg | amd64, arm64, ppc64el
libpostgresql-jdbc-java | 42.7.10-1.pgdg22.04+1 | jammy-pgdg | amd64, arm64, ppc64el
The public mirrors serving apt.postgresql.org are synced hourly,
the updated packages will be available there shortly.
pgsql-pkg-debian by date: