Home > mailing lists

postgresql-15 (15.10-0+deb12u1) and a fix for CVE-2024-10978 - Mailing list pgsql-pkg-debian

From	Christoph Berg
Subject	postgresql-15 (15.10-0+deb12u1) and a fix for CVE-2024-10978
Date	November 21 17:51:30
Msg-id	Zz8ewkTOHug5VdcT@msg.df7cb.de Whole thread Raw
In response to	Re: PostgreSQL CVE-2024-7348 today (Moritz Mühlenhoff <jmm@inutil.org>)
Responses	Re: postgresql-15 (15.10-0+deb12u1) and a fix for CVE-2024-10978
List	pgsql-pkg-debian

Tree view

Re: Moritz Mühlenhoff
> Ok, no problem. We'll release that revised update via bookworm-security
> as well, then.

Hi,

new PG15 uploaded:

postgresql-15 (15.10-0+deb12u1) bookworm-security; urgency=medium

  * New upstream version 15.10.

    + Repair ABI break for extensions that work with struct ResultRelInfo

      Last week's minor releases unintentionally broke binary compatibility
      with timescaledb and several other extensions.  Restore the affected
      structure to its previous size, so that such extensions need not be
      rebuilt.

    + Restore functionality of ALTER {ROLE|DATABASE} SET role

      The fix for CVE-2024-10978 accidentally caused settings for role to not
      be applied if they come from non-interactive sources, including previous
      ALTER {ROLE|DATABASE} commands and the PGOPTIONS environment variable.

 -- Christoph Berg <myon@debian.org>  Tue, 19 Nov 2024 15:36:12 +0100


Christoph

pgsql-pkg-debian by date:

From: apt.postgresql.org Repository Update
Date: 19 November, 23:02:04
Subject: powa-collector updated to version 1.3.0-1.pgdg+1

From: apt.postgresql.org Repository Update
Date: 21 November, 18:49:11
Subject: powa-web updated to version 5.0.0-1.pgdg+1

postgresql-15 (15.10-0+deb12u1) and a fix for CVE-2024-10978 - Mailing list pgsql-pkg-debian

Previous

Next