Re: Bradford Boyle
> Hi All,
>
> PgBouncer 1.24.1 was just released and it contains a security fix for
> CVE-2025-2291 [0],[1]. I've updated the Debian package with this new
Hi Bradford,
thanks!
> version. The pytest suite is failing on jengus for oracular and plucky.
> I am able to run the pytest suite successfully for oracular and plucky
> locally using sbuild. One difference between my local system and jengus
The plucky test just worked there when I retried it. So it's either
flaky by itself, or the isolation between concurrent builds isn't as
good as should be. (It's based on "newpid", my totally awesome docker
reimplementation :*)
The final release build just passed for all dists without retrying.
> is that I do not have the PGDG apt repo added in my chroots. This makes
> me think the issue may be related to a particular version of postgres. I
> also noticed that pgbouncer does not have a pgversions file.
pgversions is only needed to tell pg_buildext which versions to loop
over. Pgbouncer is a client program that doesn't have to be built
separately for each version. (We could opt to run tests against each
version though. But most of the magic is in the wire protocol support
and that's the same for all versions.
> I will spend some more time tomorrow looking at this but I wanted to let
> the list know about the new upstream version. I also wanted to ask if
> anyone knows which versions of PostgreSQL PgBouncer supports; I tried
> quickly scanning the GitHub and documenation website but did not see
> that mentioned anywhere.
That usually means it's supporting all of them. (There is probably a
lower bound, but it's likely very old.)
Thanks,
Christoph
