-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA512

Format: 1.8
Date: Tue, 12 Nov 2024 15:06:10 +0100
Source: postgresql-15
Binary: postgresql-doc-15
Architecture: all
Version: 15.9-0+deb12u1
Distribution: bookworm-security
Urgency: medium
Maintainer: all Build Daemon (x86-grnet-02) <buildd_all-x86-grnet-02@buildd.debian.org>
Changed-By: Christoph Berg <myon@debian.org>
Description:
 postgresql-doc-15 - documentation for the PostgreSQL database management system
Changes:
 postgresql-15 (15.9-0+deb12u1) bookworm-security; urgency=medium
 .
   * New upstream version 15.9.
 .
     + Ensure cached plans are marked as dependent on the calling role when RLS
       applies to a non-top-level table reference (Nathan Bossart)
 .
       If a CTE, subquery, sublink, security invoker view, or coercion
       projection in a query references a table with row-level security
       policies, we neglected to mark the resulting plan as potentially
       dependent on which role is executing it.  This could lead to later query
       executions in the same session using the wrong plan, and then returning
       or hiding rows that should have been hidden or returned instead.
 .
       The PostgreSQL Project thanks Wolfgang Walther for reporting this
       problem. (CVE-2024-10976)
 .
     + Make libpq discard error messages received during SSL or GSS protocol
       negotiation (Jacob Champion)
 .
       An error message received before encryption negotiation is completed
       might have been injected by a man-in-the-middle, rather than being real
       server output.  Reporting it opens the door to various security hazards;
       for example, the message might spoof a query result that a careless user
       could mistake for correct output.  The best answer seems to be to
       discard such data and rely only on libpq's own report of the connection
       failure.
 .
       The PostgreSQL Project thanks Jacob Champion for reporting this problem.
       (CVE-2024-10977)
 .
     + Fix unintended interactions between SET SESSION AUTHORIZATION and SET
       ROLE (Tom Lane)
 .
       The SQL standard mandates that SET SESSION AUTHORIZATION have a
       side-effect of doing SET ROLE NONE.  Our implementation of that was
       flawed, creating more interaction between the two settings than
       intended. Notably, rolling back a transaction that had done SET SESSION
       AUTHORIZATION would revert ROLE to NONE even if that had not been the
       previous state, so that the effective user ID might now be different
       from what it had been before the transaction.  Transiently setting
       session_authorization in a function SET clause had a similar effect. A
       related bug was that if a parallel worker inspected
       current_setting('role'), it saw none even when it should see something
       else.
 .
       The PostgreSQL Project thanks Tom Lane for reporting this problem.
       (CVE-2024-10978)
 .
     + Prevent trusted PL/Perl code from changing environment variables
       (Andrew Dunstan, Noah Misch)
 .
       The ability to manipulate process environment variables such as PATH
       gives an attacker opportunities to execute arbitrary code.  Therefore,
       trusted PLs must not offer the ability to do that.  To fix plperl,
       replace %ENV with a tied hash that rejects any modification attempt with
       a warning. Untrusted plperlu retains the ability to change the
       environment.
 .
       The PostgreSQL Project thanks Coby Abrams for reporting this problem.
       (CVE-2024-10979)
Checksums-Sha1:
 13d7881a3243e2a841cf247e6a1ac353c935aeb8 10404 postgresql-15_15.9-0+deb12u1_all-buildd.buildinfo
 7433a34f08f27840a500f861fb02b6315cac3f8f 2057536 postgresql-doc-15_15.9-0+deb12u1_all.deb
Checksums-Sha256:
 d63fd2fe9f51eb6f8d1e2204875cdb5c1faeef0cdb7018bceb8a044cf1c9da26 10404 postgresql-15_15.9-0+deb12u1_all-buildd.buildinfo
 bc561f80a729e0e06119470213a2fbf354f0efcf492650afba1eec76a1430b60 2057536 postgresql-doc-15_15.9-0+deb12u1_all.deb
Files:
 5c1c53e72e213a476c60e5c92900f563 10404 database optional postgresql-15_15.9-0+deb12u1_all-buildd.buildinfo
 a8f7c58f52bd2e50be397b151aa90e98 2057536 doc optional postgresql-doc-15_15.9-0+deb12u1_all.deb

-----BEGIN PGP SIGNATURE-----

iQIzBAEBCgAdFiEEQsM0t1ygJv2xcx3e4cagXJhOTXsFAmczb8gACgkQ4cagXJhO
TXtRiBAAkjsZydwqmBpgI/Hg+HQXkx3eQCINxA6GygSik/SZRZ55d3L57qZ8L6Ap
F7wWkArgGN1AbGmdpVREU+LQbIyj8LOl3jH3ac+AySFQDnRb2FFp/dGg3HnvUuLM
rKQS+YdzBhV241K8Wc7lagGtPhWwtn939Cjd8yrUTTepVYtF4zL5S+qDY8jbL5Sf
XBbIXXWdct6a+rSzY0O1f7WgWtyhw1R0JiSsddPe3i4GDkFXAJvoS29xsUKm00Vv
qHFAPbFmr72Zvu8w8+jDPOnMdkmhQxIxDKpHC2TTUhSxcS9tZWnfBSAFAOPi7vce
JudHgd7xNgrDnyeMxL0s5p8iDC7s2B1NpgLCcWLPfZYp8cUh3Aypn4fotPnN0Bx9
RCiHu9Yxs6ZqHL71htDqrZ7t+rwNK3PXJLAktxRyhto13nfaWGJIkrpgh4wpzbH3
O7p8wvihk0PWFERQO2WkcFeSOREZqy2HYtB19ncz4azXT1I07gEOFleourH329/B
DwxQH33jKcF2BWatAbynBOyMtZmHzFnczTXiV4wwIFxjW+xlKGMFONNjPQBgjX/T
AR1stzZItLu1vbzJbL34SwtYMd+jqm2FbzQFSzdYSglLCe/3CfKvRc51URIDc2li
m6VZX8seUGb4yO1zzwyKF62VHRqwsB8Af4T6fSJNppqfFvRTKdI=
=bn4/
-----END PGP SIGNATURE-----