summaryrefslogtreecommitdiffstats
path: root/debian/changelog
diff options
context:
space:
mode:
Diffstat (limited to '')
-rw-r--r--debian/changelog191
1 files changed, 191 insertions, 0 deletions
diff --git a/debian/changelog b/debian/changelog
new file mode 100644
index 0000000..9e0e440
--- /dev/null
+++ b/debian/changelog
@@ -0,0 +1,191 @@
+postgresql-14 (14.5-3) unstable; urgency=medium
+
+ * Stop building lib packages, postgresql-15 is already in unstable..
+ (Closes: #1022152)
+
+ -- Christoph Berg <myon@debian.org> Sat, 22 Oct 2022 14:48:48 +0200
+
+postgresql-14 (14.5-2) unstable; urgency=medium
+
+ * Test-Depend on locales-all instead of locales.
+ * Add Italian debconf translation by Ceppo, thanks! (Closes: #1019162)
+
+ -- Christoph Berg <myon@debian.org> Fri, 09 Sep 2022 22:23:26 +0200
+
+postgresql-14 (14.5-1) unstable; urgency=medium
+
+ * New upstream version.
+
+ + Do not let extension scripts replace objects not already belonging to
+ the extension (Tom Lane) (CVE-2022-2625)
+
+ This change prevents extension scripts from doing CREATE OR REPLACE if
+ there is an existing object that does not belong to the extension. It
+ also prevents CREATE IF NOT EXISTS in the same situation. This prevents
+ a form of trojan-horse attack in which a hostile database user could
+ become the owner of an extension object and then modify it to compromise
+ future uses of the object by other users. As a side benefit, it also
+ reduces the risk of accidentally replacing objects one did not mean to.
+
+ The PostgreSQL Project thanks Sven Klemm for reporting this problem.
+
+ * Update lintian overrides.
+
+ -- Christoph Berg <myon@debian.org> Wed, 10 Aug 2022 14:45:40 +0200
+
+postgresql-14 (14.4-1) unstable; urgency=medium
+
+ * New upstream release.
+
+ + Prevent possible corruption of indexes created or rebuilt with the
+ CONCURRENTLY option (Álvaro Herrera)
+
+ An optimization added in v14 caused CREATE INDEX ... CONCURRENTLY and
+ REINDEX ... CONCURRENTLY to sometimes miss indexing rows that were
+ updated during the index build. Revert that optimization. It is
+ recommended that any indexes made with the CONCURRENTLY option be
+ rebuilt after installing this update. (Alternatively, rebuild them
+ without CONCURRENTLY.)
+
+ -- Christoph Berg <myon@debian.org> Tue, 14 Jun 2022 09:49:41 +0200
+
+postgresql-14 (14.3-1) unstable; urgency=medium
+
+ * New upstream release.
+
+ * Confine additional operations within security restricted operation
+ sandboxes (Sergey Shinderuk, Noah Misch)
+
+ Autovacuum, CLUSTER, CREATE INDEX, REINDEX, REFRESH MATERIALIZED VIEW,
+ and pg_amcheck activated the security restricted operation protection
+ mechanism too late, or even not at all in some code paths. A user having
+ permission to create non-temporary objects within a database could
+ define an object that would execute arbitrary SQL code with superuser
+ permissions the next time that autovacuum processed the object, or that
+ some superuser ran one of the affected commands against it.
+
+ The PostgreSQL Project thanks Alexander Lakhin for reporting this
+ problem. (CVE-2022-1552)
+
+ * Fix default signature length for gist_ltree_ops indexes
+ (Tomas Vondra, Alexander Korotkov)
+
+ The default signature length (hash size) for GiST indexes on ltree
+ columns was accidentally changed while upgrading that operator class to
+ support operator class parameters. If any operations had been done on
+ such an index without first upgrading the ltree extension to version
+ 1.2, they were done assuming that the signature length was 28 bytes
+ rather than the intended 8. This means it is very likely that such
+ indexes are now corrupt. For safety we recommend re-indexing all GiST
+ indexes on ltree columns after installing this update. (Note that GiST
+ indexes on ltree[] columns, that is arrays of ltree, are not affected.)
+
+ -- Christoph Berg <myon@debian.org> Tue, 10 May 2022 10:34:28 +0200
+
+postgresql-14 (14.2-1) unstable; urgency=medium
+
+ * New upstream release.
+
+ -- Christoph Berg <myon@debian.org> Wed, 09 Feb 2022 10:39:43 +0100
+
+postgresql-14 (14.1-5) unstable; urgency=medium
+
+ * Provide postgresql-14-jit-llvm (= ${llvm:Version}) so extensions can
+ depend on a matching llvm version.
+
+ -- Christoph Berg <myon@debian.org> Mon, 03 Jan 2022 16:08:18 +0100
+
+postgresql-14 (14.1-4) unstable; urgency=medium
+
+ [ Christoph Berg ]
+ * Disable LLVM JIT on s390x for now. (See #1002029)
+
+ [ Christian Ehrhardt ]
+ * postgresql-common/server/postgresql.mk: avoid gcc 11 ICE on armhf and
+ armel.
+
+ -- Christoph Berg <myon@debian.org> Mon, 20 Dec 2021 18:21:21 +0100
+
+postgresql-14 (14.1-3) unstable; urgency=medium
+
+ * Use system default clang/llvm version. (Closes: #1000915)
+ * Use centralized debian/rules logic in postgresql-common.
+
+ -- Christoph Berg <myon@debian.org> Fri, 03 Dec 2021 09:56:49 +0100
+
+postgresql-14 (14.1-2) unstable; urgency=medium
+
+ * Enable outline-atomics on arm64 (affects Ubuntu focal only).
+
+ -- Christoph Berg <myon@debian.org> Tue, 16 Nov 2021 11:56:37 +0100
+
+postgresql-14 (14.1-1) unstable; urgency=medium
+
+ * New upstream release.
+
+ + Make the server and libpq reject extraneous data after an SSL or GSS
+ encryption handshake (Tom Lane)
+
+ A man-in-the-middle with the ability to inject data into the TCP
+ connection could stuff some cleartext data into the start of a
+ supposedly encryption-protected database session.
+
+ This could be abused to send faked SQL commands to the server, although
+ that would only work if the server did not demand any authentication
+ data. (However, a server relying on SSL certificate authentication
+ might well not do so.) (CVE-2021-23214)
+
+ This could probably be abused to inject faked responses to the client's
+ first few queries, although other details of libpq's behavior make that
+ harder than it sounds. A different line of attack is to exfiltrate the
+ client's password, or other sensitive data that might be sent early in
+ the session. That has been shown to be possible with a server
+ vulnerable to CVE-2021-23214. (CVE-2021-23222)
+
+ The PostgreSQL Project thanks Jacob Champion for reporting these
+ problems.
+
+ * libpq-dev: Depend on libssl-dev, `pkg-config --exists libpq` requires it.
+
+ -- Christoph Berg <myon@debian.org> Fri, 05 Nov 2021 12:05:46 +0100
+
+postgresql-14 (14.0-1) unstable; urgency=medium
+
+ * First PG14 release.
+ * Depend on postgresql-common 229 for scram-sha-256 authentication by
+ default.
+
+ -- Christoph Berg <myon@debian.org> Tue, 28 Sep 2021 13:56:00 +0200
+
+postgresql-14 (14~rc1-1) experimental; urgency=medium
+
+ * First PG14 release candidate.
+ * Enable spinlocks on riscv64.
+ * Fix awk to be mawk, spotted by Yangfl. (Closes: #987786)
+ * configure.ac: Remove check for autoconf 2.69.
+ * Spanish debconf translation by Jonathan Bustillos, thanks!
+ (Closes: #986775)
+ * Flatten debian/*.lintian-overrides symlinks.
+
+ -- Christoph Berg <myon@debian.org> Thu, 23 Sep 2021 12:39:42 +0200
+
+postgresql-14 (14~beta3-1) experimental; urgency=medium
+
+ * New beta version.
+ * libpq5.symbols: Add PQsendFlushRequest.
+
+ -- Christoph Berg <myon@debian.org> Tue, 10 Aug 2021 13:11:12 +0200
+
+postgresql-14 (14~beta2-1) experimental; urgency=medium
+
+ * New beta version.
+ * libpq5.symbols: Add PQmblenBounded, PQsetTraceFlags, remove PQtraceSetFlags.
+ * debian/tests/installcheck: Use --make-testtablespace-dir.
+
+ -- Christoph Berg <myon@debian.org> Wed, 23 Jun 2021 11:03:06 +0200
+
+postgresql-14 (14~beta1-1) experimental; urgency=medium
+
+ * New major upstream version 14; packaging based on postgresql-13.
+
+ -- Christoph Berg <myon@debian.org> Tue, 18 May 2021 13:40:56 +0200