1 files changed, 191 insertions, 0 deletions

diff --git a/debian/changelog b/debian/changelog
new file mode 100644
index 0000000..9e0e440
--- /dev/null
+++ b/debian/changelog
@@ -0,0 +1,191 @@
+postgresql-14 (14.5-3) unstable; urgency=medium
+
+  * Stop building lib packages, postgresql-15 is already in unstable..
+    (Closes: #1022152)
+
+ -- Christoph Berg <myon@debian.org>  Sat, 22 Oct 2022 14:48:48 +0200
+
+postgresql-14 (14.5-2) unstable; urgency=medium
+
+  * Test-Depend on locales-all instead of locales.
+  * Add Italian debconf translation by Ceppo, thanks! (Closes: #1019162)
+
+ -- Christoph Berg <myon@debian.org>  Fri, 09 Sep 2022 22:23:26 +0200
+
+postgresql-14 (14.5-1) unstable; urgency=medium
+
+  * New upstream version.
+
+    + Do not let extension scripts replace objects not already belonging to
+      the extension (Tom Lane) (CVE-2022-2625)
+
+      This change prevents extension scripts from doing CREATE OR REPLACE if
+      there is an existing object that does not belong to the extension.  It
+      also prevents CREATE IF NOT EXISTS in the same situation.  This prevents
+      a form of trojan-horse attack in which a hostile database user could
+      become the owner of an extension object and then modify it to compromise
+      future uses of the object by other users.  As a side benefit, it also
+      reduces the risk of accidentally replacing objects one did not mean to.
+
+      The PostgreSQL Project thanks Sven Klemm for reporting this problem.
+
+  * Update lintian overrides.
+
+ -- Christoph Berg <myon@debian.org>  Wed, 10 Aug 2022 14:45:40 +0200
+
+postgresql-14 (14.4-1) unstable; urgency=medium
+
+  * New upstream release.
+
+    + Prevent possible corruption of indexes created or rebuilt with the
+      CONCURRENTLY option (Álvaro Herrera)
+
+      An optimization added in v14 caused CREATE INDEX ... CONCURRENTLY and
+      REINDEX ... CONCURRENTLY to sometimes miss indexing rows that were
+      updated during the index build.  Revert that optimization. It is
+      recommended that any indexes made with the CONCURRENTLY option be
+      rebuilt after installing this update.  (Alternatively, rebuild them
+      without CONCURRENTLY.)
+
+ -- Christoph Berg <myon@debian.org>  Tue, 14 Jun 2022 09:49:41 +0200
+
+postgresql-14 (14.3-1) unstable; urgency=medium
+
+  * New upstream release.
+
+    * Confine additional operations within security restricted operation
+      sandboxes (Sergey Shinderuk, Noah Misch)
+
+      Autovacuum, CLUSTER, CREATE INDEX, REINDEX, REFRESH MATERIALIZED VIEW,
+      and pg_amcheck activated the security restricted operation protection
+      mechanism too late, or even not at all in some code paths. A user having
+      permission to create non-temporary objects within a database could
+      define an object that would execute arbitrary SQL code with superuser
+      permissions the next time that autovacuum processed the object, or that
+      some superuser ran one of the affected commands against it.
+
+      The PostgreSQL Project thanks Alexander Lakhin for reporting this
+      problem. (CVE-2022-1552)
+
+    * Fix default signature length for gist_ltree_ops indexes
+      (Tomas Vondra, Alexander Korotkov)
+
+      The default signature length (hash size) for GiST indexes on ltree
+      columns was accidentally changed while upgrading that operator class to
+      support operator class parameters. If any operations had been done on
+      such an index without first upgrading the ltree extension to version
+      1.2, they were done assuming that the signature length was 28 bytes
+      rather than the intended 8.  This means it is very likely that such
+      indexes are now corrupt.  For safety we recommend re-indexing all GiST
+      indexes on ltree columns after installing this update.  (Note that GiST
+      indexes on ltree[] columns, that is arrays of ltree, are not affected.)
+
+ -- Christoph Berg <myon@debian.org>  Tue, 10 May 2022 10:34:28 +0200
+
+postgresql-14 (14.2-1) unstable; urgency=medium
+
+  * New upstream release.
+
+ -- Christoph Berg <myon@debian.org>  Wed, 09 Feb 2022 10:39:43 +0100
+
+postgresql-14 (14.1-5) unstable; urgency=medium
+
+  * Provide postgresql-14-jit-llvm (= ${llvm:Version}) so extensions can
+    depend on a matching llvm version.
+
+ -- Christoph Berg <myon@debian.org>  Mon, 03 Jan 2022 16:08:18 +0100
+
+postgresql-14 (14.1-4) unstable; urgency=medium
+
+  [ Christoph Berg ]
+  * Disable LLVM JIT on s390x for now. (See #1002029)
+
+  [ Christian Ehrhardt ]
+  * postgresql-common/server/postgresql.mk: avoid gcc 11 ICE on armhf and
+    armel.
+
+ -- Christoph Berg <myon@debian.org>  Mon, 20 Dec 2021 18:21:21 +0100
+
+postgresql-14 (14.1-3) unstable; urgency=medium
+
+  * Use system default clang/llvm version. (Closes: #1000915)
+  * Use centralized debian/rules logic in postgresql-common.
+
+ -- Christoph Berg <myon@debian.org>  Fri, 03 Dec 2021 09:56:49 +0100
+
+postgresql-14 (14.1-2) unstable; urgency=medium
+
+  * Enable outline-atomics on arm64 (affects Ubuntu focal only).
+
+ -- Christoph Berg <myon@debian.org>  Tue, 16 Nov 2021 11:56:37 +0100
+
+postgresql-14 (14.1-1) unstable; urgency=medium
+
+  * New upstream release.
+
+    + Make the server and libpq reject extraneous data after an SSL or GSS
+      encryption handshake (Tom Lane)
+
+      A man-in-the-middle with the ability to inject data into the TCP
+      connection could stuff some cleartext data into the start of a
+      supposedly encryption-protected database session.
+
+      This could be abused to send faked SQL commands to the server, although
+      that would only work if the server did not demand any authentication
+      data.  (However, a server relying on SSL certificate authentication
+      might well not do so.) (CVE-2021-23214)
+
+      This could probably be abused to inject faked responses to the client's
+      first few queries, although other details of libpq's behavior make that
+      harder than it sounds.  A different line of attack is to exfiltrate the
+      client's password, or other sensitive data that might be sent early in
+      the session.  That has been shown to be possible with a server
+      vulnerable to CVE-2021-23214. (CVE-2021-23222)
+
+      The PostgreSQL Project thanks Jacob Champion for reporting these
+      problems.
+
+  * libpq-dev: Depend on libssl-dev, `pkg-config --exists libpq` requires it.
+
+ -- Christoph Berg <myon@debian.org>  Fri, 05 Nov 2021 12:05:46 +0100
+
+postgresql-14 (14.0-1) unstable; urgency=medium
+
+  * First PG14 release.
+  * Depend on postgresql-common 229 for scram-sha-256 authentication by
+    default.
+
+ -- Christoph Berg <myon@debian.org>  Tue, 28 Sep 2021 13:56:00 +0200
+
+postgresql-14 (14~rc1-1) experimental; urgency=medium
+
+  * First PG14 release candidate.
+  * Enable spinlocks on riscv64.
+  * Fix awk to be mawk, spotted by Yangfl. (Closes: #987786)
+  * configure.ac: Remove check for autoconf 2.69.
+  * Spanish debconf translation by Jonathan Bustillos, thanks!
+    (Closes: #986775)
+  * Flatten debian/*.lintian-overrides symlinks.
+
+ -- Christoph Berg <myon@debian.org>  Thu, 23 Sep 2021 12:39:42 +0200
+
+postgresql-14 (14~beta3-1) experimental; urgency=medium
+
+  * New beta version.
+  * libpq5.symbols: Add PQsendFlushRequest.
+
+ -- Christoph Berg <myon@debian.org>  Tue, 10 Aug 2021 13:11:12 +0200
+
+postgresql-14 (14~beta2-1) experimental; urgency=medium
+
+  * New beta version.
+  * libpq5.symbols: Add PQmblenBounded, PQsetTraceFlags, remove PQtraceSetFlags.
+  * debian/tests/installcheck: Use --make-testtablespace-dir.
+
+ -- Christoph Berg <myon@debian.org>  Wed, 23 Jun 2021 11:03:06 +0200
+
+postgresql-14 (14~beta1-1) experimental; urgency=medium
+
+  * New major upstream version 14; packaging based on postgresql-13.
+
+ -- Christoph Berg <myon@debian.org>  Tue, 18 May 2021 13:40:56 +0200