-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA512

Format: 1.8
Date: Tue, 10 Feb 2026 11:50:28 +0100
Source: postgresql-15
Binary: libecpg-compat3 libecpg-compat3-dbgsym libecpg-dev libecpg-dev-dbgsym libecpg6 libecpg6-dbgsym libpgtypes3 libpgtypes3-dbgsym libpq-dev libpq5 libpq5-dbgsym postgresql-15 postgresql-15-dbgsym postgresql-client-15 postgresql-client-15-dbgsym postgresql-plperl-15 postgresql-plperl-15-dbgsym postgresql-plpython3-15 postgresql-plpython3-15-dbgsym postgresql-pltcl-15 postgresql-pltcl-15-dbgsym postgresql-server-dev-15
Architecture: mipsel
Version: 15.16-0+deb12u1
Distribution: bookworm-security
Urgency: medium
Maintainer: mipsel Build Daemon (mipsel-osuosl-03) <buildd_mips64el-mipsel-osuosl-03@buildd.debian.org>
Changed-By: Christoph Berg <myon@debian.org>
Description:
 libecpg-compat3 - older version of run-time library for ECPG programs
 libecpg-dev - development files for ECPG (Embedded PostgreSQL for C)
 libecpg6   - run-time library for ECPG programs
 libpgtypes3 - shared library libpgtypes for PostgreSQL 15
 libpq-dev  - header files for libpq5 (PostgreSQL library)
 libpq5     - PostgreSQL C client library
 postgresql-15 - The World's Most Advanced Open Source Relational Database
 postgresql-client-15 - front-end programs for PostgreSQL 15
 postgresql-plperl-15 - PL/Perl procedural language for PostgreSQL 15
 postgresql-plpython3-15 - PL/Python 3 procedural language for PostgreSQL 15
 postgresql-pltcl-15 - PL/Tcl procedural language for PostgreSQL 15
 postgresql-server-dev-15 - development files for PostgreSQL 15 server-side programming
Changes:
 postgresql-15 (15.16-0+deb12u1) bookworm-security; urgency=medium
 .
   * New upstream version 15.16.
 .
     + Guard against unexpected dimensions of oidvector/int2vector (Tom Lane)
 .
       These data types are expected to be 1-dimensional arrays containing no
       nulls, but there are cast pathways that permit violating those
       expectations.  Add checks to some functions that were depending on those
       expectations without verifying them, and could misbehave in consequence.
 .
       The PostgreSQL Project thanks Altan Birler for reporting this problem.
       (CVE-2026-2003)
 .
     + Harden selectivity estimators against being attached to operators that
       accept unexpected data types (Tom Lane)
 .
       contrib/intarray contained a selectivity estimation function that could
       be abused for arbitrary code execution, because it did not check that
       its input was of the expected data type.  Third-party extensions should
       check for similar hazards and add defenses using the technique intarray
       now uses. Since such extension fixes will take time, we now require
       superuser privilege to attach a non-built-in selectivity estimator to an
       operator.
 .
       The PostgreSQL Project thanks Daniel Firer, as part of zeroday.cloud,
       for reporting this problem. (CVE-2026-2004)
 .
     + Fix buffer overrun in contrib/pgcrypto's PGP decryption functions
       (Michael Paquier)
 .
       Decrypting a crafted message with an overlength session key caused a
       buffer overrun, with consequences as bad as arbitrary code execution.
 .
       The PostgreSQL Project thanks Team Xint Code, as part of zeroday.cloud,
       for reporting this problem. (CVE-2026-2005)
 .
     + Fix inadequate validation of multibyte character lengths
       (Thomas Munro, Noah Misch)
 .
       Assorted bugs allowed an attacker able to issue crafted SQL to overrun
       string buffers, with consequences as bad as arbitrary code execution.
       After these fixes, applications may observe invalid byte sequence for
       encoding errors when string functions process invalid text that has been
       stored in the database.
 .
       The PostgreSQL Project thanks Paul Gerste and Moritz Sanft, as part of
       zeroday.cloud, for reporting this problem. (CVE-2026-2006)
Checksums-Sha1:
 468e4ec3443582d326dc3e946848c842ab1233f3 17872 libecpg-compat3-dbgsym_15.16-0+deb12u1_mipsel.deb
 e6f9a892dfb90ce9e3a2fcb4ec3279f06c62907e 20360 libecpg-compat3_15.16-0+deb12u1_mipsel.deb
 ba49cdb337d544278e3a61e7db4d8d9a1340ac7f 261264 libecpg-dev-dbgsym_15.16-0+deb12u1_mipsel.deb
 d88b69c8a605d37aaffdb9dd289021132e5b1e16 286480 libecpg-dev_15.16-0+deb12u1_mipsel.deb
 6ef336f8aa9195e82b28c69a9e810724a4973541 115648 libecpg6-dbgsym_15.16-0+deb12u1_mipsel.deb
 93522ab7e7797fcedbe2a58fc944ca89cf18637b 62360 libecpg6_15.16-0+deb12u1_mipsel.deb
 bb6d346c7760209a3f2a0fa484799f5790e8ffa6 91636 libpgtypes3-dbgsym_15.16-0+deb12u1_mipsel.deb
 517d09aa5a302bd3d66c043b7222fddbae04c92f 47684 libpgtypes3_15.16-0+deb12u1_mipsel.deb
 b6263ff7396c08e69caabdbe3ee9b83333b09da0 154292 libpq-dev_15.16-0+deb12u1_mipsel.deb
 bd2fbca0690d4ee5fe5dbf869c7a52a5932cd7dc 287216 libpq5-dbgsym_15.16-0+deb12u1_mipsel.deb
 9c1ccd07d5f82d57b1f2f63141c71df196438723 182744 libpq5_15.16-0+deb12u1_mipsel.deb
 8537ffceceecf07819b2b07ad173cd5a52cc381d 16752256 postgresql-15-dbgsym_15.16-0+deb12u1_mipsel.deb
 4a8f374a12f1d9c2147712cd1ac25169b9d86839 17150 postgresql-15_15.16-0+deb12u1_mipsel-buildd.buildinfo
 c9be199d169cfcbf4ff98a9b9d7855eaa079804f 16328748 postgresql-15_15.16-0+deb12u1_mipsel.deb
 1b551e21c231c9344cbb74d159d9d10634045e34 2539864 postgresql-client-15-dbgsym_15.16-0+deb12u1_mipsel.deb
 3e8eeff8637aba10dac68de36048784d4189d44d 1678592 postgresql-client-15_15.16-0+deb12u1_mipsel.deb
 46f71f7fa6896ca10eb2e0dd9b926090d7dce8e9 184648 postgresql-plperl-15-dbgsym_15.16-0+deb12u1_mipsel.deb
 308791160c7c44dd6c8277867369bf435b78fec1 89092 postgresql-plperl-15_15.16-0+deb12u1_mipsel.deb
 e4812fa4a9cd3f2a4c4e20fc7bf34eabc5f33a19 176176 postgresql-plpython3-15-dbgsym_15.16-0+deb12u1_mipsel.deb
 975d927aa98090e4f4cdcb2b3253bf80adf1c655 107636 postgresql-plpython3-15_15.16-0+deb12u1_mipsel.deb
 edb2009f8b4cdb1442814dc04d6bc98f2888181a 80176 postgresql-pltcl-15-dbgsym_15.16-0+deb12u1_mipsel.deb
 9059872d828785c215902e5d7f19af2210ab0630 43484 postgresql-pltcl-15_15.16-0+deb12u1_mipsel.deb
 cdd5c42769f265d2fdb491c7be049a3190cd8a6d 1161296 postgresql-server-dev-15_15.16-0+deb12u1_mipsel.deb
Checksums-Sha256:
 c98593cca12c57d852e6876c65f48bc893719c08de604dffd8fd6dca54a0998e 17872 libecpg-compat3-dbgsym_15.16-0+deb12u1_mipsel.deb
 f4c9353241f20d9b40a1c81056c4135b4931c36b8fc4cefe33c75988e13f2343 20360 libecpg-compat3_15.16-0+deb12u1_mipsel.deb
 f673ff75ca08407f40b19efc24e5ddf2a9ef3f9119a3ed4523817db56167c587 261264 libecpg-dev-dbgsym_15.16-0+deb12u1_mipsel.deb
 6e6ea442b595f1a97bd982808ed5d4d0dabd3cc037ab555717a0c6bec562f84a 286480 libecpg-dev_15.16-0+deb12u1_mipsel.deb
 4903d6e5cb744dd5cdcb02fcb2571a7e75f9e18da8a1d716cc426b600b73c25a 115648 libecpg6-dbgsym_15.16-0+deb12u1_mipsel.deb
 41f337957918fcddf4cc1bd0b46b0ff9b1a45b1300a5ce420aa6d1fe70408b9b 62360 libecpg6_15.16-0+deb12u1_mipsel.deb
 0b3a5d19b947570c0d3fc5cdda6a71e621376dcedd92b8abcdd28bd4f0d48318 91636 libpgtypes3-dbgsym_15.16-0+deb12u1_mipsel.deb
 2bcfd0aeb39ecb519b248e12110a6bb5da910e7f030d3856d08df0a9a709e802 47684 libpgtypes3_15.16-0+deb12u1_mipsel.deb
 1d658d7e4856dd57b4603cdc3ed2cd396fa0c6616226f976d3f36b1a50da5adc 154292 libpq-dev_15.16-0+deb12u1_mipsel.deb
 377472c0fc3efa8cd7eb8a514ba6649769fc1513197080063661f396eca06ed3 287216 libpq5-dbgsym_15.16-0+deb12u1_mipsel.deb
 9ea83476abe6b81fa6af93527a210cde226dcd9f155c51971590e9535edd556b 182744 libpq5_15.16-0+deb12u1_mipsel.deb
 6226b06ea7ca532115274f59fdb29bf9593be29510e639e3b10931a11400069b 16752256 postgresql-15-dbgsym_15.16-0+deb12u1_mipsel.deb
 4bb722fad4f9ab224f9288bf7659fc05c713157acec076e1eaed1d2d9fba1442 17150 postgresql-15_15.16-0+deb12u1_mipsel-buildd.buildinfo
 d2931ca4a4521465fa53372bec552026a9ade9fc49ac82f5dab46ef541cb4d98 16328748 postgresql-15_15.16-0+deb12u1_mipsel.deb
 dc9a1cbf0ec7a0f699b8729c96f20155a46c5e6acc4e80fb682aeaaf6fb95961 2539864 postgresql-client-15-dbgsym_15.16-0+deb12u1_mipsel.deb
 f0ba6de6e038d3915d6172f480bd46e812b7a974c90a5b89efa0ee2d4b18efac 1678592 postgresql-client-15_15.16-0+deb12u1_mipsel.deb
 9366e94c9c7a02a1ab33a195c0940ff201c22bbf38141edd5ca9d264decd4503 184648 postgresql-plperl-15-dbgsym_15.16-0+deb12u1_mipsel.deb
 df37e72748600b7bff927af8602d4e383ead5fb0b8e2e6ec51dcf3f546b48f76 89092 postgresql-plperl-15_15.16-0+deb12u1_mipsel.deb
 6bbc817a7d96d61829480738af7fb9be862ce32ca310ab5e655f32af07cea715 176176 postgresql-plpython3-15-dbgsym_15.16-0+deb12u1_mipsel.deb
 4813823dfc54529f8a8cf4dcd3da2fb9bb8d1b1e0cb28af4578379fdd788d0d6 107636 postgresql-plpython3-15_15.16-0+deb12u1_mipsel.deb
 0c6d5f14226167751f51b4ba1f5a7012caec13ee39eece0c335be35ef4d2dbed 80176 postgresql-pltcl-15-dbgsym_15.16-0+deb12u1_mipsel.deb
 78090c01fa18e7abb27a6032e1753fe4ea00aeb6dd347a7fb6df05210f44e704 43484 postgresql-pltcl-15_15.16-0+deb12u1_mipsel.deb
 224cbc55ef1f91cbdaf1af49ac656525df437124689e96828dad196ab67bfcea 1161296 postgresql-server-dev-15_15.16-0+deb12u1_mipsel.deb
Files:
 6982ba915f28cd7944863f76aa20b04c 17872 debug optional libecpg-compat3-dbgsym_15.16-0+deb12u1_mipsel.deb
 bad7bf265bb4b70dd8b787a7aba4d37c 20360 libs optional libecpg-compat3_15.16-0+deb12u1_mipsel.deb
 22d811bcd504c183bb1600d516603375 261264 debug optional libecpg-dev-dbgsym_15.16-0+deb12u1_mipsel.deb
 1bb48a535ae58f5ff803919cf7317d34 286480 libdevel optional libecpg-dev_15.16-0+deb12u1_mipsel.deb
 0e4868f9726586cb2b87f0580dcefe4e 115648 debug optional libecpg6-dbgsym_15.16-0+deb12u1_mipsel.deb
 c495b55a78296045b0aacd4465b406b3 62360 libs optional libecpg6_15.16-0+deb12u1_mipsel.deb
 28f48d49ab6169039545075369762859 91636 debug optional libpgtypes3-dbgsym_15.16-0+deb12u1_mipsel.deb
 eaba9e71259dbfdc451c187f03612a77 47684 libs optional libpgtypes3_15.16-0+deb12u1_mipsel.deb
 9adad96d07bfa36183e728973052868e 154292 libdevel optional libpq-dev_15.16-0+deb12u1_mipsel.deb
 440fe2a08bb65a20eead688959760473 287216 debug optional libpq5-dbgsym_15.16-0+deb12u1_mipsel.deb
 adc4c71c2c6cccc544bdcb76d73248cf 182744 libs optional libpq5_15.16-0+deb12u1_mipsel.deb
 43e62004becc13853595d3071f31e73a 16752256 debug optional postgresql-15-dbgsym_15.16-0+deb12u1_mipsel.deb
 fdcee1ffffcb7a6233f0bc0668f59c33 17150 database optional postgresql-15_15.16-0+deb12u1_mipsel-buildd.buildinfo
 0d906f1d2ee09d32c16093f871aceb2d 16328748 database optional postgresql-15_15.16-0+deb12u1_mipsel.deb
 292d9f1a4a203378aece3bf9dd570e1e 2539864 debug optional postgresql-client-15-dbgsym_15.16-0+deb12u1_mipsel.deb
 a2d6b1b6157c57aee8275ea3bd43e582 1678592 database optional postgresql-client-15_15.16-0+deb12u1_mipsel.deb
 0947bc642db001160421b4ceb0f238be 184648 debug optional postgresql-plperl-15-dbgsym_15.16-0+deb12u1_mipsel.deb
 10ead35890c75b48ff26654c11f092e2 89092 database optional postgresql-plperl-15_15.16-0+deb12u1_mipsel.deb
 32fdcf7d16db4f5bc14d0582b0d32024 176176 debug optional postgresql-plpython3-15-dbgsym_15.16-0+deb12u1_mipsel.deb
 950bf7e7583812f382c0bdbf8a154038 107636 database optional postgresql-plpython3-15_15.16-0+deb12u1_mipsel.deb
 888393f2cd8350520a0b478f3580ab3f 80176 debug optional postgresql-pltcl-15-dbgsym_15.16-0+deb12u1_mipsel.deb
 c6cf46ba49fccaa809a16028e30c829b 43484 database optional postgresql-pltcl-15_15.16-0+deb12u1_mipsel.deb
 ba66e286a1ec284365d73a29bc2d93e9 1161296 libdevel optional postgresql-server-dev-15_15.16-0+deb12u1_mipsel.deb

-----BEGIN PGP SIGNATURE-----

iQIzBAEBCgAdFiEEesE3YcWKZXIkRPMemf85J+x5/aoFAmmLiHsACgkQmf85J+x5
/ao1lw//SKzQXQzTv52HHHpXNtXbtr1HU2Ry+A0H+fHu4OjKMp0wp9XVPngnBeT+
5Kf78OqBZDZIk7CQg9w5oHT7DksXQRG1QOUsQzXiyZCDNQ2xsxV9HeCCKbNX+oko
3x2DeToqlechzFfmIamUHK3mi9QpHQAaT/SAxIumQBsF/ioZJyjsBAQJMRx9ECdV
VgsAa0gAYRvSYPo4f5KnPMnsS/F6sAZkQr5p7CZfu11qfFNjBaPnYRxidWjf8pSN
CGp9CpGvwq6hALNF2/8ov/kHf1oKGgmZttb8K9dcOnfV+pzAg9jwvsrIvQFTo/rp
LwcHSbz22ok1mASnpdpwkn6Up92eX5TjnQJoukGm3WG8G7jG+6oAre1l0AYm6Dwg
d7gGuyID+2XYhUv2wD56/5fkSqQ8NFqvuwEpvUZIjMpsDlZbLPJftYOczrEAHJw7
g4Ia5KPdhSb9hg9wB7A/iWb/GtC+WwYZxW8nGg9R+vtji4WE+NOccb3zsvSwKqX/
QB3Tejn9a571rj940E3jozq84G5G6rQMTZwxPQczk+wlLjMCNQeuCfrC6b5lkaXr
01a4Bqvx7lLGbpwNOzQKDTWEf+eOE3LoeoQUOwzN0iGcu9og+kner4L1FXJEMryK
1V6NZNwaTIA1zV0dA+gWPhvAet07FSg0JQhSThbVsccFPHZwFZU=
=Mzwo
-----END PGP SIGNATURE-----