-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA512 Format: 1.8 Date: Tue, 10 Feb 2026 11:26:19 +0100 Source: postgresql-17 Binary: postgresql-doc-17 Architecture: all Version: 17.8-0+deb13u1 Distribution: trixie-security Urgency: medium Maintainer: all Build Daemon (x86-csail-02) Changed-By: Christoph Berg Description: postgresql-doc-17 - documentation for the PostgreSQL database management system Changes: postgresql-17 (17.8-0+deb13u1) trixie-security; urgency=medium . * New upstream version 17.8. . + Guard against unexpected dimensions of oidvector/int2vector (Tom Lane) . These data types are expected to be 1-dimensional arrays containing no nulls, but there are cast pathways that permit violating those expectations. Add checks to some functions that were depending on those expectations without verifying them, and could misbehave in consequence. . The PostgreSQL Project thanks Altan Birler for reporting this problem. (CVE-2026-2003) . + Harden selectivity estimators against being attached to operators that accept unexpected data types (Tom Lane) . contrib/intarray contained a selectivity estimation function that could be abused for arbitrary code execution, because it did not check that its input was of the expected data type. Third-party extensions should check for similar hazards and add defenses using the technique intarray now uses. Since such extension fixes will take time, we now require superuser privilege to attach a non-built-in selectivity estimator to an operator. . The PostgreSQL Project thanks Daniel Firer, as part of zeroday.cloud, for reporting this problem. (CVE-2026-2004) . + Fix buffer overrun in contrib/pgcrypto's PGP decryption functions (Michael Paquier) . Decrypting a crafted message with an overlength session key caused a buffer overrun, with consequences as bad as arbitrary code execution. . The PostgreSQL Project thanks Team Xint Code, as part of zeroday.cloud, for reporting this problem. (CVE-2026-2005) . + Fix inadequate validation of multibyte character lengths (Thomas Munro, Noah Misch) . Assorted bugs allowed an attacker able to issue crafted SQL to overrun string buffers, with consequences as bad as arbitrary code execution. After these fixes, applications may observe invalid byte sequence for encoding errors when string functions process invalid text that has been stored in the database. . The PostgreSQL Project thanks Paul Gerste and Moritz Sanft, as part of zeroday.cloud, for reporting this problem. (CVE-2026-2006) Checksums-Sha1: 5423e144b849214beff17a898dc5ce9698faec5d 10238 postgresql-17_17.8-0+deb13u1_all-buildd.buildinfo a0c76c3f9621037e84b55368c5f743ff9ead83d1 2156648 postgresql-doc-17_17.8-0+deb13u1_all.deb Checksums-Sha256: 0eb19c7ba6a18fc1621ed1d897f6fe097ac93d595df8bc06822972c91ac87e2c 10238 postgresql-17_17.8-0+deb13u1_all-buildd.buildinfo 2920cd826d41c06a310a2a4f0017da46ee8930fce74854d9b87b38e106360a3c 2156648 postgresql-doc-17_17.8-0+deb13u1_all.deb Files: 10d13a06f4a665b76415574af65ce7d7 10238 database optional postgresql-17_17.8-0+deb13u1_all-buildd.buildinfo 56a3583133b7847fcb5a16316395d566 2156648 doc optional postgresql-doc-17_17.8-0+deb13u1_all.deb -----BEGIN PGP SIGNATURE----- iQIzBAEBCgAdFiEELusn8jY95Sf7obGlx30Wh8LXl/YFAmmLWIkACgkQx30Wh8LX l/YgIw/+IhglXr6Knlfrj/O29OIF1fdZP9kFajbOpZ6Ol8GiL5KU1e/tgs07yZxB Za+mOS/n5GCJdQ7i2Tsx8qiiixie4eHLXJ/6ell71yk71zSbSKRxTSgq9kdbZN0B 4xSW5VwmQzghORitbvGvR/0arESHaH5BIB3cCX1QZTUlbrokgUTVmCNbBRlqQapK OnhnZHSTZOt8Z95U64p25xwzhsF0G13FLvA20WUEpCfVPz3jVXceCP8FPTHS5GVY 6iTziE4rEh5nSxj99ztlF0L6YflipmaLZflSTI15tDal4aX84X3M+EIn+4bAxw0G RthsNi228pH9R+8j79u/Wg6qv+fxX0QSrY9Ciu6PqznmdxzhZPww3UJHNocvarFD vMjUdGvnFwcHnWEuvVGXLTaeS441gfEURJSfosxM8eXTyeSzDRa85btYRjkPtQxM Qe8/JE/MUIFjRWMWO4pjtb+tCceS0RZSi/vQA2rb0NWX+h5H5BXb81Z5z3jwaMvV gZfvieVStO0p7enJI+G/IPaVf5HZM9rU0x72x6IXztKz9JLtO4b+jYqxNdnnLHgi r92VbSEgXCahYjp7CEwBReQNbPTCMf2phRIsEp206kN+87dFpHERypzPbCVovPMj yxT/Rh318iGJu5K3klYVQ59d+I67aHpm2j+EwcZrKneYTe1D1IM= =v/mA -----END PGP SIGNATURE-----