-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA512

Format: 1.8
Date: Tue, 10 Feb 2026 11:26:19 +0100
Source: postgresql-17
Binary: libecpg-compat3 libecpg-compat3-dbgsym libecpg-dev libecpg-dev-dbgsym libecpg6 libecpg6-dbgsym libpgtypes3 libpgtypes3-dbgsym libpq-dev libpq5 libpq5-dbgsym postgresql-17 postgresql-17-dbgsym postgresql-client-17 postgresql-client-17-dbgsym postgresql-plperl-17 postgresql-plperl-17-dbgsym postgresql-plpython3-17 postgresql-plpython3-17-dbgsym postgresql-pltcl-17 postgresql-pltcl-17-dbgsym postgresql-server-dev-17 postgresql-server-dev-17-dbgsym
Architecture: amd64
Version: 17.8-0+deb13u1
Distribution: trixie-security
Urgency: medium
Maintainer: amd64 / i386 Build Daemon (x86-ubc-01) <buildd_amd64-x86-ubc-01@buildd.debian.org>
Changed-By: Christoph Berg <myon@debian.org>
Description:
 libecpg-compat3 - older version of run-time library for ECPG programs
 libecpg-dev - development files for ECPG (Embedded PostgreSQL for C)
 libecpg6   - run-time library for ECPG programs
 libpgtypes3 - shared library libpgtypes for PostgreSQL 17
 libpq-dev  - header files for libpq5 (PostgreSQL library)
 libpq5     - PostgreSQL C client library
 postgresql-17 - The World's Most Advanced Open Source Relational Database
 postgresql-client-17 - front-end programs for PostgreSQL 17
 postgresql-plperl-17 - PL/Perl procedural language for PostgreSQL 17
 postgresql-plpython3-17 - PL/Python 3 procedural language for PostgreSQL 17
 postgresql-pltcl-17 - PL/Tcl procedural language for PostgreSQL 17
 postgresql-server-dev-17 - development files for PostgreSQL 17 server-side programming
Changes:
 postgresql-17 (17.8-0+deb13u1) trixie-security; urgency=medium
 .
   * New upstream version 17.8.
 .
     + Guard against unexpected dimensions of oidvector/int2vector (Tom Lane)
 .
       These data types are expected to be 1-dimensional arrays containing no
       nulls, but there are cast pathways that permit violating those
       expectations.  Add checks to some functions that were depending on those
       expectations without verifying them, and could misbehave in consequence.
 .
       The PostgreSQL Project thanks Altan Birler for reporting this problem.
       (CVE-2026-2003)
 .
     + Harden selectivity estimators against being attached to operators that
       accept unexpected data types (Tom Lane)
 .
       contrib/intarray contained a selectivity estimation function that could
       be abused for arbitrary code execution, because it did not check that
       its input was of the expected data type.  Third-party extensions should
       check for similar hazards and add defenses using the technique intarray
       now uses. Since such extension fixes will take time, we now require
       superuser privilege to attach a non-built-in selectivity estimator to an
       operator.
 .
       The PostgreSQL Project thanks Daniel Firer, as part of zeroday.cloud,
       for reporting this problem. (CVE-2026-2004)
 .
     + Fix buffer overrun in contrib/pgcrypto's PGP decryption functions
       (Michael Paquier)
 .
       Decrypting a crafted message with an overlength session key caused a
       buffer overrun, with consequences as bad as arbitrary code execution.
 .
       The PostgreSQL Project thanks Team Xint Code, as part of zeroday.cloud,
       for reporting this problem. (CVE-2026-2005)
 .
     + Fix inadequate validation of multibyte character lengths
       (Thomas Munro, Noah Misch)
 .
       Assorted bugs allowed an attacker able to issue crafted SQL to overrun
       string buffers, with consequences as bad as arbitrary code execution.
       After these fixes, applications may observe invalid byte sequence for
       encoding errors when string functions process invalid text that has been
       stored in the database.
 .
       The PostgreSQL Project thanks Paul Gerste and Moritz Sanft, as part of
       zeroday.cloud, for reporting this problem. (CVE-2026-2006)
Checksums-Sha1:
 7701b934abc36e63678dca952bb1f87812359f2e 16496 libecpg-compat3-dbgsym_17.8-0+deb13u1_amd64.deb
 9fbea5984fbff6ca5e1615356e01abd95ddff03e 17580 libecpg-compat3_17.8-0+deb13u1_amd64.deb
 2da8e37e396582f7068da649beb796167a3393bb 276296 libecpg-dev-dbgsym_17.8-0+deb13u1_amd64.deb
 c5bfe26310f19a06b0163b697d15570af483ed1a 303772 libecpg-dev_17.8-0+deb13u1_amd64.deb
 7f5ec835547f1a5f438964ee07af2a2bb373eaa7 114788 libecpg6-dbgsym_17.8-0+deb13u1_amd64.deb
 2e853722d709f4ebc4195313974f1b2be43bbff7 62916 libecpg6_17.8-0+deb13u1_amd64.deb
 ea6303e73a14d45e970f02aecc33796f6775ecb9 90648 libpgtypes3-dbgsym_17.8-0+deb13u1_amd64.deb
 481416f076799eee06a97362f20066fe3f547a73 46188 libpgtypes3_17.8-0+deb13u1_amd64.deb
 6c3aaa7baa106222b0b1f7e1dc054f068d818165 151516 libpq-dev_17.8-0+deb13u1_amd64.deb
 3217c7787e17d99996f82d44a62f964faecfa068 298332 libpq5-dbgsym_17.8-0+deb13u1_amd64.deb
 9267f88c432e25b4ec57b7733cd0af6e2d389b78 227912 libpq5_17.8-0+deb13u1_amd64.deb
 a7284dcab3b3a8a14a0d06b84a25b7fcc175afda 19669964 postgresql-17-dbgsym_17.8-0+deb13u1_amd64.deb
 d5b65fba115012902a37444cb1b3eca97bffe635 17197 postgresql-17_17.8-0+deb13u1_amd64-buildd.buildinfo
 590af797e8a9af3876cdd147b96a18aa3cc264a4 16547444 postgresql-17_17.8-0+deb13u1_amd64.deb
 b3cee69f8a1efb78c22dc88e672c667f6be954d9 3005224 postgresql-client-17-dbgsym_17.8-0+deb13u1_amd64.deb
 6a7c025861280683cba576c48aa30892dc5736e0 2045580 postgresql-client-17_17.8-0+deb13u1_amd64.deb
 42469726ad547d876e632e717853f16ef4f3724c 203440 postgresql-plperl-17-dbgsym_17.8-0+deb13u1_amd64.deb
 3c4103eab00313345c8a96ba5928f90df22115fb 86316 postgresql-plperl-17_17.8-0+deb13u1_amd64.deb
 84bdd630550894ad3b5d9f3165b5114c2fd8ae81 204772 postgresql-plpython3-17-dbgsym_17.8-0+deb13u1_amd64.deb
 bd11b87774baa71de72c822dd06345abf1de7cbc 110660 postgresql-plpython3-17_17.8-0+deb13u1_amd64.deb
 94632723e7a3166ae2a7337a62718c4b11f4e272 85152 postgresql-pltcl-17-dbgsym_17.8-0+deb13u1_amd64.deb
 747fff67bb79febc3d5fa6725ea62d39f21bc883 43504 postgresql-pltcl-17_17.8-0+deb13u1_amd64.deb
 91e6f522ff5c74030cdf741da9142ac278d2fb0e 56064 postgresql-server-dev-17-dbgsym_17.8-0+deb13u1_amd64.deb
 21de820c476f5d26ff5a0743b8862dbf0fa1213c 1321944 postgresql-server-dev-17_17.8-0+deb13u1_amd64.deb
Checksums-Sha256:
 b5a7fc42ca245935b3595be3bf0ec78bd668a2f361171912fd25af195262c889 16496 libecpg-compat3-dbgsym_17.8-0+deb13u1_amd64.deb
 bd988692abf9e7caf3e98dc8b89ca345bbbae1ddb9a64b26d80c29f75b1b20d5 17580 libecpg-compat3_17.8-0+deb13u1_amd64.deb
 3058d2dd1d2914309796ffe721552d5bbefd19e80b04a4883db222787799fb39 276296 libecpg-dev-dbgsym_17.8-0+deb13u1_amd64.deb
 db08b7f0f4d7f79bfddbb09b8ba078e5e50d2fc7b8a56ce20c89d951d381a27c 303772 libecpg-dev_17.8-0+deb13u1_amd64.deb
 6c1d6bf02c581c2f43cf08df504f5385936e3d0c096659a44c61049ff36a4b33 114788 libecpg6-dbgsym_17.8-0+deb13u1_amd64.deb
 df004201e1063e49b60b6aa712d8bb7b46f4e96ee6e9b000bb78b101584c3ed0 62916 libecpg6_17.8-0+deb13u1_amd64.deb
 4b9377b9c31aa8609e6e924138506f9e8ea8d57eff8208f12b5d3a29943cba5d 90648 libpgtypes3-dbgsym_17.8-0+deb13u1_amd64.deb
 a24909d18209263935519f9a59f0a98d0a8a726f4007a372af5bae025944ec82 46188 libpgtypes3_17.8-0+deb13u1_amd64.deb
 b8457bde90053c5a787e46f19a1f2db57d4593864b23b9f1c2fffa938fa43769 151516 libpq-dev_17.8-0+deb13u1_amd64.deb
 59dbf010cb392bea587b4b5f1e730cda8d068f0a6aa18580ecb62cdf19f3180a 298332 libpq5-dbgsym_17.8-0+deb13u1_amd64.deb
 47f08482e169abbbf43d1f5e41c54498145d4a52fb419d97e5482dc70415a0ba 227912 libpq5_17.8-0+deb13u1_amd64.deb
 3416be3cfdd4d9e5cbd9add7e8a5a99f106a0d90883ba30e2de635191e4962c5 19669964 postgresql-17-dbgsym_17.8-0+deb13u1_amd64.deb
 13e63ce95799b515a7983dbe231eb175bac33e2395c5087e372c6fd28ca90df4 17197 postgresql-17_17.8-0+deb13u1_amd64-buildd.buildinfo
 752330aa1ec8726c8236e3f3a88539d610ce11abdf54c0e6ccb5aee73720035b 16547444 postgresql-17_17.8-0+deb13u1_amd64.deb
 d14463c2abf7e1837f1abb912e3c7341d3fc49209211b211b690665d89159254 3005224 postgresql-client-17-dbgsym_17.8-0+deb13u1_amd64.deb
 a806adbaede89c8de1bc7da727bf8e07cbec817c5179c896427686c914c638ac 2045580 postgresql-client-17_17.8-0+deb13u1_amd64.deb
 bb8573924f54f21602e1b154910763d35bcc2d1c31bb0a49a9cdb0a7f1a7f4e6 203440 postgresql-plperl-17-dbgsym_17.8-0+deb13u1_amd64.deb
 fec94f8ac37b8ccc4d71482594faf6770df0d18420d629edb9142b5834df712e 86316 postgresql-plperl-17_17.8-0+deb13u1_amd64.deb
 f580dafce5f9e9bc56ce7550996476b06e7bcfff5e91feace705fa343240c4b8 204772 postgresql-plpython3-17-dbgsym_17.8-0+deb13u1_amd64.deb
 29a7b3cb37761104f124b724ea8db6e169ff480ed8c36d2b1199495084f580cd 110660 postgresql-plpython3-17_17.8-0+deb13u1_amd64.deb
 0e53a32767424057656e0edfb1c6d68b8c3d4a78dedd3c0927a6509cdce06272 85152 postgresql-pltcl-17-dbgsym_17.8-0+deb13u1_amd64.deb
 5c4f672215243583b141b0b8b89e8a151a89ff86ed1051a1f0baee97468c2b61 43504 postgresql-pltcl-17_17.8-0+deb13u1_amd64.deb
 7351110fe78d452ab4358e91b2e0ee13053e6b9f41deef1e71f2687165757b71 56064 postgresql-server-dev-17-dbgsym_17.8-0+deb13u1_amd64.deb
 199e1c96f0afb83422bce1d680a6aceee78e057cb05037b9d5de40a0035d1037 1321944 postgresql-server-dev-17_17.8-0+deb13u1_amd64.deb
Files:
 2dc1fde0e2a6ed981fc30f94e25328af 16496 debug optional libecpg-compat3-dbgsym_17.8-0+deb13u1_amd64.deb
 53680899e212901ac2acddff909128cf 17580 libs optional libecpg-compat3_17.8-0+deb13u1_amd64.deb
 350c8365a50d117f630f1e5df15bd3f3 276296 debug optional libecpg-dev-dbgsym_17.8-0+deb13u1_amd64.deb
 45a06f063368ab8e5e777cb651a365dc 303772 libdevel optional libecpg-dev_17.8-0+deb13u1_amd64.deb
 fb5741e89d3e98dcf724f168e487e52c 114788 debug optional libecpg6-dbgsym_17.8-0+deb13u1_amd64.deb
 9571d56b770c6781d7db98cc6a8c140d 62916 libs optional libecpg6_17.8-0+deb13u1_amd64.deb
 fd4d9691cf20e8d078f515c93bbb6f9b 90648 debug optional libpgtypes3-dbgsym_17.8-0+deb13u1_amd64.deb
 062ad3e775d2b130d36a1bc61d8fee74 46188 libs optional libpgtypes3_17.8-0+deb13u1_amd64.deb
 131b393fc37c3a93149e4073c466fe44 151516 libdevel optional libpq-dev_17.8-0+deb13u1_amd64.deb
 1e288c4525727910e9e7d6d97ca61d5e 298332 debug optional libpq5-dbgsym_17.8-0+deb13u1_amd64.deb
 f91f4a69ed3e322fea051a701ee16f31 227912 libs optional libpq5_17.8-0+deb13u1_amd64.deb
 428e338c833d0417595f2683074fb19e 19669964 debug optional postgresql-17-dbgsym_17.8-0+deb13u1_amd64.deb
 46cc9bef1c7acc93e36b9f636cd99ff7 17197 database optional postgresql-17_17.8-0+deb13u1_amd64-buildd.buildinfo
 53390662f14ac02941a15de2679cd81a 16547444 database optional postgresql-17_17.8-0+deb13u1_amd64.deb
 12630210e90e0e5430ae4067af3f1e11 3005224 debug optional postgresql-client-17-dbgsym_17.8-0+deb13u1_amd64.deb
 4b51a479637a36f74387dde36c6817ee 2045580 database optional postgresql-client-17_17.8-0+deb13u1_amd64.deb
 590eeb702ae8a903dd91f1ceaf0b6046 203440 debug optional postgresql-plperl-17-dbgsym_17.8-0+deb13u1_amd64.deb
 18ae063b1b89267a32e2c4b6963e0902 86316 database optional postgresql-plperl-17_17.8-0+deb13u1_amd64.deb
 08a3e16eec83fee5c616235c93727653 204772 debug optional postgresql-plpython3-17-dbgsym_17.8-0+deb13u1_amd64.deb
 4dbe5f7a1ef255dfde037c769ceb1dc3 110660 database optional postgresql-plpython3-17_17.8-0+deb13u1_amd64.deb
 288faad0cba13c084cafd7d059bb2e17 85152 debug optional postgresql-pltcl-17-dbgsym_17.8-0+deb13u1_amd64.deb
 480defe8df9128d3ddf18b892bf9aeee 43504 database optional postgresql-pltcl-17_17.8-0+deb13u1_amd64.deb
 7b82797659016479385d185fdcc426d5 56064 debug optional postgresql-server-dev-17-dbgsym_17.8-0+deb13u1_amd64.deb
 a634365e32d8417e3dc328f49f6d6b03 1321944 libdevel optional postgresql-server-dev-17_17.8-0+deb13u1_amd64.deb

-----BEGIN PGP SIGNATURE-----

iQIzBAEBCgAdFiEEnw0rdzqckKx6dwRTEbCLukZn24oFAmmLZA4ACgkQEbCLukZn
24qObA/+PnYKdrouhvuyOagt3LAaEStYPYVbe773sI5/e7ygxbqpDwgpDDyG3P1R
u8afBugPmSZ5Xt543yF+zOy/e8iLCk98F5OWmKyfBteGVse3C6CLbo6oux+gSzPc
ImgGaIo2v6Hi/jX5Sq3QqVy582MFMrIVPt+PXJHYE7dcGn/F0XP75pnLbl04T5Em
s2yPeiIpqsPwn0m1/p3Rsip9V83yndjblJM9sds9UKlAcW0pclAh/0LVVP3j3DTV
qRTwGHGra/a9dZkoJKWbuj9Zee4aOkl4FYjYdKKt9pCIcAp6UoTxU0LaodKq4pDq
nNu2pc39BMkC1lHXAKpNkskpDxKzCs7ln7h6TR6nkfDCeMrxljjjsgTOXgl+E9A9
VzLy8x1KhEXUmmd7v6jD+i2ot8DdrZBnM9BDxn9LovXg5DB2dW4mvxIAvJOaxYol
UvszR8IyG4gdgqkq3XZp9QfE6DDm8DaGOsK7YgyL1mWNiHUUBjPaBcsjnDbukKgx
vV0ko7WdR1tdnDIG6mOK/WGuk5Q2W2rZqO2Ss5PFjG3RPUgr5hkEEj2Ga46PLkzY
XRMSsutLvyFIXzSy1bH1fvQ06UVzcl3mgLPfvtww8e8g9tPjLEJQZtIRGWU+XXqj
VKNgm3LenW4ZFyg3hE9e1LCYIGesAN6/6mIMiv9qtRsoBXzv94M=
=DTvB
-----END PGP SIGNATURE-----