postgresql-9.5 (9.5.19-0ubuntu0.16.04.1) xenial-security; urgency=medium * SECURITY UPDATE: New upstream release (LP: #1839058) - Require schema qualification to cast to a temporary type when using functional cast syntax (CVE-2019-10208) - Fix failure of ALTER TABLE ... ALTER COLUMN TYPE when altering multiple columns' types in one command. This fixes a regression introduced in the most recent minor releases - Details about these and many further changes can be found at: https://www.postgresql.org/docs/9.5/static/release-9-5-19.html -- Christian Ehrhardt Tue, 06 Aug 2019 08:54:29 +0200 postgresql-9.5 (9.5.18-0ubuntu0.16.04.1) xenial; urgency=medium * New upstream release (LP: #1833211) - Fix failure of ALTER TABLE ... ALTER COLUMN TYPE when the table has a partial exclusion constraint - Fix failure of COMMENT command for comments on domain constraints - Details about these and many further changes can be found at: https://www.postgresql.org/docs/9.5/static/release-9-5-18.html -- Christian Ehrhardt Tue, 18 Jun 2019 13:11:33 +0200 postgresql-9.5 (9.5.17-0ubuntu0.16.04.1) xenial-security; urgency=medium * New upstream release(s) (LP: #1828012) - Prevent row-level security policies from being bypassed via selectivity estimators. CVE-2019-10130 - Details about these and many further changes can be found at: https://www.postgresql.org/docs/9.5/static/release-9-5-17.html -- Christian Ehrhardt Tue, 07 May 2019 11:20:37 +0200 postgresql-9.5 (9.5.16-0ubuntu0.16.04.1) xenial; urgency=medium * New upstream release(s) (LP: #1815665) - By default, panic instead of retrying after fsync() failure, to avoid possible data corruption. A new server parameter "guc-data-sync-retry" has been added to control this; - d/p/pg-9.5-Disallow-setting-client_min_messages-higher-than-ERR.patch: to retain SRU stability this patch reverts one of the changes which disabled the error suppression by setting client_min_messages to fatal or panic. Overall that means no change to the handling of client_min_messages due to this upload. - Details about these and many further changes can be found at: https://www.postgresql.org/docs/9.5/static/release-9-5-15.html https://www.postgresql.org/docs/9.5/static/release-9-5-16.html -- Christian Ehrhardt Tue, 12 Feb 2019 21:25:00 +0100 postgresql-9.5 (9.5.14-0ubuntu0.16.04) xenial-security; urgency=medium * New upstream release (LP: #1786938) - Fix failure to reset libpq's state fully between connection attempts . An unprivileged user of dblink or postgres_fdw could bypass the checks intended to prevent use of server-side credentials, such as a ~/.pgpass file owned by the operating-system user running the server. Servers allowing peer authentication on local connections are particularly vulnerable. Other attacks such as SQL injection into a postgres_fdw session are also possible. Attacking postgres_fdw in this way requires the ability to create a foreign server object with selected connection parameters, but any user with access to dblink could exploit the problem. In general, an attacker with the ability to select the connection parameters for a libpq-using application could cause mischief, though other plausible attack scenarios are harder to think of. Our thanks to Andrew Krasichkov for reporting this issue. (CVE-2018-10915) - Fix INSERT ... ON CONFLICT UPDATE through a view that isn't just SELECT FROM ... . Erroneous expansion of an updatable view could lead to crashes or attribute ... has the wrong type errors, if the view's SELECT list doesn't match one-to-one with the underlying table's columns. Furthermore, this bug could be leveraged to allow updates of columns that an attacking user lacks UPDATE privilege for, if that user has INSERT and UPDATE privileges for some other column(s) of the table. Any user could also use it for disclosure of server memory. (CVE-2018-10925) - d/libecpg-dev.install: Add new pgtypes header. - d/libpgtypes3.symbols: Add new pgtypes symbol. - Details about these and changes can be found at https://www.postgresql.org/docs/9.5/static/release-9-5-14.html -- Christian Ehrhardt Tue, 14 Aug 2018 14:49:16 +0200 postgresql-9.5 (9.5.13-0ubuntu0.16.04) xenial; urgency=medium * New upstream release (LP: #1769888) - A dump/restore is not required for those running 9.5.X. However, if the function marking mistakes mentioned in the first changelog entry affect you, you will want to take steps to correct your database catalogs. - Details about changes can be found at https://www.postgresql.org/docs/9.5/static/release-9-5-13.html -- Christian Ehrhardt Tue, 08 May 2018 15:17:49 +0200 postgresql-9.5 (9.5.12-0ubuntu0.16.04) xenial-security; urgency=medium * New upstream release (LP: #1752271) If you run an installation in which not all users are mutually trusting, or if you maintain an application or extension that is intended for use in arbitrary situations, it is strongly recommended that you read the documentation changes described in the first changelog entry below, and take suitable steps to ensure that your installation or code is secure. Also, the changes described in the second changelog entry below may cause functions used in index expressions or materialized views to fail during auto-analyze, or when reloading from a dump. After upgrading, monitor the server logs for such problems, and fix affected functions. - Document how to configure installations and applications to guard against search-path-dependent trojan-horse attacks from other users Using a search_path setting that includes any schemas writable by a hostile user enables that user to capture control of queries and then run arbitrary SQL code with the permissions of the attacked user. While it is possible to write queries that are proof against such hijacking, it is notationally tedious, and it's very easy to overlook holes. Therefore, we now recommend configurations in which no untrusted schemas appear in one's search path. (CVE-2018-1058) - Avoid use of insecure search_path settings in pg_dump and other client programs pg_dump, pg_upgrade, vacuumdb and other PostgreSQL-provided applications were themselves vulnerable to the type of hijacking described in the previous changelog entry; since these applications are commonly run by superusers, they present particularly attractive targets. To make them secure whether or not the installation as a whole has been secured, modify them to include only the pg_catalog schema in their search_path settings. Autovacuum worker processes now do the same, as well. In cases where user-provided functions are indirectly executed by these programs -- for example, user-provided functions in index expressions -- the tighter search_path may result in errors, which will need to be corrected by adjusting those user-provided functions to not assume anything about what search path they are invoked under. That has always been good practice, but now it will be necessary for correct behavior. (CVE-2018-1058) - Details about other changes can be found at https://www.postgresql.org/docs/9.5/static/release-9-5-12.html -- Christian Ehrhardt Wed, 28 Feb 2018 09:59:08 +0100 postgresql-9.5 (9.5.11-0ubuntu0.16.04) xenial-security; urgency=medium * New upstream release (LP: #1747676) - Ensure that all temporary files made by pg_upgrade are non-world-readable (CVE-2018-1053) - Details about other changes at full changelog: https://www.postgresql.org/docs/9.5/static/release-9-5-11.html -- Christian Ehrhardt Tue, 06 Feb 2018 15:20:02 +0100 postgresql-9.5 (9.5.10-0ubuntu0.16.04) xenial-security; urgency=medium * New upstream release (LP: #1730661) - Previously, a race condition allowed some table rows to be omitted from the index. It may be necessary to reindex existing BRIN indexes to recover from past occurrences of this problem. - Details about other changes at full changelog: https://www.postgresql.org/docs/9.5/static/release-9-5-10.html -- Christian Ehrhardt Tue, 07 Nov 2017 14:33:50 +0100 postgresql-9.5 (9.5.9-0ubuntu0.16.04) xenial; urgency=medium * New upstream release (LP: #1713979) - fix upgrade regressions of the former security release - Details about other changes at full changelog: https://www.postgresql.org/docs/9.5/static/release-9-5-9.html -- Christian Ehrhardt Wed, 30 Aug 2017 13:01:13 +0200 # For older changelog entries, run 'apt-get changelog libpq5'