postgresql-15 (15.10-0+deb12u1) and a fix for CVE-2024-10978
| От | Christoph Berg |
|---|---|
| Тема | postgresql-15 (15.10-0+deb12u1) and a fix for CVE-2024-10978 |
| Дата | |
| Msg-id | Zz8ewkTOHug5VdcT@msg.df7cb.de обсуждение исходный текст |
| Ответ на | Re: PostgreSQL CVE-2024-7348 today (Moritz Mühlenhoff <jmm@inutil.org>) |
| Ответы |
Re: postgresql-15 (15.10-0+deb12u1) and a fix for CVE-2024-10978
|
| Список | pgsql-pkg-debian |
Re: Moritz Mühlenhoff
> Ok, no problem. We'll release that revised update via bookworm-security
> as well, then.
Hi,
new PG15 uploaded:
postgresql-15 (15.10-0+deb12u1) bookworm-security; urgency=medium
* New upstream version 15.10.
+ Repair ABI break for extensions that work with struct ResultRelInfo
Last week's minor releases unintentionally broke binary compatibility
with timescaledb and several other extensions. Restore the affected
structure to its previous size, so that such extensions need not be
rebuilt.
+ Restore functionality of ALTER {ROLE|DATABASE} SET role
The fix for CVE-2024-10978 accidentally caused settings for role to not
be applied if they come from non-interactive sources, including previous
ALTER {ROLE|DATABASE} commands and the PGOPTIONS environment variable.
-- Christoph Berg <myon@debian.org> Tue, 19 Nov 2024 15:36:12 +0100
Christoph
В списке pgsql-pkg-debian по дате отправления: