-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA512 Format: 1.8 Date: Thu, 25 Dec 2025 19:03:31 +0100 Source: postgresql-17 Architecture: source Version: 17.7-0+deb13u1 Distribution: trixie Urgency: medium Maintainer: Debian PostgreSQL Maintainers Changed-By: Christoph Berg Changes: postgresql-17 (17.7-0+deb13u1) trixie; urgency=medium . * New upstream version 17.7. . + Check for CREATE privileges on the schema in CREATE STATISTICS (Jelte Fennema-Nio) . This omission allowed table owners to create statistics in any schema, potentially leading to unexpected naming conflicts. . The PostgreSQL Project thanks Jelte Fennema-Nio for reporting this problem. (CVE-2025-12817) . + Avoid integer overflow in allocation-size calculations within libpq (Jacob Champion) . Several places in libpq were not sufficiently careful about computing the required size of a memory allocation. Sufficiently large inputs could cause integer overflow, resulting in an undersized buffer, which would then lead to writing past the end of the buffer. . The PostgreSQL Project thanks Aleksey Solovev of Positive Technologies for reporting this problem. (CVE-2025-12818) Checksums-Sha1: 62880eed049ba9d4b0c5ff058021104b0caa681d 4277 postgresql-17_17.7-0+deb13u1.dsc 5d67ec142df976adb52eb9e053f341bcdae9192c 21646334 postgresql-17_17.7.orig.tar.bz2 241128de607316a94ce33f7569f770f7b672246c 28916 postgresql-17_17.7-0+deb13u1.debian.tar.xz Checksums-Sha256: c648dbc8092f1dc92d36d437d2e9a11b1c15dbef89cbf26dd71d4dfc5908a6f2 4277 postgresql-17_17.7-0+deb13u1.dsc ef9e343302eccd33112f1b2f0247be493cb5768313adeb558b02de8797a2e9b5 21646334 postgresql-17_17.7.orig.tar.bz2 19c872ab156451593a11e4de10f72cee0d50119bc2cff8b1148052a2a9c8ce95 28916 postgresql-17_17.7-0+deb13u1.debian.tar.xz Files: 60a49ca25df74161e6cfea7bc06e1610 4277 database optional postgresql-17_17.7-0+deb13u1.dsc a4fa04d16e511e068736d154ca74752d 21646334 database optional postgresql-17_17.7.orig.tar.bz2 fc56cab30411dd32848c9dc009cd29bd 28916 database optional postgresql-17_17.7-0+deb13u1.debian.tar.xz -----BEGIN PGP SIGNATURE----- iQIzBAEBCgAdFiEEXEj+YVf0kXlZcIfGTFprqxLSp64FAmlNfSEACgkQTFprqxLS p67U/w//fM2k/aCrgy2I1pyaoC+nVcE2UysanlrOTyuiQ+d08nmRZ9e4X71/6YJ9 Q0Pm3QHcIJoF55cQ5GavrtQZxdM8nhWJDHuJ71Te6UTXWy1fsbc91y/wbfILMgUx 15odvasrpQ6xu9nxlTkKbfQQ5o6WC8jQ5eMcWTio2RRbtP2bCA5JMba0ditx5DRj s0hUhn5FrTpVY0YAsR/Bt6eBVr/ud80+eIolHYdS+gB50POmNlB6sAxU3Zvz7Na1 Tut4w7mYO3GHB2ig5LkTa6j0GldwKcwgel7zZebyYdfLRWluozE8sL4JI5741hZH vjxQD1O5WEO1uCbeUXhE7QTMKsLQ4jEaxPd4VSkxEAGPiOCPwTtgStWLTQ+z5Z+N f4DiQCWs2PxhVABi8k9lkSvyfgtDZoZ98Mv0zuqNrgl47k/OxmodI6B0vrGWHg9/ a2+B4AHiXh4BBlbkFu3aK+tc86HlWmh9UIMJGERciPQLg30eEXdXO8JtSazBUK8l hYxxRl6vmAnXGf0QfQ0EwY5z94NOk8dD8N2QlQb8q3ZwmTb75fs/3kNw/t1vmL9S MW8Pj45Fjy6XC563dlIjcpUrkMzKA9g/BVbrQozVT1RXxMEljZjolA1NYtN3lS3a 3DYu2IJ+JIyJ/GlinreYadOw7IBejYUjrfJdOfb6U9yf6rDHj9s= =PBz2 -----END PGP SIGNATURE-----