postgresql-14 (14.2-1ubuntu1) jammy; urgency=medium * d/p/llvm14-support.patch: fix FTBFS with llvm-14 (LP: #1966319) -- Andreas Hasenack Fri, 25 Mar 2022 11:34:41 -0300 postgresql-14 (14.2-1) unstable; urgency=medium * New upstream release. -- Christoph Berg Wed, 09 Feb 2022 10:39:43 +0100 postgresql-14 (14.1-5) unstable; urgency=medium * Provide postgresql-14-jit-llvm (= ${llvm:Version}) so extensions can depend on a matching llvm version. -- Christoph Berg Mon, 03 Jan 2022 16:08:18 +0100 postgresql-14 (14.1-4) unstable; urgency=medium [ Christoph Berg ] * Disable LLVM JIT on s390x for now. (See #1002029) [ Christian Ehrhardt ] * postgresql-common/server/postgresql.mk: avoid gcc 11 ICE on armhf and armel. -- Christoph Berg Mon, 20 Dec 2021 18:21:21 +0100 postgresql-14 (14.1-3) unstable; urgency=medium * Use system default clang/llvm version. (Closes: #1000915) * Use centralized debian/rules logic in postgresql-common. -- Christoph Berg Fri, 03 Dec 2021 09:56:49 +0100 postgresql-14 (14.1-2) unstable; urgency=medium * Enable outline-atomics on arm64 (affects Ubuntu focal only). -- Christoph Berg Tue, 16 Nov 2021 11:56:37 +0100 postgresql-14 (14.1-1) unstable; urgency=medium * New upstream release. + Make the server and libpq reject extraneous data after an SSL or GSS encryption handshake (Tom Lane) A man-in-the-middle with the ability to inject data into the TCP connection could stuff some cleartext data into the start of a supposedly encryption-protected database session. This could be abused to send faked SQL commands to the server, although that would only work if the server did not demand any authentication data. (However, a server relying on SSL certificate authentication might well not do so.) (CVE-2021-23214) This could probably be abused to inject faked responses to the client's first few queries, although other details of libpq's behavior make that harder than it sounds. A different line of attack is to exfiltrate the client's password, or other sensitive data that might be sent early in the session. That has been shown to be possible with a server vulnerable to CVE-2021-23214. (CVE-2021-23222) The PostgreSQL Project thanks Jacob Champion for reporting these problems. * libpq-dev: Depend on libssl-dev, `pkg-config --exists libpq` requires it. -- Christoph Berg Fri, 05 Nov 2021 12:05:46 +0100 postgresql-14 (14.0-1) unstable; urgency=medium * First PG14 release. * Depend on postgresql-common 229 for scram-sha-256 authentication by default. -- Christoph Berg Tue, 28 Sep 2021 13:56:00 +0200 postgresql-14 (14~rc1-1) experimental; urgency=medium * First PG14 release candidate. * Enable spinlocks on riscv64. * Fix awk to be mawk, spotted by Yangfl. (Closes: #987786) * configure.ac: Remove check for autoconf 2.69. * Spanish debconf translation by Jonathan Bustillos, thanks! (Closes: #986775) * Flatten debian/*.lintian-overrides symlinks. -- Christoph Berg Thu, 23 Sep 2021 12:39:42 +0200 postgresql-14 (14~beta3-1) experimental; urgency=medium * New beta version. * libpq5.symbols: Add PQsendFlushRequest. -- Christoph Berg Tue, 10 Aug 2021 13:11:12 +0200 postgresql-14 (14~beta2-1) experimental; urgency=medium * New beta version. * libpq5.symbols: Add PQmblenBounded, PQsetTraceFlags, remove PQtraceSetFlags. * debian/tests/installcheck: Use --make-testtablespace-dir. -- Christoph Berg Wed, 23 Jun 2021 11:03:06 +0200 postgresql-14 (14~beta1-1) experimental; urgency=medium * New major upstream version 14; packaging based on postgresql-13. -- Christoph Berg Tue, 18 May 2021 13:40:56 +0200