-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA512

Format: 1.8
Date: Tue, 18 Feb 2025 11:59:37 +0100
Source: postgresql-15
Architecture: source
Version: 15.12-0+deb12u1
Distribution: bookworm
Urgency: medium
Maintainer: Debian PostgreSQL Maintainers <team+postgresql@tracker.debian.org>
Changed-By: Christoph Berg <myon@debian.org>
Changes:
 postgresql-15 (15.12-0+deb12u1) bookworm; urgency=medium
 .
   * New upstream version 15.12.
 .
     + Improve behavior of libpq's quoting functions (Andres Freund, Tom Lane)
 .
       The changes made for CVE-2025-1094 had one serious oversight:
       PQescapeLiteral() and PQescapeIdentifier() failed to honor their string
       length parameter, instead always reading to the input string's trailing
       null.  This resulted in including unwanted text in the output, if the
       caller intended to truncate the string via the length parameter.  With
       very bad luck it could cause a crash due to reading off the end of
       memory.
 .
       In addition, modify all these quoting functions so that when invalid
       encoding is detected, an invalid sequence is substituted for just the
       first byte of the presumed character, not all of it.  This reduces the
       risk of problems if a calling application performs additional processing
       on the quoted string.
Checksums-Sha1:
 49d886977631c33ccc513d5a1475d68172f74973 3926 postgresql-15_15.12-0+deb12u1.dsc
 e324936f043bca125f3b12bef2919e5183118400 23170228 postgresql-15_15.12.orig.tar.bz2
 8b4fac8224e7a335399e9d7706a5d05ee457cf81 28104 postgresql-15_15.12-0+deb12u1.debian.tar.xz
Checksums-Sha256:
 15d0fe8a28f52f77f24babe3ee8bf9ea416122e3aaee3b882af32626c2a5c347 3926 postgresql-15_15.12-0+deb12u1.dsc
 3bc8462a38ca0857270cc88b949a3f6659f0d5c44c029c482355835b61a0f6f7 23170228 postgresql-15_15.12.orig.tar.bz2
 b879925973250fc9af80a3ebfb61170c186ca027378cfa668ae2389646f7f1b7 28104 postgresql-15_15.12-0+deb12u1.debian.tar.xz
Files:
 92fcdbaded39e77b17c4928153faeac3 3926 database optional postgresql-15_15.12-0+deb12u1.dsc
 2b8236ac1b8ebad95f7c4414b2adcafd 23170228 database optional postgresql-15_15.12.orig.tar.bz2
 5037388bd095cee367f319878eb310c5 28104 database optional postgresql-15_15.12-0+deb12u1.debian.tar.xz

-----BEGIN PGP SIGNATURE-----

iQIzBAEBCgAdFiEEXEj+YVf0kXlZcIfGTFprqxLSp64FAme3TZwACgkQTFprqxLS
p66fcQ//fhisSZ+yer9LIe89gjdUsjFy6NhH+SthsnmqYWUZS35Rpjz51jfKCgOt
C5UQgJs6oNbe5Z7DeFZxAXcwWqAUxLYkTE74bhSfB4n+Y1PxJR0SvkKZKJWiyh2J
6iwT63yJnfF2TtTRPnlAHSJumvtBwlGc9K3gy1ZHVrQUZvus7YXdd5OjBSDx2ctT
cyZ6bIRjW3sO2wILRy8xWyYcO63ReLRynXgt8bEe5PqPy+OBmZILgqR+wfmaPU0/
+JTi8n7+1aZNJQBX5oyvozDF9W8+z64cItwruxJqyQPm6Ev23OdA/IBd6cMUeU3k
kcJlKxB+N4Fyo4t3+bjAUn02gMyDk+bq5A9Nk6i8JelfyPzG7AHDStSsYlid4Txd
Ay8vdEjyFX+GjUuK9pHgnTIdkv05+5zTV6IrFHa6sVzh9g95YTYxYlZoSQ7fYk2D
c7hvrpTp02Iw8PIjQ79VRCbDZj5QKWaRgcW5piDpvILBVsqjQlzgm8HYO5eYppSy
2gUoW2/WCQhvWLiTafpmDui2qo6Ihl4soPi5q1fHDcPf4FT/f78zQ8WYum1NpsdX
eS46s4+ste+1qfAonQ6NncWs2mdAHV5bq5PYNAygx2auqZWNua104j3wjdBuBxx/
2UOPq43Yr/sRFdUy27+/3yVn7vWlXP+J92veRqga81rQagyFXhU=
=mECv
-----END PGP SIGNATURE-----