• Accepted postgresql-11 11.12-0+deb10u1 (source) into proposed-updates->

    From Debian FTP Masters@21:1/5 to All on Sat May 15 21:50:01 2021
    -----BEGIN PGP SIGNED MESSAGE-----
    Hash: SHA256

    Format: 1.8
    Date: Wed, 12 May 2021 16:42:10 +0200
    Source: postgresql-11
    Architecture: source
    Version: 11.12-0+deb10u1
    Distribution: buster-security
    Urgency: medium
    Maintainer: Debian PostgreSQL Maintainers <team+postgresql@tracker.debian.org> Changed-By: Christoph Berg <myon@debian.org>
    Changes:
    postgresql-11 (11.12-0+deb10u1) buster-security; urgency=medium
    .
    * New upstream version.
    .
    + Prevent integer overflows in array subscripting calculations (Tom Lane)
    .
    The array code previously did not complain about cases where an array's
    lower bound plus length overflows an integer. This resulted in later
    entries in the array becoming inaccessible (since their subscripts could
    not be written as integers), but more importantly it confused subsequent
    assignment operations. This could lead to memory overwrites, with
    ensuing crashes or unwanted data modifications. (CVE-2021-32027)
    .
    + Fix mishandling of junk columns in INSERT ... ON CONFLICT ... UPDATE
    target lists (Tom Lane)
    .
    If the UPDATE list contains any multi-column sub-selects (which give
    rise to junk columns in addition to the results proper), the UPDATE path
    would end up storing tuples that include the values of the extra junk
    columns. That's fairly harmless in the short run, but if new columns are
    added to the table then the values would become accessible, possibly
    leading to malfunctions if they don't match the datatypes of the added
    columns.
    .
    In addition, in versions supporting cross-partition updates, a
    cross-partition update triggered by such a case had the reverse problem:
    the junk columns were removed from the target list, typically causing an
    immediate crash due to malfunction of the multi-column sub-select
    mechanism. (CVE-2021-32028)
    .
    + Fix possibly-incorrect computation of UPDATE ... RETURNING outputs for
    joined cross-partition updates (Amit Langote, Etsuro Fujita)
    .
    If an UPDATE for a partitioned table caused a row to be moved to another
    partition with a physically different row type (for example, one with a
    different set of dropped columns), computation of RETURNING results for
    that row could produce errors or wrong answers. No error is observed
    unless the UPDATE involves other tables being joined to the target
    table. (CVE-2021-32029)
    Checksums-Sha1:
    7bd49b50d5efac6148d280bdcc54fb715733b581 3745 postgresql-11_11.12-0+deb10u1.dsc
    4058af97fde72064c5fd18a508eda6a5526359df 20075485 postgresql-11_11.12.orig.tar.bz2
    f0fba10a41fcac64889eef7486a89b78c1c7e53f 27380 postgresql-11_11.12-0+deb10u1.debian.tar.xz
    Checksums-Sha256:
    7c33b4631e3724ba947ae15bd63c995c12fc401fdd05645a33c4cd46bccb2c41 3745 postgresql-11_11.12-0+deb10u1.dsc
    87f9d8b16b2b8ef71586f2ec76beac844819f64734b07fa33986755c2f53cb04 20075485 postgresql-11_11.12.orig.tar.bz2
    14b775753a19adae79bf383b7feb06f0cb1e844ebbea295287f33e4d881b478d 27380 postgresql-11_11.12-0+deb10u1.debian.tar.xz
    Files:
    6d2cb5e70582ec2e92fd01be9f58849e 3745 database optional postgresql-11_11.12-0+deb10u1.dsc
    3746c96a0e8f546f5503ef7b50abd2ff 20075485 database optional postgresql-11_11.12.orig.tar.bz2
    6b901d80a7f58d721d28a2ce07a77b02 27380 database optional postgresql-11_11.12-0+deb10u1.debian.tar.xz

    -----BEGIN PGP SIGNATURE-----

    iQIzBAEBCAAdFiEEXEj+YVf0kXlZcIfGTFprqxLSp64FAmCb/PAACgkQTFprqxLS p65cWw/+M13I6BOUfL1BI66Lj/4lH/IXLY/JacM/2zNFQ+c2mdyz5K7KGjGCxQqC 01vKO7Q6JH2Cw+uhJVhm9v7oIbouDxG6Cddo/5ZyRrlTZItI3z8HWJl4olBwOGxl +cQDLBwWjSH5jgRwWQPPWx5SqWA3CRKFnu57TbopdoHNfy3jQl7/lVAInSNXCYYV 7LELPWS0i+S/8+xpuruqVEjNDRh7RylhNCfwUTbRvcdvILiCijAsIQcYKe+tb7w+ Pn4F5OkRDHzb1O1x0afgP+s6qnIKtONKWpDuG9XV0KI03pxIIVz5vgq7nELKr9QR dEdY83iGkOKSDZa97cQnyyEw0VjuDIZqXddPIudsNS543lKafF+BfapMIHlISLNS hDNw9FF6kNg/s316xlBWtNpmE9MES0J8TAFndjYy4xMSD/8uLIkS+uE/MhecuRrO pni3R1PCquZn5VBNdIPv1IVJpVOl1dHytukc7L3Y67ZcUBaP0ilooZ8nGV8+ChAk 1PTt/tf+oAtobOENActRltzNrjzTWtntK4bxSmtRulKDcrLWTglhIwTKVQhcFJSB kMABblOxHuE1AHQKPYremYzaDcgyaxqTrL8bDs+LmkbISMyYbU8z1FwQ5kD3sbG1 TKe7YvVXiqVwHBvIkp2pxtBlkcwGNw8Tdx5VMXMS/b+Tg4VL2Mc=
    =NzpI
    -----END PGP SIGNATURE-----

    --- SoupGate-Win32 v1.05
    * Origin: fsxNet Usenet Gateway (21:1/5)