-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA512 Format: 1.8 Date: Wed, 10 May 2023 20:35:39 +0200 Source: postgresql-13 Binary: postgresql-doc-13 Architecture: all Version: 13.11-0+deb11u1 Distribution: bullseye-security Urgency: medium Maintainer: all Build Daemon (x86-grnet-02) Changed-By: Christoph Berg Description: postgresql-doc-13 - documentation for the PostgreSQL database management system Changes: postgresql-13 (13.11-0+deb11u1) bullseye-security; urgency=medium . * New upstream version. . + Prevent CREATE SCHEMA from defeating changes in search_path (Report and fix by Alexander Lakhin, CVE-2023-2454) . Within a CREATE SCHEMA command, objects in the prevailing search_path, as well as those in the newly-created schema, would be visible even within a called function or script that attempted to set a secure search_path. This could allow any user having permission to create a schema to hijack the privileges of a security definer function or extension script. . + Enforce row-level security policies correctly after inlining a set-returning function (Report by Wolfgang Walther, CVE-2023-2455) . If a set-returning SQL-language function refers to a table having row-level security policies, and it can be inlined into a calling query, those RLS policies would not get enforced properly in some cases involving re-using a cached plan under a different role. This could allow a user to see or modify rows that should have been invisible. Checksums-Sha1: e90ab2a48660381828c569537a1eaa9f58949f8f 9697 postgresql-13_13.11-0+deb11u1_all-buildd.buildinfo 4b145314dfa0d777e3dc8fff91bd17a23dbe8614 1959992 postgresql-doc-13_13.11-0+deb11u1_all.deb Checksums-Sha256: cec250a30f76d99b3d9278fd3967e28cda1a5bc4c73517f07d6b1ee4d8155afb 9697 postgresql-13_13.11-0+deb11u1_all-buildd.buildinfo 41766dbb54db054f46b36ab6a34153d6fb82005e0fe37b737aea4d25744aecca 1959992 postgresql-doc-13_13.11-0+deb11u1_all.deb Files: 47224e1d299cde169cb7c90b65d0e437 9697 database optional postgresql-13_13.11-0+deb11u1_all-buildd.buildinfo d91ab614ff9f177d8160aad9580dc9f7 1959992 doc optional postgresql-doc-13_13.11-0+deb11u1_all.deb -----BEGIN PGP SIGNATURE----- iQIzBAEBCgAdFiEEzW1K1578DQd6MDTQEbLkkg2OS0oFAmRb7MsACgkQEbLkkg2O S0qKCxAAk7E+XkJjhWE4Ta0yORfvTF4FcXxio0fTpK4uR2y98mVexUhgBh+seztE obQdv88g+udeakcJX5nt7xJu8U0bvgMUhRw9rXHdfBN1YpelcO3/E8NXS5WX7DR+ 1EX3cYbprUMgz5JJsfYnCnYl3G6PMW3ReLxp1/kR5++ws5Mv1dJu3/QcaHR24g6j Y/fNvZBK+c1/Chxcl9DyOEeUPu0XkIUOtYw3h+EqkTGxGBvcSXG+0zq39xtKpqXj XwwhoNj6Uz8rX6WYMQYocCEzBUeEHwb+MJ8gud/lLI8NfDi/aBgTTThUz0Nbmg8R 5oZ06Hdjq41e9OAudyzkJRw0i+neFU8gtgmE+Yr6Q9P3ZHQnPGBoz63ue7IzGHDu pj1w5PCANWjo202esiZq6A6yLjzc24bSfgx85uq2eagkbYmUomCBuID7l4PnywcN JXbG/rI/BZjl/w2ZzHOZorX3Nj5Hv9mQN9BsAa3F6gJ3osfVZWjF/FJ+NEGksvhj g1cm+T8GMBnxUx2okqj4ytwWkap202WKEIfOjJR1xQfLNoW700d8OkBKdNQkoEMv X07H5sx7LQWC1qzxcirYy+ve5MAoSd3EeVtNDc9cGiRbZ4u+T+y2wp/VAye0PYXD KUOJTKuL6GDEqMzXhlqYGfH2zIhWspfm7a2qLeTQBLX4WYXeOBg= =N4uo -----END PGP SIGNATURE-----