-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA512 Format: 1.8 Date: Tue, 06 May 2025 17:55:19 +0200 Source: postgresql-15 Architecture: source Version: 15.13-0+deb12u1 Distribution: bookworm Urgency: medium Maintainer: Debian PostgreSQL Maintainers Changed-By: Christoph Berg Changes: postgresql-15 (15.13-0+deb12u1) bookworm; urgency=medium . * New upstream version 15.13. . + Avoid one-byte buffer overread when examining invalidly-encoded strings that are claimed to be in GB18030 encoding (Noah Misch, Andres Freund) . While unlikely, a SIGSEGV crash could occur if an incomplete multibyte character appeared at the end of memory. This was possible both in the server and in libpq-using applications. (CVE-2025-4207) Checksums-Sha1: 86d95156f2ab964ce4425718a08b7548f3d64693 3926 postgresql-15_15.13-0+deb12u1.dsc 51037e7768d6b60c37b6d58866f48d22611a4a6a 23190593 postgresql-15_15.13.orig.tar.bz2 53555c38805d063a4b4d77e00802f381642f056d 28496 postgresql-15_15.13-0+deb12u1.debian.tar.xz Checksums-Sha256: b8e8853d83415180c6e4d1edd7b2e2cf33802348961d9cbe095ffb2ceb47eda6 3926 postgresql-15_15.13-0+deb12u1.dsc 4f62e133d22ea08a0401b0840920e26698644d01a80c34341fb732dd0a90ca5d 23190593 postgresql-15_15.13.orig.tar.bz2 1432848ba611fe0e0f5e4df58fdb1ee47114974839c7dc8432e7b0c75dea102a 28496 postgresql-15_15.13-0+deb12u1.debian.tar.xz Files: ea6c1188e7046eded17e14ba81590004 3926 database optional postgresql-15_15.13-0+deb12u1.dsc 4295baab62be824659154c24aa3ac9d1 23190593 database optional postgresql-15_15.13.orig.tar.bz2 6aad173f3723286cb46d2abe52572ac1 28496 database optional postgresql-15_15.13-0+deb12u1.debian.tar.xz -----BEGIN PGP SIGNATURE----- iQIzBAEBCgAdFiEEXEj+YVf0kXlZcIfGTFprqxLSp64FAmgdEfQACgkQTFprqxLS p67+WBAAsn4DV/Pzazrfk48giunGvoDu2EjH1vY2wYUvEL2kPiZMP57umkBO8IdF SPSpPRZdJFtrdrwQipjLiXrrlRTSRVTWCUicbLRoWYQfx57QgCJkLgPwOP2/20F7 F1jOnK6FM7zBM1XOFfIKV7xfyFlzns+6CZXQgpECeM4Cs8bVMDBrGKXlW9tQqCG7 nY0r7w4FPuayU0L2iBAOzk3pzAJN+FamJ5jdkNlnTQgypNZH5UK5KXiX02uljvP9 FsptkGtvR+MWBXeNGMpp8NyNS+kjEL5Fl7D0LEI0P9JLmReaWOt2oiI4bIpcRbL6 tsRTzvrC3QwTV0GLxSStBvojR26hcdXxLR0rsuHsDJe17ZneZ+IGf0BLY0P3DZ1K eeYmRLLuVMw3GYb1ZokrCiugRe7kEx8v053z5BRXv6zleLLIDH7zQf2YaYyXlyR7 YNJ23Rr2xd2iIo7hYEqf380ZH9Js03XZsTtd1BwvZg73ytkOBiWrZb7G8QAOPumK JchdKttl5q55HVYhyyZdvG7Wopzm2yH8FlMgahkC70t4YpL+9TrIZ55YiQD60/BD GNkVxptyQO5GndpOJlV1E07VOvt8mlHWJwE0DvZnZrQMt/oglrX7D2CXVSThowOk 7Yr9zMCjq/xgah2s6AJbPTTXbeLD/RyMXRYNHVTJMCw5op3qchE= =wxQU -----END PGP SIGNATURE-----