-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA512

Format: 1.8
Date: Sun, 01 Oct 2023 21:50:06 +0200
Source: postgresql-15
Binary: postgresql-doc-15
Architecture: all
Version: 15.4-0+deb12u1
Distribution: bookworm
Urgency: medium
Maintainer: all Build Daemon (x86-grnet-02) <buildd_all-x86-grnet-02@buildd.debian.org>
Changed-By: Christoph Berg <myon@debian.org>
Description:
 postgresql-doc-15 - documentation for the PostgreSQL database management system
Changes:
 postgresql-15 (15.4-0+deb12u1) bookworm; urgency=medium
 .
   * New upstream version.
 .
     + Disallow substituting a schema or owner name into an extension script if
       the name contains a quote, backslash, or dollar sign (Noah Misch)
       This restriction guards against SQL-injection hazards for trusted
       extensions.
       The PostgreSQL Project thanks Micah Gate, Valerie Woolard, Tim
       Carey-Smith, and Christoph Berg for reporting this problem.
       (CVE-2023-39417)
 .
     + Fix MERGE to enforce row security policies properly (Dean Rasheed)
       When MERGE performs an UPDATE action, it should enforce any UPDATE or
       SELECT RLS policies defined on the target table, to be consistent with
       the way that a plain UPDATE with a WHERE clause works.  Instead it was
       enforcing INSERT RLS policies for both INSERT and UPDATE actions.
       In addition, when MERGE performs a DO NOTHING action, it applied the
       target table's DELETE RLS policies to existing rows, even though those
       rows are not being deleted.  While it's not a security problem, this
       could result in unwanted errors.
       The PostgreSQL Project thanks Dean Rasheed for reporting this problem.
       (CVE-2023-39418)
Checksums-Sha1:
 e14d08bf5cb1d204a275fd8d79bc450316be1401 10288 postgresql-15_15.4-0+deb12u1_all-buildd.buildinfo
 848dc54c3ba040ebe3a7eaa00750e572d947bd79 2020088 postgresql-doc-15_15.4-0+deb12u1_all.deb
Checksums-Sha256:
 09a71b961189fbbcff0eb8a7ff80f32f02a29fcdc40b51512783365f4b2badba 10288 postgresql-15_15.4-0+deb12u1_all-buildd.buildinfo
 431e391635bd3a012b7c6dca36bebfc662ed9400586d03c1018f2d29ac96cd30 2020088 postgresql-doc-15_15.4-0+deb12u1_all.deb
Files:
 2a51faeda1ea36742449178c0f6dbd60 10288 database optional postgresql-15_15.4-0+deb12u1_all-buildd.buildinfo
 2938fb093427dfa074f35e1b4b320ec6 2020088 doc optional postgresql-doc-15_15.4-0+deb12u1_all.deb

-----BEGIN PGP SIGNATURE-----

iQIzBAEBCgAdFiEEzW1K1578DQd6MDTQEbLkkg2OS0oFAmUnsTsACgkQEbLkkg2O
S0rwuQ//VLa+QnSaysVZcKXJRl+N+JSUA6yaWq511TyRx/bazgnFSoL6opk9mQrv
pRYmd4jXF5im/x+9duCMK7ZJLMhWvHHvsDuHds2Yh1LJOYUgLWCpJtQz3CPB46kG
Q1XpgyZXbvuQyFtQMdRzHZTDc+c1Ooj3rFPteA6yX5Q6tQl0IzrXvo9XKgXYa33N
umRDv8ZpOfum1VUnLuh3BZrIj1TNO8DRXVGcL+4MKsSMGMlwKf78RyFudr2ow3wl
CtxgFBnbXV8JAOS4oBAI3HcEyh5ChD/yFOVEqDTwI0a9Mey3kBAvuDqIxI2uaA7N
gCBLBZfyfxtA2mvNrm02dtcKx9/t9iPjwg3f86luNna6ums/St/gH3pyV1PA56DJ
H5sGUMhSW0Jcsv/rQi0ByQti0stezunAPbacDvO84ekIOyCZewEHrNWYJgzMfBiE
Y9WxQ+y1V4YrLdLvOPSPP6yyaRfa+7BUagCVVw6ZhkDqUPkYUmKY2g3kCzX91+jZ
LflNbhyMa4ICet2T+lH9fgytWQgxp3sJPJ2rGov4suLXaHiAFVPXEJIKIgVVlmAH
k+lGjPsbLsWdU8bGQvTXSulkDhfgqj7v4qmEGQzJRCNMSHEZOg6hlw8CnMYnmFcE
9zGcVPqfPjBZJOVrz+ytUVD2PQqTAhpRRMVwtgTugi4iMhDTA4I=
=BQFF
-----END PGP SIGNATURE-----