UbuntuUpdates.org

Package "postgresql-client-10"

Name: postgresql-client-10

Description:

front-end programs for PostgreSQL 10

Latest version: 10.23-0ubuntu0.18.04.2
Release: bionic (18.04)
Level: updates
Repository: main
Head package: postgresql-10
Homepage: http://www.postgresql.org/

Links


Download "postgresql-client-10"


Other versions of "postgresql-client-10" in Bionic

Repository Area Version
base main 10.3-1
security main 10.23-0ubuntu0.18.04.2
PPA: Postgresql 10.8-1.pgdg14.04+1
PPA: Postgresql 10.17-1.pgdg16.04+1
PPA: Postgresql 10.23-1.pgdg18.04+1
PPA: Postgresql 10.23-6.pgdg20.04+1
PPA: Postgresql 10.23-6.pgdg22.04+1

Changelog

Version: 10.23-0ubuntu0.18.04.2 2023-05-26 17:06:56 UTC

  postgresql-10 (10.23-0ubuntu0.18.04.2) bionic-security; urgency=medium

  * SECURITY UPDATE: CREATE SCHEMA ... schema_element defeats protective
    search_path changes
    - debian/patches/CVE-2023-2454-1.patch: replace last
      PushOverrideSearchPath() call with set_config_option() in
      src/backend/catalog/namespace.c, src/backend/commands/schemacmds.c,
      src/test/regress/expected/namespace.out,
      src/test/regress/sql/namespace.sql.
    - debian/patches/CVE-2023-2454-2.patch: adjust sepgsql expected output
      for 681d9e462 et al in contrib/sepgsql/expected/ddl.out.
    - CVE-2023-2454
  * SECURITY UPDATE: Row security policies disregard user ID changes after
    inlining
    - debian/patches/CVE-2023-2455.patch: handle RLS dependencies in
      inlined set-returning functions properly in
      src/backend/optimizer/util/clauses.c,
      src/test/regress/expected/rowsecurity.out,
      src/test/regress/sql/rowsecurity.sql.
    - CVE-2023-2455

 -- Marc Deslauriers <email address hidden> Tue, 23 May 2023 11:07:52 -0400

Source diff to previous version
CVE-2023-2454 CREATE SCHEMA ... schema_element defeats protective search_path changes
CVE-2023-2455 Row security policies disregard user ID changes after inlining

Version: 10.23-0ubuntu0.18.04.1 2023-01-11 00:06:52 UTC

  postgresql-10 (10.23-0ubuntu0.18.04.1) bionic; urgency=medium

  * New upstream version (LP: #1996770).

    + A dump/restore is not required for those running 10.X.

    + Also, if you are upgrading from a version earlier than 10.19, see
      those release notes as well please.

    + Disallow rules named _RETURN that are not ON SELECT rules (Tom Lane).

    + Fix use-after-free hazard in string comparisons. (Tom Lane)

    + Details about these and many further changes can be found at:
      https://www.postgresql.org/docs/10/release-10-23.html

 -- Sergio Durigan Junior <email address hidden> Thu, 17 Nov 2022 16:39:57 -0500

Source diff to previous version
1996770 New upstream microreleases 10.23, 12.13 and 14.6

Version: 10.22-0ubuntu0.18.04.1 2022-08-18 20:07:05 UTC

  postgresql-10 (10.22-0ubuntu0.18.04.1) bionic-security; urgency=medium

  * New upstream version (LP: #1984012).

    + A dump/restore is not required for those running 10.X.

    + Also, if you are upgrading from a version earlier than 10.19, see
      those release notes as well please.

    + Do not let extension scripts replace objects not already belonging
      to the extension (Tom Lane).
      (CVE-2022-2625)

    + Fix permissions checks in CREATE INDEX (Nathan Bossart,
      Noah Misch).

    + Details about these and many further changes can be found at:
      https://www.postgresql.org/docs/10/release-10-22.html

 -- Athos Ribeiro <email address hidden> Thu, 11 Aug 2022 16:54:48 -0300

Source diff to previous version
1984012 New upstream microreleases 10.22, 12.12 and 14.5
CVE-2022-2625 extension scripts replace objects not owned by the extension

Version: 10.21-0ubuntu0.18.04.1 2022-05-24 15:06:23 UTC

  postgresql-10 (10.21-0ubuntu0.18.04.1) bionic-security; urgency=medium

  * New upstream version (LP: #1973627).

    + A dump/restore is not required for those running 10.X.

    + However, if you are upgrading from a version earlier than 10.19, see
      those release notes as well please.

    + Confine additional operations within "security restricted operation"
      sandboxes (Sergey Shinderuk, Noah Misch).

      Autovacuum, CLUSTER, CREATE INDEX, REINDEX, REFRESH MATERIALIZED VIEW,
      and pg_amcheck activated the "security restricted operation" protection
      mechanism too late, or even not at all in some code paths. A user having
      permission to create non-temporary objects within a database could
      define an object that would execute arbitrary SQL code with superuser
      permissions the next time that autovacuum processed the object, or that
      some superuser ran one of the affected commands against it.

      The PostgreSQL Project thanks Alexander Lakhin for reporting this
      problem.
      (CVE-2022-1552)

    + Details about these and many further changes can be found at:
      https://www.postgresql.org/docs/10/release-10-21.html

 -- Sergio Durigan Junior <email address hidden> Tue, 17 May 2022 21:58:23 -0400

Source diff to previous version
1973627 New upstream microreleases 10.21, 12.11, 13.7 and 14.3

Version: 10.20-0ubuntu0.18.04.1 2022-05-11 23:06:18 UTC

  postgresql-10 (10.20-0ubuntu0.18.04.1) bionic; urgency=medium

  * New upstream version (LP: #1961127).

    + A dump/restore is not required for those running 10.X.

    + However, if you are upgrading from a version earlier than 10.19, see
      those release notes as well please.

    + The PostgreSQL community will stop releasing updates for the 10.X
      release series in November 2022. After this date, there will be no
      further minor release updates, but Ubuntu will continue to backport
      important fixes as needed.

    + Details about these and many further changes can be found at:
      https://www.postgresql.org/docs/10/release-10-20.html

 -- Athos Ribeiro <email address hidden> Mon, 14 Feb 2022 10:28:53 -0300

1961127 New upstream microreleases 10.20, 12.10, 13.6 and 14.2



About   -   Send Feedback to @ubuntu_updates