Package "postgresql-plpython3-17"

  postgresql-17 (17.9-0ubuntu0.25.10.1) questing-security; urgency=medium

  * New upstream version (LP: #2127668).

    + This release encompasses changes from upstream's 17.8 and 17.9
      releases. The former contains fixes for 4 CVEs (among other things), and
      the latter was a hotfix for regressions introcuced in 17.8.

    + A dump/restore is not required for those running 17.X.

    + However, if you are upgrading from a version earlier than 17.6, see
      those release notes as well please.

    + Guard against unexpected dimensions of oidvector/int2vector (Tom Lane)

      These data types are expected to be 1-dimensional arrays containing no
      nulls, but there are cast pathways that permit violating those
      expectations. Add checks to some functions that were depending on those
      expectations without verifying them, and could misbehave in consequence.
      (CVE-2026-2003)

    + Harden selectivity estimators against being attached to operators that
      accept unexpected data types (Tom Lane)

      contrib/intarray contained a selectivity estimation function that could
      be abused for arbitrary code execution, because it did not check that
      its input was of the expected data type. Third-party extensions should
      check for similar hazards and add defenses using the technique intarray
      now uses. Since such extension fixes will take time, we now require
      superuser privilege to attach a non-built-in selectivity estimator to an
      operator. (CVE-2026-2004)

    + Fix buffer overrun in contrib/pgcrypto's PGP decryption functions
      (Michael Paquier)

      Decrypting a crafted message with an overlength session key caused a
      buffer overrun, with consequences as bad as arbitrary code execution.
      (CVE-2026-2005)

    + Fix inadequate validation of multibyte character lengths (Thomas Munro,
      Noah Misch)

      Assorted bugs allowed an attacker able to issue crafted SQL to overrun
      string buffers, with consequences as bad as arbitrary code execution.
      After these fixes, applications may observe “invalid byte sequence for
      encoding” errors when string functions process invalid text that has
      been stored in the database. (CVE-2026-2006)

    + Details about these and many further changes can be found at:
      https://www.postgresql.org/docs/17/release-17-8.html and
      https://www.postgresql.org/docs/17/release-17-9.html.

  * d/postgresql-17.NEWS: Update.

 -- Athos Ribeiro <email address hidden> Wed, 25 Feb 2026 11:11:37 -0300

  postgresql-17 (17.7-0ubuntu0.25.10.1) questing-security; urgency=medium

  * New upstream version (LP: #2127667).

    + A dump/restore is not required for those running 17.X.

    + However, if you are upgrading from a version earlier than 17.6, see
      those release notes as well please.

    + Check for CREATE privileges on the schema in CREATE STATISTICS (Jelte
      Fennema-Nio)

      This omission allowed table owners to create statistics in any schema,
      potentially leading to unexpected naming conflicts. (CVE-2025-12817)

    + Avoid integer overflow in allocation-size calculations within libpq
      (Jacob Champion)

      Several places in libpq were not sufficiently careful about computing
      the required size of a memory allocation. Sufficiently large inputs
      could cause integer overflow, resulting in an undersized buffer, which
      would then lead to writing past the end of the buffer. (CVE-2025-12818)

    + Details about these and many further changes can be found at:
      https://www.postgresql.org/docs/17/release-17-7.html.

  * d/postgresql-17.NEWS: Create NEWS file.

 -- Athos Ribeiro <email address hidden> Wed, 19 Nov 2025 10:23:51 -0300