The only change in the current delta is debian/patches/llvm14-support.patch, which is included in the new release (14.3) and is available in the new Debian package (https://github.com/postgres/postgres/commit/d9f7ad54e552262ee0090e88d5abd3e04fcdeac8)
Therefore, this can be a sync. ** Description changed: - Upstream: tbd - Debian: 14.2-1 - Ubuntu: 14.2-1ubuntu1 + Upstream: 14.3 + Debian: 14.3-1 + Ubuntu: 14.2-1ubuntu2 Debian typically updates postgresql-14 every 1 months on average, but it was last updated 22.02 and looks overdue. Check back in on this monthly. - ### New Debian Changes ### postgresql-14 (14.2-1) unstable; urgency=medium - * New upstream release. + * New upstream release. - -- Christoph Berg <[email protected]> Wed, 09 Feb 2022 10:39:43 +0100 + -- Christoph Berg <[email protected]> Wed, 09 Feb 2022 10:39:43 +0100 postgresql-14 (14.1-5) unstable; urgency=medium - * Provide postgresql-14-jit-llvm (= ${llvm:Version}) so extensions can - depend on a matching llvm version. + * Provide postgresql-14-jit-llvm (= ${llvm:Version}) so extensions can + depend on a matching llvm version. - -- Christoph Berg <[email protected]> Mon, 03 Jan 2022 16:08:18 +0100 + -- Christoph Berg <[email protected]> Mon, 03 Jan 2022 16:08:18 +0100 postgresql-14 (14.1-4) unstable; urgency=medium - [ Christoph Berg ] - * Disable LLVM JIT on s390x for now. (See #1002029) + [ Christoph Berg ] + * Disable LLVM JIT on s390x for now. (See #1002029) - [ Christian Ehrhardt ] - * postgresql-common/server/postgresql.mk: avoid gcc 11 ICE on armhf and - armel. + [ Christian Ehrhardt ] + * postgresql-common/server/postgresql.mk: avoid gcc 11 ICE on armhf and + armel. - -- Christoph Berg <[email protected]> Mon, 20 Dec 2021 18:21:21 +0100 + -- Christoph Berg <[email protected]> Mon, 20 Dec 2021 18:21:21 +0100 postgresql-14 (14.1-3) unstable; urgency=medium - * Use system default clang/llvm version. (Closes: #1000915) - * Use centralized debian/rules logic in postgresql-common. + * Use system default clang/llvm version. (Closes: #1000915) + * Use centralized debian/rules logic in postgresql-common. - -- Christoph Berg <[email protected]> Fri, 03 Dec 2021 09:56:49 +0100 + -- Christoph Berg <[email protected]> Fri, 03 Dec 2021 09:56:49 +0100 postgresql-14 (14.1-2) unstable; urgency=medium - * Enable outline-atomics on arm64 (affects Ubuntu focal only). + * Enable outline-atomics on arm64 (affects Ubuntu focal only). - -- Christoph Berg <[email protected]> Tue, 16 Nov 2021 11:56:37 +0100 + -- Christoph Berg <[email protected]> Tue, 16 Nov 2021 11:56:37 +0100 postgresql-14 (14.1-1) unstable; urgency=medium - * New upstream release. + * New upstream release. - + Make the server and libpq reject extraneous data after an SSL or GSS - encryption handshake (Tom Lane) + + Make the server and libpq reject extraneous data after an SSL or GSS + encryption handshake (Tom Lane) - A man-in-the-middle with the ability to inject data into the TCP - connection could stuff some cleartext data into the start of a - supposedly encryption-protected database session. + A man-in-the-middle with the ability to inject data into the TCP + connection could stuff some cleartext data into the start of a + supposedly encryption-protected database session. - This could be abused to send faked SQL commands to the server, although - that would only work if the server did not demand any authentication - data. (However, a server relying on SSL certificate authentication - might well not do so.) (CVE-2021-23214) + This could be abused to send faked SQL commands to the server, although + that would only work if the server did not demand any authentication + data. (However, a server relying on SSL certificate authentication + might well not do so.) (CVE-2021-23214) - This could probably be abused to inject faked responses to the client's - first few queries, although other details of libpq's behavior make that - harder than it sounds. A different line of attack is to exfiltrate the - client's password, or other sensitive data that might be sent early in - the session. That has been shown to be possible with a server - vulnerable to CVE-2021-23214. (CVE-2021-23222) + This could probably be abused to inject faked responses to the client's + first few queries, although other details of libpq's behavior make that + harder than it sounds. A different line of attack is to exfiltrate the + client's password, or other sensitive data that might be sent early in + the session. That has been shown to be possible with a server + vulnerable to CVE-2021-23214. (CVE-2021-23222) - The PostgreSQL Project thanks Jacob Champion for reporting these - problems. + The PostgreSQL Project thanks Jacob Champion for reporting these + problems. - * libpq-dev: Depend on libssl-dev, `pkg-config --exists libpq` + * libpq-dev: Depend on libssl-dev, `pkg-config --exists libpq` requires it. - -- Christoph Berg <[email protected]> Fri, 05 Nov 2021 12:05:46 +0100 + -- Christoph Berg <[email protected]> Fri, 05 Nov 2021 12:05:46 +0100 postgresql-14 (14.0-1) unstable; urgency=medium - * First PG14 release. - * Depend on postgresql-common 229 for scram-sha-256 authentication by - default. + * First PG14 release. + * Depend on postgresql-common 229 for scram-sha-256 authentication by + default. - -- Christoph Berg <[email protected]> Tue, 28 Sep 2021 13:56:00 +0200 + -- Christoph Berg <[email protected]> Tue, 28 Sep 2021 13:56:00 +0200 postgresql-14 (14~rc1-1) experimental; urgency=medium - * First PG14 release candidate. - * Enable spinlocks on riscv64. - * Fix awk to be mawk, spotted by Yangfl. (Closes: #987786) - * configure.ac: Remove check for autoconf 2.69. - * Spanish debconf translation by Jonathan Bustillos, thanks! - (Closes: #986775) - * Flatten debian/*.lintian-overrides symlinks. + * First PG14 release candidate. + * Enable spinlocks on riscv64. + * Fix awk to be mawk, spotted by Yangfl. (Closes: #987786) + * configure.ac: Remove check for autoconf 2.69. + * Spanish debconf translation by Jonathan Bustillos, thanks! + (Closes: #986775) + * Flatten debian/*.lintian-overrides symlinks. - -- Christoph Berg <[email protected]> Thu, 23 Sep 2021 12:39:42 +0200 + -- Christoph Berg <[email protected]> Thu, 23 Sep 2021 12:39:42 +0200 postgresql-14 (14~beta3-1) experimental; urgency=medium - * New beta version. - * libpq5.symbols: Add PQsendFlushRequest. + * New beta version. + * libpq5.symbols: Add PQsendFlushRequest. - -- Christoph Berg <[email protected]> Tue, 10 Aug 2021 13:11:12 +0200 + -- Christoph Berg <[email protected]> Tue, 10 Aug 2021 13:11:12 +0200 postgresql-14 (14~beta2-1) experimental; urgency=medium - * New beta version. - * libpq5.symbols: Add PQmblenBounded, PQsetTraceFlags, remove PQtraceSetFlags. - * debian/tests/installcheck: Use --make-testtablespace-dir. - - + * New beta version. + * libpq5.symbols: Add PQmblenBounded, PQsetTraceFlags, remove PQtraceSetFlags. + * debian/tests/installcheck: Use --make-testtablespace-dir. ### Old Ubuntu Delta ### postgresql-14 (14.2-1ubuntu1) jammy; urgency=medium - * d/p/llvm14-support.patch: fix FTBFS with llvm-14 (LP: #1966319) + * d/p/llvm14-support.patch: fix FTBFS with llvm-14 (LP: #1966319) - -- Andreas Hasenack <[email protected]> Fri, 25 Mar 2022 11:34:41 + -- Andreas Hasenack <[email protected]> Fri, 25 Mar 2022 11:34:41 -0300 ** Changed in: postgresql-14 (Ubuntu) Milestone: ubuntu-22.06 => ubuntu-22.05 ** Changed in: postgresql-14 (Ubuntu) Status: Incomplete => In Progress -- You received this bug notification because you are a member of Ubuntu Bugs, which is subscribed to Ubuntu. https://bugs.launchpad.net/bugs/1971313 Title: Merge postgresql-14 from Debian unstable for kinetic To manage notifications about this bug go to: https://bugs.launchpad.net/ubuntu/+source/postgresql-14/+bug/1971313/+subscriptions -- ubuntu-bugs mailing list [email protected] https://lists.ubuntu.com/mailman/listinfo/ubuntu-bugs
