-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA512

Format: 1.8
Date: Thu, 25 Dec 2025 19:08:36 +0100
Source: postgresql-15
Architecture: source
Version: 15.15-0+deb12u1
Distribution: bookworm
Urgency: medium
Maintainer: Debian PostgreSQL Maintainers <team+postgresql@tracker.debian.org>
Changed-By: Christoph Berg <myon@debian.org>
Changes:
 postgresql-15 (15.15-0+deb12u1) bookworm; urgency=medium
 .
   * New upstream version 15.15.
 .
     + Check for CREATE privileges on the schema in CREATE STATISTICS
       (Jelte Fennema-Nio)
 .
       This omission allowed table owners to create statistics in any schema,
       potentially leading to unexpected naming conflicts.
 .
       The PostgreSQL Project thanks Jelte Fennema-Nio for reporting this
       problem. (CVE-2025-12817)
 .
     + Avoid integer overflow in allocation-size calculations within libpq
       (Jacob Champion)
 .
       Several places in libpq were not sufficiently careful about computing
       the required size of a memory allocation.  Sufficiently large inputs
       could cause integer overflow, resulting in an undersized buffer, which
       would then lead to writing past the end of the buffer.
 .
       The PostgreSQL Project thanks Aleksey Solovev of Positive Technologies
       for reporting this problem. (CVE-2025-12818)
Checksums-Sha1:
 3fcc0fe06ed3b393f168ea2fb8b7c490fe9a80ae 3926 postgresql-15_15.15-0+deb12u1.dsc
 8833e4dd4ff75186451415bf61cd5f1d60078d50 23246368 postgresql-15_15.15.orig.tar.bz2
 c207d10af2517b31b6b3ff822afc3816bfb5641f 29532 postgresql-15_15.15-0+deb12u1.debian.tar.xz
Checksums-Sha256:
 c9ead6801944f2715b561b88df836535cc90c93f1a00f6616f8df6a298543120 3926 postgresql-15_15.15-0+deb12u1.dsc
 5753aaeb8b09cbf61016f78aa69bf5cbdf01b43263f010cbf168c82896213aaa 23246368 postgresql-15_15.15.orig.tar.bz2
 83751a83673b099d333f287860b83f75e12114d92010d8d3d43affdf9268ac80 29532 postgresql-15_15.15-0+deb12u1.debian.tar.xz
Files:
 59ced5828fe2453f48fbf953b4268232 3926 database optional postgresql-15_15.15-0+deb12u1.dsc
 75fc7269cee615dc35c3558264b4733b 23246368 database optional postgresql-15_15.15.orig.tar.bz2
 20e80e8df79f3c338f884800524efcf7 29532 database optional postgresql-15_15.15-0+deb12u1.debian.tar.xz

-----BEGIN PGP SIGNATURE-----

iQIzBAEBCgAdFiEEXEj+YVf0kXlZcIfGTFprqxLSp64FAmlNfg4ACgkQTFprqxLS
p66k4Q/+Mrybn6SDZNO65M8y+OrNgGnS1MP6t8+T6gttSd4oE+ESdLdWhXhiMMTU
RoQqJUqRRDW/WvYz+cp0cSowfkApmCz6ceAqgGB04BFZ2gR9qfuLN49XyRiCOLF/
4cFJFGmbjTk/XuGeQ4gPLAeLahYC9IBQgGm5rDr2PAeGXFkEAa6XWoDRutOueaO1
giSq8PfG1KKZrmR9XulVlo2UC5trI/O6i6z2yjOYt9UyfCY4BpaBKRWyDTOlT4GP
yL711DA77Gv/VR6sfiVOql8DBD4BIXA4YwxLtNwXncrrx5ucZaqwXSnEMPtr64EZ
H1VmSVV/UlXgqc+tdWJ0HuxubhWm/PYr8EQSOno/MJYKz/XR1nQboRdKzYnTK94r
I2EFaXbaJLrNuCDghuIk5NWGBaA4JAOL+MC7OJok1ASTae2uJMtL47h55HyfIQYj
gVE44J9Jdzb/8OZVAVRc48eIDoQdMEDqxKmvKaO4hJHHbgo/WI3heNaHtuIai/zm
wE4NPbb4rJT3FqdwPmVV8eouGbZp/Zf5AMXBpaYbi9NdTdEvF2aNU5xp4bxq2tPi
5CHKymruuKrxIJ0EcHiGblUFgCbB6CrkQjr2eXmoH46dSny731YjTBRr8NCJ36/Q
sLZ+8YIrX04hcp8OqlXVt6UIqGjj+282XNcvsPAHXx84Ea+8YU0=
=pzL4
-----END PGP SIGNATURE-----