| From: | Christoph Berg <myon(at)debian(dot)org> |
|---|---|
| To: | Debian Security Team <team(at)security(dot)debian(dot)org> |
| Cc: | PostgreSQL in Debian <pgsql-pkg-debian(at)lists(dot)postgresql(dot)org> |
| Subject: | PostgreSQL security updates are re-wrapped |
| Date: | 2024-11-16 18:37:17 |
| Message-ID: | ZzjmXdnFvda7jt_K@msg.df7cb.de |
| Views: | Whole Thread | Raw Message | Download mbox | Resend email |
| Thread: | |
| Lists: | pgsql-pkg-debian |
(I replied to the wrong old mail, the issue is in the current minor
releases, released 2024-11-14.)
Re: To Debian Security Team
> Re: Moritz Mühlenhoff
> > DSAs have been released, thanks!
>
> Unfortunately there is an ABI change in the last minors that has
> greater impact than originally planned.
>
> The effect is that some extensions need recompilation against the new
> version (after which they will no longer work with the old version).
> In Debian, timescaledb and, to a lesser extend, postgresql-16-age are
> affected, but both are only part of testing, not stable.
>
> (See https://qa.debian.org/excuses.php?package=postgresql-17 where the
> timescaledb problem shows up as regression.)
>
> A new round of releases is planned for next week to revert that part.
>
> Since we can't tell what 3rd-party extensions people are using with
> the Debian packages it would be prudent to release that update as a
> DSA update.
>
> PostgreSQL is well aware that problems like that shouldn't happen and
> the already existing ABI checking will be done even stricter in the
> future, both manually and automated.
>
> Sorry for the trouble,
> Christoph
Christoph
| From | Date | Subject | |
|---|---|---|---|
| Next Message | Moritz Mühlenhoff | 2024-11-16 20:11:28 | Re: PostgreSQL CVE-2024-7348 today |
| Previous Message | Christoph Berg | 2024-11-16 18:35:20 | Re: PostgreSQL CVE-2024-7348 today |