postgresql-17 (17.7-0+deb13u1) [PTS] [DDPO]

NEW: VCS has unreleased changes: 17.7-3 > 17.7-0+deb13u1

Git: https://salsa.debian.org/postgresql/postgresql.git -b 17
JSON
Enter a full Vcs-* header, supported schemes are: Vcs-Bzr, Vcs-Cvs, Vcs-Darcs, Vcs-Git, Vcs-Hg, Vcs-Mtn, Vcs-Svn.
For Vcs-Git append -b branch to select the branch name; append [subdir] if the debian/ directory is not in the repository root.
The next upload will reset the information from the source package headers.
Branch: 17
Path: debian/changelog
Repo size: 6119424
Browser: https://salsa.debian.org/postgresql/postgresql
Last scan: 2026-01-10 15:01:33+00
Next scan: 2026-01-16 17:21:00+00
Open issues: 3
CI pipeline status: failed

Debian changelog in Git:

postgresql-17 (17.7-3) unstable; urgency=medium

  * New upstream version 17.7.

    + Check for CREATE privileges on the schema in CREATE STATISTICS
      (Jelte Fennema-Nio)

      This omission allowed table owners to create statistics in any schema,
      potentially leading to unexpected naming conflicts.

      The PostgreSQL Project thanks Jelte Fennema-Nio for reporting this
      problem. (CVE-2025-12817)

    + Avoid integer overflow in allocation-size calculations within libpq
      (Jacob Champion)

      Several places in libpq were not sufficiently careful about computing
      the required size of a memory allocation.  Sufficiently large inputs
      could cause integer overflow, resulting in an undersized buffer, which
      would then lead to writing past the end of the buffer.

      The PostgreSQL Project thanks Aleksey Solovev of Positive Technologies
      for reporting this problem. (CVE-2025-12818)

 -- Christoph Berg <myon@debian.org>  Tue, 11 Nov 2025 13:19:59 +0100

This branch is 1 commit ahead of tag debian/17.7-3

Git log:

commit 826b7348a36a44069a21980a87b35426a3c64e62
Author: Christoph Berg <myon@debian.org>
Date:   Tue Nov 18 16:16:16 2025 +0100

    Test-Depend on postgresql-common-dev.