-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA512

Format: 1.8
Date: Sat, 20 Dec 2025 12:57:12 +0100
Source: pgbouncer
Binary: pgbouncer pgbouncer-dbgsym
Architecture: s390x
Version: 1.18.0-1+deb12u1
Distribution: bookworm
Urgency: medium
Maintainer: s390x Build Daemon (zani) <buildd_s390x-zani@buildd.debian.org>
Changed-By: Andreas Henriksson <andreas@fatal.se>
Description:
 pgbouncer  - lightweight connection pooler for PostgreSQL
Closes: 1103394
Changes:
 pgbouncer (1.18.0-1+deb12u1) bookworm; urgency=medium
 .
   * Non-maintainer upload by the LTS Security Team.
   * CVE-2025-2291: expired password can be used.
     Password can be used past expiry in PgBouncer due to auth_query not
     taking into account Postgres its VALID UNTIL value, which allows an
     attacker to log in with an already expired password (Closes: #1103394)
   * CVE-2025-12819: execute arbitrary SQL during authentication.
     Untrusted search path in auth_query connection handler in PgBouncer
     before 1.25.1 allows an unauthenticated attacker to execute arbitrary
     SQL during authentication via a malicious search_path parameter in the
     StartupMessage.
Checksums-Sha1:
 7fa41b10c3d0b5b15baee063ad8ba101d9f809a4 485060 pgbouncer-dbgsym_1.18.0-1+deb12u1_s390x.deb
 0613dbcce7b0b7bd15d022a33ee30824f2db54da 8204 pgbouncer_1.18.0-1+deb12u1_s390x-buildd.buildinfo
 bf5a28c954ced989cf37e0c21f2bd2e0c9671704 196644 pgbouncer_1.18.0-1+deb12u1_s390x.deb
Checksums-Sha256:
 0c608d0af9ce4977cfa4605d25ccc9faec83d851f72f6a805404a778e5ce5a8b 485060 pgbouncer-dbgsym_1.18.0-1+deb12u1_s390x.deb
 c871969dec885fea8acbbfe2ac92f4b740dc292fb5a7c38f535ec3451118028a 8204 pgbouncer_1.18.0-1+deb12u1_s390x-buildd.buildinfo
 5ed09ac4f996f77d063b23ddb39dafd0a2c534cf138af4687e6971d3348566e0 196644 pgbouncer_1.18.0-1+deb12u1_s390x.deb
Files:
 1b245dc76ab37829b58125a971d304da 485060 debug optional pgbouncer-dbgsym_1.18.0-1+deb12u1_s390x.deb
 c3bb0ab923f4df96ed6b83f197478f83 8204 database optional pgbouncer_1.18.0-1+deb12u1_s390x-buildd.buildinfo
 dedfa3df70cc9278242ae1adac901359 196644 database optional pgbouncer_1.18.0-1+deb12u1_s390x.deb

-----BEGIN PGP SIGNATURE-----

iQIzBAEBCgAdFiEEgh4msZ+e2PZfd5KckaCrxAR3BY0FAmlW8jMACgkQkaCrxAR3
BY0KhxAA2jrLnkPUfoSaJN0sPz2/pCNUmrQqX4LgsG7sjBWk/ySz1a48dT1KFmTy
W+aewAba1H40ZNVDPRzhp4+yhhPYN58awTGzlBa79WWS5DUMQ4DwHhbtTWaD4bYS
pSH8kITmSUgOVJCtdvdZGz41eWlHy/27tTVu6yhCMh+sPIi5Wb9mJreN8fB63qNI
SGVzkRuAMKplVSgbVZMuBnyaK1D3kz5+zcSAffn2zQl58CkiCHCuAjCZcey/rkBZ
p9+S93YvY1vPva3NMNmTwtCDeRnq7C/3ngjCMFH3Zo0SNWJ97shuyNWQMH/u0l1d
tqwxgVsgivkWy58U4+lQK9Pu/nccWDo5kx/AbPMEhFo70FLgIcy6+iTRCi5joZqN
CWgrdts0tqHx/m5IdCxqVj5uU5bDRqdrzj2UNBILZ93Rij/rDRaSY4lrFI1DDi/u
zTqMDZD6unkkjcEpynhcM/VtaAIPAK/iFJI7lTvT6Xj6pi7eMv0u0hA7NYDsltVJ
aggfY6om2eY4XEKTRhmR5z28IQg4F39lUiaUoVZmWzj/oeiC8XbZiRdMxfYl2kBS
2uqJ5oJ71BcNaGB3RaSSsRSiEomyFpV+mYpRvm2OF7K6oqLNHsiRoAR6PkfsUdAB
9XVkauyIgsmkqW3PEu+l/Kn1p0tdvdLJdwV1HPM/9o2FVi+8f+Q=
=dRTh
-----END PGP SIGNATURE-----