-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA512

Format: 1.8
Date: Sun, 10 May 2026 11:44:27 +0200
Source: pgbouncer
Binary: pgbouncer pgbouncer-dbgsym
Architecture: s390x
Version: 1.24.1-1+deb13u2
Distribution: trixie
Urgency: medium
Maintainer: s390x Build Daemon (zandonai) <buildd_s390x-zandonai@buildd.debian.org>
Changed-By: Christoph Berg <myon@debian.org>
Description:
 pgbouncer  - lightweight connection pooler for PostgreSQL
Changes:
 pgbouncer (1.24.1-1+deb13u2) trixie; urgency=medium
 .
   * Security update.
       * Fix CVE-2026-6664: An integer overflow in network packet parsing code
         in PgBouncer before 1.25.2 bypasses a boundary check and can lead to a
         crash. An unauthenticated remote attacker can crash PgBouncer with a
         malformed SCRAM authentication packet.
       * Fix CVE-2026-6665: The SCRAM code in PgBouncer before 1.25.2 did not
         check the return value of strlcat() correctly when building the
         contents of the SCRAM client-final-message. A malicious backend that
         sends a SCRAM server-final-message with a long nonce can trigger a
         stack overflow.
       * Fix CVE-2026-6666: A possible null pointer reference in PgBouncer
         before 1.25.2 could lead to a crash, if a server sends an error
         response without SQLSTATE field.
       * Fix CVE-2026-6667: PgBouncer before 1.25.2 did not perform an
         appropriate authorization check for the KILL_CLIENT admin command. All
         users with access to the administration console (which itself requires
         authorization) could run this command. It would have been correct to
         allow only users listed in the admin_users parameter.
Checksums-Sha1:
 8b40899679d257b73d71e8f2e892102cda359a71 580724 pgbouncer-dbgsym_1.24.1-1+deb13u2_s390x.deb
 b55baa2e38b1880221777b0c38e0b3241b628391 8698 pgbouncer_1.24.1-1+deb13u2_s390x-buildd.buildinfo
 926cd44b8385ad58fd25e5f9fee01946192330b4 243672 pgbouncer_1.24.1-1+deb13u2_s390x.deb
Checksums-Sha256:
 86529734f402aa49694d2ee1a447b2e9b725754acf883c506855c66f4c7bccbd 580724 pgbouncer-dbgsym_1.24.1-1+deb13u2_s390x.deb
 be9aeced5ed74321208ada276aab6b5a647f1c1591028b45df8f9ac55b4edf4d 8698 pgbouncer_1.24.1-1+deb13u2_s390x-buildd.buildinfo
 54884d431ce4fd1bc16ceced5642ee5f78b21551b2537c13f49c406aa72eee3d 243672 pgbouncer_1.24.1-1+deb13u2_s390x.deb
Files:
 1a75eaa4b88314b9e46b8e8cbb004f44 580724 debug optional pgbouncer-dbgsym_1.24.1-1+deb13u2_s390x.deb
 310b62ad45de531af1122d174c565329 8698 database optional pgbouncer_1.24.1-1+deb13u2_s390x-buildd.buildinfo
 764ccf4b6f790ebda4cac5de8f167f5b 243672 database optional pgbouncer_1.24.1-1+deb13u2_s390x.deb

-----BEGIN PGP SIGNATURE-----

iQIzBAEBCgAdFiEENly2ANlpa4eeqnluvVOPI7pYNpgFAmoAvKwACgkQvVOPI7pY
Nphw8A//bIa/1F9V3I13CJ6e370YUDJIjIvx3bR95VHiUubBm59sAQqpQwwhLShC
eNizgysRsKQdnFdJcMX84tbql6/yNBd3+7oSQR/nKy6BBBefk0TsnOvK8AgEaupf
w02ox2WE0HuRGTbDyjEiGo1hKCnIm6AUxQSFiQic47swpqHWrCgsdP7ald2mlKZv
wVeW9Xw+8yf/S2srKQTkVSKL0QixWdrJ04gG9oaHrMCbERUlT5tX3z2+hKWtTps8
ZRpFud4BoO7Du3cFRRFiFYvYJCormx1LLS+zgUVc5jmMGTl6NklCSb8moV2UY2E7
7wsCs2uIKBTMn5yn0rHV1mTfXaHqbyLRKz8aA7+yz/6izKYVH6DsnNiOfRxmVODi
tIEXhC1iJh/D3YTuALHJBpi1tN3wZ+m8Gi/xZuH8p/gmbK/Gg2x/S0hpXfMnoiSA
3lNefyoCtL6zFFgrQ/HlfE2uJkxxeb9apVcwA9Jz8IRq0RSKSkZ/xJPj2sPscPEo
l37hTswGh0kX3PBMBCkxZ9qPORSZjJ87QHdAOPLI49e8wZlXjNjAfxA7OiAxBSnJ
e0uYotzhMjfpmv9rnzXjZqs+18q9FYGoNuzfrjB8lKcyy4rEzssyg9DIKe7RWkcH
ZGHsxq66dRrpqjeq9Ob7/UdTBPlNNbqUXCWF4e0YRWJ1nU+J+hs=
=gCXJ
-----END PGP SIGNATURE-----