postgresql-14 (14.2-1ubuntu1) jammy; urgency=medium

  * d/p/llvm14-support.patch: fix FTBFS with llvm-14 (LP: #1966319)

 -- Andreas Hasenack <andreas@canonical.com>  Fri, 25 Mar 2022 11:34:41 -0300

postgresql-14 (14.2-1) unstable; urgency=medium

  * New upstream release.

 -- Christoph Berg <myon@debian.org>  Wed, 09 Feb 2022 10:39:43 +0100

postgresql-14 (14.1-5) unstable; urgency=medium

  * Provide postgresql-14-jit-llvm (= ${llvm:Version}) so extensions can
    depend on a matching llvm version.

 -- Christoph Berg <myon@debian.org>  Mon, 03 Jan 2022 16:08:18 +0100

postgresql-14 (14.1-4) unstable; urgency=medium

  [ Christoph Berg ]
  * Disable LLVM JIT on s390x for now. (See #1002029)

  [ Christian Ehrhardt ]
  * postgresql-common/server/postgresql.mk: avoid gcc 11 ICE on armhf and
    armel.

 -- Christoph Berg <myon@debian.org>  Mon, 20 Dec 2021 18:21:21 +0100

postgresql-14 (14.1-3) unstable; urgency=medium

  * Use system default clang/llvm version. (Closes: #1000915)
  * Use centralized debian/rules logic in postgresql-common.

 -- Christoph Berg <myon@debian.org>  Fri, 03 Dec 2021 09:56:49 +0100

postgresql-14 (14.1-2) unstable; urgency=medium

  * Enable outline-atomics on arm64 (affects Ubuntu focal only).

 -- Christoph Berg <myon@debian.org>  Tue, 16 Nov 2021 11:56:37 +0100

postgresql-14 (14.1-1) unstable; urgency=medium

  * New upstream release.

    + Make the server and libpq reject extraneous data after an SSL or GSS
      encryption handshake (Tom Lane)

      A man-in-the-middle with the ability to inject data into the TCP
      connection could stuff some cleartext data into the start of a
      supposedly encryption-protected database session.

      This could be abused to send faked SQL commands to the server, although
      that would only work if the server did not demand any authentication
      data.  (However, a server relying on SSL certificate authentication
      might well not do so.) (CVE-2021-23214)

      This could probably be abused to inject faked responses to the client's
      first few queries, although other details of libpq's behavior make that
      harder than it sounds.  A different line of attack is to exfiltrate the
      client's password, or other sensitive data that might be sent early in
      the session.  That has been shown to be possible with a server
      vulnerable to CVE-2021-23214. (CVE-2021-23222)

      The PostgreSQL Project thanks Jacob Champion for reporting these
      problems.

  * libpq-dev: Depend on libssl-dev, `pkg-config --exists libpq` requires it.

 -- Christoph Berg <myon@debian.org>  Fri, 05 Nov 2021 12:05:46 +0100

postgresql-14 (14.0-1) unstable; urgency=medium

  * First PG14 release.
  * Depend on postgresql-common 229 for scram-sha-256 authentication by
    default.

 -- Christoph Berg <myon@debian.org>  Tue, 28 Sep 2021 13:56:00 +0200

postgresql-14 (14~rc1-1) experimental; urgency=medium

  * First PG14 release candidate.
  * Enable spinlocks on riscv64.
  * Fix awk to be mawk, spotted by Yangfl. (Closes: #987786)
  * configure.ac: Remove check for autoconf 2.69.
  * Spanish debconf translation by Jonathan Bustillos, thanks!
    (Closes: #986775)
  * Flatten debian/*.lintian-overrides symlinks.

 -- Christoph Berg <myon@debian.org>  Thu, 23 Sep 2021 12:39:42 +0200

postgresql-14 (14~beta3-1) experimental; urgency=medium

  * New beta version.
  * libpq5.symbols: Add PQsendFlushRequest.

 -- Christoph Berg <myon@debian.org>  Tue, 10 Aug 2021 13:11:12 +0200

postgresql-14 (14~beta2-1) experimental; urgency=medium

  * New beta version.
  * libpq5.symbols: Add PQmblenBounded, PQsetTraceFlags, remove PQtraceSetFlags.
  * debian/tests/installcheck: Use --make-testtablespace-dir.

 -- Christoph Berg <myon@debian.org>  Wed, 23 Jun 2021 11:03:06 +0200

postgresql-14 (14~beta1-1) experimental; urgency=medium

  * New major upstream version 14; packaging based on postgresql-13.

 -- Christoph Berg <myon@debian.org>  Tue, 18 May 2021 13:40:56 +0200
