Received: from malur.postgresql.org ([217.196.149.56])
	by arkaria.postgresql.org with esmtps  (TLS1.3) tls
 TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384
	(Exim 4.94.2)
	(envelope-from <pgsql-pkg-debian-owner+archive@lists.postgresql.org>)
	id 1u5Ibl-00FV7y-1y
	for pgsql-pkg-debian@arkaria.postgresql.org; Thu, 17 Apr 2025 06:20:21 +0000
Received: from localhost ([127.0.0.1] helo=malur.postgresql.org)
	by malur.postgresql.org with esmtp (Exim 4.94.2)
	(envelope-from <pgsql-pkg-debian-owner+archive@lists.postgresql.org>)
	id 1u5Ibj-00GLhI-6e
	for pgsql-pkg-debian@arkaria.postgresql.org; Thu, 17 Apr 2025 06:20:20 +0000
Received: from makus.postgresql.org ([2001:4800:3e1:1::229])
	by malur.postgresql.org with esmtps  (TLS1.3) tls
 TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384
	(Exim 4.94.2)
	(envelope-from <bradford.d.boyle@gmail.com>)
	id 1u5Ibi-00GLhA-Vq
	for pgsql-pkg-debian@lists.postgresql.org; Thu, 17 Apr 2025 06:20:19 +0000
Received: from mail-oi1-x22c.google.com ([2607:f8b0:4864:20::22c])
	by makus.postgresql.org with esmtps  (TLS1.3) tls
 TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256
	(Exim 4.96)
	(envelope-from <bradford.d.boyle@gmail.com>)
	id 1u5Ibh-000UrF-1V
	for pgsql-pkg-debian@postgresql.org;
	Thu, 17 Apr 2025 06:20:18 +0000
Received: by mail-oi1-x22c.google.com with SMTP id
 5614622812f47-3fbc00143d6so269089b6e.3
        for <pgsql-pkg-debian@postgresql.org>;
 Wed, 16 Apr 2025 23:20:17 -0700 (PDT)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed;
        d=gmail.com; s=20230601; t=1744870817; x=1745475617;
 darn=postgresql.org;
        h=to:subject:message-id:date:from:mime-version:from:to:cc:subject
         :date:message-id:reply-to;
        bh=anmwfGjc6Ycj2aaGtRERtrhceFxIBmTP9Ib9SVg0Dbw=;
        b=eX2pSXhOIzd6zQ6K1BWKRHpKmC/k5nV06wOEF62BtMZ2YFjccLvVIgryCnIdX2zRrE
         G+SfqxeqEjVWMhcUvmUUyNU71uMCaESs7OBBxT++9khEdbg0O4CxwPTX46vRR4i5ad8u
         qkdzrai+0UXaQQ33o1XzfNGVHpujZeYDjihsCFI5tz/sJVX0K3SxvkoQVOQ+7SHr0oMc
         qJsVd+sPbNe5+CVYGiD8IxwxvP9mjvL4Ia7XPslMaKZu2tjYMcZ5gxUip6jpOnWddGwX
         dE2xovI5hJEB6DCQYq0NvrY7LNnhZ/+XX6nq1DPpwjnq2NX/Dd6Lwv8YPIdIJIIEZKtE
         1RGg==
X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed;
        d=1e100.net; s=20230601; t=1744870817; x=1745475617;
        h=to:subject:message-id:date:from:mime-version:x-gm-message-state
         :from:to:cc:subject:date:message-id:reply-to;
        bh=anmwfGjc6Ycj2aaGtRERtrhceFxIBmTP9Ib9SVg0Dbw=;
        b=LyGWrDdpHsozjviRlnAv2Ri9Nfexd7/OTeQhzZJ2/gLT4Js/CYFyOTjNzQclyuWQ2y
         wBOm+0hamQJXFzdKTn8na0MGQhexJ9Dg82jzq8yNXC9VGVd/u+hSDJDyGiiAihASnGq/
         U4AdXSP1CilNnXH3o2dt4ZKZ0xxbb9jkgSSODQDvecutN0iIcvmfol0Wsa8MEBegCoOR
         41kkaeVG2lhHWr1n2U+t3TCKv6Npk9JZ5CaNvAYFvVUbfM2/VkT6LMB96daWSVVw1Nx1
         fMiUX1iaitdDGTIn+7n69OIAw3JahGvdQP+1eIjkxar0kgfKQjeg6cxI9nhuHwmwGgrU
         qyOQ==
X-Gm-Message-State: AOJu0Yzj4uae8PFMZ6vq1VuM9zPJsLDQyD6BZEazeMIhWWPXxeDzbtUc
	2ztaRdVUEfOLHjXpCqFQOWI4rsHQZWPGRAx3G9PBY/X4ngpOZ6e5PL24zY9Rp67/QIt4I3ZUlNS
	+ibXB/YyycwzTHRa1rJHP9QAWnqMXLIvy
X-Gm-Gg: ASbGncv6bZUwg8kxG2GH932TUjbH52ZqXiGAvbWPOcL9OmBY1V0HOhX5wZqP/H2Jj6a
	CIXDvHPWv7zfzRo2t5j3eZTS54JhBtcwIbnDc7qcXhYD93omQQYHm4xahuWgaDEeawaaIG6hgf3
	qlEoROgHqJQCtMjqmSwg08Sw==
X-Google-Smtp-Source: 
 AGHT+IHmxzcYyevj/yfE/B8ynl+xTGSN/ZLnSAkp14bTis+3DuOvfoSFN2GplXO6pMfwyJ4UyyaRH2HWYorFROOS9uQ=
X-Received: by 2002:a05:6808:1913:b0:3f6:d59b:805f with SMTP id
 5614622812f47-400b022f168mr2929105b6e.28.1744870817326; Wed, 16 Apr 2025
 23:20:17 -0700 (PDT)
MIME-Version: 1.0
From: Bradford Boyle <bradford.d.boyle@gmail.com>
Date: Wed, 16 Apr 2025 23:20:06 -0700
X-Gm-Features: ATxdqUHKB3k0XX1stUXOpJc-HD300ZZ56F6kdGCaWpK2xB3HrkkJfZCnONLnUCU
Message-ID: 
 <CAOMoQbSCFXYXSVpXSUy8Hg2=f9Rc9THpvD1i2HFaynKXQMD1fQ@mail.gmail.com>
Subject: PgBouncer 1.24.1 - New upstream version
To: pgsql-pkg-debian@postgresql.org
Content-Type: text/plain; charset="UTF-8"
List-Id: <pgsql-pkg-debian.lists.postgresql.org>
List-Help: <https://lists.postgresql.org/manage/>
List-Subscribe: <https://lists.postgresql.org/manage/>
List-Post: <mailto:pgsql-pkg-debian@lists.postgresql.org>
List-Owner: <mailto:pgsql-pkg-debian-owner@lists.postgresql.org>
List-Archive: <https://www.postgresql.org/list/pgsql-pkg-debian>
Archived-At: 
 <https://www.postgresql.org/message-id/CAOMoQbSCFXYXSVpXSUy8Hg2%3Df9Rc9THpvD1i2HFaynKXQMD1fQ%40mail.gmail.com>
Precedence: bulk

Hi All,

PgBouncer 1.24.1 was just released and it contains a security fix for
CVE-2025-2291 [0],[1]. I've updated the Debian package with this new
version. The pytest suite is failing on jengus for oracular and plucky.
I am able to run the pytest suite successfully for oracular and plucky
locally using sbuild. One difference between my local system and jengus
is that I do not have the PGDG apt repo added in my chroots. This makes
me think the issue may be related to a particular version of postgres. I
also noticed that pgbouncer does not have a pgversions file.

I will spend some more time tomorrow looking at this but I wanted to let
the list know about the new upstream version. I also wanted to ask if
anyone knows which versions of PostgreSQL PgBouncer supports; I tried
quickly scanning the GitHub and documenation website but did not see
that mentioned anywhere.

Thanks,

-- Bradford

[0]: https://github.com/pgbouncer/pgbouncer/releases/tag/pgbouncer_1_24_1
[1]: https://nvd.nist.gov/vuln/detail/CVE-2025-2291