public inbox for [email protected]
help / color / mirror / Atom feedPgBouncer 1.24.1 - New upstream version
2+ messages / 2 participants
[nested] [flat]
* PgBouncer 1.24.1 - New upstream version
@ 2025-04-17 06:20 Bradford Boyle <[email protected]>
0 siblings, 1 reply; 2+ messages in thread
From: Bradford Boyle @ 2025-04-17 06:20 UTC (permalink / raw)
To: pgsql-pkg-debian
Hi All,
PgBouncer 1.24.1 was just released and it contains a security fix for
CVE-2025-2291 [0],[1]. I've updated the Debian package with this new
version. The pytest suite is failing on jengus for oracular and plucky.
I am able to run the pytest suite successfully for oracular and plucky
locally using sbuild. One difference between my local system and jengus
is that I do not have the PGDG apt repo added in my chroots. This makes
me think the issue may be related to a particular version of postgres. I
also noticed that pgbouncer does not have a pgversions file.
I will spend some more time tomorrow looking at this but I wanted to let
the list know about the new upstream version. I also wanted to ask if
anyone knows which versions of PostgreSQL PgBouncer supports; I tried
quickly scanning the GitHub and documenation website but did not see
that mentioned anywhere.
Thanks,
-- Bradford
[0]: https://github.com/pgbouncer/pgbouncer/releases/tag/pgbouncer_1_24_1
[1]: https://nvd.nist.gov/vuln/detail/CVE-2025-2291
^ permalink raw reply [nested|flat] 2+ messages in thread
* Re: PgBouncer 1.24.1 - New upstream version
@ 2025-04-17 08:34 Christoph Berg <[email protected]>
parent: Bradford Boyle <[email protected]>
0 siblings, 0 replies; 2+ messages in thread
From: Christoph Berg @ 2025-04-17 08:34 UTC (permalink / raw)
To: Bradford Boyle <[email protected]>; +Cc: pgsql-pkg-debian
Re: Bradford Boyle
> Hi All,
>
> PgBouncer 1.24.1 was just released and it contains a security fix for
> CVE-2025-2291 [0],[1]. I've updated the Debian package with this new
Hi Bradford,
thanks!
> version. The pytest suite is failing on jengus for oracular and plucky.
> I am able to run the pytest suite successfully for oracular and plucky
> locally using sbuild. One difference between my local system and jengus
The plucky test just worked there when I retried it. So it's either
flaky by itself, or the isolation between concurrent builds isn't as
good as should be. (It's based on "newpid", my totally awesome docker
reimplementation :*)
The final release build just passed for all dists without retrying.
> is that I do not have the PGDG apt repo added in my chroots. This makes
> me think the issue may be related to a particular version of postgres. I
> also noticed that pgbouncer does not have a pgversions file.
pgversions is only needed to tell pg_buildext which versions to loop
over. Pgbouncer is a client program that doesn't have to be built
separately for each version. (We could opt to run tests against each
version though. But most of the magic is in the wire protocol support
and that's the same for all versions.
> I will spend some more time tomorrow looking at this but I wanted to let
> the list know about the new upstream version. I also wanted to ask if
> anyone knows which versions of PostgreSQL PgBouncer supports; I tried
> quickly scanning the GitHub and documenation website but did not see
> that mentioned anywhere.
That usually means it's supporting all of them. (There is probably a
lower bound, but it's likely very old.)
Thanks,
Christoph
^ permalink raw reply [nested|flat] 2+ messages in thread
end of thread, other threads:[~2025-04-17 08:34 UTC | newest]
Thread overview: 2+ messages (download: mbox mbox.gz follow: Atom feed)
-- links below jump to the message on this page --
2025-04-17 06:20 PgBouncer 1.24.1 - New upstream version Bradford Boyle <[email protected]>
2025-04-17 08:34 ` Christoph Berg <[email protected]>
This inbox is served by agora; see mirroring instructions
for how to clone and mirror all data and code used for this inbox