-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA512

Format: 1.8
Date: Sun, 10 May 2026 11:44:27 +0200
Source: pgbouncer
Architecture: source
Version: 1.24.1-1+deb13u2
Distribution: trixie
Urgency: medium
Maintainer: Debian PostgreSQL Maintainers <team+postgresql@tracker.debian.org>
Changed-By: Christoph Berg <myon@debian.org>
Changes:
 pgbouncer (1.24.1-1+deb13u2) trixie; urgency=medium
 .
   * Security update.
       * Fix CVE-2026-6664: An integer overflow in network packet parsing code
         in PgBouncer before 1.25.2 bypasses a boundary check and can lead to a
         crash. An unauthenticated remote attacker can crash PgBouncer with a
         malformed SCRAM authentication packet.
       * Fix CVE-2026-6665: The SCRAM code in PgBouncer before 1.25.2 did not
         check the return value of strlcat() correctly when building the
         contents of the SCRAM client-final-message. A malicious backend that
         sends a SCRAM server-final-message with a long nonce can trigger a
         stack overflow.
       * Fix CVE-2026-6666: A possible null pointer reference in PgBouncer
         before 1.25.2 could lead to a crash, if a server sends an error
         response without SQLSTATE field.
       * Fix CVE-2026-6667: PgBouncer before 1.25.2 did not perform an
         appropriate authorization check for the KILL_CLIENT admin command. All
         users with access to the administration console (which itself requires
         authorization) could run this command. It would have been correct to
         allow only users listed in the admin_users parameter.
Checksums-Sha1:
 2b7b615d51d8c11f5d3c0e91e7349bf746bb3ff6 2534 pgbouncer_1.24.1-1+deb13u2.dsc
 ec9495c205a8903f7ea4f19b48e9948e3b77eb06 15528 pgbouncer_1.24.1-1+deb13u2.debian.tar.xz
Checksums-Sha256:
 dc1bc121e10a7ac2da987e72bb13798c94a7ff162ddc480d93a3f93c19b637a7 2534 pgbouncer_1.24.1-1+deb13u2.dsc
 2325bcaa2e71919d399b9e5aef5b94ff988fc1f1d296908c3937b682b7be5cbb 15528 pgbouncer_1.24.1-1+deb13u2.debian.tar.xz
Files:
 e5b303416f3fdaa9854be557e5c14e2f 2534 database optional pgbouncer_1.24.1-1+deb13u2.dsc
 a76a96aa69421b440b3bbe77afbaddcf 15528 database optional pgbouncer_1.24.1-1+deb13u2.debian.tar.xz

-----BEGIN PGP SIGNATURE-----

iQIzBAEBCgAdFiEEXEj+YVf0kXlZcIfGTFprqxLSp64FAmoAW1EACgkQTFprqxLS
p67hZxAApPT2r/OlRUFXLsU3WzH3WUXgBZSM5sZcGT5rnBYPkWWwAGpusfZEYjZd
Hag4loaxao4gdfjS5GvC8FNcQXbqg6AylJGWsiagEfcvdh8vJlk3oRR1snWQAjgE
Vrdc5gJv2D1Rs2ob9anTUYgGbYskCpt1HgyAgucN/pIToW8ren/ij0LpWF/cJVZz
rmGk8DmGetj7Y9S2ZG6s3ds5CjZGXFAHZh9RdwhrFS1Z/BetcjHZm64C+XqPBOoZ
SpPmZGKPd7Bb1DLdu4mV/oP9i4w6G6baUeUUiHIDAsR7COv88O3ZOXggTVRZDgdw
NngDj8Z2tw3XqSw9KSS3LhqbDupmp2EpzEvDR3XgJZo4YIvpCVo3KuJ++4OogUV8
pmKc1YTnLxSesn4cjGzuK5AwC9S0hnzuS03MhwuLRYjblW9e8jyuxI1lHIcid+WA
KFZY/eEjWc/HqzzsA70RTsAChGxfMc3prpxVQLdnOlMPVOtNk6nmAcoiJfGgry/9
9MXpE5YuTpEIyxZAnzDsoTPauORwqnHN3h9XgTmj8MP8FZ2drgbhXAWI/LWNDdFO
cbig0ao6+eWQVWMiuaqVGsqqWoeSsGNpzRksr1MXv9EEpfo/9DDWYj9hMszCcJJy
9V+rSaV0xW/50wXMVC+I7r5kdScvCGZOewfNvtluMLsRImv6F/M=
=3AvK
-----END PGP SIGNATURE-----