package/postgresql: security bump to version 17.5

Fixes the following security issue:

CVE-2025-4207: PostgreSQL GB18030 encoding validation can read one byte past
end of allocation for text that fails validation

A buffer over-read in PostgreSQL GB18030 encoding validation allows a
database input provider to achieve temporary denial of service on platforms
where a 1-byte over-read can elicit process termination.  This affects the
database server and also libpq.

https://www.postgresql.org/about/news/postgresql-175-169-1513-1418-and-1321-released-3072/

Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
Signed-off-by: Julien Olivain <ju.o@free.fr>

package/postgresql/postgresql.hash

@@ -1,4 +1,4 @@
-# From https://ftp.postgresql.org/pub/source/v17.4/postgresql-17.4.tar.bz2.sha256
-sha256  c4605b73fea11963406699f949b966e5d173a7ee0ccaef8938dec0ca8a995fe7  postgresql-17.4.tar.bz2
+# From https://ftp.postgresql.org/pub/source/v17.5/postgresql-17.5.tar.bz2.sha256
+sha256  fcb7ab38e23b264d1902cb25e6adafb4525a6ebcbd015434aeef9eda80f528d8  postgresql-17.5.tar.bz2
 # License file, Locally calculated
 sha256  e3822c4797fadcab31a3fc73f75c28ac20c73d72b565da91e9974cf9398ef4d2  COPYRIGHT

package/postgresql/postgresql.mk

@@ -4,7 +4,7 @@
 #
 ################################################################################
 
-POSTGRESQL_VERSION = 17.4
+POSTGRESQL_VERSION = 17.5
 POSTGRESQL_SOURCE = postgresql-$(POSTGRESQL_VERSION).tar.bz2
 POSTGRESQL_SITE = https://ftp.postgresql.org/pub/source/v$(POSTGRESQL_VERSION)
 POSTGRESQL_LICENSE = PostgreSQL