Issue 6098 was filed years ago for semicolon handling in Postgres roles.
PR 8512 fixed it for the creation_statements field in dynamic roles, but not for the rotation_statements field in static roles.
I think we just need the same code change for changeUserPassword in the same file.

To Reproduce
Steps to reproduce the behavior:
vault write db/postgres/static-roles/example_static db_name=postgres username=example_static rotation_period=3600 rotation_statements="DO \$\$ BEGIN IF NOT EXISTS (SELECT FROM pg_catalog.pg_roles WHERE rolname='{{name}}') THEN CREATE ROLE \"{{name}}\" WITH LOGIN PASSWORD '{{password}}'; ELSE ALTER ROLE \"{{name}}\" WITH LOGIN PASSWORD '{{password}}'; END IF; END \$\$"

Expected behavior
Full creation statement is sent to Postgres database.

Environment:

• Vault Server Version: 1.19.5

• Vault CLI Version: Vault v1.20.0 (6fdd6b5), built 2025-06-23T10:21:30Z

• Server Operating System/Architecture: Ubuntu 22.04

Vault server configuration file(s): Base hashicorp/vault Docker image

Additional context
Lest you think there is an error in my ugly Postgres statement above, note that the exact same statement works as creation_statements for a dynamic role:

vault write db/postgres/roles/example_dynamic db_name=postgres  creation_statements="DO \$\$ BEGIN IF NOT EXISTS (SELECT FROM pg_catalog.pg_roles WHERE rolname='{{name}}') THEN CREATE ROLE \"{{name}}\" WITH LOGIN PASSWORD '{{password}}'; ELSE ALTER ROLE \"{{name}}\" WITH LOGIN PASSWORD '{{password}}'; END IF; END \$\$"
vault read db/postgres/creds/example_dynamic