commit 63e0603f5f3d96faf3b27587c7a914b2cdb450d5c41f850dffd5e5fdd8d4daa9 Author: Adrian Schröter Date: Mon Jan 27 11:25:40 2025 +0100 Sync from SUSE:SLFO:Main postgresql-jdbc revision 9d2842004dbd0015af9183b1bbfeb31f diff --git a/.gitattributes b/.gitattributes new file mode 100644 index 0000000..9b03811 --- /dev/null +++ b/.gitattributes @@ -0,0 +1,23 @@ +## Default LFS +*.7z filter=lfs diff=lfs merge=lfs -text +*.bsp filter=lfs diff=lfs merge=lfs -text +*.bz2 filter=lfs diff=lfs merge=lfs -text +*.gem filter=lfs diff=lfs merge=lfs -text +*.gz filter=lfs diff=lfs merge=lfs -text +*.jar filter=lfs diff=lfs merge=lfs -text +*.lz filter=lfs diff=lfs merge=lfs -text +*.lzma filter=lfs diff=lfs merge=lfs -text +*.obscpio filter=lfs diff=lfs merge=lfs -text +*.oxt filter=lfs diff=lfs merge=lfs -text +*.pdf filter=lfs diff=lfs merge=lfs -text +*.png filter=lfs diff=lfs merge=lfs -text +*.rpm filter=lfs diff=lfs merge=lfs -text +*.tbz filter=lfs diff=lfs merge=lfs -text +*.tbz2 filter=lfs diff=lfs merge=lfs -text +*.tgz filter=lfs diff=lfs merge=lfs -text +*.ttf filter=lfs diff=lfs merge=lfs -text +*.txz filter=lfs diff=lfs merge=lfs -text +*.whl filter=lfs diff=lfs merge=lfs -text +*.xz filter=lfs diff=lfs merge=lfs -text +*.zip filter=lfs diff=lfs merge=lfs -text +*.zst filter=lfs diff=lfs merge=lfs -text diff --git a/postgresql-42.7.2-jdbc-src.tar.gz b/postgresql-42.7.2-jdbc-src.tar.gz new file mode 100644 index 0000000..cd998fa --- /dev/null +++ b/postgresql-42.7.2-jdbc-src.tar.gz @@ -0,0 +1,3 @@ +version https://git-lfs.github.com/spec/v1 +oid sha256:2253dda451cab90a200d3954548fdd8b9cdd8e2e93022a6335f824f981ee5b74 +size 1005874 diff --git a/postgresql-jdbc.changes b/postgresql-jdbc.changes new file mode 100644 index 0000000..c9aa461 --- /dev/null +++ b/postgresql-jdbc.changes @@ -0,0 +1,131 @@ +------------------------------------------------------------------- +Thu Feb 29 16:40:26 UTC 2024 - Fridrich Strba + +- Upgrade to upstream version 42.7.2 + * Security fix: + + CVE-2024-1597 (bsc#1220644) postgresql vulnerable to SQL + Injection via line comment generation + * Other changes: + + perf: avoid autoboxing bind indexes + + add: Add PasswordUtil for encrypting passwords client side + + refactor: document that encodePassword will zero out the + password array, and remove driver's default encodePassword + + change: Use simple query for isValid. Using Extended query + sends two messages +- Removed patches: + * CVE-2022-26520.patch + * fix-SQL-Injection-CVE-2022-31197.patch + * fix-createTempFile-vulnerability-CVE-2022-41946.patch + + issues fixed by upstream before this version + +------------------------------------------------------------------- +Wed Feb 21 10:53:23 UTC 2024 - Gus Kenion + +- Use %patch -P N instead of deprecated %patchN. + +------------------------------------------------------------------- +Sun Jan 8 17:54:43 UTC 2023 - Michael Calmer + +- fix createTempFile vulnerability - CVE-2022-41946 (bsc#1206921) + * Added: fix-createTempFile-vulnerability-CVE-2022-41946.patch + +------------------------------------------------------------------- +Tue Sep 27 14:35:20 UTC 2022 - Michael Calmer + +- Address SQL Injection Vulnerability CVE-2022-31197 + (bsc#1202170) + * Add: fix-SQL-Injection-CVE-2022-31197.patch + +------------------------------------------------------------------- +Fri Jun 3 10:34:36 UTC 2022 - Michael Calmer + +- Address arbitrary File Write Vulnerability CVE-2022-26520 + (bsc#1197356) + * Add: CVE-2022-26520.patch + +------------------------------------------------------------------- +Thu Mar 3 16:01:03 UTC 2022 - Michael Calmer + +- Upgrade to upstream version 42.2.25 + * uses SASLprep normalization for SCRAM authentication fixing + some issues with spaces in passwords. (bsc#1196693) + (jsc#SLE-23993, jsc#SLE-23994) + * https://jdbc.postgresql.org/documentation/changelog.html + +------------------------------------------------------------------- +Fri Aug 28 15:14:36 UTC 2020 - Fridrich Strba + +- Upgrade to upstream version 42.2.16 + * building with maven +- Removed patch: + * jdbc-postgresql-9.4_p1201-remove-sspi.patch + - not needed any more + +------------------------------------------------------------------- +Tue Sep 19 08:47:08 UTC 2017 - fstrba@suse.com + +- Build with java compatibility 1.6 +- Modified file: + * build.xml + + Detect correctly java 9 + +------------------------------------------------------------------- +Mon Jul 6 11:37:30 UTC 2015 - dmacvicar@suse.de + +- update to version 9.4-1200 (fate#318788) + * https://jdbc.postgresql.org/documentation/changelog.html +- Add patch: + * jdbc-postgresql-9.4_p1201-remove-sspi.patch + +------------------------------------------------------------------- +Fri Jul 11 13:52:03 UTC 2014 - tchvatal@suse.com + +- Do not version java docdir. + +------------------------------------------------------------------- +Tue Jul 8 10:34:41 UTC 2014 - tchvatal@suse.com + +- Do not depend on ant-trax. + +------------------------------------------------------------------- +Fri Jun 27 12:49:44 UTC 2014 - tchvatal@suse.com + +- Fix build on SLE11 + +------------------------------------------------------------------- +Fri Jun 27 11:58:20 UTC 2014 - tchvatal@suse.com + +- Version bump to latest release 9.3: + * Various fixes + * Better integration with pgsql9.3 +- Cleanup with spec-cleaner + +------------------------------------------------------------------- +Mon Sep 9 11:06:17 UTC 2013 - tchvatal@suse.com + +- Move from jpackage-utils to javapackage-tools + +------------------------------------------------------------------- +Thu Mar 28 15:56:58 UTC 2013 - darin@darins.net + +- Set the correct license + +------------------------------------------------------------------- +Tue Mar 26 16:55:12 UTC 2013 - darin@darins.net + +- Update license +- rpmlint cleanup + +------------------------------------------------------------------- +Thu Feb 21 10:16:34 UTC 2013 - darin@darins.net + +- Update to 9.2 +- cleaned up .spec +- moved %changelog to .changes + + +------------------------------------------------------------------- +Thu Mar 3 00:00:00 UTC 2011 - vlado.paskov@gmail.com + +- Initial package release. + diff --git a/postgresql-jdbc.spec b/postgresql-jdbc.spec new file mode 100644 index 0000000..5e89e5f --- /dev/null +++ b/postgresql-jdbc.spec @@ -0,0 +1,68 @@ +# +# spec file for package postgresql-jdbc +# +# Copyright (c) 2024 SUSE LLC +# Copyright (c) 2000-2005, JPackage Project +# +# All modifications and additions to the file contributed by third parties +# remain the property of their copyright owners, unless otherwise agreed +# upon. The license for this file, and modifications and additions to the +# file, is the same license as for the pristine package itself (unless the +# license for the pristine package is not an Open Source License, in which +# case the license is the MIT License). An "Open Source License" is a +# license that conforms to the Open Source Definition (Version 1.9) +# published by the Open Source Initiative. + +# Please submit bugfixes or comments via https://bugs.opensuse.org/ +# + + +Name: postgresql-jdbc +Version: 42.7.2 +Release: 0 +Summary: JDBC driver for PostgreSQL +License: BSD-2-Clause +URL: https://jdbc.postgresql.org/ +Source0: https://repo1.maven.org/maven2/org/postgresql/postgresql/%{version}/postgresql-%{version}-jdbc-src.tar.gz +BuildRequires: fdupes +BuildRequires: maven-local +BuildRequires: mvn(com.ongres.scram:client) >= 2.0 +BuildArch: noarch + +%description +PostgreSQL is an advanced Object-Relational database management +system. The postgresql-jdbc package includes the .jar files needed for +Java programs to access a PostgreSQL database. + +%package javadoc +Summary: API docs for %{name} + +%description javadoc +This package contains the API Documentation for %{name}. + +%prep +%setup -q -n postgresql-%{version}-jdbc-src + +# Build parent POMs in the same Maven call. +%pom_xpath_remove "pom:plugin[pom:artifactId = 'maven-shade-plugin']" + +%{mvn_file} org.postgresql:postgresql %{name}/postgresql %{name} + +# For compat reasons, make Maven artifact available under older coordinates. +%{mvn_alias} org.postgresql:postgresql postgresql:postgresql + +%build +%{mvn_build} -f -- -Dsource=8 + +%install +%mvn_install +%fdupes -s %{buildroot}%{_javadocdir} + +%files -f .mfiles +%license LICENSE +%doc README.md + +%files javadoc -f .mfiles-javadoc +%license LICENSE + +%changelog