------------------------------------------------------------------- Wed Aug 9 09:14:59 UTC 2023 - Reinhard Max - Update to 15.4: * bsc#1214059, CVE-2023-39417: Disallow substituting a schema or owner name into an extension script if the name contains a quote, backslash, or dollar sign. * bsc#1214061, CVE-2023-39418: Fix MERGE to enforce row security policies properly. * https://www.postgresql.org/docs/15/release-15-4.html ------------------------------------------------------------------- Tue May 9 11:07:48 UTC 2023 - Reinhard Max - Update to 15.3: * bsc#1211228, CVE-2023-2454: Prevent CREATE SCHEMA from defeating changes in search_path * bsc#1211229, CVE-2023-2455: Enforce row-level security policies correctly after inlining a set-returning function * https://www.postgresql.org/docs/15/release-15-3.html ------------------------------------------------------------------- Tue Apr 18 09:05:09 UTC 2023 - Reinhard Max - bsc#1210303: Stop using the obsolete internal %_restart_on_update macro and drop support for sysv init to simplify the scriptlets. ------------------------------------------------------------------- Tue Apr 4 10:57:41 UTC 2023 - Fabian Vogt - Include -mini in Name: to avoid conflicts in the source package name and OBS internal dependency tracking. ------------------------------------------------------------------- Thu Feb 9 11:38:35 UTC 2023 - Reinhard Max - Update to 15.2: * CVE-2022-41862, bsc#1208102: memory leak in libpq * https://www.postgresql.org/about/news/2592/ * https://www.postgresql.org/docs/15/release-15-2.html - Bump latest_supported_llvm_ver to 15. ------------------------------------------------------------------- Thu Nov 10 14:35:02 UTC 2022 - Reinhard Max - Update to 15.1: * https://www.postgresql.org/about/news/2543/ * https://www.postgresql.org/docs/15/release-15-1.html ------------------------------------------------------------------- Thu Oct 13 14:03:27 UTC 2022 - Reinhard Max - Update to 15.0: * https://www.postgresql.org/about/news/p-2526/ * https://www.postgresql.org/docs/15/release-15.html - Move pg_upgrade from *-contrib to *-server. - Drop support for the 9.x versioning scheme. ------------------------------------------------------------------- Thu Oct 6 13:20:57 UTC 2022 - Reinhard Max - Update to 15~rc2 * https://www.postgresql.org/about/news/p-2521/ * Reverting the "optimized order of GROUP BY keys" feature. ------------------------------------------------------------------- Fri Sep 30 10:43:09 UTC 2022 - Fabian Vogt - Fix source URLs ------------------------------------------------------------------- Thu Sep 29 14:02:38 UTC 2022 - Reinhard Max - Update to 15~rc1 https://www.postgresql.org/about/news/p-2516/ ------------------------------------------------------------------- Thu Sep 22 21:26:36 UTC 2022 - Aaron Puchert - Create mechanism to specify the latest supported LLVM version. Automatically pin to that version if the distribution has a newer unsupported default version. ------------------------------------------------------------------- Mon Sep 12 09:25:30 UTC 2022 - Andreas Schwab - Disable LLVM JIT on riscv64 ------------------------------------------------------------------- Thu Sep 8 13:37:01 UTC 2022 - Reinhard Max - Update to 15~beta4 https://www.postgresql.org/about/news/p-2507/ ------------------------------------------------------------------- Mon Sep 5 09:20:34 UTC 2022 - Reinhard Max - Update to 15~beta3 https://www.postgresql.org/about/news/p-2496/ ------------------------------------------------------------------- Sat May 21 20:48:45 UTC 2022 - Marcus Rueckert - use %version requires for the contrib package for now as 15~beta1 is actually smaller than 15. ------------------------------------------------------------------- Sat May 21 15:25:26 UTC 2022 - Marcus Rueckert - Add proper conditionals for lz4 and zstd ------------------------------------------------------------------- Sat May 21 15:07:19 UTC 2022 - Marcus Rueckert - Upgrade to 15~beta1 https://www.postgresql.org/about/news/postgresql-15-beta-1-released-2453/ https://www.postgresql.org/docs/15/release-15.html - Refreshed patches to apply cleanly again: 0001-jit-Workaround-potential-datalayout-mismatch-on-s390.patch postgresql-conf.patch postgresql-llvm-optional.patch postgresql-plperl-keep-rpath.patch postgresql-testsuite-keep-results-file.patch postgresql-var-run-socket.patch - Add buildrequires for lz4 and zstd support ------------------------------------------------------------------- Sat May 21 14:39:42 UTC 2022 - Marcus Rueckert - fork package for postgresql 15 ------------------------------------------------------------------- Thu May 12 10:33:20 UTC 2022 - Reinhard Max - Upgrade to 14.3: * bsc#1199475, CVE-2022-1552: Confine additional operations within "security restricted operation" sandboxes. * https://www.postgresql.org/docs/14/release-14-3.html ------------------------------------------------------------------- Wed Apr 13 12:17:48 UTC 2022 - Reinhard Max - bsc#1198166: Pin to llvm13 until the next patchlevel update. ------------------------------------------------------------------- Tue Feb 8 14:01:56 UTC 2022 - Reinhard Max - bsc#1195680: Upgrade to 14.2: * https://www.postgresql.org/docs/14/release-14-2.html * Reindexing might be needed after applying this upgrade, so please read the release notes carefully. ------------------------------------------------------------------- Sat Dec 11 17:27:53 UTC 2021 - Sarah Kriesch - boo#1190740: Add constraints file with 12GB of memory for s390x as a workaround ------------------------------------------------------------------- Thu Nov 25 11:02:15 UTC 2021 - Reinhard Max - Add a llvmjit-devel subpackage to pull in the right versions of clang and llvm for building extensions. - Fix some mistakes in the interdependencies between the implementation packages and their noarch counterpart. - Update the BuildIgnore section. ------------------------------------------------------------------- Wed Nov 10 16:56:57 UTC 2021 - Reinhard Max - bsc#1192516: Upgrade to 14.1 * Make the server reject extraneous data after an SSL or GSS encryption handshake (CVE-2021-23214). * Make libpq reject extraneous data after an SSL or GSS encryption handshake (CVE-2021-23222). * https://www.postgresql.org/docs/14/release-14-1.html ------------------------------------------------------------------- Wed Oct 20 15:21:53 UTC 2021 - Reinhard Max - boo#1191782: Let rpmlint ignore shlib-policy-name-error. ------------------------------------------------------------------- Tue Oct 5 11:34:50 UTC 2021 - Reinhard Max - Remove postgresql-testsuite-int8.sql.patch, because its purpose is unclear. This affects only the test subpackage. ------------------------------------------------------------------- Thu Sep 30 17:28:37 UTC 2021 - Marcus Rueckert - Upgrade to 14.0 https://www.postgresql.org/about/news/postgresql-14-released-2318/ https://www.postgresql.org/docs/14/release-14.html ------------------------------------------------------------------- Mon Sep 27 14:04:01 UTC 2021 - Reinhard Max - Let genlists skip non-existing binaries to avoid lots of version conditionals in the file lists. ------------------------------------------------------------------- Sat Sep 25 00:34:52 UTC 2021 - Marcus Rueckert - Upgrade to 14~rc1 https://www.postgresql.org/about/news/postgresql-14-rc-1-released-2309/ https://www.postgresql.org/docs/14/release-14.html https://wiki.postgresql.org/wiki/PostgreSQL_14_Open_Items ------------------------------------------------------------------- Fri Jun 25 01:45:20 UTC 2021 - Marcus Rueckert - Upgrade to 14~beta2 https://www.postgresql.org/about/news/postgresql-14-beta-2-released-2249/ https://www.postgresql.org/docs/14/release-14.html https://wiki.postgresql.org/wiki/PostgreSQL_14_Open_Items ------------------------------------------------------------------- Fri May 21 22:48:32 UTC 2021 - Marcus Rueckert - Upgrade to 14~beta1 https://www.postgresql.org/about/news/postgresql-14-beta-1-released-2213/ https://www.postgresql.org/docs/14/release-14.html https://wiki.postgresql.org/wiki/PostgreSQL_14_Open_Items - disable postgresql-testsuite-int8.sql.patch: it seems it is not needed anymore, need to be double checked. ------------------------------------------------------------------- Wed May 19 15:24:24 UTC 2021 - Reinhard Max - bsc#1185952: llvm12 breaks PostgreSQL 11 and 12 on s390x. Use llvm11 as a workaround. ------------------------------------------------------------------- Tue May 11 13:50:14 UTC 2021 - Reinhard Max - Upgrade to version 13.3: * https://www.postgresql.org/docs/13/release-13-3.html * CVE-2021-32027, bsc#1185924: Prevent integer overflows in array subscripting calculations. * CVE-2021-32028, bsc#1185925: Fix mishandling of “junk” columns in INSERT ... ON CONFLICT ... UPDATE target lists. * CVE-2021-32029, bsc#1185926: Fix possibly-incorrect computation of UPDATE ... RETURNING "pg_psql_temporary_savepoint" does not exist”. - Don't use %_stop_on_removal, because it was meant to be private and got removed from openSUSE. %_restart_on_update is also private, but still supported and needed for now (bsc#1183168). ------------------------------------------------------------------- Mon Mar 15 19:29:39 UTC 2021 - Reinhard Max - Re-enable build of the llvmjit subpackage on SLE, but it will only be delivered on PackageHub for now (boo#1183118). ------------------------------------------------------------------- Tue Mar 9 13:52:19 UTC 2021 - Reinhard Max - Remove leftover PreReq on chkconfig, we stopped using it long time ago. ------------------------------------------------------------------- Fri Feb 19 15:30:08 UTC 2021 - Reinhard Max - boo#1179945: Disable icu for PostgreSQL 10 (and older) on TW. ------------------------------------------------------------------- Wed Feb 10 13:16:32 UTC 2021 - Reinhard Max - Upgrade to version 13.2: * https://www.postgresql.org/docs/13/release-13-2.html * Updating stored views and reindexing might be needed after applying this update. * CVE-2021-3393, bsc#1182040: Fix information leakage in constraint-violation error messages. * CVE-2021-20229, bsc#1182039: Fix failure to check per-column SELECT privileges in some join queries. * Obsoletes postgresql-icu68.patch. ------------------------------------------------------------------- Mon Dec 14 16:19:05 UTC 2020 - Callum Farmer - Add postgresql-icu68.patch: fix build with ICU 68 ------------------------------------------------------------------- Fri Nov 20 11:51:37 UTC 2020 - Reinhard Max - bsc#1178961: %ghost the symlinks to pg_config and ecpg. - boo#1179765: BuildRequire libpq5 and libecpg6 when not building them to avoid dangling symlinks in the devel package. ------------------------------------------------------------------- Wed Nov 11 11:36:01 UTC 2020 - Reinhard Max - Upgrade to version 13.1: * CVE-2020-25695, bsc#1178666: Block DECLARE CURSOR ... WITH HOLD and firing of deferred triggers within index expressions and materialized view queries. * CVE-2020-25694, bsc#1178667: a) Fix usage of complex connection-string parameters in pg_dump, pg_restore, clusterdb, reindexdb, and vacuumdb. b) When psql's \connect command re-uses connection parameters, ensure that all non-overridden parameters from a previous connection string are re-used. * CVE-2020-25696, bsc#1178668: Prevent psql's \gset command from modifying specially-treated variables. * Fix recently-added timetz test case so it works when the USA is not observing daylight savings time. (obsoletes postgresql-timetz.patch) * https://www.postgresql.org/about/news/2111/ * https://www.postgresql.org/docs/13/release-13-1.html ------------------------------------------------------------------- Tue Nov 3 13:54:38 UTC 2020 - Reinhard Max - Fix a DST problem in the test suite: postgresql-timetz.patch https://postgr.es/m/16689-57701daa23b377bf@postgresql.org ------------------------------------------------------------------- Fri Sep 25 06:57:55 UTC 2020 - Reinhard Max - Initial packaging of PostgreSQL 13: * https://www.postgresql.org/about/news/2077/ * https://www.postgresql.org/docs/13/release-13.html