Sync from SUSE:SLFO:Main postgresql17 revision 84f2286731f58af76b8f4b7c907e950f

postgresql-17.2.tar.bz2.sha256

@@ -1 +0,0 @@
-82ef27c0af3751695d7f64e2d963583005fbb6a0c3df63d0e4b42211d7021164  postgresql-17.2.tar.bz2

postgresql-17.4.tar.bz2.sha256

@@ -0,0 +1 @@
+c4605b73fea11963406699f949b966e5d173a7ee0ccaef8938dec0ca8a995fe7  postgresql-17.4.tar.bz2

postgresql17.changes

@@ -1,3 +1,51 @@
+-------------------------------------------------------------------
+Tue Feb 18 11:36:44 UTC 2025 - Reinhard Max <max@suse.com>
+
+- Upgrade to 17.4:
+  * Improve behavior of libpq's quoting functions:
+    The changes made for CVE-2025-1094 had one serious oversight:
+    PQescapeLiteral() and PQescapeIdentifier() failed to honor
+    their string length parameter, instead always reading to the
+    input string's trailing null. This resulted in including
+    unwanted text in the output, if the caller intended to
+    truncate the string via the length parameter. With very bad
+    luck it could cause a crash due to reading off the end of
+    memory.
+    In addition, modify all these quoting functions so that when
+    invalid encoding is detected, an invalid sequence is
+    substituted for just the first byte of the presumed
+    character, not all of it. This reduces the risk of problems
+    if a calling application performs additional processing on
+    the quoted string.
+  * Fix small memory leak in pg_createsubscriber.
+  * https://www.postgresql.org/docs/release/17.4/
+
+-------------------------------------------------------------------
+Tue Feb 11 12:02:37 UTC 2025 - Reinhard Max <max@suse.com>
+
+- Upgrade to 17.3:
+  * bsc#1237093, CVE-2025-1094: Harden PQescapeString and allied
+    functions against invalidly-encoded input strings.
+  * obsoletes postgresql-tzdata2025a.patch
+  * https://www.postgresql.org/docs/release/17.3/
+  * https://www.postgresql.org/about/news/-3015/
+
+-------------------------------------------------------------------
+Wed Jan 29 10:20:21 UTC 2025 - JS <obs.coke518@passinbox.com>
+
+- Apply postgresql-tzdata2025a.patch regardless of
+  whether LLVM JIT is enabled
+
+-------------------------------------------------------------------
+Tue Jan 28 12:23:29 UTC 2025 - Reinhard Max <max@suse.com>
+
+- Fix build, add postgresql-tzdata2025a.patch
+
+-------------------------------------------------------------------
+Thu Dec 26 07:51:33 UTC 2024 - JS <obs.coke518@passinbox.com>
+
+- Disable LLVM JIT on loongarch64
+
 -------------------------------------------------------------------
 Tue Nov 19 14:46:02 UTC 2024 - Reinhard Max <max@suse.com>
 
@@ -16,6 +64,7 @@ Tue Nov 19 14:46:02 UTC 2024 - Reinhard Max <max@suse.com>
     have changed.
   * Avoid assertion failure caused by disconnected NFA sub-graphs
     in regular expression parsing.
+  * https://www.postgresql.org/about/news/p-2965/
   * https://www.postgresql.org/docs/release/17.2/
 
 -------------------------------------------------------------------

postgresql17.spec

@@ -1,7 +1,7 @@
 #
 # spec file for package postgresql17
 #
-# Copyright (c) 2024 SUSE LLC
+# Copyright (c) 2025 SUSE LLC
 #
 # All modifications and additions to the file contributed by third parties
 # remain the property of their copyright owners, unless otherwise agreed
@@ -16,7 +16,7 @@
 #
 
 
-%define pgversion 17.2
+%define pgversion 17.4
 %define pgmajor 17
 %define buildlibs 1
 %define tarversion %{pgversion}
@@ -116,7 +116,7 @@ BuildRequires:  %libpq
 %endif
 
 %if 0%{?suse_version} >= 1500 && %pgmajor >= 11
-%ifarch riscv64
+%ifarch riscv64 loongarch64
 %bcond_with     llvm
 %else
 %bcond_without  llvm