- Upgrade to 12.18:

* bsc#1219679, CVE-2024-0985: Tighten security restrictions
    within REFRESH MATERIALIZED VIEW CONCURRENTLY.
    One step of a concurrent refresh command was run under weak
    security restrictions. If a materialized view's owner could
    persuade a superuser or other high-privileged user to perform a
    concurrent refresh on that view, the view's owner could control
    code executed with the privileges of the user running REFRESH.
    Fix things so that all user-determined code is run as the
    view's owner, as expected
  * If you use GIN indexes, you may need to reindex after updating
    to this release.
  * LLVM 18 is now supported.
  * https://www.postgresql.org/docs/release/12.18/

OBS-URL: https://build.opensuse.org/package/show/server:database:postgresql/postgresql12?expand=0&rev=94
This commit is contained in:
Reinhard Max 2024-02-08 15:26:36 +00:00 committed by Git OBS Bridge
parent 6923d19d72
commit 2e2b4a38db
8 changed files with 32 additions and 19 deletions

View File

@ -1,3 +0,0 @@
version https://git-lfs.github.com/spec/v1
oid sha256:c5f1fff7a0f93e1ec3746417b0594290ece617b4995ed95b8d527af0ba0e38f3
size 21140532

View File

@ -1 +0,0 @@
c5f1fff7a0f93e1ec3746417b0594290ece617b4995ed95b8d527af0ba0e38f3 postgresql-12.16.tar.bz2

View File

@ -1,3 +0,0 @@
version https://git-lfs.github.com/spec/v1
oid sha256:93e8e1b23981d5f03c6c5763f77b28184c1ce4db7194fa466e2edb65d9c1c5f6
size 21181616

View File

@ -1 +0,0 @@
93e8e1b23981d5f03c6c5763f77b28184c1ce4db7194fa466e2edb65d9c1c5f6 postgresql-12.17.tar.bz2

3
postgresql-12.18.tar.bz2 Normal file
View File

@ -0,0 +1,3 @@
version https://git-lfs.github.com/spec/v1
oid sha256:4f9919725d941ce9868e07fe1ed1d3a86748599b483386547583928b74c3918a
size 21208935

View File

@ -0,0 +1 @@
4f9919725d941ce9868e07fe1ed1d3a86748599b483386547583928b74c3918a postgresql-12.18.tar.bz2

View File

@ -1,3 +1,21 @@
-------------------------------------------------------------------
Thu Feb 8 14:32:50 UTC 2024 - Reinhard Max <max@suse.com>
- Upgrade to 12.18:
* bsc#1219679, CVE-2024-0985: Tighten security restrictions
within REFRESH MATERIALIZED VIEW CONCURRENTLY.
One step of a concurrent refresh command was run under weak
security restrictions. If a materialized view's owner could
persuade a superuser or other high-privileged user to perform a
concurrent refresh on that view, the view's owner could control
code executed with the privileges of the user running REFRESH.
Fix things so that all user-determined code is run as the
view's owner, as expected
* If you use GIN indexes, you may need to reindex after updating
to this release.
* LLVM 18 is now supported.
* https://www.postgresql.org/docs/release/12.18/
-------------------------------------------------------------------
Wed Nov 8 14:37:39 UTC 2023 - Reinhard Max <max@suse.com>
@ -27,7 +45,6 @@ Wed Nov 8 14:37:39 UTC 2023 - Reinhard Max <max@suse.com>
such processes. No specific security consequences are known for
that oversight, but it might be significant for some extensions.
* Add support for LLVM 16 and 17
* https://www.postgresql.org/about/news/2749
* https://www.postgresql.org/docs/12/release-12-17.html
-------------------------------------------------------------------

View File

@ -1,7 +1,7 @@
#
# spec file
# spec file for package postgresql12
#
# Copyright (c) 2023 SUSE LLC
# Copyright (c) 2024 SUSE LLC
#
# All modifications and additions to the file contributed by third parties
# remain the property of their copyright owners, unless otherwise agreed
@ -16,11 +16,11 @@
#
%define pgversion 12.17
%define pgversion 12.18
%define pgmajor 12
%define buildlibs 0
%define tarversion %{pgversion}
%define latest_supported_llvm_ver 15
%define latest_supported_llvm_ver 18
### CUT HERE ###
%define pgname postgresql%pgmajor
@ -187,7 +187,7 @@ Provides: postgresql = %version-%release
Provides: postgresql-implementation = %version-%release
Requires: %libpq >= %version
Requires(post): postgresql-noarch >= %pgmajor
Requires(postun):postgresql-noarch >= %pgmajor
Requires(postun): postgresql-noarch >= %pgmajor
# At this point we changed the package layout on SLE and conflict with
# older releases to get a clean cut.
Conflicts: postgresql-noarch < 12.0.1
@ -277,7 +277,7 @@ Provides: %pgname-server-devel = %version-%release
Provides: postgresql-server-devel = %version-%release
Provides: postgresql-server-devel-implementation = %version-%release
Requires(post): postgresql-server-devel-noarch >= %pgmajor
Requires(postun):postgresql-server-devel-noarch >= %pgmajor
Requires(postun): postgresql-server-devel-noarch >= %pgmajor
Requires: %pgname-devel = %version
Requires: %pgname-server = %version-%release
# Installation of postgresql??-devel is exclusive
@ -335,10 +335,10 @@ Recommends: %{name}-llvmjit
Provides: postgresql-server-implementation = %version-%release
Requires: %libpq >= %version
Requires(pre): postgresql-server-noarch >= %pgmajor
Requires(preun):postgresql-server-noarch >= %pgmajor
Requires(postun):postgresql-server-noarch >= %pgmajor
Requires(preun): postgresql-server-noarch >= %pgmajor
Requires(postun): postgresql-server-noarch >= %pgmajor
Requires(post): postgresql-noarch >= %pgmajor
Requires(postun):postgresql-noarch >= %pgmajor
Requires(postun): postgresql-noarch >= %pgmajor
%description server
PostgreSQL is an advanced object-relational database management system
@ -377,7 +377,7 @@ Requires: %pgname-server-devel = %version
%if %{with llvm}
Requires: %pgname-llvmjit = %version
Requires(post): postgresql-llvmjit-devel-noarch >= %pgmajor
Requires(postun):postgresql-llvmjit-devel-noarch >= %pgmajor
Requires(postun): postgresql-llvmjit-devel-noarch >= %pgmajor
%requires_file %_bindir/llc
%requires_file %_bindir/clang
%endif