Accepting request 1145273 from server:database:postgresql
- Upgrade to 12.18: * bsc#1219679, CVE-2024-0985: Tighten security restrictions within REFRESH MATERIALIZED VIEW CONCURRENTLY. One step of a concurrent refresh command was run under weak security restrictions. If a materialized view's owner could persuade a superuser or other high-privileged user to perform a concurrent refresh on that view, the view's owner could control code executed with the privileges of the user running REFRESH. Fix things so that all user-determined code is run as the view's owner, as expected * If you use GIN indexes, you may need to reindex after updating to this release. * LLVM 18 is now supported. * https://www.postgresql.org/docs/release/12.18/ - Update to 12.17: * bsc#1216962, CVE-2023-5868: Fix handling of unknown-type arguments in DISTINCT "any" aggregate functions. This error led to a text-type value being interpreted as an unknown-type value (that is, a zero-terminated string) at runtime. This could result in disclosure of server memory following the text value. * bsc#1216961, CVE-2023-5869: Detect integer overflow while computing new array dimensions. When assigning new elements to array subscripts that are outside the current array bounds, an undetected integer overflow could occur in edge cases. Memory stomps that are potentially exploitable for arbitrary code execution are possible, and so is disclosure of server memory. * bsc#1216960, CVE-2023-5870: Prevent the pg_signal_backend role from signalling background workers and autovacuum processes. The documentation says that pg_signal_backend cannot issue OBS-URL: https://build.opensuse.org/request/show/1145273 OBS-URL: https://build.opensuse.org/package/show/openSUSE:Factory/postgresql12?expand=0&rev=32
This commit is contained in:
commit
69db83cf17
@ -14,21 +14,13 @@ causes the JIT to fail at runtime.
|
||||
|
||||
--- src/backend/jit/llvm/llvmjit.c.orig
|
||||
+++ src/backend/jit/llvm/llvmjit.c
|
||||
@@ -101,6 +101,7 @@ LLVMValueRef FuncExecEvalSysVar;
|
||||
LLVMValueRef FuncExecAggTransReparent;
|
||||
LLVMValueRef FuncExecAggInitGroup;
|
||||
|
||||
+LLVMModuleRef mod = NULL;
|
||||
|
||||
static bool llvm_session_initialized = false;
|
||||
static size_t llvm_generation = 0;
|
||||
@@ -742,6 +743,35 @@ llvm_compile_module(LLVMJitContext *cont
|
||||
@@ -736,6 +736,35 @@ llvm_compile_module(LLVMJitContext *cont
|
||||
}
|
||||
|
||||
/*
|
||||
+ * For the systemz target, LLVM uses a different datalayout for z13 and newer
|
||||
+ * CPUs than it does for older CPUs. This can cause a mismatch in datalayouts
|
||||
+ * in the case where the llvm_types_module (mod) is compiled with a pre-z13 CPU
|
||||
+ * in the case where the llvm_types_module is compiled with a pre-z13 CPU
|
||||
+ * and the JIT is running on z13 or newer.
|
||||
+ * See computeDataLayout() function in
|
||||
+ * llvm/lib/Target/SystemZ/SystemZTargetMachine.cpp for information on the
|
||||
@ -46,7 +38,7 @@ causes the JIT to fail at runtime.
|
||||
+ return false;
|
||||
+ }
|
||||
+
|
||||
+ llvm_context = LLVMGetModuleContext(mod);
|
||||
+ llvm_context = LLVMGetModuleContext(llvm_types_module);
|
||||
+ vec_type = LLVMVectorType(LLVMIntTypeInContext(llvm_context, 32), 4);
|
||||
+ llvm_layoutref = LLVMCreateTargetData(llvm_layout);
|
||||
+ ret = (LLVMABIAlignmentOfType(llvm_layoutref, vec_type) == 16);
|
||||
@ -58,7 +50,7 @@ causes the JIT to fail at runtime.
|
||||
* Per session initialization.
|
||||
*/
|
||||
static void
|
||||
@@ -750,6 +780,7 @@ llvm_session_initialize(void)
|
||||
@@ -744,6 +773,7 @@ llvm_session_initialize(void)
|
||||
MemoryContext oldcontext;
|
||||
char *error = NULL;
|
||||
char *cpu = NULL;
|
||||
@ -66,7 +58,7 @@ causes the JIT to fail at runtime.
|
||||
char *features = NULL;
|
||||
LLVMTargetMachineRef opt0_tm;
|
||||
LLVMTargetMachineRef opt3_tm;
|
||||
@@ -781,10 +812,17 @@ llvm_session_initialize(void)
|
||||
@@ -775,10 +805,17 @@ llvm_session_initialize(void)
|
||||
* features not all CPUs have (weird, huh).
|
||||
*/
|
||||
cpu = LLVMGetHostCPUName();
|
||||
@ -85,7 +77,7 @@ causes the JIT to fail at runtime.
|
||||
opt0_tm =
|
||||
LLVMCreateTargetMachine(llvm_targetref, llvm_triple, cpu, features,
|
||||
LLVMCodeGenLevelNone,
|
||||
@@ -798,8 +836,13 @@ llvm_session_initialize(void)
|
||||
@@ -792,8 +829,13 @@ llvm_session_initialize(void)
|
||||
|
||||
LLVMDisposeMessage(cpu);
|
||||
cpu = NULL;
|
||||
@ -100,11 +92,3 @@ causes the JIT to fail at runtime.
|
||||
|
||||
/* force symbols in main binary to be loaded */
|
||||
LLVMLoadLibraryPermanently(NULL);
|
||||
@@ -952,7 +995,6 @@ llvm_create_types(void)
|
||||
char path[MAXPGPATH];
|
||||
LLVMMemoryBufferRef buf;
|
||||
char *msg;
|
||||
- LLVMModuleRef mod = NULL;
|
||||
|
||||
snprintf(path, MAXPGPATH, "%s/%s", pkglib_path, "llvmjit_types.bc");
|
||||
|
||||
|
@ -1,3 +0,0 @@
|
||||
version https://git-lfs.github.com/spec/v1
|
||||
oid sha256:c5f1fff7a0f93e1ec3746417b0594290ece617b4995ed95b8d527af0ba0e38f3
|
||||
size 21140532
|
@ -1 +0,0 @@
|
||||
c5f1fff7a0f93e1ec3746417b0594290ece617b4995ed95b8d527af0ba0e38f3 postgresql-12.16.tar.bz2
|
3
postgresql-12.18.tar.bz2
Normal file
3
postgresql-12.18.tar.bz2
Normal file
@ -0,0 +1,3 @@
|
||||
version https://git-lfs.github.com/spec/v1
|
||||
oid sha256:4f9919725d941ce9868e07fe1ed1d3a86748599b483386547583928b74c3918a
|
||||
size 21208935
|
1
postgresql-12.18.tar.bz2.sha256
Normal file
1
postgresql-12.18.tar.bz2.sha256
Normal file
@ -0,0 +1 @@
|
||||
4f9919725d941ce9868e07fe1ed1d3a86748599b483386547583928b74c3918a postgresql-12.18.tar.bz2
|
@ -1,3 +1,52 @@
|
||||
-------------------------------------------------------------------
|
||||
Thu Feb 8 14:32:50 UTC 2024 - Reinhard Max <max@suse.com>
|
||||
|
||||
- Upgrade to 12.18:
|
||||
* bsc#1219679, CVE-2024-0985: Tighten security restrictions
|
||||
within REFRESH MATERIALIZED VIEW CONCURRENTLY.
|
||||
One step of a concurrent refresh command was run under weak
|
||||
security restrictions. If a materialized view's owner could
|
||||
persuade a superuser or other high-privileged user to perform a
|
||||
concurrent refresh on that view, the view's owner could control
|
||||
code executed with the privileges of the user running REFRESH.
|
||||
Fix things so that all user-determined code is run as the
|
||||
view's owner, as expected
|
||||
* If you use GIN indexes, you may need to reindex after updating
|
||||
to this release.
|
||||
* LLVM 18 is now supported.
|
||||
* https://www.postgresql.org/docs/release/12.18/
|
||||
|
||||
-------------------------------------------------------------------
|
||||
Wed Nov 8 14:37:39 UTC 2023 - Reinhard Max <max@suse.com>
|
||||
|
||||
- Update to 12.17:
|
||||
* bsc#1216962, CVE-2023-5868: Fix handling of unknown-type
|
||||
arguments in DISTINCT "any" aggregate functions. This error led
|
||||
to a text-type value being interpreted as an unknown-type value
|
||||
(that is, a zero-terminated string) at runtime. This could
|
||||
result in disclosure of server memory following the text value.
|
||||
* bsc#1216961, CVE-2023-5869: Detect integer overflow while
|
||||
computing new array dimensions. When assigning new elements to
|
||||
array subscripts that are outside the current array bounds, an
|
||||
undetected integer overflow could occur in edge cases. Memory
|
||||
stomps that are potentially exploitable for arbitrary code
|
||||
execution are possible, and so is disclosure of server memory.
|
||||
* bsc#1216960, CVE-2023-5870: Prevent the pg_signal_backend role
|
||||
from signalling background workers and autovacuum processes.
|
||||
The documentation says that pg_signal_backend cannot issue
|
||||
signals to superuser-owned processes. It was able to signal
|
||||
these background processes, though, because they advertise a
|
||||
role OID of zero. Treat that as indicating superuser ownership.
|
||||
The security implications of cancelling one of these process
|
||||
types are fairly small so far as the core code goes (we'll just
|
||||
start another one), but extensions might add background workers
|
||||
that are more vulnerable.
|
||||
Also ensure that the is_superuser parameter is set correctly in
|
||||
such processes. No specific security consequences are known for
|
||||
that oversight, but it might be significant for some extensions.
|
||||
* Add support for LLVM 16 and 17
|
||||
* https://www.postgresql.org/docs/12/release-12-17.html
|
||||
|
||||
-------------------------------------------------------------------
|
||||
Tue Oct 31 10:57:13 UTC 2023 - Reinhard Max <max@suse.com>
|
||||
|
||||
|
@ -1,7 +1,7 @@
|
||||
#
|
||||
# spec file
|
||||
# spec file for package postgresql12
|
||||
#
|
||||
# Copyright (c) 2023 SUSE LLC
|
||||
# Copyright (c) 2024 SUSE LLC
|
||||
#
|
||||
# All modifications and additions to the file contributed by third parties
|
||||
# remain the property of their copyright owners, unless otherwise agreed
|
||||
@ -16,11 +16,11 @@
|
||||
#
|
||||
|
||||
|
||||
%define pgversion 12.16
|
||||
%define pgversion 12.18
|
||||
%define pgmajor 12
|
||||
%define buildlibs 0
|
||||
%define tarversion %{pgversion}
|
||||
%define latest_supported_llvm_ver 15
|
||||
%define latest_supported_llvm_ver 18
|
||||
|
||||
### CUT HERE ###
|
||||
%define pgname postgresql%pgmajor
|
||||
@ -187,7 +187,7 @@ Provides: postgresql = %version-%release
|
||||
Provides: postgresql-implementation = %version-%release
|
||||
Requires: %libpq >= %version
|
||||
Requires(post): postgresql-noarch >= %pgmajor
|
||||
Requires(postun):postgresql-noarch >= %pgmajor
|
||||
Requires(postun): postgresql-noarch >= %pgmajor
|
||||
# At this point we changed the package layout on SLE and conflict with
|
||||
# older releases to get a clean cut.
|
||||
Conflicts: postgresql-noarch < 12.0.1
|
||||
@ -277,7 +277,7 @@ Provides: %pgname-server-devel = %version-%release
|
||||
Provides: postgresql-server-devel = %version-%release
|
||||
Provides: postgresql-server-devel-implementation = %version-%release
|
||||
Requires(post): postgresql-server-devel-noarch >= %pgmajor
|
||||
Requires(postun):postgresql-server-devel-noarch >= %pgmajor
|
||||
Requires(postun): postgresql-server-devel-noarch >= %pgmajor
|
||||
Requires: %pgname-devel = %version
|
||||
Requires: %pgname-server = %version-%release
|
||||
# Installation of postgresql??-devel is exclusive
|
||||
@ -335,10 +335,10 @@ Recommends: %{name}-llvmjit
|
||||
Provides: postgresql-server-implementation = %version-%release
|
||||
Requires: %libpq >= %version
|
||||
Requires(pre): postgresql-server-noarch >= %pgmajor
|
||||
Requires(preun):postgresql-server-noarch >= %pgmajor
|
||||
Requires(postun):postgresql-server-noarch >= %pgmajor
|
||||
Requires(preun): postgresql-server-noarch >= %pgmajor
|
||||
Requires(postun): postgresql-server-noarch >= %pgmajor
|
||||
Requires(post): postgresql-noarch >= %pgmajor
|
||||
Requires(postun):postgresql-noarch >= %pgmajor
|
||||
Requires(postun): postgresql-noarch >= %pgmajor
|
||||
|
||||
%description server
|
||||
PostgreSQL is an advanced object-relational database management system
|
||||
@ -377,7 +377,7 @@ Requires: %pgname-server-devel = %version
|
||||
%if %{with llvm}
|
||||
Requires: %pgname-llvmjit = %version
|
||||
Requires(post): postgresql-llvmjit-devel-noarch >= %pgmajor
|
||||
Requires(postun):postgresql-llvmjit-devel-noarch >= %pgmajor
|
||||
Requires(postun): postgresql-llvmjit-devel-noarch >= %pgmajor
|
||||
%requires_file %_bindir/llc
|
||||
%requires_file %_bindir/clang
|
||||
%endif
|
||||
@ -797,11 +797,9 @@ awk -v P=%buildroot '/^(%lang|[^%])/{print P $NF}' libpq.files libecpg.files | x
|
||||
|
||||
%post -n %pgname-%devel
|
||||
/sbin/ldconfig
|
||||
/usr/share/postgresql/install-alternatives %pgmajor
|
||||
|
||||
%postun -n %pgname-%devel
|
||||
/sbin/ldconfig
|
||||
/usr/share/postgresql/install-alternatives %pgmajor
|
||||
|
||||
%if %{with server_devel}
|
||||
%post server-devel
|
||||
|
Loading…
Reference in New Issue
Block a user