Ana Guerrero
14c94d23b8
Accepting request 1201983 from server:database:postgresql
...
- Upgrade to 12.20 (bsc#1229013):
* bsc#1229013, CVE-2024-7348 PostgreSQL relation replacement
during pg_dump executes arbitrary SQL
* https://www.postgresql.org/about/news/postgresql-164-158-1413-1316-1220-and-17-beta-3-released-2910/
* https://www.postgresql.org/docs/release/12.20/
OBS-URL: https://build.opensuse.org/request/show/1201983
OBS-URL: https://build.opensuse.org/package/show/openSUSE:Factory/postgresql12?expand=0&rev=35
2024-09-19 19:17:54 +00:00
bfbac990e8
https://www.postgresql.org/about/news/postgresql-164-158-1413-1316-1220-and-17-beta-3-released-2910/
...
OBS-URL: https://build.opensuse.org/package/show/server:database:postgresql/postgresql12?expand=0&rev=104
2024-08-10 14:37:05 +00:00
Reinhard Max
a9bf787362
typo
...
OBS-URL: https://build.opensuse.org/package/show/server:database:postgresql/postgresql12?expand=0&rev=103
2024-05-15 08:18:19 +00:00
Dominique Leuenberger
376af59aa1
Accepting request 1172964 from server:database:postgresql
...
- Upgrade to 12.19 (bsc#1224051):
* Fix incompatibility with LLVM 18.
* https://www.postgresql.org/docs/release/12.19/
- Prepare for PostgreSQL 17.
- Make sure all compilation and doc generation happens in %build.
- Require LLVM <= 17 for now, because LLVM 18 doesn't seem to work.
- Remove constraints file because improved memory usage for s390x
OBS-URL: https://build.opensuse.org/request/show/1172964
OBS-URL: https://build.opensuse.org/package/show/openSUSE:Factory/postgresql12?expand=0&rev=34
2024-05-10 10:05:21 +00:00
Reinhard Max
ba7da7202e
- Upgrade to 12.19 (bsc#1224051):
...
* Fix incompatibility with LLVM 18.
* https://www.postgresql.org/docs/release/12.19/
- Prepare for PostgreSQL 17.
- Make sure all compilation and doc generation happens in %build.
OBS-URL: https://build.opensuse.org/package/show/server:database:postgresql/postgresql12?expand=0&rev=101
2024-05-09 15:33:52 +00:00
481e8e504e
CVE-2024-4317
...
OBS-URL: https://build.opensuse.org/package/show/server:database:postgresql/postgresql12?expand=0&rev=100
2024-05-09 14:13:19 +00:00
Reinhard Max
76fc3dce47
Accepting request 1171158 from home:aaronpuchert:branches:server:database:postgresql
...
- Require LLVM <= 17 for now, because LLVM 18 doesn't seem to work.
OBS-URL: https://build.opensuse.org/request/show/1171158
OBS-URL: https://build.opensuse.org/package/show/server:database:postgresql/postgresql12?expand=0&rev=99
2024-05-02 07:15:36 +00:00
Reinhard Max
6c6a0f5d9f
- Remove constraints file because improved memory usage for s390x
...
OBS-URL: https://build.opensuse.org/package/show/server:database:postgresql/postgresql12?expand=0&rev=98
2024-03-11 09:21:53 +00:00
Ana Guerrero
f5b48c393a
Accepting request 1154709 from server:database:postgresql
...
OBS-URL: https://build.opensuse.org/request/show/1154709
OBS-URL: https://build.opensuse.org/package/show/openSUSE:Factory/postgresql12?expand=0&rev=33
2024-03-04 20:25:49 +00:00
Reinhard Max
91c7c93a1a
Accepting request 1153295 from home:dimstar:rpm4.20:p
...
Prepare for RPM 4.20
OBS-URL: https://build.opensuse.org/request/show/1153295
OBS-URL: https://build.opensuse.org/package/show/server:database:postgresql/postgresql12?expand=0&rev=96
2024-03-04 14:16:06 +00:00
Ana Guerrero
69db83cf17
Accepting request 1145273 from server:database:postgresql
...
- Upgrade to 12.18:
* bsc#1219679, CVE-2024-0985: Tighten security restrictions
within REFRESH MATERIALIZED VIEW CONCURRENTLY.
One step of a concurrent refresh command was run under weak
security restrictions. If a materialized view's owner could
persuade a superuser or other high-privileged user to perform a
concurrent refresh on that view, the view's owner could control
code executed with the privileges of the user running REFRESH.
Fix things so that all user-determined code is run as the
view's owner, as expected
* If you use GIN indexes, you may need to reindex after updating
to this release.
* LLVM 18 is now supported.
* https://www.postgresql.org/docs/release/12.18/
- Update to 12.17:
* bsc#1216962, CVE-2023-5868: Fix handling of unknown-type
arguments in DISTINCT "any" aggregate functions. This error led
to a text-type value being interpreted as an unknown-type value
(that is, a zero-terminated string) at runtime. This could
result in disclosure of server memory following the text value.
* bsc#1216961, CVE-2023-5869: Detect integer overflow while
computing new array dimensions. When assigning new elements to
array subscripts that are outside the current array bounds, an
undetected integer overflow could occur in edge cases. Memory
stomps that are potentially exploitable for arbitrary code
execution are possible, and so is disclosure of server memory.
* bsc#1216960, CVE-2023-5870: Prevent the pg_signal_backend role
from signalling background workers and autovacuum processes.
The documentation says that pg_signal_backend cannot issue
OBS-URL: https://build.opensuse.org/request/show/1145273
OBS-URL: https://build.opensuse.org/package/show/openSUSE:Factory/postgresql12?expand=0&rev=32
2024-02-09 22:52:58 +00:00
Reinhard Max
2e2b4a38db
- Upgrade to 12.18:
...
* bsc#1219679, CVE-2024-0985: Tighten security restrictions
within REFRESH MATERIALIZED VIEW CONCURRENTLY.
One step of a concurrent refresh command was run under weak
security restrictions. If a materialized view's owner could
persuade a superuser or other high-privileged user to perform a
concurrent refresh on that view, the view's owner could control
code executed with the privileges of the user running REFRESH.
Fix things so that all user-determined code is run as the
view's owner, as expected
* If you use GIN indexes, you may need to reindex after updating
to this release.
* LLVM 18 is now supported.
* https://www.postgresql.org/docs/release/12.18/
OBS-URL: https://build.opensuse.org/package/show/server:database:postgresql/postgresql12?expand=0&rev=94
2024-02-08 15:26:36 +00:00
Reinhard Max
6923d19d72
November 2023 Security Updates
...
OBS-URL: https://build.opensuse.org/package/show/server:database:postgresql/postgresql12?expand=0&rev=93
2023-11-09 14:43:25 +00:00
Ana Guerrero
9535d3dc2f
Accepting request 1121432 from server:database:postgresql
...
Revert last change and make the devel package independend
OBS-URL: https://build.opensuse.org/request/show/1121432
OBS-URL: https://build.opensuse.org/package/show/openSUSE:Factory/postgresql12?expand=0&rev=31
2023-10-31 19:26:30 +00:00
Reinhard Max
9e5cf987b7
- boo#1216734: Revert the last change and make the devel package
...
independend of all other subpackages except for the libs.
OBS-URL: https://build.opensuse.org/package/show/server:database:postgresql/postgresql12?expand=0&rev=91
2023-10-31 11:05:07 +00:00
Ana Guerrero
b4ae1bfbbc
Accepting request 1120253 from server:database:postgresql
...
- boo#1216022: Call install-alternatives from the devel subpackage
as well, otherwise the symlink for ecpg might be missing.
- Also buildignore the postgresql*-implementation symbols: this is
needed in order to bootstrap when no postgresql version currently
has valid symbols provided. Once the packages are built, OBS
could translate this to the pgname-* packages and accept the
ignores; during bootstrap though, there is nothing providing the
symbol and the existing buildignores do not suffice.
OBS-URL: https://build.opensuse.org/request/show/1120253
OBS-URL: https://build.opensuse.org/package/show/openSUSE:Factory/postgresql12?expand=0&rev=30
2023-10-25 16:04:49 +00:00
Reinhard Max
70f264061c
OBS-URL: https://build.opensuse.org/package/show/server:database:postgresql/postgresql12?expand=0&rev=89
2023-10-10 14:54:09 +00:00
Reinhard Max
1a20e3016b
- boo#1216022: Call install-alternatives from the devel subpackage
...
as well, otherwise the symlink for ecpg might be missing.
- Also buildignore the postgresql*-implementation symbols: this is
needed in order to bootstrap when no postgresql version currently
has valid symbols provided. Once the packages are built, OBS
could translate this to the pgname-* packages and accept the
ignores; during bootstrap though, there is nothing providing the
symbol and the existing buildignores do not suffice.
OBS-URL: https://build.opensuse.org/package/show/server:database:postgresql/postgresql12?expand=0&rev=88
2023-10-10 13:13:29 +00:00
Dominique Leuenberger
527f9ebcd6
Accepting request 1103350 from server:database:postgresql
...
- Update to 12.16:
* bsc#1214059, CVE-2023-39417: Disallow substituting a schema or
owner name into an extension script if the name contains a
quote, backslash, or dollar sign.
* https://www.postgresql.org/docs/12/release-12-16.html
- Restore the independence of mini builds from the main build after
the -mini name change from April 4, 2023.
- Adjust icu handling to prepare for PostgreSQL 16.
- Overhaul postgresql-README.SUSE and move it from the binary
package to the noarch wrapper package.
- Change the unix domain socket location from /var/run to /run.
OBS-URL: https://build.opensuse.org/request/show/1103350
OBS-URL: https://build.opensuse.org/package/show/openSUSE:Factory/postgresql12?expand=0&rev=29
2023-08-11 13:55:42 +00:00
Reinhard Max
0c9821a301
- Update to 12.16:
...
* bsc#1214059, CVE-2023-39417: Disallow substituting a schema or
owner name into an extension script if the name contains a
quote, backslash, or dollar sign.
* https://www.postgresql.org/docs/12/release-12-16.html
OBS-URL: https://build.opensuse.org/package/show/server:database:postgresql/postgresql12?expand=0&rev=86
2023-08-10 15:25:53 +00:00
Reinhard Max
383c21ac44
- Restore the independence of mini builds from the main build after
...
the -mini name change from April 4, 2023.
- Adjust icu handling to prepare for PostgreSQL 16.
OBS-URL: https://build.opensuse.org/package/show/server:database:postgresql/postgresql12?expand=0&rev=85
2023-05-26 12:03:32 +00:00
Reinhard Max
581cdd5cc5
- Overhaul postgresql-README.SUSE and move it from the binary
...
package to the noarch wrapper package.
- Change the unix domain socket location from /var/run to /run.
OBS-URL: https://build.opensuse.org/package/show/server:database:postgresql/postgresql12?expand=0&rev=84
2023-05-15 14:55:37 +00:00
Dominique Leuenberger
f082e4eca2
Accepting request 1086557 from server:database:postgresql
...
- Update to 12.15:
* bsc#1211228, CVE-2023-2454:
Prevent CREATE SCHEMA from defeating changes in search_path
* bsc#1211229, CVE-2023-2455: Enforce row-level security
policies correctly after inlining a set-returning function
* https://www.postgresql.org/about/news/2637/
* https://www.postgresql.org/docs/12/release-12-15.html
OBS-URL: https://build.opensuse.org/request/show/1086557
OBS-URL: https://build.opensuse.org/package/show/openSUSE:Factory/postgresql12?expand=0&rev=28
2023-05-12 18:37:16 +00:00
Reinhard Max
6ae799d8be
- Update to 12.15:
...
* bsc#1211228, CVE-2023-2454:
Prevent CREATE SCHEMA from defeating changes in search_path
* bsc#1211229, CVE-2023-2455: Enforce row-level security
policies correctly after inlining a set-returning function
* https://www.postgresql.org/about/news/2637/
* https://www.postgresql.org/docs/12/release-12-15.html
OBS-URL: https://build.opensuse.org/package/show/server:database:postgresql/postgresql12?expand=0&rev=82
2023-05-11 13:19:45 +00:00
Dominique Leuenberger
0143c2463f
Accepting request 1081148 from server:database:postgresql
...
- bsc#1210303: Stop using the obsolete internal %_restart_on_update
macro and drop support for sysv init to simplify the scriptlets.
- Include -mini in Name: to avoid conflicts in the source package
name and OBS internal dependency tracking.
OBS-URL: https://build.opensuse.org/request/show/1081148
OBS-URL: https://build.opensuse.org/package/show/openSUSE:Factory/postgresql12?expand=0&rev=27
2023-04-21 12:17:48 +00:00
Reinhard Max
fde8e83a71
OBS-URL: https://build.opensuse.org/package/show/server:database:postgresql/postgresql12?expand=0&rev=80
2023-04-19 13:27:02 +00:00
Reinhard Max
79bc144101
- bsc#1210303: Stop using the obsolete internal %_restart_on_update
...
macro and drop support for sysv init to simplify the scriptlets.
- Include -mini in Name: to avoid conflicts in the source package
name and OBS internal dependency tracking.
OBS-URL: https://build.opensuse.org/package/show/server:database:postgresql/postgresql12?expand=0&rev=79
2023-04-18 14:04:58 +00:00
Dominique Leuenberger
8f75499fa8
Accepting request 1064057 from server:database:postgresql
...
- Update to 12.14:
* CVE-2022-41862, bsc#1208102: memory leak in libpq
* https://www.postgresql.org/about/news/2592/
* https://www.postgresql.org/docs/12/release-12-14.html
- Bump latest_supported_llvm_ver to 15.
OBS-URL: https://build.opensuse.org/request/show/1064057
OBS-URL: https://build.opensuse.org/package/show/openSUSE:Factory/postgresql12?expand=0&rev=26
2023-02-10 13:33:54 +00:00
Reinhard Max
9da35c824e
- Update to 12.14:
...
* CVE-2022-41862, bsc#1208102: memory leak in libpq
* https://www.postgresql.org/about/news/2592/
* https://www.postgresql.org/docs/12/release-12-14.html
- Bump latest_supported_llvm_ver to 15.
OBS-URL: https://build.opensuse.org/package/show/server:database:postgresql/postgresql12?expand=0&rev=77
2023-02-09 14:39:22 +00:00
Dominique Leuenberger
4a707c7267
Accepting request 1035216 from server:database:postgresql
...
- bsc#1205300: Update to 12.13:
* https://www.postgresql.org/about/news/2543/
* https://www.postgresql.org/docs/12/release-12-13.html
- Sync spec file with postgresql15.
OBS-URL: https://build.opensuse.org/request/show/1035216
OBS-URL: https://build.opensuse.org/package/show/openSUSE:Factory/postgresql12?expand=0&rev=25
2022-11-12 16:40:39 +00:00
Reinhard Max
290ea0293c
- bsc#1205300: Update to 12.13:
...
* https://www.postgresql.org/about/news/2543/
* https://www.postgresql.org/docs/12/release-12-13.html
- Sync spec file with postgresql15.
OBS-URL: https://build.opensuse.org/package/show/server:database:postgresql/postgresql12?expand=0&rev=75
2022-11-10 16:35:13 +00:00
Richard Brown
6d8dfc2516
Accepting request 1006685 from server:database:postgresql
...
- Create mechanism to specify the latest supported LLVM version.
Automatically pin to that version if the distribution has a newer
unsupported default version.
- Sync spec file with postgresql15.
- Disable LLVM JIT on riscv64
OBS-URL: https://build.opensuse.org/request/show/1006685
OBS-URL: https://build.opensuse.org/package/show/openSUSE:Factory/postgresql12?expand=0&rev=24
2022-10-04 18:37:28 +00:00
Reinhard Max
5224d7ae28
OBS-URL: https://build.opensuse.org/package/show/server:database:postgresql/postgresql12?expand=0&rev=73
2022-09-23 16:03:25 +00:00
Reinhard Max
9aed76975f
- Sync spec file with postgresql15.
...
OBS-URL: https://build.opensuse.org/package/show/server:database:postgresql/postgresql12?expand=0&rev=72
2022-09-23 14:12:50 +00:00
Reinhard Max
9805c47fe5
- Add generic mechanism to pin to latest supported LLVM version.
...
OBS-URL: https://build.opensuse.org/package/show/server:database:postgresql/postgresql12?expand=0&rev=71
2022-09-23 12:44:56 +00:00
Reinhard Max
bf8c3b5bee
Accepting request 1003030 from openSUSE:Factory:RISCV
...
- Disable LLVM JIT on riscv64
OBS-URL: https://build.opensuse.org/request/show/1003030
OBS-URL: https://build.opensuse.org/package/show/server:database:postgresql/postgresql12?expand=0&rev=70
2022-09-13 11:52:41 +00:00
Dominique Leuenberger
8e9558be49
Accepting request 995183 from server:database:postgresql
...
- - Update to 12.12:
* bsc#1202368, CVE-2022-2625: Extension scripts replace objects
not belonging to the extension.
* https://www.postgresql.org/docs/release/12.12/
OBS-URL: https://build.opensuse.org/request/show/995183
OBS-URL: https://build.opensuse.org/package/show/openSUSE:Factory/postgresql12?expand=0&rev=23
2022-08-16 15:06:42 +00:00
Reinhard Max
8bb87708c2
- - Update to 12.12:
...
* bsc#1202368, CVE-2022-2625: Extension scripts replace objects
not belonging to the extension.
* https://www.postgresql.org/docs/release/12.12/
OBS-URL: https://build.opensuse.org/package/show/server:database:postgresql/postgresql12?expand=0&rev=68
2022-08-15 09:56:25 +00:00
Dominique Leuenberger
004b297213
Accepting request 977047 from server:database:postgresql
...
- Update to 12.11:
* bsc#1199475, CVE-2022-1552: Confine additional operations
within "security restricted operation" sandboxes.
* https://www.postgresql.org/docs/12/release-12-11.html
OBS-URL: https://build.opensuse.org/request/show/977047
OBS-URL: https://build.opensuse.org/package/show/openSUSE:Factory/postgresql12?expand=0&rev=22
2022-05-14 20:54:44 +00:00
Reinhard Max
bd272e6ae4
- Update to 12.11:
...
* bsc#1199475, CVE-2022-1552: Confine additional operations
within "security restricted operation" sandboxes.
* https://www.postgresql.org/docs/12/release-12-11.html
* https://www.postgresql.org/docs/12/release-12-9.html
OBS-URL: https://build.opensuse.org/package/show/server:database:postgresql/postgresql12?expand=0&rev=66
2022-05-12 14:52:46 +00:00
Dominique Leuenberger
7ae7d8348d
Accepting request 969863 from server:database:postgresql
...
- bsc#1198166: Pin to llvm13 until the next patchlevel update.
- bsc#1195680: Upgrade to 12.10:
* https://www.postgresql.org/docs/12/release-12-10.html
* Reindexing might be needed after applying this upgrade, so
please read the release notes carefully.
- boo#1190740: Add constraints file with 12GB of memory for s390x
as a workaround
OBS-URL: https://build.opensuse.org/request/show/969863
OBS-URL: https://build.opensuse.org/package/show/openSUSE:Factory/postgresql12?expand=0&rev=21
2022-04-14 15:23:00 +00:00
Reinhard Max
897680f1c8
- bsc#1198166: Pin to llvm13 until the next patchlevel update.
...
OBS-URL: https://build.opensuse.org/package/show/server:database:postgresql/postgresql12?expand=0&rev=64
2022-04-13 12:22:11 +00:00
Reinhard Max
132983986f
- bsc#1195680: Upgrade to 12.10:
...
* https://www.postgresql.org/docs/12/release-12-10.html
* Reindexing might be needed after applying this upgrade, so
please read the release notes carefully.
- boo#1190740: Add constraints file with 12GB of memory for s390x
as a workaround
OBS-URL: https://build.opensuse.org/package/show/server:database:postgresql/postgresql12?expand=0&rev=63
2022-02-10 15:27:35 +00:00
Dominique Leuenberger
0df12f1a0c
Accepting request 935206 from server:database:postgresql
...
- Add a llvmjit-devel subpackage to pull in the right versions
of clang and llvm for building extensions.
- Fix some mistakes in the interdependencies between the
implementation packages and their noarch counterpart.
- Update the BuildIgnore section.
OBS-URL: https://build.opensuse.org/request/show/935206
OBS-URL: https://build.opensuse.org/package/show/openSUSE:Factory/postgresql12?expand=0&rev=20
2021-12-06 22:59:25 +00:00
Reinhard Max
98305df086
OBS-URL: https://build.opensuse.org/package/show/server:database:postgresql/postgresql12?expand=0&rev=62
2021-12-02 13:44:40 +00:00
Reinhard Max
5c98a5fbfa
OBS-URL: https://build.opensuse.org/package/show/server:database:postgresql/postgresql12?expand=0&rev=61
2021-11-30 19:04:11 +00:00
Reinhard Max
f45f54fc58
OBS-URL: https://build.opensuse.org/package/show/server:database:postgresql/postgresql12?expand=0&rev=60
2021-11-30 17:13:25 +00:00
Reinhard Max
b438339ef4
- Add a llvmjit-devel subpackage to pull in the right versions
...
of clang and llvm for building extensions.
OBS-URL: https://build.opensuse.org/package/show/server:database:postgresql/postgresql12?expand=0&rev=59
2021-11-30 16:50:45 +00:00
Dominique Leuenberger
e5a3caf233
Accepting request 930951 from server:database:postgresql
...
- bsc#1192516: Upgrade to version 12.9:
* Make the server reject extraneous data after an SSL or GSS
encryption handshake (CVE-2021-23214).
* Make libpq reject extraneous data after an SSL or GSS
encryption handshake (CVE-2021-23222).
* https://www.postgresql.org/docs/12/release-12-0.html
OBS-URL: https://build.opensuse.org/request/show/930951
OBS-URL: https://build.opensuse.org/package/show/openSUSE:Factory/postgresql12?expand=0&rev=19
2021-11-13 21:48:10 +00:00
Reinhard Max
34f0cffed2
- bsc#1192516: Upgrade to version 12.9:
...
* Make the server reject extraneous data after an SSL or GSS
encryption handshake (CVE-2021-23214).
* Make libpq reject extraneous data after an SSL or GSS
encryption handshake (CVE-2021-23222).
* https://www.postgresql.org/docs/12/release-12-0.html
OBS-URL: https://build.opensuse.org/package/show/server:database:postgresql/postgresql12?expand=0&rev=58
2021-11-11 14:44:37 +00:00