Accepting request 1224295 from server:database:postgresql

- Upgrade to 13.17:
  * CVE-2024-10976, bsc#1233323: Ensure cached plans are marked as
    dependent on the calling role when RLS applies to a
    non-top-level table reference.
  * CVE-2024-10977, bsc#1233325: Make libpq discard error messages
    received during SSL or GSS protocol negotiation.
  * CVE-2024-10978, bsc#1233326: Fix unintended interactions
    between SET SESSION AUTHORIZATION and SET ROLE
  * CVE-2024-10979, bsc#1233327: Prevent trusted PL/Perl code from
    changing environment variables.
  * https://www.postgresql.org/about/news/p-2955/
  * https://www.postgresql.org/docs/release/13.17/

- Sync spec file from postgresql17.

  * https://www.postgresql.org/about/news/p-2910/

OBS-URL: https://build.opensuse.org/request/show/1224295
OBS-URL: https://build.opensuse.org/package/show/openSUSE:Factory/postgresql13?expand=0&rev=31
This commit is contained in:
Ana Guerrero 2024-11-15 14:43:21 +00:00 committed by Git OBS Bridge
commit 0c6f59b3d7
6 changed files with 44 additions and 24 deletions

View File

@ -1,3 +0,0 @@
version https://git-lfs.github.com/spec/v1
oid sha256:c9cbbb6129f02328204828066bb3785c00a85c8ca8fd329c2a8a53c1f5cd8865
size 21639411

View File

@ -1 +0,0 @@
c9cbbb6129f02328204828066bb3785c00a85c8ca8fd329c2a8a53c1f5cd8865 postgresql-13.16.tar.bz2

3
postgresql-13.17.tar.bz2 Normal file
View File

@ -0,0 +1,3 @@
version https://git-lfs.github.com/spec/v1
oid sha256:022b0a6e7bc374a777eece33708895d7b60cae07d492b286b296a49d7395d78b
size 21681613

View File

@ -0,0 +1 @@
022b0a6e7bc374a777eece33708895d7b60cae07d492b286b296a49d7395d78b postgresql-13.17.tar.bz2

View File

@ -1,10 +1,31 @@
-------------------------------------------------------------------
Wed Nov 13 13:30:13 UTC 2024 - Reinhard Max <max@suse.com>
- Upgrade to 13.17:
* CVE-2024-10976, bsc#1233323: Ensure cached plans are marked as
dependent on the calling role when RLS applies to a
non-top-level table reference.
* CVE-2024-10977, bsc#1233325: Make libpq discard error messages
received during SSL or GSS protocol negotiation.
* CVE-2024-10978, bsc#1233326: Fix unintended interactions
between SET SESSION AUTHORIZATION and SET ROLE
* CVE-2024-10979, bsc#1233327: Prevent trusted PL/Perl code from
changing environment variables.
* https://www.postgresql.org/about/news/p-2955/
* https://www.postgresql.org/docs/release/13.17/
-------------------------------------------------------------------
Tue Nov 5 14:00:20 UTC 2024 - Reinhard Max <max@suse.com>
- Sync spec file from postgresql17.
-------------------------------------------------------------------
Sat Aug 10 14:13:54 UTC 2024 - Marcus Rueckert <mrueckert@suse.de>
- Upgrade to 13.16 (bsc#1229013):
* bsc#1229013, CVE-2024-7348 PostgreSQL relation replacement
during pg_dump executes arbitrary SQL
* https://www.postgresql.org/about/news/postgresql-164-158-1413-1316-1220-and-17-beta-3-released-2910/
* https://www.postgresql.org/about/news/p-2910/
* https://www.postgresql.org/docs/release/13.16/
-------------------------------------------------------------------

View File

@ -16,11 +16,13 @@
#
%define pgversion 13.16
%define pgversion 13.17
%define pgmajor 13
%define buildlibs 0
%define tarversion %{pgversion}
%define latest_supported_llvm_ver 17
%define oldest_supported_llvm_ver 10
# To be able to use cmake(LLVM) < ...
%define latest_supported_llvm_ver_plus_one 19
### CUT HERE ###
%define pgname postgresql%pgmajor
@ -60,7 +62,7 @@ Name: %pgname
%endif
%if %pgmajor >= 17
%bcond_with dreived
%bcond_with derived
%else
%bcond_without derived
%endif
@ -73,6 +75,12 @@ Name: %pgname
%bcond_without libzstd
%endif
%if %{without derived}
BuildRequires: bison
BuildRequires: docbook-xsl-stylesheets
BuildRequires: flex
BuildRequires: perl
%endif
%if %mini
%bcond_with selinux
%if %pgmajor >= 16
@ -94,12 +102,6 @@ BuildRequires: zlib-devel
%if %{with liblz4}
BuildRequires: pkgconfig(liblz4)
%endif
%if %{without derived}
BuildRequires: bison
BuildRequires: docbook-xsl-stylesheets
BuildRequires: flex
BuildRequires: perl
%endif
%if %{with libzstd}
BuildRequires: pkgconfig(libzstd)
@ -144,13 +146,8 @@ BuildRequires: libselinux-devel
%endif
%if %{with llvm}
BuildRequires: gcc-c++
%if 0%{?product_libs_llvm_ver} > %{latest_supported_llvm_ver}
BuildRequires: clang%{latest_supported_llvm_ver}
BuildRequires: llvm%{latest_supported_llvm_ver}-devel
%else
BuildRequires: clang
BuildRequires: llvm-devel
%endif
BuildRequires: (cmake(Clang) >= %{oldest_supported_llvm_ver} with cmake(Clang) < %{latest_supported_llvm_ver_plus_one})
BuildRequires: (cmake(LLVM) >= %{oldest_supported_llvm_ver} with cmake(LLVM) < %{latest_supported_llvm_ver_plus_one})
%endif
BuildRequires: libxslt-devel
BuildRequires: openldap2-devel
@ -610,6 +607,7 @@ VLANG=%pgmajor
make DESTDIR=%buildroot PACKAGE_TARNAME=%pgname -C src/include install
make DESTDIR=%buildroot PACKAGE_TARNAME=%pgname -C src/interfaces install
rm -rf %buildroot%pgincludedir/server
rm -rf %buildroot%pgdatadir
%else
make DESTDIR=%buildroot PACKAGE_TARNAME=%pgname install install-docs
%if 0
@ -772,8 +770,6 @@ done
%endif
popd
mkdir -p %buildroot%pgmandir/man1
cp -a doc/src/sgml/man1/ecpg.1 %buildroot%pgmandir/man1/ecpg.1pg%pgmajor
%find_lang ecpg-$VLANG devel.files
# The devel subpackage is exclusive across versions
# and not handled by update-alternatives.
@ -791,8 +787,10 @@ cat server-devel.files >> devel.files
# Build up the file lists for the libpq and libecpg packages
cat > libpq.files <<EOF
%defattr(-,root,root)
%if !%mini
%dir %pgdatadir
%pgdatadir/pg_service.conf.sample
%endif
EOF
find %buildroot -name 'libpq*.so.*' -printf '/%%P\n' >> libpq.files
%find_lang libpq5-$VLANG libpq.files
@ -978,12 +976,13 @@ fi
%_libdir/pkgconfig/*
%_libdir/lib*.so
%pgincludedir
%if %{with server_devel}
%exclude %pgincludedir/server
%endif
%doc %pgmandir/man1/ecpg.1*
%if !%mini
%doc %pgmandir/man1/ecpg.1*
%if %{with server_devel}
%files server-devel -f server-devel.files
%endif