Accepting request 1145272 from server:database:postgresql
- Upgrade to 13.14: * bsc#1219679, CVE-2024-0985: Tighten security restrictions within REFRESH MATERIALIZED VIEW CONCURRENTLY. One step of a concurrent refresh command was run under weak security restrictions. If a materialized view's owner could persuade a superuser or other high-privileged user to perform a concurrent refresh on that view, the view's owner could control code executed with the privileges of the user running REFRESH. Fix things so that all user-determined code is run as the view's owner, as expected * If you use GIN indexes, you may need to reindex after updating to this release. * LLVM 18 is now supported. * https://www.postgresql.org/docs/release/13.4/ OBS-URL: https://build.opensuse.org/request/show/1145272 OBS-URL: https://build.opensuse.org/package/show/openSUSE:Factory/postgresql13?expand=0&rev=27
This commit is contained in:
commit
9ba792710a
@ -1,3 +0,0 @@
|
|||||||
version https://git-lfs.github.com/spec/v1
|
|
||||||
oid sha256:8af69c2599047a2ad246567d68ec4131aef116954d8c3e469e9789080b37a474
|
|
||||||
size 21563452
|
|
@ -1 +0,0 @@
|
|||||||
8af69c2599047a2ad246567d68ec4131aef116954d8c3e469e9789080b37a474 postgresql-13.13.tar.bz2
|
|
3
postgresql-13.14.tar.bz2
Normal file
3
postgresql-13.14.tar.bz2
Normal file
@ -0,0 +1,3 @@
|
|||||||
|
version https://git-lfs.github.com/spec/v1
|
||||||
|
oid sha256:b8df078551898960bd500dc5d38a177e9905376df81fe7f2b660a1407fa6a5ed
|
||||||
|
size 21584146
|
1
postgresql-13.14.tar.bz2.sha256
Normal file
1
postgresql-13.14.tar.bz2.sha256
Normal file
@ -0,0 +1 @@
|
|||||||
|
b8df078551898960bd500dc5d38a177e9905376df81fe7f2b660a1407fa6a5ed postgresql-13.14.tar.bz2
|
@ -1,3 +1,21 @@
|
|||||||
|
-------------------------------------------------------------------
|
||||||
|
Thu Feb 8 14:10:04 UTC 2024 - Reinhard Max <max@suse.com>
|
||||||
|
|
||||||
|
- Upgrade to 13.14:
|
||||||
|
* bsc#1219679, CVE-2024-0985: Tighten security restrictions
|
||||||
|
within REFRESH MATERIALIZED VIEW CONCURRENTLY.
|
||||||
|
One step of a concurrent refresh command was run under weak
|
||||||
|
security restrictions. If a materialized view's owner could
|
||||||
|
persuade a superuser or other high-privileged user to perform a
|
||||||
|
concurrent refresh on that view, the view's owner could control
|
||||||
|
code executed with the privileges of the user running REFRESH.
|
||||||
|
Fix things so that all user-determined code is run as the
|
||||||
|
view's owner, as expected
|
||||||
|
* If you use GIN indexes, you may need to reindex after updating
|
||||||
|
to this release.
|
||||||
|
* LLVM 18 is now supported.
|
||||||
|
* https://www.postgresql.org/docs/release/13.4/
|
||||||
|
|
||||||
-------------------------------------------------------------------
|
-------------------------------------------------------------------
|
||||||
Wed Nov 8 14:35:06 UTC 2023 - Reinhard Max <max@suse.com>
|
Wed Nov 8 14:35:06 UTC 2023 - Reinhard Max <max@suse.com>
|
||||||
|
|
||||||
@ -27,7 +45,6 @@ Wed Nov 8 14:35:06 UTC 2023 - Reinhard Max <max@suse.com>
|
|||||||
such processes. No specific security consequences are known for
|
such processes. No specific security consequences are known for
|
||||||
that oversight, but it might be significant for some extensions.
|
that oversight, but it might be significant for some extensions.
|
||||||
* Add support for LLVM 16 and 17
|
* Add support for LLVM 16 and 17
|
||||||
* https://www.postgresql.org/about/news/2749
|
|
||||||
* https://www.postgresql.org/docs/13/release-13-13.html
|
* https://www.postgresql.org/docs/13/release-13-13.html
|
||||||
|
|
||||||
-------------------------------------------------------------------
|
-------------------------------------------------------------------
|
||||||
|
@ -1,7 +1,7 @@
|
|||||||
#
|
#
|
||||||
# spec file
|
# spec file for package postgresql13
|
||||||
#
|
#
|
||||||
# Copyright (c) 2023 SUSE LLC
|
# Copyright (c) 2024 SUSE LLC
|
||||||
#
|
#
|
||||||
# All modifications and additions to the file contributed by third parties
|
# All modifications and additions to the file contributed by third parties
|
||||||
# remain the property of their copyright owners, unless otherwise agreed
|
# remain the property of their copyright owners, unless otherwise agreed
|
||||||
@ -16,11 +16,11 @@
|
|||||||
#
|
#
|
||||||
|
|
||||||
|
|
||||||
%define pgversion 13.13
|
%define pgversion 13.14
|
||||||
%define pgmajor 13
|
%define pgmajor 13
|
||||||
%define buildlibs 0
|
%define buildlibs 0
|
||||||
%define tarversion %{pgversion}
|
%define tarversion %{pgversion}
|
||||||
%define latest_supported_llvm_ver 17
|
%define latest_supported_llvm_ver 18
|
||||||
|
|
||||||
### CUT HERE ###
|
### CUT HERE ###
|
||||||
%define pgname postgresql%pgmajor
|
%define pgname postgresql%pgmajor
|
||||||
|
Loading…
Reference in New Issue
Block a user