- Upgrade to 14.12 (bsc#1224051):
* bsc#1224038, CVE-2024-4317: Restrict visibility of pg_stats_ext and pg_stats_ext_exprs entries to the table owner. See the release notes for the steps that have to be taken to fix existing PostgreSQL instances. * Fix incompatibility with LLVM 18. * https://www.postgresql.org/docs/release/14.12/ - Prepare for PostgreSQL 17. - Make sure all compilation and doc generation happens in %build. OBS-URL: https://build.opensuse.org/package/show/server:database:postgresql/postgresql14?expand=0&rev=69
This commit is contained in:
parent
393de042f2
commit
afc973174f
@ -1,27 +1,15 @@
|
||||
-------------------------------------------------------------------
|
||||
Thu May 9 14:07:26 UTC 2024 - Marcus Rueckert <mrueckert@suse.de>
|
||||
Wed May 8 12:07:46 UTC 2024 - Reinhard Max <max@suse.com>
|
||||
|
||||
- Upgrade to 14.12:
|
||||
CVE-2024-4317: Restrict visibility of pg_stats_ext and
|
||||
pg_stats_ext_exprs entries to the table owner
|
||||
|
||||
Missing authorization in PostgreSQL built-in views pg_stats_ext
|
||||
and pg_stats_ext_exprs allows an unprivileged database user to
|
||||
read most common values and other statistics from CREATE
|
||||
STATISTICS commands of other users. The most common values may
|
||||
reveal column values the eavesdropper could not otherwise read or
|
||||
results of functions they cannot execute.
|
||||
|
||||
This fix only fixes fresh PostgreSQL installations, namely those
|
||||
that are created with the initdb utility after this fix is
|
||||
applied. If you have a current PostgreSQL installation and are
|
||||
concerned about this issue, please follow the instructions in the
|
||||
"Updating" section on this link:
|
||||
https://www.postgresql.org/about/news/postgresql-163-157-1412-1315-and-1219-released-2858/
|
||||
|
||||
The SQL file is in /usr/share/postgresql14/fix-CVE-2024-4317.sql
|
||||
|
||||
https://www.postgresql.org/docs/release/14.12/
|
||||
- Upgrade to 14.12 (bsc#1224051):
|
||||
* bsc#1224038, CVE-2024-4317: Restrict visibility of pg_stats_ext
|
||||
and pg_stats_ext_exprs entries to the table owner. See the
|
||||
release notes for the steps that have to be taken to fix
|
||||
existing PostgreSQL instances.
|
||||
* Fix incompatibility with LLVM 18.
|
||||
* https://www.postgresql.org/docs/release/14.12/
|
||||
- Prepare for PostgreSQL 17.
|
||||
- Make sure all compilation and doc generation happens in %build.
|
||||
|
||||
-------------------------------------------------------------------
|
||||
Wed May 1 15:24:39 UTC 2024 - Aaron Puchert <aaronpuchert@alice-dsl.net>
|
||||
|
@ -20,7 +20,7 @@
|
||||
%define pgmajor 14
|
||||
%define buildlibs 0
|
||||
%define tarversion %{pgversion}
|
||||
%define latest_supported_llvm_ver 17
|
||||
%define latest_supported_llvm_ver 18
|
||||
|
||||
### CUT HERE ###
|
||||
%define pgname postgresql%pgmajor
|
||||
@ -59,6 +59,12 @@ Name: %pgname
|
||||
%define python python
|
||||
%endif
|
||||
|
||||
%if %pgmajor >= 17
|
||||
%bcond_with dreived
|
||||
%else
|
||||
%bcond_without derived
|
||||
%endif
|
||||
|
||||
%if 0%{?suse_version} >= 1500
|
||||
%bcond_without liblz4
|
||||
%endif
|
||||
@ -88,6 +94,12 @@ BuildRequires: zlib-devel
|
||||
%if %{with liblz4}
|
||||
BuildRequires: pkgconfig(liblz4)
|
||||
%endif
|
||||
%if %{without derived}
|
||||
BuildRequires: bison
|
||||
BuildRequires: docbook-xsl-stylesheets
|
||||
BuildRequires: flex
|
||||
BuildRequires: perl
|
||||
%endif
|
||||
|
||||
%if %{with libzstd}
|
||||
BuildRequires: pkgconfig(libzstd)
|
||||
@ -573,7 +585,7 @@ PACKAGE_TARNAME=%pgname %configure \
|
||||
%if %mini
|
||||
make -C src/interfaces %{?_smp_mflags} PACKAGE_TARNAME=%pgname
|
||||
%else
|
||||
make %{?_smp_mflags} PACKAGE_TARNAME=%pgname
|
||||
make %{?_smp_mflags} PACKAGE_TARNAME=%pgname world
|
||||
|
||||
%if %{with check}
|
||||
|
||||
@ -641,9 +653,9 @@ find %buildroot -type f -cnewer flag -printf "/%%P\n" |
|
||||
> contrib.files
|
||||
rm flag
|
||||
install -d -m 750 %buildroot/var/lib/pgsql
|
||||
install -d -m755 %buildroot%pgdocdir
|
||||
install -d -m 755 %buildroot%pgdocdir
|
||||
cp doc/KNOWN_BUGS doc/MISSING_FEATURES COPYRIGHT \
|
||||
README HISTORY %buildroot%pgdocdir
|
||||
README* HISTORY %buildroot%pgdocdir
|
||||
# Use versioned names for the man pages:
|
||||
for f in %buildroot%pgmandir/man*/*; do
|
||||
mv $f ${f}pg%pgmajor
|
||||
@ -701,6 +713,7 @@ genlists main \
|
||||
pg_receivewal \
|
||||
pg_verify_checksums \
|
||||
pg_checksums \
|
||||
pg_combinebackup \
|
||||
pg_verifybackup
|
||||
|
||||
%find_lang plpgsql-$VLANG main.files
|
||||
@ -711,6 +724,8 @@ genlists server \
|
||||
pg_ctl \
|
||||
pg_controldata \
|
||||
pg_resetwal \
|
||||
pg_createsubscriber \
|
||||
pg_walsummary \
|
||||
pg_waldump \
|
||||
pg_resetxlog \
|
||||
%if %pgmajor >= 15
|
||||
@ -924,7 +939,6 @@ fi
|
||||
|
||||
%files llvmjit-devel
|
||||
%defattr(-,root,root)
|
||||
%doc README
|
||||
|
||||
%files pltcl -f pltcl.lang
|
||||
%defattr(-,root,root)
|
||||
|
Loading…
Reference in New Issue
Block a user