26623c3dfb
- Update to 14.21:
...
* https://www.postgresql.org/about/news/p-3235/
* https://www.postgresql.org/docs/release/14.21/
* bsc#1258008, CVE-2026-2003: Guard against unexpected
dimensions of oidvector/int2vector
* bsc#1258009, CVE-2026-2004: Harden selectivity estimators
against being attached to operators that accept unexpected
data types.
* bsc#1258010, CVE-2026-2005: Fix buffer overrun in
contrib/pgcrypto's PGP decryption functions.
* bsc#1258011, CVE-2026-2006: Fix inadequate validation of
multibyte character lengths.
* obsoletes llvm-21-aarch64.patch
- Disown /var/lib/pgsql to support transactional updates.
OBS-URL: https://build.opensuse.org/package/show/server:database:postgresql/postgresql14?expand=0&rev=101
2026-02-12 16:15:44 +00:00
17ae355f69
Accepting request 1322549 from home:Guillaume_G:branches:server:database:postgresql
...
- Fix build on aarch64 with upstream commit 0dceba2:
* llvm-21-aarch64.patch
OBS-URL: https://build.opensuse.org/request/show/1322549
OBS-URL: https://build.opensuse.org/package/show/server:database:postgresql/postgresql14?expand=0&rev=99
2025-12-18 09:16:01 +00:00
5bde778342
- Fix build with uring for post SLE15 code streams.
...
OBS-URL: https://build.opensuse.org/package/show/server:database:postgresql/postgresql14?expand=0&rev=97
2025-11-24 16:49:52 +00:00
9f199d46e8
- Use %product_libs_llvm_ver to determine the LLVM version.
...
- Remove conditionals for obsolete PostgreSQL releases.
OBS-URL: https://build.opensuse.org/package/show/server:database:postgresql/postgresql14?expand=0&rev=96
2025-11-14 17:14:34 +00:00
0e383c2f11
OBS-URL: https://build.opensuse.org/package/show/server:database:postgresql/postgresql14?expand=0&rev=95
2025-11-13 15:51:15 +00:00
7f8a6bcd52
- Upgrade to 14.20:
...
* https://www.postgresql.org/docs/release/14.20/
* bsc#1253332, CVE-2025-12817: Missing check for CREATE
privileges on the schema in CREATE STATISTICS allowed table
owners to create statistics in any schema, potentially leading
to unexpected naming conflicts.
* bsc#1253333, CVE-2025-12818: Several places in libpq were not
sufficiently careful about computing the required size of a
memory allocation. Sufficiently large inputs could cause
integer overflow, resulting in an undersized buffer, which
would then lead to writing past the end of the buffer.
OBS-URL: https://build.opensuse.org/package/show/server:database:postgresql/postgresql14?expand=0&rev=94
2025-11-13 14:34:51 +00:00
7ae10d1b45
Accepting request 1307143 from server:database:postgresql:devel
...
- Sync spec file from version 18.
OBS-URL: https://build.opensuse.org/request/show/1307143
OBS-URL: https://build.opensuse.org/package/show/server:database:postgresql/postgresql14?expand=0&rev=91
2025-09-25 14:14:15 +00:00
6a7e5b5956
Accepting request 1299464 from server:database:postgresql:devel
...
https://www.postgresql.org/about/news/postgresql-176-1610-1514-1419-1322-and-18-beta-3-released-3118/
OBS-URL: https://build.opensuse.org/request/show/1299464
OBS-URL: https://build.opensuse.org/package/show/server:database:postgresql/postgresql14?expand=0&rev=89
2025-08-14 20:11:38 +00:00
77ed01aafb
- Upgrade to 14.18:
...
* bsc#1242931, CVE-2025-4207: postgresql: PostgreSQL GB18030
encoding validation can read one byte past end of allocation
for text that fails validation.
* https://www.postgresql.org/docs/release/14.18/
* https://www.postgresql.org/about/news/p-3072/
- Add postresql-pg_config_paths.patch to fix a race condition
while generating pg_config_paths.h.
OBS-URL: https://build.opensuse.org/package/show/server:database:postgresql/postgresql14?expand=0&rev=87
2025-05-09 11:59:02 +00:00
0bab05607b
- Upgrade to 14.17:
...
* Improve behavior of libpq's quoting functions:
The changes made for CVE-2025-1094 had one serious oversight:
PQescapeLiteral() and PQescapeIdentifier() failed to honor
their string length parameter, instead always reading to the
input string's trailing null. This resulted in including
unwanted text in the output, if the caller intended to
truncate the string via the length parameter. With very bad
luck it could cause a crash due to reading off the end of
memory.
In addition, modify all these quoting functions so that when
invalid encoding is detected, an invalid sequence is
substituted for just the first byte of the presumed
character, not all of it. This reduces the risk of problems
if a calling application performs additional processing on
the quoted string.
* Fix small memory leak in pg_createsubscriber.
* https://www.postgresql.org/docs/release/14.17/
* https://www.postgresql.org/about/news/p-3018/
OBS-URL: https://build.opensuse.org/package/show/server:database:postgresql/postgresql14?expand=0&rev=85
2025-02-20 16:33:34 +00:00
d6391665a4
- Upgrade to 14.16:
...
* bsc#1237093, CVE-2025-1094: Harden PQescapeString and allied
functions against invalidly-encoded input strings.
* obsoletes postgresql-tzdata2025a.patch
* https://www.postgresql.org/docs/release/14.16/
* https://www.postgresql.org/about/news/-3015/
- Disable LLVM JIT on loongarch64
OBS-URL: https://build.opensuse.org/package/show/server:database:postgresql/postgresql14?expand=0&rev=83
2025-02-13 14:50:05 +00:00
9b7ff4b4d4
- Fix build, add postgresql-tzdata2025a.patch
...
OBS-URL: https://build.opensuse.org/package/show/server:database:postgresql/postgresql14?expand=0&rev=80
2025-01-28 12:35:53 +00:00
e43c83bec4
- Upgrade to 14.15:
...
* Repair ABI break for extensions that work with struct
ResultRelInfo.
* Restore functionality of ALTER {ROLE|DATABASE} SET role
* Fix cases where a logical replication slot's restart_lsn could
go backwards.
* Avoid deleting still-needed WAL files during pg_rewind.
* Count index scans in contrib/bloom indexes in the statistics
views, such as the pg_stat_user_indexes.idx_scan counter.
* Fix crash when checking to see if an index's opclass options
have changed.
* Avoid assertion failure caused by disconnected NFA sub-graphs
in regular expression parsing.
* https://www.postgresql.org/about/news/p-2965/
* https://www.postgresql.org/docs/release/14.15/
OBS-URL: https://build.opensuse.org/package/show/server:database:postgresql/postgresql14?expand=0&rev=78
2024-11-21 17:45:28 +00:00
e7e8ef4d71
- Upgrade to 14.14:
...
* CVE-2024-10976, bsc#1233323: Ensure cached plans are marked as
dependent on the calling role when RLS applies to a
non-top-level table reference.
* CVE-2024-10977, bsc#1233325: Make libpq discard error messages
received during SSL or GSS protocol negotiation.
* CVE-2024-10978, bsc#1233326: Fix unintended interactions
between SET SESSION AUTHORIZATION and SET ROLE
* CVE-2024-10979, bsc#1233327: Prevent trusted PL/Perl code from
changing environment variables.
* https://www.postgresql.org/about/news/p-2955/
* https://www.postgresql.org/docs/release/14.14/
* https://www.postgresql.org/about/news/p-2910/
OBS-URL: https://build.opensuse.org/package/show/server:database:postgresql/postgresql14?expand=0&rev=76
2024-11-14 14:53:58 +00:00
2d290f5bd1
- Pull upstream patch to fix tests with timezone 2024b
...
* postgresql-testsuite-timezone-fix.patch
OBS-URL: https://build.opensuse.org/package/show/server:database:postgresql/postgresql14?expand=0&rev=75
2024-11-05 13:57:30 +00:00
1aa17cc0c7
OBS-URL: https://build.opensuse.org/package/show/server:database:postgresql/postgresql14?expand=0&rev=74
2024-09-26 14:38:17 +00:00
7f42a0d301
https://www.postgresql.org/about/news/postgresql-164-158-1413-1316-1220-and-17-beta-3-released-2910/
...
OBS-URL: https://build.opensuse.org/package/show/server:database:postgresql/postgresql14?expand=0&rev=72
2024-08-10 14:37:33 +00:00
d85fcfc228
- Upgrade to 14.12 (bsc#1224051):
...
* bsc#1224038, CVE-2024-4317: Restrict visibility of pg_stats_ext
and pg_stats_ext_exprs entries to the table owner. See the
release notes for the steps that have to be taken to fix
existing PostgreSQL instances.
* Fix incompatibility with LLVM 18.
* https://www.postgresql.org/docs/release/14.12/
- Prepare for PostgreSQL 17.
- Make sure all compilation and doc generation happens in %build.
OBS-URL: https://build.opensuse.org/package/show/server:database:postgresql/postgresql14?expand=0&rev=69
2024-05-09 15:30:26 +00:00
9ed28ea185
CVE-2024-4317
...
OBS-URL: https://build.opensuse.org/package/show/server:database:postgresql/postgresql14?expand=0&rev=68
2024-05-09 14:13:31 +00:00
6392774d96
Accepting request 1171158 from home:aaronpuchert:branches:server:database:postgresql
...
- Require LLVM <= 17 for now, because LLVM 18 doesn't seem to work.
OBS-URL: https://build.opensuse.org/request/show/1171158
OBS-URL: https://build.opensuse.org/package/show/server:database:postgresql/postgresql14?expand=0&rev=67
2024-05-02 07:15:38 +00:00
5166a0f426
- Remove constraints file because improved memory usage for s390x
...
OBS-URL: https://build.opensuse.org/package/show/server:database:postgresql/postgresql14?expand=0&rev=66
2024-03-11 09:16:34 +00:00
b547acd24e
Accepting request 1153289 from home:dimstar:rpm4.20:p
...
Prepare for RPM 4.20
OBS-URL: https://build.opensuse.org/request/show/1153289
OBS-URL: https://build.opensuse.org/package/show/server:database:postgresql/postgresql14?expand=0&rev=64
2024-03-04 14:16:16 +00:00
01a61814d4
- Upgrade to 14.11:
...
* bsc#1219679, CVE-2024-0985: Tighten security restrictions
within REFRESH MATERIALIZED VIEW CONCURRENTLY.
One step of a concurrent refresh command was run under weak
security restrictions. If a materialized view's owner could
persuade a superuser or other high-privileged user to perform a
concurrent refresh on that view, the view's owner could control
code executed with the privileges of the user running REFRESH.
Fix things so that all user-determined code is run as the
view's owner, as expected
* If you use GIN indexes, you may need to reindex after updating
to this release.
* LLVM 18 is now supported.
* https://www.postgresql.org/docs/release/14.11/
OBS-URL: https://build.opensuse.org/package/show/server:database:postgresql/postgresql14?expand=0&rev=62
2024-02-08 15:24:01 +00:00
84b2efd723
November 2023 Security Updates
...
OBS-URL: https://build.opensuse.org/package/show/server:database:postgresql/postgresql14?expand=0&rev=60
2023-11-09 14:43:38 +00:00
6413f0a865
- boo#1216734: Revert the last change and make the devel package
...
independend of all other subpackages except for the libs.
OBS-URL: https://build.opensuse.org/package/show/server:database:postgresql/postgresql14?expand=0&rev=58
2023-10-31 11:04:13 +00:00
b88df62f0f
- boo#1216022: Call install-alternatives from the devel subpackage
...
as well, otherwise the symlink for ecpg might be missing.
- Also buildignore the postgresql*-implementation symbols: this is
needed in order to bootstrap when no postgresql version currently
has valid symbols provided. Once the packages are built, OBS
could translate this to the pgname-* packages and accept the
ignores; during bootstrap though, there is nothing providing the
symbol and the existing buildignores do not suffice.
OBS-URL: https://build.opensuse.org/package/show/server:database:postgresql/postgresql14?expand=0&rev=56
2023-10-10 13:12:37 +00:00
19cade5c3d
- Update to 14.9:
...
* bsc#1214059, CVE-2023-39417: Disallow substituting a schema or
owner name into an extension script if the name contains a
quote, backslash, or dollar sign.
* https://www.postgresql.org/docs/14/release-14-9.html
OBS-URL: https://build.opensuse.org/package/show/server:database:postgresql/postgresql14?expand=0&rev=54
2023-08-10 13:28:03 +00:00
11dd21cb34
- Restore the independence of mini builds from the main build after
...
the -mini name change from April 4, 2023.
- Adjust icu handling to prepare for PostgreSQL 16.
OBS-URL: https://build.opensuse.org/package/show/server:database:postgresql/postgresql14?expand=0&rev=53
2023-05-26 12:03:04 +00:00
962ca49802
- Change the unix domain socket location from /var/run to /run.
...
OBS-URL: https://build.opensuse.org/package/show/server:database:postgresql/postgresql14?expand=0&rev=52
2023-05-15 14:53:16 +00:00
3d56516715
- Overhaul postgresql-README.SUSE and move it from the binary
...
package to the noarch wrapper package.
OBS-URL: https://build.opensuse.org/package/show/server:database:postgresql/postgresql14?expand=0&rev=51
2023-05-15 14:21:23 +00:00
16829a0456
- Update to 14.8:
...
* bsc#1211228, CVE-2023-2454:
Prevent CREATE SCHEMA from defeating changes in search_path
* bsc#1211229, CVE-2023-2455: Enforce row-level security
policies correctly after inlining a set-returning function
* https://www.postgresql.org/about/news/2637/
* https://www.postgresql.org/docs/14/release-14-8.html
OBS-URL: https://build.opensuse.org/package/show/server:database:postgresql/postgresql14?expand=0&rev=49
2023-05-11 13:16:51 +00:00
15d339b7f9
- bsc#1210303: Stop using the obsolete internal %_restart_on_update
...
macro and drop support for sysv init to simplify the scriptlets.
- Include -mini in Name: to avoid conflicts in the source package
name and OBS internal dependency tracking.
OBS-URL: https://build.opensuse.org/package/show/server:database:postgresql/postgresql14?expand=0&rev=46
2023-04-18 14:00:47 +00:00
7770dcd01c
- Update to 14.7:
...
* CVE-2022-41862, bsc#1208102: memory leak in libpq
* https://www.postgresql.org/about/news/2592/
* https://www.postgresql.org/docs/14/release-14-7.html
- Bump latest_supported_llvm_ver to 15.
OBS-URL: https://build.opensuse.org/package/show/server:database:postgresql/postgresql14?expand=0&rev=44
2023-02-09 14:31:39 +00:00
1f7e4e952b
- bsc#1205300: Update to 14.6:
...
* https://www.postgresql.org/about/news/2543/
* https://www.postgresql.org/docs/14/release-14-6.html
- Sync spec file with postgresql15.
OBS-URL: https://build.opensuse.org/package/show/server:database:postgresql/postgresql14?expand=0&rev=42
2022-11-10 16:35:53 +00:00
efcfec7746
- Sync spec file with postgresql15.
...
OBS-URL: https://build.opensuse.org/package/show/server:database:postgresql/postgresql14?expand=0&rev=38
2022-09-23 13:53:38 +00:00
d6b8cf9244
- Add generic mechanism to pin to latest supported LLVM version.
...
OBS-URL: https://build.opensuse.org/package/show/server:database:postgresql/postgresql14?expand=0&rev=37
2022-09-23 12:44:59 +00:00
2e7ada9504
Accepting request 1002898 from openSUSE:Factory:RISCV
...
- Disable LLVM JIT on riscv64
OBS-URL: https://build.opensuse.org/request/show/1002898
OBS-URL: https://build.opensuse.org/package/show/server:database:postgresql/postgresql14?expand=0&rev=36
2022-09-13 11:51:20 +00:00
3aa4596f9e
- Update to 14.5:
...
* bsc#1202368, CVE-2022-2625: Extension scripts replace objects
not belonging to the extension.
* https://www.postgresql.org/docs/release/14.5/
OBS-URL: https://build.opensuse.org/package/show/server:database:postgresql/postgresql14?expand=0&rev=34
2022-08-15 09:44:27 +00:00
4cab4ac14f
- bsc#1200437: Upgrade to 14.4:
...
* Prevent possible corruption of indexes created or rebuilt with
the CONCURRENTLY option.
* https://www.postgresql.org/docs/release/14.4/
* https://www.postgresql.org/about/news/p-2470/
OBS-URL: https://build.opensuse.org/package/show/server:database:postgresql/postgresql14?expand=0&rev=32
2022-06-17 06:44:37 +00:00
082897d005
- Upgrade to 14.3:
...
* bsc#1199475, CVE-2022-1552: Confine additional operations
within "security restricted operation" sandboxes.
* https://www.postgresql.org/docs/14/release-14-3.html
OBS-URL: https://build.opensuse.org/package/show/server:database:postgresql/postgresql14?expand=0&rev=30
2022-05-12 14:53:37 +00:00
f77189c344
- bsc#1198166: Pin to llvm13 until the next patchlevel update.
...
OBS-URL: https://build.opensuse.org/package/show/server:database:postgresql/postgresql14?expand=0&rev=28
2022-04-13 12:19:14 +00:00
72ec316c72
OBS-URL: https://build.opensuse.org/package/show/server:database:postgresql/postgresql14?expand=0&rev=27
2022-02-10 15:29:32 +00:00
e730580777
- bsc#1195680: Upgrade to 14.2:
...
* https://www.postgresql.org/docs/14/release-14-1.html
* Reindexing might be needed after applying this upgrade, so
please read the release notes carefully.
OBS-URL: https://build.opensuse.org/package/show/server:database:postgresql/postgresql14?expand=0&rev=26
2022-02-10 15:26:36 +00:00
63e7d55e61
Accepting request 941425 from home:AdaLovelace:branches:openSUSE:Factory:zSystems
...
- boo#1190740: Add constraints file with 12GB of memory for s390x
as a workaround
OBS-URL: https://build.opensuse.org/request/show/941425
OBS-URL: https://build.opensuse.org/package/show/server:database:postgresql/postgresql14?expand=0&rev=25
2022-02-08 13:45:49 +00:00
6c181c92aa
OBS-URL: https://build.opensuse.org/package/show/server:database:postgresql/postgresql14?expand=0&rev=24
2021-12-02 13:42:39 +00:00
3f92ae2d96
- Add a llvmjit-devel subpackage to pull in the right versions
...
of clang and llvm for building extensions.
OBS-URL: https://build.opensuse.org/package/show/server:database:postgresql/postgresql14?expand=0&rev=18
2021-11-30 15:48:50 +00:00
778782d382
- bsc#1192516: Upgrade to 14.1
...
* Make the server reject extraneous data after an SSL or GSS
encryption handshake (CVE-2021-23214).
* Make libpq reject extraneous data after an SSL or GSS
encryption handshake (CVE-2021-23222).
* https://www.postgresql.org/docs/14/release-14-1.html
OBS-URL: https://build.opensuse.org/package/show/server:database:postgresql/postgresql14?expand=0&rev=17
2021-11-11 14:57:48 +00:00
04eae2edaf
OBS-URL: https://build.opensuse.org/package/show/server:database:postgresql/postgresql14?expand=0&rev=12
2021-10-26 06:45:51 +00:00
7639209fd3
- boo#1190740: Add constraints file with 8GB memory for s390x as
...
a workaround for a memory issue with LLVM
OBS-URL: https://build.opensuse.org/package/show/server:database:postgresql/postgresql14?expand=0&rev=10
2021-10-21 15:49:17 +00:00
3d8c6c6b5c
- boo#1191782: Let rpmlint ignore shlib-policy-name-error.
...
OBS-URL: https://build.opensuse.org/package/show/server:database:postgresql/postgresql14?expand=0&rev=9
2021-10-20 15:47:28 +00:00
