b5e33915b4
* bsc#1214059, CVE-2023-39417: Disallow substituting a schema or owner name into an extension script if the name contains a quote, backslash, or dollar sign. * https://www.postgresql.org/docs/14/release-14-9.html OBS-URL: https://build.opensuse.org/package/show/server:database:postgresql/postgresql14?expand=0&rev=54
292 lines
12 KiB
Plaintext
292 lines
12 KiB
Plaintext
-------------------------------------------------------------------
|
|
Wed Aug 9 09:42:33 UTC 2023 - Reinhard Max <max@suse.com>
|
|
|
|
- Update to 14.9:
|
|
* bsc#1214059, CVE-2023-39417: Disallow substituting a schema or
|
|
owner name into an extension script if the name contains a
|
|
quote, backslash, or dollar sign.
|
|
* https://www.postgresql.org/docs/14/release-14-9.html
|
|
|
|
-------------------------------------------------------------------
|
|
Fri May 26 11:48:38 UTC 2023 - Reinhard Max <max@suse.com>
|
|
|
|
- Restore the independence of mini builds from the main build after
|
|
the -mini name change from April 4, 2023.
|
|
- Adjust icu handling to prepare for PostgreSQL 16.
|
|
|
|
-------------------------------------------------------------------
|
|
Mon May 15 14:21:03 UTC 2023 - Reinhard Max <max@suse.com>
|
|
|
|
- Overhaul postgresql-README.SUSE and move it from the binary
|
|
package to the noarch wrapper package.
|
|
- Change the unix domain socket location from /var/run to /run.
|
|
|
|
-------------------------------------------------------------------
|
|
Wed May 10 12:58:22 UTC 2023 - Reinhard Max <max@suse.com>
|
|
|
|
- Update to 14.8:
|
|
* bsc#1211228, CVE-2023-2454:
|
|
Prevent CREATE SCHEMA from defeating changes in search_path
|
|
* bsc#1211229, CVE-2023-2455: Enforce row-level security
|
|
policies correctly after inlining a set-returning function
|
|
* https://www.postgresql.org/about/news/2637/
|
|
* https://www.postgresql.org/docs/14/release-14-8.html
|
|
|
|
-------------------------------------------------------------------
|
|
Tue Apr 18 09:05:09 UTC 2023 - Reinhard Max <max@suse.com>
|
|
|
|
- bsc#1210303: Stop using the obsolete internal %_restart_on_update
|
|
macro and drop support for sysv init to simplify the scriptlets.
|
|
|
|
-------------------------------------------------------------------
|
|
Tue Apr 4 10:57:41 UTC 2023 - Fabian Vogt <fvogt@suse.com>
|
|
|
|
- Include -mini in Name: to avoid conflicts in the source package
|
|
name and OBS internal dependency tracking.
|
|
|
|
-------------------------------------------------------------------
|
|
Thu Feb 9 12:00:06 UTC 2023 - Reinhard Max <max@suse.com>
|
|
|
|
- Update to 14.7:
|
|
* CVE-2022-41862, bsc#1208102: memory leak in libpq
|
|
* https://www.postgresql.org/about/news/2592/
|
|
* https://www.postgresql.org/docs/14/release-14-7.html
|
|
- Bump latest_supported_llvm_ver to 15.
|
|
|
|
-------------------------------------------------------------------
|
|
Thu Nov 10 16:26:12 UTC 2022 - Reinhard Max <max@suse.com>
|
|
|
|
- bsc#1205300: Update to 14.6:
|
|
* https://www.postgresql.org/about/news/2543/
|
|
* https://www.postgresql.org/docs/14/release-14-6.html
|
|
- Sync spec file with postgresql15.
|
|
|
|
-------------------------------------------------------------------
|
|
Thu Sep 22 21:26:36 UTC 2022 - Aaron Puchert <aaronpuchert@alice-dsl.net>
|
|
|
|
- Create mechanism to specify the latest supported LLVM version.
|
|
Automatically pin to that version if the distribution has a newer
|
|
unsupported default version.
|
|
|
|
-------------------------------------------------------------------
|
|
Tue Sep 13 12:32:36 UTC 2022 - Reinhard Max <max@suse.com>
|
|
|
|
- Sync spec file with postgresql15.
|
|
|
|
-------------------------------------------------------------------
|
|
Mon Sep 12 07:52:42 UTC 2022 - Andreas Schwab <schwab@suse.de>
|
|
|
|
- Disable LLVM JIT on riscv64
|
|
|
|
-------------------------------------------------------------------
|
|
Fri Aug 12 11:24:35 UTC 2022 - Reinhard Max <max@suse.com>
|
|
|
|
- Update to 14.5:
|
|
* bsc#1202368, CVE-2022-2625: Extension scripts replace objects
|
|
not belonging to the extension.
|
|
* https://www.postgresql.org/docs/release/14.5/
|
|
|
|
-------------------------------------------------------------------
|
|
Fri Jun 17 06:32:15 UTC 2022 - Reinhard Max <max@suse.com>
|
|
|
|
- bsc#1200437: Upgrade to 14.4:
|
|
* Prevent possible corruption of indexes created or rebuilt with
|
|
the CONCURRENTLY option.
|
|
* https://www.postgresql.org/docs/release/14.4/
|
|
* https://www.postgresql.org/about/news/p-2470/
|
|
|
|
-------------------------------------------------------------------
|
|
Thu May 12 10:33:20 UTC 2022 - Reinhard Max <max@suse.com>
|
|
|
|
- Upgrade to 14.3:
|
|
* bsc#1199475, CVE-2022-1552: Confine additional operations
|
|
within "security restricted operation" sandboxes.
|
|
* https://www.postgresql.org/docs/14/release-14-3.html
|
|
|
|
-------------------------------------------------------------------
|
|
Wed Apr 13 12:17:48 UTC 2022 - Reinhard Max <max@suse.com>
|
|
|
|
- bsc#1198166: Pin to llvm13 until the next patchlevel update.
|
|
|
|
-------------------------------------------------------------------
|
|
Tue Feb 8 14:01:56 UTC 2022 - Reinhard Max <max@suse.com>
|
|
|
|
- bsc#1195680: Upgrade to 14.2:
|
|
* https://www.postgresql.org/docs/14/release-14-2.html
|
|
* Reindexing might be needed after applying this upgrade, so
|
|
please read the release notes carefully.
|
|
|
|
-------------------------------------------------------------------
|
|
Sat Dec 11 17:27:53 UTC 2021 - Sarah Kriesch <ada.lovelace@gmx.de>
|
|
|
|
- boo#1190740: Add constraints file with 12GB of memory for s390x
|
|
as a workaround
|
|
|
|
-------------------------------------------------------------------
|
|
Thu Nov 25 11:02:15 UTC 2021 - Reinhard Max <max@suse.com>
|
|
|
|
- Add a llvmjit-devel subpackage to pull in the right versions
|
|
of clang and llvm for building extensions.
|
|
- Fix some mistakes in the interdependencies between the
|
|
implementation packages and their noarch counterpart.
|
|
- Update the BuildIgnore section.
|
|
|
|
-------------------------------------------------------------------
|
|
Wed Nov 10 16:56:57 UTC 2021 - Reinhard Max <max@suse.com>
|
|
|
|
- bsc#1192516: Upgrade to 14.1
|
|
* Make the server reject extraneous data after an SSL or GSS
|
|
encryption handshake (CVE-2021-23214).
|
|
* Make libpq reject extraneous data after an SSL or GSS
|
|
encryption handshake (CVE-2021-23222).
|
|
* https://www.postgresql.org/docs/14/release-14-1.html
|
|
|
|
-------------------------------------------------------------------
|
|
Wed Oct 20 15:21:53 UTC 2021 - Reinhard Max <max@suse.com>
|
|
|
|
- boo#1191782: Let rpmlint ignore shlib-policy-name-error.
|
|
|
|
-------------------------------------------------------------------
|
|
Tue Oct 5 11:34:50 UTC 2021 - Reinhard Max <max@suse.com>
|
|
|
|
- Remove postgresql-testsuite-int8.sql.patch, because its purpose
|
|
is unclear. This affects only the test subpackage.
|
|
|
|
-------------------------------------------------------------------
|
|
Thu Sep 30 17:28:37 UTC 2021 - Marcus Rueckert <mrueckert@suse.de>
|
|
|
|
- Upgrade to 14.0
|
|
https://www.postgresql.org/about/news/postgresql-14-released-2318/
|
|
https://www.postgresql.org/docs/14/release-14.html
|
|
|
|
-------------------------------------------------------------------
|
|
Mon Sep 27 14:04:01 UTC 2021 - Reinhard Max <max@suse.com>
|
|
|
|
- Let genlists skip non-existing binaries to avoid lots of version
|
|
conditionals in the file lists.
|
|
|
|
-------------------------------------------------------------------
|
|
Sat Sep 25 00:34:52 UTC 2021 - Marcus Rueckert <mrueckert@suse.de>
|
|
|
|
- Upgrade to 14~rc1
|
|
https://www.postgresql.org/about/news/postgresql-14-rc-1-released-2309/
|
|
https://www.postgresql.org/docs/14/release-14.html
|
|
https://wiki.postgresql.org/wiki/PostgreSQL_14_Open_Items
|
|
|
|
-------------------------------------------------------------------
|
|
Fri Jun 25 01:45:20 UTC 2021 - Marcus Rueckert <mrueckert@suse.de>
|
|
|
|
- Upgrade to 14~beta2
|
|
https://www.postgresql.org/about/news/postgresql-14-beta-2-released-2249/
|
|
https://www.postgresql.org/docs/14/release-14.html
|
|
https://wiki.postgresql.org/wiki/PostgreSQL_14_Open_Items
|
|
|
|
-------------------------------------------------------------------
|
|
Fri May 21 22:48:32 UTC 2021 - Marcus Rueckert <mrueckert@suse.de>
|
|
|
|
- Upgrade to 14~beta1
|
|
https://www.postgresql.org/about/news/postgresql-14-beta-1-released-2213/
|
|
https://www.postgresql.org/docs/14/release-14.html
|
|
https://wiki.postgresql.org/wiki/PostgreSQL_14_Open_Items
|
|
- disable postgresql-testsuite-int8.sql.patch:
|
|
it seems it is not needed anymore, need to be double checked.
|
|
|
|
-------------------------------------------------------------------
|
|
Wed May 19 15:24:24 UTC 2021 - Reinhard Max <max@suse.com>
|
|
|
|
- bsc#1185952: llvm12 breaks PostgreSQL 11 and 12 on s390x.
|
|
Use llvm11 as a workaround.
|
|
|
|
-------------------------------------------------------------------
|
|
Tue May 11 13:50:14 UTC 2021 - Reinhard Max <max@suse.com>
|
|
|
|
- Upgrade to version 13.3:
|
|
* https://www.postgresql.org/docs/13/release-13-3.html
|
|
* CVE-2021-32027, bsc#1185924:
|
|
Prevent integer overflows in array subscripting calculations.
|
|
* CVE-2021-32028, bsc#1185925: Fix mishandling of “junk”
|
|
columns in INSERT ... ON CONFLICT ... UPDATE target lists.
|
|
* CVE-2021-32029, bsc#1185926: Fix possibly-incorrect
|
|
computation of UPDATE ... RETURNING
|
|
"pg_psql_temporary_savepoint" does not exist”.
|
|
|
|
- Don't use %_stop_on_removal, because it was meant to be private
|
|
and got removed from openSUSE. %_restart_on_update is also
|
|
private, but still supported and needed for now (bsc#1183168).
|
|
|
|
-------------------------------------------------------------------
|
|
Mon Mar 15 19:29:39 UTC 2021 - Reinhard Max <max@suse.com>
|
|
|
|
- Re-enable build of the llvmjit subpackage on SLE, but it will
|
|
only be delivered on PackageHub for now (boo#1183118).
|
|
|
|
-------------------------------------------------------------------
|
|
Tue Mar 9 13:52:19 UTC 2021 - Reinhard Max <max@suse.com>
|
|
|
|
- Remove leftover PreReq on chkconfig, we stopped using it long
|
|
time ago.
|
|
|
|
-------------------------------------------------------------------
|
|
Fri Feb 19 15:30:08 UTC 2021 - Reinhard Max <max@suse.com>
|
|
|
|
- boo#1179945: Disable icu for PostgreSQL 10 (and older) on TW.
|
|
|
|
-------------------------------------------------------------------
|
|
Wed Feb 10 13:16:32 UTC 2021 - Reinhard Max <max@suse.com>
|
|
|
|
- Upgrade to version 13.2:
|
|
* https://www.postgresql.org/docs/13/release-13-2.html
|
|
* Updating stored views and reindexing might be needed after
|
|
applying this update.
|
|
* CVE-2021-3393, bsc#1182040: Fix information leakage in
|
|
constraint-violation error messages.
|
|
* CVE-2021-20229, bsc#1182039: Fix failure to check per-column
|
|
SELECT privileges in some join queries.
|
|
* Obsoletes postgresql-icu68.patch.
|
|
|
|
-------------------------------------------------------------------
|
|
Mon Dec 14 16:19:05 UTC 2020 - Callum Farmer <gmbr3@opensuse.org>
|
|
|
|
- Add postgresql-icu68.patch: fix build with ICU 68
|
|
|
|
-------------------------------------------------------------------
|
|
Fri Nov 20 11:51:37 UTC 2020 - Reinhard Max <max@suse.com>
|
|
|
|
- bsc#1178961: %ghost the symlinks to pg_config and ecpg.
|
|
- boo#1179765: BuildRequire libpq5 and libecpg6 when not building
|
|
them to avoid dangling symlinks in the devel package.
|
|
|
|
-------------------------------------------------------------------
|
|
Wed Nov 11 11:36:01 UTC 2020 - Reinhard Max <max@suse.com>
|
|
|
|
- Upgrade to version 13.1:
|
|
* CVE-2020-25695, bsc#1178666: Block DECLARE CURSOR ... WITH HOLD
|
|
and firing of deferred triggers within index expressions and
|
|
materialized view queries.
|
|
* CVE-2020-25694, bsc#1178667:
|
|
a) Fix usage of complex connection-string parameters in pg_dump,
|
|
pg_restore, clusterdb, reindexdb, and vacuumdb.
|
|
b) When psql's \connect command re-uses connection parameters,
|
|
ensure that all non-overridden parameters from a previous
|
|
connection string are re-used.
|
|
* CVE-2020-25696, bsc#1178668: Prevent psql's \gset command from
|
|
modifying specially-treated variables.
|
|
* Fix recently-added timetz test case so it works when the USA
|
|
is not observing daylight savings time.
|
|
(obsoletes postgresql-timetz.patch)
|
|
* https://www.postgresql.org/about/news/2111/
|
|
* https://www.postgresql.org/docs/13/release-13-1.html
|
|
|
|
-------------------------------------------------------------------
|
|
Tue Nov 3 13:54:38 UTC 2020 - Reinhard Max <max@suse.com>
|
|
|
|
- Fix a DST problem in the test suite: postgresql-timetz.patch
|
|
https://postgr.es/m/16689-57701daa23b377bf@postgresql.org
|
|
|
|
-------------------------------------------------------------------
|
|
Fri Sep 25 06:57:55 UTC 2020 - Reinhard Max <max@suse.com>
|
|
|
|
- Initial packaging of PostgreSQL 13:
|
|
* https://www.postgresql.org/about/news/2077/
|
|
* https://www.postgresql.org/docs/13/release-13.html
|