* https://www.postgresql.org/docs/release/15.15/
* bsc#1253332, CVE-2025-12817: Missing check for CREATE
privileges on the schema in CREATE STATISTICS allowed table
owners to create statistics in any schema, potentially leading
to unexpected naming conflicts.
* bsc#1253333, CVE-2025-12818: Several places in libpq were not
sufficiently careful about computing the required size of a
memory allocation. Sufficiently large inputs could cause
integer overflow, resulting in an undersized buffer, which
would then lead to writing past the end of the buffer.
OBS-URL: https://build.opensuse.org/package/show/server:database:postgresql/postgresql15?expand=0&rev=78
* Improve behavior of libpq's quoting functions:
The changes made for CVE-2025-1094 had one serious oversight:
PQescapeLiteral() and PQescapeIdentifier() failed to honor
their string length parameter, instead always reading to the
input string's trailing null. This resulted in including
unwanted text in the output, if the caller intended to
truncate the string via the length parameter. With very bad
luck it could cause a crash due to reading off the end of
memory.
In addition, modify all these quoting functions so that when
invalid encoding is detected, an invalid sequence is
substituted for just the first byte of the presumed
character, not all of it. This reduces the risk of problems
if a calling application performs additional processing on
the quoted string.
* Fix small memory leak in pg_createsubscriber.
* https://www.postgresql.org/docs/release/16.8/
* https://www.postgresql.org/about/news/p-3018/
OBS-URL: https://build.opensuse.org/package/show/server:database:postgresql/postgresql15?expand=0&rev=69
* Repair ABI break for extensions that work with struct
ResultRelInfo.
* Restore functionality of ALTER {ROLE|DATABASE} SET role.
* Fix cases where a logical replication slot's restart_lsn could
go backwards.
* Avoid deleting still-needed WAL files during pg_rewind.
* Fix race conditions associated with dropping shared statistics
entries.
* Count index scans in contrib/bloom indexes in the statistics
views, such as the pg_stat_user_indexes.idx_scan counter.
* Fix crash when checking to see if an index's opclass options
have changed.
* Avoid assertion failure caused by disconnected NFA sub-graphs
in regular expression parsing.
* https://www.postgresql.org/about/news/p-2965/
* https://www.postgresql.org/docs/release/15.10/
OBS-URL: https://build.opensuse.org/package/show/server:database:postgresql/postgresql15?expand=0&rev=62
* bsc#1224038, CVE-2024-4317: Restrict visibility of pg_stats_ext
and pg_stats_ext_exprs entries to the table owner. See the
release notes for the steps that have to be taken to fix
existing PostgreSQL instances.
* Fix incompatibility with LLVM 18.
* https://www.postgresql.org/docs/release/15.7/
- Prepare for PostgreSQL 17.
- Make sure all compilation and doc generation happens in %build.
- Remove constraints file because improved memory usage for s390x
OBS-URL: https://build.opensuse.org/package/show/server:database:postgresql/postgresql15?expand=0&rev=50
* bsc#1219679, CVE-2024-0985: Tighten security restrictions
within REFRESH MATERIALIZED VIEW CONCURRENTLY.
One step of a concurrent refresh command was run under weak
security restrictions. If a materialized view's owner could
persuade a superuser or other high-privileged user to perform a
concurrent refresh on that view, the view's owner could control
code executed with the privileges of the user running REFRESH.
Fix things so that all user-determined code is run as the
view's owner, as expected
* If you use GIN indexes, you may need to reindex after updating
to this release.
* LLVM 18 is now supported.
* https://www.postgresql.org/docs/release/15.6/
OBS-URL: https://build.opensuse.org/package/show/server:database:postgresql/postgresql15?expand=0&rev=44
as well, otherwise the symlink for ecpg might be missing.
- Also buildignore the postgresql*-implementation symbols: this is
needed in order to bootstrap when no postgresql version currently
has valid symbols provided. Once the packages are built, OBS
could translate this to the pgname-* packages and accept the
ignores; during bootstrap though, there is nothing providing the
symbol and the existing buildignores do not suffice.
OBS-URL: https://build.opensuse.org/package/show/server:database:postgresql/postgresql15?expand=0&rev=38
