diff --git a/postgresql-16.1.tar.bz2 b/postgresql-16.1.tar.bz2 deleted file mode 100644 index 6708b1d..0000000 --- a/postgresql-16.1.tar.bz2 +++ /dev/null @@ -1,3 +0,0 @@ -version https://git-lfs.github.com/spec/v1 -oid sha256:ce3c4d85d19b0121fe0d3f8ef1fa601f71989e86f8a66f7dc3ad546dd5564fec -size 24605482 diff --git a/postgresql-16.1.tar.bz2.sha256 b/postgresql-16.1.tar.bz2.sha256 deleted file mode 100644 index 8c99c3a..0000000 --- a/postgresql-16.1.tar.bz2.sha256 +++ /dev/null @@ -1 +0,0 @@ -ce3c4d85d19b0121fe0d3f8ef1fa601f71989e86f8a66f7dc3ad546dd5564fec postgresql-16.1.tar.bz2 diff --git a/postgresql-16.2.tar.bz2 b/postgresql-16.2.tar.bz2 new file mode 100644 index 0000000..73e12b5 --- /dev/null +++ b/postgresql-16.2.tar.bz2 @@ -0,0 +1,3 @@ +version https://git-lfs.github.com/spec/v1 +oid sha256:446e88294dbc2c9085ab4b7061a646fa604b4bec03521d5ea671c2e5ad9b2952 +size 24711703 diff --git a/postgresql-16.2.tar.bz2.sha256 b/postgresql-16.2.tar.bz2.sha256 new file mode 100644 index 0000000..b05db77 --- /dev/null +++ b/postgresql-16.2.tar.bz2.sha256 @@ -0,0 +1 @@ +446e88294dbc2c9085ab4b7061a646fa604b4bec03521d5ea671c2e5ad9b2952 postgresql-16.2.tar.bz2 diff --git a/postgresql16.changes b/postgresql16.changes index 2acff5e..e905dc6 100644 --- a/postgresql16.changes +++ b/postgresql16.changes @@ -1,3 +1,21 @@ +------------------------------------------------------------------- +Thu Feb 8 13:22:49 UTC 2024 - Reinhard Max + +- Upgrade to 16.2: + * bsc#1219679, CVE-2024-0985: Tighten security restrictions + within REFRESH MATERIALIZED VIEW CONCURRENTLY. + One step of a concurrent refresh command was run under weak + security restrictions. If a materialized view's owner could + persuade a superuser or other high-privileged user to perform a + concurrent refresh on that view, the view's owner could control + code executed with the privileges of the user running REFRESH. + Fix things so that all user-determined code is run as the + view's owner, as expected + * If you use GIN indexes, you may need to reindex after updating + to this release. + * LLVM 18 is now supported. + * https://www.postgresql.org/docs/release/16.2/ + ------------------------------------------------------------------- Wed Nov 8 14:09:29 UTC 2023 - Reinhard Max @@ -27,7 +45,6 @@ Wed Nov 8 14:09:29 UTC 2023 - Reinhard Max such processes. No specific security consequences are known for that oversight, but it might be significant for some extensions. * Add support for LLVM 16 and 17 - * https://www.postgresql.org/about/news/2749 * https://www.postgresql.org/docs/16/release-16-1.html ------------------------------------------------------------------- diff --git a/postgresql16.spec b/postgresql16.spec index 8cba5d2..750e0d8 100644 --- a/postgresql16.spec +++ b/postgresql16.spec @@ -1,7 +1,7 @@ # -# spec file +# spec file for package postgresql16 # -# Copyright (c) 2023 SUSE LLC +# Copyright (c) 2024 SUSE LLC # # All modifications and additions to the file contributed by third parties # remain the property of their copyright owners, unless otherwise agreed @@ -16,11 +16,11 @@ # -%define pgversion 16.1 +%define pgversion 16.2 %define pgmajor 16 %define buildlibs 1 %define tarversion %{pgversion} -%define latest_supported_llvm_ver 17 +%define latest_supported_llvm_ver 18 ### CUT HERE ### %define pgname postgresql%pgmajor @@ -187,7 +187,7 @@ Provides: postgresql = %version-%release Provides: postgresql-implementation = %version-%release Requires: %libpq >= %version Requires(post): postgresql-noarch >= %pgmajor -Requires(postun):postgresql-noarch >= %pgmajor +Requires(postun): postgresql-noarch >= %pgmajor # At this point we changed the package layout on SLE and conflict with # older releases to get a clean cut. Conflicts: postgresql-noarch < 12.0.1 @@ -277,7 +277,7 @@ Provides: %pgname-server-devel = %version-%release Provides: postgresql-server-devel = %version-%release Provides: postgresql-server-devel-implementation = %version-%release Requires(post): postgresql-server-devel-noarch >= %pgmajor -Requires(postun):postgresql-server-devel-noarch >= %pgmajor +Requires(postun): postgresql-server-devel-noarch >= %pgmajor Requires: %pgname-devel = %version Requires: %pgname-server = %version-%release # Installation of postgresql??-devel is exclusive @@ -335,10 +335,10 @@ Recommends: %{name}-llvmjit Provides: postgresql-server-implementation = %version-%release Requires: %libpq >= %version Requires(pre): postgresql-server-noarch >= %pgmajor -Requires(preun):postgresql-server-noarch >= %pgmajor -Requires(postun):postgresql-server-noarch >= %pgmajor +Requires(preun): postgresql-server-noarch >= %pgmajor +Requires(postun): postgresql-server-noarch >= %pgmajor Requires(post): postgresql-noarch >= %pgmajor -Requires(postun):postgresql-noarch >= %pgmajor +Requires(postun): postgresql-noarch >= %pgmajor %description server PostgreSQL is an advanced object-relational database management system @@ -377,7 +377,7 @@ Requires: %pgname-server-devel = %version %if %{with llvm} Requires: %pgname-llvmjit = %version Requires(post): postgresql-llvmjit-devel-noarch >= %pgmajor -Requires(postun):postgresql-llvmjit-devel-noarch >= %pgmajor +Requires(postun): postgresql-llvmjit-devel-noarch >= %pgmajor %requires_file %_bindir/llc %requires_file %_bindir/clang %endif