Accepting request 1145268 from server:database:postgresql
- Upgrade to 16.2: * bsc#1219679, CVE-2024-0985: Tighten security restrictions within REFRESH MATERIALIZED VIEW CONCURRENTLY. One step of a concurrent refresh command was run under weak security restrictions. If a materialized view's owner could persuade a superuser or other high-privileged user to perform a concurrent refresh on that view, the view's owner could control code executed with the privileges of the user running REFRESH. Fix things so that all user-determined code is run as the view's owner, as expected * If you use GIN indexes, you may need to reindex after updating to this release. * LLVM 18 is now supported. * https://www.postgresql.org/docs/release/16.2/ OBS-URL: https://build.opensuse.org/request/show/1145268 OBS-URL: https://build.opensuse.org/package/show/openSUSE:Factory/postgresql16?expand=0&rev=5
This commit is contained in:
commit
b3e6024b04
@ -1,3 +0,0 @@
|
||||
version https://git-lfs.github.com/spec/v1
|
||||
oid sha256:ce3c4d85d19b0121fe0d3f8ef1fa601f71989e86f8a66f7dc3ad546dd5564fec
|
||||
size 24605482
|
@ -1 +0,0 @@
|
||||
ce3c4d85d19b0121fe0d3f8ef1fa601f71989e86f8a66f7dc3ad546dd5564fec postgresql-16.1.tar.bz2
|
3
postgresql-16.2.tar.bz2
Normal file
3
postgresql-16.2.tar.bz2
Normal file
@ -0,0 +1,3 @@
|
||||
version https://git-lfs.github.com/spec/v1
|
||||
oid sha256:446e88294dbc2c9085ab4b7061a646fa604b4bec03521d5ea671c2e5ad9b2952
|
||||
size 24711703
|
1
postgresql-16.2.tar.bz2.sha256
Normal file
1
postgresql-16.2.tar.bz2.sha256
Normal file
@ -0,0 +1 @@
|
||||
446e88294dbc2c9085ab4b7061a646fa604b4bec03521d5ea671c2e5ad9b2952 postgresql-16.2.tar.bz2
|
@ -1,3 +1,21 @@
|
||||
-------------------------------------------------------------------
|
||||
Thu Feb 8 13:22:49 UTC 2024 - Reinhard Max <max@suse.com>
|
||||
|
||||
- Upgrade to 16.2:
|
||||
* bsc#1219679, CVE-2024-0985: Tighten security restrictions
|
||||
within REFRESH MATERIALIZED VIEW CONCURRENTLY.
|
||||
One step of a concurrent refresh command was run under weak
|
||||
security restrictions. If a materialized view's owner could
|
||||
persuade a superuser or other high-privileged user to perform a
|
||||
concurrent refresh on that view, the view's owner could control
|
||||
code executed with the privileges of the user running REFRESH.
|
||||
Fix things so that all user-determined code is run as the
|
||||
view's owner, as expected
|
||||
* If you use GIN indexes, you may need to reindex after updating
|
||||
to this release.
|
||||
* LLVM 18 is now supported.
|
||||
* https://www.postgresql.org/docs/release/16.2/
|
||||
|
||||
-------------------------------------------------------------------
|
||||
Wed Nov 8 14:09:29 UTC 2023 - Reinhard Max <max@suse.com>
|
||||
|
||||
@ -27,7 +45,6 @@ Wed Nov 8 14:09:29 UTC 2023 - Reinhard Max <max@suse.com>
|
||||
such processes. No specific security consequences are known for
|
||||
that oversight, but it might be significant for some extensions.
|
||||
* Add support for LLVM 16 and 17
|
||||
* https://www.postgresql.org/about/news/2749
|
||||
* https://www.postgresql.org/docs/16/release-16-1.html
|
||||
|
||||
-------------------------------------------------------------------
|
||||
|
@ -1,7 +1,7 @@
|
||||
#
|
||||
# spec file
|
||||
# spec file for package postgresql16
|
||||
#
|
||||
# Copyright (c) 2023 SUSE LLC
|
||||
# Copyright (c) 2024 SUSE LLC
|
||||
#
|
||||
# All modifications and additions to the file contributed by third parties
|
||||
# remain the property of their copyright owners, unless otherwise agreed
|
||||
@ -16,11 +16,11 @@
|
||||
#
|
||||
|
||||
|
||||
%define pgversion 16.1
|
||||
%define pgversion 16.2
|
||||
%define pgmajor 16
|
||||
%define buildlibs 1
|
||||
%define tarversion %{pgversion}
|
||||
%define latest_supported_llvm_ver 17
|
||||
%define latest_supported_llvm_ver 18
|
||||
|
||||
### CUT HERE ###
|
||||
%define pgname postgresql%pgmajor
|
||||
|
Loading…
Reference in New Issue
Block a user