94ba80f6a5Accepting request 1247459 from server:database:postgresqlAna Guerrero2025-02-20 18:46:45 +00:00
f2d9242304- Upgrade to 16.8: * Improve behavior of libpq's quoting functions: The changes made for CVE-2025-1094 had one serious oversight: PQescapeLiteral() and PQescapeIdentifier() failed to honor their string length parameter, instead always reading to the input string's trailing null. This resulted in including unwanted text in the output, if the caller intended to truncate the string via the length parameter. With very bad luck it could cause a crash due to reading off the end of memory. In addition, modify all these quoting functions so that when invalid encoding is detected, an invalid sequence is substituted for just the first byte of the presumed character, not all of it. This reduces the risk of problems if a calling application performs additional processing on the quoted string. * Fix small memory leak in pg_createsubscriber. * https://www.postgresql.org/docs/release/16.8/ * https://www.postgresql.org/about/news/p-3018/Reinhard Max2025-02-20 16:55:21 +00:00
617571d30dAccepting request 1245715 from server:database:postgresqlAna Guerrero2025-02-13 17:40:32 +00:00
33252a232eAccepting request 1225749 from server:database:postgresqlAna Guerrero2024-11-22 22:51:50 +00:00
ff949ca942- Upgrade to 16.6: * Repair ABI break for extensions that work with struct ResultRelInfo. * Restore functionality of ALTER {ROLE|DATABASE} SET role. * Fix cases where a logical replication slot's restart_lsn could go backwards. * Avoid deleting still-needed WAL files during pg_rewind. * Fix race conditions associated with dropping shared statistics entries. * Count index scans in contrib/bloom indexes in the statistics views, such as the pg_stat_user_indexes.idx_scan counter. * Fix crash when checking to see if an index's opclass options have changed. * Avoid assertion failure caused by disconnected NFA sub-graphs in regular expression parsing. * https://www.postgresql.org/about/news/p-2965/ * https://www.postgresql.org/docs/release/16.6/Reinhard Max2024-11-21 17:46:07 +00:00
5c4da96edfAccepting request 1224292 from server:database:postgresqlAna Guerrero2024-11-15 14:43:16 +00:00
6a28d61790- Upgrade to 16.5: * CVE-2024-10976, bsc#1233323: Ensure cached plans are marked as dependent on the calling role when RLS applies to a non-top-level table reference. * CVE-2024-10977, bsc#1233325: Make libpq discard error messages received during SSL or GSS protocol negotiation. * CVE-2024-10978, bsc#1233326: Fix unintended interactions between SET SESSION AUTHORIZATION and SET ROLE * CVE-2024-10979, bsc#1233327: Prevent trusted PL/Perl code from changing environment variables. * obsoletes postgresql-testsuite-timezone-fix.patch * https://www.postgresql.org/about/news/p-2955/ * https://www.postgresql.org/docs/release/16.5/ * https://www.postgresql.org/about/news/p-2910/Reinhard Max2024-11-14 14:58:17 +00:00
f6f2fd362a- Upgrade to 16.3 (bsc#1224051): * bsc#1224038, CVE-2024-4317: Restrict visibility of pg_stats_ext and pg_stats_ext_exprs entries to the table owner. See the release notes for the steps that have to be taken to fix existing PostgreSQL instances. * Fix incompatibility with LLVM 18. * https://www.postgresql.org/docs/release/16.3/ - Prepare for PostgreSQL 17. - Make sure all compilation and doc generation happens in %build.Reinhard Max2024-05-09 15:28:22 +00:00
08aff6891fAccepting request 1156837 from home:AdaLovelace:branches:server:database:postgresqlReinhard Max2024-03-11 09:11:00 +00:00
e47af1e89eAccepting request 1154714 from server:database:postgresqlAna Guerrero2024-03-05 17:47:15 +00:00
f2c28ee5fdAccepting request 1153285 from home:dimstar:rpm4.20:pReinhard Max2024-03-04 14:16:40 +00:00
b3e6024b04Accepting request 1145268 from server:database:postgresqlAna Guerrero2024-02-09 22:51:50 +00:00
a7bb8537ff- Upgrade to 16.2: * bsc#1219679, CVE-2024-0985: Tighten security restrictions within REFRESH MATERIALIZED VIEW CONCURRENTLY. One step of a concurrent refresh command was run under weak security restrictions. If a materialized view's owner could persuade a superuser or other high-privileged user to perform a concurrent refresh on that view, the view's owner could control code executed with the privileges of the user running REFRESH. Fix things so that all user-determined code is run as the view's owner, as expected * If you use GIN indexes, you may need to reindex after updating to this release. * LLVM 18 is now supported. * https://www.postgresql.org/docs/release/16.2/Reinhard Max2024-02-08 15:21:00 +00:00
e098bbad56Accepting request 1124709 from server:database:postgresqlAna Guerrero2023-11-10 11:29:04 +00:00
a214bf4a49Accepting request 1121436 from server:database:postgresqlAna Guerrero2023-11-02 19:20:38 +00:00
537bc93564- boo#1216734: Revert the last change and make the devel package independend of all other subpackages except for the libs.Reinhard Max2023-10-31 11:03:06 +00:00
60139c66faAccepting request 1120248 from server:database:postgresqlAna Guerrero2023-10-26 15:11:38 +00:00
f54e626382- boo#1216022: Call install-alternatives from the devel subpackage as well, otherwise the symlink for ecpg might be missing.Reinhard Max2023-10-10 13:12:15 +00:00
Adrian Schröter
Ana Guerrero
Reinhard Max
Marcus Rueckert
Dominique Leuenberger