postgresql12/postgresql12.changes

-------------------------------------------------------------------
Thu Mar  7 15:04:40 UTC 2024 - Sarah Kriesch <sarah.kriesch@opensuse.org>

- Remove constraints file because improved memory usage for s390x

-------------------------------------------------------------------
Thu Feb 29 14:38:15 UTC 2024 - Dominique Leuenberger <dimstar@opensuse.org>

- Use %patch -P N instead of deprecated %patchN.

-------------------------------------------------------------------
Thu Feb  8 14:32:50 UTC 2024 - Reinhard Max <max@suse.com>

- Upgrade to 12.18:
  * bsc#1219679, CVE-2024-0985: Tighten security restrictions
    within REFRESH MATERIALIZED VIEW CONCURRENTLY.
    One step of a concurrent refresh command was run under weak
    security restrictions. If a materialized view's owner could
    persuade a superuser or other high-privileged user to perform a
    concurrent refresh on that view, the view's owner could control
    code executed with the privileges of the user running REFRESH.
    Fix things so that all user-determined code is run as the
    view's owner, as expected
  * If you use GIN indexes, you may need to reindex after updating
    to this release.
  * LLVM 18 is now supported.
  * https://www.postgresql.org/docs/release/12.18/

-------------------------------------------------------------------
Wed Nov  8 14:37:39 UTC 2023 - Reinhard Max <max@suse.com>

- Update to 12.17:
  * bsc#1216962, CVE-2023-5868: Fix handling of unknown-type
    arguments in DISTINCT "any" aggregate functions. This error led
    to a text-type value being interpreted as an unknown-type value
    (that is, a zero-terminated string) at runtime. This could
    result in disclosure of server memory following the text value.
  * bsc#1216961, CVE-2023-5869: Detect integer overflow while
    computing new array dimensions. When assigning new elements to
    array subscripts that are outside the current array bounds, an
    undetected integer overflow could occur in edge cases. Memory
    stomps that are potentially exploitable for arbitrary code
    execution are possible, and so is disclosure of server memory.
  * bsc#1216960, CVE-2023-5870: Prevent the pg_signal_backend role
    from signalling background workers and autovacuum processes.
    The documentation says that pg_signal_backend cannot issue
    signals to superuser-owned processes. It was able to signal
    these background  processes, though, because they advertise a
    role OID of zero. Treat that as indicating superuser ownership.
    The security implications of cancelling one of these process
    types are fairly small so far as the core code goes (we'll just
    start another one), but extensions might add background workers
    that are more vulnerable.
    Also ensure that the is_superuser parameter is set correctly in
    such processes. No specific security consequences are known for
    that oversight, but it might be significant for some extensions.
  * Add support for LLVM 16 and 17
  * https://www.postgresql.org/docs/12/release-12-17.html 

-------------------------------------------------------------------
Tue Oct 31 10:57:13 UTC 2023 - Reinhard Max <max@suse.com>

- boo#1216734: Revert the last change and make the devel package
  independend of all other subpackages except for the libs.

-------------------------------------------------------------------
Tue Oct 10 12:49:02 UTC 2023 - Reinhard Max <max@suse.com>

- boo#1216022: Call install-alternatives from the devel subpackage
  as well, otherwise the symlink for ecpg might be missing.

-------------------------------------------------------------------
Mon Sep 18 15:24:14 UTC 2023 - Dominique Leuenberger <dimstar@opensuse.org>

- Also buildignore the postgresql*-implementation symbols: this is
  needed in order to bootstrap when no postgresql version currently
  has valid symbols provided. Once the packages are built, OBS
  could translate this to the pgname-* packages and accept the
  ignores; during bootstrap though, there is nothing providing the
  symbol and the existing buildignores do not suffice.

-------------------------------------------------------------------
Wed Aug  9 10:25:49 UTC 2023 - Reinhard Max <max@suse.com>

- Update to 12.16:
  * bsc#1214059, CVE-2023-39417: Disallow substituting a schema or
    owner name into an extension script if the name contains a
    quote, backslash, or dollar sign.
  * https://www.postgresql.org/docs/12/release-12-16.html

-------------------------------------------------------------------
Fri May 26 11:48:38 UTC 2023 - Reinhard Max <max@suse.com>

- Restore the independence of mini builds from the main build after
  the -mini name change from April 4, 2023.
- Adjust icu handling to prepare for PostgreSQL 16.

-------------------------------------------------------------------
Mon May 15 14:22:59 UTC 2023 - Reinhard Max <max@suse.com>

- Overhaul postgresql-README.SUSE and move it from the binary
  package to the noarch wrapper package.
- Change the unix domain socket location from /var/run to /run.

-------------------------------------------------------------------
Wed May 10 13:05:58 UTC 2023 - Reinhard Max <max@suse.com>

- Update to 12.15:
  * bsc#1211228, CVE-2023-2454:
    Prevent CREATE SCHEMA from defeating changes in search_path
  * bsc#1211229, CVE-2023-2455: Enforce row-level security
    policies correctly after inlining a set-returning function
  * https://www.postgresql.org/about/news/2637/
  * https://www.postgresql.org/docs/12/release-12-15.html

-------------------------------------------------------------------
Tue Apr 18 09:05:09 UTC 2023 - Reinhard Max <max@suse.com>

- bsc#1210303: Stop using the obsolete internal %_restart_on_update
  macro and drop support for sysv init to simplify the scriptlets.

-------------------------------------------------------------------
Tue Apr  4 10:57:41 UTC 2023 - Fabian Vogt <fvogt@suse.com>

- Include -mini in Name: to avoid conflicts in the source package
  name and OBS internal dependency tracking.

-------------------------------------------------------------------
Thu Feb  9 12:03:07 UTC 2023 - Reinhard Max <max@suse.com>

- Update to 12.14:
  * CVE-2022-41862, bsc#1208102: memory leak in libpq
  * https://www.postgresql.org/about/news/2592/
  * https://www.postgresql.org/docs/12/release-12-14.html
- Bump latest_supported_llvm_ver to 15.

-------------------------------------------------------------------
Thu Nov 10 16:29:10 UTC 2022 - Reinhard Max <max@suse.com>

- bsc#1205300: Update to 12.13:
  * https://www.postgresql.org/about/news/2543/
  * https://www.postgresql.org/docs/12/release-12-13.html
- Sync spec file with postgresql15.

-------------------------------------------------------------------
Thu Sep 22 21:26:36 UTC 2022 - Aaron Puchert <aaronpuchert@alice-dsl.net>

- Create mechanism to specify the latest supported LLVM version.
  Automatically pin to that version if the distribution has a newer
  unsupported default version.

-------------------------------------------------------------------
Tue Sep 13 12:37:53 UTC 2022 - Reinhard Max <max@suse.com>

- Sync spec file with postgresql15.

-------------------------------------------------------------------
Mon Sep 12 07:52:42 UTC 2022 - Andreas Schwab <schwab@suse.de>

- Disable LLVM JIT on riscv64

-------------------------------------------------------------------
Fri Aug 12 11:12:47 UTC 2022 - Reinhard Max <max@suse.com>

- - Update to 12.12:
  * bsc#1202368, CVE-2022-2625: Extension scripts replace objects
    not belonging to the extension.
  * https://www.postgresql.org/docs/release/12.12/

-------------------------------------------------------------------
Thu May 12 10:55:58 UTC 2022 - Reinhard Max <max@suse.com>

- Update to 12.11:
  * bsc#1199475, CVE-2022-1552: Confine additional operations
    within "security restricted operation" sandboxes.
  * https://www.postgresql.org/docs/12/release-12-11.html

-------------------------------------------------------------------
Wed Apr 13 12:17:48 UTC 2022 - Reinhard Max <max@suse.com>

- bsc#1198166: Pin to llvm13 until the next patchlevel update.

-------------------------------------------------------------------
Tue Feb  8 15:18:19 UTC 2022 - Reinhard Max <max@suse.com>

- bsc#1195680: Upgrade to 12.10:
  * https://www.postgresql.org/docs/12/release-12-10.html
  * Reindexing might be needed after applying this upgrade, so
    please read the release notes carefully.
- boo#1190740: Add constraints file with 12GB of memory for s390x
  as a workaround

-------------------------------------------------------------------
Thu Nov 25 11:02:15 UTC 2021 - Reinhard Max <max@suse.com>

- Add a llvmjit-devel subpackage to pull in the right versions
  of clang and llvm for building extensions. 
- Fix some mistakes in the interdependencies between the
  implementation packages and their noarch counterpart.
- Update the BuildIgnore section.

-------------------------------------------------------------------
Wed Nov 10 18:07:22 UTC 2021 - Reinhard Max <max@suse.com>

- bsc#1192516: Upgrade to version 12.9:
  * Make the server reject extraneous data after an SSL or GSS
    encryption handshake (CVE-2021-23214).
  * Make libpq reject extraneous data after an SSL or GSS
    encryption handshake (CVE-2021-23222).
  * https://www.postgresql.org/docs/12/release-12-9.html

-------------------------------------------------------------------
Mon Sep 27 14:15:20 UTC 2021 - Reinhard Max <max@suse.com>

- Let genlists skip non-existing binaries to avoid lots of version
  conditionals in the file lists.
- Remove postgresql-testsuite-int8.sql.patch, because its purpose
  is unclear. This affects only the test subpackage.

-------------------------------------------------------------------
Tue Aug 31 11:14:53 UTC 2021 - Reinhard Max <max@suse.com>

- bsc#1185952: fix build with llvm12 on s390x.
  0001-jit-Workaround-potential-datalayout-mismatch-on-s390.patch 
- bsc#1179945: Re-enable icu for PostgreSQL 10.

-------------------------------------------------------------------
Tue Aug 24 13:01:54 UTC 2021 - Marcus Rueckert <mrueckert@suse.de>

- Upgrade to version 12.8:
  * https://www.postgresql.org/docs/12/release-12-8.html
  * CVE-2021-3677 (boo#1189748)
    The planner could create an incorrect plan in cases where two
    ProjectionPaths were stacked on top of each other. The only
    known way to trigger that situation involves parallel sort
    operations, but there may be other instances. The result would
    be crashes or incorrect query results. Disclosure of server
    memory contents is also possible.

-------------------------------------------------------------------
Fri Jul  2 07:47:15 UTC 2021 - Reinhard Max <max@suse.com>

- bsc#1187751: Make the dependency of postgresqlXX-server-devel on
  llvm and clang optional (postgresql-llvm-optional.patch).

-------------------------------------------------------------------
Wed May 19 15:24:24 UTC 2021 - Reinhard Max <max@suse.com>

- bsc#1185952: llvm12 breaks PostgreSQL 11 and 12 on s390x.
  Use llvm11 as a workaround.

-------------------------------------------------------------------
Tue May 11 16:19:19 UTC 2021 - Reinhard Max <max@suse.com>

- Upgrade to version 12.7:
  * https://www.postgresql.org/docs/12/release-12-7.html
  * CVE-2021-32027, bsc#1185924:
    Prevent integer overflows in array subscripting calculations.
  * CVE-2021-32028, bsc#1185925: Fix mishandling of “junk”
    columns in INSERT ... ON CONFLICT ... UPDATE target lists.
  * CVE-2021-32029, bsc#1185926: Fix possibly-incorrect
    computation of UPDATE ... RETURNING
    "pg_psql_temporary_savepoint" does not exist”.

- Don't use %_stop_on_removal, because it was meant to be private
  and got removed from openSUSE. %_restart_on_update is also
  private, but still supported and needed for now (bsc#1183168).

-------------------------------------------------------------------
Mon Mar 15 19:29:39 UTC 2021 - Reinhard Max <max@suse.com>

- Re-enable build of the llvmjit subpackage on SLE, but it will
  only be delivered on PackageHub for now (boo#1183118).

-------------------------------------------------------------------
Tue Mar  9 13:52:19 UTC 2021 - Reinhard Max <max@suse.com>

- Remove leftover PreReq on chkconfig, we stopped using it long
  time ago.

-------------------------------------------------------------------
Fri Feb 19 15:30:08 UTC 2021 - Reinhard Max <max@suse.com>

- boo#1179945: Disable icu for PostgreSQL 10 (and older) on TW.

-------------------------------------------------------------------
Wed Feb 10 13:32:07 UTC 2021 - Reinhard Max <max@suse.com>

Upgrade to version 12.6:
  * https://www.postgresql.org/docs/12/release-12-6.html  
  * Reindexing might be needed after applying this update.
  * CVE-2021-3393, bsc#1182040: Fix information leakage in
    constraint-violation error messages.
  * Obsoletes postgresql-icu68.patch.

-------------------------------------------------------------------
Mon Dec 14 16:19:33 UTC 2020 - Callum Farmer <gmbr3@opensuse.org>

- Add postgresql-icu68.patch: fix build with ICU 68

-------------------------------------------------------------------
Fri Nov 20 11:51:37 UTC 2020 - Reinhard Max <max@suse.com>

- bsc#1178961: %ghost the symlinks to pg_config and ecpg.
- boo#1179765: BuildRequire libpq5 and libecpg6 when not building
  them to avoid dangling symlinks in the devel package.

-------------------------------------------------------------------
Wed Nov 11 12:04:35 UTC 2020 - Reinhard Max <max@suse.com>

- Upgrade to version 12.5:
  * CVE-2020-25695, bsc#1178666: Block DECLARE CURSOR ... WITH HOLD
    and firing of deferred triggers within index expressions and
    materialized view queries.
  * CVE-2020-25694, bsc#1178667:
    a) Fix usage of complex connection-string parameters in pg_dump,
    pg_restore, clusterdb, reindexdb, and vacuumdb.
    b) When psql's \connect command re-uses connection parameters,
    ensure that all non-overridden parameters from a previous
    connection string are re-used.
  * CVE-2020-25696, bsc#1178668: Prevent psql's \gset command from
    modifying specially-treated variables.
  * Fix recently-added timetz test case so it works when the USA
    is not observing daylight savings time.
    (obsoletes postgresql-timetz.patch)
  * https://www.postgresql.org/about/news/2111/
  * https://www.postgresql.org/docs/12/release-12-5.html

-------------------------------------------------------------------
Tue Nov  3 13:54:38 UTC 2020 - Reinhard Max <max@suse.com>

- Fix a DST problem in the test suite: postgresql-timetz.patch
  https://postgr.es/m/16689-57701daa23b377bf@postgresql.org

-------------------------------------------------------------------
Fri Sep 25 07:34:28 UTC 2020 - Reinhard Max <max@suse.com>

- Stop building the mini and lib packages as they are now coming
  from postgresql13.

-------------------------------------------------------------------
Thu Aug 13 12:01:34 UTC 2020 - Reinhard Max <max@suse.com>

- update to 12.4:
  * CVE-2020-14349, bsc#1175193: Set a secure search_path in
    logical replication walsenders and apply workers
  * CVE-2020-14350, bsc#1175194: Make contrib modules' installation
    scripts more secure.
  * https://www.postgresql.org/docs/12/release-12-4.html
- Remove postgresql-regress.patch, it does not apply anymore and
  it does not seem to be needed anymore.
- Pack the /usr/lib/postgresql symlink only into the main package.

-------------------------------------------------------------------
Tue Jun 16 12:21:43 UTC 2020 - Reinhard Max <max@suse.com>

- Let postgresqlXX conflict with postgresql-noarch < 12.0.1 to get
  a clean and complete cutover to the new packaging schema.

-------------------------------------------------------------------
Wed Jun  3 17:36:27 UTC 2020 - Reinhard Max <max@suse.com>

- update to 12.3 (bsc#1171924).
  https://www.postgresql.org/about/news/2038/
  https://www.postgresql.org/docs/12/release-12-3.html
- Unify the spec file to work across all current PostgreSQL
  versions to simplify future maintenance.
- Move from the "libs" build flavour to a "mini" package that will
  only be used inside the build service and not get shipped, to
  avoid confusion with the debuginfo packages (bsc#1148643).

-------------------------------------------------------------------
Fri May 15 10:13:58 UTC 2020 - Namor Barcode <z1trus@gmx.com>

- update to 12.3
  https://www.postgresql.org/about/news/2038/
  https://www.postgresql.org/docs/12/release-12-3.html

-------------------------------------------------------------------
Tue Mar 31 14:23:52 UTC 2020 - Reinhard Max <max@suse.com>

- Temporarily disable JIT support on SLE until support status of
  clang has been clarified.
- We only need clang for LLVM, not clang-devel.

-------------------------------------------------------------------
Thu Feb 27 08:58:37 UTC 2020 - Reinhard Max <max@suse.com>

- Fix a few mistakes in the spec file.

-------------------------------------------------------------------
Sat Feb 15 03:02:07 UTC 2020 - Marcus Rueckert <mrueckert@suse.de>

- update to 12.2 (CVE-2020-1720)
  https://www.postgresql.org/about/news/2011/
  https://www.postgresql.org/docs/12/release-12-2.html

-------------------------------------------------------------------
Fri Feb 14 07:53:46 UTC 2020 - Guillaume GARDET <guillaume.gardet@opensuse.org>

- Disable explicitly armv8 CRC for %arm, as we use some armv8
  workers for armv6/7 builds which is confusing configure script

-------------------------------------------------------------------
Tue Feb 11 04:15:40 UTC 2020 - Stefan Brüns <stefan.bruens@rwth-aachen.de>

- Avoid the dependency from the devel package to the main package.
  devel packages are exclusive, thus ecpg does not require
  update-alternatives.

-------------------------------------------------------------------
Thu Feb  6 17:13:41 UTC 2020 - Reinhard Max <max@suse.com>

- Remove unused build dependencies from the client libs package:
  LVM, icu, selinux, systemd.
- Drop conditionals for suse_version 1110/1120.

-------------------------------------------------------------------
Fri Dec 20 14:46:29 UTC 2019 - Marcus Rueckert <mrueckert@suse.de>

- update to 12.1
  https://www.postgresql.org/docs/12/release-12-1.html
  https://www.postgresql.org/about/news/1994/

-------------------------------------------------------------------
Tue Oct 22 16:50:55 UTC 2019 - Marcus Rueckert <mrueckert@suse.de>

- add requires to the server-devel package for the libs that are
  returned by pg_config --libs

-------------------------------------------------------------------
Mon Oct  7 09:03:24 UTC 2019 - Marcus Rueckert <mrueckert@suse.de>

- initial package for the postgresql 12 branch
  https://www.postgresql.org/about/news/1976/