From 0c9821a301bd9e4efe4d787fd25638d5e068498c9dfc056944ba5b355e371d15 Mon Sep 17 00:00:00 2001 From: Reinhard Max Date: Thu, 10 Aug 2023 15:25:53 +0000 Subject: [PATCH] - Update to 12.16: * bsc#1214059, CVE-2023-39417: Disallow substituting a schema or owner name into an extension script if the name contains a quote, backslash, or dollar sign. * https://www.postgresql.org/docs/12/release-12-16.html OBS-URL: https://build.opensuse.org/package/show/server:database:postgresql/postgresql12?expand=0&rev=86 --- postgresql-12.15.tar.bz2 | 3 --- postgresql-12.15.tar.bz2.sha256 | 1 - postgresql-12.16.tar.bz2 | 3 +++ postgresql-12.16.tar.bz2.sha256 | 1 + postgresql12.changes | 8 ++++++++ postgresql12.spec | 2 +- 6 files changed, 13 insertions(+), 5 deletions(-) delete mode 100644 postgresql-12.15.tar.bz2 delete mode 100644 postgresql-12.15.tar.bz2.sha256 create mode 100644 postgresql-12.16.tar.bz2 create mode 100644 postgresql-12.16.tar.bz2.sha256 diff --git a/postgresql-12.15.tar.bz2 b/postgresql-12.15.tar.bz2 deleted file mode 100644 index eedfd7c..0000000 --- a/postgresql-12.15.tar.bz2 +++ /dev/null @@ -1,3 +0,0 @@ -version https://git-lfs.github.com/spec/v1 -oid sha256:bb5206e2864c1c4579938b96ea6096d155f22abf2d2cc2aa57571e3c4cb12b36 -size 21127306 diff --git a/postgresql-12.15.tar.bz2.sha256 b/postgresql-12.15.tar.bz2.sha256 deleted file mode 100644 index a89a5a1..0000000 --- a/postgresql-12.15.tar.bz2.sha256 +++ /dev/null @@ -1 +0,0 @@ -bb5206e2864c1c4579938b96ea6096d155f22abf2d2cc2aa57571e3c4cb12b36 postgresql-12.15.tar.bz2 diff --git a/postgresql-12.16.tar.bz2 b/postgresql-12.16.tar.bz2 new file mode 100644 index 0000000..b4bd60a --- /dev/null +++ b/postgresql-12.16.tar.bz2 @@ -0,0 +1,3 @@ +version https://git-lfs.github.com/spec/v1 +oid sha256:c5f1fff7a0f93e1ec3746417b0594290ece617b4995ed95b8d527af0ba0e38f3 +size 21140532 diff --git a/postgresql-12.16.tar.bz2.sha256 b/postgresql-12.16.tar.bz2.sha256 new file mode 100644 index 0000000..664fb34 --- /dev/null +++ b/postgresql-12.16.tar.bz2.sha256 @@ -0,0 +1 @@ +c5f1fff7a0f93e1ec3746417b0594290ece617b4995ed95b8d527af0ba0e38f3 postgresql-12.16.tar.bz2 diff --git a/postgresql12.changes b/postgresql12.changes index e21ec64..3ba13a4 100644 --- a/postgresql12.changes +++ b/postgresql12.changes @@ -1,3 +1,11 @@ +Wed Aug 9 10:25:49 UTC 2023 - Reinhard Max + +- Update to 12.16: + * bsc#1214059, CVE-2023-39417: Disallow substituting a schema or + owner name into an extension script if the name contains a + quote, backslash, or dollar sign. + * https://www.postgresql.org/docs/12/release-12-16.html + ------------------------------------------------------------------- Fri May 26 11:48:38 UTC 2023 - Reinhard Max diff --git a/postgresql12.spec b/postgresql12.spec index a46dec1..3a5942a 100644 --- a/postgresql12.spec +++ b/postgresql12.spec @@ -16,7 +16,7 @@ # -%define pgversion 12.15 +%define pgversion 12.16 %define pgmajor 12 %define buildlibs 0 %define tarversion %{pgversion}