rpm/postgresql12
SHA256
1
0
Fork 0
forked from pool/postgresql12
Code Pull Requests Activity

- Upgrade to 12.18:

Browse Source 
* bsc#1219679, CVE-2024-0985: Tighten security restrictions
    within REFRESH MATERIALIZED VIEW CONCURRENTLY.
    One step of a concurrent refresh command was run under weak
    security restrictions. If a materialized view's owner could
    persuade a superuser or other high-privileged user to perform a
    concurrent refresh on that view, the view's owner could control
    code executed with the privileges of the user running REFRESH.
    Fix things so that all user-determined code is run as the
    view's owner, as expected
  * If you use GIN indexes, you may need to reindex after updating
    to this release.
  * LLVM 18 is now supported.
  * https://www.postgresql.org/docs/release/12.18/

OBS-URL: https://build.opensuse.org/package/show/server:database:postgresql/postgresql12?expand=0&rev=94
This commit is contained in:
Reinhard Max
2024-02-08 15:26:36 +00:00
committed by Git OBS Bridge
parent 6923d19d72
commit 2e2b4a38db
8 changed files with 32 additions and 19 deletions
Download Patch File Download Diff File Expand all files Collapse all files

19
postgresql12.changes
View File

@@ -1,3 +1,21 @@
-------------------------------------------------------------------
Thu Feb 8 14:32:50 UTC 2024 - Reinhard Max <max@suse.com>
- Upgrade to 12.18:
* bsc#1219679, CVE-2024-0985: Tighten security restrictions
within REFRESH MATERIALIZED VIEW CONCURRENTLY.
One step of a concurrent refresh command was run under weak
security restrictions. If a materialized view's owner could
persuade a superuser or other high-privileged user to perform a
concurrent refresh on that view, the view's owner could control
code executed with the privileges of the user running REFRESH.
Fix things so that all user-determined code is run as the
view's owner, as expected
* If you use GIN indexes, you may need to reindex after updating
to this release.
* LLVM 18 is now supported.
* https://www.postgresql.org/docs/release/12.18/
-------------------------------------------------------------------
Wed Nov 8 14:37:39 UTC 2023 - Reinhard Max <max@suse.com>
@@ -27,7 +45,6 @@ Wed Nov 8 14:37:39 UTC 2023 - Reinhard Max <max@suse.com>
such processes. No specific security consequences are known for
that oversight, but it might be significant for some extensions.
* Add support for LLVM 16 and 17
* https://www.postgresql.org/about/news/2749
* https://www.postgresql.org/docs/12/release-12-17.html
-------------------------------------------------------------------