November 2023 Security Updates

OBS-URL: https://build.opensuse.org/package/show/server:database:postgresql/postgresql12?expand=0&rev=93

0001-jit-Workaround-potential-datalayout-mismatch-on-s390.patch

@@ -14,21 +14,13 @@ causes the JIT to fail at runtime.
 
 --- src/backend/jit/llvm/llvmjit.c.orig
 +++ src/backend/jit/llvm/llvmjit.c
-@@ -101,6 +101,7 @@ LLVMValueRef FuncExecEvalSysVar;
- LLVMValueRef FuncExecAggTransReparent;
- LLVMValueRef FuncExecAggInitGroup;
- 
-+LLVMModuleRef mod = NULL;
- 
- static bool llvm_session_initialized = false;
- static size_t llvm_generation = 0;
-@@ -742,6 +743,35 @@ llvm_compile_module(LLVMJitContext *cont
+@@ -736,6 +736,35 @@ llvm_compile_module(LLVMJitContext *cont
  }
  
  /*
 + * For the systemz target, LLVM uses a different datalayout for z13 and newer
 + * CPUs than it does for older CPUs.  This can cause a mismatch in datalayouts
-+ * in the case where the llvm_types_module (mod) is compiled with a pre-z13 CPU
++ * in the case where the llvm_types_module is compiled with a pre-z13 CPU
 + * and the JIT is running on z13 or newer.
 + * See computeDataLayout() function in
 + * llvm/lib/Target/SystemZ/SystemZTargetMachine.cpp for information on the
@@ -46,7 +38,7 @@ causes the JIT to fail at runtime.
 +		return false;
 +	}
 +
-+	llvm_context = LLVMGetModuleContext(mod);
++	llvm_context = LLVMGetModuleContext(llvm_types_module);
 +	vec_type = LLVMVectorType(LLVMIntTypeInContext(llvm_context, 32), 4);
 +	llvm_layoutref = LLVMCreateTargetData(llvm_layout);
 +	ret = (LLVMABIAlignmentOfType(llvm_layoutref, vec_type) == 16);
@@ -58,7 +50,7 @@ causes the JIT to fail at runtime.
   * Per session initialization.
   */
  static void
-@@ -750,6 +780,7 @@ llvm_session_initialize(void)
+@@ -744,6 +773,7 @@ llvm_session_initialize(void)
  	MemoryContext oldcontext;
  	char	   *error = NULL;
  	char	   *cpu = NULL;
@@ -66,7 +58,7 @@ causes the JIT to fail at runtime.
  	char	   *features = NULL;
  	LLVMTargetMachineRef opt0_tm;
  	LLVMTargetMachineRef opt3_tm;
-@@ -781,10 +812,17 @@ llvm_session_initialize(void)
+@@ -775,10 +805,17 @@ llvm_session_initialize(void)
  	 * features not all CPUs have (weird, huh).
  	 */
  	cpu = LLVMGetHostCPUName();
@@ -85,7 +77,7 @@ causes the JIT to fail at runtime.
  	opt0_tm =
  		LLVMCreateTargetMachine(llvm_targetref, llvm_triple, cpu, features,
  								LLVMCodeGenLevelNone,
-@@ -798,8 +836,13 @@ llvm_session_initialize(void)
+@@ -792,8 +829,13 @@ llvm_session_initialize(void)
  
  	LLVMDisposeMessage(cpu);
  	cpu = NULL;
@@ -100,11 +92,3 @@ causes the JIT to fail at runtime.
  
  	/* force symbols in main binary to be loaded */
  	LLVMLoadLibraryPermanently(NULL);
-@@ -952,7 +995,6 @@ llvm_create_types(void)
- 	char		path[MAXPGPATH];
- 	LLVMMemoryBufferRef buf;
- 	char	   *msg;
--	LLVMModuleRef mod = NULL;
- 
- 	snprintf(path, MAXPGPATH, "%s/%s", pkglib_path, "llvmjit_types.bc");
- 

postgresql-12.17.tar.bz2

@@ -0,0 +1,3 @@
+version https://git-lfs.github.com/spec/v1
+oid sha256:93e8e1b23981d5f03c6c5763f77b28184c1ce4db7194fa466e2edb65d9c1c5f6
+size 21181616

postgresql-12.17.tar.bz2.sha256

@@ -0,0 +1 @@
+93e8e1b23981d5f03c6c5763f77b28184c1ce4db7194fa466e2edb65d9c1c5f6  postgresql-12.17.tar.bz2

postgresql12.changes

@@ -1,3 +1,35 @@
+-------------------------------------------------------------------
+Wed Nov  8 14:37:39 UTC 2023 - Reinhard Max <max@suse.com>
+
+- Update to 12.17:
+  * bsc#1216962, CVE-2023-5868: Fix handling of unknown-type
+    arguments in DISTINCT "any" aggregate functions. This error led
+    to a text-type value being interpreted as an unknown-type value
+    (that is, a zero-terminated string) at runtime. This could
+    result in disclosure of server memory following the text value.
+  * bsc#1216961, CVE-2023-5869: Detect integer overflow while
+    computing new array dimensions. When assigning new elements to
+    array subscripts that are outside the current array bounds, an
+    undetected integer overflow could occur in edge cases. Memory
+    stomps that are potentially exploitable for arbitrary code
+    execution are possible, and so is disclosure of server memory.
+  * bsc#1216960, CVE-2023-5870: Prevent the pg_signal_backend role
+    from signalling background workers and autovacuum processes.
+    The documentation says that pg_signal_backend cannot issue
+    signals to superuser-owned processes. It was able to signal
+    these background  processes, though, because they advertise a
+    role OID of zero. Treat that as indicating superuser ownership.
+    The security implications of cancelling one of these process
+    types are fairly small so far as the core code goes (we'll just
+    start another one), but extensions might add background workers
+    that are more vulnerable.
+    Also ensure that the is_superuser parameter is set correctly in
+    such processes. No specific security consequences are known for
+    that oversight, but it might be significant for some extensions.
+  * Add support for LLVM 16 and 17
+  * https://www.postgresql.org/about/news/2749
+  * https://www.postgresql.org/docs/12/release-12-17.html 
+
 -------------------------------------------------------------------
 Tue Oct 31 10:57:13 UTC 2023 - Reinhard Max <max@suse.com>
 

postgresql12.spec

@@ -16,7 +16,7 @@
 #
 
 
-%define pgversion 12.16
+%define pgversion 12.17
 %define pgmajor 12
 %define buildlibs 0
 %define tarversion %{pgversion}
@@ -797,11 +797,9 @@ awk -v P=%buildroot '/^(%lang|[^%])/{print P $NF}' libpq.files libecpg.files | x
 
 %post -n %pgname-%devel
 /sbin/ldconfig
-/usr/share/postgresql/install-alternatives %pgmajor
 
 %postun -n %pgname-%devel
 /sbin/ldconfig
-/usr/share/postgresql/install-alternatives %pgmajor
 
 %if %{with server_devel}
 %post server-devel