From fa961be7d566155928fb226ecd5f547576dc382b1e094dd4eb36423f5de66ee2 Mon Sep 17 00:00:00 2001 From: Reinhard Max Date: Thu, 13 Aug 2020 21:06:11 +0000 Subject: [PATCH] - update to 12.4: * CVE-2020-14349, bsc#1175193: Set a secure search_path in logical replication walsenders and apply workers * CVE-2020-14350, bsc#1175194: Make contrib modules' installation scripts more secure. * https://www.postgresql.org/docs/12/release-12-4.html - Remove postgresql-regress.patch, it does not apply anymore and it does not seem to be needed anymore. - Pack the /usr/lib/postgresql symlink only into the main package. OBS-URL: https://build.opensuse.org/package/show/server:database:postgresql/postgresql12?expand=0&rev=18 --- postgresql-12.3.tar.bz2 | 3 -- postgresql-12.3.tar.bz2.sha256 | 1 - postgresql-12.4.tar.bz2 | 3 ++ postgresql-12.4.tar.bz2.sha256 | 1 + postgresql-regress.patch | 70 ---------------------------------- postgresql12.changes | 13 +++++++ postgresql12.spec | 7 +--- 7 files changed, 19 insertions(+), 79 deletions(-) delete mode 100644 postgresql-12.3.tar.bz2 delete mode 100644 postgresql-12.3.tar.bz2.sha256 create mode 100644 postgresql-12.4.tar.bz2 create mode 100644 postgresql-12.4.tar.bz2.sha256 delete mode 100644 postgresql-regress.patch diff --git a/postgresql-12.3.tar.bz2 b/postgresql-12.3.tar.bz2 deleted file mode 100644 index c41d9fa..0000000 --- a/postgresql-12.3.tar.bz2 +++ /dev/null @@ -1,3 +0,0 @@ -version https://git-lfs.github.com/spec/v1 -oid sha256:94ed64a6179048190695c86ec707cc25d016056ce10fc9d229267d9a8f1dcf41 -size 20439892 diff --git a/postgresql-12.3.tar.bz2.sha256 b/postgresql-12.3.tar.bz2.sha256 deleted file mode 100644 index 816bfe2..0000000 --- a/postgresql-12.3.tar.bz2.sha256 +++ /dev/null @@ -1 +0,0 @@ -94ed64a6179048190695c86ec707cc25d016056ce10fc9d229267d9a8f1dcf41 postgresql-12.3.tar.bz2 diff --git a/postgresql-12.4.tar.bz2 b/postgresql-12.4.tar.bz2 new file mode 100644 index 0000000..41222b8 --- /dev/null +++ b/postgresql-12.4.tar.bz2 @@ -0,0 +1,3 @@ +version https://git-lfs.github.com/spec/v1 +oid sha256:bee93fbe2c32f59419cb162bcc0145c58da9a8644ee154a30b9a5ce47de606cc +size 20669776 diff --git a/postgresql-12.4.tar.bz2.sha256 b/postgresql-12.4.tar.bz2.sha256 new file mode 100644 index 0000000..5d424a5 --- /dev/null +++ b/postgresql-12.4.tar.bz2.sha256 @@ -0,0 +1 @@ +bee93fbe2c32f59419cb162bcc0145c58da9a8644ee154a30b9a5ce47de606cc postgresql-12.4.tar.bz2 diff --git a/postgresql-regress.patch b/postgresql-regress.patch deleted file mode 100644 index 4b0415c..0000000 --- a/postgresql-regress.patch +++ /dev/null @@ -1,70 +0,0 @@ -Index: src/test/regress/expected/horology.out -=================================================================== ---- src/test/regress/expected/horology.out.orig -+++ src/test/regress/expected/horology.out -@@ -652,26 +652,26 @@ SELECT (timestamp with time zone 'tomorr - (1 row) - - -- timestamp with time zone, interval arithmetic around DST change --SET TIME ZONE 'CST7CDT'; --SELECT timestamp with time zone '2005-04-02 12:00-07' + interval '1 day' as "Apr 3, 12:00"; -+SET TIME ZONE 'CST6CDT'; -+SELECT timestamp with time zone '2005-04-02 12:00-06' + interval '1 day' as "Apr 3, 12:00"; - Apr 3, 12:00 - ------------------------------ - Sun Apr 03 12:00:00 2005 CDT - (1 row) - --SELECT timestamp with time zone '2005-04-02 12:00-07' + interval '24 hours' as "Apr 3, 13:00"; -+SELECT timestamp with time zone '2005-04-02 12:00-06' + interval '24 hours' as "Apr 3, 13:00"; - Apr 3, 13:00 - ------------------------------ - Sun Apr 03 13:00:00 2005 CDT - (1 row) - --SELECT timestamp with time zone '2005-04-03 12:00-06' - interval '1 day' as "Apr 2, 12:00"; -+SELECT timestamp with time zone '2005-04-03 12:00-05' - interval '1 day' as "Apr 2, 12:00"; - Apr 2, 12:00 - ------------------------------ - Sat Apr 02 12:00:00 2005 CST - (1 row) - --SELECT timestamp with time zone '2005-04-03 12:00-06' - interval '24 hours' as "Apr 2, 11:00"; -+SELECT timestamp with time zone '2005-04-03 12:00-05' - interval '24 hours' as "Apr 2, 11:00"; - Apr 2, 11:00 - ------------------------------ - Sat Apr 02 11:00:00 2005 CST -Index: src/test/regress/pg_regress.c -=================================================================== ---- src/test/regress/pg_regress.c.orig -+++ src/test/regress/pg_regress.c -@@ -64,7 +64,7 @@ static char *shellprog = SHELLPROG; - */ - #ifndef WIN32 - const char *basic_diff_opts = ""; --const char *pretty_diff_opts = "-U3"; -+const char *pretty_diff_opts = "-U5"; - #else - const char *basic_diff_opts = "-w"; - const char *pretty_diff_opts = "-w -U3"; -Index: src/test/regress/sql/horology.sql -=================================================================== ---- src/test/regress/sql/horology.sql.orig -+++ src/test/regress/sql/horology.sql -@@ -122,11 +122,11 @@ SELECT (timestamp with time zone 'tomorr - SELECT (timestamp with time zone 'tomorrow' > 'now') as "True"; - - -- timestamp with time zone, interval arithmetic around DST change --SET TIME ZONE 'CST7CDT'; --SELECT timestamp with time zone '2005-04-02 12:00-07' + interval '1 day' as "Apr 3, 12:00"; --SELECT timestamp with time zone '2005-04-02 12:00-07' + interval '24 hours' as "Apr 3, 13:00"; --SELECT timestamp with time zone '2005-04-03 12:00-06' - interval '1 day' as "Apr 2, 12:00"; --SELECT timestamp with time zone '2005-04-03 12:00-06' - interval '24 hours' as "Apr 2, 11:00"; -+SET TIME ZONE 'CST6CDT'; -+SELECT timestamp with time zone '2005-04-02 12:00-06' + interval '1 day' as "Apr 3, 12:00"; -+SELECT timestamp with time zone '2005-04-02 12:00-06' + interval '24 hours' as "Apr 3, 13:00"; -+SELECT timestamp with time zone '2005-04-03 12:00-05' - interval '1 day' as "Apr 2, 12:00"; -+SELECT timestamp with time zone '2005-04-03 12:00-05' - interval '24 hours' as "Apr 2, 11:00"; - RESET TIME ZONE; - - diff --git a/postgresql12.changes b/postgresql12.changes index bb409f3..95c4b50 100644 --- a/postgresql12.changes +++ b/postgresql12.changes @@ -1,3 +1,16 @@ +------------------------------------------------------------------- +Thu Aug 13 12:01:34 UTC 2020 - Reinhard Max + +- update to 12.4: + * CVE-2020-14349, bsc#1175193: Set a secure search_path in + logical replication walsenders and apply workers + * CVE-2020-14350, bsc#1175194: Make contrib modules' installation + scripts more secure. + * https://www.postgresql.org/docs/12/release-12-4.html +- Remove postgresql-regress.patch, it does not apply anymore and + it does not seem to be needed anymore. +- Pack the /usr/lib/postgresql symlink only into the main package. + ------------------------------------------------------------------- Tue Jun 16 12:21:43 UTC 2020 - Reinhard Max diff --git a/postgresql12.spec b/postgresql12.spec index fa728a7..493e315 100644 --- a/postgresql12.spec +++ b/postgresql12.spec @@ -16,7 +16,7 @@ # -%define pgversion 12.3 +%define pgversion 12.4 %define pgmajor 12 %define pgsuffix %pgmajor %define buildlibs 1 @@ -136,7 +136,6 @@ Source2: baselibs.conf Source3: postgresql-README.SUSE Source17: postgresql-rpmlintrc Patch1: postgresql-conf.patch -Patch2: postgresql-regress.patch # PL/Perl needs to be linked with rpath (bsc#578053) Patch4: postgresql-plperl-keep-rpath.patch Patch6: postgresql-testsuite-int8.sql.patch @@ -445,7 +444,6 @@ included in the postgresql-server package. # confuse PostgreSQL's build system touch -r configure tmp %patch1 -%patch2 %patch4 %patch6 %patch8 -p1 @@ -842,7 +840,6 @@ fi %pgdocdir/extension %dir %pgdatadir %dir %pgcontribdir -/usr/lib/postgresql %files server -f server.files %defattr(-,root,root) @@ -857,7 +854,6 @@ fi %pgdatadir/tsearch_data %exclude %pgdatadir/tsearch_data/*.rules %dir %pgdatadir -/usr/lib/postgresql %pgdatadir/timezone* %pgdatadir/*.* %if %buildlibs @@ -877,6 +873,7 @@ fi %if %{with llvm} %files llvmjit +%defattr(-,root,root) %pglibdir/llvm* %pglibdir/bitcode/* %endif