postgresql13/postgresql13.changes

-------------------------------------------------------------------
Tue Aug 24 12:45:53 UTC 2021 - Marcus Rueckert <mrueckert@suse.de>

- Upgrade to version 13.4:
  https://www.postgresql.org/docs/13/release-13-4.html
  * CVE-2021-3677 (boo#1189748)
    The planner could create an incorrect plan in cases where two
    ProjectionPaths were stacked on top of each other. The only
    known way to trigger that situation involves parallel sort
    operations, but there may be other instances. The result would
    be crashes or incorrect query results. Disclosure of server
    memory contents is also possible.

-------------------------------------------------------------------
Wed May 19 15:24:24 UTC 2021 - Reinhard Max <max@suse.com>

- bsc#1185952: llvm12 breaks PostgreSQL 11 and 12 on s390x.
  Use llvm11 as a workaround.

-------------------------------------------------------------------
Tue May 11 13:50:14 UTC 2021 - Reinhard Max <max@suse.com>

- Upgrade to version 13.3:
  * https://www.postgresql.org/docs/13/release-13-3.html
  * CVE-2021-32027, bsc#1185924:
    Prevent integer overflows in array subscripting calculations.
  * CVE-2021-32028, bsc#1185925: Fix mishandling of “junk”
    columns in INSERT ... ON CONFLICT ... UPDATE target lists.
  * CVE-2021-32029, bsc#1185926: Fix possibly-incorrect
    computation of UPDATE ... RETURNING
    "pg_psql_temporary_savepoint" does not exist”.

- Don't use %_stop_on_removal, because it was meant to be private
  and got removed from openSUSE. %_restart_on_update is also
  private, but still supported and needed for now (bsc#1183168).

-------------------------------------------------------------------
Mon Mar 15 19:29:39 UTC 2021 - Reinhard Max <max@suse.com>

- Re-enable build of the llvmjit subpackage on SLE, but it will
  only be delivered on PackageHub for now (boo#1183118).

-------------------------------------------------------------------
Tue Mar  9 13:52:19 UTC 2021 - Reinhard Max <max@suse.com>

- Remove leftover PreReq on chkconfig, we stopped using it long
  time ago.

-------------------------------------------------------------------
Fri Feb 19 15:30:08 UTC 2021 - Reinhard Max <max@suse.com>

- boo#1179945: Disable icu for PostgreSQL 10 (and older) on TW.

-------------------------------------------------------------------
Wed Feb 10 13:16:32 UTC 2021 - Reinhard Max <max@suse.com>

- Upgrade to version 13.2:
  * https://www.postgresql.org/docs/13/release-13-2.html
  * Updating stored views and reindexing might be needed after
    applying this update.
  * CVE-2021-3393, bsc#1182040: Fix information leakage in
    constraint-violation error messages.
  * CVE-2021-20229, bsc#1182039: Fix failure to check per-column
    SELECT privileges in some join queries.
  * Obsoletes postgresql-icu68.patch.

-------------------------------------------------------------------
Mon Dec 14 16:19:05 UTC 2020 - Callum Farmer <gmbr3@opensuse.org>

- Add postgresql-icu68.patch: fix build with ICU 68

-------------------------------------------------------------------
Fri Nov 20 11:51:37 UTC 2020 - Reinhard Max <max@suse.com>

- bsc#1178961: %ghost the symlinks to pg_config and ecpg.
- boo#1179765: BuildRequire libpq5 and libecpg6 when not building
  them to avoid dangling symlinks in the devel package.

-------------------------------------------------------------------
Wed Nov 11 11:36:01 UTC 2020 - Reinhard Max <max@suse.com>

- Upgrade to version 13.1:
  * CVE-2020-25695, bsc#1178666: Block DECLARE CURSOR ... WITH HOLD
    and firing of deferred triggers within index expressions and
    materialized view queries.
  * CVE-2020-25694, bsc#1178667:
    a) Fix usage of complex connection-string parameters in pg_dump,
    pg_restore, clusterdb, reindexdb, and vacuumdb.
    b) When psql's \connect command re-uses connection parameters,
    ensure that all non-overridden parameters from a previous
    connection string are re-used.
  * CVE-2020-25696, bsc#1178668: Prevent psql's \gset command from
    modifying specially-treated variables.
  * Fix recently-added timetz test case so it works when the USA
    is not observing daylight savings time.
    (obsoletes postgresql-timetz.patch)
  * https://www.postgresql.org/about/news/2111/
  * https://www.postgresql.org/docs/13/release-13-1.html

-------------------------------------------------------------------
Tue Nov  3 13:54:38 UTC 2020 - Reinhard Max <max@suse.com>

- Fix a DST problem in the test suite: postgresql-timetz.patch
  https://postgr.es/m/16689-57701daa23b377bf@postgresql.org

-------------------------------------------------------------------
Fri Sep 25 06:57:55 UTC 2020 - Reinhard Max <max@suse.com>

- Initial packaging of PostgreSQL 13:
  * https://www.postgresql.org/about/news/2077/
  * https://www.postgresql.org/docs/13/release-13.html
https://www.postgresql.org/about/news/postgresql-134-128-1113-1018-9623-and-14-beta-3-released-2277/ OBS-URL: https://build.opensuse.org/package/show/server:database:postgresql/postgresql13?expand=0&rev=26 2021-08-24 13:27:52 +00:00			`-------------------------------------------------------------------`
			`Tue Aug 24 12:45:53 UTC 2021 - Marcus Rueckert <mrueckert@suse.de>`

			`- Upgrade to version 13.4:`
			`https://www.postgresql.org/docs/13/release-13-4.html`
			`* CVE-2021-3677 (boo#1189748)`
			`The planner could create an incorrect plan in cases where two`
			`ProjectionPaths were stacked on top of each other. The only`
			`known way to trigger that situation involves parallel sort`
			`operations, but there may be other instances. The result would`
			`be crashes or incorrect query results. Disclosure of server`
			`memory contents is also possible.`

- bsc#1185952: llvm12 breaks PostgreSQL 11 and 12 on s390x. Use llvm11 as a workaround. OBS-URL: https://build.opensuse.org/package/show/server:database:postgresql/postgresql13?expand=0&rev=24 2021-05-19 16:13:51 +00:00			`-------------------------------------------------------------------`
			`Wed May 19 15:24:24 UTC 2021 - Reinhard Max <max@suse.com>`

			`- bsc#1185952: llvm12 breaks PostgreSQL 11 and 12 on s390x.`
			`Use llvm11 as a workaround.`

- Upgrade to version 13.3: * https://www.postgresql.org/docs/13/release-13-3.html * CVE-2021-32027, bsc#1185924: Prevent integer overflows in array subscripting calculations. * CVE-2021-32028, bsc#1185925: Fix mishandling of “junk” columns in INSERT ... ON CONFLICT ... UPDATE target lists. * CVE-2021-32029, bsc#1185926: Fix possibly-incorrect computation of UPDATE ... RETURNING "pg_psql_temporary_savepoint" does not exist”. - Don't use %_stop_on_removal, because it was meant to be private and got removed from openSUSE. %_restart_on_update is also private, but still supported and needed for now (bsc#1183168). OBS-URL: https://build.opensuse.org/package/show/server:database:postgresql/postgresql13?expand=0&rev=22 2021-05-14 11:51:10 +00:00			`-------------------------------------------------------------------`
			`Tue May 11 13:50:14 UTC 2021 - Reinhard Max <max@suse.com>`

			`- Upgrade to version 13.3:`
			`* https://www.postgresql.org/docs/13/release-13-3.html`
			`* CVE-2021-32027, bsc#1185924:`
			`Prevent integer overflows in array subscripting calculations.`
			`* CVE-2021-32028, bsc#1185925: Fix mishandling of “junk”`
			`columns in INSERT ... ON CONFLICT ... UPDATE target lists.`
			`* CVE-2021-32029, bsc#1185926: Fix possibly-incorrect`
			`computation of UPDATE ... RETURNING`
			`"pg_psql_temporary_savepoint" does not exist”.`

			`- Don't use %_stop_on_removal, because it was meant to be private`
			`and got removed from openSUSE. %_restart_on_update is also`
			`private, but still supported and needed for now (bsc#1183168).`

- Re-enable build of the llvmjit subpackage on SLE, but it will only be delivered on PackageHub for now. OBS-URL: https://build.opensuse.org/package/show/server:database:postgresql/postgresql13?expand=0&rev=19 2021-03-15 19:41:39 +00:00			`-------------------------------------------------------------------`
			`Mon Mar 15 19:29:39 UTC 2021 - Reinhard Max <max@suse.com>`

			`- Re-enable build of the llvmjit subpackage on SLE, but it will`
Add bug reference OBS-URL: https://build.opensuse.org/package/show/server:database:postgresql/postgresql13?expand=0&rev=20 2021-04-14 14:18:20 +00:00			`only be delivered on PackageHub for now (boo#1183118).`
- Re-enable build of the llvmjit subpackage on SLE, but it will only be delivered on PackageHub for now. OBS-URL: https://build.opensuse.org/package/show/server:database:postgresql/postgresql13?expand=0&rev=19 2021-03-15 19:41:39 +00:00
- Remove leftover PreReq on chkconfig, we stopped using it long time ago. OBS-URL: https://build.opensuse.org/package/show/server:database:postgresql/postgresql13?expand=0&rev=17 2021-03-09 14:19:40 +00:00			`-------------------------------------------------------------------`
			`Tue Mar 9 13:52:19 UTC 2021 - Reinhard Max <max@suse.com>`

			`- Remove leftover PreReq on chkconfig, we stopped using it long`
			`time ago.`

- boo#1179945: Disable icu for PostgreSQL 10 (and older) on TW. OBS-URL: https://build.opensuse.org/package/show/server:database:postgresql/postgresql13?expand=0&rev=15 2021-02-19 15:59:21 +00:00			`-------------------------------------------------------------------`
			`Fri Feb 19 15:30:08 UTC 2021 - Reinhard Max <max@suse.com>`

			`- boo#1179945: Disable icu for PostgreSQL 10 (and older) on TW.`

- Upgrade to version 13.2: * https://www.postgresql.org/docs/13/release-13-2.html * Updating stored views and reindexing might be needed after applying this update. * CVE-2021-3393, bsc#1182040: Fix information leakage in constraint-violation error messages. * CVE-2021-20229, bsc#1182039: Fix failure to check per-column SELECT privileges in some join queries. * Obsoletes postgresql-icu68.patch. OBS-URL: https://build.opensuse.org/package/show/server:database:postgresql/postgresql13?expand=0&rev=14 2021-02-12 19:15:05 +00:00			`-------------------------------------------------------------------`
			`Wed Feb 10 13:16:32 UTC 2021 - Reinhard Max <max@suse.com>`

			`- Upgrade to version 13.2:`
			`* https://www.postgresql.org/docs/13/release-13-2.html`
			`* Updating stored views and reindexing might be needed after`
			`applying this update.`
			`* CVE-2021-3393, bsc#1182040: Fix information leakage in`
			`constraint-violation error messages.`
			`* CVE-2021-20229, bsc#1182039: Fix failure to check per-column`
			`SELECT privileges in some join queries.`
			`* Obsoletes postgresql-icu68.patch.`

Accepting request 855793 from home:gmbr3:StagingI - Add icu-68.patch: fix build with ICU 68 OBS-URL: https://build.opensuse.org/request/show/855793 OBS-URL: https://build.opensuse.org/package/show/server:database:postgresql/postgresql13?expand=0&rev=11 2021-01-07 10:23:15 +00:00			`-------------------------------------------------------------------`
			`Mon Dec 14 16:19:05 UTC 2020 - Callum Farmer <gmbr3@opensuse.org>`

Accepting request 861005 from home:gmbr3:branches:server:database:postgresql Correct OBS-URL: https://build.opensuse.org/request/show/861005 OBS-URL: https://build.opensuse.org/package/show/server:database:postgresql/postgresql13?expand=0&rev=12 2021-01-07 11:10:14 +00:00			`- Add postgresql-icu68.patch: fix build with ICU 68`
Accepting request 855793 from home:gmbr3:StagingI - Add icu-68.patch: fix build with ICU 68 OBS-URL: https://build.opensuse.org/request/show/855793 OBS-URL: https://build.opensuse.org/package/show/server:database:postgresql/postgresql13?expand=0&rev=11 2021-01-07 10:23:15 +00:00
- bsc#1178961: %ghost the symlinks to pg_config and ecpg. OBS-URL: https://build.opensuse.org/package/show/server:database:postgresql/postgresql13?expand=0&rev=7 2020-11-20 10:52:37 +00:00			`-------------------------------------------------------------------`
- BuildRequire libpq5 and libecpg6 when not building them to avoid dangling symlinks in the devel package. OBS-URL: https://build.opensuse.org/package/show/server:database:postgresql/postgresql13?expand=0&rev=8 2020-11-20 11:53:36 +00:00			`Fri Nov 20 11:51:37 UTC 2020 - Reinhard Max <max@suse.com>`
- bsc#1178961: %ghost the symlinks to pg_config and ecpg. OBS-URL: https://build.opensuse.org/package/show/server:database:postgresql/postgresql13?expand=0&rev=7 2020-11-20 10:52:37 +00:00
			`- bsc#1178961: %ghost the symlinks to pg_config and ecpg.`
OBS-URL: https://build.opensuse.org/package/show/server:database:postgresql/postgresql13?expand=0&rev=9 2020-12-08 16:13:10 +00:00			`- boo#1179765: BuildRequire libpq5 and libecpg6 when not building`
			`them to avoid dangling symlinks in the devel package.`
- bsc#1178961: %ghost the symlinks to pg_config and ecpg. OBS-URL: https://build.opensuse.org/package/show/server:database:postgresql/postgresql13?expand=0&rev=7 2020-11-20 10:52:37 +00:00
- Upgrade to version 13.1: * CVE-2020-25695, bsc#1178666: Block DECLARE CURSOR ... WITH HOLD and firing of deferred triggers within index expressions and materialized view queries. * CVE-2020-25694, bsc#1178667: a) Fix usage of complex connection-string parameters in pg_dump, pg_restore, clusterdb, reindexdb, and vacuumdb. b) When psql's \connect command re-uses connection parameters, ensure that all non-overridden parameters from a previous connection string are re-used. * CVE-2020-25696, bsc#1178668: Prevent psql's \gset command from modifying specially-treated variables. * Fix recently-added timetz test case so it works when the USA is not observing daylight savings time. (obsoletes postgresql-timetz.patch) * https://www.postgresql.org/about/news/2111/ * https://www.postgresql.org/docs/13/release-13-1.html OBS-URL: https://build.opensuse.org/package/show/server:database:postgresql/postgresql13?expand=0&rev=5 2020-11-12 14:28:15 +00:00			`-------------------------------------------------------------------`
			`Wed Nov 11 11:36:01 UTC 2020 - Reinhard Max <max@suse.com>`

			`- Upgrade to version 13.1:`
			`* CVE-2020-25695, bsc#1178666: Block DECLARE CURSOR ... WITH HOLD`
			`and firing of deferred triggers within index expressions and`
			`materialized view queries.`
			`* CVE-2020-25694, bsc#1178667:`
			`a) Fix usage of complex connection-string parameters in pg_dump,`
			`pg_restore, clusterdb, reindexdb, and vacuumdb.`
			`b) When psql's \connect command re-uses connection parameters,`
			`ensure that all non-overridden parameters from a previous`
			`connection string are re-used.`
			`* CVE-2020-25696, bsc#1178668: Prevent psql's \gset command from`
			`modifying specially-treated variables.`
			`* Fix recently-added timetz test case so it works when the USA`
			`is not observing daylight savings time.`
			`(obsoletes postgresql-timetz.patch)`
			`* https://www.postgresql.org/about/news/2111/`
			`* https://www.postgresql.org/docs/13/release-13-1.html`

- Fix a DST problem in the test suite: postgresql-timetz.patch https://postgr.es/m/16689-57701daa23b377bf@postgresql.org OBS-URL: https://build.opensuse.org/package/show/server:database:postgresql/postgresql13?expand=0&rev=3 2020-11-03 14:10:14 +00:00			`-------------------------------------------------------------------`
			`Tue Nov 3 13:54:38 UTC 2020 - Reinhard Max <max@suse.com>`

			`- Fix a DST problem in the test suite: postgresql-timetz.patch`
			`https://postgr.es/m/16689-57701daa23b377bf@postgresql.org`

- Initial packaging of PostgreSQL 13: * https://www.postgresql.org/about/news/2077/ * https://www.postgresql.org/docs/13/release-13.html OBS-URL: https://build.opensuse.org/package/show/server:database:postgresql/postgresql13?expand=0&rev=1 2020-09-25 07:12:04 +00:00			`-------------------------------------------------------------------`
			`Fri Sep 25 06:57:55 UTC 2020 - Reinhard Max <max@suse.com>`

			`- Initial packaging of PostgreSQL 13:`
			`* https://www.postgresql.org/about/news/2077/`
			`* https://www.postgresql.org/docs/13/release-13.html`