forked from pool/postgresql14
		
	* bsc#1224038, CVE-2024-4317: Restrict visibility of pg_stats_ext
    and pg_stats_ext_exprs entries to the table owner. See the
    release notes for the steps that have to be taken to fix
    existing PostgreSQL instances.
  * Fix incompatibility with LLVM 18.
  * https://www.postgresql.org/docs/release/14.12/
- Prepare for PostgreSQL 17.
- Make sure all compilation and doc generation happens in %build.
OBS-URL: https://build.opensuse.org/package/show/server:database:postgresql/postgresql14?expand=0&rev=69
		
	
		
			
				
	
	
		
			391 lines
		
	
	
		
			16 KiB
		
	
	
	
		
			Plaintext
		
	
	
	
	
	
			
		
		
	
	
			391 lines
		
	
	
		
			16 KiB
		
	
	
	
		
			Plaintext
		
	
	
	
	
	
| -------------------------------------------------------------------
 | |
| Wed May  8 12:07:46 UTC 2024 - Reinhard Max <max@suse.com>
 | |
| 
 | |
| - Upgrade to 14.12 (bsc#1224051):
 | |
|   * bsc#1224038, CVE-2024-4317: Restrict visibility of pg_stats_ext
 | |
|     and pg_stats_ext_exprs entries to the table owner. See the
 | |
|     release notes for the steps that have to be taken to fix
 | |
|     existing PostgreSQL instances.
 | |
|   * Fix incompatibility with LLVM 18.
 | |
|   * https://www.postgresql.org/docs/release/14.12/
 | |
| - Prepare for PostgreSQL 17.
 | |
| - Make sure all compilation and doc generation happens in %build.
 | |
| 
 | |
| -------------------------------------------------------------------
 | |
| Wed May  1 15:24:39 UTC 2024 - Aaron Puchert <aaronpuchert@alice-dsl.net>
 | |
| 
 | |
| - Require LLVM <= 17 for now, because LLVM 18 doesn't seem to work.
 | |
| 
 | |
| -------------------------------------------------------------------
 | |
| Thu Mar  7 15:04:40 UTC 2024 - Sarah Kriesch <sarah.kriesch@opensuse.org>
 | |
| 
 | |
| - Remove constraints file because improved memory usage for s390x
 | |
| 
 | |
| -------------------------------------------------------------------
 | |
| Thu Feb 29 14:37:37 UTC 2024 - Dominique Leuenberger <dimstar@opensuse.org>
 | |
| 
 | |
| - Use %patch -P N instead of deprecated %patchN.
 | |
| 
 | |
| -------------------------------------------------------------------
 | |
| Thu Feb  8 14:10:04 UTC 2024 - Reinhard Max <max@suse.com>
 | |
| 
 | |
| - Upgrade to 14.11:
 | |
|   * bsc#1219679, CVE-2024-0985: Tighten security restrictions
 | |
|     within REFRESH MATERIALIZED VIEW CONCURRENTLY.
 | |
|     One step of a concurrent refresh command was run under weak
 | |
|     security restrictions. If a materialized view's owner could
 | |
|     persuade a superuser or other high-privileged user to perform a
 | |
|     concurrent refresh on that view, the view's owner could control
 | |
|     code executed with the privileges of the user running REFRESH.
 | |
|     Fix things so that all user-determined code is run as the
 | |
|     view's owner, as expected
 | |
|   * If you use GIN indexes, you may need to reindex after updating
 | |
|     to this release.
 | |
|   * LLVM 18 is now supported.
 | |
|   * https://www.postgresql.org/docs/release/14.11/
 | |
| 
 | |
| -------------------------------------------------------------------
 | |
| Wed Nov  8 14:32:26 UTC 2023 - Reinhard Max <max@suse.com>
 | |
| 
 | |
| - Update to 14.10:
 | |
|   * bsc#1216962, CVE-2023-5868: Fix handling of unknown-type
 | |
|     arguments in DISTINCT "any" aggregate functions. This error led
 | |
|     to a text-type value being interpreted as an unknown-type value
 | |
|     (that is, a zero-terminated string) at runtime. This could
 | |
|     result in disclosure of server memory following the text value.
 | |
|   * bsc#1216961, CVE-2023-5869: Detect integer overflow while
 | |
|     computing new array dimensions. When assigning new elements to
 | |
|     array subscripts that are outside the current array bounds, an
 | |
|     undetected integer overflow could occur in edge cases. Memory
 | |
|     stomps that are potentially exploitable for arbitrary code
 | |
|     execution are possible, and so is disclosure of server memory.
 | |
|   * bsc#1216960, CVE-2023-5870: Prevent the pg_signal_backend role
 | |
|     from signalling background workers and autovacuum processes.
 | |
|     The documentation says that pg_signal_backend cannot issue
 | |
|     signals to superuser-owned processes. It was able to signal
 | |
|     these background  processes, though, because they advertise a
 | |
|     role OID of zero. Treat that as indicating superuser ownership.
 | |
|     The security implications of cancelling one of these process
 | |
|     types are fairly small so far as the core code goes (we'll just
 | |
|     start another one), but extensions might add background workers
 | |
|     that are more vulnerable.
 | |
|     Also ensure that the is_superuser parameter is set correctly in
 | |
|     such processes. No specific security consequences are known for
 | |
|     that oversight, but it might be significant for some extensions.
 | |
|   * Add support for LLVM 16 and 17
 | |
|   * https://www.postgresql.org/docs/14/release-14-10.html
 | |
| 
 | |
| -------------------------------------------------------------------
 | |
| Tue Oct 31 10:57:13 UTC 2023 - Reinhard Max <max@suse.com>
 | |
| 
 | |
| - boo#1216734: Revert the last change and make the devel package
 | |
|   independend of all other subpackages except for the libs.
 | |
| 
 | |
| -------------------------------------------------------------------
 | |
| Tue Oct 10 12:49:02 UTC 2023 - Reinhard Max <max@suse.com>
 | |
| 
 | |
| - boo#1216022: Call install-alternatives from the devel subpackage
 | |
|   as well, otherwise the symlink for ecpg might be missing.
 | |
| 
 | |
| -------------------------------------------------------------------
 | |
| Mon Sep 18 15:24:14 UTC 2023 - Dominique Leuenberger <dimstar@opensuse.org>
 | |
| 
 | |
| - Also buildignore the postgresql*-implementation symbols: this is
 | |
|   needed in order to bootstrap when no postgresql version currently
 | |
|   has valid symbols provided. Once the packages are built, OBS
 | |
|   could translate this to the pgname-* packages and accept the
 | |
|   ignores; during bootstrap though, there is nothing providing the
 | |
|   symbol and the existing buildignores do not suffice.
 | |
| 
 | |
| -------------------------------------------------------------------
 | |
| Wed Aug  9 09:42:33 UTC 2023 - Reinhard Max <max@suse.com>
 | |
| 
 | |
| - Update to 14.9:
 | |
|   * bsc#1214059, CVE-2023-39417: Disallow substituting a schema or
 | |
|     owner name into an extension script if the name contains a
 | |
|     quote, backslash, or dollar sign.
 | |
|   * https://www.postgresql.org/docs/14/release-14-9.html
 | |
| 
 | |
| -------------------------------------------------------------------
 | |
| Fri May 26 11:48:38 UTC 2023 - Reinhard Max <max@suse.com>
 | |
| 
 | |
| - Restore the independence of mini builds from the main build after
 | |
|   the -mini name change from April 4, 2023.
 | |
| - Adjust icu handling to prepare for PostgreSQL 16.
 | |
| 
 | |
| -------------------------------------------------------------------
 | |
| Mon May 15 14:21:03 UTC 2023 - Reinhard Max <max@suse.com>
 | |
| 
 | |
| - Overhaul postgresql-README.SUSE and move it from the binary
 | |
|   package to the noarch wrapper package.
 | |
| - Change the unix domain socket location from /var/run to /run.
 | |
| 
 | |
| -------------------------------------------------------------------
 | |
| Wed May 10 12:58:22 UTC 2023 - Reinhard Max <max@suse.com>
 | |
| 
 | |
| - Update to 14.8:
 | |
|   * bsc#1211228, CVE-2023-2454:
 | |
|     Prevent CREATE SCHEMA from defeating changes in search_path
 | |
|   * bsc#1211229, CVE-2023-2455: Enforce row-level security
 | |
|     policies correctly after inlining a set-returning function
 | |
|   * https://www.postgresql.org/about/news/2637/
 | |
|   * https://www.postgresql.org/docs/14/release-14-8.html
 | |
| 
 | |
| -------------------------------------------------------------------
 | |
| Tue Apr 18 09:05:09 UTC 2023 - Reinhard Max <max@suse.com>
 | |
| 
 | |
| - bsc#1210303: Stop using the obsolete internal %_restart_on_update
 | |
|   macro and drop support for sysv init to simplify the scriptlets.
 | |
| 
 | |
| -------------------------------------------------------------------
 | |
| Tue Apr  4 10:57:41 UTC 2023 - Fabian Vogt <fvogt@suse.com>
 | |
| 
 | |
| - Include -mini in Name: to avoid conflicts in the source package
 | |
|   name and OBS internal dependency tracking.
 | |
| 
 | |
| -------------------------------------------------------------------
 | |
| Thu Feb  9 12:00:06 UTC 2023 - Reinhard Max <max@suse.com>
 | |
| 
 | |
| - Update to 14.7:
 | |
|   * CVE-2022-41862, bsc#1208102: memory leak in libpq
 | |
|   * https://www.postgresql.org/about/news/2592/
 | |
|   * https://www.postgresql.org/docs/14/release-14-7.html
 | |
| - Bump latest_supported_llvm_ver to 15.
 | |
| 
 | |
| -------------------------------------------------------------------
 | |
| Thu Nov 10 16:26:12 UTC 2022 - Reinhard Max <max@suse.com>
 | |
| 
 | |
| - bsc#1205300: Update to 14.6:
 | |
|   * https://www.postgresql.org/about/news/2543/
 | |
|   * https://www.postgresql.org/docs/14/release-14-6.html
 | |
| - Sync spec file with postgresql15.
 | |
| 
 | |
| -------------------------------------------------------------------
 | |
| Thu Sep 22 21:26:36 UTC 2022 - Aaron Puchert <aaronpuchert@alice-dsl.net>
 | |
| 
 | |
| - Create mechanism to specify the latest supported LLVM version.
 | |
|   Automatically pin to that version if the distribution has a newer
 | |
|   unsupported default version.
 | |
| 
 | |
| -------------------------------------------------------------------
 | |
| Tue Sep 13 12:32:36 UTC 2022 - Reinhard Max <max@suse.com>
 | |
| 
 | |
| - Sync spec file with postgresql15.
 | |
| 
 | |
| -------------------------------------------------------------------
 | |
| Mon Sep 12 07:52:42 UTC 2022 - Andreas Schwab <schwab@suse.de>
 | |
| 
 | |
| - Disable LLVM JIT on riscv64
 | |
| 
 | |
| -------------------------------------------------------------------
 | |
| Fri Aug 12 11:24:35 UTC 2022 - Reinhard Max <max@suse.com>
 | |
| 
 | |
| -  Update to 14.5:
 | |
|   * bsc#1202368, CVE-2022-2625: Extension scripts replace objects
 | |
|     not belonging to the extension.
 | |
|   * https://www.postgresql.org/docs/release/14.5/
 | |
| 
 | |
| -------------------------------------------------------------------
 | |
| Fri Jun 17 06:32:15 UTC 2022 - Reinhard Max <max@suse.com>
 | |
| 
 | |
| - bsc#1200437: Upgrade to 14.4:
 | |
|   * Prevent possible corruption of indexes created or rebuilt with 
 | |
|     the CONCURRENTLY option.
 | |
|   * https://www.postgresql.org/docs/release/14.4/
 | |
|   * https://www.postgresql.org/about/news/p-2470/
 | |
| 
 | |
| -------------------------------------------------------------------
 | |
| Thu May 12 10:33:20 UTC 2022 - Reinhard Max <max@suse.com>
 | |
| 
 | |
| - Upgrade to 14.3:
 | |
|   * bsc#1199475, CVE-2022-1552: Confine additional operations
 | |
|     within "security restricted operation" sandboxes.
 | |
|   * https://www.postgresql.org/docs/14/release-14-3.html
 | |
| 
 | |
| -------------------------------------------------------------------
 | |
| Wed Apr 13 12:17:48 UTC 2022 - Reinhard Max <max@suse.com>
 | |
| 
 | |
| - bsc#1198166: Pin to llvm13 until the next patchlevel update.
 | |
| 
 | |
| -------------------------------------------------------------------
 | |
| Tue Feb  8 14:01:56 UTC 2022 - Reinhard Max <max@suse.com>
 | |
| 
 | |
| - bsc#1195680: Upgrade to 14.2:
 | |
|   * https://www.postgresql.org/docs/14/release-14-2.html
 | |
|   * Reindexing might be needed after applying this upgrade, so
 | |
|     please read the release notes carefully.
 | |
| 
 | |
| -------------------------------------------------------------------
 | |
| Sat Dec 11 17:27:53 UTC 2021 - Sarah Kriesch <ada.lovelace@gmx.de>
 | |
| 
 | |
| - boo#1190740: Add constraints file with 12GB of memory for s390x
 | |
|   as a workaround
 | |
| 
 | |
| -------------------------------------------------------------------
 | |
| Thu Nov 25 11:02:15 UTC 2021 - Reinhard Max <max@suse.com>
 | |
| 
 | |
| - Add a llvmjit-devel subpackage to pull in the right versions
 | |
|   of clang and llvm for building extensions.
 | |
| - Fix some mistakes in the interdependencies between the
 | |
|   implementation packages and their noarch counterpart.
 | |
| - Update the BuildIgnore section.
 | |
| 
 | |
| -------------------------------------------------------------------
 | |
| Wed Nov 10 16:56:57 UTC 2021 - Reinhard Max <max@suse.com>
 | |
| 
 | |
| - bsc#1192516: Upgrade to 14.1
 | |
|   * Make the server reject extraneous data after an SSL or GSS
 | |
|     encryption handshake (CVE-2021-23214).
 | |
|   * Make libpq reject extraneous data after an SSL or GSS
 | |
|     encryption handshake (CVE-2021-23222).
 | |
|   * https://www.postgresql.org/docs/14/release-14-1.html
 | |
| 
 | |
| -------------------------------------------------------------------
 | |
| Wed Oct 20 15:21:53 UTC 2021 - Reinhard Max <max@suse.com>
 | |
| 
 | |
| - boo#1191782: Let rpmlint ignore shlib-policy-name-error.
 | |
| 
 | |
| -------------------------------------------------------------------
 | |
| Tue Oct  5 11:34:50 UTC 2021 - Reinhard Max <max@suse.com>
 | |
| 
 | |
| - Remove postgresql-testsuite-int8.sql.patch, because its purpose
 | |
|   is unclear. This affects only the test subpackage.
 | |
| 
 | |
| -------------------------------------------------------------------
 | |
| Thu Sep 30 17:28:37 UTC 2021 - Marcus Rueckert <mrueckert@suse.de>
 | |
| 
 | |
| - Upgrade to 14.0
 | |
|   https://www.postgresql.org/about/news/postgresql-14-released-2318/
 | |
|   https://www.postgresql.org/docs/14/release-14.html
 | |
| 
 | |
| -------------------------------------------------------------------
 | |
| Mon Sep 27 14:04:01 UTC 2021 - Reinhard Max <max@suse.com>
 | |
| 
 | |
| - Let genlists skip non-existing binaries to avoid lots of version
 | |
|   conditionals in the file lists.
 | |
| 
 | |
| -------------------------------------------------------------------
 | |
| Sat Sep 25 00:34:52 UTC 2021 - Marcus Rueckert <mrueckert@suse.de>
 | |
| 
 | |
| - Upgrade to 14~rc1
 | |
|   https://www.postgresql.org/about/news/postgresql-14-rc-1-released-2309/
 | |
|   https://www.postgresql.org/docs/14/release-14.html
 | |
|   https://wiki.postgresql.org/wiki/PostgreSQL_14_Open_Items
 | |
| 
 | |
| -------------------------------------------------------------------
 | |
| Fri Jun 25 01:45:20 UTC 2021 - Marcus Rueckert <mrueckert@suse.de>
 | |
| 
 | |
| - Upgrade to 14~beta2
 | |
|   https://www.postgresql.org/about/news/postgresql-14-beta-2-released-2249/
 | |
|   https://www.postgresql.org/docs/14/release-14.html
 | |
|   https://wiki.postgresql.org/wiki/PostgreSQL_14_Open_Items
 | |
| 
 | |
| -------------------------------------------------------------------
 | |
| Fri May 21 22:48:32 UTC 2021 - Marcus Rueckert <mrueckert@suse.de>
 | |
| 
 | |
| - Upgrade to 14~beta1
 | |
|   https://www.postgresql.org/about/news/postgresql-14-beta-1-released-2213/
 | |
|   https://www.postgresql.org/docs/14/release-14.html
 | |
|   https://wiki.postgresql.org/wiki/PostgreSQL_14_Open_Items
 | |
| - disable postgresql-testsuite-int8.sql.patch:
 | |
|   it seems it is not needed anymore, need to be double checked.
 | |
| 
 | |
| -------------------------------------------------------------------
 | |
| Wed May 19 15:24:24 UTC 2021 - Reinhard Max <max@suse.com>
 | |
| 
 | |
| - bsc#1185952: llvm12 breaks PostgreSQL 11 and 12 on s390x.
 | |
|   Use llvm11 as a workaround.
 | |
| 
 | |
| -------------------------------------------------------------------
 | |
| Tue May 11 13:50:14 UTC 2021 - Reinhard Max <max@suse.com>
 | |
| 
 | |
| - Upgrade to version 13.3:
 | |
|   * https://www.postgresql.org/docs/13/release-13-3.html
 | |
|   * CVE-2021-32027, bsc#1185924:
 | |
|     Prevent integer overflows in array subscripting calculations.
 | |
|   * CVE-2021-32028, bsc#1185925: Fix mishandling of “junk”
 | |
|     columns in INSERT ... ON CONFLICT ... UPDATE target lists.
 | |
|   * CVE-2021-32029, bsc#1185926: Fix possibly-incorrect
 | |
|     computation of UPDATE ... RETURNING
 | |
|     "pg_psql_temporary_savepoint" does not exist”.
 | |
| 
 | |
| - Don't use %_stop_on_removal, because it was meant to be private
 | |
|   and got removed from openSUSE. %_restart_on_update is also
 | |
|   private, but still supported and needed for now (bsc#1183168).
 | |
| 
 | |
| -------------------------------------------------------------------
 | |
| Mon Mar 15 19:29:39 UTC 2021 - Reinhard Max <max@suse.com>
 | |
| 
 | |
| - Re-enable build of the llvmjit subpackage on SLE, but it will
 | |
|   only be delivered on PackageHub for now (boo#1183118).
 | |
| 
 | |
| -------------------------------------------------------------------
 | |
| Tue Mar  9 13:52:19 UTC 2021 - Reinhard Max <max@suse.com>
 | |
| 
 | |
| - Remove leftover PreReq on chkconfig, we stopped using it long
 | |
|   time ago.
 | |
| 
 | |
| -------------------------------------------------------------------
 | |
| Fri Feb 19 15:30:08 UTC 2021 - Reinhard Max <max@suse.com>
 | |
| 
 | |
| - boo#1179945: Disable icu for PostgreSQL 10 (and older) on TW.
 | |
| 
 | |
| -------------------------------------------------------------------
 | |
| Wed Feb 10 13:16:32 UTC 2021 - Reinhard Max <max@suse.com>
 | |
| 
 | |
| - Upgrade to version 13.2:
 | |
|   * https://www.postgresql.org/docs/13/release-13-2.html
 | |
|   * Updating stored views and reindexing might be needed after
 | |
|     applying this update.
 | |
|   * CVE-2021-3393, bsc#1182040: Fix information leakage in
 | |
|     constraint-violation error messages.
 | |
|   * CVE-2021-20229, bsc#1182039: Fix failure to check per-column
 | |
|     SELECT privileges in some join queries.
 | |
|   * Obsoletes postgresql-icu68.patch.
 | |
| 
 | |
| -------------------------------------------------------------------
 | |
| Mon Dec 14 16:19:05 UTC 2020 - Callum Farmer <gmbr3@opensuse.org>
 | |
| 
 | |
| - Add postgresql-icu68.patch: fix build with ICU 68
 | |
| 
 | |
| -------------------------------------------------------------------
 | |
| Fri Nov 20 11:51:37 UTC 2020 - Reinhard Max <max@suse.com>
 | |
| 
 | |
| - bsc#1178961: %ghost the symlinks to pg_config and ecpg.
 | |
| - boo#1179765: BuildRequire libpq5 and libecpg6 when not building
 | |
|   them to avoid dangling symlinks in the devel package.
 | |
| 
 | |
| -------------------------------------------------------------------
 | |
| Wed Nov 11 11:36:01 UTC 2020 - Reinhard Max <max@suse.com>
 | |
| 
 | |
| - Upgrade to version 13.1:
 | |
|   * CVE-2020-25695, bsc#1178666: Block DECLARE CURSOR ... WITH HOLD
 | |
|     and firing of deferred triggers within index expressions and
 | |
|     materialized view queries.
 | |
|   * CVE-2020-25694, bsc#1178667:
 | |
|     a) Fix usage of complex connection-string parameters in pg_dump,
 | |
|     pg_restore, clusterdb, reindexdb, and vacuumdb.
 | |
|     b) When psql's \connect command re-uses connection parameters,
 | |
|     ensure that all non-overridden parameters from a previous
 | |
|     connection string are re-used.
 | |
|   * CVE-2020-25696, bsc#1178668: Prevent psql's \gset command from
 | |
|     modifying specially-treated variables.
 | |
|   * Fix recently-added timetz test case so it works when the USA
 | |
|     is not observing daylight savings time.
 | |
|     (obsoletes postgresql-timetz.patch)
 | |
|   * https://www.postgresql.org/about/news/2111/
 | |
|   * https://www.postgresql.org/docs/13/release-13-1.html
 | |
| 
 | |
| -------------------------------------------------------------------
 | |
| Tue Nov  3 13:54:38 UTC 2020 - Reinhard Max <max@suse.com>
 | |
| 
 | |
| - Fix a DST problem in the test suite: postgresql-timetz.patch
 | |
|   https://postgr.es/m/16689-57701daa23b377bf@postgresql.org
 | |
| 
 | |
| -------------------------------------------------------------------
 | |
| Fri Sep 25 06:57:55 UTC 2020 - Reinhard Max <max@suse.com>
 | |
| 
 | |
| - Initial packaging of PostgreSQL 13:
 | |
|   * https://www.postgresql.org/about/news/2077/
 | |
|   * https://www.postgresql.org/docs/13/release-13.html
 |