Revisions of postgresql15
- Upgrade to 15.7 (bsc#1224051): * bsc#1224038, CVE-2024-4317: Restrict visibility of pg_stats_ext and pg_stats_ext_exprs entries to the table owner. See the release notes for the steps that have to be taken to fix existing PostgreSQL instances. * Fix incompatibility with LLVM 18. * https://www.postgresql.org/docs/release/15.7/ - Prepare for PostgreSQL 17. - Make sure all compilation and doc generation happens in %build. - Require LLVM <= 17 for now, because LLVM 18 doesn't seem to work. - Remove constraints file because improved memory usage for s390x
- Upgrade to 15.6: * bsc#1219679, CVE-2024-0985: Tighten security restrictions within REFRESH MATERIALIZED VIEW CONCURRENTLY. One step of a concurrent refresh command was run under weak security restrictions. If a materialized view's owner could persuade a superuser or other high-privileged user to perform a concurrent refresh on that view, the view's owner could control code executed with the privileges of the user running REFRESH. Fix things so that all user-determined code is run as the view's owner, as expected * If you use GIN indexes, you may need to reindex after updating to this release. * LLVM 18 is now supported. * https://www.postgresql.org/docs/release/15.6/
November 2023 Security Updates
Revert last change and make the devel package independend
- boo#1216022: Call install-alternatives from the devel subpackage as well, otherwise the symlink for ecpg might be missing. - Also buildignore the postgresql*-implementation symbols: this is needed in order to bootstrap when no postgresql version currently has valid symbols provided. Once the packages are built, OBS could translate this to the pgname-* packages and accept the ignores; during bootstrap though, there is nothing providing the symbol and the existing buildignores do not suffice.
- The libs and mini package are now provided by postgresql16.
Restore _multibuild - Update to 15.4: * bsc#1214059, CVE-2023-39417: Disallow substituting a schema or owner name into an extension script if the name contains a quote, backslash, or dollar sign. * bsc#1214061, CVE-2023-39418: Fix MERGE to enforce row security policies properly. * https://www.postgresql.org/docs/15/release-15-4.html - Restore the independence of mini builds from the main build after the -mini name change from April 4, 2023. - Adjust icu handling to prepare for PostgreSQL 16. - Overhaul postgresql-README.SUSE and move it from the binary package to the noarch wrapper package. - Change the unix domain socket location from /var/run to /run.
- Update to 15.3: * bsc#1211228, CVE-2023-2454: Prevent CREATE SCHEMA from defeating changes in search_path * bsc#1211229, CVE-2023-2455: Enforce row-level security policies correctly after inlining a set-returning function * https://www.postgresql.org/about/news/2637/ * https://www.postgresql.org/docs/15/release-15-3.html
- bsc#1210303: Stop using the obsolete internal %_restart_on_update macro and drop support for sysv init to simplify the scriptlets.
- Update to 15.2: * CVE-2022-41862, bsc#1208102: memory leak in libpq * https://www.postgresql.org/about/news/2592/ * https://www.postgresql.org/docs/15/release-15-2.html - Bump latest_supported_llvm_ver to 15.
- Update to 15.1: * https://www.postgresql.org/about/news/2543/ * https://www.postgresql.org/docs/15/release-15-1.html
- Update to 15.0: * https://www.postgresql.org/about/news/p-2526/ * https://www.postgresql.org/docs/15/release-15.html - Move pg_upgrade from *-contrib to *-server. - Drop support for the 9.x versioning scheme.
- Update to 15~rc2 * https://www.postgresql.org/about/news/p-2521/ * Reverting the "optimized order of GROUP BY keys" feature.
Displaying all 16 revisions