Script 'mail_helper' called by obssrc Hello community, here is the log from the commit of package postgresql14 for openSUSE:Factory checked in at 2025-08-15 21:52:19 ++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++ Comparing /work/SRC/openSUSE:Factory/postgresql14 (Old) and /work/SRC/openSUSE:Factory/.postgresql14.new.1085 (New) ++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++
Package is "postgresql14" Fri Aug 15 21:52:19 2025 rev:26 rq:1299469 version:14.19 Changes: -------- --- /work/SRC/openSUSE:Factory/postgresql14/postgresql14.changes 2025-05-20 09:37:22.519479872 +0200 +++ /work/SRC/openSUSE:Factory/.postgresql14.new.1085/postgresql14.changes 2025-08-15 21:53:46.488397157 +0200 @@ -1,0 +2,17 @@ +Thu Aug 14 19:53:41 UTC 2025 - Marcus Rueckert <mrueck...@suse.de> + +- Upgrade to 14.19: + * https://www.postgresql.org/about/news/postgresql-176-1610-1514-1419-1322-and-18-beta-3-released-3118/ + * https://www.postgresql.org/docs/release/14.19/ + + Security Issues + * CVE-2025-8713: PostgreSQL optimizer statistics can expose + sampled data within a view, partition, or child table + (boo#1248120) + * CVE-2025-8714: PostgreSQL pg_dump lets superuser of origin + server execute arbitrary code in psql client (boo#1248122) + * CVE-2025-8715: PostgreSQL pg_dump newline in object name + executes arbitrary code in psql client and in restore target + server (boo#1248119) + +------------------------------------------------------------------- Old: ---- postgresql-14.18.tar.bz2 postgresql-14.18.tar.bz2.sha256 New: ---- postgresql-14.19.tar.bz2 postgresql-14.19.tar.bz2.sha256 ++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++ Other differences: ------------------ ++++++ postgresql14.spec ++++++ --- /var/tmp/diff_new_pack.dr25uL/_old 2025-08-15 21:53:47.308431257 +0200 +++ /var/tmp/diff_new_pack.dr25uL/_new 2025-08-15 21:53:47.308431257 +0200 @@ -1,7 +1,7 @@ # # spec file for package postgresql14 # -# Copyright (c) 2025 SUSE LLC +# Copyright (c) 2025 SUSE LLC and contributors # # All modifications and additions to the file contributed by third parties # remain the property of their copyright owners, unless otherwise agreed @@ -16,7 +16,7 @@ # -%define pgversion 14.18 +%define pgversion 14.19 %define pgmajor 14 %define buildlibs 0 %define tarversion %{pgversion} ++++++ postgresql-14.18.tar.bz2 -> postgresql-14.19.tar.bz2 ++++++ /work/SRC/openSUSE:Factory/postgresql14/postgresql-14.18.tar.bz2 /work/SRC/openSUSE:Factory/.postgresql14.new.1085/postgresql-14.19.tar.bz2 differ: char 11, line 1 ++++++ postgresql-14.18.tar.bz2.sha256 -> postgresql-14.19.tar.bz2.sha256 ++++++ --- /work/SRC/openSUSE:Factory/postgresql14/postgresql-14.18.tar.bz2.sha256 2025-05-20 09:37:22.359472889 +0200 +++ /work/SRC/openSUSE:Factory/.postgresql14.new.1085/postgresql-14.19.tar.bz2.sha256 2025-08-15 21:53:46.480396825 +0200 @@ -1 +1 @@ -83ab29d6bfc3dc58b2ed3c664114fdfbeb6a0450c4b8d7fa69aee91e3ca14f8e postgresql-14.18.tar.bz2 +727e9e334bc1a31940df808259f69fe47a59f6d42174b22ae62d67fe7a01ad80 postgresql-14.19.tar.bz2
