Script 'mail_helper' called by obssrc Hello community, here is the log from the commit of package postgresql14 for openSUSE:Factory checked in at 2026-05-18 17:49:08 ++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++ Comparing /work/SRC/openSUSE:Factory/postgresql14 (Old) and /work/SRC/openSUSE:Factory/.postgresql14.new.1966 (New) ++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++
Package is "postgresql14" Mon May 18 17:49:08 2026 rev:33 rq:1353815 version:14.23 Changes: -------- --- /work/SRC/openSUSE:Factory/postgresql14/postgresql14.changes 2026-05-05 15:17:58.385554623 +0200 +++ /work/SRC/openSUSE:Factory/.postgresql14.new.1966/postgresql14.changes 2026-05-18 17:50:16.369896167 +0200 @@ -1,0 +2,22 @@ +Wed May 13 08:32:45 UTC 2026 - Reinhard Max <[email protected]> + +- Update to version 14.23: + * bsc#1265172, CVE-2026-6472: ensure the user has CREATE + privilege on the schema specified + * bsc#1265173, CVE-2026-6473: integer overflows in + memory-allocation calculations + * bsc#1265174, CVE-2026-6474: Guard against malicious time zone + names + * bsc#1265175, CVE-2026-6475: Prevent path traversal in + pg_basebackup and pg_rewind + * bsc#1265177, CVE-2026-6477: Mark PQfn() as unsafe, and avoid + using it within libpq + * bsc#1265178, CVE-2026-6478: Use timing-safe string comparisons + in authentication code + * bsc#1265179, CVE-2026-6479: Prevent unbounded recursion while + processing startup packets + * bsc#1265181, CVE-2026-6637: Prevent SQL injection and buffer + overruns in contrib/spi + * https://www.postgresql.org/docs/release/14.23/ + +------------------------------------------------------------------- Old: ---- postgresql-14.22.tar.bz2 postgresql-14.22.tar.bz2.sha256 New: ---- postgresql-14.23.tar.bz2 postgresql-14.23.tar.bz2.sha256 ++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++ Other differences: ------------------ ++++++ postgresql14.spec ++++++ --- /var/tmp/diff_new_pack.GBVHqi/_old 2026-05-18 17:50:19.606029891 +0200 +++ /var/tmp/diff_new_pack.GBVHqi/_new 2026-05-18 17:50:19.614030221 +0200 @@ -17,7 +17,7 @@ %define pgmajor 14 -%define pgminor 22 +%define pgminor 23 ### CUT HERE ### %define pgname postgresql%pgmajor ++++++ postgresql-14.22.tar.bz2 -> postgresql-14.23.tar.bz2 ++++++ /work/SRC/openSUSE:Factory/postgresql14/postgresql-14.22.tar.bz2 /work/SRC/openSUSE:Factory/.postgresql14.new.1966/postgresql-14.23.tar.bz2 differ: char 11, line 1 ++++++ postgresql-14.22.tar.bz2.sha256 -> postgresql-14.23.tar.bz2.sha256 ++++++ --- /work/SRC/openSUSE:Factory/postgresql14/postgresql-14.22.tar.bz2.sha256 2026-03-02 18:46:47.296529683 +0100 +++ /work/SRC/openSUSE:Factory/.postgresql14.new.1966/postgresql-14.23.tar.bz2.sha256 2026-05-18 17:50:16.357895672 +0200 @@ -1 +1 @@ -f57938ad30067077720277f6d7db05aafc07d1545efd2ed82f199ba828a7ad34 postgresql-14.22.tar.bz2 +cc7216822b546330e29c2f91e123c8734a4c41795082145bb962aa712e8c94a5 postgresql-14.23.tar.bz2
