Script 'mail_helper' called by obssrc Hello community, here is the log from the commit of package postgresql18 for openSUSE:Factory checked in at 2026-05-20 15:23:39 ++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++ Comparing /work/SRC/openSUSE:Factory/postgresql18 (Old) and /work/SRC/openSUSE:Factory/.postgresql18.new.1966 (New) ++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++
Package is "postgresql18" Wed May 20 15:23:39 2026 rev:7 rq:1353819 version:18.4 Changes: -------- --- /work/SRC/openSUSE:Factory/postgresql18/postgresql18.changes 2026-05-05 15:15:54.716526784 +0200 +++ /work/SRC/openSUSE:Factory/.postgresql18.new.1966/postgresql18.changes 2026-05-20 15:24:07.785172175 +0200 @@ -1,0 +2,28 @@ +Wed May 13 08:09:50 UTC 2026 - Reinhard Max <[email protected]> + +- Update to version 18.4: + * bsc#1265172, CVE-2026-6472: ensure the user has CREATE + privilege on the schema specified + * bsc#1265173, CVE-2026-6473: integer overflows in + memory-allocation calculations + * bsc#1265174, CVE-2026-6474: Guard against malicious time zone + names + * bsc#1265175, CVE-2026-6475: Prevent path traversal in + pg_basebackup and pg_rewind + * bsc#1265176, CVE-2026-6476: Properly quote subscription names + in pg_createsubscriber + * bsc#1265177, CVE-2026-6477: Mark PQfn() as unsafe, and avoid + using it within libpq + * bsc#1265178, CVE-2026-6478: Use timing-safe string comparisons + in authentication code + * bsc#1265179, CVE-2026-6479: Prevent unbounded recursion while + processing startup packets + * bsc#1265180, CVE-2026-6575: Detect faulty input when restoring + attribute MCV statistics + * bsc#1265181, CVE-2026-6637: Prevent SQL injection and buffer + overruns in contrib/spi + * bsc#1265182, CVE-2026-6638: Properly quote object names in + logical replication origin checks + * https://www.postgresql.org/docs/release/18.4/ + +------------------------------------------------------------------- Old: ---- postgresql-18.3.tar.bz2 postgresql-18.3.tar.bz2.sha256 New: ---- postgresql-18.4.tar.bz2 postgresql-18.4.tar.bz2.sha256 ++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++ Other differences: ------------------ ++++++ postgresql18.spec ++++++ --- /var/tmp/diff_new_pack.fb28kD/_old 2026-05-20 15:24:08.477200637 +0200 +++ /var/tmp/diff_new_pack.fb28kD/_new 2026-05-20 15:24:08.481200801 +0200 @@ -17,7 +17,7 @@ %define pgmajor 18 -%define pgminor 3 +%define pgminor 4 ### CUT HERE ### %define pgname postgresql%pgmajor ++++++ postgresql-18.3.tar.bz2 -> postgresql-18.4.tar.bz2 ++++++ /work/SRC/openSUSE:Factory/postgresql18/postgresql-18.3.tar.bz2 /work/SRC/openSUSE:Factory/.postgresql18.new.1966/postgresql-18.4.tar.bz2 differ: char 11, line 1 ++++++ postgresql-18.3.tar.bz2.sha256 -> postgresql-18.4.tar.bz2.sha256 ++++++ --- /work/SRC/openSUSE:Factory/postgresql18/postgresql-18.3.tar.bz2.sha256 2026-03-04 21:03:19.563743201 +0100 +++ /work/SRC/openSUSE:Factory/.postgresql18.new.1966/postgresql-18.4.tar.bz2.sha256 2026-05-20 15:24:07.773171682 +0200 @@ -1 +1 @@ -d95663fbbf3a80f81a9d98d895266bdcb74ba274bcc04ef6d76630a72dee016f postgresql-18.3.tar.bz2 +81a81ec695fb0c7901407defaa1d2f7973617154cf27ba74e3a7ab8e64436094 postgresql-18.4.tar.bz2
