This is an automated email from the ASF dual-hosted git repository.
alexey pushed a commit to branch branch-1.18.x
in repository https://gitbox.apache.org/repos/asf/kudu.git
The following commit(s) were added to refs/heads/branch-1.18.x by this push:
new 45920136a [thirdparty] KUDU-3626 update PostgreSQL and its JDBC driver
45920136a is described below
commit 45920136a8c17234912a94fb4080038f1f6af13e
Author: Abhishek Chennaka <[email protected]>
AuthorDate: Wed Dec 4 20:29:40 2024 -0800
[thirdparty] KUDU-3626 update PostgreSQL and its JDBC driver
This addresses several CVEs[1] affecting current PostgresSQL
and PostgresSQL JDBC driver by upgrading them to versions
17.2 and 42.7.4 respectively.
[1]
CVE-2024-10979
CVE-2024-10978
CVE-2024-10977
CVE-2024-10976
CVE-2024-7348
CVE-2024-0985
CVE-2023-39417
CVE-2023-5870
CVE-2023-5869
CVE-2023-5868
CVE-2023-2455
CVE-2023-2454
CVE-2022-41862
CVE-2022-2625
CVE-2022-1552
CVE-2021-32029
CVE-2021-32028
CVE-2021-32027
CVE-2021-23222
CVE-2021-23214
CVE-2021-3677
CVE-2021-3393
CVE-2020-25696
CVE-2020-25695
CVE-2020-25694
CVE-2020-14350
CVE-2020-14349
Change-Id: I8693c0cecdc704f6ca1166af0fe14bc41256f629
Reviewed-on: http://gerrit.cloudera.org:8080/22170
Tested-by: Abhishek Chennaka <[email protected]>
Reviewed-by: Alexey Serbin <[email protected]>
(cherry picked from commit e4bfac1c297dd5473fd71025d1f469f2887b33d1)
Reviewed-on: http://gerrit.cloudera.org:8080/22241
Tested-by: Kudu Jenkins
Reviewed-by: Abhishek Chennaka <[email protected]>
---
thirdparty/build-definitions.sh | 3 ++-
thirdparty/patches/postgres-root-can-run-initdb.patch | 10 ++++------
thirdparty/vars.sh | 4 ++--
3 files changed, 8 insertions(+), 9 deletions(-)
diff --git a/thirdparty/build-definitions.sh b/thirdparty/build-definitions.sh
index c488d49c4..3d92cc904 100644
--- a/thirdparty/build-definitions.sh
+++ b/thirdparty/build-definitions.sh
@@ -1163,11 +1163,12 @@ build_postgres() {
mkdir -p $POSTGRES_BDIR
pushd $POSTGRES_BDIR
- # We don't need readline and zlib, so let's simplify build.
+ # We don't need readline, zlib and icu, so let's simplify build.
CFLAGS="$EXTRA_CFLAGS" \
LDFLAGS="$EXTRA_LDFLAGS" \
$POSTGRES_SOURCE/configure \
--prefix=$PREFIX \
+ --without-icu \
--without-readline \
--without-zlib
diff --git a/thirdparty/patches/postgres-root-can-run-initdb.patch
b/thirdparty/patches/postgres-root-can-run-initdb.patch
index c8574fb73..32a4f6bdb 100644
--- a/thirdparty/patches/postgres-root-can-run-initdb.patch
+++ b/thirdparty/patches/postgres-root-can-run-initdb.patch
@@ -1,6 +1,6 @@
---- src/bin/initdb/initdb.c.orig 2020-03-30 20:56:39.000000000 -0700
-+++ src/bin/initdb/initdb.c 2020-03-30 20:56:57.000000000 -0700
-@@ -637,25 +637,11 @@
+--- src/bin/initdb/initdb.c.orig 2024-12-04 17:08:24.402706737 -0800
++++ src/bin/initdb/initdb.c 2024-12-04 17:09:06.643734596 -0800
+@@ -805,23 +805,11 @@
/*
* find the current user
@@ -16,9 +16,7 @@
- if (geteuid() == 0) /* 0 is root's uid */
- {
- pg_log_error("cannot be run as root");
-- fprintf(stderr,
-- _("Please log in (using, e.g., \"su\") as the
(unprivileged) user that will\n"
-- "own the server process.\n"));
+- pg_log_error_hint("Please log in (using, e.g., \"su\") as the
(unprivileged) user that will own the server process.");
- exit(1);
- }
-#endif
diff --git a/thirdparty/vars.sh b/thirdparty/vars.sh
index 0261fa99a..f6bf9a7bf 100644
--- a/thirdparty/vars.sh
+++ b/thirdparty/vars.sh
@@ -242,11 +242,11 @@
GUMBO_QUERY_VERSION=c9f10880b645afccf4fbcd11d2f62a7c01222d2e
GUMBO_QUERY_NAME=gumbo-query-$GUMBO_QUERY_VERSION
GUMBO_QUERY_SOURCE=$TP_SOURCE_DIR/$GUMBO_QUERY_NAME
-POSTGRES_VERSION=12.2
+POSTGRES_VERSION=17.2
POSTGRES_NAME=postgresql-$POSTGRES_VERSION
POSTGRES_SOURCE=$TP_SOURCE_DIR/$POSTGRES_NAME
-POSTGRES_JDBC_VERSION=42.2.10
+POSTGRES_JDBC_VERSION=42.7.4
POSTGRES_JDBC_NAME=postgresql-$POSTGRES_JDBC_VERSION
POSTGRES_JDBC_SOURCE=$TP_SOURCE_DIR/$POSTGRES_JDBC_NAME
