Hello community, here is the log from the commit of package postgresql93 for openSUSE:Factory checked in at 2017-08-23 11:52:17 ++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++ Comparing /work/SRC/openSUSE:Factory/postgresql93 (Old) and /work/SRC/openSUSE:Factory/.postgresql93.new (New) ++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++
Package is "postgresql93" Wed Aug 23 11:52:17 2017 rev:15 rq:516114 version:9.3.18 Changes: -------- --- /work/SRC/openSUSE:Factory/postgresql93/postgresql93.changes 2017-03-21 22:43:20.327458202 +0100 +++ /work/SRC/openSUSE:Factory/.postgresql93.new/postgresql93.changes 2017-08-23 11:52:18.690852293 +0200 @@ -1,0 +2,36 @@ +Fri Aug 11 11:44:09 UTC 2017 - [email protected] + +- Update to version 9.3.18: + * https://www.postgresql.org/docs/9.3/static/release-9-3-18.html + * CVE-2017-7547, bsc#1051685: Further restrict visibility of + pg_user_mappings.umoptions, to protect passwords stored as + user mapping options. + * CVE-2017-7546, bsc#1051684: Disallow empty passwords in all + password-based authentication methods. + +------------------------------------------------------------------- +Fri Aug 4 10:22:41 UTC 2017 - [email protected] + +- use multibuild + +------------------------------------------------------------------- +Tue May 9 13:25:21 UTC 2017 - [email protected] + +- Update to version 9.3.17: + * https://www.postgresql.org/docs/9.3/static/release-9-3-16.html + * CVE-2017-7486, bsc#1037624: Restrict visibility of + pg_user_mappings.umoptions, to protect passwords stored as + user mapping options. + !!! Manual action is needed to fix this in existing databases + !!! See upstream release notes for details. + * CVE-2017-7485, bsc#1038293: recognize PGREQUIRESSL variable + again. + * CVE-2017-7484, bsc#1037603: Prevent exposure of statistical + information via leaky operators. + * Obsoletes postgresql-9.3.16-fix-timezone-tests.patch +- Move the timezone requirement to the server package as it was + originally intended. +- Sync spec file with postgresql96. +- Merge Factory and SLE-12. + +------------------------------------------------------------------- @@ -33,0 +70,5 @@ +Thu Sep 15 07:04:16 UTC 2016 - [email protected] + +- Added "Requires: timezone" to Server Package (bsc#973660) + +------------------------------------------------------------------- @@ -38 +79 @@ - (CVE-2016-5423) + (CVE-2016-5423, bsc#993454) @@ -40 +81 @@ - and role names (CVE-2016-5424) + and role names (CVE-2016-5424, bsc#993453) @@ -115 +156 @@ - http://www.postgresql.org/docs/9.4/static/release-9-3-12.html + http://www.postgresql.org/docs/9.3/static/release-9-3-12.html Old: ---- postgresql-9.3.16-fix-timezone-tests.patch postgresql-9.3.16.tar.bz2 postgresql93-libs.changes postgresql93-libs.spec pre_checkin.sh New: ---- _multibuild postgresql-9.3.18.tar.bz2 ++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++ Other differences: ------------------ ++++++ postgresql93.spec ++++++ --- /var/tmp/diff_new_pack.tPY8Lr/_old 2017-08-23 11:52:20.498597817 +0200 +++ /var/tmp/diff_new_pack.tPY8Lr/_new 2017-08-23 11:52:20.510596128 +0200 @@ -23,9 +23,15 @@ %define libecpg libecpg6 %define libpq_so libpq.so.5 %define libecpg_so libecpg.so.6 +%if "@BUILD_FLAVOR@" == "libs" +%define buildmain 0 +%define buildlibs 0 +%define builddevel 1 +%else %define buildmain 1 %define buildlibs 0 %define builddevel 0 +%endif %define pgbasedir %_prefix/lib/%pgname %define pgtestdir %pgbasedir/test %define pgbindir %pgbasedir/bin @@ -63,7 +69,7 @@ Summary: Basic Clients and Utilities for PostgreSQL License: PostgreSQL Group: Productivity/Databases/Tools -Version: 9.3.16 +Version: 9.3.18 Release: 0 %define pg_minor_version %(echo %version | sed -r 's/^([0-9]+\\.[0-9]+).*/\\1/') Source0: https://ftp.postgresql.org/pub/source/v%{version}/postgresql-%{version}.tar.bz2 @@ -75,8 +81,7 @@ Patch7: postgresql-testsuite-seclabel-location.patch Patch8: postgresql-testsuite-keep-results-file.patch Patch9: postgresql-var-run-socket.patch -Patch10: postgresql-9.3.16-fix-timezone-tests.patch -Url: http://www.postgresql.org/ +Url: https://www.postgresql.org/ BuildRoot: %{_tmppath}/%{name}-%{version}-build Provides: postgresql = %version Requires: %libpq >= %majorversion @@ -95,8 +100,6 @@ HTML documentation for PostgreSQL can be found in the postgresql-docs package. -%if %buildlibs - %package -n %libpq Summary: Shared Libraries Required for PostgreSQL Clients Group: Productivity/Databases/Clients @@ -137,7 +140,6 @@ This package provides the runtime library of the embedded SQL C preprocessor for PostgreSQL. -%endif %if %builddevel %package -n %pgname-devel @@ -175,6 +177,7 @@ PreReq: postgresql = %version PreReq: postgresql-init >= %majorversion Requires: glibc-locale +Requires: timezone Provides: postgresql-server = %version Requires(preun): postgresql-init >= %majorversion Requires(postun): postgresql-init >= %majorversion @@ -222,8 +225,8 @@ %package contrib Summary: Contributed Extensions and Additions to PostgreSQL -Group: Productivity/Databases/Tools #FIXME +Group: Productivity/Databases/Tools PreReq: %pgname-server = %version Provides: postgresql-contrib = %version Requires(post): update-alternatives @@ -311,7 +314,6 @@ %patch7 -p1 %patch8 -p1 %patch9 -p1 -%patch10 -p1 touch -r tmp configure rm tmp find src/test/ -name '*.orig' -delete ++++++ _multibuild ++++++ <multibuild> <package>libs</package> </multibuild> ++++++ postgresql-9.3.16.tar.bz2 -> postgresql-9.3.18.tar.bz2 ++++++ /work/SRC/openSUSE:Factory/postgresql93/postgresql-9.3.16.tar.bz2 /work/SRC/openSUSE:Factory/.postgresql93.new/postgresql-9.3.18.tar.bz2 differ: char 11, line 1
