* Sat Feb 15 2020 Marcus Rueckert <email@example.com>
- update to 9.6.17 (CVE-2020-1720)
* Sun Dec 29 2019 Lars Vogdt <firstname.lastname@example.org>
- use and package the sha256 checksum for for source
* Fri Dec 20 2019 Marcus Rueckert <email@example.com>
- update to 9.6.16:
* Tue Oct 22 2019 Marcus Rueckert <firstname.lastname@example.org>
- add requires to the devel package for the libs that are returned
by pg_config --libs
* Mon Aug 12 2019 Reinhard Max <email@example.com>
- Update to 9.6.15:
* CVE-2019-10208, bsc#1145092: TYPE in pg_temp executes arbitrary
SQL during SECURITY DEFINER execution.
* Fri Aug 02 2019 Martin Li?ka <firstname.lastname@example.org>
- Use FAT LTO objects in order to provide proper static library.
* Fri Jun 21 2019 Marcus Rueckert <email@example.com>
- Update to 9.6.14:
* Fri May 10 2019 Reinhard Max <firstname.lastname@example.org>
- Update to 9.6.13:
* CVE-2019-10130, bsc#1134689: Prevent row-level security
policies from being bypassed via selectivity estimators.
* Tue Mar 05 2019 Reinhard Max <email@example.com>
- Make the server-devel package exclusive across versions.
* Mon Feb 25 2019 Reinhard Max <firstname.lastname@example.org>
- Update to 9.6.12:
* By default, panic instead of retrying after fsync() failure,
to avoid possible data corruption.
* Numerous other bug fixes.
- Overhaul README.SUSE
* Fri Nov 09 2018 Reinhard Max <email@example.com>
- Update to 9.6.11:
* Numerous bug fixes, see the release notes:
* Remove unneeded library dependencies from PGXS.
* Wed Oct 17 2018 Marcus Rueckert <firstname.lastname@example.org>
- add provides for the new server-devel package that will be
introduced in postgresql 11
* Fri Aug 10 2018 email@example.com
- Update to 9.6.10:
* CVE-2018-10915, bsc#1104199: Fix failure to reset libpq's state
fully between connection attempts.
* CVE-2018-10925, bsc#1104202: Fix INSERT ... ON CONFLICT UPDATE
through a view that isn't just SELECT * FROM ...
* Wed May 16 2018 firstname.lastname@example.org
- Update to 9.6.9:
A dump/restore is not required for those running 9.6.X.
However, if you use the adminpack extension, you should update
it as per the first changelog entry below.
Also, if the function marking mistakes mentioned in the second
and third changelog entries below affect you, you will want to
take steps to correct your database catalogs.
* CVE-2018-1115, bsc#1091610: Remove public execute privilege
from contrib/adminpack's pg_logfile_rotate() function
pg_logfile_rotate() is a deprecated wrapper for the core
function pg_rotate_logfile(). When that function was changed
to rely on SQL privileges for access control rather than a
hard-coded superuser check, pg_logfile_rotate() should have
been updated as well, but the need for this was missed. Hence,
if adminpack is installed, any user could request a logfile
rotation, creating a minor security issue.
After installing this update, administrators should update
adminpack by performing ALTER EXTENSION adminpack UPDATE in
each database in which adminpack is installed.
* Fix incorrect volatility markings on a few built-in functions
* Fix incorrect parallel-safety markings on a few built-in