Package Release Info

postgresql96-9.6.8-bp150.1.3

Update Info: Base Release
Available in Package Hub : 15

platforms

AArch64
ppc64le
s390x
x86-64

subpackages

postgresql96
postgresql96-contrib
postgresql96-devel
postgresql96-docs
postgresql96-plperl
postgresql96-plpython
postgresql96-pltcl
postgresql96-server
postgresql96-test

Change Logs

Version: 9.6.8-bp150.1.2
* Sat Mar 10 2018 mrueckert@suse.de
- Update to PostgreSQL 9.6.8
  * https://www.postgresql.org/docs/9.6/static/release-9-6-8.html
    A dump/restore is not required for those running 9.6.X.
    However, if you run an installation in which not all users are
    mutually trusting, or if you maintain an application or
    extension that is intended for use in arbitrary situations, it
    is strongly recommended that you read the documentation changes
    described in the first changelog entry in the link above, and
    take suitable steps to ensure that your installation or code is
    secure.
    Also, the changes described in the second changelog entry in
    the link above may cause functions used in index expressions or
    materialized views to fail during auto-analyze, or when
    reloading from a dump. After upgrading, monitor the server logs
    for such problems, and fix affected functions.
  * CVE-2018-1058 bsc#1081925 Uncontrolled search path element in
    pg_dump and other client applications
* Fri Feb 09 2018 max@suse.com
- Update to PostgreSQL 9.6.7
  * https://www.postgresql.org/docs/9.6/static/release-9-6-7.html
  * CVE-2018-1053, bsc#1077983: Ensure that all temporary files
    made by pg_upgrade are non-world-readable.
  * bsc#1079757: Rename pg_rewind's copy_file_range function to
    avoid conflict with new Linux system call of that name.
- Don't %config the symlinks to /etc/alternatives to avoid rpmlint
  warnings.
* Tue Dec 05 2017 mrueckert@suse.de
- Update to version 9.6.6:
  * https://www.postgresql.org/docs/9.6/static/release-9-6-6.html
  * Security Issues
  - CVE-2017-15098, bsc#1067844:
    Memory disclosure in JSON functions
  - CVE-2017-15099, bsc#1067841: INSERT ... ON CONFLICT DO UPDATE
    fails to enforce SELECT privileges
    Prior to this release, the "INSERT ... ON CONFLICT DO UPDATE"
    would not check to see if the executing user had permission
    to perform a "SELECT" on the index performing the conflicting
    check. Additionally, in a table with row-level security
    enabled, the "INSERT ... ON CONFLICT DO UPDATE" would not
    check the SELECT policies for that table before performing
    the update.
    This fix ensures that "INSERT ... ON CONFLICT DO UPDATE"
    checks against table permissions and RLS policies before
    executing.
* Thu Nov 23 2017 mrueckert@suse.de
- port /usr/share/postgresql/install-alternatives usage to the new
  scheme
* Fri Nov 03 2017 max@suse.com
- Simplify the set of local RPM macros.
- Use /usr/share/postgresql/install-alternatives in the respective
  scriptlets.
- Fix the logic around restart on upgrade and stop on removal.
  We bring the binaries, but we don't own the unit file.
* Mon Oct 02 2017 max@suse.com
- Break a build dependency loop in the server packages that led to
  bootstrap problems.
* Fri Sep 22 2017 max@suse.com
- Adjust dependencies to the new packaging schema.
- Build the libs in 10 rather than 9.6.
* Fri Sep 01 2017 max@suse.com
- Update to version 9.6.5:
  * https://www.postgresql.org/docs/9.6/static/release-9-6-5.html
  * Show foreign tables in information_schema.table_privileges
    view.
  * Clean up handling of a fatal exit (e.g., due to receipt of
    SIGTERM) that occurs while trying to execute a ROLLBACK of a
    failed transaction.
  * Remove assertion that could trigger during a fatal exit.
  * Correctly identify columns that are of a range type or domain
    type over a composite type or domain type being searched for.
  * Prevent crash when passing fixed-length pass-by-reference data
    types to parallel worker processe.
  * Fix crash in pg_restore when using parallel mode and using a
    list file to select a subset of items to restore.
  * Change ecpg's parser to allow RETURNING clauses without
    attached C variables.
  * Change ecpg's parser to recognize backslash continuation of C
    preprocessor command lines.
* Fri Aug 11 2017 max@suse.com
- Update to version 9.6.4:
  * https://www.postgresql.org/docs/9.6/static/release-9-6-4.html
  * CVE-2017-7547, bsc#1051685: Further restrict visibility of
    pg_user_mappings.umoptions, to protect passwords stored as
    user mapping options.
  * CVE-2017-7546, bsc#1051684: Disallow empty passwords in all
    password-based authentication methods.
  * CVE-2017-7548, bsc#1053259: lo_put() function ignores ACLs.
* Thu Aug 10 2017 mrueckert@suse.de
- fix building on sle11 by using krb5-devel again
* Fri Aug 04 2017 mrueckert@suse.de
- use multibuild
* Wed May 17 2017 dimstar@opensuse.org
- Replace krb5-devel BuildRequires with pkgconfig(krb5): allow OBS
  to deliver krb5-mini when applicable.
* Thu May 11 2017 max@suse.com
- Update to version 9.6.3:
  * https://www.postgresql.org/docs/9.6/static/release-9-6-3.html
  * CVE-2017-7486, bsc#1037624: Restrict visibility of
    pg_user_mappings.umoptions, to protect passwords stored as
    user mapping options.
    !!! Manual action is needed to fix this in existing databases
    !!! See upstream release notes for details.
  * CVE-2017-7485, bsc#1038293: recognize PGREQUIRESSL variable
    again.
  * CVE-2017-7484, bsc#1037603: Prevent exposure of statistical
    information via leaky operators.
  * Obsoletes postgresql-9.6.2-fix-timezone-tests.patch
- Added "Requires: timezone" to Server Package (bsc#973660)
- Submit postgresql96 to SLE-12 (bsc#1038474, fate#321481).
* Wed Mar 15 2017 astieger@suse.com
- fix tests with timezone 2017a
  postgresql-9.6.2-fix-timezone-tests.patch
* Thu Feb 09 2017 mrueckert@suse.de
- upate to 9.6.2
  - Build corruption with CREATE INDEX CONCURRENTLY
  - Fixes for visibility and write-ahead-log stability
  For the full release notes, see:
  https://www.postgresql.org/docs/9.6/static/release-9-6-2.html
* Sun Oct 30 2016 13ilya@gmail.com
- update to 9.6.1
  This release contains a variety of fixes from 9.6.0.
  For information about new features in the 9.6 major release.
  For the full release notes, see:
  https://www.postgresql.org/docs/9.6/static/release-9-6-1.html
* Mon Oct 10 2016 max@suse.com
- Build the libs in 9.6 rather then 9.5.
* Sun Oct 02 2016 mrueckert@suse.de
- update to 9.6.0 final
  For all the details see:
  https://www.postgresql.org/about/news/1703/
  https://wiki.postgresql.org/wiki/NewIn96
  https://www.postgresql.org/docs/current/static/release-9-6.html
* Fri Aug 12 2016 fweiss@suse.com
- Update to 9.6beta4:
    9.6 Beta 4 includes the security fixes in the 2016-08-11
    Security Update, as well as the general bug fixes offered for
    stable versions. Additionally, it contains fixes for the
    following beta issues reported since the last beta:
  * Change minimum max_worker_processes from 1 to 0
  * Make array_to_tsvector() sort and de-duplicate the given
    strings
  * Fix ts_delete(tsvector, text[]) to cope with duplicate array
    entries
  * Fix hard to hit race condition in heapam's tuple locking code
  * Prevent "snapshot too old" from trying to return pruned TOAST
    tuples
  * Make INSERT-from-multiple-VALUES-rows handle targetlist
    indirection
  * Do not let PostmasterContext survive into background workers
  * Add missing casts in information schema
  * Fix assorted problems in recovery tests
  * Block interrupts during HandleParallelMessages()
  * Remove unused arguments from pg_replication_origin_xact_reset
    function
  * Correctly handle owned sequences with extensions
  * Many fixes for tsqueue.c
  * Eliminate a few more user-visible "cache lookup failed"
    errors
  * Teach parser to transform "x IS [NOT] DISTINCT FROM NULL" to
    a NullTest
  * Allow functions that return sets of tuples to return simple
    NULLs
  * Repair damage done by citext--1.1--1.2.sql
  * Correctly set up aggregate FILTER expression in
    partial-aggregation plans
    This beta also includes many documentation updates and
    improvements.
    Due to changes in system catalogs, a pg_upgrade or pg_dump and
    restore will be required for users migrating databases from
    earlier betas.
    Note that some known issues remain unfixed. Before reporting a
    bug in the beta, please check the Open Items page.
* Tue Aug 09 2016 mrueckert@suse.de
- update to 9.6beta3
  - This included many more fixes to parallel query:
  - adding support for TABLESAMPLE
  - correcting cost data in Gather nodes
  - check parallel-safety of all appended relations
  - fix planner issues with initPlans
  - fix several issues with client_encoding
  - clean up EXPLAIN output for parallel queries
  - multiple changes to parallel aggregation internals
  - Among the other issues addressed were:
  - add conninfo field to pg_stat_wal_receiver
  - clear all-frozen visibilitymap status when locking tuples
  - correctly dump database and tablespace ACLs
  - avoid invalidating all foreign-join cached plans when user
    mappings change
  - fix nested NOT operation cleanup in tsquery
  - allow IMPORT FOREIGN SCHEMA within pl/pgsql
  - print a given subplan only once in EXPLAIN
  - change the GetForeignUpperPaths API
  - fix several issues in postgres_fdw
  - added many additional regression tests
  - many documentation updates and clarifications
  - multiple translation updates for the docs
  Due to changes in system catalogs, a pg_upgrade or dump and restore
  will be required for users migrating databases from earlier betas.
  This includes a version update to the pg_control tool, making it
  incompatible with PostgreSQL 9.4 and earlier. This beta also
  includes patches to many issues shared with earlier versions, which
  will be updated in an upcoming minor release.
  Note that some known issues remain unfixed. Before reporting a bug
  in the beta, please check the Open Items page.
Version: 9.6.17-bp152.1.5
* Sat Feb 15 2020 Marcus Rueckert <mrueckert@suse.de>
- update to 9.6.17 (CVE-2020-1720)
  https://www.postgresql.org/about/news/2011/
  https://www.postgresql.org/docs/9.6/release-9-6-17.html
* Sun Dec 29 2019 Lars Vogdt <lars@linux-schulserver.de>
- use and package the sha256 checksum for for source
* Fri Dec 20 2019 Marcus Rueckert <mrueckert@suse.de>
- update to 9.6.16:
  https://www.postgresql.org/about/news/1994/
  https://www.postgresql.org/docs/9.6/release-9-6-16.html
* Tue Oct 22 2019 Marcus Rueckert <mrueckert@suse.de>
- add requires to the devel package for the libs that are returned
  by pg_config --libs
* Mon Aug 12 2019 Reinhard Max <max@suse.com>
- Update to 9.6.15:
  * https://www.postgresql.org/about/news/1960/
  * https://www.postgresql.org/docs/9.6/release-9-6-15.html
  * CVE-2019-10208, bsc#1145092: TYPE in pg_temp executes arbitrary
    SQL during SECURITY DEFINER execution.
* Fri Aug 02 2019 Martin Li?ka <mliska@suse.cz>
- Use FAT LTO objects in order to provide proper static library.
* Fri Jun 21 2019 Marcus Rueckert <mrueckert@suse.de>
- Update to 9.6.14:
  https://www.postgresql.org/docs/9.6/release-9-6-14.html
* Fri May 10 2019 Reinhard Max <max@suse.com>
- Update to 9.6.13:
  * https://www.postgresql.org/docs/9.6/release-9-6-13.html
  * https://www.postgresql.org/about/news/1939/
  * CVE-2019-10130, bsc#1134689: Prevent row-level security
    policies from being bypassed via selectivity estimators.
* Tue Mar 05 2019 Reinhard Max <max@suse.com>
- Make the server-devel package exclusive across versions.
* Mon Feb 25 2019 Reinhard Max <max@suse.com>
- Update to 9.6.12:
  * https://www.postgresql.org/docs/9.6/release-9-6-12.html
  * https://www.postgresql.org/about/news/1920/
  * By default, panic instead of retrying after fsync() failure,
    to avoid possible data corruption.
  * Numerous other bug fixes.
- Overhaul README.SUSE
* Fri Nov 09 2018 Reinhard Max <max@suse.com>
- Update to 9.6.11:
  * Numerous bug fixes, see the release notes:
    https://www.postgresql.org/docs/9.6/release-9-6-11.html
  * Remove unneeded library dependencies from PGXS.
* Wed Oct 17 2018 Marcus Rueckert <mrueckert@suse.de>
- add provides for the new server-devel package that will be
  introduced in postgresql 11
* Fri Aug 10 2018 max@suse.com
- Update to 9.6.10:
  https://www.postgresql.org/docs/current/static/release-9-6-10.html
  * CVE-2018-10915, bsc#1104199: Fix failure to reset libpq's state
    fully between connection attempts.
  * CVE-2018-10925, bsc#1104202: Fix INSERT ... ON CONFLICT UPDATE
    through a view that isn't just SELECT * FROM ...
* Wed May 16 2018 max@suse.com
- Update to 9.6.9:
  https://www.postgresql.org/about/news/1851/
  https://www.postgresql.org/docs/current/static/release-9-6-9.html
  A dump/restore is not required for those running 9.6.X.
  However, if you use the adminpack extension, you should update
  it as per the first changelog entry below.
  Also, if the function marking mistakes mentioned in the second
  and third changelog entries below affect you, you will want to
  take steps to correct your database catalogs.
  * CVE-2018-1115, bsc#1091610: Remove public execute privilege
    from contrib/adminpack's pg_logfile_rotate() function
    pg_logfile_rotate() is a deprecated wrapper for the core
    function pg_rotate_logfile(). When that function was changed
    to rely on SQL privileges for access control rather than a
    hard-coded superuser check, pg_logfile_rotate() should have
    been updated as well, but the need for this was missed. Hence,
    if adminpack is installed, any user could request a logfile
    rotation, creating a minor security issue.
    After installing this update, administrators should update
    adminpack by performing ALTER EXTENSION adminpack UPDATE in
    each database in which adminpack is installed.
  * Fix incorrect volatility markings on a few built-in functions
  * Fix incorrect parallel-safety markings on a few built-in
    functions.