- Security and bugfix release 9.3.10:
  * CVE-2015-5289, bsc#949670: json or jsonb input values
    constructed from arbitrary user input can crash the PostgreSQL
    server and cause a denial of service.
  * CVE-2015-5288, bsc#949669: The crypt() function included with
    the optional pgCrypto extension could be exploited to read a
    few additional bytes of memory. No working exploit for this
    issue has been developed.
- For the full release notse, see:
  http://www.postgresql.org/docs/current/static/release-9-3-10.html
- Move systemd related stuff and user creation to postgresql-init.
- Remove some obsolete %suse_version conditionals.
- Adjust build time dependencies.
- Fix some more rpmlint warnings.
- Relax dependency on libpq to major version.

- Move ~postgres/.bash_profile to postgresql-server to avoid a
  file conflict between the versioned server packages.

- Merge openSUSE and SLE12 packages (bsc#941886).
- Merge .changes, remove duplicate entries and fix syntax
  violations at the very bottom.
- postgresql-sle10-timestamptz.patch is obsolete.
- remove baselibs.conf, because we don't build the libarries any
  longer.
- Bugfix release 9.3.9:
  * Fix possible failure to recover from an inconsistent database
    state. See full release notes for details.
  * Fix rare failure to invalidate relation cache init file.
  * Avoid deadlock between incoming sessions and CREATE/DROP

• Files Changed
• Browse Source