Request 516114: Submit postgresql93 - openSUSE Build Service

Overview

Request 516114 accepted

- Update to version 9.3.18:
* https://www.postgresql.org/docs/9.3/static/release-9-3-18.html
* CVE-2017-7547, bsc#1051685: Further restrict visibility of
pg_user_mappings.umoptions, to protect passwords stored as
user mapping options.
* CVE-2017-7546, bsc#1051684: Disallow empty passwords in all
password-based authentication methods.

- use multibuild

- Update to version 9.3.17:
* https://www.postgresql.org/docs/9.3/static/release-9-3-16.html
* CVE-2017-7486, bsc#1037624: Restrict visibility of
pg_user_mappings.umoptions, to protect passwords stored as
user mapping options.
!!! Manual action is needed to fix this in existing databases
!!! See upstream release notes for details.
* CVE-2017-7485, bsc#1038293: recognize PGREQUIRESSL variable
again.
* CVE-2017-7484, bsc#1037603: Prevent exposure of statistical
information via leaky operators.
* Obsoletes postgresql-9.3.16-fix-timezone-tests.patch
- Move the timezone requirement to the server package as it was
originally intended.
- Sync spec file with postgresql96.
- Merge Factory and SLE-12.

- Added "Requires: timezone" to Server Package (bsc#973660)

(CVE-2016-5423, bsc#993454)

Created by rmax over 6 years ago
In state accepted

Submit postgresql93

Comments for request 516114 0

Login required, please login in order to comment

Request History

rmax created request over 6 years ago

- Update to version 9.3.18:
* https://www.postgresql.org/docs/9.3/static/release-9-3-18.html
* CVE-2017-7547, bsc#1051685: Further restrict visibility of
pg_user_mappings.umoptions, to protect passwords stored as
user mapping options.
* CVE-2017-7546, bsc#1051684: Disallow empty passwords in all
password-based authentication methods.

- use multibuild

- Update to version 9.3.17:
* https://www.postgresql.org/docs/9.3/static/release-9-3-16.html
* CVE-2017-7486, bsc#1037624: Restrict visibility of
pg_user_mappings.umoptions, to protect passwords stored as
user mapping options.
!!! Manual action is needed to fix this in existing databases
!!! See upstream release notes for details.
* CVE-2017-7485, bsc#1038293: recognize PGREQUIRESSL variable
again.
* CVE-2017-7484, bsc#1037603: Prevent exposure of statistical
information via leaky operators.
* Obsoletes postgresql-9.3.16-fix-timezone-tests.patch
- Move the timezone requirement to the server package as it was
originally intended.
- Sync spec file with postgresql96.
- Merge Factory and SLE-12.

- Added "Requires: timezone" to Server Package (bsc#973660)

(CVE-2016-5423, bsc#993454)

factory-auto added opensuse-review-team as a reviewer over 6 years ago

Please review sources

factory-auto added factory-repo-checker as a reviewer over 6 years ago

Please review build success

factory-auto accepted review over 6 years ago

Check script succeeded

licensedigger accepted review over 6 years ago

ok

factory-repo-checker accepted review over 6 years ago

Builds for repo server:database:postgresql/openSUSE_Tumbleweed

jengelh accepted review over 6 years ago

staging-bot set openSUSE:Factory:Staging:F as a staging project over 6 years ago

Being evaluated by staging project "openSUSE:Factory:Staging:F"

staging-bot accepted review over 6 years ago

Picked openSUSE:Factory:Staging:F

dimstar_suse accepted review over 6 years ago

ready to accept

dimstar_suse approved review over 6 years ago

ready to accept

dimstar_suse accepted request over 6 years ago

Accept to openSUSE:Factory

openSUSE Build Service is sponsored by