Overview
Request 516114 accepted
- Update to version 9.3.18:
* https://www.postgresql.org/docs/9.3/static/release-9-3-18.html
* CVE-2017-7547, bsc#1051685: Further restrict visibility of
pg_user_mappings.umoptions, to protect passwords stored as
user mapping options.
* CVE-2017-7546, bsc#1051684: Disallow empty passwords in all
password-based authentication methods.
- use multibuild
- Update to version 9.3.17:
* https://www.postgresql.org/docs/9.3/static/release-9-3-16.html
* CVE-2017-7486, bsc#1037624: Restrict visibility of
pg_user_mappings.umoptions, to protect passwords stored as
user mapping options.
!!! Manual action is needed to fix this in existing databases
!!! See upstream release notes for details.
* CVE-2017-7485, bsc#1038293: recognize PGREQUIRESSL variable
again.
* CVE-2017-7484, bsc#1037603: Prevent exposure of statistical
information via leaky operators.
* Obsoletes postgresql-9.3.16-fix-timezone-tests.patch
- Move the timezone requirement to the server package as it was
originally intended.
- Sync spec file with postgresql96.
- Merge Factory and SLE-12.
- Added "Requires: timezone" to Server Package (bsc#973660)
(CVE-2016-5423, bsc#993454)
Request History
rmax created request
- Update to version 9.3.18:
* https://www.postgresql.org/docs/9.3/static/release-9-3-18.html
* CVE-2017-7547, bsc#1051685: Further restrict visibility of
pg_user_mappings.umoptions, to protect passwords stored as
user mapping options.
* CVE-2017-7546, bsc#1051684: Disallow empty passwords in all
password-based authentication methods.
- use multibuild
- Update to version 9.3.17:
* https://www.postgresql.org/docs/9.3/static/release-9-3-16.html
* CVE-2017-7486, bsc#1037624: Restrict visibility of
pg_user_mappings.umoptions, to protect passwords stored as
user mapping options.
!!! Manual action is needed to fix this in existing databases
!!! See upstream release notes for details.
* CVE-2017-7485, bsc#1038293: recognize PGREQUIRESSL variable
again.
* CVE-2017-7484, bsc#1037603: Prevent exposure of statistical
information via leaky operators.
* Obsoletes postgresql-9.3.16-fix-timezone-tests.patch
- Move the timezone requirement to the server package as it was
originally intended.
- Sync spec file with postgresql96.
- Merge Factory and SLE-12.
- Added "Requires: timezone" to Server Package (bsc#973660)
(CVE-2016-5423, bsc#993454)
factory-auto added opensuse-review-team as a reviewer
Please review sources
factory-auto added factory-repo-checker as a reviewer
Please review build success
factory-auto accepted review
Check script succeeded
licensedigger accepted review
ok
factory-repo-checker accepted review
Builds for repo server:database:postgresql/openSUSE_Tumbleweed
jengelh accepted review
staging-bot set openSUSE:Factory:Staging:F as a staging project
Being evaluated by staging project "openSUSE:Factory:Staging:F"
staging-bot accepted review
Picked openSUSE:Factory:Staging:F
dimstar_suse accepted review
ready to accept
dimstar_suse approved review
ready to accept
dimstar_suse accepted request
Accept to openSUSE:Factory