From 176c5c7189289dad2c003a9e83157db12ad5b17f Mon Sep 17 00:00:00 2001 From: Filip Janus Date: Thu, 11 Jan 2024 09:39:45 +0100 Subject: [PATCH] Update to version 12.17 Resolves: RHEL-16082 Fix: CVE-2023-5868, CVE-2023-5869, CVE-2023-5870 --- .gitignore | 6 +++--- postgresql-external-libpq.patch | 2 +- postgresql.spec | 10 +++++++--- sources | 6 +++--- 4 files changed, 14 insertions(+), 10 deletions(-) diff --git a/.gitignore b/.gitignore index 3e434d4..2a064d7 100644 --- a/.gitignore +++ b/.gitignore @@ -1,6 +1,6 @@ -/postgresql-12.15.tar.bz2 -/postgresql-12.15.tar.bz2.sha256 -/postgresql-12.15-US.pdf +/postgresql-12.17.tar.bz2 +/postgresql-12.17.tar.bz2.sha256 +/postgresql-12.17-US.pdf /postgresql-10.23.tar.bz2 /postgresql-10.23.tar.bz2.sha256 /postgresql-setup-8.7.tar.gz diff --git a/postgresql-external-libpq.patch b/postgresql-external-libpq.patch index ba7ef73..02ff13c 100644 --- a/postgresql-external-libpq.patch +++ b/postgresql-external-libpq.patch @@ -29,7 +29,7 @@ index b9d86ac..29df69f 100644 +libpq = -lpq # libpq_pgport is for use by client executables (not libraries) that use libpq. - # We force clients to pull symbols from the non-shared libraries libpgport + # We want clients to pull symbols from the non-shared libraries libpgport @@ -579,7 +579,6 @@ endif # Commonly used submake targets diff --git a/postgresql.spec b/postgresql.spec index 652388f..c8651be 100644 --- a/postgresql.spec +++ b/postgresql.spec @@ -59,8 +59,8 @@ Summary: PostgreSQL client programs Name: postgresql %global majorversion 12 -Version: %{majorversion}.15 -Release: 3%{?dist} +Version: %{majorversion}.17 +Release: 1%{?dist} # The PostgreSQL license is very similar to other MIT licenses, but the OSI # recognizes it as an independent license, so we do as well. @@ -1225,7 +1225,11 @@ make -C postgresql-setup-%{setup_version} check %changelog -* Tue Jul 12 2023 Dominik Rehák - 12.15-3 +* Tue Nov 28 2023 Dominik Rehák - 12.17-1 +- Update to version 12.17 + Fix: CVE-2023-5868, CVE-2023-5869, CVE-2023-5870 + +* Wed Jul 12 2023 Dominik Rehák - 12.15-3 - Update postgresql-setup to 8.7 (https://github.com/devexp-db/postgresql-setup/pull/35) * Tue Jul 11 2023 Dominik Rehák - 12.15-2 diff --git a/sources b/sources index 232169c..2fde146 100644 --- a/sources +++ b/sources @@ -1,6 +1,6 @@ -SHA512 (postgresql-12.15.tar.bz2) = 9c6765ec75948e19331180b74bd34a214a91cf6c764ec7baffb115e490584a07e0157aa56f425f49d508cd2a7a724a092d1bad6fb6b16749a48a12081202fc3e -SHA512 (postgresql-12.15.tar.bz2.sha256) = 51c86dcb74a739f2d74ee14bfb5dfeb8273b59bba385d53c94f1ef26242a0bc94f358d6729070dbe8388a03395c56040a893bc1abe63aeaa79e46b18ad6182a4 -SHA512 (postgresql-12.15-US.pdf) = e7362c2fc28e3c82022ad326237cd1ab9b1cab966cf36e7ddec8b0708d96ccf6d9392e115302b3773fcf34ba46c4e393a202a0985c4b711d363dd7d09b995b84 +SHA512 (postgresql-12.17.tar.bz2) = 8bf67475db4ec5baf058ca976ea3e416df39cd9d15131be3fa3c161edbfa93f74251d33b29d23b3084c95bbb73fb6606f4615e528129674047a75a86e7417373 +SHA512 (postgresql-12.17.tar.bz2.sha256) = 7da32978c4dd1c10447765b6b660912b9119e99ea919975a0257ca9bcf8b61ab0635726e3f6676989e9e06eb7d0025e6cc72c284bf7b94ff5ac2ab5d08137fa8 +SHA512 (postgresql-12.17-US.pdf) = e7048cfdaf96231e3633d0b0ad611f3909cf6391ed0a7d8ecbecaa467eb1fe84605b90b871f0b9675dee9cf9e5ddbcd1ecdc63010ec399d67b9437c01bbac1d6 SHA512 (postgresql-10.23.tar.bz2) = 9fd031cad0c3caacae105215167abd5dc4fdd15dea77a12cb0a977fab6e245e3fda163f202cc7786e50c69e5c3f180d32676a3b18ea30a9a14f0bcab56aa19dd SHA512 (postgresql-10.23.tar.bz2.sha256) = 1b8f25bb914b9c87679ff688625889a96f2e0e836a9fd0f19dcdf4e74798d96980cb09cb485cff7069b9fe6b9d5c03e162eac9d0ecb205e8e3f0d83358f641d2 SHA512 (postgresql-setup-8.7.tar.gz) = 741f036be517e7d9725e4f146ca7dac8b8a16b6a93d045a64ef268487f48faad6b08317b58e07ad16a31002d2a10de0ac32513a4935c3f22f48ec768a742d1fc