Compare commits
No commits in common. "a8-stream-12" and "c8-stream-10" have entirely different histories.
a8-stream-
...
c8-stream-
4
.gitignore
vendored
4
.gitignore
vendored
@ -1,4 +1,4 @@
|
|||||||
|
SOURCES/postgresql-10.23-US.pdf
|
||||||
SOURCES/postgresql-10.23.tar.bz2
|
SOURCES/postgresql-10.23.tar.bz2
|
||||||
SOURCES/postgresql-12.18-US.pdf
|
SOURCES/postgresql-9.2.24.tar.bz2
|
||||||
SOURCES/postgresql-12.18.tar.bz2
|
|
||||||
SOURCES/postgresql-setup-8.7.tar.gz
|
SOURCES/postgresql-setup-8.7.tar.gz
|
||||||
|
@ -1,4 +1,4 @@
|
|||||||
|
a416c245ff0815fbde534bc49b0a07ffdd373894 SOURCES/postgresql-10.23-US.pdf
|
||||||
2df7b4b3751112f3cb543c3ea81e45531bebc7a1 SOURCES/postgresql-10.23.tar.bz2
|
2df7b4b3751112f3cb543c3ea81e45531bebc7a1 SOURCES/postgresql-10.23.tar.bz2
|
||||||
09c34b7d3c945b13446a5178caeaa8d5bfbc5df3 SOURCES/postgresql-12.18-US.pdf
|
63d6966ccdbab6aae1f9754fdb8e341ada1ef653 SOURCES/postgresql-9.2.24.tar.bz2
|
||||||
bfc52715c915561039ce3052c93df9e667c4e0b6 SOURCES/postgresql-12.18.tar.bz2
|
|
||||||
fb97095dc9648f9c31d58fcb406831da5e419ddf SOURCES/postgresql-setup-8.7.tar.gz
|
fb97095dc9648f9c31d58fcb406831da5e419ddf SOURCES/postgresql-setup-8.7.tar.gz
|
||||||
|
@ -47,9 +47,7 @@ installcheck-parallel: cleandirs
|
|||||||
cleandirs:
|
cleandirs:
|
||||||
-rm -rf testtablespace results
|
-rm -rf testtablespace results
|
||||||
mkdir testtablespace results
|
mkdir testtablespace results
|
||||||
if test -x /usr/bin/chcon && ! test -f /.dockerenv; then \
|
[ -x /usr/bin/chcon ] && /usr/bin/chcon -u system_u -r object_r -t postgresql_db_t testtablespace results
|
||||||
/usr/bin/chcon -u system_u -r object_r -t postgresql_db_t testtablespace results ; \
|
|
||||||
fi
|
|
||||||
|
|
||||||
# old interfaces follow...
|
# old interfaces follow...
|
||||||
|
|
||||||
|
249
SOURCES/postgresql-10.23-CVE-2023-2454.patch
Normal file
249
SOURCES/postgresql-10.23-CVE-2023-2454.patch
Normal file
@ -0,0 +1,249 @@
|
|||||||
|
From 681d9e4621aac0a9c71364b6f54f00f6d8c4337f Mon Sep 17 00:00:00 2001
|
||||||
|
From 8d525d7b9545884a3e0d79adcd61543f9ae2ae28 Mon Sep 17 00:00:00 2001
|
||||||
|
From: Noah Misch <noah@leadboat.com>
|
||||||
|
Date: Mon, 8 May 2023 06:14:07 -0700
|
||||||
|
Subject: Replace last PushOverrideSearchPath() call with
|
||||||
|
set_config_option().
|
||||||
|
|
||||||
|
The two methods don't cooperate, so set_config_option("search_path",
|
||||||
|
...) has been ineffective under non-empty overrideStack. This defect
|
||||||
|
enabled an attacker having database-level CREATE privilege to execute
|
||||||
|
arbitrary code as the bootstrap superuser. While that particular attack
|
||||||
|
requires v13+ for the trusted extension attribute, other attacks are
|
||||||
|
feasible in all supported versions.
|
||||||
|
|
||||||
|
Standardize on the combination of NewGUCNestLevel() and
|
||||||
|
set_config_option("search_path", ...). It is newer than
|
||||||
|
PushOverrideSearchPath(), more-prevalent, and has no known
|
||||||
|
disadvantages. The "override" mechanism remains for now, for
|
||||||
|
compatibility with out-of-tree code. Users should update such code,
|
||||||
|
which likely suffers from the same sort of vulnerability closed here.
|
||||||
|
Back-patch to v11 (all supported versions).
|
||||||
|
|
||||||
|
Alexander Lakhin. Reported by Alexander Lakhin.
|
||||||
|
|
||||||
|
Security: CVE-2023-2454
|
||||||
|
---
|
||||||
|
contrib/seg/Makefile | 2 +-
|
||||||
|
contrib/seg/expected/security.out | 32 ++++++++++++++++++
|
||||||
|
contrib/seg/sql/security.sql | 32 ++++++++++++++++++
|
||||||
|
src/backend/catalog/namespace.c | 4 +++
|
||||||
|
src/backend/commands/schemacmds.c | 37 ++++++++++++++------
|
||||||
|
src/test/regress/expected/namespace.out | 45 +++++++++++++++++++++++++
|
||||||
|
src/test/regress/sql/namespace.sql | 24 +++++++++++++
|
||||||
|
7 files changed, 165 insertions(+), 11 deletions(-)
|
||||||
|
create mode 100644 contrib/seg/expected/security.out
|
||||||
|
create mode 100644 contrib/seg/sql/security.sql
|
||||||
|
|
||||||
|
diff --git a/src/backend/catalog/namespace.c b/src/backend/catalog/namespace.c
|
||||||
|
index 14e57adee2..73ddb67882 100644
|
||||||
|
--- a/src/backend/catalog/namespace.c
|
||||||
|
+++ b/src/backend/catalog/namespace.c
|
||||||
|
@@ -3515,6 +3515,10 @@ OverrideSearchPathMatchesCurrent(OverrideSearchPath *path)
|
||||||
|
/*
|
||||||
|
* PushOverrideSearchPath - temporarily override the search path
|
||||||
|
*
|
||||||
|
+ * Do not use this function; almost any usage introduces a security
|
||||||
|
+ * vulnerability. It exists for the benefit of legacy code running in
|
||||||
|
+ * non-security-sensitive environments.
|
||||||
|
+ *
|
||||||
|
* We allow nested overrides, hence the push/pop terminology. The GUC
|
||||||
|
* search_path variable is ignored while an override is active.
|
||||||
|
*
|
||||||
|
diff --git a/src/backend/commands/schemacmds.c b/src/backend/commands/schemacmds.c
|
||||||
|
index 48590247f8..b6a71154a8 100644
|
||||||
|
--- a/src/backend/commands/schemacmds.c
|
||||||
|
+++ b/src/backend/commands/schemacmds.c
|
||||||
|
@@ -30,6 +30,7 @@
|
||||||
|
#include "commands/schemacmds.h"
|
||||||
|
#include "miscadmin.h"
|
||||||
|
#include "parser/parse_utilcmd.h"
|
||||||
|
+#include "parser/scansup.h"
|
||||||
|
#include "tcop/utility.h"
|
||||||
|
#include "utils/acl.h"
|
||||||
|
#include "utils/builtins.h"
|
||||||
|
@@ -53,14 +54,16 @@ CreateSchemaCommand(CreateSchemaStmt *stmt, const char *queryString,
|
||||||
|
{
|
||||||
|
const char *schemaName = stmt->schemaname;
|
||||||
|
Oid namespaceId;
|
||||||
|
- OverrideSearchPath *overridePath;
|
||||||
|
List *parsetree_list;
|
||||||
|
ListCell *parsetree_item;
|
||||||
|
Oid owner_uid;
|
||||||
|
Oid saved_uid;
|
||||||
|
int save_sec_context;
|
||||||
|
+ int save_nestlevel;
|
||||||
|
+ char *nsp = namespace_search_path;
|
||||||
|
AclResult aclresult;
|
||||||
|
ObjectAddress address;
|
||||||
|
+ StringInfoData pathbuf;
|
||||||
|
|
||||||
|
GetUserIdAndSecContext(&saved_uid, &save_sec_context);
|
||||||
|
|
||||||
|
@@ -153,14 +156,26 @@ CreateSchemaCommand(CreateSchemaStmt *stmt, const char *queryString,
|
||||||
|
CommandCounterIncrement();
|
||||||
|
|
||||||
|
/*
|
||||||
|
- * Temporarily make the new namespace be the front of the search path, as
|
||||||
|
- * well as the default creation target namespace. This will be undone at
|
||||||
|
- * the end of this routine, or upon error.
|
||||||
|
+ * Prepend the new schema to the current search path.
|
||||||
|
+ *
|
||||||
|
+ * We use the equivalent of a function SET option to allow the setting to
|
||||||
|
+ * persist for exactly the duration of the schema creation. guc.c also
|
||||||
|
+ * takes care of undoing the setting on error.
|
||||||
|
*/
|
||||||
|
- overridePath = GetOverrideSearchPath(CurrentMemoryContext);
|
||||||
|
- overridePath->schemas = lcons_oid(namespaceId, overridePath->schemas);
|
||||||
|
- /* XXX should we clear overridePath->useTemp? */
|
||||||
|
- PushOverrideSearchPath(overridePath);
|
||||||
|
+ save_nestlevel = NewGUCNestLevel();
|
||||||
|
+
|
||||||
|
+ initStringInfo(&pathbuf);
|
||||||
|
+ appendStringInfoString(&pathbuf, quote_identifier(schemaName));
|
||||||
|
+
|
||||||
|
+ while (scanner_isspace(*nsp))
|
||||||
|
+ nsp++;
|
||||||
|
+
|
||||||
|
+ if (*nsp != '\0')
|
||||||
|
+ appendStringInfo(&pathbuf, ", %s", nsp);
|
||||||
|
+
|
||||||
|
+ (void) set_config_option("search_path", pathbuf.data,
|
||||||
|
+ PGC_USERSET, PGC_S_SESSION,
|
||||||
|
+ GUC_ACTION_SAVE, true, 0, false);
|
||||||
|
|
||||||
|
/*
|
||||||
|
* Report the new schema to possibly interested event triggers. Note we
|
||||||
|
@@ -215,8 +230,10 @@ CreateSchemaCommand(CreateSchemaStmt *stmt, const char *queryString,
|
||||||
|
CommandCounterIncrement();
|
||||||
|
}
|
||||||
|
|
||||||
|
- /* Reset search path to normal state */
|
||||||
|
- PopOverrideSearchPath();
|
||||||
|
+ /*
|
||||||
|
+ * Restore the GUC variable search_path we set above.
|
||||||
|
+ */
|
||||||
|
+ AtEOXact_GUC(true, save_nestlevel);
|
||||||
|
|
||||||
|
/* Reset current user and security context */
|
||||||
|
SetUserIdAndSecContext(saved_uid, save_sec_context);
|
||||||
|
diff --git a/src/test/regress/expected/namespace.out b/src/test/regress/expected/namespace.out
|
||||||
|
index 2564d1b080..a62fd8ded0 100644
|
||||||
|
--- a/src/test/regress/expected/namespace.out
|
||||||
|
+++ b/src/test/regress/expected/namespace.out
|
||||||
|
@@ -1,6 +1,14 @@
|
||||||
|
--
|
||||||
|
-- Regression tests for schemas (namespaces)
|
||||||
|
--
|
||||||
|
+-- set the whitespace-only search_path to test that the
|
||||||
|
+-- GUC list syntax is preserved during a schema creation
|
||||||
|
+SELECT pg_catalog.set_config('search_path', ' ', false);
|
||||||
|
+ set_config
|
||||||
|
+------------
|
||||||
|
+
|
||||||
|
+(1 row)
|
||||||
|
+
|
||||||
|
CREATE SCHEMA test_schema_1
|
||||||
|
CREATE UNIQUE INDEX abc_a_idx ON abc (a)
|
||||||
|
CREATE VIEW abc_view AS
|
||||||
|
@@ -9,6 +17,43 @@ CREATE SCHEMA test_schema_1
|
||||||
|
a serial,
|
||||||
|
b int UNIQUE
|
||||||
|
);
|
||||||
|
+-- verify that the correct search_path restored on abort
|
||||||
|
+SET search_path to public;
|
||||||
|
+BEGIN;
|
||||||
|
+SET search_path to public, test_schema_1;
|
||||||
|
+CREATE SCHEMA test_schema_2
|
||||||
|
+ CREATE VIEW abc_view AS SELECT c FROM abc;
|
||||||
|
+ERROR: column "c" does not exist
|
||||||
|
+LINE 2: CREATE VIEW abc_view AS SELECT c FROM abc;
|
||||||
|
+ ^
|
||||||
|
+COMMIT;
|
||||||
|
+SHOW search_path;
|
||||||
|
+ search_path
|
||||||
|
+-------------
|
||||||
|
+ public
|
||||||
|
+(1 row)
|
||||||
|
+
|
||||||
|
+-- verify that the correct search_path preserved
|
||||||
|
+-- after creating the schema and on commit
|
||||||
|
+BEGIN;
|
||||||
|
+SET search_path to public, test_schema_1;
|
||||||
|
+CREATE SCHEMA test_schema_2
|
||||||
|
+ CREATE VIEW abc_view AS SELECT a FROM abc;
|
||||||
|
+SHOW search_path;
|
||||||
|
+ search_path
|
||||||
|
+-----------------------
|
||||||
|
+ public, test_schema_1
|
||||||
|
+(1 row)
|
||||||
|
+
|
||||||
|
+COMMIT;
|
||||||
|
+SHOW search_path;
|
||||||
|
+ search_path
|
||||||
|
+-----------------------
|
||||||
|
+ public, test_schema_1
|
||||||
|
+(1 row)
|
||||||
|
+
|
||||||
|
+DROP SCHEMA test_schema_2 CASCADE;
|
||||||
|
+NOTICE: drop cascades to view test_schema_2.abc_view
|
||||||
|
-- verify that the objects were created
|
||||||
|
SELECT COUNT(*) FROM pg_class WHERE relnamespace =
|
||||||
|
(SELECT oid FROM pg_namespace WHERE nspname = 'test_schema_1');
|
||||||
|
diff --git a/src/test/regress/sql/namespace.sql b/src/test/regress/sql/namespace.sql
|
||||||
|
index 6b12c96193..3474f5ecf4 100644
|
||||||
|
--- a/src/test/regress/sql/namespace.sql
|
||||||
|
+++ b/src/test/regress/sql/namespace.sql
|
||||||
|
@@ -2,6 +2,10 @@
|
||||||
|
-- Regression tests for schemas (namespaces)
|
||||||
|
--
|
||||||
|
|
||||||
|
+-- set the whitespace-only search_path to test that the
|
||||||
|
+-- GUC list syntax is preserved during a schema creation
|
||||||
|
+SELECT pg_catalog.set_config('search_path', ' ', false);
|
||||||
|
+
|
||||||
|
CREATE SCHEMA test_schema_1
|
||||||
|
CREATE UNIQUE INDEX abc_a_idx ON abc (a)
|
||||||
|
|
||||||
|
@@ -13,6 +17,26 @@ CREATE SCHEMA test_schema_1
|
||||||
|
b int UNIQUE
|
||||||
|
);
|
||||||
|
|
||||||
|
+-- verify that the correct search_path restored on abort
|
||||||
|
+SET search_path to public;
|
||||||
|
+BEGIN;
|
||||||
|
+SET search_path to public, test_schema_1;
|
||||||
|
+CREATE SCHEMA test_schema_2
|
||||||
|
+ CREATE VIEW abc_view AS SELECT c FROM abc;
|
||||||
|
+COMMIT;
|
||||||
|
+SHOW search_path;
|
||||||
|
+
|
||||||
|
+-- verify that the correct search_path preserved
|
||||||
|
+-- after creating the schema and on commit
|
||||||
|
+BEGIN;
|
||||||
|
+SET search_path to public, test_schema_1;
|
||||||
|
+CREATE SCHEMA test_schema_2
|
||||||
|
+ CREATE VIEW abc_view AS SELECT a FROM abc;
|
||||||
|
+SHOW search_path;
|
||||||
|
+COMMIT;
|
||||||
|
+SHOW search_path;
|
||||||
|
+DROP SCHEMA test_schema_2 CASCADE;
|
||||||
|
+
|
||||||
|
-- verify that the objects were created
|
||||||
|
SELECT COUNT(*) FROM pg_class WHERE relnamespace =
|
||||||
|
(SELECT oid FROM pg_namespace WHERE nspname = 'test_schema_1');
|
||||||
|
diff --git a/contrib/sepgsql/expected/ddl.out b/contrib/sepgsql/expected/ddl.out
|
||||||
|
index e8da587564..15d2b9c5e7 100644
|
||||||
|
--- a/contrib/sepgsql/expected/ddl.out
|
||||||
|
+++ b/contrib/sepgsql/expected/ddl.out
|
||||||
|
@@ -24,7 +24,6 @@ LOG: SELinux: allowed { create } scontext=unconfined_u:unconfined_r:sepgsql_reg
|
||||||
|
CREATE USER regress_sepgsql_test_user;
|
||||||
|
CREATE SCHEMA regtest_schema;
|
||||||
|
LOG: SELinux: allowed { create } scontext=unconfined_u:unconfined_r:sepgsql_regtest_superuser_t:s0 tcontext=unconfined_u:object_r:sepgsql_schema_t:s0 tclass=db_schema name="regtest_schema"
|
||||||
|
-LOG: SELinux: allowed { search } scontext=unconfined_u:unconfined_r:sepgsql_regtest_superuser_t:s0 tcontext=system_u:object_r:sepgsql_schema_t:s0 tclass=db_schema name="public"
|
||||||
|
GRANT ALL ON SCHEMA regtest_schema TO regress_sepgsql_test_user;
|
||||||
|
SET search_path = regtest_schema, public;
|
||||||
|
CREATE TABLE regtest_table (x serial primary key, y text);
|
||||||
|
--
|
||||||
|
2.41.0
|
||||||
|
|
114
SOURCES/postgresql-10.23-CVE-2023-2455.patch
Normal file
114
SOURCES/postgresql-10.23-CVE-2023-2455.patch
Normal file
@ -0,0 +1,114 @@
|
|||||||
|
From ca73753b090c33bc69ce299b4d7fff891a77b8ad Mon Sep 17 00:00:00 2001
|
||||||
|
From: Tom Lane <tgl@sss.pgh.pa.us>
|
||||||
|
Date: Mon, 8 May 2023 10:12:44 -0400
|
||||||
|
Subject: Handle RLS dependencies in inlined set-returning
|
||||||
|
functions properly.
|
||||||
|
|
||||||
|
If an SRF in the FROM clause references a table having row-level
|
||||||
|
security policies, and we inline that SRF into the calling query,
|
||||||
|
we neglected to mark the plan as potentially dependent on which
|
||||||
|
role is executing it. This could lead to later executions in the
|
||||||
|
same session returning or hiding rows that should have been hidden
|
||||||
|
or returned instead.
|
||||||
|
|
||||||
|
Our thanks to Wolfgang Walther for reporting this problem.
|
||||||
|
|
||||||
|
Stephen Frost and Tom Lane
|
||||||
|
|
||||||
|
Security: CVE-2023-2455
|
||||||
|
---
|
||||||
|
src/backend/optimizer/util/clauses.c | 7 ++++++
|
||||||
|
src/test/regress/expected/rowsecurity.out | 27 +++++++++++++++++++++++
|
||||||
|
src/test/regress/sql/rowsecurity.sql | 20 +++++++++++++++++
|
||||||
|
3 files changed, 54 insertions(+)
|
||||||
|
|
||||||
|
diff --git a/src/backend/optimizer/util/clauses.c b/src/backend/optimizer/util/clauses.c
|
||||||
|
index a9c7bc342e..11269fee3e 100644
|
||||||
|
--- a/src/backend/optimizer/util/clauses.c
|
||||||
|
+++ b/src/backend/optimizer/util/clauses.c
|
||||||
|
@@ -5205,6 +5205,13 @@ inline_set_returning_function(PlannerInfo *root, RangeTblEntry *rte)
|
||||||
|
*/
|
||||||
|
record_plan_function_dependency(root, func_oid);
|
||||||
|
|
||||||
|
+ /*
|
||||||
|
+ * We must also notice if the inserted query adds a dependency on the
|
||||||
|
+ * calling role due to RLS quals.
|
||||||
|
+ */
|
||||||
|
+ if (querytree->hasRowSecurity)
|
||||||
|
+ root->glob->dependsOnRole = true;
|
||||||
|
+
|
||||||
|
return querytree;
|
||||||
|
|
||||||
|
/* Here if func is not inlinable: release temp memory and return NULL */
|
||||||
|
diff --git a/src/test/regress/expected/rowsecurity.out b/src/test/regress/expected/rowsecurity.out
|
||||||
|
index 38f53ed486..e278346420 100644
|
||||||
|
--- a/src/test/regress/expected/rowsecurity.out
|
||||||
|
+++ b/src/test/regress/expected/rowsecurity.out
|
||||||
|
@@ -4427,6 +4427,33 @@ SELECT * FROM rls_tbl;
|
||||||
|
|
||||||
|
DROP TABLE rls_tbl;
|
||||||
|
RESET SESSION AUTHORIZATION;
|
||||||
|
+-- CVE-2023-2455: inlining an SRF may introduce an RLS dependency
|
||||||
|
+create table rls_t (c text);
|
||||||
|
+insert into rls_t values ('invisible to bob');
|
||||||
|
+alter table rls_t enable row level security;
|
||||||
|
+grant select on rls_t to regress_rls_alice, regress_rls_bob;
|
||||||
|
+create policy p1 on rls_t for select to regress_rls_alice using (true);
|
||||||
|
+create policy p2 on rls_t for select to regress_rls_bob using (false);
|
||||||
|
+create function rls_f () returns setof rls_t
|
||||||
|
+ stable language sql
|
||||||
|
+ as $$ select * from rls_t $$;
|
||||||
|
+prepare q as select current_user, * from rls_f();
|
||||||
|
+set role regress_rls_alice;
|
||||||
|
+execute q;
|
||||||
|
+ current_user | c
|
||||||
|
+-------------------+------------------
|
||||||
|
+ regress_rls_alice | invisible to bob
|
||||||
|
+(1 row)
|
||||||
|
+
|
||||||
|
+set role regress_rls_bob;
|
||||||
|
+execute q;
|
||||||
|
+ current_user | c
|
||||||
|
+--------------+---
|
||||||
|
+(0 rows)
|
||||||
|
+
|
||||||
|
+RESET ROLE;
|
||||||
|
+DROP FUNCTION rls_f();
|
||||||
|
+DROP TABLE rls_t;
|
||||||
|
--
|
||||||
|
-- Clean up objects
|
||||||
|
--
|
||||||
|
diff --git a/src/test/regress/sql/rowsecurity.sql b/src/test/regress/sql/rowsecurity.sql
|
||||||
|
index 0fd0cded7d..3d664538a6 100644
|
||||||
|
--- a/src/test/regress/sql/rowsecurity.sql
|
||||||
|
+++ b/src/test/regress/sql/rowsecurity.sql
|
||||||
|
@@ -2127,6 +2127,26 @@ SELECT * FROM rls_tbl;
|
||||||
|
DROP TABLE rls_tbl;
|
||||||
|
RESET SESSION AUTHORIZATION;
|
||||||
|
|
||||||
|
+-- CVE-2023-2455: inlining an SRF may introduce an RLS dependency
|
||||||
|
+create table rls_t (c text);
|
||||||
|
+insert into rls_t values ('invisible to bob');
|
||||||
|
+alter table rls_t enable row level security;
|
||||||
|
+grant select on rls_t to regress_rls_alice, regress_rls_bob;
|
||||||
|
+create policy p1 on rls_t for select to regress_rls_alice using (true);
|
||||||
|
+create policy p2 on rls_t for select to regress_rls_bob using (false);
|
||||||
|
+create function rls_f () returns setof rls_t
|
||||||
|
+ stable language sql
|
||||||
|
+ as $$ select * from rls_t $$;
|
||||||
|
+prepare q as select current_user, * from rls_f();
|
||||||
|
+set role regress_rls_alice;
|
||||||
|
+execute q;
|
||||||
|
+set role regress_rls_bob;
|
||||||
|
+execute q;
|
||||||
|
+
|
||||||
|
+RESET ROLE;
|
||||||
|
+DROP FUNCTION rls_f();
|
||||||
|
+DROP TABLE rls_t;
|
||||||
|
+
|
||||||
|
--
|
||||||
|
-- Clean up objects
|
||||||
|
--
|
||||||
|
--
|
||||||
|
2.41.0
|
||||||
|
|
576
SOURCES/postgresql-10.23-CVE-2023-5869.patch
Normal file
576
SOURCES/postgresql-10.23-CVE-2023-5869.patch
Normal file
@ -0,0 +1,576 @@
|
|||||||
|
From d267cea24ea346c739c85bf7bccbd8e8f59da6b3 Mon Sep 17 00:00:00 2001
|
||||||
|
From: Tom Lane <tgl@sss.pgh.pa.us>
|
||||||
|
Date: Mon, 6 Nov 2023 10:56:43 -0500
|
||||||
|
Subject: [PATCH 1/1] Detect integer overflow while computing new array
|
||||||
|
dimensions.
|
||||||
|
|
||||||
|
array_set_element() and related functions allow an array to be
|
||||||
|
enlarged by assigning to subscripts outside the current array bounds.
|
||||||
|
While these places were careful to check that the new bounds are
|
||||||
|
allowable, they neglected to consider the risk of integer overflow
|
||||||
|
in computing the new bounds. In edge cases, we could compute new
|
||||||
|
bounds that are invalid but get past the subsequent checks,
|
||||||
|
allowing bad things to happen. Memory stomps that are potentially
|
||||||
|
exploitable for arbitrary code execution are possible, and so is
|
||||||
|
disclosure of server memory.
|
||||||
|
|
||||||
|
To fix, perform the hazardous computations using overflow-detecting
|
||||||
|
arithmetic routines, which fortunately exist in all still-supported
|
||||||
|
branches.
|
||||||
|
|
||||||
|
The test cases added for this generate (after patching) errors that
|
||||||
|
mention the value of MaxArraySize, which is platform-dependent.
|
||||||
|
Rather than introduce multiple expected-files, use psql's VERBOSITY
|
||||||
|
parameter to suppress the printing of the message text. v11 psql
|
||||||
|
lacks that parameter, so omit the tests in that branch.
|
||||||
|
|
||||||
|
Our thanks to Pedro Gallegos for reporting this problem.
|
||||||
|
|
||||||
|
Security: CVE-2023-5869
|
||||||
|
Sign-Off-By: Tianyue Lan <tianyue.lan@oracle.com>
|
||||||
|
|
||||||
|
---
|
||||||
|
src/backend/utils/adt/arrayfuncs.c | 85 ++++++++++++++++++++++------
|
||||||
|
src/backend/utils/adt/arrayutils.c | 6 --
|
||||||
|
src/include/utils/array.h | 7 +++
|
||||||
|
src/test/regress/expected/arrays.out | 17 ++++++
|
||||||
|
src/test/regress/sql/arrays.sql | 19 +++++++
|
||||||
|
src/include/common/int.h | 273 +++++++++++++++++++++++++++++++++++++++
|
||||||
|
create mode 100644 src/include/common/int.h
|
||||||
|
6 files changed, 383 insertions(+), 24 deletions(-)
|
||||||
|
|
||||||
|
diff --git a/src/backend/utils/adt/arrayfuncs.c b/src/backend/utils/adt/arrayfuncs.c
|
||||||
|
index 553c517..7363893 100644
|
||||||
|
--- a/src/backend/utils/adt/arrayfuncs.c
|
||||||
|
+++ b/src/backend/utils/adt/arrayfuncs.c
|
||||||
|
@@ -22,6 +22,7 @@
|
||||||
|
|
||||||
|
#include "access/htup_details.h"
|
||||||
|
#include "catalog/pg_type.h"
|
||||||
|
+#include "common/int.h"
|
||||||
|
#include "funcapi.h"
|
||||||
|
#include "libpq/pqformat.h"
|
||||||
|
#include "utils/array.h"
|
||||||
|
@@ -2309,22 +2310,38 @@ array_set_element(Datum arraydatum,
|
||||||
|
addedbefore = addedafter = 0;
|
||||||
|
|
||||||
|
/*
|
||||||
|
- * Check subscripts
|
||||||
|
+ * Check subscripts. We assume the existing subscripts passed
|
||||||
|
+ * ArrayCheckBounds, so that dim[i] + lb[i] can be computed without
|
||||||
|
+ * overflow. But we must beware of other overflows in our calculations of
|
||||||
|
+ * new dim[] values.
|
||||||
|
*/
|
||||||
|
if (ndim == 1)
|
||||||
|
{
|
||||||
|
if (indx[0] < lb[0])
|
||||||
|
{
|
||||||
|
- addedbefore = lb[0] - indx[0];
|
||||||
|
- dim[0] += addedbefore;
|
||||||
|
+ /* addedbefore = lb[0] - indx[0]; */
|
||||||
|
+ /* dim[0] += addedbefore; */
|
||||||
|
+ if (pg_sub_s32_overflow(lb[0], indx[0], &addedbefore) ||
|
||||||
|
+ pg_add_s32_overflow(dim[0], addedbefore, &dim[0]))
|
||||||
|
+ ereport(ERROR,
|
||||||
|
+ (errcode(ERRCODE_PROGRAM_LIMIT_EXCEEDED),
|
||||||
|
+ errmsg("array size exceeds the maximum allowed (%d)",
|
||||||
|
+ (int) MaxArraySize)));
|
||||||
|
lb[0] = indx[0];
|
||||||
|
if (addedbefore > 1)
|
||||||
|
newhasnulls = true; /* will insert nulls */
|
||||||
|
}
|
||||||
|
if (indx[0] >= (dim[0] + lb[0]))
|
||||||
|
{
|
||||||
|
- addedafter = indx[0] - (dim[0] + lb[0]) + 1;
|
||||||
|
- dim[0] += addedafter;
|
||||||
|
+ /* addedafter = indx[0] - (dim[0] + lb[0]) + 1; */
|
||||||
|
+ /* dim[0] += addedafter; */
|
||||||
|
+ if (pg_sub_s32_overflow(indx[0], dim[0] + lb[0], &addedafter) ||
|
||||||
|
+ pg_add_s32_overflow(addedafter, 1, &addedafter) ||
|
||||||
|
+ pg_add_s32_overflow(dim[0], addedafter, &dim[0]))
|
||||||
|
+ ereport(ERROR,
|
||||||
|
+ (errcode(ERRCODE_PROGRAM_LIMIT_EXCEEDED),
|
||||||
|
+ errmsg("array size exceeds the maximum allowed (%d)",
|
||||||
|
+ (int) MaxArraySize)));
|
||||||
|
if (addedafter > 1)
|
||||||
|
newhasnulls = true; /* will insert nulls */
|
||||||
|
}
|
||||||
|
@@ -2568,14 +2585,23 @@ array_set_element_expanded(Datum arraydatum,
|
||||||
|
addedbefore = addedafter = 0;
|
||||||
|
|
||||||
|
/*
|
||||||
|
- * Check subscripts (this logic matches original array_set_element)
|
||||||
|
+ * Check subscripts (this logic must match array_set_element). We assume
|
||||||
|
+ * the existing subscripts passed ArrayCheckBounds, so that dim[i] + lb[i]
|
||||||
|
+ * can be computed without overflow. But we must beware of other
|
||||||
|
+ * overflows in our calculations of new dim[] values.
|
||||||
|
*/
|
||||||
|
if (ndim == 1)
|
||||||
|
{
|
||||||
|
if (indx[0] < lb[0])
|
||||||
|
{
|
||||||
|
- addedbefore = lb[0] - indx[0];
|
||||||
|
- dim[0] += addedbefore;
|
||||||
|
+ /* addedbefore = lb[0] - indx[0]; */
|
||||||
|
+ /* dim[0] += addedbefore; */
|
||||||
|
+ if (pg_sub_s32_overflow(lb[0], indx[0], &addedbefore) ||
|
||||||
|
+ pg_add_s32_overflow(dim[0], addedbefore, &dim[0]))
|
||||||
|
+ ereport(ERROR,
|
||||||
|
+ (errcode(ERRCODE_PROGRAM_LIMIT_EXCEEDED),
|
||||||
|
+ errmsg("array size exceeds the maximum allowed (%d)",
|
||||||
|
+ (int) MaxArraySize)));
|
||||||
|
lb[0] = indx[0];
|
||||||
|
dimschanged = true;
|
||||||
|
if (addedbefore > 1)
|
||||||
|
@@ -2583,8 +2609,15 @@ array_set_element_expanded(Datum arraydatum,
|
||||||
|
}
|
||||||
|
if (indx[0] >= (dim[0] + lb[0]))
|
||||||
|
{
|
||||||
|
- addedafter = indx[0] - (dim[0] + lb[0]) + 1;
|
||||||
|
- dim[0] += addedafter;
|
||||||
|
+ /* addedafter = indx[0] - (dim[0] + lb[0]) + 1; */
|
||||||
|
+ /* dim[0] += addedafter; */
|
||||||
|
+ if (pg_sub_s32_overflow(indx[0], dim[0] + lb[0], &addedafter) ||
|
||||||
|
+ pg_add_s32_overflow(addedafter, 1, &addedafter) ||
|
||||||
|
+ pg_add_s32_overflow(dim[0], addedafter, &dim[0]))
|
||||||
|
+ ereport(ERROR,
|
||||||
|
+ (errcode(ERRCODE_PROGRAM_LIMIT_EXCEEDED),
|
||||||
|
+ errmsg("array size exceeds the maximum allowed (%d)",
|
||||||
|
+ (int) MaxArraySize)));
|
||||||
|
dimschanged = true;
|
||||||
|
if (addedafter > 1)
|
||||||
|
newhasnulls = true; /* will insert nulls */
|
||||||
|
@@ -2866,7 +2899,10 @@ array_set_slice(Datum arraydatum,
|
||||||
|
addedbefore = addedafter = 0;
|
||||||
|
|
||||||
|
/*
|
||||||
|
- * Check subscripts
|
||||||
|
+ * Check subscripts. We assume the existing subscripts passed
|
||||||
|
+ * ArrayCheckBounds, so that dim[i] + lb[i] can be computed without
|
||||||
|
+ * overflow. But we must beware of other overflows in our calculations of
|
||||||
|
+ * new dim[] values.
|
||||||
|
*/
|
||||||
|
if (ndim == 1)
|
||||||
|
{
|
||||||
|
@@ -2881,18 +2917,31 @@ array_set_slice(Datum arraydatum,
|
||||||
|
errmsg("upper bound cannot be less than lower bound")));
|
||||||
|
if (lowerIndx[0] < lb[0])
|
||||||
|
{
|
||||||
|
- if (upperIndx[0] < lb[0] - 1)
|
||||||
|
- newhasnulls = true; /* will insert nulls */
|
||||||
|
- addedbefore = lb[0] - lowerIndx[0];
|
||||||
|
- dim[0] += addedbefore;
|
||||||
|
+ /* addedbefore = lb[0] - lowerIndx[0]; */
|
||||||
|
+ /* dim[0] += addedbefore; */
|
||||||
|
+ if (pg_sub_s32_overflow(lb[0], lowerIndx[0], &addedbefore) ||
|
||||||
|
+ pg_add_s32_overflow(dim[0], addedbefore, &dim[0]))
|
||||||
|
+ ereport(ERROR,
|
||||||
|
+ (errcode(ERRCODE_PROGRAM_LIMIT_EXCEEDED),
|
||||||
|
+ errmsg("array size exceeds the maximum allowed (%d)",
|
||||||
|
+ (int) MaxArraySize)));
|
||||||
|
lb[0] = lowerIndx[0];
|
||||||
|
+ if (addedbefore > 1)
|
||||||
|
+ newhasnulls = true; /* will insert nulls */
|
||||||
|
}
|
||||||
|
if (upperIndx[0] >= (dim[0] + lb[0]))
|
||||||
|
{
|
||||||
|
- if (lowerIndx[0] > (dim[0] + lb[0]))
|
||||||
|
+ /* addedafter = upperIndx[0] - (dim[0] + lb[0]) + 1; */
|
||||||
|
+ /* dim[0] += addedafter; */
|
||||||
|
+ if (pg_sub_s32_overflow(upperIndx[0], dim[0] + lb[0], &addedafter) ||
|
||||||
|
+ pg_add_s32_overflow(addedafter, 1, &addedafter) ||
|
||||||
|
+ pg_add_s32_overflow(dim[0], addedafter, &dim[0]))
|
||||||
|
+ ereport(ERROR,
|
||||||
|
+ (errcode(ERRCODE_PROGRAM_LIMIT_EXCEEDED),
|
||||||
|
+ errmsg("array size exceeds the maximum allowed (%d)",
|
||||||
|
+ (int) MaxArraySize)));
|
||||||
|
+ if (addedafter > 1)
|
||||||
|
newhasnulls = true; /* will insert nulls */
|
||||||
|
- addedafter = upperIndx[0] - (dim[0] + lb[0]) + 1;
|
||||||
|
- dim[0] += addedafter;
|
||||||
|
}
|
||||||
|
}
|
||||||
|
else
|
||||||
|
diff --git a/src/backend/utils/adt/arrayutils.c b/src/backend/utils/adt/arrayutils.c
|
||||||
|
index f7c6a51..eb5f2a0 100644
|
||||||
|
--- a/src/backend/utils/adt/arrayutils.c
|
||||||
|
+++ b/src/backend/utils/adt/arrayutils.c
|
||||||
|
@@ -63,10 +63,6 @@ ArrayGetOffset0(int n, const int *tup, const int *scale)
|
||||||
|
* This must do overflow checking, since it is used to validate that a user
|
||||||
|
* dimensionality request doesn't overflow what we can handle.
|
||||||
|
*
|
||||||
|
- * We limit array sizes to at most about a quarter billion elements,
|
||||||
|
- * so that it's not necessary to check for overflow in quite so many
|
||||||
|
- * places --- for instance when palloc'ing Datum arrays.
|
||||||
|
- *
|
||||||
|
* The multiplication overflow check only works on machines that have int64
|
||||||
|
* arithmetic, but that is nearly all platforms these days, and doing check
|
||||||
|
* divides for those that don't seems way too expensive.
|
||||||
|
@@ -77,8 +73,6 @@ ArrayGetNItems(int ndim, const int *dims)
|
||||||
|
int32 ret;
|
||||||
|
int i;
|
||||||
|
|
||||||
|
-#define MaxArraySize ((Size) (MaxAllocSize / sizeof(Datum)))
|
||||||
|
-
|
||||||
|
if (ndim <= 0)
|
||||||
|
return 0;
|
||||||
|
ret = 1;
|
||||||
|
diff --git a/src/include/utils/array.h b/src/include/utils/array.h
|
||||||
|
index 905f6b0..3e4c09d 100644
|
||||||
|
--- a/src/include/utils/array.h
|
||||||
|
+++ b/src/include/utils/array.h
|
||||||
|
@@ -65,6 +65,13 @@
|
||||||
|
#include "utils/expandeddatum.h"
|
||||||
|
|
||||||
|
|
||||||
|
+/*
|
||||||
|
+ * Maximum number of elements in an array. We limit this to at most about a
|
||||||
|
+ * quarter billion elements, so that it's not necessary to check for overflow
|
||||||
|
+ * in quite so many places --- for instance when palloc'ing Datum arrays.
|
||||||
|
+ */
|
||||||
|
+#define MaxArraySize ((Size) (MaxAllocSize / sizeof(Datum)))
|
||||||
|
+
|
||||||
|
/*
|
||||||
|
* Arrays are varlena objects, so must meet the varlena convention that
|
||||||
|
* the first int32 of the object contains the total object size in bytes.
|
||||||
|
diff --git a/src/test/regress/expected/arrays.out b/src/test/regress/expected/arrays.out
|
||||||
|
index c730563..e4ec394 100644
|
||||||
|
--- a/src/test/regress/expected/arrays.out
|
||||||
|
+++ b/src/test/regress/expected/arrays.out
|
||||||
|
@@ -1347,6 +1347,23 @@ insert into arr_pk_tbl(pk, f1[1:2]) values (1, '{6,7,8}') on conflict (pk)
|
||||||
|
-- then you didn't get an indexscan plan, and something is busted.
|
||||||
|
reset enable_seqscan;
|
||||||
|
reset enable_bitmapscan;
|
||||||
|
+-- test subscript overflow detection
|
||||||
|
+-- The normal error message includes a platform-dependent limit,
|
||||||
|
+-- so suppress it to avoid needing multiple expected-files.
|
||||||
|
+\set VERBOSITY terse
|
||||||
|
+insert into arr_pk_tbl values(10, '[-2147483648:-2147483647]={1,2}');
|
||||||
|
+update arr_pk_tbl set f1[2147483647] = 42 where pk = 10;
|
||||||
|
+ERROR: array size exceeds the maximum allowed (134217727)
|
||||||
|
+update arr_pk_tbl set f1[2147483646:2147483647] = array[4,2] where pk = 10;
|
||||||
|
+ERROR: array size exceeds the maximum allowed (134217727)
|
||||||
|
+-- also exercise the expanded-array case
|
||||||
|
+do $$ declare a int[];
|
||||||
|
+begin
|
||||||
|
+ a := '[-2147483648:-2147483647]={1,2}'::int[];
|
||||||
|
+ a[2147483647] := 42;
|
||||||
|
+end $$;
|
||||||
|
+ERROR: array size exceeds the maximum allowed (134217727)
|
||||||
|
+\set VERBOSITY default
|
||||||
|
-- test [not] (like|ilike) (any|all) (...)
|
||||||
|
select 'foo' like any (array['%a', '%o']); -- t
|
||||||
|
?column?
|
||||||
|
diff --git a/src/test/regress/sql/arrays.sql b/src/test/regress/sql/arrays.sql
|
||||||
|
index 25dd4e2..4ad6e55 100644
|
||||||
|
--- a/src/test/regress/sql/arrays.sql
|
||||||
|
+++ b/src/test/regress/sql/arrays.sql
|
||||||
|
@@ -407,6 +407,25 @@ insert into arr_pk_tbl(pk, f1[1:2]) values (1, '{6,7,8}') on conflict (pk)
|
||||||
|
reset enable_seqscan;
|
||||||
|
reset enable_bitmapscan;
|
||||||
|
|
||||||
|
+-- test subscript overflow detection
|
||||||
|
+
|
||||||
|
+-- The normal error message includes a platform-dependent limit,
|
||||||
|
+-- so suppress it to avoid needing multiple expected-files.
|
||||||
|
+\set VERBOSITY terse
|
||||||
|
+
|
||||||
|
+insert into arr_pk_tbl values(10, '[-2147483648:-2147483647]={1,2}');
|
||||||
|
+update arr_pk_tbl set f1[2147483647] = 42 where pk = 10;
|
||||||
|
+update arr_pk_tbl set f1[2147483646:2147483647] = array[4,2] where pk = 10;
|
||||||
|
+
|
||||||
|
+-- also exercise the expanded-array case
|
||||||
|
+do $$ declare a int[];
|
||||||
|
+begin
|
||||||
|
+ a := '[-2147483648:-2147483647]={1,2}'::int[];
|
||||||
|
+ a[2147483647] := 42;
|
||||||
|
+end $$;
|
||||||
|
+
|
||||||
|
+\set VERBOSITY default
|
||||||
|
+
|
||||||
|
-- test [not] (like|ilike) (any|all) (...)
|
||||||
|
select 'foo' like any (array['%a', '%o']); -- t
|
||||||
|
select 'foo' like any (array['%a', '%b']); -- f
|
||||||
|
|
||||||
|
diff --git a/src/include/common/int.h b/src/include/common/int.h
|
||||||
|
new file mode 100644
|
||||||
|
index 0000000..d754798
|
||||||
|
--- /dev/null
|
||||||
|
+++ b/src/include/common/int.h
|
||||||
|
@@ -0,0 +1,273 @@
|
||||||
|
+/*-------------------------------------------------------------------------
|
||||||
|
+ *
|
||||||
|
+ * int.h
|
||||||
|
+ * Routines to perform integer math, while checking for overflows.
|
||||||
|
+ *
|
||||||
|
+ * The routines in this file are intended to be well defined C, without
|
||||||
|
+ * relying on compiler flags like -fwrapv.
|
||||||
|
+ *
|
||||||
|
+ * To reduce the overhead of these routines try to use compiler intrinsics
|
||||||
|
+ * where available. That's not that important for the 16, 32 bit cases, but
|
||||||
|
+ * the 64 bit cases can be considerably faster with intrinsics. In case no
|
||||||
|
+ * intrinsics are available 128 bit math is used where available.
|
||||||
|
+ *
|
||||||
|
+ * Copyright (c) 2017-2019, PostgreSQL Global Development Group
|
||||||
|
+ *
|
||||||
|
+ * src/include/common/int.h
|
||||||
|
+ *
|
||||||
|
+ *-------------------------------------------------------------------------
|
||||||
|
+ */
|
||||||
|
+#ifndef COMMON_INT_H
|
||||||
|
+#define COMMON_INT_H
|
||||||
|
+
|
||||||
|
+/*
|
||||||
|
+ * If a + b overflows, return true, otherwise store the result of a + b into
|
||||||
|
+ * *result. The content of *result is implementation defined in case of
|
||||||
|
+ * overflow.
|
||||||
|
+ */
|
||||||
|
+static inline bool
|
||||||
|
+pg_add_s16_overflow(int16 a, int16 b, int16 *result)
|
||||||
|
+{
|
||||||
|
+#if defined(HAVE__BUILTIN_OP_OVERFLOW)
|
||||||
|
+ return __builtin_add_overflow(a, b, result);
|
||||||
|
+#else
|
||||||
|
+ int32 res = (int32) a + (int32) b;
|
||||||
|
+
|
||||||
|
+ if (res > PG_INT16_MAX || res < PG_INT16_MIN)
|
||||||
|
+ {
|
||||||
|
+ *result = 0x5EED; /* to avoid spurious warnings */
|
||||||
|
+ return true;
|
||||||
|
+ }
|
||||||
|
+ *result = (int16) res;
|
||||||
|
+ return false;
|
||||||
|
+#endif
|
||||||
|
+}
|
||||||
|
+
|
||||||
|
+/*
|
||||||
|
+ * If a - b overflows, return true, otherwise store the result of a - b into
|
||||||
|
+ * *result. The content of *result is implementation defined in case of
|
||||||
|
+ * overflow.
|
||||||
|
+ */
|
||||||
|
+static inline bool
|
||||||
|
+pg_sub_s16_overflow(int16 a, int16 b, int16 *result)
|
||||||
|
+{
|
||||||
|
+#if defined(HAVE__BUILTIN_OP_OVERFLOW)
|
||||||
|
+ return __builtin_sub_overflow(a, b, result);
|
||||||
|
+#else
|
||||||
|
+ int32 res = (int32) a - (int32) b;
|
||||||
|
+
|
||||||
|
+ if (res > PG_INT16_MAX || res < PG_INT16_MIN)
|
||||||
|
+ {
|
||||||
|
+ *result = 0x5EED; /* to avoid spurious warnings */
|
||||||
|
+ return true;
|
||||||
|
+ }
|
||||||
|
+ *result = (int16) res;
|
||||||
|
+ return false;
|
||||||
|
+#endif
|
||||||
|
+}
|
||||||
|
+
|
||||||
|
+/*
|
||||||
|
+ * If a * b overflows, return true, otherwise store the result of a * b into
|
||||||
|
+ * *result. The content of *result is implementation defined in case of
|
||||||
|
+ * overflow.
|
||||||
|
+ */
|
||||||
|
+static inline bool
|
||||||
|
+pg_mul_s16_overflow(int16 a, int16 b, int16 *result)
|
||||||
|
+{
|
||||||
|
+#if defined(HAVE__BUILTIN_OP_OVERFLOW)
|
||||||
|
+ return __builtin_mul_overflow(a, b, result);
|
||||||
|
+#else
|
||||||
|
+ int32 res = (int32) a * (int32) b;
|
||||||
|
+
|
||||||
|
+ if (res > PG_INT16_MAX || res < PG_INT16_MIN)
|
||||||
|
+ {
|
||||||
|
+ *result = 0x5EED; /* to avoid spurious warnings */
|
||||||
|
+ return true;
|
||||||
|
+ }
|
||||||
|
+ *result = (int16) res;
|
||||||
|
+ return false;
|
||||||
|
+#endif
|
||||||
|
+}
|
||||||
|
+
|
||||||
|
+/*
|
||||||
|
+ * If a + b overflows, return true, otherwise store the result of a + b into
|
||||||
|
+ * *result. The content of *result is implementation defined in case of
|
||||||
|
+ * overflow.
|
||||||
|
+ */
|
||||||
|
+static inline bool
|
||||||
|
+pg_add_s32_overflow(int32 a, int32 b, int32 *result)
|
||||||
|
+{
|
||||||
|
+#if defined(HAVE__BUILTIN_OP_OVERFLOW)
|
||||||
|
+ return __builtin_add_overflow(a, b, result);
|
||||||
|
+#else
|
||||||
|
+ int64 res = (int64) a + (int64) b;
|
||||||
|
+
|
||||||
|
+ if (res > PG_INT32_MAX || res < PG_INT32_MIN)
|
||||||
|
+ {
|
||||||
|
+ *result = 0x5EED; /* to avoid spurious warnings */
|
||||||
|
+ return true;
|
||||||
|
+ }
|
||||||
|
+ *result = (int32) res;
|
||||||
|
+ return false;
|
||||||
|
+#endif
|
||||||
|
+}
|
||||||
|
+
|
||||||
|
+/*
|
||||||
|
+ * If a - b overflows, return true, otherwise store the result of a - b into
|
||||||
|
+ * *result. The content of *result is implementation defined in case of
|
||||||
|
+ * overflow.
|
||||||
|
+ */
|
||||||
|
+static inline bool
|
||||||
|
+pg_sub_s32_overflow(int32 a, int32 b, int32 *result)
|
||||||
|
+{
|
||||||
|
+#if defined(HAVE__BUILTIN_OP_OVERFLOW)
|
||||||
|
+ return __builtin_sub_overflow(a, b, result);
|
||||||
|
+#else
|
||||||
|
+ int64 res = (int64) a - (int64) b;
|
||||||
|
+
|
||||||
|
+ if (res > PG_INT32_MAX || res < PG_INT32_MIN)
|
||||||
|
+ {
|
||||||
|
+ *result = 0x5EED; /* to avoid spurious warnings */
|
||||||
|
+ return true;
|
||||||
|
+ }
|
||||||
|
+ *result = (int32) res;
|
||||||
|
+ return false;
|
||||||
|
+#endif
|
||||||
|
+}
|
||||||
|
+
|
||||||
|
+/*
|
||||||
|
+ * If a * b overflows, return true, otherwise store the result of a * b into
|
||||||
|
+ * *result. The content of *result is implementation defined in case of
|
||||||
|
+ * overflow.
|
||||||
|
+ */
|
||||||
|
+static inline bool
|
||||||
|
+pg_mul_s32_overflow(int32 a, int32 b, int32 *result)
|
||||||
|
+{
|
||||||
|
+#if defined(HAVE__BUILTIN_OP_OVERFLOW)
|
||||||
|
+ return __builtin_mul_overflow(a, b, result);
|
||||||
|
+#else
|
||||||
|
+ int64 res = (int64) a * (int64) b;
|
||||||
|
+
|
||||||
|
+ if (res > PG_INT32_MAX || res < PG_INT32_MIN)
|
||||||
|
+ {
|
||||||
|
+ *result = 0x5EED; /* to avoid spurious warnings */
|
||||||
|
+ return true;
|
||||||
|
+ }
|
||||||
|
+ *result = (int32) res;
|
||||||
|
+ return false;
|
||||||
|
+#endif
|
||||||
|
+}
|
||||||
|
+
|
||||||
|
+/*
|
||||||
|
+ * If a + b overflows, return true, otherwise store the result of a + b into
|
||||||
|
+ * *result. The content of *result is implementation defined in case of
|
||||||
|
+ * overflow.
|
||||||
|
+ */
|
||||||
|
+static inline bool
|
||||||
|
+pg_add_s64_overflow(int64 a, int64 b, int64 *result)
|
||||||
|
+{
|
||||||
|
+#if defined(HAVE__BUILTIN_OP_OVERFLOW)
|
||||||
|
+ return __builtin_add_overflow(a, b, result);
|
||||||
|
+#elif defined(HAVE_INT128)
|
||||||
|
+ int128 res = (int128) a + (int128) b;
|
||||||
|
+
|
||||||
|
+ if (res > PG_INT64_MAX || res < PG_INT64_MIN)
|
||||||
|
+ {
|
||||||
|
+ *result = 0x5EED; /* to avoid spurious warnings */
|
||||||
|
+ return true;
|
||||||
|
+ }
|
||||||
|
+ *result = (int64) res;
|
||||||
|
+ return false;
|
||||||
|
+#else
|
||||||
|
+ if ((a > 0 && b > 0 && a > PG_INT64_MAX - b) ||
|
||||||
|
+ (a < 0 && b < 0 && a < PG_INT64_MIN - b))
|
||||||
|
+ {
|
||||||
|
+ *result = 0x5EED; /* to avoid spurious warnings */
|
||||||
|
+ return true;
|
||||||
|
+ }
|
||||||
|
+ *result = a + b;
|
||||||
|
+ return false;
|
||||||
|
+#endif
|
||||||
|
+}
|
||||||
|
+
|
||||||
|
+/*
|
||||||
|
+ * If a - b overflows, return true, otherwise store the result of a - b into
|
||||||
|
+ * *result. The content of *result is implementation defined in case of
|
||||||
|
+ * overflow.
|
||||||
|
+ */
|
||||||
|
+static inline bool
|
||||||
|
+pg_sub_s64_overflow(int64 a, int64 b, int64 *result)
|
||||||
|
+{
|
||||||
|
+#if defined(HAVE__BUILTIN_OP_OVERFLOW)
|
||||||
|
+ return __builtin_sub_overflow(a, b, result);
|
||||||
|
+#elif defined(HAVE_INT128)
|
||||||
|
+ int128 res = (int128) a - (int128) b;
|
||||||
|
+
|
||||||
|
+ if (res > PG_INT64_MAX || res < PG_INT64_MIN)
|
||||||
|
+ {
|
||||||
|
+ *result = 0x5EED; /* to avoid spurious warnings */
|
||||||
|
+ return true;
|
||||||
|
+ }
|
||||||
|
+ *result = (int64) res;
|
||||||
|
+ return false;
|
||||||
|
+#else
|
||||||
|
+ if ((a < 0 && b > 0 && a < PG_INT64_MIN + b) ||
|
||||||
|
+ (a > 0 && b < 0 && a > PG_INT64_MAX + b))
|
||||||
|
+ {
|
||||||
|
+ *result = 0x5EED; /* to avoid spurious warnings */
|
||||||
|
+ return true;
|
||||||
|
+ }
|
||||||
|
+ *result = a - b;
|
||||||
|
+ return false;
|
||||||
|
+#endif
|
||||||
|
+}
|
||||||
|
+
|
||||||
|
+/*
|
||||||
|
+ * If a * b overflows, return true, otherwise store the result of a * b into
|
||||||
|
+ * *result. The content of *result is implementation defined in case of
|
||||||
|
+ * overflow.
|
||||||
|
+ */
|
||||||
|
+static inline bool
|
||||||
|
+pg_mul_s64_overflow(int64 a, int64 b, int64 *result)
|
||||||
|
+{
|
||||||
|
+#if defined(HAVE__BUILTIN_OP_OVERFLOW)
|
||||||
|
+ return __builtin_mul_overflow(a, b, result);
|
||||||
|
+#elif defined(HAVE_INT128)
|
||||||
|
+ int128 res = (int128) a * (int128) b;
|
||||||
|
+
|
||||||
|
+ if (res > PG_INT64_MAX || res < PG_INT64_MIN)
|
||||||
|
+ {
|
||||||
|
+ *result = 0x5EED; /* to avoid spurious warnings */
|
||||||
|
+ return true;
|
||||||
|
+ }
|
||||||
|
+ *result = (int64) res;
|
||||||
|
+ return false;
|
||||||
|
+#else
|
||||||
|
+ /*
|
||||||
|
+ * Overflow can only happen if at least one value is outside the range
|
||||||
|
+ * sqrt(min)..sqrt(max) so check that first as the division can be quite a
|
||||||
|
+ * bit more expensive than the multiplication.
|
||||||
|
+ *
|
||||||
|
+ * Multiplying by 0 or 1 can't overflow of course and checking for 0
|
||||||
|
+ * separately avoids any risk of dividing by 0. Be careful about dividing
|
||||||
|
+ * INT_MIN by -1 also, note reversing the a and b to ensure we're always
|
||||||
|
+ * dividing it by a positive value.
|
||||||
|
+ *
|
||||||
|
+ */
|
||||||
|
+ if ((a > PG_INT32_MAX || a < PG_INT32_MIN ||
|
||||||
|
+ b > PG_INT32_MAX || b < PG_INT32_MIN) &&
|
||||||
|
+ a != 0 && a != 1 && b != 0 && b != 1 &&
|
||||||
|
+ ((a > 0 && b > 0 && a > PG_INT64_MAX / b) ||
|
||||||
|
+ (a > 0 && b < 0 && b < PG_INT64_MIN / a) ||
|
||||||
|
+ (a < 0 && b > 0 && a < PG_INT64_MIN / b) ||
|
||||||
|
+ (a < 0 && b < 0 && a < PG_INT64_MAX / b)))
|
||||||
|
+ {
|
||||||
|
+ *result = 0x5EED; /* to avoid spurious warnings */
|
||||||
|
+ return true;
|
||||||
|
+ }
|
||||||
|
+ *result = a * b;
|
||||||
|
+ return false;
|
||||||
|
+#endif
|
||||||
|
+}
|
||||||
|
+
|
||||||
|
+#endif /* COMMON_INT_H */
|
||||||
|
--
|
||||||
|
2.39.3
|
||||||
|
|
@ -1 +0,0 @@
|
|||||||
4f9919725d941ce9868e07fe1ed1d3a86748599b483386547583928b74c3918a postgresql-12.18.tar.bz2
|
|
1
SOURCES/postgresql-9.2.24.tar.bz2.sha256
Normal file
1
SOURCES/postgresql-9.2.24.tar.bz2.sha256
Normal file
@ -0,0 +1 @@
|
|||||||
|
a754c02f7051c2f21e52f8669a421b50485afcde9a581674d6106326b189d126 postgresql-9.2.24.tar.bz2
|
@ -1,49 +0,0 @@
|
|||||||
We don't build/install interfaces by upstream's implicit rules.
|
|
||||||
|
|
||||||
This patch is used on two places; postgresql.spec and libecpg.spec -- keep those
|
|
||||||
in sync!
|
|
||||||
|
|
||||||
Related: rhbz#1618698
|
|
||||||
Signed-Off-By: Tianyue Lan <tianyue.lan@oracle.com>
|
|
||||||
|
|
||||||
---
|
|
||||||
src/Makefile | 1 -
|
|
||||||
src/Makefile.global.in | 3 +--
|
|
||||||
2 files changed, 1 insertion(+), 3 deletions(-)
|
|
||||||
|
|
||||||
diff --git a/src/Makefile b/src/Makefile
|
|
||||||
index bcdbd95..4bea236 100644
|
|
||||||
--- a/src/Makefile
|
|
||||||
+++ b/src/Makefile
|
|
||||||
@@ -20,7 +20,6 @@ SUBDIRS = \
|
|
||||||
backend/utils/mb/conversion_procs \
|
|
||||||
backend/snowball \
|
|
||||||
include \
|
|
||||||
- interfaces \
|
|
||||||
backend/replication/libpqwalreceiver \
|
|
||||||
backend/replication/pgoutput \
|
|
||||||
fe_utils \
|
|
||||||
diff --git a/src/Makefile.global.in b/src/Makefile.global.in
|
|
||||||
index a05f7ce..36be499 100644
|
|
||||||
--- a/src/Makefile.global.in
|
|
||||||
+++ b/src/Makefile.global.in
|
|
||||||
@@ -546,7 +546,7 @@ endif
|
|
||||||
# How to link to libpq. (This macro may be used as-is by backend extensions.
|
|
||||||
# Client-side code should go through libpq_pgport or libpq_pgport_shlib,
|
|
||||||
# instead.)
|
|
||||||
-libpq = -L$(libpq_builddir) -lpq
|
|
||||||
+libpq = -lpq
|
|
||||||
|
|
||||||
# libpq_pgport is for use by client executables (not libraries) that use libpq.
|
|
||||||
# We want clients to pull symbols from the non-shared libraries libpgport
|
|
||||||
@@ -589,7 +589,6 @@ endif
|
|
||||||
# Commonly used submake targets
|
|
||||||
|
|
||||||
submake-libpq: | submake-generated-headers
|
|
||||||
- $(MAKE) -C $(libpq_builddir) all
|
|
||||||
|
|
||||||
submake-libpgport: | submake-generated-headers
|
|
||||||
$(MAKE) -C $(top_builddir)/src/port all
|
|
||||||
--
|
|
||||||
2.39.3
|
|
||||||
|
|
33
SOURCES/postgresql-no-libs.patch
Normal file
33
SOURCES/postgresql-no-libs.patch
Normal file
@ -0,0 +1,33 @@
|
|||||||
|
diff --git a/src/Makefile b/src/Makefile
|
||||||
|
index febbced..9737b55 100644
|
||||||
|
--- a/src/Makefile
|
||||||
|
+++ b/src/Makefile
|
||||||
|
@@ -20,7 +20,6 @@ SUBDIRS = \
|
||||||
|
backend/utils/mb/conversion_procs \
|
||||||
|
backend/snowball \
|
||||||
|
include \
|
||||||
|
- interfaces \
|
||||||
|
backend/replication/libpqwalreceiver \
|
||||||
|
backend/replication/pgoutput \
|
||||||
|
fe_utils \
|
||||||
|
diff --git a/src/Makefile.global.in b/src/Makefile.global.in
|
||||||
|
index 4ed5174..d0e0dae 100644
|
||||||
|
--- a/src/Makefile.global.in
|
||||||
|
+++ b/src/Makefile.global.in
|
||||||
|
@@ -457,7 +457,7 @@ endif
|
||||||
|
|
||||||
|
# This macro is for use by libraries linking to libpq. (Because libpgport
|
||||||
|
# isn't created with the same link flags as libpq, it can't be used.)
|
||||||
|
-libpq = -L$(libpq_builddir) -lpq
|
||||||
|
+libpq = -lpq
|
||||||
|
|
||||||
|
# This macro is for use by client executables (not libraries) that use libpq.
|
||||||
|
# We force clients to pull symbols from the non-shared libraries libpgport
|
||||||
|
@@ -483,7 +483,6 @@ endif
|
||||||
|
# Commonly used submake targets
|
||||||
|
|
||||||
|
submake-libpq:
|
||||||
|
- $(MAKE) -C $(libpq_builddir) all
|
||||||
|
|
||||||
|
submake-libpgport:
|
||||||
|
$(MAKE) -C $(top_builddir)/src/port all
|
@ -1,13 +1,5 @@
|
|||||||
We should ideally provide '/bin/pg_config' in postgresql-server-devel, and
|
|
||||||
provide no pg_config binary in libpq package. But most of the Fedora packages
|
|
||||||
that use pg_config actually only build against PG libraries (and
|
|
||||||
postgresql-server-devel isn't needed). So.., to avoid the initial rush around
|
|
||||||
rhbz#1618698 change, rather provide pg_server_config binary, which int urn means
|
|
||||||
that we'll have to fix only a minimal set of packages which really build
|
|
||||||
PostgreSQL server modules.
|
|
||||||
|
|
||||||
diff --git a/src/bin/pg_config/Makefile b/src/bin/pg_config/Makefile
|
diff --git a/src/bin/pg_config/Makefile b/src/bin/pg_config/Makefile
|
||||||
index 02e6f9d..f7c844f 100644
|
index c410087..e546b7b 100644
|
||||||
--- a/src/bin/pg_config/Makefile
|
--- a/src/bin/pg_config/Makefile
|
||||||
+++ b/src/bin/pg_config/Makefile
|
+++ b/src/bin/pg_config/Makefile
|
||||||
@@ -11,28 +11,30 @@
|
@@ -11,28 +11,30 @@
|
||||||
@ -48,12 +40,12 @@ index 02e6f9d..f7c844f 100644
|
|||||||
|
|
||||||
check:
|
check:
|
||||||
diff --git a/src/bin/pg_config/nls.mk b/src/bin/pg_config/nls.mk
|
diff --git a/src/bin/pg_config/nls.mk b/src/bin/pg_config/nls.mk
|
||||||
index 1d41f90..0f34f37 100644
|
index 1d41f90ee0..0f34f371cc 100644
|
||||||
--- a/src/bin/pg_config/nls.mk
|
--- a/src/bin/pg_config/nls.mk
|
||||||
+++ b/src/bin/pg_config/nls.mk
|
+++ b/src/bin/pg_config/nls.mk
|
||||||
@@ -1,4 +1,4 @@
|
@@ -1,4 +1,4 @@
|
||||||
# src/bin/pg_config/nls.mk
|
# src/bin/pg_config/nls.mk
|
||||||
-CATALOG_NAME = pg_config
|
-CATALOG_NAME = pg_config
|
||||||
+CATALOG_NAME = pg_server_config
|
+CATALOG_NAME = pg_server_config
|
||||||
AVAIL_LANGUAGES = cs de es fr he it ja ko pl pt_BR ro ru sv tr uk vi zh_CN zh_TW
|
AVAIL_LANGUAGES = cs de es fr he it ja ko nb pl pt_BR ro ru sv ta tr zh_CN zh_TW
|
||||||
GETTEXT_FILES = pg_config.c ../../common/config_info.c ../../common/exec.c
|
GETTEXT_FILES = pg_config.c ../../common/config_info.c ../../common/exec.c
|
||||||
|
@ -38,7 +38,6 @@
|
|||||||
%{!?pltcl:%global pltcl 1}
|
%{!?pltcl:%global pltcl 1}
|
||||||
%{!?plperl:%global plperl 1}
|
%{!?plperl:%global plperl 1}
|
||||||
%{!?ssl:%global ssl 1}
|
%{!?ssl:%global ssl 1}
|
||||||
%{!?icu:%global icu 1}
|
|
||||||
%{!?kerberos:%global kerberos 1}
|
%{!?kerberos:%global kerberos 1}
|
||||||
%{!?ldap:%global ldap 1}
|
%{!?ldap:%global ldap 1}
|
||||||
%{!?nls:%global nls 1}
|
%{!?nls:%global nls 1}
|
||||||
@ -58,28 +57,28 @@
|
|||||||
|
|
||||||
Summary: PostgreSQL client programs
|
Summary: PostgreSQL client programs
|
||||||
Name: postgresql
|
Name: postgresql
|
||||||
%global majorversion 12
|
%global majorversion 10
|
||||||
Version: %{majorversion}.18
|
Version: %{majorversion}.23
|
||||||
Release: 1%{?dist}.alma.1
|
Release: 3%{?dist}
|
||||||
|
|
||||||
# The PostgreSQL license is very similar to other MIT licenses, but the OSI
|
# The PostgreSQL license is very similar to other MIT licenses, but the OSI
|
||||||
# recognizes it as an independent license, so we do as well.
|
# recognizes it as an independent license, so we do as well.
|
||||||
License: PostgreSQL
|
License: PostgreSQL
|
||||||
|
Group: Applications/Databases
|
||||||
Url: http://www.postgresql.org/
|
Url: http://www.postgresql.org/
|
||||||
|
|
||||||
# This SRPM includes a copy of the previous major release, which is needed for
|
# This SRPM includes a copy of the previous major release, which is needed for
|
||||||
# in-place upgrade of an old database. In most cases it will not be critical
|
# in-place upgrade of an old database. In most cases it will not be critical
|
||||||
# that this be kept up with the latest minor release of the previous series;
|
# that this be kept up with the latest minor release of the previous series;
|
||||||
# but update when bugs affecting pg_dump output are fixed.
|
# but update when bugs affecting pg_dump output are fixed.
|
||||||
%global prevmajorversion 10
|
%global prevversion 9.2.24
|
||||||
%global prevversion %{prevmajorversion}.23
|
%global prevmajorversion 9.2
|
||||||
%global prev_prefix %{_libdir}/pgsql/postgresql-%{prevmajorversion}
|
%global prev_prefix %{_libdir}/pgsql/postgresql-%{prevmajorversion}
|
||||||
%global precise_version %{?epoch:%epoch:}%version-%release
|
%global precise_version %{?epoch:%epoch:}%version-%release
|
||||||
|
|
||||||
%global setup_version 8.7
|
%global setup_version 8.7
|
||||||
|
|
||||||
%global service_name postgresql.service
|
%global service_name postgresql.service
|
||||||
|
|
||||||
Source0: https://ftp.postgresql.org/pub/source/v%{version}/postgresql-%{version}.tar.bz2
|
Source0: https://ftp.postgresql.org/pub/source/v%{version}/postgresql-%{version}.tar.bz2
|
||||||
# The PDF file is generated by generate-pdf.sh, which see for comments
|
# The PDF file is generated by generate-pdf.sh, which see for comments
|
||||||
Source1: postgresql-%{version}-US.pdf
|
Source1: postgresql-%{version}-US.pdf
|
||||||
@ -106,9 +105,12 @@ Patch1: rpm-pgsql.patch
|
|||||||
Patch2: postgresql-logging.patch
|
Patch2: postgresql-logging.patch
|
||||||
Patch5: postgresql-var-run-socket.patch
|
Patch5: postgresql-var-run-socket.patch
|
||||||
Patch6: postgresql-man.patch
|
Patch6: postgresql-man.patch
|
||||||
Patch8: postgresql-external-libpq.patch
|
Patch8: postgresql-no-libs.patch
|
||||||
Patch9: postgresql-server-pg_config.patch
|
Patch9: postgresql-server-pg_config.patch
|
||||||
Patch10: postgresql-12.5-contrib-dblink-expected-out.patch
|
Patch10: postgresql-10.15-contrib-dblink-expected-out.patch
|
||||||
|
Patch11: postgresql-10.23-CVE-2023-2454.patch
|
||||||
|
Patch12: postgresql-10.23-CVE-2023-2455.patch
|
||||||
|
Patch13: postgresql-10.23-CVE-2023-5869.patch
|
||||||
|
|
||||||
BuildRequires: gcc
|
BuildRequires: gcc
|
||||||
BuildRequires: perl(ExtUtils::MakeMaker) glibc-devel bison flex gawk
|
BuildRequires: perl(ExtUtils::MakeMaker) glibc-devel bison flex gawk
|
||||||
@ -172,10 +174,6 @@ BuildRequires: systemtap-sdt-devel
|
|||||||
BuildRequires: libselinux-devel
|
BuildRequires: libselinux-devel
|
||||||
%endif
|
%endif
|
||||||
|
|
||||||
%if %icu
|
|
||||||
BuildRequires: libicu-devel
|
|
||||||
%endif
|
|
||||||
|
|
||||||
# https://bugzilla.redhat.com/1464368
|
# https://bugzilla.redhat.com/1464368
|
||||||
%global __provides_exclude_from %{_libdir}/pgsql
|
%global __provides_exclude_from %{_libdir}/pgsql
|
||||||
|
|
||||||
@ -191,6 +189,7 @@ postgresql-server sub-package.
|
|||||||
|
|
||||||
%package server
|
%package server
|
||||||
Summary: The programs needed to create and run a PostgreSQL server
|
Summary: The programs needed to create and run a PostgreSQL server
|
||||||
|
Group: Applications/Databases
|
||||||
Requires: %{name}%{?_isa} = %precise_version
|
Requires: %{name}%{?_isa} = %precise_version
|
||||||
Requires(pre): /usr/sbin/useradd
|
Requires(pre): /usr/sbin/useradd
|
||||||
# We require this to be present for %%{_prefix}/lib/tmpfiles.d
|
# We require this to be present for %%{_prefix}/lib/tmpfiles.d
|
||||||
@ -214,6 +213,7 @@ and maintain PostgreSQL databases.
|
|||||||
|
|
||||||
%package docs
|
%package docs
|
||||||
Summary: Extra documentation for PostgreSQL
|
Summary: Extra documentation for PostgreSQL
|
||||||
|
Group: Applications/Databases
|
||||||
Requires: %{name}%{?_isa} = %precise_version
|
Requires: %{name}%{?_isa} = %precise_version
|
||||||
# Just for more intuitive documentation installation
|
# Just for more intuitive documentation installation
|
||||||
Provides: %{name}-doc = %precise_version
|
Provides: %{name}-doc = %precise_version
|
||||||
@ -226,6 +226,7 @@ and source files for the PostgreSQL tutorial.
|
|||||||
|
|
||||||
%package contrib
|
%package contrib
|
||||||
Summary: Extension modules distributed with PostgreSQL
|
Summary: Extension modules distributed with PostgreSQL
|
||||||
|
Group: Applications/Databases
|
||||||
Requires: %{name}%{?_isa} = %precise_version
|
Requires: %{name}%{?_isa} = %precise_version
|
||||||
|
|
||||||
%description contrib
|
%description contrib
|
||||||
@ -235,21 +236,19 @@ included in the PostgreSQL distribution.
|
|||||||
|
|
||||||
%package server-devel
|
%package server-devel
|
||||||
Summary: PostgreSQL development header files and libraries
|
Summary: PostgreSQL development header files and libraries
|
||||||
%if %icu
|
Group: Development/Libraries
|
||||||
Requires: libicu-devel
|
|
||||||
%endif
|
|
||||||
%if %kerberos
|
|
||||||
Requires: krb5-devel
|
|
||||||
%endif
|
|
||||||
|
|
||||||
%description server-devel
|
%description server-devel
|
||||||
The postgresql-server-devel package contains the header files and configuration
|
The postgresql-server-devel package contains the header files and libraries
|
||||||
needed to compile PostgreSQL server extension.
|
needed to compile C or C++ applications which will directly interact
|
||||||
|
with a PostgreSQL database management server. It also contains the ecpg
|
||||||
|
Embedded C Postgres preprocessor. You need to install this package if you want
|
||||||
|
to develop applications which will interact with a PostgreSQL server.
|
||||||
|
|
||||||
|
|
||||||
%package test-rpm-macros
|
%package test-rpm-macros
|
||||||
Summary: Convenience RPM macros for build-time testing against PostgreSQL server
|
Summary: Convenience RPM macros for build-time testing against PostgreSQL server
|
||||||
Requires: %{name}-server = %precise_version
|
Requires: %{name}-server = %precise_version
|
||||||
BuildArch: noarch
|
|
||||||
|
|
||||||
%description test-rpm-macros
|
%description test-rpm-macros
|
||||||
This package is meant to be added as BuildRequires: dependency of other packages
|
This package is meant to be added as BuildRequires: dependency of other packages
|
||||||
@ -268,8 +267,9 @@ counterparts.
|
|||||||
%if %upgrade
|
%if %upgrade
|
||||||
%package upgrade
|
%package upgrade
|
||||||
Summary: Support for upgrading from the previous major release of PostgreSQL
|
Summary: Support for upgrading from the previous major release of PostgreSQL
|
||||||
|
Group: Applications/Databases
|
||||||
Requires: %{name}-server%{?_isa} = %precise_version
|
Requires: %{name}-server%{?_isa} = %precise_version
|
||||||
Provides: bundled(postgresql-server) = %prevversion
|
Provides: bundled(postgresql-libs) = %prevversion
|
||||||
|
|
||||||
%description upgrade
|
%description upgrade
|
||||||
The postgresql-upgrade package contains the pg_upgrade utility and supporting
|
The postgresql-upgrade package contains the pg_upgrade utility and supporting
|
||||||
@ -279,6 +279,7 @@ version of PostgreSQL.
|
|||||||
|
|
||||||
%package upgrade-devel
|
%package upgrade-devel
|
||||||
Summary: Support for build of extensions required for upgrade process
|
Summary: Support for build of extensions required for upgrade process
|
||||||
|
Group: Development/Libraries
|
||||||
Requires: %{name}-upgrade%{?_isa} = %precise_version
|
Requires: %{name}-upgrade%{?_isa} = %precise_version
|
||||||
|
|
||||||
%description upgrade-devel
|
%description upgrade-devel
|
||||||
@ -291,6 +292,7 @@ process.
|
|||||||
%if %plperl
|
%if %plperl
|
||||||
%package plperl
|
%package plperl
|
||||||
Summary: The Perl procedural language for PostgreSQL
|
Summary: The Perl procedural language for PostgreSQL
|
||||||
|
Group: Applications/Databases
|
||||||
Requires: %{name}-server%{?_isa} = %precise_version
|
Requires: %{name}-server%{?_isa} = %precise_version
|
||||||
Requires: perl(:MODULE_COMPAT_%(eval "`%{__perl} -V:version`"; echo $version))
|
Requires: perl(:MODULE_COMPAT_%(eval "`%{__perl} -V:version`"; echo $version))
|
||||||
%if %runselftest
|
%if %runselftest
|
||||||
@ -307,6 +309,7 @@ Install this if you want to write database functions in Perl.
|
|||||||
%if %plpython
|
%if %plpython
|
||||||
%package plpython
|
%package plpython
|
||||||
Summary: The Python2 procedural language for PostgreSQL
|
Summary: The Python2 procedural language for PostgreSQL
|
||||||
|
Group: Applications/Databases
|
||||||
Requires: %{name}-server%{?_isa} = %precise_version
|
Requires: %{name}-server%{?_isa} = %precise_version
|
||||||
Provides: %{name}-plpython2 = %precise_version
|
Provides: %{name}-plpython2 = %precise_version
|
||||||
|
|
||||||
@ -320,6 +323,7 @@ Install this if you want to write database functions in Python 2.
|
|||||||
%if %plpython3
|
%if %plpython3
|
||||||
%package plpython3
|
%package plpython3
|
||||||
Summary: The Python3 procedural language for PostgreSQL
|
Summary: The Python3 procedural language for PostgreSQL
|
||||||
|
Group: Applications/Databases
|
||||||
Requires: %{name}-server%{?_isa} = %precise_version
|
Requires: %{name}-server%{?_isa} = %precise_version
|
||||||
|
|
||||||
%description plpython3
|
%description plpython3
|
||||||
@ -332,6 +336,7 @@ Install this if you want to write database functions in Python 3.
|
|||||||
%if %pltcl
|
%if %pltcl
|
||||||
%package pltcl
|
%package pltcl
|
||||||
Summary: The Tcl procedural language for PostgreSQL
|
Summary: The Tcl procedural language for PostgreSQL
|
||||||
|
Group: Applications/Databases
|
||||||
Requires: %{name}-server%{?_isa} = %precise_version
|
Requires: %{name}-server%{?_isa} = %precise_version
|
||||||
|
|
||||||
%description pltcl
|
%description pltcl
|
||||||
@ -344,6 +349,7 @@ Install this if you want to write database functions in Tcl.
|
|||||||
%if %test
|
%if %test
|
||||||
%package test
|
%package test
|
||||||
Summary: The test suite distributed with PostgreSQL
|
Summary: The test suite distributed with PostgreSQL
|
||||||
|
Group: Applications/Databases
|
||||||
Requires: %{name}-server%{?_isa} = %precise_version
|
Requires: %{name}-server%{?_isa} = %precise_version
|
||||||
Requires: %{name}-server-devel%{?_isa} = %precise_version
|
Requires: %{name}-server-devel%{?_isa} = %precise_version
|
||||||
|
|
||||||
@ -355,14 +361,8 @@ benchmarks.
|
|||||||
|
|
||||||
|
|
||||||
%prep
|
%prep
|
||||||
(
|
( cd %_sourcedir; sha256sum -c %{SOURCE16}; sha256sum -c %{SOURCE17} )
|
||||||
cd "$(dirname "%{SOURCE0}")"
|
%setup -q -a 12
|
||||||
sha256sum -c %{SOURCE16}
|
|
||||||
%if %upgrade
|
|
||||||
sha256sum -c %{SOURCE17}
|
|
||||||
%endif
|
|
||||||
)
|
|
||||||
%setup -q -a 12 -n postgresql-%{version}
|
|
||||||
%patch1 -p1
|
%patch1 -p1
|
||||||
%patch2 -p1
|
%patch2 -p1
|
||||||
%patch5 -p1
|
%patch5 -p1
|
||||||
@ -370,6 +370,9 @@ benchmarks.
|
|||||||
%patch8 -p1
|
%patch8 -p1
|
||||||
%patch9 -p1
|
%patch9 -p1
|
||||||
%patch10 -p1
|
%patch10 -p1
|
||||||
|
%patch11 -p1
|
||||||
|
%patch12 -p1
|
||||||
|
%patch13 -p1
|
||||||
|
|
||||||
# We used to run autoconf here, but there's no longer any real need to,
|
# We used to run autoconf here, but there's no longer any real need to,
|
||||||
# since Postgres ships with a reasonably modern configure script.
|
# since Postgres ships with a reasonably modern configure script.
|
||||||
@ -470,9 +473,6 @@ common_configure_options='
|
|||||||
--with-system-tzdata=%_datadir/zoneinfo
|
--with-system-tzdata=%_datadir/zoneinfo
|
||||||
--datadir=%_datadir/pgsql
|
--datadir=%_datadir/pgsql
|
||||||
--with-systemd
|
--with-systemd
|
||||||
%if %icu
|
|
||||||
--with-icu
|
|
||||||
%endif
|
|
||||||
'
|
'
|
||||||
|
|
||||||
%if %plpython3
|
%if %plpython3
|
||||||
@ -484,21 +484,9 @@ export PYTHON=/usr/bin/python3
|
|||||||
--with-python
|
--with-python
|
||||||
|
|
||||||
# Fortunately we don't need to build much except plpython itself.
|
# Fortunately we don't need to build much except plpython itself.
|
||||||
%global python_subdirs \\\
|
make %{?_smp_mflags} -C src/pl/plpython all
|
||||||
src/pl/plpython \\\
|
|
||||||
contrib/hstore_plpython \\\
|
|
||||||
contrib/jsonb_plpython \\\
|
|
||||||
contrib/ltree_plpython
|
|
||||||
|
|
||||||
for dir in %python_subdirs; do
|
|
||||||
%make_build -C "$dir" all
|
|
||||||
done
|
|
||||||
|
|
||||||
# save built form in a directory that "make distclean" won't touch
|
# save built form in a directory that "make distclean" won't touch
|
||||||
for dir in %python_subdirs; do
|
cp -a src/pl/plpython src/pl/plpython3
|
||||||
rm -rf "${dir}3" # shouldn't exist, unless --short-circuit
|
|
||||||
cp -a "$dir" "${dir}3"
|
|
||||||
done
|
|
||||||
|
|
||||||
# must also save this version of Makefile.global for later
|
# must also save this version of Makefile.global for later
|
||||||
cp src/Makefile.global src/Makefile.global.python3
|
cp src/Makefile.global src/Makefile.global.python3
|
||||||
@ -517,7 +505,7 @@ PYTHON=/usr/bin/python2
|
|||||||
|
|
||||||
unset PYTHON
|
unset PYTHON
|
||||||
|
|
||||||
%make_build world
|
make %{?_smp_mflags} world
|
||||||
|
|
||||||
# Have to hack makefile to put correct path into tutorial scripts
|
# Have to hack makefile to put correct path into tutorial scripts
|
||||||
sed "s|C=\`pwd\`;|C=%{_libdir}/pgsql/tutorial;|" < src/tutorial/Makefile > src/tutorial/GNUmakefile
|
sed "s|C=\`pwd\`;|C=%{_libdir}/pgsql/tutorial;|" < src/tutorial/Makefile > src/tutorial/GNUmakefile
|
||||||
@ -557,25 +545,17 @@ test_failure=0
|
|||||||
mv src/Makefile.global src/Makefile.global.save
|
mv src/Makefile.global src/Makefile.global.save
|
||||||
cp src/Makefile.global.python3 src/Makefile.global
|
cp src/Makefile.global.python3 src/Makefile.global
|
||||||
touch -r src/Makefile.global.save src/Makefile.global
|
touch -r src/Makefile.global.save src/Makefile.global
|
||||||
|
|
||||||
for dir in %python_subdirs; do
|
|
||||||
# because "make check" does "make install" on the whole tree,
|
# because "make check" does "make install" on the whole tree,
|
||||||
# we must temporarily install *plpython3 dir as *plpython,
|
# we must temporarily install plpython3 as src/pl/plpython,
|
||||||
# since that is the subdirectory src/pl/Makefile knows about
|
# since that is the subdirectory src/pl/Makefile knows about
|
||||||
mv "$dir" "${dir}2"
|
mv src/pl/plpython src/pl/plpython2
|
||||||
mv "${dir}3" "$dir"
|
mv src/pl/plpython3 src/pl/plpython
|
||||||
done
|
|
||||||
|
|
||||||
for dir in %python_subdirs; do
|
run_testsuite "src/pl/plpython"
|
||||||
run_testsuite "$dir"
|
|
||||||
done
|
|
||||||
|
|
||||||
for dir in %python_subdirs; do
|
|
||||||
# and clean up our mess
|
# and clean up our mess
|
||||||
mv "$dir" "${dir}3"
|
mv src/pl/plpython src/pl/plpython3
|
||||||
mv "${dir}2" "${dir}"
|
mv src/pl/plpython2 src/pl/plpython
|
||||||
done
|
|
||||||
|
|
||||||
mv -f src/Makefile.global.save src/Makefile.global
|
mv -f src/Makefile.global.save src/Makefile.global
|
||||||
%endif
|
%endif
|
||||||
run_testsuite "contrib"
|
run_testsuite "contrib"
|
||||||
@ -618,9 +598,6 @@ upgrade_configure ()
|
|||||||
--enable-debug \
|
--enable-debug \
|
||||||
--enable-cassert \
|
--enable-cassert \
|
||||||
%endif
|
%endif
|
||||||
%if %icu
|
|
||||||
--with-icu \
|
|
||||||
%endif
|
|
||||||
%if %plperl
|
%if %plperl
|
||||||
--with-perl \
|
--with-perl \
|
||||||
%endif
|
%endif
|
||||||
@ -638,14 +615,11 @@ upgrade_configure ()
|
|||||||
%if %plpython3
|
%if %plpython3
|
||||||
export PYTHON=/usr/bin/python3
|
export PYTHON=/usr/bin/python3
|
||||||
upgrade_configure --with-python
|
upgrade_configure --with-python
|
||||||
for dir in %python_subdirs; do
|
# upstream fixed this later 7107d58ec5a3c45967e77525809612a5f89b97f3
|
||||||
# Previous version doesn't necessarily have this.
|
make %{?_smp_mflags} -C src/backend submake-errcodes
|
||||||
test -d "$dir" || continue
|
make %{?_smp_mflags} -C src/pl/plpython all
|
||||||
%make_build -C "$dir" all
|
|
||||||
|
|
||||||
# save aside the only one file which we are interested here
|
# save aside the only one file which we are interested here
|
||||||
cp "$dir"/*plpython3.so ./
|
cp src/pl/plpython/plpython3.so ./
|
||||||
done
|
|
||||||
unset PYTHON
|
unset PYTHON
|
||||||
make distclean
|
make distclean
|
||||||
%endif
|
%endif
|
||||||
@ -693,9 +667,9 @@ rm -r $RPM_BUILD_ROOT/%_includedir/pgsql/internal/
|
|||||||
mv src/Makefile.global src/Makefile.global.save
|
mv src/Makefile.global src/Makefile.global.save
|
||||||
cp src/Makefile.global.python3 src/Makefile.global
|
cp src/Makefile.global.python3 src/Makefile.global
|
||||||
touch -r src/Makefile.global.save src/Makefile.global
|
touch -r src/Makefile.global.save src/Makefile.global
|
||||||
for dir in %python_subdirs; do
|
pushd src/pl/plpython3
|
||||||
%make_install -C "${dir}3"
|
make DESTDIR=$RPM_BUILD_ROOT install
|
||||||
done
|
popd
|
||||||
mv -f src/Makefile.global.save src/Makefile.global
|
mv -f src/Makefile.global.save src/Makefile.global
|
||||||
%endif
|
%endif
|
||||||
|
|
||||||
@ -742,10 +716,8 @@ rm $RPM_BUILD_ROOT/%{_datadir}/man/man1/ecpg.1
|
|||||||
make DESTDIR=$RPM_BUILD_ROOT install
|
make DESTDIR=$RPM_BUILD_ROOT install
|
||||||
make -C contrib DESTDIR=$RPM_BUILD_ROOT install
|
make -C contrib DESTDIR=$RPM_BUILD_ROOT install
|
||||||
%if %plpython3
|
%if %plpython3
|
||||||
for file in *plpython3.so; do
|
install -m 755 plpython3.so \
|
||||||
install -m 755 "$file" \
|
|
||||||
$RPM_BUILD_ROOT/%_libdir/pgsql/postgresql-%prevmajorversion/lib
|
$RPM_BUILD_ROOT/%_libdir/pgsql/postgresql-%prevmajorversion/lib
|
||||||
done
|
|
||||||
%endif
|
%endif
|
||||||
popd
|
popd
|
||||||
|
|
||||||
@ -753,8 +725,10 @@ rm $RPM_BUILD_ROOT/%{_datadir}/man/man1/ecpg.1
|
|||||||
pushd $RPM_BUILD_ROOT%{_libdir}/pgsql/postgresql-%{prevmajorversion}
|
pushd $RPM_BUILD_ROOT%{_libdir}/pgsql/postgresql-%{prevmajorversion}
|
||||||
rm bin/clusterdb
|
rm bin/clusterdb
|
||||||
rm bin/createdb
|
rm bin/createdb
|
||||||
|
rm bin/createlang
|
||||||
rm bin/createuser
|
rm bin/createuser
|
||||||
rm bin/dropdb
|
rm bin/dropdb
|
||||||
|
rm bin/droplang
|
||||||
rm bin/dropuser
|
rm bin/dropuser
|
||||||
rm bin/ecpg
|
rm bin/ecpg
|
||||||
rm bin/initdb
|
rm bin/initdb
|
||||||
@ -762,7 +736,6 @@ rm $RPM_BUILD_ROOT/%{_datadir}/man/man1/ecpg.1
|
|||||||
rm bin/pg_dump
|
rm bin/pg_dump
|
||||||
rm bin/pg_dumpall
|
rm bin/pg_dumpall
|
||||||
rm bin/pg_restore
|
rm bin/pg_restore
|
||||||
rm bin/pgbench
|
|
||||||
rm bin/psql
|
rm bin/psql
|
||||||
rm bin/reindexdb
|
rm bin/reindexdb
|
||||||
rm bin/vacuumdb
|
rm bin/vacuumdb
|
||||||
@ -824,20 +797,27 @@ rm -f $RPM_BUILD_ROOT%{_bindir}/pgsql/hstore_plperl.so
|
|||||||
rm -f $RPM_BUILD_ROOT%{_bindir}/pgsql/hstore_plpython2.so
|
rm -f $RPM_BUILD_ROOT%{_bindir}/pgsql/hstore_plpython2.so
|
||||||
%endif
|
%endif
|
||||||
|
|
||||||
|
# initialize file lists
|
||||||
|
cp /dev/null main.lst
|
||||||
|
cp /dev/null server.lst
|
||||||
|
cp /dev/null contrib.lst
|
||||||
|
cp /dev/null plperl.lst
|
||||||
|
cp /dev/null pltcl.lst
|
||||||
|
cp /dev/null plpython.lst
|
||||||
|
cp /dev/null plpython3.lst
|
||||||
|
|
||||||
%if %nls
|
%if %nls
|
||||||
find_lang_bins ()
|
find_lang_bins ()
|
||||||
{
|
{
|
||||||
lstfile=$1 ; shift
|
lstfile=$1 ; shift
|
||||||
cp /dev/null "$lstfile"
|
|
||||||
for binary; do
|
for binary; do
|
||||||
%find_lang "$binary"-%{majorversion}
|
%find_lang "$binary"-%{majorversion}
|
||||||
cat "$binary"-%{majorversion}.lang >>"$lstfile"
|
cat "$binary"-%{majorversion}.lang >>$lstfile
|
||||||
done
|
done
|
||||||
}
|
}
|
||||||
find_lang_bins devel.lst pg_server_config
|
find_lang_bins devel.lst pg_server_config
|
||||||
find_lang_bins server.lst \
|
find_lang_bins server.lst \
|
||||||
initdb pg_basebackup pg_controldata pg_ctl pg_resetwal pg_rewind plpgsql \
|
initdb pg_basebackup pg_controldata pg_ctl pg_resetwal pg_rewind plpgsql postgres
|
||||||
postgres pg_checksums
|
|
||||||
find_lang_bins contrib.lst \
|
find_lang_bins contrib.lst \
|
||||||
pg_archivecleanup pg_test_fsync pg_test_timing pg_waldump
|
pg_archivecleanup pg_test_fsync pg_test_timing pg_waldump
|
||||||
find_lang_bins main.lst \
|
find_lang_bins main.lst \
|
||||||
@ -879,10 +859,14 @@ find_lang_bins pltcl.lst pltcl
|
|||||||
make -C postgresql-setup-%{setup_version} check
|
make -C postgresql-setup-%{setup_version} check
|
||||||
%endif
|
%endif
|
||||||
|
|
||||||
|
|
||||||
|
%clean
|
||||||
|
|
||||||
|
|
||||||
# FILES sections.
|
# FILES sections.
|
||||||
%files -f main.lst
|
%files -f main.lst
|
||||||
%doc doc/KNOWN_BUGS doc/MISSING_FEATURES doc/TODO
|
%doc doc/KNOWN_BUGS doc/MISSING_FEATURES doc/TODO
|
||||||
%doc COPYRIGHT README HISTORY
|
%doc COPYRIGHT README HISTORY doc/bug.template
|
||||||
%doc README.rpm-dist
|
%doc README.rpm-dist
|
||||||
%{_bindir}/clusterdb
|
%{_bindir}/clusterdb
|
||||||
%{_bindir}/createdb
|
%{_bindir}/createdb
|
||||||
@ -929,14 +913,13 @@ make -C postgresql-setup-%{setup_version} check
|
|||||||
%{_bindir}/pg_waldump
|
%{_bindir}/pg_waldump
|
||||||
%{_bindir}/pgbench
|
%{_bindir}/pgbench
|
||||||
%{_bindir}/vacuumlo
|
%{_bindir}/vacuumlo
|
||||||
%dir %{_datadir}/pgsql/contrib
|
|
||||||
%dir %{_datadir}/pgsql/extension
|
|
||||||
%{_datadir}/pgsql/extension/adminpack*
|
%{_datadir}/pgsql/extension/adminpack*
|
||||||
%{_datadir}/pgsql/extension/amcheck*
|
%{_datadir}/pgsql/extension/amcheck*
|
||||||
%{_datadir}/pgsql/extension/autoinc*
|
%{_datadir}/pgsql/extension/autoinc*
|
||||||
%{_datadir}/pgsql/extension/bloom*
|
%{_datadir}/pgsql/extension/bloom*
|
||||||
%{_datadir}/pgsql/extension/btree_gin*
|
%{_datadir}/pgsql/extension/btree_gin*
|
||||||
%{_datadir}/pgsql/extension/btree_gist*
|
%{_datadir}/pgsql/extension/btree_gist*
|
||||||
|
%{_datadir}/pgsql/extension/chkpass*
|
||||||
%{_datadir}/pgsql/extension/citext*
|
%{_datadir}/pgsql/extension/citext*
|
||||||
%{_datadir}/pgsql/extension/cube*
|
%{_datadir}/pgsql/extension/cube*
|
||||||
%{_datadir}/pgsql/extension/dblink*
|
%{_datadir}/pgsql/extension/dblink*
|
||||||
@ -950,18 +933,6 @@ make -C postgresql-setup-%{setup_version} check
|
|||||||
%{_datadir}/pgsql/extension/intagg*
|
%{_datadir}/pgsql/extension/intagg*
|
||||||
%{_datadir}/pgsql/extension/intarray*
|
%{_datadir}/pgsql/extension/intarray*
|
||||||
%{_datadir}/pgsql/extension/isn*
|
%{_datadir}/pgsql/extension/isn*
|
||||||
%if %{plperl}
|
|
||||||
%{_datadir}/pgsql/extension/jsonb_plperl*
|
|
||||||
%endif
|
|
||||||
%if %{plpython}
|
|
||||||
%{_datadir}/pgsql/extension/jsonb_plpythonu*
|
|
||||||
%{_datadir}/pgsql/extension/jsonb_plpython2u*
|
|
||||||
%endif
|
|
||||||
%if %{plpython3}
|
|
||||||
%{_datadir}/pgsql/extension/jsonb_plpythonu*
|
|
||||||
%{_datadir}/pgsql/extension/jsonb_plpython2u*
|
|
||||||
%{_datadir}/pgsql/extension/jsonb_plpython3u*
|
|
||||||
%endif
|
|
||||||
%{_datadir}/pgsql/extension/lo*
|
%{_datadir}/pgsql/extension/lo*
|
||||||
%{_datadir}/pgsql/extension/ltree*
|
%{_datadir}/pgsql/extension/ltree*
|
||||||
%{_datadir}/pgsql/extension/moddatetime*
|
%{_datadir}/pgsql/extension/moddatetime*
|
||||||
@ -980,6 +951,7 @@ make -C postgresql-setup-%{setup_version} check
|
|||||||
%{_datadir}/pgsql/extension/seg*
|
%{_datadir}/pgsql/extension/seg*
|
||||||
%{_datadir}/pgsql/extension/tablefunc*
|
%{_datadir}/pgsql/extension/tablefunc*
|
||||||
%{_datadir}/pgsql/extension/tcn*
|
%{_datadir}/pgsql/extension/tcn*
|
||||||
|
%{_datadir}/pgsql/extension/timetravel*
|
||||||
%{_datadir}/pgsql/extension/tsm_system_rows*
|
%{_datadir}/pgsql/extension/tsm_system_rows*
|
||||||
%{_datadir}/pgsql/extension/tsm_system_time*
|
%{_datadir}/pgsql/extension/tsm_system_time*
|
||||||
%{_datadir}/pgsql/extension/unaccent*
|
%{_datadir}/pgsql/extension/unaccent*
|
||||||
@ -992,6 +964,7 @@ make -C postgresql-setup-%{setup_version} check
|
|||||||
%{_libdir}/pgsql/bloom.so
|
%{_libdir}/pgsql/bloom.so
|
||||||
%{_libdir}/pgsql/btree_gin.so
|
%{_libdir}/pgsql/btree_gin.so
|
||||||
%{_libdir}/pgsql/btree_gist.so
|
%{_libdir}/pgsql/btree_gist.so
|
||||||
|
%{_libdir}/pgsql/chkpass.so
|
||||||
%{_libdir}/pgsql/citext.so
|
%{_libdir}/pgsql/citext.so
|
||||||
%{_libdir}/pgsql/cube.so
|
%{_libdir}/pgsql/cube.so
|
||||||
%{_libdir}/pgsql/dblink.so
|
%{_libdir}/pgsql/dblink.so
|
||||||
@ -1007,28 +980,13 @@ make -C postgresql-setup-%{setup_version} check
|
|||||||
%if %plpython
|
%if %plpython
|
||||||
%{_libdir}/pgsql/hstore_plpython2.so
|
%{_libdir}/pgsql/hstore_plpython2.so
|
||||||
%endif
|
%endif
|
||||||
%if %plpython3
|
|
||||||
%{_libdir}/pgsql/hstore_plpython3.so
|
|
||||||
%endif
|
|
||||||
%{_libdir}/pgsql/insert_username.so
|
%{_libdir}/pgsql/insert_username.so
|
||||||
%{_libdir}/pgsql/isn.so
|
%{_libdir}/pgsql/isn.so
|
||||||
%if %plperl
|
|
||||||
%{_libdir}/pgsql/jsonb_plperl.so
|
|
||||||
%endif
|
|
||||||
%if %plpython
|
|
||||||
%{_libdir}/pgsql/jsonb_plpython2.so
|
|
||||||
%endif
|
|
||||||
%if %plpython3
|
|
||||||
%{_libdir}/pgsql/jsonb_plpython3.so
|
|
||||||
%endif
|
|
||||||
%{_libdir}/pgsql/lo.so
|
%{_libdir}/pgsql/lo.so
|
||||||
%{_libdir}/pgsql/ltree.so
|
%{_libdir}/pgsql/ltree.so
|
||||||
%if %plpython
|
%if %plpython
|
||||||
%{_libdir}/pgsql/ltree_plpython2.so
|
%{_libdir}/pgsql/ltree_plpython2.so
|
||||||
%endif
|
%endif
|
||||||
%if %plpython3
|
|
||||||
%{_libdir}/pgsql/ltree_plpython3.so
|
|
||||||
%endif
|
|
||||||
%{_libdir}/pgsql/moddatetime.so
|
%{_libdir}/pgsql/moddatetime.so
|
||||||
%{_libdir}/pgsql/pageinspect.so
|
%{_libdir}/pgsql/pageinspect.so
|
||||||
%{_libdir}/pgsql/passwordcheck.so
|
%{_libdir}/pgsql/passwordcheck.so
|
||||||
@ -1046,6 +1004,7 @@ make -C postgresql-setup-%{setup_version} check
|
|||||||
%{_libdir}/pgsql/tablefunc.so
|
%{_libdir}/pgsql/tablefunc.so
|
||||||
%{_libdir}/pgsql/tcn.so
|
%{_libdir}/pgsql/tcn.so
|
||||||
%{_libdir}/pgsql/test_decoding.so
|
%{_libdir}/pgsql/test_decoding.so
|
||||||
|
%{_libdir}/pgsql/timetravel.so
|
||||||
%{_libdir}/pgsql/tsm_system_rows.so
|
%{_libdir}/pgsql/tsm_system_rows.so
|
||||||
%{_libdir}/pgsql/tsm_system_time.so
|
%{_libdir}/pgsql/tsm_system_time.so
|
||||||
%{_libdir}/pgsql/unaccent.so
|
%{_libdir}/pgsql/unaccent.so
|
||||||
@ -1085,7 +1044,6 @@ make -C postgresql-setup-%{setup_version} check
|
|||||||
%{_bindir}/pg_recvlogical
|
%{_bindir}/pg_recvlogical
|
||||||
%{_bindir}/pg_resetwal
|
%{_bindir}/pg_resetwal
|
||||||
%{_bindir}/pg_rewind
|
%{_bindir}/pg_rewind
|
||||||
%{_bindir}/pg_checksums
|
|
||||||
%{_bindir}/postgres
|
%{_bindir}/postgres
|
||||||
%{_bindir}/postgresql-setup
|
%{_bindir}/postgresql-setup
|
||||||
%{_bindir}/postgresql-upgrade
|
%{_bindir}/postgresql-upgrade
|
||||||
@ -1093,6 +1051,7 @@ make -C postgresql-setup-%{setup_version} check
|
|||||||
%dir %{_datadir}/pgsql
|
%dir %{_datadir}/pgsql
|
||||||
%{_datadir}/pgsql/*.sample
|
%{_datadir}/pgsql/*.sample
|
||||||
%dir %{_datadir}/pgsql/contrib
|
%dir %{_datadir}/pgsql/contrib
|
||||||
|
%{_datadir}/pgsql/conversion_create.sql
|
||||||
%dir %{_datadir}/pgsql/extension
|
%dir %{_datadir}/pgsql/extension
|
||||||
%{_datadir}/pgsql/extension/plpgsql*
|
%{_datadir}/pgsql/extension/plpgsql*
|
||||||
%{_datadir}/pgsql/information_schema.sql
|
%{_datadir}/pgsql/information_schema.sql
|
||||||
@ -1106,7 +1065,6 @@ make -C postgresql-setup-%{setup_version} check
|
|||||||
%{_datadir}/pgsql/tsearch_data/
|
%{_datadir}/pgsql/tsearch_data/
|
||||||
%dir %{_datadir}/postgresql-setup
|
%dir %{_datadir}/postgresql-setup
|
||||||
%{_datadir}/postgresql-setup/library.sh
|
%{_datadir}/postgresql-setup/library.sh
|
||||||
%dir %{_libdir}/pgsql
|
|
||||||
%{_libdir}/pgsql/*_and_*.so
|
%{_libdir}/pgsql/*_and_*.so
|
||||||
%{_libdir}/pgsql/dict_snowball.so
|
%{_libdir}/pgsql/dict_snowball.so
|
||||||
%{_libdir}/pgsql/euc2004_sjis2004.so
|
%{_libdir}/pgsql/euc2004_sjis2004.so
|
||||||
@ -1127,12 +1085,11 @@ make -C postgresql-setup-%{setup_version} check
|
|||||||
%{_mandir}/man1/pg_receivewal.*
|
%{_mandir}/man1/pg_receivewal.*
|
||||||
%{_mandir}/man1/pg_resetwal.*
|
%{_mandir}/man1/pg_resetwal.*
|
||||||
%{_mandir}/man1/pg_rewind.*
|
%{_mandir}/man1/pg_rewind.*
|
||||||
%{_mandir}/man1/pg_checksums.*
|
|
||||||
%{_mandir}/man1/postgres.*
|
%{_mandir}/man1/postgres.*
|
||||||
%{_mandir}/man1/postgresql-new-systemd-unit.*
|
%{_mandir}/man1/postgresql-new-systemd-unit.*
|
||||||
%{_mandir}/man1/postgresql-setup.*
|
%{_mandir}/man1/postgresql-setup.*
|
||||||
%{_mandir}/man1/postgresql-upgrade.*
|
|
||||||
%{_mandir}/man1/postmaster.*
|
%{_mandir}/man1/postmaster.*
|
||||||
|
%{_mandir}/man1/postgresql-upgrade.*
|
||||||
%{_sbindir}/postgresql-new-systemd-unit
|
%{_sbindir}/postgresql-new-systemd-unit
|
||||||
%{_tmpfilesdir}/postgresql.conf
|
%{_tmpfilesdir}/postgresql.conf
|
||||||
%{_unitdir}/*postgresql*.service
|
%{_unitdir}/*postgresql*.service
|
||||||
@ -1148,10 +1105,9 @@ make -C postgresql-setup-%{setup_version} check
|
|||||||
|
|
||||||
%files server-devel -f devel.lst
|
%files server-devel -f devel.lst
|
||||||
%{_bindir}/pg_server_config
|
%{_bindir}/pg_server_config
|
||||||
%dir %{_datadir}/pgsql
|
|
||||||
%{_datadir}/pgsql/errcodes.txt
|
|
||||||
%dir %{_includedir}/pgsql
|
%dir %{_includedir}/pgsql
|
||||||
%{_includedir}/pgsql/server
|
%dir %{_includedir}/pgsql/server
|
||||||
|
%{_includedir}/pgsql/server/*
|
||||||
%{_libdir}/pgsql/pgxs/
|
%{_libdir}/pgsql/pgxs/
|
||||||
%{_mandir}/man1/pg_server_config.*
|
%{_mandir}/man1/pg_server_config.*
|
||||||
%{_mandir}/man3/SPI_*
|
%{_mandir}/man3/SPI_*
|
||||||
@ -1166,8 +1122,6 @@ make -C postgresql-setup-%{setup_version} check
|
|||||||
%files static
|
%files static
|
||||||
%{_libdir}/libpgcommon.a
|
%{_libdir}/libpgcommon.a
|
||||||
%{_libdir}/libpgport.a
|
%{_libdir}/libpgport.a
|
||||||
%{_libdir}/libpgcommon_shlib.a
|
|
||||||
%{_libdir}/libpgport_shlib.a
|
|
||||||
|
|
||||||
|
|
||||||
%if %upgrade
|
%if %upgrade
|
||||||
@ -1176,14 +1130,12 @@ make -C postgresql-setup-%{setup_version} check
|
|||||||
%exclude %{_libdir}/pgsql/postgresql-%{prevmajorversion}/bin/pg_config
|
%exclude %{_libdir}/pgsql/postgresql-%{prevmajorversion}/bin/pg_config
|
||||||
%{_libdir}/pgsql/postgresql-%{prevmajorversion}/lib
|
%{_libdir}/pgsql/postgresql-%{prevmajorversion}/lib
|
||||||
%exclude %{_libdir}/pgsql/postgresql-%{prevmajorversion}/lib/pgxs
|
%exclude %{_libdir}/pgsql/postgresql-%{prevmajorversion}/lib/pgxs
|
||||||
%exclude %{_libdir}/pgsql/postgresql-%{prevmajorversion}/lib/pkgconfig
|
|
||||||
%{_libdir}/pgsql/postgresql-%{prevmajorversion}/share
|
%{_libdir}/pgsql/postgresql-%{prevmajorversion}/share
|
||||||
|
|
||||||
|
|
||||||
%files upgrade-devel
|
%files upgrade-devel
|
||||||
%{_libdir}/pgsql/postgresql-%{prevmajorversion}/bin/pg_config
|
%{_libdir}/pgsql/postgresql-%{prevmajorversion}/bin/pg_config
|
||||||
%{_libdir}/pgsql/postgresql-%{prevmajorversion}/include
|
%{_libdir}/pgsql/postgresql-%{prevmajorversion}/include
|
||||||
%{_libdir}/pgsql/postgresql-%{prevmajorversion}/lib/pkgconfig
|
|
||||||
%{_libdir}/pgsql/postgresql-%{prevmajorversion}/lib/pgxs
|
%{_libdir}/pgsql/postgresql-%{prevmajorversion}/lib/pgxs
|
||||||
%{macrosdir}/macros.%name-upgrade
|
%{macrosdir}/macros.%name-upgrade
|
||||||
%endif
|
%endif
|
||||||
@ -1225,231 +1177,114 @@ make -C postgresql-setup-%{setup_version} check
|
|||||||
|
|
||||||
|
|
||||||
%changelog
|
%changelog
|
||||||
* Mon Feb 26 2024 Eduard Abdullin <eabdullin@almalinux.org> - 12.18-1.alma.1
|
* Mon Dec 18 2023 Lubos Kloucek <lubos.kloucek@oracle.com> - 10.23-3
|
||||||
- Update to version 12.18
|
- Resolves: CVE-2023-5869
|
||||||
|
|
||||||
* Fri Dec 15 2023 Tianyue Lan <tianyue.lan@oracle.com> - 12.17-1
|
* Tue Aug 08 2023 David Sloboda <david.x.sloboda@oracle.com> - 10.23-2.0.1
|
||||||
- Update to version 12.17
|
|
||||||
- Resolves: Fix: CVE-2023-5868, CVE-2023-5869, CVE-2023-5870, CVE-2023-39417
|
|
||||||
|
|
||||||
* Wed Nov 01 2023 Eduard Abdullin <eabdullin@almalinux.org> - 12.15-1.alma.1
|
|
||||||
- Update postgresql-setup version
|
|
||||||
|
|
||||||
* Tue Aug 08 2023 David Sloboda <david.x.sloboda@oracle.com> - 12.15-1.0.1
|
|
||||||
- Fixed postgresql port binding issue during bootup [Orabug: 35103668]
|
- Fixed postgresql port binding issue during bootup [Orabug: 35103668]
|
||||||
|
|
||||||
* Tue Aug 08 2023 David Sloboda <david.x.sloboda@oracle.com> - 12.15-1
|
* Wed Jul 19 2023 Dominik Rehák <drehak@redhat.com> - 10.23-2
|
||||||
|
- Backport fixes for CVE-2023-2454 and CVE-2023-2455
|
||||||
- Update postgresql-setup to 8.7 (https://github.com/devexp-db/postgresql-setup/pull/35)
|
- Update postgresql-setup to 8.7 (https://github.com/devexp-db/postgresql-setup/pull/35)
|
||||||
- Resolves: #2207932
|
- Resolves: #2207931
|
||||||
- Update to version 12.15
|
|
||||||
|
|
||||||
* Fri Sep 30 2022 Filip Januš <fjanus@redhat.com> - 12.12-1
|
* Wed Nov 16 2022 Filip Januš <fjanus@redhat.com> - 10.23-1
|
||||||
- Resolves: #2114732
|
- Resolves: CVE-2022-2625
|
||||||
- Update to version 12.12
|
- Rebase to 10.23
|
||||||
|
|
||||||
* Mon May 16 2022 Filip Januš <fjanus@redhat.com> - 12.11-1
|
* Mon May 16 2022 Filip Januš <fjanus@redhat.com> - 10.21-1
|
||||||
- Resolves: CVE-2022-1552
|
- Resolves: CVE-2022-1552
|
||||||
- Update to 12.11
|
- Update to 10.21
|
||||||
- Release notes: https://www.postgresql.org/docs/release/12.11/
|
- Release notes: https://www.postgresql.org/docs/release/10.21/
|
||||||
|
|
||||||
* Tue Nov 30 2021 Filip Januš <fjanus@redhat.com> - 12.9-3
|
* Mon Dec 13 2021 Filip Januš <fjanus@redhat.com> - 10.19-2
|
||||||
- Add missing files from postgresql-setup v8.6
|
- Add missing files into file section of server package
|
||||||
- Realted: #1935301
|
postgresql-setup v8.6 newly provides postgresql-upgrade
|
||||||
|
|
||||||
* Mon Nov 29 2021 Marek Kulik <mkulik@redhat.com> - 12.9-2
|
* Mon Dec 06 2021 Filip Januš <fjanus@redhat.com> - 10.19-1
|
||||||
- Update postgresql-setup to 8.6 (#1935301)
|
- Update to 10.19
|
||||||
|
- Resolves: CVE-2021-23214
|
||||||
|
|
||||||
* Mon Nov 15 2021 Filip Januš <fjanus@redhat.com> - 12.9-1
|
* Mon Nov 29 2021 Marek Kulik <mkulik@redhat.com> - 10.17-4
|
||||||
- Update to 12.9
|
- Update postgresql-setup to 8.6 (#2024568)
|
||||||
- Resolves: #2007213
|
|
||||||
|
|
||||||
* Fri Nov 05 2021 Filip Januš <fjanus@redhat.com> - 12.7-3
|
* Wed Nov 03 2021 Filip Januš <fjanus@redhat.com> - 10.17-3
|
||||||
- Using correct path to tmpfiles
|
- Fix tmp files deprecated path
|
||||||
- Resolves: #2016991
|
- Resolves: #1992263
|
||||||
|
|
||||||
* Wed Jul 14 2021 Filip Januš <fjanus@redhat.com> - 12.7-2
|
* Wed Jul 14 2021 Filip Januš <fjanus@redhat.com> - 10.17-2
|
||||||
- Enable ssl for upgrade server
|
- Enable ssl for upgrade server
|
||||||
Resolves: #1981518
|
Resolves: #1982701
|
||||||
|
|
||||||
* Tue Jun 1 2021 Filip Januš <fjanus@redhat.com> 12.7-1
|
* Tue Jun 1 2021 Filip Januš <fjanus@redhat.com> - 10.17-1
|
||||||
- Update to 12.7
|
- Update to 10.17
|
||||||
Resolves: #1964511
|
Resolves: #1964521
|
||||||
Fix: CVE-2021-32027,CVE-2021-32028
|
Fix: CVE-2021-32027, CVE-2021-32028
|
||||||
|
|
||||||
* Tue Nov 17 2020 Patrik Novotný <panovotn@redhat.com> - 12.5-1
|
* Wed Nov 18 2020 Patrik Novotný <panovotn@redhat.com> - 10.15-1
|
||||||
- Rebase to upstream release 12.5
|
- Rebase to upstream release 10.15
|
||||||
Resolves: rhbz#1898330
|
Resolves: rhbz#1898214
|
||||||
Resolves: rhbz#1898224
|
Resolves: rhbz#1898342
|
||||||
Resolves: rhbz#1898244
|
Resolves: rhbz#1898248
|
||||||
|
|
||||||
* Tue Nov 26 2019 Patrik Novotný <panovotn@redhat.com> - 12.1-3
|
* Tue Aug 11 2020 Patrik Novotný <panovotn@redhat.com> - 10.14-1
|
||||||
- Release bump for 8.2.0 BZ#1776805
|
- Rebase to upstream release 10.14
|
||||||
|
Fixes RHBZ#1727803
|
||||||
|
Fixes RHBZ#1741489
|
||||||
|
Fixes RHBZ#1709196
|
||||||
|
|
||||||
* Tue Nov 19 2019 Patrik Novotný <panovotn@redhat.com> - 12.1-2
|
* Tue May 12 2020 Patrik Novotný <panovotn@redhat.com> - 10.13-1
|
||||||
- Release bump for rebuild against libpq-12.1-3
|
- Rebase to upstream release 10.13
|
||||||
|
Fixes RHBZ#1727803
|
||||||
|
Fixes RHBZ#1741489
|
||||||
|
Fixes RHBZ#1709196
|
||||||
|
|
||||||
* Tue Nov 12 2019 Patrik Novotný <panovotn@redhat.com> - 12.1-1
|
* Thu Nov 15 2018 Pavel Raiskup <praiskup@redhat.com> - 10.6-1
|
||||||
- Rebase to upstream release 12.1
|
- update to 10.6 per release notes:
|
||||||
|
https://www.postgresql.org/docs/10/release-10-6.html
|
||||||
|
|
||||||
* Thu Oct 03 2019 Patrik Novotný <panovotn@redhat.com> - 12.0-1
|
* Fri Aug 10 2018 Pavel Raiskup <praiskup@redhat.com> - 10.5-1
|
||||||
- Rebase to upstream release 12.0
|
|
||||||
|
|
||||||
* Thu Sep 12 2019 Patrik Novotný <panovotn@redhat.com> - 12.0-0.3
|
|
||||||
- Rebase to upstream beta release 12beta4
|
|
||||||
- postgresql-server-devel requires krb5-devel
|
|
||||||
|
|
||||||
* Thu Aug 08 2019 Petr Kubat <pkubat@redhat.com> - 12.0-0.2
|
|
||||||
- Rebase to upstream beta release 12beta3
|
|
||||||
|
|
||||||
* Wed Jul 03 2019 Patrik Novotný <panovotn@redhat.com> - 12.0-0.1
|
|
||||||
- Rebase to upstream beta release 12beta2
|
|
||||||
|
|
||||||
* Fri May 31 2019 Jitka Plesnikova <jplesnik@redhat.com> - 11.3-2
|
|
||||||
- Perl 5.30 rebuild
|
|
||||||
|
|
||||||
* Thu May 09 2019 Patrik Novotný <panovotn@redhat.com> - 11.3-1
|
|
||||||
- Rebase to upstream release 11.3
|
|
||||||
https://www.postgresql.org/docs/11/release-11-3.html
|
|
||||||
|
|
||||||
* Tue Mar 05 2019 Pavel Raiskup <praiskup@redhat.com> - 11.2-3
|
|
||||||
- update postgresql-setup to 8.4 (related to rhbz#1668301)
|
|
||||||
|
|
||||||
* Sun Feb 17 2019 Igor Gnatenko <ignatenkobrain@fedoraproject.org> - 11.2-2
|
|
||||||
- Rebuild for readline 8.0
|
|
||||||
|
|
||||||
* Thu Feb 14 2019 Patrik Novotný <panovotn@redhat.com> - 11.2-1
|
|
||||||
- Rebase to upstream release 11.2
|
|
||||||
|
|
||||||
* Thu Feb 14 2019 Pavel Raiskup <praiskup@redhat.com> - 11.1-5
|
|
||||||
- protect against building server against older libpq library
|
|
||||||
|
|
||||||
* Sat Feb 02 2019 Fedora Release Engineering <releng@fedoraproject.org> - 11.1-4
|
|
||||||
- Rebuilt for https://fedoraproject.org/wiki/Fedora_30_Mass_Rebuild
|
|
||||||
|
|
||||||
* Tue Jan 22 2019 Pavel Raiskup <praiskup@redhat.com> - 11.1-3
|
|
||||||
- build with ICU support, to provide more opt-in collations
|
|
||||||
|
|
||||||
* Mon Jan 14 2019 Björn Esser <besser82@fedoraproject.org> - 11.1-2
|
|
||||||
- Rebuilt for libcrypt.so.2 (#1666033)
|
|
||||||
|
|
||||||
* Wed Nov 07 2018 Patrik Novotný <panovotn@redhat.com> - 11.1-1
|
|
||||||
- Rebase to upstream release 11.1
|
|
||||||
https://www.postgresql.org/docs/11/release-11-1.html
|
|
||||||
|
|
||||||
* Fri Oct 26 2018 Pavel Raiskup <praiskup@redhat.com> - 11.0-2
|
|
||||||
- build also contrib *plpython3 modules
|
|
||||||
|
|
||||||
* Tue Oct 16 2018 Pavel Raiskup <praiskup@redhat.com> - 11.0-1
|
|
||||||
- new upstream release, per release notes:
|
|
||||||
https://www.postgresql.org/docs/11/static/release-11.html
|
|
||||||
|
|
||||||
* Wed Sep 05 2018 Pavel Raiskup <praiskup@redhat.com> - 10.5-4
|
|
||||||
- build without postgresql-libs; libraries moved to libpq and libecpg
|
|
||||||
|
|
||||||
* Mon Aug 27 2018 Pavel Raiskup <praiskup@redhat.com> - 10.5-3
|
|
||||||
- devel subpackage provides postgresql-server-devel and libecpg-devel
|
|
||||||
(first step for rhbz#1618698)
|
|
||||||
|
|
||||||
* Mon Aug 27 2018 Pavel Raiskup <praiskup@redhat.com> - 10.5-2
|
|
||||||
- packaging cleanup
|
|
||||||
- devel subpackage to provide libpq-devel (first step for rhbz#1618698)
|
|
||||||
|
|
||||||
* Wed Aug 08 2018 Pavel Raiskup <praiskup@redhat.com> - 10.5-1
|
|
||||||
- update to 10.5 per release notes:
|
- update to 10.5 per release notes:
|
||||||
https://www.postgresql.org/docs/10/static/release-10-5.html
|
https://www.postgresql.org/docs/10/static/release-10-5.html
|
||||||
|
|
||||||
* Thu Aug 02 2018 Pavel Raiskup <praiskup@redhat.com> - 10.4-8
|
* Thu Aug 02 2018 Pavel Raiskup <praiskup@redhat.com> - 10.4-4
|
||||||
- new postgresql-setup, the %%postgresql_tests* macros now start
|
- new postgresql-setup, the %%postgresql_tests* macros now start
|
||||||
the build-time server on random port number
|
the build-time server on random port number
|
||||||
|
|
||||||
* Fri Jul 13 2018 Fedora Release Engineering <releng@fedoraproject.org> - 10.4-7
|
* Wed Aug 01 2018 Pavel Raiskup <praiskup@redhat.com> - 10.4-3
|
||||||
- Rebuilt for https://fedoraproject.org/wiki/Fedora_29_Mass_Rebuild
|
- gcc is fixed (rhbz#1600395), dropping the workaround patch
|
||||||
|
|
||||||
* Thu Jul 12 2018 Pavel Raiskup <praiskup@redhat.com> - 10.4-6
|
* Thu Jul 12 2018 Pavel Raiskup <praiskup@redhat.com> - 10.4-2
|
||||||
- drop ppc64 patch, gcc is already fixed (rhbz#1544349)
|
- fix pg_config-*.mo collision with libpq-devel
|
||||||
- move pg_config*.mo files into devel subpackage
|
|
||||||
|
|
||||||
* Mon Jul 09 2018 Pavel Raiskup <praiskup@redhat.com> - 10.4-5
|
* Thu Jul 12 2018 Pavel Raiskup <praiskup@redhat.com> - 10.4-1
|
||||||
- re-enable -O3 for 64bit PPC boxes
|
- sync with fedora rawhide
|
||||||
- explicitly set PYTHON=python2, /bin/python doesn't exist fc29+
|
|
||||||
|
|
||||||
* Tue Jul 03 2018 Petr Pisar <ppisar@redhat.com> - 10.4-4
|
|
||||||
- Perl 5.28 rebuild
|
|
||||||
|
|
||||||
* Wed Jun 27 2018 Jitka Plesnikova <jplesnik@redhat.com> - 10.4-3
|
|
||||||
- Perl 5.28 rebuild
|
|
||||||
|
|
||||||
* Tue Jun 19 2018 Miro Hrončok <mhroncok@redhat.com> - 10.4-2
|
|
||||||
- Rebuilt for Python 3.7
|
|
||||||
|
|
||||||
* Wed May 09 2018 Pavel Raiskup <praiskup@redhat.com> - 10.4-1
|
|
||||||
- update to 10.4 per release notes:
|
|
||||||
https://www.postgresql.org/docs/10/static/release-10-4.html
|
|
||||||
|
|
||||||
* Thu Apr 26 2018 Pavel Raiskup <praiskup@redhat.com> - 10.3-5
|
* Thu Apr 26 2018 Pavel Raiskup <praiskup@redhat.com> - 10.3-5
|
||||||
- pltcl: drop tcl-pltcl dependency (rhbz#1571181)
|
- pltcl: drop tcl-pltcl dependency (rhbz#1571181)
|
||||||
|
|
||||||
* Thu Apr 19 2018 Pavel Raiskup <praiskup@redhat.com> - 10.3-4
|
* Thu Apr 19 2018 Pavel Raiskup <praiskup@redhat.com> - 10.3-4
|
||||||
- upgrade: package plpython*.so modules
|
- fix upgrade subpackage (sync with F28+)
|
||||||
|
|
||||||
* Mon Apr 16 2018 Pavel Raiskup <praiskup@redhat.com> - 10.3-3
|
* Wed Apr 18 2018 Pavel Raiskup <praiskup@redhat.com> - 10.3-3
|
||||||
- upgrade: package plperl.so and pltcl.so
|
- missing *-devel => *-server-devel* changes (rhbz#1569041)
|
||||||
- upgrade: package contrib modules
|
|
||||||
- upgrade: drop dynamic libraries
|
|
||||||
|
|
||||||
* Fri Apr 13 2018 Pavel Raiskup <praiskup@redhat.com> - 10.3-2
|
* Fri Apr 13 2018 Pavel Raiskup <praiskup@redhat.com> - 10.3-2
|
||||||
- define %%precise_version helper macro
|
- don't build *-libs subpackage
|
||||||
- drop explicit libpq.so provide from *-libs
|
- don't collide with libpq{,-devel}
|
||||||
- update postgresql-setup tarball
|
- sync with fedora rawhide
|
||||||
- add postgresql-test-rpm-macros package
|
|
||||||
|
|
||||||
* Thu Mar 01 2018 Pavel Raiskup <praiskup@redhat.com> - 10.3-1
|
* Thu Mar 01 2018 Pavel Raiskup <praiskup@redhat.com> - 10.3-1
|
||||||
- update to 10.3 per release notes:
|
- update to 10.3 per release notes:
|
||||||
https://www.postgresql.org/docs/10/static/release-10-3.html
|
https://www.postgresql.org/docs/10/static/release-10-3.html
|
||||||
|
|
||||||
* Thu Feb 08 2018 Petr Kubat <pkubat@redhat.com> - 10.2-1
|
* Tue Dec 19 2017 Pavel Raiskup <praiskup@redhat.com> - 10.1-2
|
||||||
- update to 10.2 per release notes:
|
- build plpython3 subpackage
|
||||||
https://www.postgresql.org/docs/10/static/release-10-2.html
|
|
||||||
|
|
||||||
* Sat Jan 20 2018 Björn Esser <besser82@fedoraproject.org> - 10.1-5
|
* Tue Dec 19 2017 Pavel Raiskup <praiskup@redhat.com> - 10.1-1
|
||||||
- Rebuilt for switch to libxcrypt
|
- sync with Fedora 28 state
|
||||||
|
- fix prevmajorversion to 9.2 (RHEL7 version)
|
||||||
* Tue Dec 19 2017 Pavel Raiskup <praiskup@redhat.com> - 10.1-4
|
- reset Release to 1, for RHEL8 purposes
|
||||||
- configure with --with-systemd (rhbz#1414314)
|
|
||||||
- disable startup timeout of PostgreSQL service (rhbz#1525477)
|
|
||||||
|
|
||||||
* Wed Dec 13 2017 Pavel Raiskup <praiskup@redhat.com> - 10.1-3
|
|
||||||
- unify %%configure options for python2/python3 configure
|
|
||||||
- drop --with-krb5 option, not supported since PostgreSQL 9.4
|
|
||||||
- python packaging - requires/provides s/python/python2/
|
|
||||||
|
|
||||||
* Tue Nov 14 2017 Pavel Raiskup <praiskup@redhat.com> - 10.1-2
|
|
||||||
- postgresql-setup v7.0
|
|
||||||
|
|
||||||
* Wed Nov 08 2017 Pavel Raiskup <praiskup@redhat.com> - 10.1-1
|
|
||||||
- update to 10.1 per release notes:
|
|
||||||
https://www.postgresql.org/docs/10/static/release-10-1.html
|
|
||||||
|
|
||||||
* Mon Nov 06 2017 Pavel Raiskup <praiskup@redhat.com> - 10.0-4
|
|
||||||
- rebase to new postgresql-setup 6.0 version, to fix CVE-2017-15097
|
|
||||||
|
|
||||||
* Thu Oct 12 2017 Pavel Raiskup <praiskup@redhat.com> - 10.0-3
|
|
||||||
- confess that we bundle setup scripts and previous version of ourseleves
|
|
||||||
- provide %%postgresql_upgrade_prefix macro
|
|
||||||
|
|
||||||
* Mon Oct 09 2017 Pavel Raiskup <praiskup@redhat.com> - 10.0-2
|
|
||||||
- stricter separation of files in upgrade/upgrade-devel
|
|
||||||
|
|
||||||
* Mon Oct 09 2017 Jozef Mlich <jmlich@redhat.com> - 10.0-2
|
|
||||||
- support for upgrade with extenstions
|
|
||||||
i.e the postgresql-upgrade-devel subpackage was added (rhbz#1475177)
|
|
||||||
|
|
||||||
* Fri Oct 06 2017 Pavel Raiskup <praiskup@redhat.com> - 10.0-1
|
|
||||||
- update to 10.0 per release notes:
|
|
||||||
https://www.postgresql.org/docs/10/static/release-10.html
|
|
||||||
|
|
||||||
* Tue Sep 05 2017 Pavel Raiskup <praiskup@redhat.com> - 9.6.5-2
|
|
||||||
- move %%_libdir/pgsql into *-libs subpackage
|
|
||||||
|
|
||||||
* Tue Aug 29 2017 Pavel Raiskup <praiskup@redhat.com> - 9.6.5-1
|
* Tue Aug 29 2017 Pavel Raiskup <praiskup@redhat.com> - 9.6.5-1
|
||||||
- update to 9.6.5 per release notes:
|
- update to 9.6.5 per release notes:
|
||||||
|
Loading…
Reference in New Issue
Block a user