rpms/postgresql16
6
0
Fork 0
Code Issues Pull Requests Releases Activity

Update to 16.11

Browse Source 
- Fix CVE-2025-12818: libpq undersizes allocations, via integer wraparound
  Integer wraparound in PostgreSQL libpq client library functions allows
  an application input provider or network peer to cause libpq to undersize
  an allocation and write out-of-bounds by hundreds of megabytes, resulting
  in segmentation fault.

Resolves: RHEL-128802 [rhel-10.2]
Resolves: RHEL-128801 [rhel-10.1.z]
This commit is contained in:
Filip Janus 2025-12-01 16:17:27 +00:00
parent 3aac31dde4
commit caadcd6c6f
3 changed files with 11 additions and 4 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

2
.gitignore vendored
View File

@ -19,3 +19,5 @@
/postgresql-16.10.tar.bz2.sha256
/postgresql-13.22.tar.bz2
/postgresql-13.22.tar.bz2.sha256
/postgresql-16.11.tar.bz2
/postgresql-16.11.tar.bz2.sha256

9
postgresql16.spec
View File

@ -47,8 +47,8 @@
Summary: PostgreSQL client programs
Name: %{majorname}%{majorversion}
Version: %{majorversion}.10
Release: 3%{?dist}
Version: %{majorversion}.11
Release: 1%{?dist}
# The PostgreSQL license is very similar to other MIT licenses, but the OSI
# recognizes it as an independent license, so we do as well.
@ -1348,6 +1348,11 @@ make -C postgresql-setup-%{setup_version} check
%changelog
* Mon Dec 01 2025 Filip Janus <fjanus@redhat.com> - 16.11-1
- Update to 16.11
- Resolves: RHEL-128802 (CVE-2025-12818) [rhel-10.2]
- Resolves: RHEL-128801 (CVE-2025-12818) [rhel-10.1.z]
* Mon Nov 10 2025 Filip Janus <fjanus@redhat.com> - 16.10-3
- Add tmpfiles.d configuration for PostgreSQL 16
- Ensures proper directory permissions for /var/lib/pgsql

4
sources
View File

@ -1,5 +1,5 @@
SHA512 (postgresql-16.10.tar.bz2) = b6de80d522f863b0d9dd8c2bf4f71bea309bd07586859e309a9821e7f6fd5839557dc396351e7b61aebf492bf8c8a053a324f059a1dee621ac1a6d5e8eccea22
SHA512 (postgresql-16.10.tar.bz2.sha256) = 2489a4a2074c7be5c352153ab899681f0761db5dfce8fe315be19783d91613c033570a2f5f85145e5608550e1636231abbeb96aacaa8a94f463caf0c02af48a1
SHA512 (postgresql-16.11.tar.bz2) = f11f8f3e5855cfce27108a1bd2122c5a7a1ff37c6d9366d7a96a041aab67a4e4a31e54f0757b6b97c72d841acdcaa97d3eaa765213d4899b2cf7047c549012b8
SHA512 (postgresql-16.11.tar.bz2.sha256) = 3c07dc85608f8cee5071bd7d404feff1c767afb468a8f41225b73d5df05334dca9a3465e16307a3b5b21c1a44684deab0c496fbd03b9d061e4a9559684876671
SHA512 (postgresql-13.22.tar.bz2) = 0f578526aad852285de001369dd1c8308f03479c8f4f6c1a1d066b6b77103e340df95b9ab41df3f959c4e17d4fb0c0441b02a04d3e6c01cfcd40a2632c3ac7eb
SHA512 (postgresql-13.22.tar.bz2.sha256) = e93c92f5bf1d091e7381abaf2d5076dec2390e5f65396eb887c92c50f7df659b296b1688991b8894b91bb409c616d4ce07312b115246b1a864e6b741172a6d7b
SHA512 (postgresql-setup-8.9.tar.gz) = 118e9ebf858722a38b0e90324bc1b49fc7058cda601ca0a7e78c94e7b95e89d6dbbc46f377626364b068614ced3cde3cb4733973ad2d71bf17892ad773657ef7