diff options
| author | Max Rees <maxcrees@me.com> | 2019-06-21 14:43:27 -0400 |
|---|---|---|
| committer | Max Rees <maxcrees@me.com> | 2019-06-21 14:43:27 -0400 |
| commit | e68b9aaaa8d272c4b456ac1c02980b52be56467c (patch) | |
| tree | fe6991773b9701e16fb960056716200fa9b29775 | |
| parent | 94871950f0ccca43a98fe9209c03a175c133a95b (diff) | |
| download | packages-e68b9aaaa8d272c4b456ac1c02980b52be56467c.tar.gz packages-e68b9aaaa8d272c4b456ac1c02980b52be56467c.tar.bz2 packages-e68b9aaaa8d272c4b456ac1c02980b52be56467c.tar.xz packages-e68b9aaaa8d272c4b456ac1c02980b52be56467c.zip | |
user/postgresql: [CVE] bump to 10.8
Dump/restore is not required for this update. However, if the
pg_stat_statements extension is used, the changelog has this to say:
https://www.postgresql.org/docs/10/release-10-6.html
"In contrib/pg_stat_statements, disallow the pg_read_all_stats role from
executing pg_stat_statements_reset() (Haribabu Kommi)
pg_read_all_stats is only meant to grant permission to read statistics,
not to change them, so this grant was incorrect.
To cause this change to take effect, run ALTER EXTENSION
pg_stat_statements UPDATE in each database where pg_stat_statements has
been installed."
| -rw-r--r-- | user/postgresql/APKBUILD | 31 |
1 files changed, 17 insertions, 14 deletions
diff --git a/user/postgresql/APKBUILD b/user/postgresql/APKBUILD index 7fed2351e..996168875 100644 --- a/user/postgresql/APKBUILD +++ b/user/postgresql/APKBUILD @@ -2,7 +2,7 @@ # Contributor: Jakub Jirutka <jakub@jirutka.cz> # Maintainer: A. Wilcox <awilfox@adelielinux.org> pkgname=postgresql -pkgver=10.5 +pkgver=10.8 pkgrel=0 pkgdesc="Featureful object-relational database system (RDBMS)" url="https://www.postgresql.org/" @@ -35,23 +35,26 @@ source="https://ftp.postgresql.org/pub/source/v$pkgver/$pkgname-$pkgver.tar.bz2 # secfixes: # 9.6.4-r0: -# - CVE-2017-7546 -# - CVE-2017-7547 -# - CVE-2017-7548 +# - CVE-2017-7546 +# - CVE-2017-7547 +# - CVE-2017-7548 # 9.6.3-r0: -# - CVE-2017-7484 -# - CVE-2017-7485 -# - CVE-2017-7486 +# - CVE-2017-7484 +# - CVE-2017-7485 +# - CVE-2017-7486 # 10.1-r0: -# - CVE-2017-15098 -# - CVE-2017-15099 +# - CVE-2017-15098 +# - CVE-2017-15099 # 10.2-r0: -# - CVE-2018-1052 -# - CVE-2018-1053 +# - CVE-2018-1052 +# - CVE-2018-1053 # 10.3-r0: -# - CVE-2018-1058 +# - CVE-2018-1058 # 10.4-r0: -# - CVE-2018-1115 +# - CVE-2018-1115 +# 10.8-r0: +# - CVE-2018-16850 +# - CVE-2019-10130 prepare() { default_prepare @@ -249,7 +252,7 @@ _submv() { done } -sha512sums="1bad30ae88beca66f7e8b99b82e7f02aac1e9230b328e6e5a762a704cdd9dc767d924f5a66c68c93586badfef91b7ff336120a567ce970eaa58bb44c662ad48c postgresql-10.5.tar.bz2 +sha512sums="c9cd0298f553e13e32d4315e17e9e61c1fd011391c5203282d9040f26fd08c85f749e6f2cea3bcc42d1ca153a1272bcd773196ef3bf2bdfb74cd12c5f523b7ca postgresql-10.8.tar.bz2 1f8e7dc58f5b0a12427cf2fd904ffa898a34f23f3332c8382b94e0d991c007289e7913a69e04498f3d93fc5701855796c207b4b1cc4a0b366f586050124d7fcc initdb.patch 5f9d8bb4957194069d01af8ab3abc6d4d83a7e7f8bd7ebe1caae5361d621a3e58f91b14b952958138a794e0a80bc154fbb7e3e78d211e2a95b9b7901335de854 perl-rpath.patch 8439a6fdfdea0a4867daeb8bc23d6c825f30c00d91d4c39f48653f5ee77341f23282ce03a77aad94b5369700f11d2cb28d5aee360e59138352a9ab331a9f9d0f conf-unix_socket_directories.patch |