summaryrefslogtreecommitdiff
path: root/user/postgresql
diff options
context:
space:
mode:
authorMax Rees <maxcrees@me.com>2019-06-21 14:43:27 -0400
committerMax Rees <maxcrees@me.com>2019-06-21 14:43:27 -0400
commite68b9aaaa8d272c4b456ac1c02980b52be56467c (patch)
treefe6991773b9701e16fb960056716200fa9b29775 /user/postgresql
parent94871950f0ccca43a98fe9209c03a175c133a95b (diff)
downloadpackages-e68b9aaaa8d272c4b456ac1c02980b52be56467c.tar.gz
packages-e68b9aaaa8d272c4b456ac1c02980b52be56467c.tar.bz2
packages-e68b9aaaa8d272c4b456ac1c02980b52be56467c.tar.xz
packages-e68b9aaaa8d272c4b456ac1c02980b52be56467c.zip
user/postgresql: [CVE] bump to 10.8
Dump/restore is not required for this update. However, if the pg_stat_statements extension is used, the changelog has this to say: https://www.postgresql.org/docs/10/release-10-6.html "In contrib/pg_stat_statements, disallow the pg_read_all_stats role from executing pg_stat_statements_reset() (Haribabu Kommi) pg_read_all_stats is only meant to grant permission to read statistics, not to change them, so this grant was incorrect. To cause this change to take effect, run ALTER EXTENSION pg_stat_statements UPDATE in each database where pg_stat_statements has been installed."
Diffstat (limited to 'user/postgresql')
-rw-r--r--user/postgresql/APKBUILD31
1 files changed, 17 insertions, 14 deletions
diff --git a/user/postgresql/APKBUILD b/user/postgresql/APKBUILD
index 7fed2351e..996168875 100644
--- a/user/postgresql/APKBUILD
+++ b/user/postgresql/APKBUILD
@@ -2,7 +2,7 @@
# Contributor: Jakub Jirutka <jakub@jirutka.cz>
# Maintainer: A. Wilcox <awilfox@adelielinux.org>
pkgname=postgresql
-pkgver=10.5
+pkgver=10.8
pkgrel=0
pkgdesc="Featureful object-relational database system (RDBMS)"
url="https://www.postgresql.org/"
@@ -35,23 +35,26 @@ source="https://ftp.postgresql.org/pub/source/v$pkgver/$pkgname-$pkgver.tar.bz2
# secfixes:
# 9.6.4-r0:
-# - CVE-2017-7546
-# - CVE-2017-7547
-# - CVE-2017-7548
+# - CVE-2017-7546
+# - CVE-2017-7547
+# - CVE-2017-7548
# 9.6.3-r0:
-# - CVE-2017-7484
-# - CVE-2017-7485
-# - CVE-2017-7486
+# - CVE-2017-7484
+# - CVE-2017-7485
+# - CVE-2017-7486
# 10.1-r0:
-# - CVE-2017-15098
-# - CVE-2017-15099
+# - CVE-2017-15098
+# - CVE-2017-15099
# 10.2-r0:
-# - CVE-2018-1052
-# - CVE-2018-1053
+# - CVE-2018-1052
+# - CVE-2018-1053
# 10.3-r0:
-# - CVE-2018-1058
+# - CVE-2018-1058
# 10.4-r0:
-# - CVE-2018-1115
+# - CVE-2018-1115
+# 10.8-r0:
+# - CVE-2018-16850
+# - CVE-2019-10130
prepare() {
default_prepare
@@ -249,7 +252,7 @@ _submv() {
done
}
-sha512sums="1bad30ae88beca66f7e8b99b82e7f02aac1e9230b328e6e5a762a704cdd9dc767d924f5a66c68c93586badfef91b7ff336120a567ce970eaa58bb44c662ad48c postgresql-10.5.tar.bz2
+sha512sums="c9cd0298f553e13e32d4315e17e9e61c1fd011391c5203282d9040f26fd08c85f749e6f2cea3bcc42d1ca153a1272bcd773196ef3bf2bdfb74cd12c5f523b7ca postgresql-10.8.tar.bz2
1f8e7dc58f5b0a12427cf2fd904ffa898a34f23f3332c8382b94e0d991c007289e7913a69e04498f3d93fc5701855796c207b4b1cc4a0b366f586050124d7fcc initdb.patch
5f9d8bb4957194069d01af8ab3abc6d4d83a7e7f8bd7ebe1caae5361d621a3e58f91b14b952958138a794e0a80bc154fbb7e3e78d211e2a95b9b7901335de854 perl-rpath.patch
8439a6fdfdea0a4867daeb8bc23d6c825f30c00d91d4c39f48653f5ee77341f23282ce03a77aad94b5369700f11d2cb28d5aee360e59138352a9ab331a9f9d0f conf-unix_socket_directories.patch