From 492f4fb08b3b141b46ce75cacc365fbfddf5dd8d Mon Sep 17 00:00:00 2001 From: Jakub Jirutka Date: Fri, 15 Nov 2024 21:28:52 +0100 Subject: [PATCH] main/postgresql17: security upgrade to 17.1 --- main/postgresql17/APKBUILD | 21 +++++++++------------ main/postgresql17/perl-rpath.patch | 2 +- 2 files changed, 10 insertions(+), 13 deletions(-) diff --git a/main/postgresql17/APKBUILD b/main/postgresql17/APKBUILD index 6bd912aa6c6..ea79a29af0f 100644 --- a/main/postgresql17/APKBUILD +++ b/main/postgresql17/APKBUILD @@ -2,8 +2,8 @@ # Contributor: G.J.R. Timmer # Contributor: Jakub Jirutka _pkgname=postgresql -pkgver=17.0 -pkgrel=1 +pkgver=17.1 +pkgrel=0 _majorver=${pkgver%%[_.]*} # Should this aport provide libpq* and libecpg*? true/false # Exactly one postgresql aport must be the default one! @@ -90,7 +90,6 @@ source="https://ftp.postgresql.org/pub/source/v$pkgver/postgresql-$pkgver.tar.bz external-libpq.patch.txt pltcl_create_tables.sql - https://github.com/postgres/postgres/commit/af21152268317323480caa790c4a6347110f8085.patch " builddir="$srcdir/$_pkgname-$pkgver" options="net" @@ -101,12 +100,11 @@ case "$CARCH" in esac # secfixes: -# 16.2-r0: -# - CVE-2024-0985 -# 16.1-r0: -# - CVE-2023-5868 -# - CVE-2023-5869 -# - CVE-2023-5870 +# 17.1-r0: +# - CVE-2024-10976 +# - CVE-2024-10977 +# - CVE-2024-10978 +# - CVE-2024-10979 _bindir=usr/libexec/$pkgname _datadir=usr/share/$pkgname @@ -497,9 +495,9 @@ _setdiff() { } sha512sums=" -ae6741298abe986c9f09a6eee9fa2df26c3bbdffcbd0ff3f33332456e09f95195e4535f00a9437f2877e03e2e43a78be9a355303e7cf43bcb688b657ca7289f3 postgresql-17.0.tar.bz2 +41bd56ea5d2c3d41bd273894a056bd10244b33186746b63918f03671ba548551e02694f8215f09c6408c4dd6bb6ba0e87dec612560e8a267f5c5734b177e70a0 postgresql-17.1.tar.bz2 c3de763d8fba5a2ac5f51a4e2831c11c40b455302cd3d5a023b2c4e90839c3600ec882eba0985d595796ee3b25c1332437a93c453e674e2f6e367b67fa39b20b initdb.patch -6913af82cc628ca9a8b41c86a597246c2353d321c9def2d315a34d82afae408ece1b8b2261edb45bfe694327c738141b86ea89fd7bf27b9878068cc53ba97613 perl-rpath.patch +42e7ff5e4114390ec7f0f69b037ebcbc9a7739b239d992bc6f4d13561e188f9027e896892230a5d7cbf1ec0a1ad68deacdd414dcfc7d919bfc368442a220d352 perl-rpath.patch 7501022ac2befce1adcf72a4ca06f10af3aad6ad19692fa53e6fa7cc24457ce0852ef1805ddfcd82db6402f6d1e684570b3151028397f0a55a696164aa73975d per-version-dirs.patch 9ad57531cc8b848d53a21d5ba9838b4f76272ce80a40b7802993d4999667b87decdd31527dc8b22464f6b21b66fb1f54efcbbb0e2f6d6d961cbc622d78150a27 unix_socket_directories.patch e1503664ede8ec677edb11b03eac86d392c5aea64e95d2b98c952c0f1773d07e14e01d8ba072cf8dcbc0d54deb3dab5d6d93a0048f0e97e7c9844346a8faf8da disable-html-docs.patch @@ -514,5 +512,4 @@ e1503664ede8ec677edb11b03eac86d392c5aea64e95d2b98c952c0f1773d07e14e01d8ba072cf8d 1ef4cc68e6781e0680472bfe71f07385982cc5f3932f63928d4025b8b3a74f630c775fdbc02f903f1da3c2187756393a572387f8ac7fbd643d6b06bd9fc9b93b libpgport-pkglibdir.patch.txt 06f32f8a05228f27bc8c5ed4aac7ac6eab0c64915932ed0c37f76335fbe635396a43226a006ce83ba93ef3b8ca2dff424725dddd490ed9c5f686c1ea2607781e external-libpq.patch.txt 5c9bfd9e295dcf678298bf0aa974347a7c311d6e7c2aa76a6920fcb751d01fd1ab77abbec11f3c672f927ad9deaa88e04e370c0b5cd1b60087554c474b748731 pltcl_create_tables.sql -85b6e14ad6134534d94d7d142eeee3e92b7b88bcc7c2df272f647ed932d888fd4f8a5d284a07a7913ba6ccc7f970cdd7934882887d1539849afb5af676703cd0 af21152268317323480caa790c4a6347110f8085.patch " diff --git a/main/postgresql17/perl-rpath.patch b/main/postgresql17/perl-rpath.patch index cd0197f8dac..1ac1dbe5e36 100644 --- a/main/postgresql17/perl-rpath.patch +++ b/main/postgresql17/perl-rpath.patch @@ -17,6 +17,6 @@ This patch is copied from Fedora. +# Force rpath to be used even though we disable it everywhere else +SHLIB_LINK += $(rpath) + - REGRESS_OPTS = --dbname=$(PL_TESTDB) + REGRESS_OPTS = --dbname=$(PL_TESTDB) --dlpath=$(top_builddir)/src/test/regress REGRESS = plperl_setup plperl plperl_lc plperl_trigger plperl_shared \ plperl_elog plperl_util plperl_init plperlu plperl_array \