SUSE-OU-2015:1847-1

Описание

This update delivers PostgreSQL 9.4.5 to the SUSE Linux Enterprise 12 codebase.

Major enhancements:

• Security and bugfix release 9.4.5:

  • CVE-2015-5289, bsc#949670: json or jsonb input values constructed from arbitrary user input can crash the PostgreSQL server and cause a denial of service.
  • CVE-2015-5288, bsc#949669: The crypt() function included with the optional pgCrypto extension could be exploited to read a few additional bytes of memory. No working exploit for this issue has been developed.

• Add jsonb, a more capable and efficient data type for storing JSON data

• Add new SQL command ALTER SYSTEM for changing postgresql.conf configuration file entries

• Reduce lock strength for some ALTER TABLE commands

• Allow materialized views to be refreshed without blocking concurrent reads

• Add support for logical decoding of WAL data, to allow database changes to be streamed out in a customizable format

• Allow background worker processes to be dynamically registered, started and terminated

• For the full release notse, see: http://www.postgresql.org/docs/current/static/release-9-4-5.html

• Move systemd related stuff and user creation to postgresql-init (bsc#950486)

• Remove some obsolete %suse_version conditionals

• Adjust build time dependencies.

• Fix some more rpmlint warnings.

• Relax dependency on libpq to major version.

• Make sure that plpgsql.h gets installed, because pldebugger needs it.

• Move ~postgres/.bash_profile to postgresql-server to avoid a file conflict between the versioned server packages.

Full release notes can be found here: http://www.postgresql.org/docs/9.4/static/release-9-4.html

The existing client libraries libecpg6 and libpq5 are now taken from the postgresql94 build instgead of the postgresql93 build.