packages/libpq
1
0
Fork 0
Code Issues Pull Requests Packages Projects Releases Wiki Activity

upgrade libpq to 13.7,fix CVE-2021-32027,CVE-2022-1552

Browse Source
This commit is contained in:
duyiwei 2022-06-13 11:22:34 +08:00
parent a40a906bfd
commit 1e989f65f9
5 changed files with 61 additions and 39 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

12
libpq-10.3-rpm-pgsql.patch
View File

@ -7,11 +7,11 @@ directory whose path happens to include "postgres" or "pgsql" already.
However, datadir and sysconfdir are already set up in the specfile's However, datadir and sysconfdir are already set up in the specfile's
configure call, so we do not have to append anything to them. configure call, so we do not have to append anything to them.
diff --git a/src/Makefile.global.in b/src/Makefile.global.in
diff -Naur postgresql-9.0.1.orig/src/Makefile.global.in postgresql-9.0.1/src/Makefile.global.in index 9a6265b3a0..c9371a07c4 100644
--- postgresql-9.0.1.orig/src/Makefile.global.in 2010-10-01 10:25:44.000000000 -0400 --- a/src/Makefile.global.in
+++ postgresql-9.0.1/src/Makefile.global.in 2010-10-11 11:52:05.224975308 -0400 +++ b/src/Makefile.global.in
@@ -55,8 +55,7 @@ @@ -82,8 +82,7 @@ vpathsearch = `for f in $(addsuffix /$(1),$(subst :, ,. $(VPATH))); do test -r $
# Installation directories # Installation directories
# #
# These are set by the equivalent --xxxdir configure options. We # These are set by the equivalent --xxxdir configure options. We
@ -21,7 +21,7 @@ diff -Naur postgresql-9.0.1.orig/src/Makefile.global.in postgresql-9.0.1/src/Mak
# #
# In a PGXS build, we cannot use the values inserted into Makefile.global # In a PGXS build, we cannot use the values inserted into Makefile.global
# by configure, since the installation tree may have been relocated. # by configure, since the installation tree may have been relocated.
@@ -74,45 +73,23 @@ @@ -101,45 +100,23 @@ datarootdir := @datarootdir@
bindir := @bindir@ bindir := @bindir@
datadir := @datadir@ datadir := @datadir@

22
libpq-10.3-var-run-socket.patch
View File

@ -13,10 +13,10 @@ to be updated. (Of course, a user who dislikes this behavior can still
override it via postgresql.conf.) override it via postgresql.conf.)
diff --git a/src/backend/utils/misc/guc.c b/src/backend/utils/misc/guc.c diff --git a/src/backend/utils/misc/guc.c b/src/backend/utils/misc/guc.c
index 9481f2d..75532c7 100644 index 4dde819652..8c2f601333 100644
--- a/src/backend/utils/misc/guc.c --- a/src/backend/utils/misc/guc.c
+++ b/src/backend/utils/misc/guc.c +++ b/src/backend/utils/misc/guc.c
@@ -3196,7 +3196,7 @@ static struct config_string ConfigureNamesString[] = @@ -4159,7 +4159,7 @@ static struct config_string ConfigureNamesString[] =
}, },
&Unix_socket_directories, &Unix_socket_directories,
#ifdef HAVE_UNIX_SOCKETS #ifdef HAVE_UNIX_SOCKETS
@ -26,10 +26,10 @@ index 9481f2d..75532c7 100644
"", "",
#endif #endif
diff --git a/src/bin/initdb/initdb.c b/src/bin/initdb/initdb.c diff --git a/src/bin/initdb/initdb.c b/src/bin/initdb/initdb.c
index feeff9e..3e3d784 100644 index 4ff0c6c700..6ccd96b1f2 100644
--- a/src/bin/initdb/initdb.c --- a/src/bin/initdb/initdb.c
+++ b/src/bin/initdb/initdb.c +++ b/src/bin/initdb/initdb.c
@@ -1234,7 +1234,7 @@ setup_config(void) @@ -1091,7 +1091,7 @@ setup_config(void)
#ifdef HAVE_UNIX_SOCKETS #ifdef HAVE_UNIX_SOCKETS
snprintf(repltok, sizeof(repltok), "#unix_socket_directories = '%s'", snprintf(repltok, sizeof(repltok), "#unix_socket_directories = '%s'",
@ -39,15 +39,15 @@ index feeff9e..3e3d784 100644
snprintf(repltok, sizeof(repltok), "#unix_socket_directories = ''"); snprintf(repltok, sizeof(repltok), "#unix_socket_directories = ''");
#endif #endif
diff --git a/src/include/pg_config_manual.h b/src/include/pg_config_manual.h diff --git a/src/include/pg_config_manual.h b/src/include/pg_config_manual.h
index e278fa0..9ee15d4 100644 index 8f3ec6bde1..066daf3f08 100644
--- a/src/include/pg_config_manual.h --- a/src/include/pg_config_manual.h
+++ b/src/include/pg_config_manual.h +++ b/src/include/pg_config_manual.h
@@ -169,7 +169,7 @@ @@ -201,7 +201,7 @@
* here's where to twiddle it. You can also override this at runtime * support them yet.
* with the postmaster's -k switch.
*/ */
#ifndef WIN32
-#define DEFAULT_PGSOCKET_DIR "/tmp" -#define DEFAULT_PGSOCKET_DIR "/tmp"
+#define DEFAULT_PGSOCKET_DIR "/var/run/postgresql" +#define DEFAULT_PGSOCKET_DIR "/var/run/postgresql"
#else
/* #define DEFAULT_PGSOCKET_DIR ""
* This is the default event source for Windows event log. #endif

34
libpq-10.4-symbol-versioning.patch → libpq-12.1-symbol-versioning.patch
View File

@ -1,9 +1,13 @@
The libpq package is supposed to be used for all the PostgreSQL modules commit 75040c3388d9a7dd5ad2bee53cbcc8bf3d35cd17
available in RHEL 8, and ABI versioning will guarantee us that modular RPMs will Author: Honza Horak <hhorak@redhat.com>
depend on appropriate libpq ABI version (picked at build-time). Date: Fri Oct 30 20:16:50 2020 +0100
The libpq package is supposed to be used for all the PostgreSQL modules
available in RHEL 8, and ABI versioning will guarantee us that modular RPMs will
depend on appropriate libpq ABI version (picked at build-time).
diff --git a/config/Makefile b/config/Makefile diff --git a/config/Makefile b/config/Makefile
index 67e7998f55..86612a42c3 100644 index 67e7998..86612a4 100644
--- a/config/Makefile --- a/config/Makefile
+++ b/config/Makefile +++ b/config/Makefile
@@ -8,6 +8,7 @@ include $(top_builddir)/src/Makefile.global @@ -8,6 +8,7 @@ include $(top_builddir)/src/Makefile.global
@ -16,7 +20,7 @@ index 67e7998f55..86612a42c3 100644
$(MKDIR_P) '$(DESTDIR)$(pgxsdir)/config' $(MKDIR_P) '$(DESTDIR)$(pgxsdir)/config'
diff --git a/config/build-exports-gnu-ld b/config/build-exports-gnu-ld diff --git a/config/build-exports-gnu-ld b/config/build-exports-gnu-ld
new file mode 100755 new file mode 100755
index 0000000000..bdcfb40d48 index 0000000000..84c48e3ade
--- /dev/null --- /dev/null
+++ b/config/build-exports-gnu-ld +++ b/config/build-exports-gnu-ld
@@ -0,0 +1,41 @@ @@ -0,0 +1,41 @@
@ -62,10 +66,10 @@ index 0000000000..bdcfb40d48
+echo " *;" +echo " *;"
+close_block +close_block
diff --git a/src/Makefile.shlib b/src/Makefile.shlib diff --git a/src/Makefile.shlib b/src/Makefile.shlib
index 95b82a6dea..a7065d02a4 100644 index 373d73caef..d5bd5468cd 100644
--- a/src/Makefile.shlib --- a/src/Makefile.shlib
+++ b/src/Makefile.shlib +++ b/src/Makefile.shlib
@@ -221,7 +221,7 @@ ifeq ($(PORTNAME), linux) @@ -231,7 +231,7 @@ ifeq ($(PORTNAME), linux)
ifdef soname ifdef soname
LINK.shared += -Wl,-soname,$(soname) LINK.shared += -Wl,-soname,$(soname)
endif endif
@ -75,15 +79,21 @@ index 95b82a6dea..a7065d02a4 100644
ifneq (,$(exports_file)) ifneq (,$(exports_file))
LINK.shared += -Wl,--version-script=$(exports_file) LINK.shared += -Wl,--version-script=$(exports_file)
diff --git a/src/interfaces/libpq/exports.txt b/src/interfaces/libpq/exports.txt diff --git a/src/interfaces/libpq/exports.txt b/src/interfaces/libpq/exports.txt
index d6a38d0df8..29bebeac7e 100644 index bbc1f90..fc3ef8a 100644
--- a/src/interfaces/libpq/exports.txt --- a/src/interfaces/libpq/exports.txt
+++ b/src/interfaces/libpq/exports.txt +++ b/src/interfaces/libpq/exports.txt
@@ -171,4 +171,4 @@ PQsslAttributeNames 168 @@ -171,11 +171,11 @@ PQsslAttributeNames 168
PQsslAttribute 169 PQsslAttribute 169
PQsetErrorContextVisibility 170 PQsetErrorContextVisibility 170
PQresultVerboseErrorMessage 171 PQresultVerboseErrorMessage 171
-PQencryptPasswordConn 172 -PQencryptPasswordConn 172
+PQencryptPasswordConn 172 10 +PQencryptPasswordConn 172 10
-- -PQresultMemorySize 173
2.17.0 +PQresultMemorySize 173 12
PQhostaddr 174
PQgssEncInUse 175
PQgetgssctx 176
-PQsetSSLKeyPassHook_OpenSSL 177
+PQsetSSLKeyPassHook_OpenSSL 177 13
PQgetSSLKeyPassHook_OpenSSL 178
PQdefaultSSLKeyPassHook_OpenSSL 179

32
libpq.spec
View File

@ -1,17 +1,21 @@
Name: libpq Name: libpq
Version: 11.16 Version: 13.7
Release: 1 Release: 1
Summary: A share library of PostgreSQL Summary: PostgreSQL client library
License: PostgreSQL License: PostgreSQL
Url: http://www.postgresql.org/ Url: http://www.postgresql.org/
Source0: https://ftp.postgresql.org/pub/source/v11.16/postgresql-11.16.tar.bz2
Source0: https://ftp.postgresql.org/pub/source/v%{version}/postgresql-%{version}.tar.bz2
Patch0001: libpq-10.3-rpm-pgsql.patch Patch0001: libpq-10.3-rpm-pgsql.patch
Patch0002: libpq-10.3-var-run-socket.patch Patch0002: libpq-10.3-var-run-socket.patch
Patch0003: libpq-10.4-symbol-versioning.patch Patch0003: libpq-12.1-symbol-versioning.patch
BuildRequires: gcc glibc-devel bison flex gawk zlib-devel openssl-devel BuildRequires: gcc glibc-devel bison flex gawk zlib-devel openssl-devel
BuildRequires: krb5-devel openldap-devel gettext multilib-rpm-config BuildRequires: krb5-devel openldap-devel gettext multilib-rpm-config
Obsoletes: postgresql-libs < 11
Obsoletes: postgresql-libs < 14
Provides: postgresql-libs = %{version}-%{release} Provides: postgresql-libs = %{version}-%{release}
%description %description
PostgreSQL is a powerful, open source object-relational database system PostgreSQL is a powerful, open source object-relational database system
that uses and extends the SQL language combined with many features that that uses and extends the SQL language combined with many features that
@ -23,9 +27,11 @@ or interface.
Summary: Development files for building PostgreSQL client tools Summary: Development files for building PostgreSQL client tools
Requires: libpq%{?_isa} = %{version}-%{release} Requires: libpq%{?_isa} = %{version}-%{release}
Provides: postgresql-devel = %{version}-%{release} Provides: postgresql-devel = %{version}-%{release}
Obsoletes: postgresql-devel < 11 Obsoletes: postgresql-devel < 14
%description devel %description devel
The development package of libpq The development package of libpq
%prep %prep
%autosetup -n postgresql-%{version} -p1 %autosetup -n postgresql-%{version} -p1
@ -34,6 +40,7 @@ export SYMBOL_VERSION_PREFIX=RHPG_
%configure --disable-rpath --with-ldap --with-openssl --with-gssapi \ %configure --disable-rpath --with-ldap --with-openssl --with-gssapi \
--enable-nls --without-readline --datadir=%_datadir/pgsql --enable-nls --without-readline --datadir=%_datadir/pgsql
%global build_subdirs \\\ %global build_subdirs \\\
src/port \\\
src/interfaces/libpq \\\ src/interfaces/libpq \\\
src/bin/pg_config \\\ src/bin/pg_config \\\
src/include src/include
@ -45,17 +52,19 @@ done
for subdir in %build_subdirs; do for subdir in %build_subdirs; do
%make_install -C "$subdir" %make_install -C "$subdir"
done done
find $RPM_BUILD_ROOT -name '*.a' -delete find $RPM_BUILD_ROOT -name '*.a' -delete
rm -r $RPM_BUILD_ROOT%_includedir/pgsql/server rm -r $RPM_BUILD_ROOT%_includedir/pgsql/server
%multilib_fix_c_header --file "%_includedir/pg_config.h" %multilib_fix_c_header --file "%_includedir/pg_config.h"
%multilib_fix_c_header --file "%_includedir/pg_config_ext.h" %multilib_fix_c_header --file "%_includedir/pg_config_ext.h"
cp /dev/null libpq.lst cp /dev/null libpq.lst
%find_lang libpq5-11 %find_lang libpq5-13
cat libpq5-11.lang >>libpq.lst cat libpq5-13.lang >>libpq.lst
cp /dev/null libpq-devel.lst cp /dev/null libpq-devel.lst
%find_lang pg_config-11 %find_lang pg_config-13
cat pg_config-11.lang >>libpq-devel.lst cat pg_config-13.lang >>libpq-devel.lst
%files -f libpq.lst %files -f libpq.lst
%license COPYRIGHT %license COPYRIGHT
@ -70,6 +79,9 @@ cat pg_config-11.lang >>libpq-devel.lst
%_libdir/pkgconfig/libpq.pc %_libdir/pkgconfig/libpq.pc
%changelog %changelog
* Mon Jun 13 2022 duyiwei <duyiwei@kylinos.cn> - 13.7-1
- upgrade libpq to 13.7,fix CVE-2021-32027,CVE-2022-1552
* Thu May 19 2022 yangweidong <yangweidong9@huawei.com> - 11.16-1 * Thu May 19 2022 yangweidong <yangweidong9@huawei.com> - 11.16-1
- Upgrade libpq to 11.16, fix CVES: CVE-2021-32028 CVE-2021-3677 CVE-2021-23222 - Upgrade libpq to 11.16, fix CVES: CVE-2021-32028 CVE-2021-3677 CVE-2021-23222

BIN
postgresql-11.16.tar.bz2 → postgresql-13.7.tar.bz2
View File

Binary file not shown.