[postgis-tickets] [PostGIS] #5210: PostGIS upgrade from 2.5.5 to 3.2.2 fails with CVE-2022-2625

[PostGIS]

#5210: PostGIS upgrade from 2.5.5 to 3.2.2 fails with CVE-2022-2625
------------------------------------+---------------------------
  Reporter:  robe                   |      Owner:  strk
      Type:  defect                 |     Status:  closed
  Priority:  blocker                |  Milestone:  PostGIS 3.0.7
 Component:  build/upgrade/install  |    Version:  3.2.x
Resolution:  fixed                  |   Keywords:
------------------------------------+---------------------------
Changes (by Sandro Santilli <strk@…>):

 * status:  new => closed
 * resolution:   => fixed

Comment:

 In [changeset:"8c63bb614b0515df955164b7d96eb992858b376a/git" 8c63bb6/git]:
 {{{#!CommitTicketReference repository="git"
 revision="8c63bb614b0515df955164b7d96eb992858b376a"
 Package objects before upgrading (only those which exist)

 We don't need to upgrade before packaging because objects
 created during extension upgrade are automatically packaged.

 Packaging upfront fixes creating PostGIS extension from
 unpackaged on PostgreSQL versions 10.22, 11.17+, 12.12+, 13.8+
 and 14.5+ addressing CVE-2022-2625, see:

   https://www.postgresql.org/support/security/CVE-2022-2625/

 Closes #5209 in 2.5 branch (2.5.8dev)
 Closes #5210 in 2.5 branch (2.5.8dev)

 This is a backport of cb65cd8973 which landed in master branch
 on July 12 2022.
 }}}
-- 
Ticket URL: <https://trac.osgeo.org/postgis/ticket/5210#comment:2>
PostGIS <http://trac.osgeo.org/postgis/>
The PostGIS Trac is used for bug, enhancement & task tracking, a user and developer wiki, and a view into the subversion code repository of PostGIS project.