FreshPorts -- The Place For Ports If you buy from Amazon USA, please support us by using this link.
Follow us
Blog
Twitter

I am looking for an LTO tape library. Do you have one to spare?
Commit found by message id
Fri, 17 Aug 2012
[ 19:39:51 jgh ] Original commit 
postgresql83-server databases  Deleted Deprecated Expired files touched by this commit  This port version is marked as vulnerable. The most advanced open-source database available anywhere
postgresql84-server databases files touched by this commit  An older version of this port was marked as vulnerable. The most advanced open-source database available anywhere
postgresql90-server databases files touched by this commit  An older version of this port was marked as vulnerable. The most advanced open-source database available anywhere
postgresql91-server databases files touched by this commit  An older version of this port was marked as vulnerable. The most advanced open-source database available anywhere
vuxml security files touched by this commit Vulnerability and eXposure Markup Language DTD
The PostgreSQL Global Development Group today released security updates for all
active branches
of the PostgreSQL database system, including versions 9.1.5, 9.0.9, 8.4.13 and
8.3.20. This
update patches security holes associated with libxml2 and libxslt, similar to
those affecting
other open source projects. All users are urged to update their installations at
the first
available opportunity.

This security release fixes a vulnerability in the built-in XML functionality,
and a vulnerability
in the XSLT functionality supplied by the optional XML2 extension. Both
vulnerabilities allow
reading of arbitrary files by any authenticated database user, and the XSLT
vulnerability
allows writing files as well. The fixes cause limited backwards compatibility
issues.
These issues correspond to the following two vulnerabilities:

CVE-2012-3488: PostgreSQL insecure use of libxslt
CVE-2012-3489: PostgreSQL insecure use of libxml2
This release also contains several fixes to version 9.1, and a smaller number of
fixes to older versions, including:

Updates and corrections to time zone data
Multiple documentation updates and corrections
Add limit on max_wal_senders
Fix dependencies generated during ALTER TABLE ADD CONSTRAINT USING INDEX.
Correct behavior of unicode conversions for PL/Python
Fix WITH attached to a nested set operation (UNION/INTERSECT/EXCEPT).
Fix syslogger so that log_truncate_on_rotation works in the first rotation.
Only allow autovacuum to be auto-canceled by a directly blocked process.
Improve fsync request queue operation
Prevent corner-case core dump in rfree().
Fix Walsender so that it responds correctly to timeouts and deadlocks
Several PL/Perl fixes for encoding-related issues
Make selectivity operators use the correct collation
Prevent unsuitable slaves from being selected for synchronous replication
Make REASSIGN OWNED work on extensions as well
Fix race condition with ENUM comparisons
Make NOTIFY cope with out-of-disk-space
Fix memory leak in ARRAY subselect queries
Reduce data loss at replication failover
Fix behavior of subtransactions with Hot Standby

Number of ports [& non-ports] in this commit: 5

Showing files for just one port: databases/postgresql91-server

show all files

hide all files


2 files found
ActionRevisionLinksFile
modify 302694 View diff View revision /ports/head/databases/postgresql91-server/Makefile
modify 302694 View diff View revision /ports/head/databases/postgresql91-server/distinfo
Login
User Login
Create account

Servers and bandwidth provided by
New York Internet, SuperNews, and RootBSD

This site
What is FreshPorts?
About the authors
FAQ
How big is it?
The latest upgrade!
Privacy
Forums
Blog
Contact

Search
Enter Keywords:
 
more...

Latest Vulnerabilities
i2pJul 28
i2pJul 28
i2pJul 28
bugzilla44Jul 25
apache22Jul 24
apache22-event-mpmJul 24
apache22-itk-mpmJul 24
apache22-peruser-mpmJul 24
apache22-worker-mpmJul 24
firefoxJul 23
firefox-develJul 23
firefox-esrJul 23
firefox10Jul 23
firefox15Jul 23
firefox3Jul 23

11 vulnerabilities affecting 34 ports have been reported in the past 14 days

* - modified, not new

All vulnerabilities


Ports
Home
Categories
Deleted ports
Sanity Test Failures
Newsfeeds


Statistics
Graphs
NEW Graphs (Javascript)
Traffic

Calculated hourly:
Port count 24400
Broken 181
Deprecated 822
Ignore 516
Forbidden 16
Restricted 263
No CDROM 101
Vulnerable 28
Expired 1
Set to expire 809
Interactive 13
new 24 hours 6
new 48 hours9
new 7 days19
new fortnight41
new month107


Servers and bandwidth provided by
New York Internet, SuperNews, and RootBSD
Valid HTML, CSS, and RSS.
Copyright © 2000-2014 Dan Langille. All rights reserved.