FreshPorts -- The Place For Ports If you buy from Amazon USA, please support us by using this link.
Follow us
Blog
Twitter

I am looking for an LTO tape library. Do you have one to spare?
Commit found by message id
Mon, 23 Apr 2007
[ 16:10:54 girgen ] Original commit 
postgresql73-server databases  Deleted Deprecated Expired files touched by this commit  This port version is marked as vulnerable. The most advanced open-source database available anywhere
postgresql74-server databases  Deleted Deprecated Expired files touched by this commit  This port version is marked as vulnerable. The most advanced open-source database available anywhere
postgresql80-server databases  Deleted Deprecated Expired files touched by this commit  This port version is marked as vulnerable. The most advanced open-source database available anywhere
postgresql81-server databases  Deleted Deprecated Expired files touched by this commit  This port version is marked as vulnerable. The most advanced open-source database available anywhere
postgresql82-server databases  Deleted Forbidden Deprecated Expired Ignore files touched by this commit  This port version is marked as vulnerable. The most advanced open-source database available anywhere
Update PostgreSQL to 7.3.19, 7.4.17, 8.0.13, 8.1.9 and 8.2.4 respectively:

 The PostgreSQL Global Development Group has released updated versions
 for PostgreSQL 8.2 and all back versions to patch a privilege
 escalation exploit in SECURITY DEFINER functions.  All users of this
 feature are urged to update to the latest minor version and follow
 instructions on securing these functions as soon as possible.  This
 minor release also contains other fixes, so all users should plan to
 deploy it.

 Once you have updated, additional steps are required to secure your
 database against the exploit.  Please read the release notes at
 http://www.postgresql.org/docs/8.2/static/release.html and the
 TechDocs article at http://www.postgresql.org/docs/techdocs.77 on how
 to lock down your security definer functions, if you use them.

 As always, application of a minor release does not require a dump and
 reload of the database.

 The frequency of security fixes recently is a result of increased
 scrutiny of the PostgreSQL code by government agencies and
 security-conscious companies.  Rapid turnaround on security patches
 is key to keeping PostgreSQL the most secure SQL database.  Your work
 and vigilance in applying the latest security updates ensures that
 there will never be a PostgreSQL "worm".

http://www.postgresql.org/docs/8.2/static/release-8-2-4.html
http://www.postgresql.org/docs/8.1/static/release.html#RELEASE-8-1-9
http://www.postgresql.org/docs/8.0/static/release.html#RELEASE-8-0-13
http://www.postgresql.org/docs/7.4/static/release.html#RELEASE-7-4-17

http://www.postgresql.org/docs/techdocs.77

Security: http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-2138

Number of ports [& non-ports] in this commit: 5

show all files

Login
User Login
Create account

Servers and bandwidth provided by
New York Internet, SuperNews, and RootBSD

This site
What is FreshPorts?
About the authors
FAQ
How big is it?
The latest upgrade!
Privacy
Forums
Blog
Contact

Search
Enter Keywords:
 
more...

Latest Vulnerabilities
asterisk11Sep 18
squidSep 18
squid33Sep 18
dbusSep 17
nginxSep 16
nginx-develSep 16
phpmyadminSep 13
ossec-hids-clientSep 11
ossec-hids-localSep 11
ossec-hids-serverSep 11
chromiumSep 09
trafficserverSep 05
apache22*Sep 03
apache22-event-mpm*Sep 03
apache22-itk-mpm*Sep 03

8 vulnerabilities affecting 19 ports have been reported in the past 14 days

* - modified, not new

All vulnerabilities


Ports
Home
Categories
Deleted ports
Sanity Test Failures
Newsfeeds


Statistics
Graphs
NEW Graphs (Javascript)
Traffic

Calculated hourly:
Port count 24064
Broken 118
Deprecated 49
Ignore 370
Forbidden 4
Restricted 203
No CDROM 94
Vulnerable 21
Expired 1
Set to expire 44
Interactive 0
new 24 hours 7
new 48 hours13
new 7 days24
new fortnight73
new month237


Servers and bandwidth provided by
New York Internet, SuperNews, and RootBSD
Valid HTML, CSS, and RSS.
Copyright © 2000-2014 Dan Langille. All rights reserved.