non port: databases/postgresql84-server/pkg-plist-server |
Number of commits found: 25 |
Monday, 8 Jun 2015
|
01:20 amdmi3
- Modernize plist
Approved by: portmgr blanket
|
Wednesday, 30 Jul 2014
|
18:21 crees
Update to the latest snapshots.
uuid-ossp patch has been outdated with irrelevant changes (for us),
so massage back in.
In head of postgresql, this is handled properly, so eventually the ossp patches
can go.
|
Thursday, 20 Feb 2014
|
18:11 girgen
The PostgreSQL Global Development Group has released an important
update to all supported versions of the PostgreSQL database system,
which includes minor versions 9.3.3, 9.2.7, 9.1.12, 9.0.16, and
8.4.20. This update contains fixes for multiple security issues, as
well as several fixes for replication and data integrity issues. All
users are urged to update their installations at the earliest
opportunity, especially those using binary replication or running a
high-security application.
This update fixes CVE-2014-0060, in which PostgreSQL did not properly
enforce the WITH ADMIN OPTION permission for ROLE management. Before
this fix, any member of a ROLE was able to grant others access to the
same ROLE regardless if the member was given the WITH ADMIN OPTION
permission. It also fixes multiple privilege escalation issues,
including: CVE-2014-0061, CVE-2014-0062, CVE-2014-0063, CVE-2014-0064,
CVE-2014-0065, and CVE-2014-0066. More information on these issues can
be found on our security page and the security issue detail wiki page.
Security: CVE-2014-0060,CVE-2014-0061,CVE-2014-0062,CVE-2014-0063
CVE-2014-0064,CVE-2014-0065,CVE-2014-0066,CVE-2014-0067
|
Friday, 5 Apr 2013
|
15:26 girgen
Fix pkg-list for postgresql84-server
Approved by: portmgr (miwi)
|
Friday, 8 Feb 2013
|
07:54 girgen
PostgreSQL 9.2.3, 9.1.8, 9.0.12, 8.4.16 and 8.3.23 released
This update fixes a denial-of-service (DOS) vulnerability. All users
should update their PostgreSQL installations as soon as possible.
The security issue fixed in this release, CVE-2013-0255, allows a
previously authenticated user to crash the server by calling
an internal function with invalid arguments.
URL: http://www.postgresql.org/about/news/1446/
Security: http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-0255
|
Friday, 17 Aug 2012
|
19:39 jgh
The PostgreSQL Global Development Group today released security updates for all
active branches
of the PostgreSQL database system, including versions 9.1.5, 9.0.9, 8.4.13 and
8.3.20. This
update patches security holes associated with libxml2 and libxslt, similar to
those affecting
other open source projects. All users are urged to update their installations at
the first
available opportunity.
This security release fixes a vulnerability in the built-in XML functionality,
and a vulnerability
in the XSLT functionality supplied by the optional XML2 extension. Both
vulnerabilities allow
reading of arbitrary files by any authenticated database user, and the XSLT
vulnerability
allows writing files as well. The fixes cause limited backwards compatibility
issues.
These issues correspond to the following two vulnerabilities:
CVE-2012-3488: PostgreSQL insecure use of libxslt
CVE-2012-3489: PostgreSQL insecure use of libxml2
This release also contains several fixes to version 9.1, and a smaller number of
fixes to older versions, including:
Updates and corrections to time zone data
Multiple documentation updates and corrections
Add limit on max_wal_senders
Fix dependencies generated during ALTER TABLE ADD CONSTRAINT USING INDEX.
Correct behavior of unicode conversions for PL/Python
Fix WITH attached to a nested set operation (UNION/INTERSECT/EXCEPT).
Fix syslogger so that log_truncate_on_rotation works in the first rotation.
Only allow autovacuum to be auto-canceled by a directly blocked process.
Improve fsync request queue operation
Prevent corner-case core dump in rfree().
Fix Walsender so that it responds correctly to timeouts and deadlocks
Several PL/Perl fixes for encoding-related issues
Make selectivity operators use the correct collation
Prevent unsuitable slaves from being selected for synchronous replication
Make REASSIGN OWNED work on extensions as well
Fix race condition with ENUM comparisons
Make NOTIFY cope with out-of-disk-space
Fix memory leak in ARRAY subselect queries
Reduce data loss at replication failover
Fix behavior of subtransactions with Hot Standby
|
Monday, 4 Jun 2012
|
11:00 girgen
The PostgreSQL Global Development Group today released security updates for all
active branches of the PostgreSQL database system, including versions 9.1.4,
9.0.8, 8.4.12 and 8.3.19.
Users of the crypt(text, text) function with DES encryption in the optional
pg_crypto module should upgrade their installations immediately, if you have'nt
already updated since the port was patched on May 30. All other database
administrators are urged to upgrade your version of PostgreSQL at the
next scheduled downtime.
URL: http://www.postgresql.org/about/news/1398/
Security: http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-2143
Fix incorrect password transformation in contrib/pgcryptoâs DES
crypt() function
This was fixed in a patch release for the FreeBSD ports on May 30.
Security: http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-2655
Ignore SECURITY DEFINER and SET attributes for a procedural
languageâs call handle
|
Sunday, 22 Jan 2012
|
06:59 jgh
- Add profile support for PostgreSQL servers
- re-assign LOCALBASE to PREFIX
- add PG_GROUP to SUB_PLIST for packaging fix
- fix permissions for package installations
PR: ports/162776
Submitted by: jgh, Phil Phillips < pphillips at experts-exchange.com >
Reviewed by: rene (mentor)
Approved by: crees (maintainer, mentor)
|
Thursday, 19 Jan 2012
|
19:06 jgh
fix typo %%PG_GROUP%% in pkg-plist-server
Spotted by: decke
Approved by: crees, rene (mentors,implicit)
|
Wednesday, 18 Jan 2012
|
21:35 jgh
Fix plist to create directory with proper ownerships PostgreSQL database
may start.
PR: ports/164273 (critical)
Submitted by: Alexander Yerenkow <yerenkow at gmail.com>
Approved by: maintainer-timeout: girgen (1 day), portmgr (linimon)
|
Monday, 5 Dec 2011
|
16:45 girgen
The PostgreSQL Global Development Group today released updates for all
active branches of the PostgreSQL object-relational database system,
including versions 9.1.2, 9.0.6, 8.4.10, 8.3.17 and 8.2.23.
This release contains 52 fixes to version 9.1, and a smaller number of
fixes to older versions, including:
- Fix bugs in information_schema.referential_constraints view**
- Correct collations for citext columns and indexes**
- Prevent possible crash when joining to a scalar function
- Prevent transitory data corruption of GIN indexes after a crash
- Prevent data corruption on TOAST columns when copying data
- Fix failures during hot standby startup
- Correct another "variable not found in subplan target list" bug
- Fix bug with sorting on aggregate expressions in windowing functions
- Multiple bug fixes for pg_upgrade
- Change Foreign Key creation order to better support
self-referential keys**
- Multiple bug fixes to CREATE EXTENSION
- Ensure that function return type and data returned from PL/perl agree
- Ensure that PL/perl strings are always UTF-8
- Assorted bug fixes for various Extensions
- Updates to the time zone database, particularly to CST6
Changes marked with ** above require additional, post-update steps in
order to fix all described issues.
URL: http://www.postgresql.org/docs/current/static/release.html
Also, fix a pthread problem in the FreeBSD port. [1]
PR: 160580 [1]
Feature safe: yes
|
Thursday, 20 Oct 2011
|
21:07 crees
- Fix packaging issue (missed %%PG_USER%% in pkg-plist-server)
- Remove extra bsd.port.pre.mk include from postgresql82-server
PR: ports/161816 ports/161824 ports/161821
Submitted by: Jason Helfman (jhelfman@e-e.com)
Approved by: portmgr (pav)
|
Tuesday, 18 Oct 2011
|
09:03 girgen
The PostgreSQL Global Development Group today released minor version updates
for all active branches of the PostgreSQL object-relational database system,
including versions 9.1.1, 9.0.5, 8.4.9, 8.3.16 and 8.2.22.
All users are strongly urged to update their installations at the next
scheduled downtime.
URL: http://www.postgresql.org/about/news.1355
Cleanup ports. Better handling of the knob PG_USER.
Also add uuid to 9.0 and 9.1 contrib ports.
|
Monday, 15 Aug 2011
|
14:52 crees
Revert previous commit -- appears to cause rc problems as I missed some subs
http://www.mail-archive.com/freebsd-ports@freebsd.org/msg35324.html
PR: ports/157558 ports/157559 ports/157666 ports/157669
Submitted by: rihad@mail.ru
Approved by: maintainer (girgen; implicit -- this reverts a commit I did
after maintainer timeout)
|
Friday, 12 Aug 2011
|
09:55 crees
Use USERS and GROUPS
PR: ports/157666
Submitted by: me
Approved by: maintainer timeout (girgen, 8 weeks)
|
Monday, 18 Apr 2011
|
23:34 girgen
Update PostgreSQL to 9.0.4, 8.4.8, 8.3.15 and 8.2.21.
This update contains a critical fix to the pg_upgrade utility
which prevents significant downtime issues. Do not use
pg_upgrade without installing this update first.
The issue with pg_upgrade and the fix are detailed on the PostgreSQL
wiki: http://wiki.postgresql.org/wiki/20110408pg_upgrade_fix
Users who have already used pg_upgrade should run the database repair
script given on that page on their databases as soon as possible.
See the release notes for each version at
http://www.postgresql.org/docs/current/static/release.html for a full
list of changes with details.
Allow the username of the postgresql user to configurable for 8.4 and 9.0.
Largely inspired by the work of Jason Helfman [153668, 153136].
Change PGUSER knob to PG_USER not to clash with PGUSER environment.
PR: 153668, 153136, 155493, 155137
|
Monday, 22 Nov 2010
|
19:21 sunpoet
- Use dirrmtry on share/postgresql/tsearch_data for postgresql{83|84|90}-server
- Bump PORTREVISION
PR: ports/151882
Submitted by: sunpoet (myself)
Approved by: girgen (maintainer timeout, 20 days)
|
Thursday, 7 Oct 2010
|
06:58 girgen
Update all PostgreSQL ports to latest versions.
Also, try to break the previous 1:1 relation between FreeBSD system and
PostgreSQL versions installed. Use different PREFIX:es to install
different versions on the same system.
PR: ports/132402, ports/145002, ports/146657
|
Saturday, 5 Jun 2010
|
11:04 girgen
Fix package list
|
Thursday, 20 May 2010
|
15:43 girgen
Update all PostgreSQL ports to latest version.
Remove postgresql-contrib in favour for postgresqlNN-contrib.
This way we will get packages built, which is nice.
Security: CVE-2010-1169
Security: CVE-2010-1170
The PostgreSQL Project today released minor versions updating all active
branches of the PostgreSQL object-relational database system, including
versions 8.4.4, 8.3.11, 8.2.17, 8.1.21, 8.0.25, and 7.4.29. This release
fixes moderate-risk security issues with PL/perl and PL/tcl, as well as
a data corruption issue with standby databases. Users of any of these
three features should update their PostgreSQL installations immediately.
The PL/perl security fix closes a security hole in PL/perl
procedures which could allow privilege escalation on the host system,
caused by a flaw in Safe.pm; see CVE-2010-1169 and CVE-2010-1447 for
details. A second patch prevents PL/tcl's pltcl_modules table from
being subverted in order to run arbitrary Tcl scripts; see
CVE-2010-1170. These issues only affect users who have enabled either
of these two stored procedure languages.
Also corrected is use of the command ALTER TABLE SET TABLESPACE, which
previously could cause data corruption on Warm Standby database slaves.
This issue affects only version 8.4.
There are also 21 other bug fixes in this release, some of which apply
only to version 8.4, and a few of which are specifically for Windows.
While these are generally fixes for minor issues, among the changes are:
* Fix for a combinational crash condition
* Prevent normal users from resetting some GUCs in
their own role definitions
* Correctly apply constraint exclusion in UPDATE and DELETE queries
* Minor fixes for WAL archiving
* Update timezone data for 12 zones
See the release notes for a full list of changes with details.
Releasenotes at http://www.postgresql.org/docs/current/static/release.html
|
Thursday, 25 Mar 2010
|
21:47 delphij
Update to 8.4.3.
PR: ports/144863
Submitted by: Alexander <alp rsu ru>
Security: e050119b-3856-11df-b2b2-002170daae37
With hat: ports-security@
|
Thursday, 17 Dec 2009
|
16:07 mm
- Update to 8.4.2
Security: CVE-2009-4034
Security: CVE-2009-4136
Security:
http://portaudit.freebsd.org/e7bc5600-eaa0-11de-bd9c-00215c6a37bb.html
PR: ports/141639
Submitted by: Alexander Pyhalov <alp@rsu.ru>
Approved by: ports-security (delphij)
|
Wednesday, 2 Dec 2009
|
22:21 mm
- Update to 8.4.1
- Set INTDATE on as default (this is default by PostgreSQL)
PR: ports/139277
Submitted by: Olli Hauer <ohauer@gmx.de>
Approved by: maintainer timeout (2 months)
|
Wednesday, 8 Jul 2009
|
20:31 girgen
Fix broken pkg-plist for gettext files.
Also, inform about pg_standby rather than autovacuum. [1]
PR: 136468 [1]
|
Tuesday, 7 Jul 2009
|
22:30 girgen
Welcome PostgreSQL 8.4
After many years of development, PostgreSQL has become feature-complete in many
areas.
This release shows a targeted approach to adding features (e.g., authentication,
monitoring, space reuse), and adds capabilities defined in the later SQL
standards.
The major areas of enhancement are:
Windowing Functions
Common Table Expressions and Recursive Queries
Default and variadic parameters for functions
Parallel Restore
Column Permissions
Per-database locale settings
Improved hash indexes
Improved join performance for EXISTS and NOT EXISTS queries
Easier-to-use Warm Standby
Automatic sizing of the Free Space Map
Visibility Map (greatly reduces vacuum overhead for slowly-changing tables)
Version-aware psql (backslash commands work against older servers)
Support SSL certificates for user authentication
Per-function runtime statistics
Easy editing of functions in psql
New contrib modules: pg_stat_statements, auto_explain, citext, btree_gin
URL: http://www.postgresql.org/docs/8.4/interactive/release-8-4.html
|
Number of commits found: 25 |