| Commit History - (may be incomplete: see SVNWeb link above for full details) |
| Date | By | Description |
04 Apr 2013 13:21:23
  9.0.13
|
girgen  |
The PostgreSQL Global Development Group has released a security
update to all current versions of the PostgreSQL database system,
including versions 9.2.4, 9.1.9, 9.0.13, and 8.4.17. This update
fixes a high-exposure security vulnerability in versions 9.0 and
later. All users of the affected versions are strongly urged to apply
the update *immediately*.
A major security issue (for versions 9.x only) fixed in this release,
[CVE-2013-1899](http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-1899),
makes it possible for a connection request containing a database name
that begins with "-" to be crafted that can damage or destroy files
within a server's data directory. Anyone with access to the port the
PostgreSQL server listens on can initiate this request. This issue was
discovered by Mitsumasa Kondo and Kyotaro Horiguchi of NTT Open Source
Software Center. (Only the first 15 lines of the commit message are shown above  ) |
08 Feb 2013 07:54:10
9.0.12
 |
girgen |
PostgreSQL 9.2.3, 9.1.8, 9.0.12, 8.4.16 and 8.3.23 released
This update fixes a denial-of-service (DOS) vulnerability. All users
should update their PostgreSQL installations as soon as possible.
The security issue fixed in this release, CVE-2013-0255, allows a
previously authenticated user to crash the server by calling
an internal function with invalid arguments.
URL: http://www.postgresql.org/about/news/1446/
Security: http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-0255 |
19 Dec 2012 16:03:59
9.0.11
|
girgen |
Chase ICU update to 50 |
06 Dec 2012 16:40:36
9.0.11
|
girgen |
The PostgreSQL Global Development Group has released an update to all current
versions of the PostgreSQL database system, including versions 9.2.2, 9.1.7,
9.0.11, 8.4.15, and 8.3.22. Users of PostgreSQL Hot Standby replication
should update at the next possible opportunity. Other users should update
at their next maintenance window.
Deprecate the 8.3.22 version, since it is near end-of-life.
URL: http://www.postgresql.org/about/news/1430/
Feature safe: yes |
24 Sep 2012 22:03:11
9.0.10
|
girgen |
Update PostgreSQL to 9.2.1, 9.1.6, 9.0.10, 8.4.14 and 8.3.21 respectively.
This update fixes critical issues for major versions 9.1 and 9.2, and
users running those versions should apply it as soon as possible.
URL: http://www.postgresql.org/about/news/1416/ |
17 Aug 2012 19:39:51
9.0.9
|
jgh |
The PostgreSQL Global Development Group today released security updates for all
active branches
of the PostgreSQL database system, including versions 9.1.5, 9.0.9, 8.4.13 and
8.3.20. This
update patches security holes associated with libxml2 and libxslt, similar to
those affecting
other open source projects. All users are urged to update their installations at
the first
available opportunity.
This security release fixes a vulnerability in the built-in XML functionality,
and a vulnerability
in the XSLT functionality supplied by the optional XML2 extension. Both
vulnerabilities allow
reading of arbitrary files by any authenticated database user, and the XSLT
vulnerability
allows writing files as well. The fixes cause limited backwards compatibility
issues.
These issues correspond to the following two vulnerabilities:
CVE-2012-3488: PostgreSQL insecure use of libxslt
CVE-2012-3489: PostgreSQL insecure use of libxml2
This release also contains several fixes to version 9.1, and a smaller number of
fixes to older versions, including: (Only the first 15 lines of the commit message are shown above ) |
04 Jun 2012 11:00:52
9.0.8
|
girgen |
The PostgreSQL Global Development Group today released security updates for all
active branches of the PostgreSQL database system, including versions 9.1.4,
9.0.8, 8.4.12 and 8.3.19.
Users of the crypt(text, text) function with DES encryption in the optional
pg_crypto module should upgrade their installations immediately, if you have'nt
already updated since the port was patched on May 30. All other database
administrators are urged to upgrade your version of PostgreSQL at the
next scheduled downtime.
URL: http://www.postgresql.org/about/news/1398/
Security: http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-2143
Fix incorrect password transformation in contrib/pgcryptoâs DES
crypt() function
This was fixed in a patch release for the FreeBSD ports on May 30.
Security: http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-2655
Ignore SECURITY DEFINER and SET attributes for a procedural
languageâs call handle |
30 May 2012 22:26:15
9.0.7_2
|
jgh |
- Address postgresql*-servers for crypt vulnerability (CVE-2012-2143)
http://www.postgresql.org/about/news/1397/
With hat: pgsql |
05 Mar 2012 20:10:22
9.0.7_1
|
crees |
Various tidiness patches:
- Compact -plperl ports
- Portlint for 90-plperl
- Update version numbers in pkg-install-server
- s/spaces/tabs/
- Use ${} instead of $()
- s/YES/yes/
- Tidy IGNORE values
Submitted by: sunpoet |
04 Mar 2012 17:19:59
9.0.7_1
|
crees |
Over to new team, pgsql@FreeBSD.org |
28 Feb 2012 21:37:40
9.0.7_1
|
girgen |
Fix pkg-plist |
27 Feb 2012 16:24:48
9.0.7
|
girgen |
The PostgreSQL Global Development Group today released security updates for all
active branches of the PostgreSQL object-relational database system, including
versions 9.1.3, 9.0.7, 8.4.11 and 8.3.18.
Users of pg_dump, users of SSL certificates for validation or users of triggers
using SECURITY DEFINER should upgrade their installations immediately. All
other database administrators are urged to upgrade your version of PostgreSQL
at the next scheduled downtime. More details on the security fixes here:
URL: http://www.postgresql.org/about/news/1377/
Security: http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-0866
Security: http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-0867
Security: http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-0868 |
19 Feb 2012 19:35:02
9.0.6_3
|
crees |
Remove p5- from postgresql*-plperl 's mention in pkg-message-client |
25 Jan 2012 21:12:33
9.0.6_3
|
crees |
- To preserve my sanity, slave 82 and 83 to 84, and 90 to 91, resulting in
three fewer Makefiles to maintain
- Switch patch master site
- Various cleanups |
23 Jan 2012 20:36:58
9.0.6_3
|
crees |
Add OPTION to postgresql9[10]-contrib for building without uuid-ossp
Requested by: sunpoet |
22 Jan 2012 06:59:27
9.0.6_3
|
jgh |
- Add profile support for PostgreSQL servers
- re-assign LOCALBASE to PREFIX
- add PG_GROUP to SUB_PLIST for packaging fix
- fix permissions for package installations
PR: ports/162776
Submitted by: jgh, Phil Phillips < pphillips at experts-exchange.com >
Reviewed by: rene (mentor)
Approved by: crees (maintainer, mentor) |
19 Jan 2012 19:06:00
9.0.6_2
|
jgh |
fix typo %%PG_GROUP%% in pkg-plist-server
Spotted by: decke
Approved by: crees, rene (mentors,implicit) |
19 Jan 2012 03:35:49
9.0.6_1
|
tabthorpe |
- Reset ports due to maintainer timeouts and lack of response to emails
With hat: portmgr |
18 Jan 2012 21:35:11
9.0.6_1
|
jgh |
Fix plist to create directory with proper ownerships PostgreSQL database
may start.
PR: ports/164273 (critical)
Submitted by: Alexander Yerenkow <yerenkow at gmail.com>
Approved by: maintainer-timeout: girgen (1 day), portmgr (linimon) |
14 Jan 2012 08:57:23
9.0.6
|
dougb |
In the rc.d scripts, change assignments to rcvar to use the
literal name_enable wherever possible, and ${name}_enable
when it's not, to prepare for the demise of set_rcvar().
In cases where I had to hand-edit unusual instances also
modify formatting slightly to be more uniform (and in
some cases, correct). This includes adding some $FreeBSD$
tags, and most importantly moving rcvar= to right after
name= so it's clear that one is derived from the other. |
05 Dec 2011 16:45:14
9.0.6
|
girgen |
The PostgreSQL Global Development Group today released updates for all
active branches of the PostgreSQL object-relational database system,
including versions 9.1.2, 9.0.6, 8.4.10, 8.3.17 and 8.2.23.
This release contains 52 fixes to version 9.1, and a smaller number of
fixes to older versions, including:
- Fix bugs in information_schema.referential_constraints view**
- Correct collations for citext columns and indexes**
- Prevent possible crash when joining to a scalar function
- Prevent transitory data corruption of GIN indexes after a crash
- Prevent data corruption on TOAST columns when copying data
- Fix failures during hot standby startup
- Correct another "variable not found in subplan target list" bug
- Fix bug with sorting on aggregate expressions in windowing functions (Only the first 15 lines of the commit message are shown above ) |
30 Nov 2011 18:49:31
9.0.5_1
|
crees |
Add DTRACE option for postgresql84-server
PR: ports/150431
Submitted by: rpaulo
Fix compilation with GSSAPI
PR: ports/161786
Submitted by: rea
Reviewed by: mandree, John Marshall <john.marshall@riverwillow.com.au>
Mark IGNORE if DTRACE enabled for FreeBSD < 900021 without userland dtrace
PR: ports/152502
Submitted by: Sevan Janiyan <venture37@geeklan.co.uk>
Approved by: maintainer timeout (girgen, at least 2 months)
Feature safe: yes |
20 Oct 2011 21:07:29
9.0.5_1
|
crees |
- Fix packaging issue (missed %%PG_USER%% in pkg-plist-server)
- Remove extra bsd.port.pre.mk include from postgresql82-server
PR: ports/161816 ports/161824 ports/161821
Submitted by: Jason Helfman (jhelfman@e-e.com)
Approved by: portmgr (pav) |
19 Oct 2011 18:29:58
9.0.5_1
|
crees |
This time remember to bump PORTREVISION |
19 Oct 2011 18:21:25
9.0.5
|
crees |
Fix SUB_LIST issue by deconditionalising it.
Temporary fix, but will stop the flurry of incoming PRs related.
PR: ports/161779 ports/161774 ports/161791 ports/161771 ports/161769
Submitted by: Many people, original fix suggested by Jason Helfman
(jhelfman@e-e.com)
Approved by: portmgr (pav) |
18 Oct 2011 09:03:33
9.0.5
|
girgen |
The PostgreSQL Global Development Group today released minor version updates
for all active branches of the PostgreSQL object-relational database system,
including versions 9.1.1, 9.0.5, 8.4.9, 8.3.16 and 8.2.22.
All users are strongly urged to update their installations at the next
scheduled downtime.
URL: http://www.postgresql.org/about/news.1355
Cleanup ports. Better handling of the knob PG_USER.
Also add uuid to 9.0 and 9.1 contrib ports. |
06 Oct 2011 08:45:16
9.0.4_3
|
mm |
- Add SSL to OPTIONS
- Make portlint happier
- Fix typo
PR: ports/160914
Approved by: maintainer (timeout) |
02 Oct 2011 20:07:40
9.0.4_2
|
sunpoet |
- Unbreak postgresql-plpython: allow build with threaded python
- Pass maintainership to submitter
PR: ports/159843
Submitted by: Ruslan Mahmatkhanov <cvs-src@yandex.ru> |
25 Sep 2011 22:20:28
9.0.4_2
|
rea |
Don't rebuild manual pages if configure was changed
Sometimes patches for PostgreSQL touch its configure script. And the
logics inside current Makefiles for the documentation makes the manual
pages (and other stuff) to be dependent of the timestamp of the
top-level configure file. This triggers the rebuild of the manual
pages, but since some additional XML-related tools are needed, this
rebuild can fail.
PR: 159844
Approved by: maintainer timeout (1 month)
Feature safe: yes |
25 Sep 2011 19:40:10
9.0.4_2
|
rea |
PostgreSQL: unbreak 'make describe'
It was a really bad idea to include bsd.port.pre.mk
inside a conditional expression.
Detected by: portsnap buildbox
Pointyhat to: rea |
25 Sep 2011 18:09:06
9.0.4_2
|
rea |
PostgreSQL: unbreak GSSAPI support
The problem with GSSAPI without Kerberos is that configure.in has
very funny logics of choosing GSSAPI libraries:
{{{
if test "$with_gssapi" = yes ; then
if test "$PORTNAME" != "win32"; then
AC_SEARCH_LIBS(gss_init_sec_context, [gssapi_krb5 gss 'gssapi -lkrb5
-lcrypto'], [],
[AC_MSG_ERROR([could not find function
'gss_init_sec_context' required for GSSAPI])])
else
LIBS="$LIBS -lgssapi32"
fi
fi
}}}
(Only the first 15 lines of the commit message are shown above ) |
23 Sep 2011 22:26:39
9.0.4_2
|
amdmi3 |
- Add LDFLAGS to CONFIGURE_ENV and MAKE_ENV (as it was done with LDFLAGS)
- Fix all ports that add {CPP,LD}FLAGS to *_ENV to modify flags instead
PR: 157936
Submitted by: myself
Exp-runs by: pav
Approved by: pav |
15 Aug 2011 14:52:31
9.0.4_2
|
crees |
Revert previous commit -- appears to cause rc problems as I missed some subs
freebsd-ports@freebsd.org/msg35324.html">http://www.mail-archive.com/freebsd-ports@freebsd.org/msg35324.html
PR: ports/157558 ports/157559 ports/157666 ports/157669
Submitted by: rihad@mail.ru
Approved by: maintainer (girgen; implicit -- this reverts a commit I did
after maintainer timeout) |
14 Aug 2011 01:32:13
9.0.4_2
|
sunpoet |
- Fix databases/p5-postgresql-plperl build with Perl 5.14
This patch is for PostgreSQL 8.2, 8.3, 8.4 and 9.0.
PostgreSQL 9.1 has it already.
PR: ports/158727
Submitted by: sunpoet (myself)
Approved by: girgen (maintainer timeout, 5 weeks) |
12 Aug 2011 10:11:22
9.0.4_2
|
crees |
Use USERS and GROUPS
PR: ports/157669
Submitted by: me
Approved by: maintainer timeout (girgen, 7 weeks) |
10 Jul 2011 21:06:39
9.0.4_2
|
bapt |
- update ICU to 4.8
- chase library bump
- add an entry in UPDATING for instructions
- remove old conflict lines |
17 May 2011 22:26:08
9.0.4_2
|
pav |
- Mark BROKEN on FreeBSD 9.X: does not link
libpq/auth.o: In function `pg_GSS_error':
auth.c:(.text+0x6e): undefined reference to `gss_display_status'
[..]
Reported by: pointyhat |
02 May 2011 21:37:31
9.0.4_2
|
girgen |
Fix a problem with creating the postgresql user when using a package. |
27 Apr 2011 13:28:51
9.0.4_1
|
girgen |
Fix problem creating postgres user when PGUSER was set.
PR: 156662 |
20 Apr 2011 15:30:33
9.0.4_1
|
girgen |
Fix typo in 502.pgsql script
PR: 156515 |
18 Apr 2011 23:34:27
9.0.4
|
girgen |
Update PostgreSQL to 9.0.4, 8.4.8, 8.3.15 and 8.2.21.
This update contains a critical fix to the pg_upgrade utility
which prevents significant downtime issues. Do not use
pg_upgrade without installing this update first.
The issue with pg_upgrade and the fix are detailed on the PostgreSQL
wiki: http://wiki.postgresql.org/wiki/20110408pg_upgrade_fix
Users who have already used pg_upgrade should run the database repair
script given on that page on their databases as soon as possible.
See the release notes for each version at
http://www.postgresql.org/docs/current/static/release.html for a full
list of changes with details.
Allow the username of the postgresql user to configurable for 8.4 and 9.0.
Largely inspired by the work of Jason Helfman [153668, 153136].
Change PGUSER knob to PG_USER not to clash with PGUSER environment.
PR: 153668, 153136, 155493, 155137 |
01 Feb 2011 14:48:17
9.0.3
|
girgen |
Update to versions 9.0.3, 8.4.7, 8.3.14 and 8.2.20.
This update includes a security fix which prevents a buffer overrun in
the contrib module intarray's input function for the query_int type.
This bug is a security risk since the function's return address could
be overwritten by malicious code.
All supported versions of PostgreSQL are impacted. However, the
affected contrib module is optional. Only users who have installed the
intarray module in their database are affected. See the CVE Advisory
at http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-4015
This release includes 63 bugfixes, including:
- Avoid unexpected conversion overflow in planner for distant date values (Only the first 15 lines of the commit message are shown above ) |
30 Jan 2011 09:28:38
9.0.2
|
az |
Fix @dirrmtry since it already filter stderr and return true.
PR: ports/153888
Submitted by: az@
Approved by: maintainer (timeout)
Feature safe: yes |
31 Dec 2010 09:57:21
9.0.2
|
mm |
- Update to 9.0.2
- Unify ICU handling
PR: ports/153245
Approved by: maintainer (timeout) |
16 Dec 2010 18:47:57
9.0.1_2
|
bapt |
- Prepare for devel/icu4 deletion
- fix py-icu with icu4.6
- fix portsgresql*server with icu 4.6
- remove now useless icu patch from webkit |
15 Dec 2010 11:37:49
9.0.1_2
|
bapt |
Chase devel/icu upgrade
Add an updating note |
09 Dec 2010 18:46:07
9.0.1_2
|
danger |
- Fix build if WITH_ICU or WITH_ICU4 defined (bsd.autotools.mk update)
Obtained from: mm
Approved by: portmgr (linimon) |
04 Dec 2010 07:34:27
9.0.1_2
|
ade |
Sync to new bsd.autotools.mk |
22 Nov 2010 19:21:09
9.0.1_2
|
sunpoet |
- Use dirrmtry on share/postgresql/tsearch_data for postgresql{83|84|90}-server
- Bump PORTREVISION
PR: ports/151882
Submitted by: sunpoet (myself)
Approved by: girgen (maintainer timeout, 20 days) |
21 Nov 2010 23:48:49
9.0.1_1
|
rene |
- Fix optional dependency on security/heimdal
- Bump PORTREVISION
PR: ports/152029
Submitted by: Joerg Pulz [Joerg.Pulz frm2.tum.de]
Approved by: Ryan Steinmetz <rpsfa@rit.edu> (maintainer of net/freeradius*)
girgen (maintainer of databases/postgresql*-server,
14 day timeout) |
26 Oct 2010 12:34:27
9.0.1
|
girgen |
Make postgresql90-client depend on libxml. Technically it does not depend on
libxml,
only postgresql90-server does, but since we don't want two different pg_config
setups,
one for client and one for server, I'm bringing the libxml dependency on board
until
I can find out a better way to solve this. |
16 Oct 2010 11:52:47
9.0.1
|
ade |
Punt autoconf267->autoconf268 |
07 Oct 2010 06:58:10
9.0.1
|
girgen |
Update all PostgreSQL ports to latest versions.
Also, try to break the previous 1:1 relation between FreeBSD system and
PostgreSQL versions installed. Use different PREFIX:es to install
different versions on the same system.
PR: ports/132402, ports/145002, ports/146657 |
20 Sep 2010 13:46:47
9.0.0
|
girgen |
PostgreSQL 9.0 is here! The PostgreSQL Global Development Group
announces the availability of our most eagerly awaited release.
PostgreSQL 9.0 includes built-in, binary replication, and over a dozen
other major features which will appeal to everyone from web developers
to database hackers.
9.0 includes more major features than any release before it, including:
* Hot standby
* Streaming replication
* In-place upgrades
* 64-bit Windows builds
* Easy mass permissions management
* Anonymous blocks and named parameter calls for stored procedures
* New windowing functions and ordered aggregates
(Only the first 15 lines of the commit message are shown above ) |
15 Sep 2010 18:35:24
8.4.3_2
|
ade |
Autotools update. Read ports/UPDATING 20100915 for details.
Approved by: portmgr (for Mk/bsd.port.mk part)
Tested by: Multiple -exp runs |
If you buy from Amazon USA, please support us by using this link.
