notbugAs an Amazon Associate I earn from qualifying purchases.
Want a good read? Try FreeBSD Mastery: Jails (IT Mastery Book 15)
Want a good monitor light? See my photosAll times are UTC
Ukraine
non port: databases/postgresql12-server/pkg-plist-server

Number of commits found: 18

Thursday, 9 Feb 2023
14:52 Palle Girgensohn (girgen) search for other commits by this committer
databases/postgresql??-*: upgrade to latest versions

The PostgreSQL Global Development Group has released an update to all
supported versions of PostgreSQL, including 15.2, 14.7, 13.10, 12.14,
and 11.19. This release closes one security vulnerability and fixes over
60 bugs reported over the last several months.

Release notes:	https://www.postgresql.org/docs/release/
Security:	CVE-2022-41862: Client memory disclosure when
		connecting, with Kerberos, to modified server.
commit hash: 8f04ac817353175e8f73e8561d404b81b9d20ce4 commit hash: 8f04ac817353175e8f73e8561d404b81b9d20ce4 commit hash: 8f04ac817353175e8f73e8561d404b81b9d20ce4 commit hash: 8f04ac817353175e8f73e8561d404b81b9d20ce4 8f04ac8
Thursday, 10 Nov 2022
16:23 Palle Girgensohn (girgen) search for other commits by this committer
databases/postgresq??-*: update to latest version

PostgreSQL 15.1, 14.6, 13.9, 12.13, 11.18, and 10.23 Released!

The PostgreSQL Global Development Group has released an update to all
supported versions of PostgreSQL, including 15.1, 14.6, 13.9, 12.13,
11.18, and 10.23. This release fixes 25 bugs reported over the last
several months.

This is the final release of PostgreSQL 10. PostgreSQL 10 will no longer
receive security and bug fixes. If you are running PostgreSQL 10 in a
production environment, we suggest that you make plans to upgrade.

Release notes:	https://www.postgresql.org/docs/release/
commit hash: 792a1db259a1e0b8588727d5a200dc62dac54ae8 commit hash: 792a1db259a1e0b8588727d5a200dc62dac54ae8 commit hash: 792a1db259a1e0b8588727d5a200dc62dac54ae8 commit hash: 792a1db259a1e0b8588727d5a200dc62dac54ae8 792a1db
Monday, 3 Oct 2022
10:53 Palle Girgensohn (girgen) search for other commits by this committer
databases/postgresql1[012]-server: fix bad plist (again)

Previous fix was incomplete and plain wrong. Fix properly.

Noted by:	sunpoet@
commit hash: 72588c54b875233eb146e244461e8a6bbc35eed3 commit hash: 72588c54b875233eb146e244461e8a6bbc35eed3 commit hash: 72588c54b875233eb146e244461e8a6bbc35eed3 commit hash: 72588c54b875233eb146e244461e8a6bbc35eed3 72588c5
08:29 Palle Girgensohn (girgen) search for other commits by this committer
databases/postgresql??-server: fix bad PLIST substitutions

Noted by:	sunpoet@
commit hash: c54eaee9b25b1e5a82d00277e2dca7ccf67c0a81 commit hash: c54eaee9b25b1e5a82d00277e2dca7ccf67c0a81 commit hash: c54eaee9b25b1e5a82d00277e2dca7ccf67c0a81 commit hash: c54eaee9b25b1e5a82d00277e2dca7ccf67c0a81 c54eaee
Friday, 12 Aug 2022
09:05 Palle Girgensohn (girgen) search for other commits by this committer
databases/postgresql??-*: Update to latest version

The PostgreSQL Global Development Group has released an update to all
supported versions of PostgreSQL, including 14.5, 13.8, 12.12, 11.17,
and 10.22, as well as the third beta release of PostgreSQL 15. This
release closes one security vulnerability and fixes over 40 bugs
reported over the last three months.

PostgreSQL 10 will stop receiving fixes on November 10, 2022. If you are
running PostgreSQL 10 in a production environment, we strongly advise
that you make plans to upgrade to a newer, supported version of
PostgreSQL so you can continue to receive bug and security fixes.

Security:	CVE-2022-2625
Release
notes:	https://www.postgresql.org/about/news/postgresql-145-138-1212-1117-1022-and-15-beta-3-released-2496/
commit hash: 2e7e556d443e7ff948d0936ae65ead36825f5544 commit hash: 2e7e556d443e7ff948d0936ae65ead36825f5544 commit hash: 2e7e556d443e7ff948d0936ae65ead36825f5544 commit hash: 2e7e556d443e7ff948d0936ae65ead36825f5544 2e7e556
Thursday, 19 May 2022
13:36 Palle Girgensohn (girgen) search for other commits by this committer
databases/postgresql??-*: add postgresql-15 to the ports tree

Introduce PostgreSQL-15 to the ports tree.

Make version 15 the master port, and add plist parameter for the
postgresql version.

Release notes:	https://www.postgresql.org/docs/devel/release.html
commit hash: 5b11f47f0d59c95f6dcf1ff75badede5ec84e72e commit hash: 5b11f47f0d59c95f6dcf1ff75badede5ec84e72e commit hash: 5b11f47f0d59c95f6dcf1ff75badede5ec84e72e commit hash: 5b11f47f0d59c95f6dcf1ff75badede5ec84e72e 5b11f47
Thursday, 11 Nov 2021
14:37 Palle Girgensohn (girgen) search for other commits by this committer
databases/postgresql??-*: updated to latest version

This release contains a variety of fixes from the previous version.

A dump/restore is not required for those running the same major version.
However, note that installations using physical replication should
update standby servers before the primary server, as explained in the
release notes.

Also, several bugs have been found that may have resulted in corrupted
indexes, as explained in the next several changelog entries.  If any of
those cases apply to you, it's recommended to reindex possibly-affected
indexes after updating.

This release also mitigates two possible man-in-the-middle attacks.

Security:	2ccd71bd-426b-11ec-87db-6cc21735f730
Release notes:	https://www.postgresql.org/docs/release/14.1/
commit hash: d3db7630c79762949ca7d0f3cbf1db128ebecca4 commit hash: d3db7630c79762949ca7d0f3cbf1db128ebecca4 commit hash: d3db7630c79762949ca7d0f3cbf1db128ebecca4 commit hash: d3db7630c79762949ca7d0f3cbf1db128ebecca4 d3db763
Thursday, 20 May 2021
14:35 Palle Girgensohn (girgen) search for other commits by this committer
databases/postgresql1[123]-server: remove trailing space in pkg-plist
commit hash: 21a4d52359f0e59b4f0dbb97212db803352e067e commit hash: 21a4d52359f0e59b4f0dbb97212db803352e067e commit hash: 21a4d52359f0e59b4f0dbb97212db803352e067e commit hash: 21a4d52359f0e59b4f0dbb97212db803352e067e 21a4d52
Thursday, 12 Nov 2020
15:00 girgen search for other commits by this committer
PostgreSQL 13.1, 12.5, 11.10, 10.15, 9.6.20 released!

The PostgreSQL Global Development Group has released an update to all supported
versions of our database system, including 13.1, 12.5, 11.10, 10.15 and 9.6.20.
This release closes three security vulnerabilities and fixes over 65 bugs
reported over the last three months.

Due to the nature of CVE-2020-25695, we advise you to update as soon as
possible.

Additionally, this is the second-to-last release of PostgreSQL 9.5. If you are
running PostgreSQL 9.5 in a production environment, we suggest that you make
plans to upgrade.

For the full list of changes, please review the release notes.

Security:	CVE-2020-25695: Multiple features escape "security restricted
				operation" sandbox

Security:	CVE-2020-25694: Reconnection can downgrade connection security
				settings

Security:	CVE-2020-25696: psql's \gset allows overwriting specially
				treated variables
Original commitRevision:554966 
Thursday, 13 Aug 2020
13:45 girgen search for other commits by this committer
The PostgreSQL Global Development Group has released an update to all
supported versions of our database system, including 12.4, 11.9, 10.14,
9.6.19, and 9.5.23.

This release closes two security vulnerabilities and fixes over 50 bugs
reported over the last three months.

Please plan to update at your earliest convenience.

Security Issues
---------------

* CVE-2020-14349: Uncontrolled search path element in logical replication.

Versions Affected: 10 - 12.

The PostgreSQL `search_path` setting determines schemas searched for
tables, functions, operators, etc. The CVE-2018-1058 fix caused most
PostgreSQL-provided client applications to sanitize `search_path`, but
logical replication continued to leave `search_path` unchanged. Users of
a replication publisher or subscriber database can create objects in the
`public` schema and harness them to execute arbitrary SQL functions
under the identity running replication, often a superuser. Installations
having adopted a documented secure schema usage pattern are not vulnerable.

The PostgreSQL project thanks Noah Misch for reporting this problem.

* CVE-2020-14350: Uncontrolled search path element in `CREATE EXTENSION`.

Versions Affected: 9.5 - 12. The security team typically does not test
unsupported versions, but this problem is quite old.

When a superuser runs certain `CREATE EXTENSION` statements, users may
be able to execute arbitrary SQL functions under the identity of that
superuser. The attacker must have permission to create objects in the
new extension's schema or a schema of a prerequisite extension.  Not all
extensions are vulnerable.

In addition to correcting the extensions provided with PostgreSQL, the
PostgreSQL Global Development Group is issuing guidance for third-party
extension authors to secure their own work.

The PostgreSQL project thanks Andres Freund for reporting this problem.

Security:	CVE-2020-14349, CVE-2020-14350
Original commitRevision:544810 
Monday, 15 Jun 2020
06:56 girgen search for other commits by this committer
Fix bad plist substitution

PR:		247226
Reported by:	Garrett Wollman
Original commitRevision:538854 
Sunday, 17 May 2020
20:37 girgen search for other commits by this committer
The PostgreSQL Global Development Group has released an update to all
supported versions of our database system, including 12.3, 11.8, 10.13,
9.6.18, and 9.5.22.  This release fixes one security issue found in the
PostgreSQL server and over 75 bugs reported over the last three months.

Please plan to update at your earliest convenience.

Update the backup warning text. [1]

Add plpython and plperl libs for hstore, jsonb and ltree for the versions where
they exist. These libs are added to the postgresql??-plpython and -plperl
ports, inspired by [2].

PR:		237910 [1], 245246 [2]
Submitted by:	Francesco [1], Loic Bartoletti [2]
Original commitRevision:535676 
Thursday, 13 Feb 2020
19:14 girgen search for other commits by this committer
The PostgreSQL Global Development Group has released an update to all
supported versions of our database system, including 12.2, 11.7, 10.12,
9.6.17, 9.5.21, and 9.4.26. This release fixes one security issue found
in the PostgreSQL server and over 75 bugs reported over the last three
months.

Users should plan to update as soon as possible.

PostgreSQL 9.4 Now EOL

This is the last release for PostgreSQL 9.4, which will no longer
receive security updates and bug fixes. PostgreSQL 9.4 introduced new
features such as JSONB support, the `ALTER SYSTEM` command, the ability
to stream logical changes to an output plugin, and more:

 https://www.postgresql.org/about/news/1557/
 https://www.postgresql.org/docs/9.4/release-9-4.html

While we are very proud of this release, these features are also found
in newer versions of PostgreSQL. Many of these features have also
received improvements, and, per our versioning policy, it is time to
retire PostgreSQL 9.4.

To receive continued support, we suggest that you make plans to upgrade
to a newer, supported version of PostgreSQL. Please see the PostgreSQL
versioning policy for more information.

Security Issues

* CVE-2020-1720: `ALTER ... DEPENDS ON EXTENSION` is missing
authorization checks.

Versions Affected: 9.6 - 12

The `ALTER ... DEPENDS ON EXTENSION` sub-commands do not perform
authorization checks, which can allow an unprivileged user to  drop any
function, procedure, materialized view, index, or trigger under certain
conditions. This attack is possible if an administrator has installed an
extension and an unprivileged user can `CREATE`, or an extension owner
either executes `DROP EXTENSION` predictably or can be convinced to
execute `DROP EXTENSION`.

Release notes: https://www.postgresql.org/docs/current/release.html
Original commitRevision:526063 
Friday, 15 Nov 2019
14:00 girgen search for other commits by this committer
Fix build failure after last upgrade

PR:	241983
Original commitRevision:517675 
Thursday, 17 Oct 2019
14:12 girgen search for other commits by this committer
Fix PLIST problems when building with LLVM but without GSSAPI or OPENSSL.

PR:		241053, 241166
Submitted by:	Artyom Davidov
Original commitRevision:514661 
Thursday, 3 Oct 2019
13:52 girgen search for other commits by this committer
Upgrade to postgresql-12.0

PostgreSQL 12 enhancements include notable improvements to query
performance, particularly over larger data sets, and overall space
utilization. This release provides application developers with new
capabilities such as SQL/JSON path expression support, optimizations for
how common table expression ("WITH") queries are executed, and generated
columns. The PostgreSQL community continues to support the extensibility
and robustness of PostgreSQL, with further additions to
internationalization, authentication, and providing easier ways to
administrate PostgreSQL. This release also introduces the pluggable
table storage interface, which allows developers to create their own
methods for storing data.

"The development community behind PostgreSQL contributed features for
PostgreSQL 12 that offer performance and space management gains that our
users can achieve with minimal effort, as well as improvements in
enterprise authentication, administration functionality, and SQL/JSON
support." said Dave Page, a core team member of the PostgreSQL Global
Development Group. "This release continues the trend of making it easier
to manage database workloads large and small while building on
PostgreSQL's reputation of flexibility, reliability and stability in
production environments."

Release notes:	https://www.postgresql.org/about/news/1976/
Original commitRevision:513665 
Friday, 13 Sep 2019
14:30 girgen search for other commits by this committer
Update to PostgreSQL-12b4

The PostgreSQL Global Development Group announces that the fourth beta
release of PostgreSQL 12 is now available for download. This release
contains previews of all features that will be available in the final
release of PostgreSQL 12, though some details of the release could
change before then.

This is likely the final beta release of PostgreSQL 12 before a release
candidate is made available.

In the spirit of the open source PostgreSQL community, we strongly
encourage you to test the new features of PostgreSQL 12 in your database
systems to help us eliminate any bugs or other issues that may exist.

Upgrading to PostgreSQL 12 Beta 4

To upgrade to PostgreSQL 12 Beta 4 from Beta 3 or an earlier version of
PostgreSQL 12, you will need to use a strategy similar to upgrading
between major versions of PostgreSQL (e.g. `pg_upgrade` or `pg_dump` /
`pg_restore`). For more information, please visit the documentation
section on upgrading:

https://www.postgresql.org/docs/12/static/upgrading.html

URL:	https://wiki.postgresql.org/wiki/PostgreSQL_12_Open_Items#resolved_before_12beta4
Original commitRevision:511971 
Thursday, 8 Aug 2019
15:33 girgen search for other commits by this committer
iThe PostgreSQL Global Development Group has released an update to all
supported versions of our database system, including 11.5, 10.10,
9.6.15, 9.5.19, and 9.4.24, as well as the third beta of PostgreSQL 12.
This release fixes two security issues in the PostgreSQL server, two
security issues found in one of the PostgreSQL Windows installers, and
over 40 bugs reported since the previous release.

Users should install these updates as soon as possible.

A Note on the PostgreSQL 12 Beta
================================

In the spirit of the open source PostgreSQL community, we strongly
encourage you to test the new features of PostgreSQL 12 in your database
systems to help us eliminate any bugs or other issues that may exist.
(Only the first 15 lines of the commit message are shown above View all of this commit message)
Original commitRevision:508390 

Number of commits found: 18