non port: databases/postgresql14-server/distinfo |
Number of commits found: 16 |
Thursday, 8 Feb 2024
|
21:28 Palle Girgensohn (girgen)
databases/postgresql??-*: Update to latest version
The PostgreSQL Global Development Group has released an update to all
supported versions of PostgreSQL, including 16.2, 15.6, 14.11, 13.14,
and 12.18. This release fixes one security vulnerability and over 65
bugs reported over the last several months.
If you use GIN indexes, you may need to reindex after updating to this
release. Please see the release notes for more information.
URL: https://www.postgresql.org/about/news/postgresql-162-156-1411-1314-and-1218-released-2807/
Release notes: https://www.postgresql.org/docs/release/
Security: 19e6dd1b-c6a5-11ee-9cd0-6cc21735f730
6fa8976 |
Thursday, 9 Nov 2023
|
15:09 Palle Girgensohn (girgen)
databases/postgresql??-*: update to latest version
PostgreSQL 16.1, 15.5, 14.10, 13.13, 12.17, and 11.22 Released!
The PostgreSQL Global Development Group has released an update to all
supported versions of PostgreSQL, including 16.1, 15.5, 14.10, 13.13,
12.17, and 11.22 This release fixes three security vulnerabilities and
over 55 bugs reported over the last several months.
Release
notes: https://www.postgresql.org/about/news/postgresql-161-155-1410-1313-1217-and-1122-released-2749/
Security: CVE-2023-5868, CVE-2023-5869, CVE-2023-5870
Security: 31f45d06-7f0e-11ee-94b4-6cc21735f730
Security: 0f445859-7f0e-11ee-94b4-6cc21735f730
Security: bbb18fcb-7f0d-11ee-94b4-6cc21735f730
a5d53f4 |
Thursday, 10 Aug 2023
|
14:13 Palle Girgensohn (girgen)
databases/postgresql??-*: Update to latest versions.
PostgreSQL 15.4, 14.9, 13.12, 12.16, 11.21, and PostgreSQL 16 Beta 3
Released.
The PostgreSQL Global Development Group has released an update to all
supported versions of PostgreSQL, including 15.4, 14.9, 13.12, 12.16,
and 11.21, as well as the third beta release of PostgreSQL 16. This
release fixes two security vulnerabilities and over 40 bugs reported
over the last several months.
If you use BRIN indexes to look up NULL values, you will need to reindex
them after upgrading to this release. On PostgreSQL 12 and above, you
can use REINDEX CONCURRENTLY to avoid blocking writes to the affected
index and table, for example:
REINDEX INDEX CONCURRENTLY your_index_name;
Also, remove the patch for postgresql.conf.sample suggesting to turn off
update_process_title [1], since it is no longer a problem.
Release
notes: https://www.postgresql.org/about/news/postgresql-154-149-1312-1216-1121-and-postgresql-16-beta-3-released-2689/
[1]: https://commitfest.postgresql.org/19/1715/
3554a40 |
Thursday, 11 May 2023
|
15:42 Palle Girgensohn (girgen)
databases/postgresql??-server: update to latest version
The PostgreSQL Global Development Group has released an update to all
supported versions of PostgreSQL, including 15.3, 14.8, 13.11, 12.15,
and 11.20. This release fixes two security vulnerabilities over 80 bugs
reported over the last several months.
CVE-2023-2454: CREATE SCHEMA ... schema_element defeats protective search_path
changes.
This enabled an attacker having database-level CREATE privilege to
execute arbitrary code as the bootstrap superuser. Database owners have
that right by default, and explicit grants may extend it to other users.
CVE-2023-2455: Row security policies disregard user ID changes after inlining.
While CVE-2016-2193 fixed most interaction between row security and user
ID changes, it missed a scenario involving function inlining. This leads
to potentially incorrect policies being applied in cases where
role-specific policies are used and a given query is planned under one
role and then executed under other roles. This scenario can happen under
security definer functions or when a common user and query is planned
initially and then re-used across multiple SET ROLEs. Applying an
incorrect policy may permit a user to complete otherwise-forbidden reads
and modifications. This affects only databases that have used CREATE
POLICY to define a row security policy.
Security: fbb5a260-f00f-11ed-bbae-6cc21735f730
Security: 4b636f50-f011-11ed-bbae-6cc21735f730
Release-notes: https://www.postgresql.org/docs/release/
3fd6f20 |
Thursday, 9 Feb 2023
|
14:52 Palle Girgensohn (girgen)
databases/postgresql??-*: upgrade to latest versions
The PostgreSQL Global Development Group has released an update to all
supported versions of PostgreSQL, including 15.2, 14.7, 13.10, 12.14,
and 11.19. This release closes one security vulnerability and fixes over
60 bugs reported over the last several months.
Release notes: https://www.postgresql.org/docs/release/
Security: CVE-2022-41862: Client memory disclosure when
connecting, with Kerberos, to modified server.
8f04ac8 |
Thursday, 10 Nov 2022
|
16:23 Palle Girgensohn (girgen)
databases/postgresq??-*: update to latest version
PostgreSQL 15.1, 14.6, 13.9, 12.13, 11.18, and 10.23 Released!
The PostgreSQL Global Development Group has released an update to all
supported versions of PostgreSQL, including 15.1, 14.6, 13.9, 12.13,
11.18, and 10.23. This release fixes 25 bugs reported over the last
several months.
This is the final release of PostgreSQL 10. PostgreSQL 10 will no longer
receive security and bug fixes. If you are running PostgreSQL 10 in a
production environment, we suggest that you make plans to upgrade.
Release notes: https://www.postgresql.org/docs/release/
792a1db |
Friday, 12 Aug 2022
|
09:05 Palle Girgensohn (girgen)
databases/postgresql??-*: Update to latest version
The PostgreSQL Global Development Group has released an update to all
supported versions of PostgreSQL, including 14.5, 13.8, 12.12, 11.17,
and 10.22, as well as the third beta release of PostgreSQL 15. This
release closes one security vulnerability and fixes over 40 bugs
reported over the last three months.
PostgreSQL 10 will stop receiving fixes on November 10, 2022. If you are
running PostgreSQL 10 in a production environment, we strongly advise
that you make plans to upgrade to a newer, supported version of
PostgreSQL so you can continue to receive bug and security fixes.
Security: CVE-2022-2625
Release
notes: https://www.postgresql.org/about/news/postgresql-145-138-1212-1117-1022-and-15-beta-3-released-2496/
2e7e556 |
Thursday, 16 Jun 2022
|
13:08 Palle Girgensohn (girgen)
databases/postgresql14-server: update to 14.4
This release fixes an issue with all versions of PostgreSQL 14 that can
lead to silent corruption of indexes.
Since the release of PostgreSQL 14.0, there existed an issue with CREATE
INDEX CONCURRENTLY and REINDEX CONCURRENTLY that could cause silent data
corruption in indexes. This issue is fixed in the upcoming PostgreSQL
14.4 release.
If you ran either of these commands on any version of PostgreSQL 14
prior to 14.4, you may have experienced silent data corruption. You can
use the pg_amcheck command with the --heapallindexed flag to detect this
issue with B-tree indexes.
If you need an immediate remediation for this issue before the
PostgreSQL 14.4 release, you can run CREATE INDEX or REINDEX without
CONCURRENTLY. You can also run the reindexdb command and use the --jobs
flag for added parallelism, but do not use the --concurrently flag.
Once PostgreSQL 14.4 is released, you can safely use CREATE INDEX
CONCURRENTLY and REINDEX CONCURRENTLY to manage your indexes, as well as
the --concurrently flag on reindexdb.
URL: https://www.postgresql.org/message-id/165473835807.573551.1512237163040609764%40wrigleys.postgresql.org
e870407 |
Thursday, 12 May 2022
|
13:41 Palle Girgensohn (girgen)
databases/postgresql??-server: update to latest version
The PostgreSQL Global Development Group has released an update to all
supported versions of PostgreSQL, including 14.3, 13.7, 12.11, 11.16,
and 10.21. This release fixes over 50 bugs reported over the last three
months. This release closes one security vulnerability and fixes over 50
bugs reported over the last three months.
We encourage you to install this update at your earliest possible
convenience.
If you have any GiST indexes on columns using the ltree data type, you
will need to reindex them after upgrading.
For the full list of changes, please review the release notes.
It also fixes a security issue, CVE-2022-1552:
Autovacuum, REINDEX, and others omit "security restricted operation" sandbox.
Versions Affected: 10 - 14. The security team typically does not test
unsupported versions, but this problem is quite old.
Autovacuum, REINDEX, CREATE INDEX, REFRESH MATERIALIZED VIEW, CLUSTER,
and pg_amcheck made incomplete efforts to operate safely when a
privileged user is maintaining another user's objects. Those commands
activated relevant protections too late or not at all. An attacker
having permission to create non-temp objects in at least one schema
could execute arbitrary SQL functions under a superuser identity.
While promptly updating PostgreSQL is the best remediation for most
users, a user unable to do that can work around the vulnerability by
disabling autovacuum, not manually running the above commands, and not
restoring from output of the pg_dump command. Performance may degrade
quickly under this workaround. VACUUM is safe, and all commands are fine
when a trusted user owns the target object.
Security: 157ce083-d145-11ec-ab9b-6cc21735f730
Release notes: https://www.postgresql.org/docs/release/
6c00f6e |
Thursday, 10 Feb 2022
|
14:17 Palle Girgensohn (girgen)
databases/postgresql??-server: Upgrade to latest version
The PostgreSQL Global Development Group has released an update to all
supported versions of PostgreSQL, including 14.2, 13.6, 12.10, 11.15,
and 10.20. This release fixes over 55 bugs reported over the last three
months.
Announcement: https://www.postgresql.org/about/news/postgresql-142-136-1210-1115-and-1020-released-2402/
Release notes: https://www.postgresql.org/docs/release/
7acb062 |
Thursday, 11 Nov 2021
|
14:37 Palle Girgensohn (girgen)
databases/postgresql??-*: updated to latest version
This release contains a variety of fixes from the previous version.
A dump/restore is not required for those running the same major version.
However, note that installations using physical replication should
update standby servers before the primary server, as explained in the
release notes.
Also, several bugs have been found that may have resulted in corrupted
indexes, as explained in the next several changelog entries. If any of
those cases apply to you, it's recommended to reindex possibly-affected
indexes after updating.
This release also mitigates two possible man-in-the-middle attacks.
Security: 2ccd71bd-426b-11ec-87db-6cc21735f730
Release notes: https://www.postgresql.org/docs/release/14.1/
d3db763 |
Thursday, 30 Sep 2021
|
12:55 Palle Girgensohn (girgen)
databases/postgresql14-server: Introducing PostgreSQL-14
PostgreSQL 14 brings a variety of features that help developers and
administrators deploy their data-backed applications. PostgreSQL
continues to add innovations on complex data types, including more
convenient access for JSON and support for noncontiguous ranges of data.
This latest release adds to PostgreSQL's trend on improving high
performance and distributed data workloads, with advances in connection
concurrency, high-write workloads, query parallelism and logical
replication.
Release notes: https://www.postgresql.org/docs/14/release-14.html
a91450e |
Friday, 24 Sep 2021
|
08:51 Palle Girgensohn (girgen)
databases/postgresql14: update to 14rc1
Release notes: https://www.postgresql.org/docs/14/release-14.html
66e70f5 |
Thursday, 12 Aug 2021
|
16:23 Palle Girgensohn (girgen)
databases/postgresql*: update to latest versions
The PostgreSQL Global Development Group has released an update to all supported
versions of our database system, including 13.4, 12.8, 11.13, 10.18, and
9.6.23, as well as the third beta release of PostgreSQL 14. This release closes
one security vulnerability and fixes over 75 bugs reported over the last three
months.
Turn off parallel builds since we continue to struggle with build problems when
it is activated. [1]
Avoid chasing latest LLVM version. [2]
PR: 256466 [1], 256167 [2]
Release notes: https://www.postgresql.org/docs/release/
Security: b471130b-fb86-11eb-87db-6cc21735f730
a271b9d |
Thursday, 24 Jun 2021
|
19:09 Palle Girgensohn (girgen)
databases/postgres14-*: Update to 14.0-beta2
Release notes: https://www.postgresql.org/developer/beta/
377ebb0 |
Thursday, 20 May 2021
|
14:38 Palle Girgensohn (girgen)
databases/postgresql14-*: Add postgresql 14 beta1 the the ports tree.
Release notes: https://www.postgresql.org/docs/devel/release-14.html
Also reintroduce parallel builds. Some components, namely plperl,
plpython, pltcl and contrib, fail to build properly when using parallel
builds. Something with static linking using `ar` that fails.
MAKE_JOBS_UNSAFE is set for these ports.
fccc45e | Number of commits found: 16 |
|