non port: databases/postgresql82-server/distinfo |
Number of commits found: 22 |
Sunday, 15 Apr 2012
|
15:48 crees
Remove PostgreSQL 8.2 due to EOL by upstream
With hat: pgsql
Reviewed by: pgsql
|
Friday, 17 Feb 2012
|
13:31 crees
Update to 8.3.17 and 8.2.23.
Please note that 8.2 is still deprecated, and any users are still strongly
encouraged to move to 8.4 as soon as possible.
|
Tuesday, 18 Oct 2011
|
09:03 girgen
The PostgreSQL Global Development Group today released minor version updates
for all active branches of the PostgreSQL object-relational database system,
including versions 9.1.1, 9.0.5, 8.4.9, 8.3.16 and 8.2.22.
All users are strongly urged to update their installations at the next
scheduled downtime.
URL: http://www.postgresql.org/about/news.1355
Cleanup ports. Better handling of the knob PG_USER.
Also add uuid to 9.0 and 9.1 contrib ports.
|
Monday, 18 Apr 2011
|
23:34 girgen
Update PostgreSQL to 9.0.4, 8.4.8, 8.3.15 and 8.2.21.
This update contains a critical fix to the pg_upgrade utility
which prevents significant downtime issues. Do not use
pg_upgrade without installing this update first.
The issue with pg_upgrade and the fix are detailed on the PostgreSQL
wiki: http://wiki.postgresql.org/wiki/20110408pg_upgrade_fix
Users who have already used pg_upgrade should run the database repair
script given on that page on their databases as soon as possible.
See the release notes for each version at
http://www.postgresql.org/docs/current/static/release.html for a full
list of changes with details.
Allow the username of the postgresql user to configurable for 8.4 and 9.0.
Largely inspired by the work of Jason Helfman [153668, 153136].
Change PGUSER knob to PG_USER not to clash with PGUSER environment.
PR: 153668, 153136, 155493, 155137
|
Tuesday, 1 Feb 2011
|
14:48 girgen
Update to versions 9.0.3, 8.4.7, 8.3.14 and 8.2.20.
This update includes a security fix which prevents a buffer overrun in
the contrib module intarray's input function for the query_int type.
This bug is a security risk since the function's return address could
be overwritten by malicious code.
All supported versions of PostgreSQL are impacted. However, the
affected contrib module is optional. Only users who have installed the
intarray module in their database are affected. See the CVE Advisory
at http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-4015
This release includes 63 bugfixes, including:
- Avoid unexpected conversion overflow in planner for distant date values
- Fix assignment to an array slice that is before the existing range
of subscripts
- Fix pg_restore to do the right thing when escaping large objects
- Avoid failures when EXPLAIN tries to display a simple-form CASE expression
- Improved build support for Windows version
- Fix bug in contrib/seg's GiST picksplit algorithm which caused
performance degredation
The 9.0.3 update also contains several fixes for issues with features
introduced or changed in version 9.0:
- Ensure all the received WAL is fsync'd to disk before exiting walreceiver
- Improve performance of walreceiver by avoiding excess fsync activity
- Make ALTER TABLE revalidate uniqueness and exclusion constraints when needed
- Fix EvalPlanQual for UPDATE of an inheritance tree when the tables
are not all alike
PR: ports/154436
Security: http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-4015
Feature safe: yes
Approved by: portmgr
|
Friday, 31 Dec 2010
|
09:53 mm
- Update to 8.2.19
PR: ports/153245
Approved by: maintainer (timeout)
|
Thursday, 7 Oct 2010
|
06:58 girgen
Update all PostgreSQL ports to latest versions.
Also, try to break the previous 1:1 relation between FreeBSD system and
PostgreSQL versions installed. Use different PREFIX:es to install
different versions on the same system.
PR: ports/132402, ports/145002, ports/146657
|
Thursday, 20 May 2010
|
15:43 girgen
Update all PostgreSQL ports to latest version.
Remove postgresql-contrib in favour for postgresqlNN-contrib.
This way we will get packages built, which is nice.
Security: CVE-2010-1169
Security: CVE-2010-1170
The PostgreSQL Project today released minor versions updating all active
branches of the PostgreSQL object-relational database system, including
versions 8.4.4, 8.3.11, 8.2.17, 8.1.21, 8.0.25, and 7.4.29. This release
fixes moderate-risk security issues with PL/perl and PL/tcl, as well as
a data corruption issue with standby databases. Users of any of these
three features should update their PostgreSQL installations immediately.
The PL/perl security fix closes a security hole in PL/perl
procedures which could allow privilege escalation on the host system,
caused by a flaw in Safe.pm; see CVE-2010-1169 and CVE-2010-1447 for
details. A second patch prevents PL/tcl's pltcl_modules table from
being subverted in order to run arbitrary Tcl scripts; see
CVE-2010-1170. These issues only affect users who have enabled either
of these two stored procedure languages.
Also corrected is use of the command ALTER TABLE SET TABLESPACE, which
previously could cause data corruption on Warm Standby database slaves.
This issue affects only version 8.4.
There are also 21 other bug fixes in this release, some of which apply
only to version 8.4, and a few of which are specifically for Windows.
While these are generally fixes for minor issues, among the changes are:
* Fix for a combinational crash condition
* Prevent normal users from resetting some GUCs in
their own role definitions
* Correctly apply constraint exclusion in UPDATE and DELETE queries
* Minor fixes for WAL archiving
* Update timezone data for 12 zones
See the release notes for a full list of changes with details.
Releasenotes at http://www.postgresql.org/docs/current/static/release.html
|
Sunday, 20 Dec 2009
|
06:06 delphij
Security update to 8.2.15.
Security: vid e7bc5600-eaa0-11de-bd9c-00215c6a37bb
Security: CVE-2009-4034 CVE-2009-4136
With hat: ports-security
|
Wednesday, 18 Mar 2009
|
15:13 girgen
Update PostgreSQL to latest versions.
The PostgreSQL Project today released minor versions updating all active
branches of the PostgreSQL object-relational database system, including
versions 8.3.7, 8.2.13, 8.1.17, 8.0.21 and 7.4.25. This release fixes a denial
of service issue with encoding conversion, and all users should update their
installations at the next reasonable opportunity.
There are 12 other minor fixes contained in these update releases, including
fixes for xpath() functions in version 8.3. See the release notes for full
details.
URL: http://www.postgresql.org/docs/8.3/static/release-8-3-7.html
URL: http://www.postgresql.org/docs/8.2/static/release-8-2-13.html
URL: http://www.postgresql.org/docs/8.1/static/release.html#RELEASE-8-1-17
URL: http://www.postgresql.org/docs/8.0/static/release.html#RELEASE-8-0-21
URL: http://www.postgresql.org/docs/7.4/static/release.html#RELEASE-7-4-24
|
Tuesday, 10 Feb 2009
|
11:59 girgen
Update PostgreSQL to latest versions.
URL: http://www.postgresql.org/about/news.1055
The PostgreSQL Project today released
updates to all active branches of the
PostgreSQL object-relational database
system, including versions 8.3.6,
8.2.12, 8.1.16, 8.0.20 and 7.4.24. These
updates include two serious fixes, for
autovacuum crashes in version 8.1 and
GiST indexing data loss in 8.3, and
those two versions should be updated as
soon as possible.
These update releases also include
patches for several low-risk security
holes, as well as up to 17 other minor
fixes, depending on your major version
of PostgreSQL. Included as well are
Daylight Savings Time changes for Nepal,
Switzerland and Cuba. See the release
notes for full details.
The first serious issue affects users
who are using version 8.1 with
Autovacuum, which will fail when XID
rollover is required. The second serious
issue can cause data loss when CLUSTER
is used with GiST indexes (such as full
text indexes) on version 8.3. Both
issues are fixed in these releases.
|
Friday, 7 Nov 2008
|
18:38 girgen
Update PostgreSQL to the very latest version, 8.2.11
|
09:49 girgen
Update PostgreSQL to latest versions.
http://www.postgresql.org/docs/current/static/release-8-3-5.html
http://www.postgresql.org/docs/current/static/release-8-2-11.html
http://www.postgresql.org/docs/current/static/release-8-1-15.html
http://www.postgresql.org/docs/current/static/release-8-0-19.html
http://www.postgresql.org/docs/current/static/release-7-4-23.html
Note that the GiST problem mentioned does not apply to users of
the FreeBSD port, since the previous version of PostgreSQL never
reached the ports tree, due to the freeze of the tree pending the
FreeBSD 7.1 update.
PR: 121848, 124713
|
Thursday, 12 Jun 2008
|
23:46 girgen
Updates of the PostgreSQL ports
Updates for all maintained versions of PostgreSQL are available today:
8.3.3, 8.2.9, 8.1.13, 8.0.17 and 7.4.21. These releases fix more than
two dozen minor issues reported and patched over the last few months.
All PostgreSQL users should plan to update at their earliest
convenience. People in affected time zones, in particular, should
upgrade as soon as possible.
Release Notes:
http://www.postgresql.org/docs/8.3/static/release.html
Also, fix umask error in periodic script [1].
PR: ports/124457 [1]
Submitted by: Alexandre Perrin
|
Tuesday, 18 Mar 2008
|
22:27 girgen
Update to 8.2.7
Release notes:
http://developer.postgresql.org/pgdocs/postgres/release-8-2-7.html
Remove HIER patch option, since it is not available anymore. The site
is down and original author responses that he does not maintain it
anymore.
PR: ports/116423
Remove option to build and link with thread safety, and always build
thread safe instead. Decided after a discussion with postgresql
hackers, and tested for a while in postgresql83. This helps when
for example linking with openldap, or for using certain programming
languages as postgresql functions.
|
Monday, 7 Jan 2008
|
13:51 girgen
Update all PostgreSQL ports to latest versions.
This includes a bunch of security fixes: CVE-2007-6067, CVE-2007-4772,
CVE-2007-6601, CVE-2007-6600 and CVE-2007-4769.
Security: http://www.postgresql.org/about/news.905
|
Monday, 17 Sep 2007
|
16:45 girgen
Update PostgreSQL ports to the latest patch releases.
PR: ports/104075
|
Monday, 23 Apr 2007
|
16:10 girgen
Update PostgreSQL to 7.3.19, 7.4.17, 8.0.13, 8.1.9 and 8.2.4 respectively:
The PostgreSQL Global Development Group has released updated versions
for PostgreSQL 8.2 and all back versions to patch a privilege
escalation exploit in SECURITY DEFINER functions. All users of this
feature are urged to update to the latest minor version and follow
instructions on securing these functions as soon as possible. This
minor release also contains other fixes, so all users should plan to
deploy it.
Once you have updated, additional steps are required to secure your
database against the exploit. Please read the release notes at
http://www.postgresql.org/docs/8.2/static/release.html and the
TechDocs article at http://www.postgresql.org/docs/techdocs.77 on how
to lock down your security definer functions, if you use them.
As always, application of a minor release does not require a dump and
reload of the database.
The frequency of security fixes recently is a result of increased
scrutiny of the PostgreSQL code by government agencies and
security-conscious companies. Rapid turnaround on security patches
is key to keeping PostgreSQL the most secure SQL database. Your work
and vigilance in applying the latest security updates ensures that
there will never be a PostgreSQL "worm".
http://www.postgresql.org/docs/8.2/static/release-8-2-4.html
http://www.postgresql.org/docs/8.1/static/release.html#RELEASE-8-1-9
http://www.postgresql.org/docs/8.0/static/release.html#RELEASE-8-0-13
http://www.postgresql.org/docs/7.4/static/release.html#RELEASE-7-4-17
http://www.postgresql.org/docs/techdocs.77
Security: http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-2138
|
Wednesday, 7 Feb 2007
|
09:51 girgen
Update PostgreSQL 8.x to 8.0.12, 8.1.8 and 8.2.3 respectively:
The recent security release (8.0.11, 8.1.7, 8.2.2) has been withdrawn.
It contained an issue which causes error with custom data types, type
constraints and expression indexes. These upgrades fix the problem.
|
Monday, 5 Feb 2007
|
15:41 girgen
Update PostgreSQL with, amongst other things, two security fixes:
A vulnerability allows suppressing the normal checks that a SQL
function returns the data type it's declared to do. These errors can
easily be exploited to cause a backend crash, and in principle might
be used to read database content that the user should not be able to
access. [CVE-2007-0555]
A vulnerability involving changing the data type of a table column
can easily be exploited to cause a backend crash, and in principle
might be used to read database content that the user should not be
able to access. [CVE-2007-0556]
The release includes a set of other fixes as well. Please see the
release information at
http://www.postgresql.org/docs/8.2/static/release-8-2-2.html
Security: http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-0555
Security: http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-0556
|
Tuesday, 9 Jan 2007
|
16:29 girgen
Update postgresql to 8.2.1, 8.1.6, 8.0.10, 7.4.15 and 7.3.17.
Release notes:
http://www.postgresql.org/docs/7.3/static/release.html#RELEASE-7-3-17
http://www.postgresql.org/docs/7.4/static/release.html#RELEASE-7-4-15
http://www.postgresql.org/docs/8.0/static/release.html#RELEASE-8-0-10
http://www.postgresql.org/docs/8.1/static/release.html#RELEASE-8-1-6
http://www.postgresql.org/docs/8.2/static/release-8-2-1.html
The server-side utilities of postgresql (initdb, initlocation,
ipcclean, pg_controldata, pg_ctl, pg_id and pg_resetxlog) are now
installed by the respective postgresql*-server port (previously they
where installed with the client). If you update the client, you should
also update the server to make sure you are not left without the
server-side tools. Do something like:
portupgrade postgresql-client postgresql-server
|
Wednesday, 6 Dec 2006
|
16:48 girgen
Welcome new release of the world's most advanced open source database:
PostgreSQL 8.2.0
Complete release notes are available at
http://www.postgresql.org/docs/current/static/release-8-2.html
|
Number of commits found: 22 |