17:45 matthew 

Delete the now expired postgresql90 ports.  Upstream support for
postgresql-9.0.x was declared EoL in September 2015.

Summary:
Remove 9.0 from the list of postgresql versions available in ports

Disconnect postgresql90 ports from the build

Remove postgresql90-pgtcl port

Remove postgresql90-client port

Move the master postgreslXY-plperl makefile to postgresql95-plperl/Makefile.

Adjust include lines in other postgresqlXY-plperl ports

Delete postgresql90-plperl

Move the master postgreslXY-plpython/{Makefile,pkg-descr} to
postgresl95-plpython/{Makefile,pkg-descr}

Adjust all other postgresqlXY-plpython/Makefile to include the new master

Remove postgresql90-server

Reviewers: jgh, girgen, #portmgr, O5 Ports Framework, bapt, crees

Reviewed By: #portmgr, O5 Ports Framework, bapt, crees

Subscribers: mat

Differential Revision: https://reviews.freebsd.org/D6898

 

21:25 girgen 

Update PostgreSQL port to latest version.

Two security issues have been fixed in this release which affect users
of specific PostgreSQL features:

CVE-2015-5289: json or jsonb input values constructed from arbitrary
user input can crash the PostgreSQL server and cause a denial of
service.

CVE-2015-5288: The crypt( function included with the optional pgCrypto
extension could be exploited to read a few additional bytes of memory.
No working exploit for this issue has been developed.

This update will also disable SSL renegotiation by default;
previously, it was enabled by default.   SSL renegotiation will be
removed entirely in PostgreSQL versions 9.5 and later.

URL:		http://www.postgresql.org/about/news/1615/
Security:	CVE-2015-5288 CVE-2015-5289

 

22:45 bapt 

Simplify a bit the Makefiles

Use OPTIONS_SUB to automatically PLIST_SUB
Use OPTIONS helpers

 

21:46 bapt 

Cleanup plist and avoid useless @exec

 

22:54 girgen 

Update PostgreSQL-9.x to latests versions.

This update fixes multiple security issues reported in PostgreSQL over the past
few months. All of these issues require prior authentication, and some require
additional conditions, and as such are not considered generally urgent.
However, users should examine the list of security holes patched below in case
they are particularly vulnerable.

Security:	CVE-2015-0241,CVE-2015-0242,CVE-2015-0243,
		CVE-2015-0244,CVE-2014-8161

 

18:21 crees 

Update to the latest snapshots.

uuid-ossp patch has been outdated with irrelevant changes (for us),
so massage back in.

In head of postgresql, this is handled properly, so eventually the ossp patches
can go.

 

18:11 girgen 

The PostgreSQL Global Development Group has released an important
update to all supported versions of the PostgreSQL database system,
which includes minor versions 9.3.3, 9.2.7, 9.1.12, 9.0.16, and
8.4.20. This update contains fixes for multiple security issues, as
well as several fixes for replication and data integrity issues.  All
users are urged to update their installations at the earliest
opportunity, especially those using binary replication or running a
high-security application.

This update fixes CVE-2014-0060, in which PostgreSQL did not properly
enforce the WITH ADMIN OPTION permission for ROLE management. Before
this fix, any member of a ROLE was able to grant others access to the
same ROLE regardless if the member was given the WITH ADMIN OPTION
permission. It also fixes multiple privilege escalation issues,
including: CVE-2014-0061, CVE-2014-0062, CVE-2014-0063, CVE-2014-0064,
CVE-2014-0065, and CVE-2014-0066. More information on these issues can
be found on our security page and the security issue detail wiki page.

Security:	CVE-2014-0060,CVE-2014-0061,CVE-2014-0062,CVE-2014-0063
		CVE-2014-0064,CVE-2014-0065,CVE-2014-0066,CVE-2014-0067

 

13:21 girgen 

The PostgreSQL Global Development Group has released a security
update to all current versions of the PostgreSQL database system,
including versions 9.2.4, 9.1.9, 9.0.13, and 8.4.17. This update
fixes a high-exposure security vulnerability in versions 9.0 and
later. All users of the affected versions are strongly urged to apply
the update *immediately*.

A major security issue (for versions 9.x only) fixed in this release,
[CVE-2013-1899](http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-1899),
makes it possible for a connection request containing a database name
that begins with "-" to be crafted that can damage or destroy files
within a server's data directory. Anyone with access to the port the
PostgreSQL server listens on can initiate this request. This issue was
discovered by Mitsumasa Kondo and Kyotaro Horiguchi of NTT Open Source
Software Center.

Two lesser security fixes are also included in this release:
[CVE-2013-1900](http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-1900),
wherein random numbers generated by contrib/pgcrypto functions may be
easy for another database user to guess (all versions), and
[CVE-2013-1901](http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-1901),
which mistakenly allows an unprivileged user to run commands that
could interfere with in-progress backups (for versions 9.x only).

Approved by:	portmgr (bdrewery)
URL:		http://www.postgresql.org/about/news/1456/
Security:	http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-1899
Security:	http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-1900
Security:	http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-1901

 

07:54 girgen 

PostgreSQL 9.2.3, 9.1.8, 9.0.12, 8.4.16 and 8.3.23 released

This update fixes a denial-of-service (DOS) vulnerability.  All users
should update their PostgreSQL installations as soon as possible.

The security issue fixed in this release, CVE-2013-0255, allows a
previously authenticated user to crash the server by calling
an internal function with invalid arguments.

URL:	http://www.postgresql.org/about/news/1446/
Security: http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-0255

 

11:00 girgen 

The PostgreSQL Global Development Group today released security updates for all
active branches of the PostgreSQL database system, including versions 9.1.4,
9.0.8, 8.4.12 and 8.3.19.

Users of the crypt(text, text) function with DES encryption in the optional
pg_crypto module should upgrade their installations immediately, if you have'nt
already updated since the port was patched on May 30.  All other database
administrators are urged to upgrade your version of PostgreSQL at the
next scheduled downtime.

URL:      http://www.postgresql.org/about/news/1398/

Security: http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-2143
          Fix incorrect password transformation in contrib/pgcrypto’s DES
crypt() function
          This was fixed in a patch release for the FreeBSD ports on May 30.

Security: http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-2655
          Ignore SECURITY DEFINER and SET attributes for a procedural
language’s call handle

21:37 girgen 

Fix pkg-plist

06:59 jgh 

- Add profile support for PostgreSQL servers
- re-assign LOCALBASE to PREFIX
- add PG_GROUP to SUB_PLIST for packaging fix
- fix permissions for package installations

PR:     ports/162776
Submitted by:   jgh, Phil Phillips < pphillips at experts-exchange.com >
Reviewed by: rene (mentor)
Approved by: crees (maintainer, mentor)

19:06 jgh 

fix typo %%PG_GROUP%% in pkg-plist-server

Spotted by: decke
Approved by:    crees, rene (mentors,implicit)

21:35 jgh 

Fix plist to create directory with proper ownerships PostgreSQL database
may start.

PR:     ports/164273 (critical)
Submitted by: Alexander Yerenkow <yerenkow at gmail.com>
Approved by:    maintainer-timeout: girgen (1 day), portmgr (linimon)

16:45 girgen 

The PostgreSQL Global Development Group today released updates for all
active branches of the PostgreSQL object-relational database system,
including versions 9.1.2, 9.0.6, 8.4.10, 8.3.17 and 8.2.23.

This release contains 52 fixes to version 9.1, and a smaller number of
fixes to older versions, including:

- Fix bugs in information_schema.referential_constraints view**
- Correct collations for citext columns and indexes**
- Prevent possible crash when joining to a scalar function
- Prevent transitory data corruption of GIN indexes after a crash
- Prevent data corruption on TOAST columns when copying data
- Fix failures during hot standby startup
- Correct another "variable not found in subplan target list" bug
- Fix bug with sorting on aggregate expressions in windowing functions
- Multiple bug fixes for pg_upgrade
- Change Foreign Key creation order to better support
 self-referential keys**
- Multiple bug fixes to CREATE EXTENSION
- Ensure that function return type and data returned from PL/perl agree
- Ensure that PL/perl strings are always UTF-8
- Assorted bug fixes for various Extensions
- Updates to the time zone database, particularly to CST6

Changes marked with ** above require additional, post-update steps in
order to fix all described issues.

URL:    http://www.postgresql.org/docs/current/static/release.html

Also, fix a pthread problem in the FreeBSD port. [1]
PR:     160580 [1]
Feature safe:   yes

21:07 crees 

- Fix packaging issue (missed %%PG_USER%% in pkg-plist-server)
- Remove extra bsd.port.pre.mk include from postgresql82-server

PR:             ports/161816 ports/161824 ports/161821
Submitted by:   Jason Helfman (jhelfman@e-e.com)
Approved by:    portmgr (pav)

09:03 girgen 

The PostgreSQL Global Development Group today released minor version updates
for all active branches of the PostgreSQL object-relational database system,
including versions 9.1.1, 9.0.5, 8.4.9, 8.3.16 and 8.2.22.

All users are strongly urged to update their installations at the next
scheduled downtime.

URL:    http://www.postgresql.org/about/news.1355

Cleanup ports. Better handling of the knob PG_USER.
Also add uuid to 9.0 and 9.1 contrib ports.

14:52 crees 

Revert previous commit -- appears to cause rc problems as I missed some subs

http://www.mail-archive.com/freebsd-ports@freebsd.org/msg35324.html

PR:             ports/157558 ports/157559 ports/157666 ports/157669
Submitted by:   rihad@mail.ru
Approved by:    maintainer (girgen; implicit -- this reverts a commit I did
after maintainer timeout)

10:11 crees 

Use USERS and GROUPS

PR:             ports/157669
Submitted by:   me
Approved by:    maintainer timeout (girgen, 7 weeks)

23:34 girgen 

Update PostgreSQL to 9.0.4, 8.4.8, 8.3.15 and 8.2.21.

This update contains a critical fix to the pg_upgrade utility
which prevents significant downtime issues. Do not use
pg_upgrade without installing this update first.

The issue with pg_upgrade and the fix are detailed on the PostgreSQL
wiki: http://wiki.postgresql.org/wiki/20110408pg_upgrade_fix
Users who have already used pg_upgrade should run the database repair
script given on that page on their databases as soon as possible.

See the release notes for each version at
http://www.postgresql.org/docs/current/static/release.html for a full
list of changes with details.

Allow the username of the postgresql user to configurable for 8.4 and 9.0.
Largely inspired by the work of Jason Helfman [153668, 153136].

Change PGUSER knob to PG_USER not to clash with PGUSER environment.

PR: 153668, 153136, 155493, 155137

09:57 mm 

- Update to 9.0.2
- Unify ICU handling

PR:             ports/153245
Approved by:    maintainer (timeout)

19:21 sunpoet 

- Use dirrmtry on share/postgresql/tsearch_data for postgresql{83|84|90}-server
- Bump PORTREVISION

PR:             ports/151882
Submitted by:   sunpoet (myself)
Approved by:    girgen (maintainer timeout, 20 days)

06:58 girgen 

Update all PostgreSQL ports to latest versions.

Also, try to break the previous 1:1 relation between FreeBSD system and
PostgreSQL versions installed. Use different PREFIX:es to install
different versions on the same system.

PR: ports/132402, ports/145002, ports/146657

13:46 girgen 

PostgreSQL 9.0 is here!  The PostgreSQL Global Development Group
announces the availability of our most eagerly awaited release.
PostgreSQL 9.0 includes built-in, binary replication, and over a dozen
other major features which will appeal to everyone from web developers
to database hackers.

9.0 includes more major features than any release before it, including:
* Hot standby
* Streaming replication
* In-place upgrades
* 64-bit Windows builds
* Easy mass permissions management
* Anonymous blocks and named parameter calls for stored procedures
* New windowing functions and ordered aggregates

(Only the first 15 lines of the commit message are shown above )