notbugAs an Amazon Associate I earn from qualifying purchases.
Want a good read? Try FreeBSD Mastery: Jails (IT Mastery Book 15)
Want a good monitor light? See my photosAll times are UTC
Ukraine

Bot filter coming soon

To deter bots pegging the database CPU to 100%, a bot testing filter to be added to the website. This should not affect newsfeeds etc. Anubis seems light-weight - it''''''''s already in use within the FreeBSD Project. This notice is just a heads up in case you see something odd. This notice will be updated after Anubis is installed.

non port: databases/postgresql91-server/files/patch-crypt-des.c

Number of commits found: 2

Monday, 4 Jun 2012
11:00 girgen search for other commits by this committer
The PostgreSQL Global Development Group today released security updates for all
active branches of the PostgreSQL database system, including versions 9.1.4,
9.0.8, 8.4.12 and 8.3.19.

Users of the crypt(text, text) function with DES encryption in the optional
pg_crypto module should upgrade their installations immediately, if you have'nt
already updated since the port was patched on May 30.  All other database
administrators are urged to upgrade your version of PostgreSQL at the
next scheduled downtime.

URL:      http://www.postgresql.org/about/news/1398/

Security: http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-2143
          Fix incorrect password transformation in contrib/pgcrypto’s DES
crypt() function
          This was fixed in a patch release for the FreeBSD ports on May 30.

Security: http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-2655
          Ignore SECURITY DEFINER and SET attributes for a procedural
language’s call handle
Original commit
Wednesday, 30 May 2012
22:26 jgh search for other commits by this committer
- Address postgresql*-servers for crypt vulnerability (CVE-2012-2143)

http://www.postgresql.org/about/news/1397/

With hat: pgsql
Original commit

Number of commits found: 2