Number of commits found XX: 20

Update to latest versions of PostgreSQL

2018-02-08 Security Update Release
==================================

The PostgreSQL Global Development Group has released an update to all supported
versions of our database system, including 10.2, 9.6.7, 9.5.11, 9.4.16, 9.3.21.
This release fixes two security issues. This release also fixes issues with
VACUUM, GIN indexes, and hash indexes that could lead to data corruption, as
well as fixes for using parallel queries and logical replication.

All users using the affected versions of PostgreSQL should update as soon as
possible. Please see the notes on "Updating" below for any post-update steps
that may be required.

(Only the first 15 lines of the commit message are shown above )

The PostgreSQL Global Development Group has released an update to all
supported versions of our database system, including 9.6.5, 9.5.9,
9.4.14, 9.3.19, and 9.2.23.

This release includes fixes that prevent a crash in pg_restore when
using parallel mode. It also patches over a few other bugs reported
since the last releases in August.

Additionally, in 9.4.14 only, there is a fix to an issue with walsenders
preventing primary-server shutdown unless immediate shutdown mode is used.

Users should plan to update at the next convenient downtime.

Bug Fixes and Improvements

(Only the first 15 lines of the commit message are shown above )

Remove ${PORTSDIR}/ from dependencies, categories d, e, f, and g.

With hat:	portmgr
Sponsored by:	Absolight

Update PostgreSQL port to latest version.

Two security issues have been fixed in this release which affect users
of specific PostgreSQL features:

CVE-2015-5289: json or jsonb input values constructed from arbitrary
user input can crash the PostgreSQL server and cause a denial of
service.

CVE-2015-5288: The crypt( function included with the optional pgCrypto
extension could be exploited to read a few additional bytes of memory.
No working exploit for this issue has been developed.

This update will also disable SSL renegotiation by default;
previously, it was enabled by default.   SSL renegotiation will be
removed entirely in PostgreSQL versions 9.5 and later.

URL:		http://www.postgresql.org/about/news/1615/
Security:	CVE-2015-5288 CVE-2015-5289

Fix broken XML support.

PR:	ports/202649

databases category: Remove $PTHREAD_LIBS

Note: virtuoso did not pass check-plist from before, so it was fixed.

approved by:	PTHREAD blanket

Update PostgreSQL-9.x to latests versions.

This update fixes multiple security issues reported in PostgreSQL over the past
few months. All of these issues require prior authentication, and some require
additional conditions, and as such are not considered generally urgent.
However, users should examine the list of security holes patched below in case
they are particularly vulnerable.

Security:	CVE-2015-0241,CVE-2015-0242,CVE-2015-0243,
		CVE-2015-0244,CVE-2014-8161

Convert pgsql ports to use USES+=pgsql

Reviewed by:	bapt

The FreeBSD x11@ and graphics team proudly presents
a zeising, kwm production, with help from dumbbell, bdrewery:

NEW XORG ON FREEBSD 9-STABLE AND 10-STABLE

This update switches over to use the new xorg stack by default on FreeBSD 9
and 10 stable, on osversions where vt(9) is available.
It is still possible to use the old stack by specifying WITHOUT_NEW_XORG in
/etc/make.conf .
FreeBSD 8-STABLE and released versions of FreeBSD still use
the old version.
A package repository with binary packages for new xorg will
be available soon.

This patch also contains updates of libxcb and related ports, pixman, as well

(Only the first 15 lines of the commit message are shown above )

Fix mistake with ossp-uuid: don't use --with-ossp-uuid, since it will need
the ossp library present, and then we never use it.

The PostgreSQL Global Development Group has released an update to all supported
version of the database system, including versions 9.3.4, 9.2.8, 9.1.13,
9.0.17, and 8.4.21. This minor release fixes a data corruption issue with
replication and crash recovery in version 9.3, as well as several other minor
issues in all versions.  All users of version 9.3 are urged to update their
installations at the next possible downtime.  Users of older versions should
update at their convenience.

The data corruption issue in PostgreSQL 9.3 affects binary replication
standbys, servers being recovered from point-in-time-recovery backup, and
standalone servers which recover from a system crash. The bug causes
unrecoverable index corruption during recovery due to incorrect replay of row
locking operations.  This can then cause query results to be inconsistent
depending on whether or not an index is used, and eventually lead to primary
key violations and similar issues.  For this reason, users are encouraged to

(Only the first 15 lines of the commit message are shown above )

Stage support

Reviewed by:	postgresql@
Tested by:	miwi and me

- Remove DISTV: only used in PKGNAMESUFFIX and complained by portlint
- Convert to new LIB_DEPENDS format for postgresql*-contrib

Submitted by:	sunpoet (myself)
Reviewed by:	crees (pgsql)
Approved by:	jgh (pgsql)

- Fix pkg name collision

Reviewed by: pgsql@
With hat: pgsql@

- revert r329725

Reported by: qat@
With hat: pgsql@

- Fix pkg name collision

Reviewed by: crees@
With hat: pgsql@

Add NO_STAGE all over the place in preparation for the staging support (cat:
databases)

Convert USE_BISON to USES= bison

It brings bison as a build dependency in case it is set the following way:
USES= bison or USES= bison:build

it brings bison as a run dependency in case it is set the following way:
USES= bison:run

it brings bison both as a run and build dependency in case it the set the
following way:
USES= bison:both

While here trim some headers
Convert some USE_GNOME= gnomehack to USES= pathfix

- adopt optionsNG

with hat pgsql@
Feature safe: yes

The PostgreSQL Global Development Group announces the beta release of
PostgreSQL 9.2, which will include major increases in performance and
both vertical and horizontal scalability.  The PostgreSQL Project asks
all users to download and begin testing 9.2 Beta as soon as possible.

Major performance and scalability advances in this version include:

* Index-only scans, allowing users to avoid inefficient scans of base
  tables
* Enhanced read-only workload scaling to 64 cores and over 300,000
  queries per second
* Improvements to data write speeds, including group commit
* Reductions in CPU power consumption
* Cascading replication, supporting geographically distributed standby
  databases

(Only the first 15 lines of the commit message are shown above )

Number of commits found XX: 20

7 vulnerabilities affecting 40 ports have been reported in the past 14 days

^* - modified, not new

All vulnerabilities

Last updated:
2021-01-28 12:52:31