17:38 girgen 

Update to latest versions of PostgreSQL

2018-02-08 Security Update Release
==================================

The PostgreSQL Global Development Group has released an update to all supported
versions of our database system, including 10.2, 9.6.7, 9.5.11, 9.4.16, 9.3.21.
This release fixes two security issues. This release also fixes issues with
VACUUM, GIN indexes, and hash indexes that could lead to data corruption, as
well as fixes for using parallel queries and logical replication.

All users using the affected versions of PostgreSQL should update as soon as
possible. Please see the notes on "Updating" below for any post-update steps
that may be required.

Please note that PostgreSQL changed its versioning scheme with the release of
version 10.0, so updating to version 10.2 from 10.0 or 10.1 is considered a
minor update.

Security Issues
---------------

Two security vulnerabilities have been fixed by this release:

* CVE-2018-1052: Fix the processing of partition keys containing multiple
expressions
* CVE-2018-1053: Ensure that all temporary files made with "pg_upgrade" are
non-world-readable

Local fixes to the FreeBSD ports
--------------------------------

Inform users about data checksums [1].
Make sure /usr/bin/su is used regardless of PATH settings [2].
Enable DTRACE by default [3].

PR:		214671 [1], 223157 [2], 215028 [3]
Security:	c602c791-0cf4-11e8-a2ec-6cc21735f730

 

09:27 girgen 

The PostgreSQL Global Development Group has released an update to all
supported versions of our database system, including 9.6.5, 9.5.9,
9.4.14, 9.3.19, and 9.2.23.

This release includes fixes that prevent a crash in pg_restore when
using parallel mode. It also patches over a few other bugs reported
since the last releases in August.

Additionally, in 9.4.14 only, there is a fix to an issue with walsenders
preventing primary-server shutdown unless immediate shutdown mode is used.

Users should plan to update at the next convenient downtime.

Bug Fixes and Improvements

This update also fixes a number of bugs reported in the last few weeks.
Some of these issues affect only version 9.6, but many affect all
supported versions:

* Show foreign tables in information_schema.table_privileges view.
This fix applies to new databases, see the release notes for the
procedure to apply the fix to an existing database.
* Correctly identify columns that are of a range type or domain type
over a composite type or domain type being searched for
* Prevent crash when passing fixed-length pass-by-reference data types
to parallel worker processes
* Change ecpg's parser to allow RETURNING clauses without attached C
variables
* Change ecpg's parser to recognize backslash continuation of C
preprocessor command lines
* Improve selection of compiler flags for PL/Perl on Windows

 

14:00 mat 

Remove ${PORTSDIR}/ from dependencies, categories d, e, f, and g.

With hat:	portmgr
Sponsored by:	Absolight

 

21:25 girgen 

Update PostgreSQL port to latest version.

Two security issues have been fixed in this release which affect users
of specific PostgreSQL features:

CVE-2015-5289: json or jsonb input values constructed from arbitrary
user input can crash the PostgreSQL server and cause a denial of
service.

CVE-2015-5288: The crypt( function included with the optional pgCrypto
extension could be exploited to read a few additional bytes of memory.
No working exploit for this issue has been developed.

This update will also disable SSL renegotiation by default;
previously, it was enabled by default.   SSL renegotiation will be
removed entirely in PostgreSQL versions 9.5 and later.

URL:		http://www.postgresql.org/about/news/1615/
Security:	CVE-2015-5288 CVE-2015-5289

 

08:47 girgen 

Fix broken XML support.

PR:	ports/202649

 

09:33 marino 

databases category: Remove $PTHREAD_LIBS

Note: virtuoso did not pass check-plist from before, so it was fixed.

approved by:	PTHREAD blanket

 

22:54 girgen 

Update PostgreSQL-9.x to latests versions.

This update fixes multiple security issues reported in PostgreSQL over the past
few months. All of these issues require prior authentication, and some require
additional conditions, and as such are not considered generally urgent.
However, users should examine the list of security holes patched below in case
they are particularly vulnerable.

Security:	CVE-2015-0241,CVE-2015-0242,CVE-2015-0243,
		CVE-2015-0244,CVE-2014-8161

 

17:53 crees 

Convert pgsql ports to use USES+=pgsql

Reviewed by:	bapt

 

18:28 zeising 

The FreeBSD x11@ and graphics team proudly presents
a zeising, kwm production, with help from dumbbell, bdrewery:

NEW XORG ON FREEBSD 9-STABLE AND 10-STABLE

This update switches over to use the new xorg stack by default on FreeBSD 9
and 10 stable, on osversions where vt(9) is available.
It is still possible to use the old stack by specifying WITHOUT_NEW_XORG in
/etc/make.conf .
FreeBSD 8-STABLE and released versions of FreeBSD still use
the old version.
A package repository with binary packages for new xorg will
be available soon.

This patch also contains updates of libxcb and related ports, pixman, as well
as some drivers and utilities.

Bump portrevisions for xf86-* ports, as well as virtualbox-ose-additions due
to xserver version change.

Apart from these updates, the way shared libraries are handled has been
changed for all xorg ports, as well as libxml2 and freetype, which means
ltverhack is gone and as a consequence shared libraries have been bumped.
The plan is that this change will make library bumps less likely in the
future.
All affected ports have had their portrevisions bumped as a consequence of
this.

Fix some issues where WITH_NEW_XORG weren't detected properly on CURRENT.

Update instructions, hardware support, and more notes can be found on
https://wiki.freebsd.org/Graphics

Thanks to:	all testers, bdrewery and the FreeBSD x11@ team
exp-run by:	bdrewery [1]
PR:		ports/187602 [1]
Approved by:	portmgr (bdrewery), core (jhb)

 

08:15 girgen 

Fix mistake with ossp-uuid: don't use --with-ossp-uuid, since it will need
the ossp library present, and then we never use it.

 

13:43 girgen 

The PostgreSQL Global Development Group has released an update to all supported
version of the database system, including versions 9.3.4, 9.2.8, 9.1.13,
9.0.17, and 8.4.21. This minor release fixes a data corruption issue with
replication and crash recovery in version 9.3, as well as several other minor
issues in all versions.  All users of version 9.3 are urged to update their
installations at the next possible downtime.  Users of older versions should
update at their convenience.

The data corruption issue in PostgreSQL 9.3 affects binary replication
standbys, servers being recovered from point-in-time-recovery backup, and
standalone servers which recover from a system crash. The bug causes
unrecoverable index corruption during recovery due to incorrect replay of row
locking operations.  This can then cause query results to be inconsistent
depending on whether or not an index is used, and eventually lead to primary
key violations and similar issues.  For this reason, users are encouraged to
replace each of their standby databases with a new base backup after applying
the update.

See release notes for more changes.

URL:	http://www.postgresql.org/docs/current/static/release.html
URL:	https://wiki.postgresql.org/wiki/20140320UpdateIssues

A change specific to the FreeBSD port:
Modify the contrib/uuid-ossp to actually work (not crashing the backend) by
using the libc implementation of uuid instead of the ossp port. Schemas and
queries will just work. Based on the work of Andrew Gierth. 9.1+ EXTENSION
support added by girgen@.

URL:	http://pgfoundry.org/projects/uuid-freebsd
PR:	ports/121745, ports/182846

 

17:24 antoine 

Stage support

Reviewed by:	postgresql@
Tested by:	miwi and me

 

17:17 sunpoet 

- Remove DISTV: only used in PKGNAMESUFFIX and complained by portlint
- Convert to new LIB_DEPENDS format for postgresql*-contrib

Submitted by:	sunpoet (myself)
Reviewed by:	crees (pgsql)
Approved by:	jgh (pgsql)

 

00:09 jgh 

- Fix pkg name collision

Reviewed by: pgsql@
With hat: pgsql@

 

20:03 jgh 

- revert r329725

Reported by: qat@
With hat: pgsql@

 

19:04 jgh 

- Fix pkg name collision

Reviewed by: crees@
With hat: pgsql@

 

16:13 bapt 

Add NO_STAGE all over the place in preparation for the staging support (cat:
databases)

 

11:32 bapt 

Convert USE_BISON to USES= bison

It brings bison as a build dependency in case it is set the following way:
USES= bison or USES= bison:build

it brings bison as a run dependency in case it is set the following way:
USES= bison:run

it brings bison both as a run and build dependency in case it the set the
following way:
USES= bison:both

While here trim some headers
Convert some USE_GNOME= gnomehack to USES= pathfix

 

17:28 jgh 

- adopt optionsNG

with hat pgsql@
Feature safe: yes

 

22:14 girgen 

The PostgreSQL Global Development Group announces the beta release of
PostgreSQL 9.2, which will include major increases in performance and
both vertical and horizontal scalability.  The PostgreSQL Project asks
all users to download and begin testing 9.2 Beta as soon as possible.

Major performance and scalability advances in this version include:

* Index-only scans, allowing users to avoid inefficient scans of base
  tables
* Enhanced read-only workload scaling to 64 cores and over 300,000
  queries per second
* Improvements to data write speeds, including group commit
* Reductions in CPU power consumption
* Cascading replication, supporting geographically distributed standby
  databases

PostgreSQL 9.2 will also offer many new features for application
developers, including:

* JSON data support, enabling hybrid document-relational databases
* Range types, supporting new types of calendar, time-series and
* analytic applications
* Multiple improvements to ALTER and other statements, easing runtime
* database updates

For a full listing of the features in version 9.2 Beta, please see the
release notes:
http://www.postgresql.org/docs/devel/static/release-9-2.html

We depend on our community to help test the next version in order to
guarantee that it is high-performance and bug-free.  Please install
PostgreSQL 9.2 Beta and try it with your workloads and applications as
soon as you can, and give feedback to the PostgreSQL developers.  More
information on how to test and report issues:
http://www.postgresql.org/developer/beta