notbugAs an Amazon Associate I earn from qualifying purchases.
Want a good read? Try FreeBSD Mastery: Jails (IT Mastery Book 15)
Want a good monitor light? See my photosAll times are UTC
Ukraine
This referral link gives you 10% off a Fastmail.com account and gives me a discount on my Fastmail account.
New feature planned: get notified when the package is available. Now is the time to contribute ideas/suggestions.
non port: databases/postgresql92-server/distinfo

Number of commits found: 38

Thursday, 9 Nov 2017
16:11 girgen search for other commits by this committer
Update to latest versions of PostgreSQL

The PostgreSQL Global Development Group has released an update to all supported
versions of our database system, including 10.1, 9.6.6, 9.5.10, 9.4.15, 9.3.20,
and 9.2.24. This release fixes three security issues. This release also fixes
issues found in BRIN indexing, logical replication and other bugs reported over
the past three months.

Please note that the CVE-2017-12172 does not affect the FreeBSD port unless you
decided to not use the contrib/startscript instead of the startscript
distributed with the FreeBSD port/package.

Security:	CVE-2017-12172, CVE-2017-15099, CVE-2017-15098
URL:		https://www.postgresql.org/about/news/1801/
Original commitRevision:453847 
Tuesday, 5 Sep 2017
09:27 girgen search for other commits by this committer
The PostgreSQL Global Development Group has released an update to all
supported versions of our database system, including 9.6.5, 9.5.9,
9.4.14, 9.3.19, and 9.2.23.

This release includes fixes that prevent a crash in pg_restore when
using parallel mode. It also patches over a few other bugs reported
since the last releases in August.

Additionally, in 9.4.14 only, there is a fix to an issue with walsenders
preventing primary-server shutdown unless immediate shutdown mode is used.

Users should plan to update at the next convenient downtime.

Bug Fixes and Improvements

This update also fixes a number of bugs reported in the last few weeks.
Some of these issues affect only version 9.6, but many affect all
supported versions:

* Show foreign tables in information_schema.table_privileges view.
This fix applies to new databases, see the release notes for the
procedure to apply the fix to an existing database.
* Correctly identify columns that are of a range type or domain type
over a composite type or domain type being searched for
* Prevent crash when passing fixed-length pass-by-reference data types
to parallel worker processes
* Change ecpg's parser to allow RETURNING clauses without attached C
variables
* Change ecpg's parser to recognize backslash continuation of C
preprocessor command lines
* Improve selection of compiler flags for PL/Perl on Windows
Original commitRevision:449278 
Thursday, 10 Aug 2017
14:21 girgen search for other commits by this committer
The PostgreSQL Global Development Group has released an update to all
supported versions of our database system, including 9.6.4, 9.5.8,
9.4.13, 9.3.18, and 9.2.22. This release fixes three security issues.
It also patches over 50 other bugs reported over the last three months.
Users who are affected by the below security issues should update as
soon as possible.  Users affected by CVE-2017-7547
(https://access.redhat.com/security/cve/CVE-2017-7547) will need to
perform additional steps after upgrading to resolve the issue.  Other
users should plan to update at the next convenient downtime.

URL:		https://www.postgresql.org/about/news/1772/
Security:	CVE-2017-7546, CVE-2017-7547, CVE-2017-7548
Original commitRevision:447678 
Thursday, 11 May 2017
14:28 girgen search for other commits by this committer
PostgreSQL security updates

The PostgreSQL Global Development Group has released an update to all supported
versions of our database system, including 9.6.3, 9.5.7, 9.4.12, 9.3.17, and
9.2.21. This release fixes three security issues. It also patches a number of
other bugs reported over the last three months. Users who use the PGREQUIRESSL
environment variable to control connections, and users who rely on security
isolation between database users when using foreign servers, should update as
soon as possible. Other users should plan to update at the next convenient
downtime.

URL:    https://www.postgresql.org/about/news/1746/
Security:       CVE-2017-7484, CVE-2017-7485, CVE-2017-7486

Also modify rcorder and let sshd start before PostgreSQL, so any problems
during startup can be reviewed promplty from an ssh login.
Original commitRevision:440628 
Thursday, 9 Feb 2017
15:22 girgen search for other commits by this committer
PostgreSQL 9.6.2, 9.5.6, 9.4.11, 9.3.16 and 9.2.20 released!

The PostgreSQL Global Development Group has released an update to all supported
versions of our database system, including 9.6.2, 9.5.6, 9.4.11, 9.3.16, and
9.2.20. This release includes fixes that prevent data corruption issues in
index builds and in certain write-ahead-log replay situations, which are
detailed below. It also patches over 75 other bugs reported over the last three
months.

Users should plan to apply this update at the next scheduled downtime.

Build corruption with CREATE INDEX CONCURRENTLY

There existed a race condition if CREATE INDEX CONCURRENTLY was called on a
column that had not been indexed before, then rows that were updated by
transactions running at the same time as the CREATE INDEX CONCURRENTLY command
could have been indexed incorrectly.

If you suspect this may have happened, the most reliable solution is to rebuild
affected indexes after installing this update.

This issue is present in the 9.2, 9.3, 9.4, 9.5, and 9.6 series of PostgreSQL.

URL	https://www.postgresql.org/about/news/1733/
Original commitRevision:433738 
Thursday, 27 Oct 2016
14:04 girgen search for other commits by this committer
Update PostgreSQL to latest versions.

The PostgreSQL Global Development Group has released an update to all supported
versions of our database system, including 9.6.1, 9.5.5, 9.4.10, 9.3.15,
9.2.19, and 9.1.24.

This release fixes two issues that can cause data corruption, which are
described in more detail below. It also patches a number of other bugs reported
over the last three months. The project urges users to apply this update at the
next possible downtime.
Original commitRevision:424765 
Thursday, 11 Aug 2016
18:35 ohauer search for other commits by this committer
- fix sizes
- s/USE_OPENSSL/USES=ssl/

assumed OK for commit ~1h after first notify about wrong sizes in distinfo
Original commitRevision:420093 
16:39 girgen search for other commits by this committer
The PostgreSQL Global Development Group has released an update to all supported
versions of our database system, including 9.5.4, 9.4.9, 9.3.14, 9.2.18 and
9.1.23. This release fixes two security issues. It also patches a number of
other bugs reported over the last three months. Users who rely on security
isolation between database users should update as soon as possible. Other users
should plan to update at the next convenient downtime.

If you are using the ICU patch, please consult UPDATING.

Improve periodic cleanup, suggested by claudius (at) ambtec.de. [1]

PR:		210941 [1]
Security:	CVE-2016-5423, CVE-2016-5424
Original commitRevision:420089 
Thursday, 12 May 2016
22:36 girgen search for other commits by this committer
Update PostgreSQL to latest versions

URL:	http://www.postgresql.org/docs/9.5/static/release-9-5-3.html
Original commitRevision:415091 
Thursday, 31 Mar 2016
14:49 girgen search for other commits by this committer
Update PostgreSQL 9.1, 9.2 9.3 and 9.4 to latest versions.

URL:	http://www.postgresql.org/about/news/1656/
Original commitRevision:412227 
Saturday, 13 Feb 2016
22:42 girgen search for other commits by this committer
Update PostgreSQL to latest versions.

Security Fixes for Regular Expressions, PL/Java

This release closes security hole CVE-2016-0773, an issue with regular
expression (regex) parsing. Prior code allowed users to pass in expressions
which included out-of-range Unicode characters, triggering a backend crash.
This issue is critical for PostgreSQL systems with untrusted users or which
generate regexes based on user input.

The update also fixes CVE-2016-0766, a privilege escalation issue for users of
PL/Java.  Certain custom configuration settings (GUCS) for PL/Java will now be
modifiable only by the database superuser

URL:		http://www.postgresql.org/about/news/1644/
Security:	CVE-2016-0773, CVE-2016-0766
Original commitRevision:408835 
Thursday, 8 Oct 2015
21:25 girgen search for other commits by this committer
Update PostgreSQL port to latest version.

Two security issues have been fixed in this release which affect users
of specific PostgreSQL features:

CVE-2015-5289: json or jsonb input values constructed from arbitrary
user input can crash the PostgreSQL server and cause a denial of
service.

CVE-2015-5288: The crypt( function included with the optional pgCrypto
extension could be exploited to read a few additional bytes of memory.
No working exploit for this issue has been developed.

This update will also disable SSL renegotiation by default;
previously, it was enabled by default.   SSL renegotiation will be
removed entirely in PostgreSQL versions 9.5 and later.

URL:		http://www.postgresql.org/about/news/1615/
Security:	CVE-2015-5288 CVE-2015-5289
Original commitRevision:398895 
Friday, 12 Jun 2015
13:00 girgen search for other commits by this committer
Update PostgreSQL to latest versions.

Earlier update releases attempted to fix an issue in PostgreSQL 9.3 and 9.4
with "multixact wraparound", but failed to account for issues doing multixact
cleanup during crash recovery. This could cause servers to be unable to restart
after a crash. As such, all users of 9.3 and 9.4 should apply this update as
soon as possible.

URL:	http://www.postgresql.org/about/news/1592/
Original commitRevision:389267 
Friday, 5 Jun 2015
14:57 girgen search for other commits by this committer
Update PostgreSQL to latest versions.
The update is mostly to fix the file persmission problem described
in the URL below. You might want to wait until next upgrade, depending
on you local configuration.
URL:	http://www.postgresql.org/about/news/1590/
Original commitRevision:388585 
Friday, 22 May 2015
23:22 girgen search for other commits by this committer
Update PostgreSQL ports to latest version.

Data Corruption Fix

For users of PostgreSQL versions 9.3 or 9.4, this release fixes a problem where
the database will fail to protect against "multixact wraparound", resulting in
data corruption or loss. Users with a high transaction rate (1 million or more
per hour) in a database with many foreign keys are especially vulnerable. We
strongly urge all users of 9.4 and 9.3 to update their installations in the
next few days.

Users of versions 9.2 and earlier are not affected by this issue.

Security:	fc38cd83-00b3-11e5-8ebd-0026551a22dc
Original commitRevision:387089 
Saturday, 18 Apr 2015
12:37 girgen search for other commits by this committer
Chase upcoming update of ICU to 5.5.
Original commitRevision:384223 
Thursday, 5 Feb 2015
22:54 girgen search for other commits by this committer
Update PostgreSQL-9.x to latests versions.

This update fixes multiple security issues reported in PostgreSQL over the past
few months. All of these issues require prior authentication, and some require
additional conditions, and as such are not considered generally urgent.
However, users should examine the list of security holes patched below in case
they are particularly vulnerable.

Security:	CVE-2015-0241,CVE-2015-0242,CVE-2015-0243,
		CVE-2015-0244,CVE-2014-8161
Original commitRevision:378500 
Wednesday, 30 Jul 2014
18:21 crees search for other commits by this committer
Update to the latest snapshots.

uuid-ossp patch has been outdated with irrelevant changes (for us),
so massage back in.

In head of postgresql, this is handled properly, so eventually the ossp patches
can go.
Original commitRevision:363500 
Monday, 9 Jun 2014
21:57 girgen search for other commits by this committer
Prepare for upcoming ICU-5.3 upgrade.
Original commitRevision:357209 
Thursday, 20 Mar 2014
23:09 girgen search for other commits by this committer
Fixed bad filesize in distinfo
Original commitRevision:348722 
13:43 girgen search for other commits by this committer
The PostgreSQL Global Development Group has released an update to all supported
version of the database system, including versions 9.3.4, 9.2.8, 9.1.13,
9.0.17, and 8.4.21. This minor release fixes a data corruption issue with
replication and crash recovery in version 9.3, as well as several other minor
issues in all versions.  All users of version 9.3 are urged to update their
installations at the next possible downtime.  Users of older versions should
update at their convenience.

The data corruption issue in PostgreSQL 9.3 affects binary replication
standbys, servers being recovered from point-in-time-recovery backup, and
standalone servers which recover from a system crash. The bug causes
unrecoverable index corruption during recovery due to incorrect replay of row
locking operations.  This can then cause query results to be inconsistent
depending on whether or not an index is used, and eventually lead to primary
key violations and similar issues.  For this reason, users are encouraged to
replace each of their standby databases with a new base backup after applying
the update.

See release notes for more changes.

URL:	http://www.postgresql.org/docs/current/static/release.html
URL:	https://wiki.postgresql.org/wiki/20140320UpdateIssues

A change specific to the FreeBSD port:
Modify the contrib/uuid-ossp to actually work (not crashing the backend) by
using the libc implementation of uuid instead of the ossp port. Schemas and
queries will just work. Based on the work of Andrew Gierth. 9.1+ EXTENSION
support added by girgen@.

URL:	http://pgfoundry.org/projects/uuid-freebsd
PR:	ports/121745, ports/182846
Original commitRevision:348685 
Thursday, 20 Feb 2014
18:11 girgen search for other commits by this committer
The PostgreSQL Global Development Group has released an important
update to all supported versions of the PostgreSQL database system,
which includes minor versions 9.3.3, 9.2.7, 9.1.12, 9.0.16, and
8.4.20. This update contains fixes for multiple security issues, as
well as several fixes for replication and data integrity issues.  All
users are urged to update their installations at the earliest
opportunity, especially those using binary replication or running a
high-security application.

This update fixes CVE-2014-0060, in which PostgreSQL did not properly
enforce the WITH ADMIN OPTION permission for ROLE management. Before
this fix, any member of a ROLE was able to grant others access to the
same ROLE regardless if the member was given the WITH ADMIN OPTION
permission. It also fixes multiple privilege escalation issues,
including: CVE-2014-0061, CVE-2014-0062, CVE-2014-0063, CVE-2014-0064,
CVE-2014-0065, and CVE-2014-0066. More information on these issues can
be found on our security page and the security issue detail wiki page.

Security:	CVE-2014-0060,CVE-2014-0061,CVE-2014-0062,CVE-2014-0063
		CVE-2014-0064,CVE-2014-0065,CVE-2014-0066,CVE-2014-0067
Original commitRevision:345257 
Monday, 10 Feb 2014
23:46 girgen search for other commits by this committer
fix messed up file sizes for icu patch
Original commitRevision:343714 
16:32 girgen search for other commits by this committer
Chase ICU update
Original commitRevision:343650 
Thursday, 5 Dec 2013
15:59 girgen search for other commits by this committer
The PostgreSQL Global Development Group has released a critical update
to all supported versions of the PostgreSQL database system, which
includes minor versions 9.3.2, 9.2.6, 9.1.11, 9.0.15, and 8.4.19. This
update fixes three serious data-loss bugs affecting replication and
database maintenance.  All users are urged to update their
installations at the earliest opportunity.

URL:	http://www.postgresql.org/about/news/1492/
Original commitRevision:335673 
Saturday, 12 Oct 2013
00:59 girgen search for other commits by this committer
Update PostgreSQL ports to 9.3.1, 9.2.5, 9.1.10, 9.0.14, and 8.4.18.

Note that users of the hstore extension on version 9.3 must take an additional,
post upgrade step of running "ALTER EXTENSION hstore UPDATE" in each database
after update.

URL:	http://www.postgresql.org/about/news/1487/
Original commitRevision:330109 
Thursday, 4 Apr 2013
13:21 girgen search for other commits by this committer
The PostgreSQL Global Development Group has released a security
update to all current versions of the PostgreSQL database system,
including versions 9.2.4, 9.1.9, 9.0.13, and 8.4.17. This update
fixes a high-exposure security vulnerability in versions 9.0 and
later. All users of the affected versions are strongly urged to apply
the update *immediately*.

A major security issue (for versions 9.x only) fixed in this release,
[CVE-2013-1899](http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-1899),
makes it possible for a connection request containing a database name
that begins with "-" to be crafted that can damage or destroy files
within a server's data directory. Anyone with access to the port the
PostgreSQL server listens on can initiate this request. This issue was
discovered by Mitsumasa Kondo and Kyotaro Horiguchi of NTT Open Source
Software Center.

Two lesser security fixes are also included in this release:
[CVE-2013-1900](http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-1900),
wherein random numbers generated by contrib/pgcrypto functions may be
easy for another database user to guess (all versions), and
[CVE-2013-1901](http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-1901),
which mistakenly allows an unprivileged user to run commands that
could interfere with in-progress backups (for versions 9.x only).

Approved by:	portmgr (bdrewery)
URL:		http://www.postgresql.org/about/news/1456/
Security:	http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-1899
Security:	http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-1900
Security:	http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-1901
Original commitRevision:315718 
Friday, 8 Feb 2013
07:54 girgen search for other commits by this committer
PostgreSQL 9.2.3, 9.1.8, 9.0.12, 8.4.16 and 8.3.23 released

This update fixes a denial-of-service (DOS) vulnerability.  All users
should update their PostgreSQL installations as soon as possible.

The security issue fixed in this release, CVE-2013-0255, allows a
previously authenticated user to crash the server by calling
an internal function with invalid arguments.

URL:	http://www.postgresql.org/about/news/1446/
Security: http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-0255
Original commitRevision:311915 
Wednesday, 19 Dec 2012
16:03 girgen search for other commits by this committer
Chase ICU update to 50
Original commitRevision:309246 
Thursday, 6 Dec 2012
16:40 girgen search for other commits by this committer
The PostgreSQL Global Development Group has released an update to all current
versions of the PostgreSQL database system, including versions 9.2.2, 9.1.7,
9.0.11, 8.4.15, and 8.3.22.  Users of PostgreSQL Hot Standby replication
should update at the next possible opportunity. Other users should update
at their next maintenance window.

Deprecate the 8.3.22 version, since it is near end-of-life.

URL:	http://www.postgresql.org/about/news/1430/

Feature safe: yes
Original commitRevision:308391 
Monday, 24 Sep 2012
22:03 girgen search for other commits by this committer
Update PostgreSQL to 9.2.1, 9.1.6, 9.0.10, 8.4.14 and 8.3.21 respectively.

This update fixes critical issues for major versions 9.1 and 9.2, and
users running those versions should apply it as soon as possible.

URL:	http://www.postgresql.org/about/news/1416/
Original commitRevision:304804 
Monday, 10 Sep 2012
11:53 girgen search for other commits by this committer
PostgreSQL 9.2 is released.

"PostgreSQL 9.2 will ship with native JSON support,
covering indexes, replication and performance improvements,
and many more features."

Read more at the web site.

URL:	http://www.postgresql.org/about/news/1415/
Original commitRevision:304028 
Monday, 27 Aug 2012
14:16 girgen search for other commits by this committer
update postgresql 9.2 to RC1
Original commit
Friday, 17 Aug 2012
20:32 girgen search for other commits by this committer
update postgresql 9.2 to beta4
Original commit
Tuesday, 7 Aug 2012
07:49 girgen search for other commits by this committer
The PostgreSQL Global Development Group announces the third beta release
of PostgreSQL 9.2, which will include major increases in performance and
both vertical and horizontal scalability.  The PostgreSQL Project asks
all users to download and begin testing 9.2 beta 3 as soon as possible.

9.2 Beta 3 includes multiple bug fixes to earlier beta releases, fixing
almost all known outstanding issues as of last week.  Among them are:

* Multiple documentation updates
* Apply translation updates
* Fixes to transaction log and replication issues with SP-GiST
* Replace libpq's "row processor" API with a "single row" mode.
* Fix WITH issue with set operations (UNION/INTERSECT/EXCEPT)
* Improvements to Autovacuum cancellation
* Multiple pg_upgrade fixes
* Fix memory leak in pg_recievexlog
* Restore statistics collection broken by change to bgwriter
* Prevent corner-case coredump with rfree().

If you previously tested 9.2 beta and found one or more bugs, please
test 9.2 beta 3 and make sure that those issues are resolved.  If you
haven't yet tested 9.2, please help out the PostgreSQL project by
testing it now!

More information on how to test and report issues:
http://www.postgresql.org/developer/beta
Original commit
Monday, 4 Jun 2012
11:00 girgen search for other commits by this committer
The PostgreSQL Global Development Group today released security updates for all
active branches of the PostgreSQL database system, including versions 9.1.4,
9.0.8, 8.4.12 and 8.3.19.

Users of the crypt(text, text) function with DES encryption in the optional
pg_crypto module should upgrade their installations immediately, if you have'nt
already updated since the port was patched on May 30.  All other database
administrators are urged to upgrade your version of PostgreSQL at the
next scheduled downtime.

URL:      http://www.postgresql.org/about/news/1398/

Security: http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-2143
          Fix incorrect password transformation in contrib/pgcrypto’s DES
crypt() function
          This was fixed in a patch release for the FreeBSD ports on May 30.

Security: http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-2655
          Ignore SECURITY DEFINER and SET attributes for a procedural
language’s call handle
Original commit
Tuesday, 15 May 2012
22:14 girgen search for other commits by this committer
The PostgreSQL Global Development Group announces the beta release of
PostgreSQL 9.2, which will include major increases in performance and
both vertical and horizontal scalability.  The PostgreSQL Project asks
all users to download and begin testing 9.2 Beta as soon as possible.

Major performance and scalability advances in this version include:

* Index-only scans, allowing users to avoid inefficient scans of base
  tables
* Enhanced read-only workload scaling to 64 cores and over 300,000
  queries per second
* Improvements to data write speeds, including group commit
* Reductions in CPU power consumption
* Cascading replication, supporting geographically distributed standby
  databases

PostgreSQL 9.2 will also offer many new features for application
developers, including:

* JSON data support, enabling hybrid document-relational databases
* Range types, supporting new types of calendar, time-series and
* analytic applications
* Multiple improvements to ALTER and other statements, easing runtime
* database updates

For a full listing of the features in version 9.2 Beta, please see the
release notes:
http://www.postgresql.org/docs/devel/static/release-9-2.html

We depend on our community to help test the next version in order to
guarantee that it is high-performance and bug-free.  Please install
PostgreSQL 9.2 Beta and try it with your workloads and applications as
soon as you can, and give feedback to the PostgreSQL developers.  More
information on how to test and report issues:
http://www.postgresql.org/developer/beta
Original commit
Friday, 11 May 2012
08:35 girgen search for other commits by this committer
Repository copy from postgresql91-server
Original commit

Number of commits found: 38