notbugAs an Amazon Associate I earn from qualifying purchases.
Want a good read? Try FreeBSD Mastery: Jails (IT Mastery Book 15)
Want a good monitor light? See my photosAll times are UTC
Ukraine
This referral link gives you 10% off a Fastmail.com account and gives me a discount on my Fastmail account.
New feature planned: get notified when the package is available. Now is the time to contribute ideas/suggestions.
non port: databases/postgresql93-server/pkg-plist-server

Number of commits found: 18

Thursday, 8 Feb 2018
17:38 girgen search for other commits by this committer
Update to latest versions of PostgreSQL

2018-02-08 Security Update Release
==================================

The PostgreSQL Global Development Group has released an update to all supported
versions of our database system, including 10.2, 9.6.7, 9.5.11, 9.4.16, 9.3.21.
This release fixes two security issues. This release also fixes issues with
VACUUM, GIN indexes, and hash indexes that could lead to data corruption, as
well as fixes for using parallel queries and logical replication.

All users using the affected versions of PostgreSQL should update as soon as
possible. Please see the notes on "Updating" below for any post-update steps
that may be required.

Please note that PostgreSQL changed its versioning scheme with the release of
version 10.0, so updating to version 10.2 from 10.0 or 10.1 is considered a
minor update.

Security Issues
---------------

Two security vulnerabilities have been fixed by this release:

* CVE-2018-1052: Fix the processing of partition keys containing multiple
expressions
* CVE-2018-1053: Ensure that all temporary files made with "pg_upgrade" are
non-world-readable

Local fixes to the FreeBSD ports
--------------------------------

Inform users about data checksums [1].
Make sure /usr/bin/su is used regardless of PATH settings [2].
Enable DTRACE by default [3].

PR:		214671 [1], 223157 [2], 215028 [3]
Security:	c602c791-0cf4-11e8-a2ec-6cc21735f730
Original commitRevision:461251 
Thursday, 9 Nov 2017
16:11 girgen search for other commits by this committer
Update to latest versions of PostgreSQL

The PostgreSQL Global Development Group has released an update to all supported
versions of our database system, including 10.1, 9.6.6, 9.5.10, 9.4.15, 9.3.20,
and 9.2.24. This release fixes three security issues. This release also fixes
issues found in BRIN indexing, logical replication and other bugs reported over
the past three months.

Please note that the CVE-2017-12172 does not affect the FreeBSD port unless you
decided to not use the contrib/startscript instead of the startscript
distributed with the FreeBSD port/package.

Security:	CVE-2017-12172, CVE-2017-15099, CVE-2017-15098
URL:		https://www.postgresql.org/about/news/1801/
Original commitRevision:453847 
Thursday, 11 May 2017
14:28 girgen search for other commits by this committer
PostgreSQL security updates

The PostgreSQL Global Development Group has released an update to all supported
versions of our database system, including 9.6.3, 9.5.7, 9.4.12, 9.3.17, and
9.2.21. This release fixes three security issues. It also patches a number of
other bugs reported over the last three months. Users who use the PGREQUIRESSL
environment variable to control connections, and users who rely on security
isolation between database users when using foreign servers, should update as
soon as possible. Other users should plan to update at the next convenient
downtime.

URL:    https://www.postgresql.org/about/news/1746/
Security:       CVE-2017-7484, CVE-2017-7485, CVE-2017-7486

Also modify rcorder and let sshd start before PostgreSQL, so any problems
during startup can be reviewed promplty from an ssh login.
Original commitRevision:440628 
Thursday, 9 Feb 2017
15:22 girgen search for other commits by this committer
PostgreSQL 9.6.2, 9.5.6, 9.4.11, 9.3.16 and 9.2.20 released!

The PostgreSQL Global Development Group has released an update to all supported
versions of our database system, including 9.6.2, 9.5.6, 9.4.11, 9.3.16, and
9.2.20. This release includes fixes that prevent data corruption issues in
index builds and in certain write-ahead-log replay situations, which are
detailed below. It also patches over 75 other bugs reported over the last three
months.

Users should plan to apply this update at the next scheduled downtime.

Build corruption with CREATE INDEX CONCURRENTLY

There existed a race condition if CREATE INDEX CONCURRENTLY was called on a
column that had not been indexed before, then rows that were updated by
transactions running at the same time as the CREATE INDEX CONCURRENTLY command
could have been indexed incorrectly.

If you suspect this may have happened, the most reliable solution is to rebuild
affected indexes after installing this update.

This issue is present in the 9.2, 9.3, 9.4, 9.5, and 9.6 series of PostgreSQL.

URL	https://www.postgresql.org/about/news/1733/
Original commitRevision:433738 
Thursday, 27 Oct 2016
14:04 girgen search for other commits by this committer
Update PostgreSQL to latest versions.

The PostgreSQL Global Development Group has released an update to all supported
versions of our database system, including 9.6.1, 9.5.5, 9.4.10, 9.3.15,
9.2.19, and 9.1.24.

This release fixes two issues that can cause data corruption, which are
described in more detail below. It also patches a number of other bugs reported
over the last three months. The project urges users to apply this update at the
next possible downtime.
Original commitRevision:424765 
Thursday, 12 May 2016
22:36 girgen search for other commits by this committer
Update PostgreSQL to latest versions

URL:	http://www.postgresql.org/docs/9.5/static/release-9-5-3.html
Original commitRevision:415091 
Thursday, 31 Mar 2016
14:49 girgen search for other commits by this committer
Update PostgreSQL 9.1, 9.2 9.3 and 9.4 to latest versions.

URL:	http://www.postgresql.org/about/news/1656/
Original commitRevision:412227 
Thursday, 8 Oct 2015
21:25 girgen search for other commits by this committer
Update PostgreSQL port to latest version.

Two security issues have been fixed in this release which affect users
of specific PostgreSQL features:

CVE-2015-5289: json or jsonb input values constructed from arbitrary
user input can crash the PostgreSQL server and cause a denial of
service.

CVE-2015-5288: The crypt( function included with the optional pgCrypto
extension could be exploited to read a few additional bytes of memory.
No working exploit for this issue has been developed.

This update will also disable SSL renegotiation by default;
previously, it was enabled by default.   SSL renegotiation will be
removed entirely in PostgreSQL versions 9.5 and later.

URL:		http://www.postgresql.org/about/news/1615/
Security:	CVE-2015-5288 CVE-2015-5289
Original commitRevision:398895 
Wednesday, 22 Jul 2015
22:45 bapt search for other commits by this committer
Simplify a bit the Makefiles

Use OPTIONS_SUB to automatically PLIST_SUB
Use OPTIONS helpers
Original commitRevision:392699 
21:46 bapt search for other commits by this committer
Cleanup plist and avoid useless @exec
Original commitRevision:392696 
Thursday, 5 Feb 2015
22:54 girgen search for other commits by this committer
Update PostgreSQL-9.x to latests versions.

This update fixes multiple security issues reported in PostgreSQL over the past
few months. All of these issues require prior authentication, and some require
additional conditions, and as such are not considered generally urgent.
However, users should examine the list of security holes patched below in case
they are particularly vulnerable.

Security:	CVE-2015-0241,CVE-2015-0242,CVE-2015-0243,
		CVE-2015-0244,CVE-2014-8161
Original commitRevision:378500 
Wednesday, 30 Jul 2014
18:21 crees search for other commits by this committer
Update to the latest snapshots.

uuid-ossp patch has been outdated with irrelevant changes (for us),
so massage back in.

In head of postgresql, this is handled properly, so eventually the ossp patches
can go.
Original commitRevision:363500 
Thursday, 20 Feb 2014
18:11 girgen search for other commits by this committer
The PostgreSQL Global Development Group has released an important
update to all supported versions of the PostgreSQL database system,
which includes minor versions 9.3.3, 9.2.7, 9.1.12, 9.0.16, and
8.4.20. This update contains fixes for multiple security issues, as
well as several fixes for replication and data integrity issues.  All
users are urged to update their installations at the earliest
opportunity, especially those using binary replication or running a
high-security application.

This update fixes CVE-2014-0060, in which PostgreSQL did not properly
enforce the WITH ADMIN OPTION permission for ROLE management. Before
this fix, any member of a ROLE was able to grant others access to the
same ROLE regardless if the member was given the WITH ADMIN OPTION
permission. It also fixes multiple privilege escalation issues,
including: CVE-2014-0061, CVE-2014-0062, CVE-2014-0063, CVE-2014-0064,
CVE-2014-0065, and CVE-2014-0066. More information on these issues can
be found on our security page and the security issue detail wiki page.

Security:	CVE-2014-0060,CVE-2014-0061,CVE-2014-0062,CVE-2014-0063
		CVE-2014-0064,CVE-2014-0065,CVE-2014-0066,CVE-2014-0067
Original commitRevision:345257 
Saturday, 12 Oct 2013
00:59 girgen search for other commits by this committer
Update PostgreSQL ports to 9.3.1, 9.2.5, 9.1.10, 9.0.14, and 8.4.18.

Note that users of the hstore extension on version 9.3 must take an additional,
post upgrade step of running "ALTER EXTENSION hstore UPDATE" in each database
after update.

URL:	http://www.postgresql.org/about/news/1487/
Original commitRevision:330109 
Wednesday, 18 Sep 2013
08:56 girgen search for other commits by this committer
Install libpgcommon.a, required by extensions.

PR:	ports/182190
Original commitRevision:327537 
Monday, 9 Sep 2013
15:45 girgen search for other commits by this committer
Update to postgreSQL 9.3.0

Major enhancements in PostgreSQL 9.3 include:
- Add materialized views
- Make simple views auto-updatable
- Add many features for the JSON data type, including operators and functions to
extract elements from JSON values
- Implement SQL-standard LATERAL option for FROM-clause subqueries and function
calls
- Allow foreign data wrappers to support writes (inserts/updates/deletes) on
foreign tables
- Add a Postgres foreign data wrapper to allow access to other Postgres servers
- Add support for event triggers
- Add optional ability to checksum data pages and report corruption
- Prevent non-key-field row updates from blocking foreign key checks
- Greatly reduce System V shared memory requirements

URL:	http://www.postgresql.org/docs/9.3/static/release-9-3.html
Original commitRevision:326817 
Wednesday, 15 May 2013
23:21 girgen search for other commits by this committer
Add missing pb_basebackup
Original commitRevision:318267 
Sunday, 12 May 2013
00:00 girgen search for other commits by this committer
Add postgresql 9.3 beta1
Original commitRevision:317925 

Number of commits found: 18