| non port: databases/postgresql90-server/distinfo |
|
SVNWeb
|
Number of commits found: 28 |
|
Fri, 1 Jul 2016
|
[ 17:45 matthew  ]   (Only the first 10 of 47 ports in this commit are shown above.  )
Delete the now expired postgresql90 ports. Upstream support for
postgresql-9.0.x was declared EoL in September 2015.
Summary:
Remove 9.0 from the list of postgresql versions available in ports
Disconnect postgresql90 ports from the build
Remove postgresql90-pgtcl port
Remove postgresql90-client port
Move the master postgreslXY-plperl makefile to postgresql95-plperl/Makefile.
Adjust include lines in other postgresqlXY-plperl ports (Only the first 15 lines of the commit message are shown above )
|
|
Thu, 8 Oct 2015
|
[ 21:25 girgen ] (Only the first 10 of 27 ports in this commit are shown above. )
Update PostgreSQL port to latest version.
Two security issues have been fixed in this release which affect users
of specific PostgreSQL features:
CVE-2015-5289: json or jsonb input values constructed from arbitrary
user input can crash the PostgreSQL server and cause a denial of
service.
CVE-2015-5288: The crypt( function included with the optional pgCrypto
extension could be exploited to read a few additional bytes of memory.
No working exploit for this issue has been developed.
This update will also disable SSL renegotiation by default;
previously, it was enabled by default. SSL renegotiation will be
removed entirely in PostgreSQL versions 9.5 and later.
URL: http://www.postgresql.org/about/news/1615/
Security: CVE-2015-5288 CVE-2015-5289
|
|
Fri, 12 Jun 2015
|
[ 13:00 girgen ]
Update PostgreSQL to latest versions.
Earlier update releases attempted to fix an issue in PostgreSQL 9.3 and 9.4
with "multixact wraparound", but failed to account for issues doing multixact
cleanup during crash recovery. This could cause servers to be unable to restart
after a crash. As such, all users of 9.3 and 9.4 should apply this update as
soon as possible.
URL: http://www.postgresql.org/about/news/1592/
|
|
Fri, 5 Jun 2015
|
[ 14:57 girgen ]
Update PostgreSQL to latest versions.
The update is mostly to fix the file persmission problem described
in the URL below. You might want to wait until next upgrade, depending
on you local configuration.
URL: http://www.postgresql.org/about/news/1590/
|
|
Fri, 22 May 2015
|
[ 23:22 girgen ] (Only the first 10 of 19 ports in this commit are shown above. )
Update PostgreSQL ports to latest version.
Data Corruption Fix
For users of PostgreSQL versions 9.3 or 9.4, this release fixes a problem where
the database will fail to protect against "multixact wraparound", resulting in
data corruption or loss. Users with a high transaction rate (1 million or more
per hour) in a database with many foreign keys are especially vulnerable. We
strongly urge all users of 9.4 and 9.3 to update their installations in the
next few days.
Users of versions 9.2 and earlier are not affected by this issue.
Security: fc38cd83-00b3-11e5-8ebd-0026551a22dc
|
|
Sat, 18 Apr 2015
|
[ 12:37 girgen ]
Chase upcoming update of ICU to 5.5.
|
|
Thu, 5 Feb 2015
|
[ 22:54 girgen ] (Only the first 10 of 46 ports in this commit are shown above. )
Update PostgreSQL-9.x to latests versions.
This update fixes multiple security issues reported in PostgreSQL over the past
few months. All of these issues require prior authentication, and some require
additional conditions, and as such are not considered generally urgent.
However, users should examine the list of security holes patched below in case
they are particularly vulnerable.
Security: CVE-2015-0241,CVE-2015-0242,CVE-2015-0243,
CVE-2015-0244,CVE-2014-8161
|
|
Wed, 30 Jul 2014
|
[ 18:21 crees ] (Only the first 10 of 20 ports in this commit are shown above. )
Update to the latest snapshots.
uuid-ossp patch has been outdated with irrelevant changes (for us),
so massage back in.
In head of postgresql, this is handled properly, so eventually the ossp patches
can go.
|
|
Mon, 9 Jun 2014
|
[ 21:57 girgen ]
Prepare for upcoming ICU-5.3 upgrade.
|
|
Thu, 20 Mar 2014
|
[ 13:43 girgen ] (Only the first 10 of 25 ports in this commit are shown above. )
The PostgreSQL Global Development Group has released an update to all supported
version of the database system, including versions 9.3.4, 9.2.8, 9.1.13,
9.0.17, and 8.4.21. This minor release fixes a data corruption issue with
replication and crash recovery in version 9.3, as well as several other minor
issues in all versions. All users of version 9.3 are urged to update their
installations at the next possible downtime. Users of older versions should
update at their convenience.
The data corruption issue in PostgreSQL 9.3 affects binary replication
standbys, servers being recovered from point-in-time-recovery backup, and
standalone servers which recover from a system crash. The bug causes
unrecoverable index corruption during recovery due to incorrect replay of row
locking operations. This can then cause query results to be inconsistent
depending on whether or not an index is used, and eventually lead to primary
key violations and similar issues. For this reason, users are encouraged to (Only the first 15 lines of the commit message are shown above )
|
|
Thu, 20 Feb 2014
|
[ 18:11 girgen ] (Only the first 10 of 16 ports in this commit are shown above. )
The PostgreSQL Global Development Group has released an important
update to all supported versions of the PostgreSQL database system,
which includes minor versions 9.3.3, 9.2.7, 9.1.12, 9.0.16, and
8.4.20. This update contains fixes for multiple security issues, as
well as several fixes for replication and data integrity issues. All
users are urged to update their installations at the earliest
opportunity, especially those using binary replication or running a
high-security application.
This update fixes CVE-2014-0060, in which PostgreSQL did not properly
enforce the WITH ADMIN OPTION permission for ROLE management. Before
this fix, any member of a ROLE was able to grant others access to the
same ROLE regardless if the member was given the WITH ADMIN OPTION
permission. It also fixes multiple privilege escalation issues,
including: CVE-2014-0061, CVE-2014-0062, CVE-2014-0063, CVE-2014-0064,
CVE-2014-0065, and CVE-2014-0066. More information on these issues can
be found on our security page and the security issue detail wiki page.
Security: CVE-2014-0060,CVE-2014-0061,CVE-2014-0062,CVE-2014-0063
CVE-2014-0064,CVE-2014-0065,CVE-2014-0066,CVE-2014-0067
|
|
Mon, 10 Feb 2014
|
[ 16:32 girgen ] (Only the first 10 of 11 ports in this commit are shown above. )
Chase ICU update
|
|
Thu, 5 Dec 2013
|
[ 15:59 girgen ] (Only the first 10 of 11 ports in this commit are shown above. )
The PostgreSQL Global Development Group has released a critical update
to all supported versions of the PostgreSQL database system, which
includes minor versions 9.3.2, 9.2.6, 9.1.11, 9.0.15, and 8.4.19. This
update fixes three serious data-loss bugs affecting replication and
database maintenance. All users are urged to update their
installations at the earliest opportunity.
URL: http://www.postgresql.org/about/news/1492/
|
|
Sat, 12 Oct 2013
|
[ 00:59 girgen ] (Only the first 10 of 12 ports in this commit are shown above. )
Update PostgreSQL ports to 9.3.1, 9.2.5, 9.1.10, 9.0.14, and 8.4.18.
Note that users of the hstore extension on version 9.3 must take an additional,
post upgrade step of running "ALTER EXTENSION hstore UPDATE" in each database
after update.
URL: http://www.postgresql.org/about/news/1487/
|
|
Thu, 4 Apr 2013
|
[ 13:21 girgen ] (Only the first 10 of 16 ports in this commit are shown above. )
The PostgreSQL Global Development Group has released a security
update to all current versions of the PostgreSQL database system,
including versions 9.2.4, 9.1.9, 9.0.13, and 8.4.17. This update
fixes a high-exposure security vulnerability in versions 9.0 and
later. All users of the affected versions are strongly urged to apply
the update *immediately*.
A major security issue (for versions 9.x only) fixed in this release,
[CVE-2013-1899](http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-1899),
makes it possible for a connection request containing a database name
that begins with "-" to be crafted that can damage or destroy files
within a server's data directory. Anyone with access to the port the
PostgreSQL server listens on can initiate this request. This issue was
discovered by Mitsumasa Kondo and Kyotaro Horiguchi of NTT Open Source
Software Center. (Only the first 15 lines of the commit message are shown above )
|
|
Fri, 8 Feb 2013
|
[ 07:54 girgen ] (Only the first 10 of 19 ports in this commit are shown above. )
PostgreSQL 9.2.3, 9.1.8, 9.0.12, 8.4.16 and 8.3.23 released
This update fixes a denial-of-service (DOS) vulnerability. All users
should update their PostgreSQL installations as soon as possible.
The security issue fixed in this release, CVE-2013-0255, allows a
previously authenticated user to crash the server by calling
an internal function with invalid arguments.
URL: http://www.postgresql.org/about/news/1446/
Security: http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-0255
|
|
Thu, 6 Dec 2012
|
[ 16:40 girgen ] (Only the first 10 of 12 ports in this commit are shown above. )
The PostgreSQL Global Development Group has released an update to all current
versions of the PostgreSQL database system, including versions 9.2.2, 9.1.7,
9.0.11, 8.4.15, and 8.3.22. Users of PostgreSQL Hot Standby replication
should update at the next possible opportunity. Other users should update
at their next maintenance window.
Deprecate the 8.3.22 version, since it is near end-of-life.
URL: http://www.postgresql.org/about/news/1430/
Feature safe: yes
|
|
Mon, 24 Sep 2012
|
[ 22:03 girgen ]
Update PostgreSQL to 9.2.1, 9.1.6, 9.0.10, 8.4.14 and 8.3.21 respectively.
This update fixes critical issues for major versions 9.1 and 9.2, and
users running those versions should apply it as soon as possible.
URL: http://www.postgresql.org/about/news/1416/
|
|
Fri, 17 Aug 2012
|
[ 19:39 jgh ] (Only the first 10 of 11 ports in this commit are shown above. )
The PostgreSQL Global Development Group today released security updates for all
active branches
of the PostgreSQL database system, including versions 9.1.5, 9.0.9, 8.4.13 and
8.3.20. This
update patches security holes associated with libxml2 and libxslt, similar to
those affecting
other open source projects. All users are urged to update their installations at
the first
available opportunity.
This security release fixes a vulnerability in the built-in XML functionality,
and a vulnerability
in the XSLT functionality supplied by the optional XML2 extension. Both
vulnerabilities allow
reading of arbitrary files by any authenticated database user, and the XSLT
vulnerability
allows writing files as well. The fixes cause limited backwards compatibility
issues.
These issues correspond to the following two vulnerabilities:
CVE-2012-3488: PostgreSQL insecure use of libxslt
CVE-2012-3489: PostgreSQL insecure use of libxml2
This release also contains several fixes to version 9.1, and a smaller number of
fixes to older versions, including: (Only the first 15 lines of the commit message are shown above )
|
|
Mon, 4 Jun 2012
|
[ 11:00 girgen ] (Only the first 10 of 21 ports in this commit are shown above. )
The PostgreSQL Global Development Group today released security updates for all
active branches of the PostgreSQL database system, including versions 9.1.4,
9.0.8, 8.4.12 and 8.3.19.
Users of the crypt(text, text) function with DES encryption in the optional
pg_crypto module should upgrade their installations immediately, if you have'nt
already updated since the port was patched on May 30. All other database
administrators are urged to upgrade your version of PostgreSQL at the
next scheduled downtime.
URL: http://www.postgresql.org/about/news/1398/
Security: http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-2143
Fix incorrect password transformation in contrib/pgcryptoâs DES
crypt() function
This was fixed in a patch release for the FreeBSD ports on May 30.
Security: http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-2655
Ignore SECURITY DEFINER and SET attributes for a procedural
languageâs call handle
|
|
Mon, 27 Feb 2012
|
[ 16:24 girgen ] (Only the first 10 of 15 ports in this commit are shown above. )
The PostgreSQL Global Development Group today released security updates for all
active branches of the PostgreSQL object-relational database system, including
versions 9.1.3, 9.0.7, 8.4.11 and 8.3.18.
Users of pg_dump, users of SSL certificates for validation or users of triggers
using SECURITY DEFINER should upgrade their installations immediately. All
other database administrators are urged to upgrade your version of PostgreSQL
at the next scheduled downtime. More details on the security fixes here:
URL: http://www.postgresql.org/about/news/1377/
Security: http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-0866
Security: http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-0867
Security: http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-0868
|
|
Mon, 5 Dec 2011
|
[ 16:45 girgen ] (Only the first 10 of 12 ports in this commit are shown above. )
The PostgreSQL Global Development Group today released updates for all
active branches of the PostgreSQL object-relational database system,
including versions 9.1.2, 9.0.6, 8.4.10, 8.3.17 and 8.2.23.
This release contains 52 fixes to version 9.1, and a smaller number of
fixes to older versions, including:
- Fix bugs in information_schema.referential_constraints view**
- Correct collations for citext columns and indexes**
- Prevent possible crash when joining to a scalar function
- Prevent transitory data corruption of GIN indexes after a crash
- Prevent data corruption on TOAST columns when copying data
- Fix failures during hot standby startup
- Correct another "variable not found in subplan target list" bug
- Fix bug with sorting on aggregate expressions in windowing functions (Only the first 15 lines of the commit message are shown above )
|
|
Tue, 18 Oct 2011
|
[ 09:03 girgen ] (Only the first 10 of 43 ports in this commit are shown above. )
The PostgreSQL Global Development Group today released minor version updates
for all active branches of the PostgreSQL object-relational database system,
including versions 9.1.1, 9.0.5, 8.4.9, 8.3.16 and 8.2.22.
All users are strongly urged to update their installations at the next
scheduled downtime.
URL: http://www.postgresql.org/about/news.1355
Cleanup ports. Better handling of the knob PG_USER.
Also add uuid to 9.0 and 9.1 contrib ports.
|
|
Mon, 18 Apr 2011
|
[ 23:34 girgen ] (Only the first 10 of 27 ports in this commit are shown above. )
Update PostgreSQL to 9.0.4, 8.4.8, 8.3.15 and 8.2.21.
This update contains a critical fix to the pg_upgrade utility
which prevents significant downtime issues. Do not use
pg_upgrade without installing this update first.
The issue with pg_upgrade and the fix are detailed on the PostgreSQL
wiki: http://wiki.postgresql.org/wiki/20110408pg_upgrade_fix
Users who have already used pg_upgrade should run the database repair
script given on that page on their databases as soon as possible.
See the release notes for each version at
http://www.postgresql.org/docs/current/static/release.html for a full
list of changes with details.
Allow the username of the postgresql user to configurable for 8.4 and 9.0.
Largely inspired by the work of Jason Helfman [153668, 153136].
Change PGUSER knob to PG_USER not to clash with PGUSER environment.
PR: 153668, 153136, 155493, 155137
|
|
Tue, 1 Feb 2011
|
[ 14:48 girgen ]
Update to versions 9.0.3, 8.4.7, 8.3.14 and 8.2.20.
This update includes a security fix which prevents a buffer overrun in
the contrib module intarray's input function for the query_int type.
This bug is a security risk since the function's return address could
be overwritten by malicious code.
All supported versions of PostgreSQL are impacted. However, the
affected contrib module is optional. Only users who have installed the
intarray module in their database are affected. See the CVE Advisory
at http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-4015
This release includes 63 bugfixes, including:
- Avoid unexpected conversion overflow in planner for distant date values (Only the first 15 lines of the commit message are shown above )
|
|
Fri, 31 Dec 2010
|
[ 09:57 mm ]
- Update to 9.0.2
- Unify ICU handling
PR: ports/153245
Approved by: maintainer (timeout)
|
|
Thu, 7 Oct 2010
|
[ 06:58 girgen ] (Only the first 10 of 28 ports in this commit are shown above. )
Update all PostgreSQL ports to latest versions.
Also, try to break the previous 1:1 relation between FreeBSD system and
PostgreSQL versions installed. Use different PREFIX:es to install
different versions on the same system.
PR: ports/132402, ports/145002, ports/146657
|
|
Mon, 20 Sep 2010
|
[ 13:46 girgen ] (Only the first 10 of 14 ports in this commit are shown above. )
PostgreSQL 9.0 is here! The PostgreSQL Global Development Group
announces the availability of our most eagerly awaited release.
PostgreSQL 9.0 includes built-in, binary replication, and over a dozen
other major features which will appeal to everyone from web developers
to database hackers.
9.0 includes more major features than any release before it, including:
* Hot standby
* Streaming replication
* In-place upgrades
* 64-bit Windows builds
* Easy mass permissions management
* Anonymous blocks and named parameter calls for stored procedures
* New windowing functions and ordered aggregates
(Only the first 15 lines of the commit message are shown above )
|
Number of commits found: 28 |
As an Amazon Associate I earn from qualifying purchases.