non port: databases/postgresql92-client/Makefile |
Number of commits found: 18 |
Thursday, 8 Feb 2018
|
17:38 girgen
Update to latest versions of PostgreSQL
2018-02-08 Security Update Release
==================================
The PostgreSQL Global Development Group has released an update to all supported
versions of our database system, including 10.2, 9.6.7, 9.5.11, 9.4.16, 9.3.21.
This release fixes two security issues. This release also fixes issues with
VACUUM, GIN indexes, and hash indexes that could lead to data corruption, as
well as fixes for using parallel queries and logical replication.
All users using the affected versions of PostgreSQL should update as soon as
possible. Please see the notes on "Updating" below for any post-update steps
that may be required.
Please note that PostgreSQL changed its versioning scheme with the release of
version 10.0, so updating to version 10.2 from 10.0 or 10.1 is considered a
minor update.
Security Issues
---------------
Two security vulnerabilities have been fixed by this release:
* CVE-2018-1052: Fix the processing of partition keys containing multiple
expressions
* CVE-2018-1053: Ensure that all temporary files made with "pg_upgrade" are
non-world-readable
Local fixes to the FreeBSD ports
--------------------------------
Inform users about data checksums [1].
Make sure /usr/bin/su is used regardless of PATH settings [2].
Enable DTRACE by default [3].
PR: 214671 [1], 223157 [2], 215028 [3]
Security: c602c791-0cf4-11e8-a2ec-6cc21735f730
|
Tuesday, 5 Sep 2017
|
09:27 girgen
The PostgreSQL Global Development Group has released an update to all
supported versions of our database system, including 9.6.5, 9.5.9,
9.4.14, 9.3.19, and 9.2.23.
This release includes fixes that prevent a crash in pg_restore when
using parallel mode. It also patches over a few other bugs reported
since the last releases in August.
Additionally, in 9.4.14 only, there is a fix to an issue with walsenders
preventing primary-server shutdown unless immediate shutdown mode is used.
Users should plan to update at the next convenient downtime.
Bug Fixes and Improvements
This update also fixes a number of bugs reported in the last few weeks.
Some of these issues affect only version 9.6, but many affect all
supported versions:
* Show foreign tables in information_schema.table_privileges view.
This fix applies to new databases, see the release notes for the
procedure to apply the fix to an existing database.
* Correctly identify columns that are of a range type or domain type
over a composite type or domain type being searched for
* Prevent crash when passing fixed-length pass-by-reference data types
to parallel worker processes
* Change ecpg's parser to allow RETURNING clauses without attached C
variables
* Change ecpg's parser to recognize backslash continuation of C
preprocessor command lines
* Improve selection of compiler flags for PL/Perl on Windows
|
Monday, 17 Jul 2017
|
11:15 amdmi3
- Include pg_regress to all postgresql*-client ports, to allow running
regression tests for postgresql extensions
PR: 217874
Approved by: maintainer timeout (pgsql, 4 months)
|
Wednesday, 28 Jun 2017
|
14:51 sunpoet
Bump PORTREVISION for devel/readline shlib change
PR: 219947
|
Wednesday, 13 Jan 2016
|
10:36 girgen
Some binaries where moved from contrib to base in 9.5, like pgbench and
pg_upgrade. Other where added in 9.5, but the port failed to install them.
Make sure they are properly installed by the correct port (-client or -server)
[1]
Remove unused and hence confusing OSSP_UUID parameters from Makefile [2]
Add options to allow user to be set for the backup script in periodic.
Add this option only to 9.5 for now. It will be updated to other servers at
next regular patch release. [3]
The path to perl in hard coded into pgxs/src/Makefile.global which is
then installed. Hence, we must depend on perl when that file is installed.
Noticed by: Paul Guyot [1]
PR: 192387 [2]
PR: 172110 [3]
PR: 206046 [4]
|
Thursday, 8 Oct 2015
|
21:25 girgen
Update PostgreSQL port to latest version.
Two security issues have been fixed in this release which affect users
of specific PostgreSQL features:
CVE-2015-5289: json or jsonb input values constructed from arbitrary
user input can crash the PostgreSQL server and cause a denial of
service.
CVE-2015-5288: The crypt( function included with the optional pgCrypto
extension could be exploited to read a few additional bytes of memory.
No working exploit for this issue has been developed.
This update will also disable SSL renegotiation by default;
previously, it was enabled by default. SSL renegotiation will be
removed entirely in PostgreSQL versions 9.5 and later.
URL: http://www.postgresql.org/about/news/1615/
Security: CVE-2015-5288 CVE-2015-5289
|
Friday, 22 May 2015
|
23:22 girgen
Update PostgreSQL ports to latest version.
Data Corruption Fix
For users of PostgreSQL versions 9.3 or 9.4, this release fixes a problem where
the database will fail to protect against "multixact wraparound", resulting in
data corruption or loss. Users with a high transaction rate (1 million or more
per hour) in a database with many foreign keys are especially vulnerable. We
strongly urge all users of 9.4 and 9.3 to update their installations in the
next few days.
Users of versions 9.2 and earlier are not affected by this issue.
Security: fc38cd83-00b3-11e5-8ebd-0026551a22dc
|
Saturday, 7 Feb 2015
|
17:05 girgen
Revert the change from readline to libedit, and instead make libedit optional.
PR: ports/197362
|
Thursday, 5 Feb 2015
|
22:54 girgen
Update PostgreSQL-9.x to latests versions.
This update fixes multiple security issues reported in PostgreSQL over the past
few months. All of these issues require prior authentication, and some require
additional conditions, and as such are not considered generally urgent.
However, users should examine the list of security holes patched below in case
they are particularly vulnerable.
Security: CVE-2015-0241,CVE-2015-0242,CVE-2015-0243,
CVE-2015-0244,CVE-2014-8161
|
Monday, 25 Aug 2014
|
17:53 crees
Convert pgsql ports to use USES+=pgsql
Reviewed by: bapt
|
Monday, 30 Jun 2014
|
23:07 bapt
Fixes build with readline from ports
|
Wednesday, 26 Feb 2014
|
17:24 antoine
Stage support
Reviewed by: postgresql@
Tested by: miwi and me
|
Tuesday, 15 Oct 2013
|
17:17 sunpoet
- Remove DISTV: only used in PKGNAMESUFFIX and complained by portlint
- Convert to new LIB_DEPENDS format for postgresql*-contrib
Submitted by: sunpoet (myself)
Reviewed by: crees (pgsql)
Approved by: jgh (pgsql)
|
Thursday, 10 Oct 2013
|
00:09 jgh
- Fix pkg name collision
Reviewed by: pgsql@
With hat: pgsql@
|
Monday, 7 Oct 2013
|
20:03 jgh
- revert r329725
Reported by: qat@
With hat: pgsql@
|
19:04 jgh
- Fix pkg name collision
Reviewed by: crees@
With hat: pgsql@
|
Friday, 20 Sep 2013
|
16:13 bapt
Add NO_STAGE all over the place in preparation for the staging support (cat:
databases)
|
Tuesday, 15 May 2012
|
22:14 girgen
The PostgreSQL Global Development Group announces the beta release of
PostgreSQL 9.2, which will include major increases in performance and
both vertical and horizontal scalability. The PostgreSQL Project asks
all users to download and begin testing 9.2 Beta as soon as possible.
Major performance and scalability advances in this version include:
* Index-only scans, allowing users to avoid inefficient scans of base
tables
* Enhanced read-only workload scaling to 64 cores and over 300,000
queries per second
* Improvements to data write speeds, including group commit
* Reductions in CPU power consumption
* Cascading replication, supporting geographically distributed standby
databases (Only the first 15 lines of the commit message are shown above )
|
Number of commits found: 18 |