| non port: databases/postgresql94-server/pkg-plist-client |
|
SVNWeb
|
Number of commits found: 12 |
|
Fri, 10 Aug 2018
|
[ 09:25 girgen  ]   (Only the first 10 of 20 ports in this commit are shown above.  )
The PostgreSQL Global Development Group has released an update to all supported
versions of our database system, including 10.5, 9.6.10, 9.5.14, 9.4.19,
9.3.24. This release fixes two security issues as well as bugs reported over
the last three months.
If you have untrusted users accessing your system and you are either running
PostgreSQL 9.5 or a newer version OR have installed the "dblink" or
"postgres_fdw" extensions, you must apply this update as soon as possible. All
other users can upgrade at the next convenient downtime.
Please note that PostgreSQL changed its versioning scheme with the release of
version 10.0, so updating to version 10.5 from any 10.x release is considered a
minor update.
The PostgreSQL Global Development Group also announces that the third beta (Only the first 15 lines of the commit message are shown above )
|
|
Thu, 1 Mar 2018
|
[ 15:10 girgen ] (Only the first 10 of 16 ports in this commit are shown above. )
2018-03-01 Security Update Release
The PostgreSQL Global Development Group has released an update to all supported
versions of the PostgreSQL database system, including 10.3, 9.6.8, 9.5.12,
9.4.17, and 9.3.22.
The purpose of this release is to address CVE-2018-1058, which describes how a
user can create like-named objects in different schemas that can change the
behavior of other users' queries and cause unexpected or malicious behavior,
also known as a "trojan-horse" attack. Most of this release centers around added
documentation that describes the issue and how to take steps to mitigate the
impact on PostgreSQL databases.
We strongly encourage all of our users to please visit
https://wiki.postgresql.org/wiki/A_Guide_to_CVE-2018-1058:_Protect_Your_Search_Path
for a detailed explanation of CVE-2018-1058 and how to protect your PostgreSQL
installations.
After evaluating the documentation for CVE-2018-1058, a database administrator
may need to take follow up steps on their PostgreSQL installations to ensure
they are protected from exploitation.
Security: CVE-2018-1058
|
|
Mon, 17 Jul 2017
|
[ 11:15 amdmi3 ]
- Include pg_regress to all postgresql*-client ports, to allow running
regression tests for postgresql extensions
PR: 217874
Approved by: maintainer timeout (pgsql, 4 months)
|
|
Thu, 11 May 2017
|
[ 14:28 girgen ] (Only the first 10 of 23 ports in this commit are shown above. )
PostgreSQL security updates
The PostgreSQL Global Development Group has released an update to all supported
versions of our database system, including 9.6.3, 9.5.7, 9.4.12, 9.3.17, and
9.2.21. This release fixes three security issues. It also patches a number of
other bugs reported over the last three months. Users who use the PGREQUIRESSL
environment variable to control connections, and users who rely on security
isolation between database users when using foreign servers, should update as
soon as possible. Other users should plan to update at the next convenient
downtime.
URL: https://www.postgresql.org/about/news/1746/
Security: CVE-2017-7484, CVE-2017-7485, CVE-2017-7486
Also modify rcorder and let sshd start before PostgreSQL, so any problems
during startup can be reviewed promplty from an ssh login.
|
|
Sat, 13 Feb 2016
|
[ 22:42 girgen ] (Only the first 10 of 22 ports in this commit are shown above. )
Update PostgreSQL to latest versions.
Security Fixes for Regular Expressions, PL/Java
This release closes security hole CVE-2016-0773, an issue with regular
expression (regex) parsing. Prior code allowed users to pass in expressions
which included out-of-range Unicode characters, triggering a backend crash.
This issue is critical for PostgreSQL systems with untrusted users or which
generate regexes based on user input.
The update also fixes CVE-2016-0766, a privilege escalation issue for users of
PL/Java. Certain custom configuration settings (GUCS) for PL/Java will now be
modifiable only by the database superuser
URL: http://www.postgresql.org/about/news/1644/
Security: CVE-2016-0773, CVE-2016-0766
|
|
Wed, 22 Jul 2015
|
[ 22:45 bapt ] (Only the first 10 of 12 ports in this commit are shown above. )
Simplify a bit the Makefiles
Use OPTIONS_SUB to automatically PLIST_SUB
Use OPTIONS helpers
|
[ 21:46 bapt ] (Only the first 10 of 35 ports in this commit are shown above. )
Cleanup plist and avoid useless @exec
|
|
Thu, 5 Feb 2015
|
[ 22:54 girgen ] (Only the first 10 of 46 ports in this commit are shown above. )
Update PostgreSQL-9.x to latests versions.
This update fixes multiple security issues reported in PostgreSQL over the past
few months. All of these issues require prior authentication, and some require
additional conditions, and as such are not considered generally urgent.
However, users should examine the list of security holes patched below in case
they are particularly vulnerable.
Security: CVE-2015-0241,CVE-2015-0242,CVE-2015-0243,
CVE-2015-0244,CVE-2014-8161
|
|
Thu, 18 Dec 2014
|
[ 15:42 girgen ]
Release PostgreSQL 9.4
Major enhancements in PostgreSQL 9.4 include:
Add jsonb, a more capable and efficient data type for storing JSON data
Add new SQL command ALTER SYSTEM for changing postgresql.conf configuration
file entries
Reduce lock strength for some ALTER TABLE commands
Allow materialized views to be refreshed without blocking concurrent reads
Add support for logical decoding of WAL data, to allow database changes to be
streamed out in a customizable format
Allow background worker processes to be dynamically registered, started and
terminated The above items are explained in more detail in the sections below.
URL: http://www.postgresql.org/docs/9.4/static/release-9-4.html
|
|
Thu, 9 Oct 2014
|
[ 15:20 girgen ] (Only the first 10 of 11 ports in this commit are shown above. )
Update to PostgreSQL 9.4 beta3
|
|
Tue, 20 May 2014
|
[ 21:58 girgen ]
fix broken plist
|
|
Sun, 18 May 2014
|
[ 14:44 girgen ] (Only the first 10 of 11 ports in this commit are shown above. )
The PostgreSQL Global Development Group announced that the first beta
release of PostgreSQL 9.4, the latest version of the world's leading
open source database, is available today. This beta contains previews
of all of the features which will be available in version 9.4, and is
ready for testing by the worldwide PostgreSQL community. Please
download, test, and report what you find.
Major Features
--------------
The new major features available for testing in this beta include:
* JSONB: 9.4 includes the new JSONB "binary JSON" type. This new
storage format for document data is higher-performance, and comes with
indexing, functions and operators for manipulating JSON data.
* Replication: The new Data Change Streaming API allows decoding and
transformation of the replication stream. This lays the foundation
for new replication tools that support high-speed and more flexible
replication and scale-out solutions.
* Materialized Views with "Refresh Concurrently", which permit
fast-response background summary reports for complex data.
* ALTER SYSTEM SET, which enables modifications to postgresql.conf
from the SQL command line and from remote clients, easing
administration tasks.
|
Number of commits found: 12 |
As an Amazon Associate I earn from qualifying purchases.