| non port: databases/postgresql95-server/pkg-plist-client |
Number of commits found: 9 |
|
Sunday, 13 Jun 2021
|
10:50 Rene Ladan (rene) 
*/*: Remove expired ports:
2021-06-13 databases/postgresql95-client: PostgreSQL-9.5 has reached end-of-life
2021-06-13 databases/postgresql95-contrib: PostgreSQL-9.5 has reached
end-of-life
2021-06-13 databases/postgresql95-docs: PostgreSQL-9.5 has reached end-of-life
2021-06-13 databases/postgresql95-pgtcl: PostgreSQL-9.5 has reached end-of-life
2021-06-13 databases/postgresql95-plperl: PostgreSQL-9.5 has reached end-of-life
2021-06-13 databases/postgresql95-plpython: PostgreSQL-9.5 has reached
end-of-life
2021-06-13 databases/postgresql95-pltcl: PostgreSQL-9.5 has reached end-of-life
2021-06-13 databases/postgresql95-server: PostgreSQL-9.5 has reached end-of-life
databases/pg_reorg: abandonware only for PostgreSQL 9.5
databases/pgespresso: functionality part of PostgreSQL 9.6 and later
    a3da90c |
|
Friday, 13 Nov 2020
|
19:27 girgen
PostgreSQL 13.1, 12.5, 11.10, 10.15, 9.6.20 and 9.5.24 released!
The PostgreSQL Global Development Group has released an update to all supported
versions of our database system, including 13.1, 12.5, 11.10, 10.15, 9.6.20 and
9.5.24. This release closes three security vulnerabilities and fixes over 65
bugs reported over the last three months.
Due to the nature of CVE-2020-25695, we advise you to update as soon as
possible.
Additionally, this is the second-to-last release of PostgreSQL 9.5. If you are
running PostgreSQL 9.5 in a production environment, we suggest that you make
plans to upgrade.
For the full list of changes, please review the release notes.
Security: CVE-2020-25695: Multiple features escape "security restricted
operation" sandbox
Security: CVE-2020-25694: Reconnection can downgrade connection security
settings
Security: CVE-2020-25696: psql's \gset allows overwriting specially
treated variables
  |
|
Friday, 10 Aug 2018
|
09:25 girgen
The PostgreSQL Global Development Group has released an update to all supported
versions of our database system, including 10.5, 9.6.10, 9.5.14, 9.4.19,
9.3.24. This release fixes two security issues as well as bugs reported over
the last three months.
If you have untrusted users accessing your system and you are either running
PostgreSQL 9.5 or a newer version OR have installed the "dblink" or
"postgres_fdw" extensions, you must apply this update as soon as possible. All
other users can upgrade at the next convenient downtime.
Please note that PostgreSQL changed its versioning scheme with the release of
version 10.0, so updating to version 10.5 from any 10.x release is considered a
minor update.
The PostgreSQL Global Development Group also announces that the third beta
release of PostgreSQL 11 is now available for download. This release contains
previews of all features that will be available in the final release of
PostgreSQL 11 (though some details of the release could change before then) as
well as bug fixes that were reported during the second beta.
This release also changes the default option for the server packages to *not*
include XML support per default. If you need this, please check the XML option
knob and build the port.
Releasenotes: https://www.postgresql.org/about/news/1878/
PR: 229523, 198588
Security: 96eab874-9c79-11e8-b34b-6cc21735f730
Security: CVE-2018-10915, CVE-2018-10925
|
|
Thursday, 1 Mar 2018
|
15:10 girgen
2018-03-01 Security Update Release
The PostgreSQL Global Development Group has released an update to all supported
versions of the PostgreSQL database system, including 10.3, 9.6.8, 9.5.12,
9.4.17, and 9.3.22.
The purpose of this release is to address CVE-2018-1058, which describes how a
user can create like-named objects in different schemas that can change the
behavior of other users' queries and cause unexpected or malicious behavior,
also known as a "trojan-horse" attack. Most of this release centers around added
documentation that describes the issue and how to take steps to mitigate the
impact on PostgreSQL databases.
We strongly encourage all of our users to please visit
https://wiki.postgresql.org/wiki/A_Guide_to_CVE-2018-1058:_Protect_Your_Search_Path
for a detailed explanation of CVE-2018-1058 and how to protect your PostgreSQL
installations.
After evaluating the documentation for CVE-2018-1058, a database administrator
may need to take follow up steps on their PostgreSQL installations to ensure
they are protected from exploitation.
Security: CVE-2018-1058
|
|
Monday, 17 Jul 2017
|
11:15 amdmi3
- Include pg_regress to all postgresql*-client ports, to allow running
regression tests for postgresql extensions
PR: 217874
Approved by: maintainer timeout (pgsql, 4 months)
|
|
Thursday, 11 May 2017
|
14:28 girgen
PostgreSQL security updates
The PostgreSQL Global Development Group has released an update to all supported
versions of our database system, including 9.6.3, 9.5.7, 9.4.12, 9.3.17, and
9.2.21. This release fixes three security issues. It also patches a number of
other bugs reported over the last three months. Users who use the PGREQUIRESSL
environment variable to control connections, and users who rely on security
isolation between database users when using foreign servers, should update as
soon as possible. Other users should plan to update at the next convenient
downtime.
URL: https://www.postgresql.org/about/news/1746/
Security: CVE-2017-7484, CVE-2017-7485, CVE-2017-7486
Also modify rcorder and let sshd start before PostgreSQL, so any problems
during startup can be reviewed promplty from an ssh login.
|
|
Saturday, 13 Feb 2016
|
22:42 girgen
Update PostgreSQL to latest versions.
Security Fixes for Regular Expressions, PL/Java
This release closes security hole CVE-2016-0773, an issue with regular
expression (regex) parsing. Prior code allowed users to pass in expressions
which included out-of-range Unicode characters, triggering a backend crash.
This issue is critical for PostgreSQL systems with untrusted users or which
generate regexes based on user input.
The update also fixes CVE-2016-0766, a privilege escalation issue for users of
PL/Java. Certain custom configuration settings (GUCS) for PL/Java will now be
modifiable only by the database superuser
URL: http://www.postgresql.org/about/news/1644/
Security: CVE-2016-0773, CVE-2016-0766
|
|
Wednesday, 13 Jan 2016
|
10:36 girgen
Some binaries where moved from contrib to base in 9.5, like pgbench and
pg_upgrade. Other where added in 9.5, but the port failed to install them.
Make sure they are properly installed by the correct port (-client or -server)
[1]
Remove unused and hence confusing OSSP_UUID parameters from Makefile [2]
Add options to allow user to be set for the backup script in periodic.
Add this option only to 9.5 for now. It will be updated to other servers at
next regular patch release. [3]
The path to perl in hard coded into pgxs/src/Makefile.global which is
then installed. Hence, we must depend on perl when that file is installed.
Noticed by: Paul Guyot [1]
PR: 192387 [2]
PR: 172110 [3]
PR: 206046 [4]
|
|
Thursday, 7 Jan 2016
|
19:58 girgen
The PostgreSQL Global Development Group announces the
release of PostgreSQL 9.5.
This release adds UPSERT capability, Row Level Security,
and multiple Big Data features, which will broaden the
user base for the world's most advanced database.
With these new capabilities, PostgreSQL will be
the best choice for even more applications for startups,
large corporations, and government agencies.
Release Notes:
http://www.postgresql.org/docs/current/static/release-9-5.html
What's New in 9.5:
https://wiki.postgresql.org/wiki/What%27s_new_in_PostgreSQL_9.5
|
Number of commits found: 9 |
As an Amazon Associate I earn from qualifying purchases.