Log message:
Pullup ticket #3182 - requested by adam
databases/postgresql82: security update
databases/postgresql82-adminpack: security update
databases/postgresql82-client: security update
databases/postgresql82-plperl: security update
databases/postgresql82-plpython: security update
databases/postgresql82-pltcl: security update
databases/postgresql82-server: security update
databases/postgresql82-tsearch2: security update
Revisions pulled up:
- databases/postgresql82-client/Makefile 1.15
- databases/postgresql82-client/PLIST 1.20
- databases/postgresql82-client/buildlink3.mk 1.7
- databases/postgresql82-server/PLIST 1.13
- databases/postgresql82/Makefile.common 1.21
- databases/postgresql82/distinfo 1.20
- databases/postgresql82/patches/patch-ad 1.4
---
Module Name: pkgsrc
Committed By: adam
Date: Thu May 20 12:36:15 UTC 2010
Modified Files:
pkgsrc/databases/postgresql82: Makefile.common distinfo
pkgsrc/databases/postgresql82-client: Makefile PLIST buildlink3.mk
pkgsrc/databases/postgresql82-server: PLIST
Added Files:
pkgsrc/databases/postgresql82/patches: patch-ad
Log message:
Changes 8.2.17:
* Enforce restrictions in plperl using an opmask applied to the whole
interpreter, instead of using "Safe.pm"
* Prevent PL/Tcl from executing untrustworthy code from pltcl_modules
* Fix possible crash if a cache reset message is received during
rebuild of a relcache entry
* Do not allow an unprivileged user to reset superuser-only parameter
settings
* Avoid possible crash during backend shutdown if shutdown occurs
when a CONTEXT addition would be made to log entries
* Update pl/perl's "ppport.h" for modern Perl versions
* Fix assorted memory leaks in pl/python
* Prevent infinite recursion in psql when expanding a variable that
refers to itself
* Fix psql's \copy to not add spaces around a dot within \copy
(select ...)
* Ensure that "contrib/pgstattuple" functions respond to cancel
interrupts promptly
* Make server startup deal properly with the case that shmget()
returns EINVAL for an existing shared memory segment
* Avoid possible crashes in syslogger process on Windows
* Deal more robustly with incomplete time zone information in the
Windows registry
* Update the set of known Windows time zone names
* Update time zone data files to tzdata release 2010j for DST law
changes in Argentina, Australian Antarctic, Bangladesh, Mexico,
Morocco, Pakistan, Palestine, Russia, Syria, Tunisia; also
historical corrections for Taiwan.
Also, add PKST (Pakistan Summer Time) to the default set of
timezone abbreviations.
|
Log message:
Pullup ticket #3113 - requested by spz:
databases/postgresql82: security update
databases/postgresql82-adminpack: security update
databases/postgresql82-client: security update
databases/postgresql82-plperl: security update
databases/postgresql82-plpython: security update
databases/postgresql82-pltcl: security update
databases/postgresql82-server: security update
databases/postgresql82-tsearch2: security update
databases/postgresql83: security update
databases/postgresql83-adminpack: security update
databases/postgresql83-client: security update
databases/postgresql83-plperl: security update
databases/postgresql83-plpython: security update
databases/postgresql83-pltcl: security update
databases/postgresql83-server: security update
databases/postgresql84: security update
databases/postgresql84-adminpack: security update
databases/postgresql84-client: security update
databases/postgresql84-plperl: security update
databases/postgresql84-plpython: security update
databases/postgresql84-pltcl: security update
databases/postgresql84-server: security update
databases/postgresql82: security update
databases/postgresql83: security update
databases/postgresql84: security update
Revisions pulled up:
- databases/postgresql82-adminpack/Makefile 1.8
- databases/postgresql82-client/Makefile 1.13
- databases/postgresql82-client/PLIST 1.18
- databases/postgresql82-plperl/Makefile 1.10
- databases/postgresql82-plpython/Makefile 1.10
- databases/postgresql82-pltcl/Makefile 1.7
- databases/postgresql82-server/Makefile 1.11
- databases/postgresql82-server/PLIST 1.12
- databases/postgresql82-tsearch2/Makefile 1.8
- databases/postgresql82/Makefile.common 1.19-1.20
- databases/postgresql82/distinfo 1.19
- databases/postgresql82/patches/patch-ad delete
- databases/postgresql82/patches/patch-ae delete
- databases/postgresql83-adminpack/Makefile 1.4
- databases/postgresql83-client/Makefile 1.13-1.14
- databases/postgresql83-client/PLIST 1.12
- databases/postgresql83-plperl/Makefile 1.6
- databases/postgresql83-plpython/Makefile 1.7
- databases/postgresql83-pltcl/Makefile 1.4
- databases/postgresql83-server/Makefile 1.11
- databases/postgresql83-server/PLIST 1.10
- databases/postgresql83/Makefile.common 1.10-1.11
- databases/postgresql83/distinfo 1.11
- databases/postgresql83/patches/patch-ad delete
- databases/postgresql83/patches/patch-ae delete
- databases/postgresql84-adminpack/Makefile 1.3
- databases/postgresql84-client/Makefile 1.6-1.7
- databases/postgresql84-client/PLIST 1.5
- databases/postgresql84-plperl/Makefile 1.3
- databases/postgresql84-plpython/Makefile 1.4
- databases/postgresql84-pltcl/Makefile 1.3
- databases/postgresql84-server/Makefile 1.7
- databases/postgresql84-server/PLIST 1.4
- databases/postgresql84/Makefile.common 1.4-1.5
- databases/postgresql84/distinfo 1.4
- databases/postgresql84/patches/patch-ad delete
- databases/postgresql84/patches/patch-ae delete
- databases/postgresql84/patches/patch-ai 1.2
---
Module Name: pkgsrc
Committed By: adam
Date: Mon Apr 12 09:58:39 UTC 2010
Modified Files:
pkgsrc/databases/postgresql84: Makefile.common distinfo
pkgsrc/databases/postgresql84-adminpack: Makefile
pkgsrc/databases/postgresql84-client: Makefile
pkgsrc/databases/postgresql84-plperl: Makefile
pkgsrc/databases/postgresql84-plpython: Makefile
pkgsrc/databases/postgresql84-pltcl: Makefile
pkgsrc/databases/postgresql84-server: Makefile PLIST
pkgsrc/databases/postgresql84/patches: patch-ai
Removed Files:
pkgsrc/databases/postgresql84/patches: patch-ad patch-ae
Log message:
Changes 8.4.3:
* Add new configuration parameter ssl_renegotiation_limit to control
how often we do session key renegotiation for an SSL connection
* Fix possible deadlock during backend startup
* Fix possible crashes due to not handling errors during relcache
reload cleanly
* Fix possible crash due to use of dangling pointer to a cached plan
* Fix possible crash due to overenthusiastic invalidation of cached
plan for "ROLLBACK"
* Fix possible crashes when trying to recover from a failure in
subtransaction start
* Fix server memory leak associated with use of savepoints and a
client encoding different from server's encoding
* Fix incorrect WAL data emitted during end-of-recovery cleanup of a
GIST index page split
* Fix bug in WAL redo cleanup method for GIN indexes
* Fix incorrect comparison of scan key in GIN index search
* Make substring() for bit types treat any negative length as meaning
"all the rest of the string"
The previous coding treated only -1 that way, and would produce an
invalid result value for other negative values, possibly leading to
a crash (CVE-2010-0442).
* Fix integer-to-bit-string conversions to handle the first
fractional byte correctly when the output bit width is wider than
the given integer by something other than a multiple of 8 bits
* Fix some cases of pathologically slow regular expression matching
* Fix bug occurring when trying to inline a SQL function that returns
a set of a composite type that contains dropped columns
* Fix bug with trying to update a field of an element of a
composite-type array column
* Avoid failure when "EXPLAIN" has to print a FieldStore or
assignment ArrayRef expression
These cases can arise now that "EXPLAIN VERBOSE" tries to print
plan node target lists.
* Avoid an unnecessary coercion failure in some cases where an
undecorated literal string appears in a subquery within
"UNION"/"INTERSECT"/"EXCEPT"
This fixes a regression for some cases that worked before 8.4.
* Avoid undesirable rowtype compatibility check failures in some
cases where a whole-row Var has a rowtype that contains dropped
columns
* Fix the STOP WAL LOCATION entry in backup history files to report
the next WAL segment's name when the end location is exactly at a
segment boundary
* Always pass the catalog ID to an option validator function
specified in "CREATE FOREIGN DATA WRAPPER"
* Fix some more cases of temporary-file leakage
* Add support for doing FULL JOIN ON FALSE
* Improve constraint exclusion processing of boolean-variable cases,
in particular make it possible to exclude a partition that has a
"bool_column = false" constraint
* Prevent treating an INOUT cast as representing binary compatibility
* Include column name in the message when warning about inability to
grant or revoke column-level privileges
This is more useful than before and helps to prevent confusion when
a "REVOKE" generates multiple messages, which formerly appeared to
be duplicates.
* When reading "pg_hba.conf" and related files, do not treat
@something as a file inclusion request if the @ appears inside
quote marks; also, never treat @ by itself as a file inclusion
request
* Prevent infinite loop on some platforms if a directory is named as
an inclusion target in "pg_hba.conf" and related files
* Fix possible infinite loop if SSL_read or SSL_write fails without
setting errno
This is reportedly possible with some Windows versions of openssl.
* Disallow GSSAPI authentication on local connections, since it
requires a hostname to function correctly
* Protect ecpg against applications freeing strings unexpectedly
* Make ecpg report the proper SQLSTATE if the connection disappears
* Fix translation of cell contents in psql \d output
* Fix psql's numericlocale option to not format strings it shouldn't
in latex and troff output formats
* Fix a small per-query memory leak in psql
* Make psql return the correct exit status (3) when ON_ERROR_STOP and
--single-transaction are both specified and an error occurs during
the implied "COMMIT"
* Fix pg_dump's output of permissions for foreign servers
* Fix possible crash in parallel pg_restore due to out-of-range
dependency IDs
* Fix plpgsql failure in one case where a composite column is set to NULL
* Fix possible failure when calling PL/Perl functions from PL/PerlU
or vice versa
* Add volatile markings in PL/Python to avoid possible
compiler-specific misbehavior
* Ensure PL/Tcl initializes the Tcl interpreter fully
The only known symptom of this oversight is that the Tcl clock
command misbehaves if using Tcl 8.5 or later.
* Prevent ExecutorEnd from being run on portals created within a
failed transaction or subtransaction
This is known to cause issues when using "contrib/auto_explain".
* Prevent crash in "contrib/dblink" when too many key columns are
specified to a dblink_build_sql_* function
* Allow zero-dimensional arrays in "contrib/ltree" operations
* Fix assorted crashes in "contrib/xml2" caused by sloppy memory
management
* Make building of "contrib/xml2" more robust on Windows
* Fix race condition in Windows signal handling
One known symptom of this bug is that rows in pg_listener could be
dropped under heavy load.
* Make the configure script report failure if the C compiler does not
provide a working 64-bit integer datatype
This case has been broken for some time, and no longer seems worth
supporting, so just reject it at configure time instead.
* Update time zone data files to tzdata release 2010e for DST law
changes in Bangladesh, Chile, Fiji, Mexico, Paraguay, Samoa.
---
Module Name: pkgsrc
Committed By: taca
Date: Thu Apr 15 03:25:25 UTC 2010
Modified Files:
pkgsrc/databases/postgresql84-client: Makefile PLIST
Log message:
Add missing some documentation files to PLIST.
Bump PKGREVISION.
---
Module Name: pkgsrc
Committed By: adam
Date: Mon Apr 12 09:53:50 UTC 2010
Modified Files:
pkgsrc/databases/postgresql83: Makefile.common distinfo
pkgsrc/databases/postgresql83-adminpack: Makefile
pkgsrc/databases/postgresql83-client: Makefile
pkgsrc/databases/postgresql83-plperl: Makefile
pkgsrc/databases/postgresql83-plpython: Makefile
pkgsrc/databases/postgresql83-pltcl: Makefile
pkgsrc/databases/postgresql83-server: Makefile PLIST
Removed Files:
pkgsrc/databases/postgresql83/patches: patch-ad patch-ae
Log message:
Changes 8.3.10:
* Add new configuration parameter ssl_renegotiation_limit to control
how often we do session key renegotiation for an SSL connection
* Fix possible deadlock during backend startup
* Fix possible crashes due to not handling errors during relcache
reload cleanly
* Fix possible crash due to use of dangling pointer to a cached plan
* Fix possible crashes when trying to recover from a failure in
subtransaction start
* Fix server memory leak associated with use of savepoints and a
client encoding different from server's encoding
* Fix incorrect WAL data emitted during end-of-recovery cleanup of a
GIST index page split
* Make substring() for bit types treat any negative length as meaning
"all the rest of the string"
The previous coding treated only -1 that way, and would produce an
invalid result value for other negative values, possibly leading to
a crash (CVE-2010-0442).
* Fix integer-to-bit-string conversions to handle the first
fractional byte correctly when the output bit width is wider than
the given integer by something other than a multiple of 8 bits
* Fix some cases of pathologically slow regular expression matching
* Fix assorted crashes in xml processing caused by sloppy memory
management
* Fix bug with trying to update a field of an element of a
composite-type array column
* Fix the STOP WAL LOCATION entry in backup history files to report
the next WAL segment's name when the end location is exactly at a
segment boundary
* Fix some more cases of temporary-file leakage
This corrects a problem introduced in the previous minor release.
One case that failed is when a plpgsql function returning set is
called within another function's exception handler.
* Improve constraint exclusion processing of boolean-variable cases,
in particular make it possible to exclude a partition that has a
"bool_column = false" constraint
* When reading "pg_hba.conf" and related files, do not treat
@something as a file inclusion request if the @ appears inside
quote marks; also, never treat @ by itself as a file inclusion
request
* Prevent infinite loop on some platforms if a directory is named as
an inclusion target in "pg_hba.conf" and related files
* Fix possible infinite loop if SSL_read or SSL_write fails without
setting errno
This is reportedly possible with some Windows versions of openssl.
* Disallow GSSAPI authentication on local connections, since it
requires a hostname to function correctly
* Make ecpg report the proper SQLSTATE if the connection disappears
* Fix psql's numericlocale option to not format strings it shouldn't
in latex and troff output formats
* Make psql return the correct exit status (3) when ON_ERROR_STOP and
--single-transaction are both specified and an error occurs during
the implied "COMMIT"
* Fix plpgsql failure in one case where a composite column is set to NULL
* Fix possible failure when calling PL/Perl functions from PL/PerlU
or vice versa
* Add volatile markings in PL/Python to avoid possible
compiler-specific misbehavior
* Ensure PL/Tcl initializes the Tcl interpreter fully
The only known symptom of this oversight is that the Tcl clock
command misbehaves if using Tcl 8.5 or later.
* Prevent crash in "contrib/dblink" when too many key columns are
specified to a dblink_build_sql_* function
* Allow zero-dimensional arrays in "contrib/ltree" operations
* Fix assorted crashes in "contrib/xml2" caused by sloppy memory
management
* Make building of "contrib/xml2" more robust on Windows
* Fix race condition in Windows signal handling
One known symptom of this bug is that rows in pg_listener could be
dropped under heavy load.
* Update time zone data files to tzdata release 2010e for DST law
changes in Bangladesh, Chile, Fiji, Mexico, Paraguay, Samoa.
---
Module Name: pkgsrc
Committed By: taca
Date: Thu Apr 15 03:25:05 UTC 2010
Modified Files:
pkgsrc/databases/postgresql83-client: Makefile PLIST
Log message:
Add missing some documentation files to PLIST.
Bump PKGREVISION.
---
Module Name: pkgsrc
Committed By: adam
Date: Mon Apr 12 09:48:49 UTC 2010
Modified Files:
pkgsrc/databases/postgresql82: Makefile.common distinfo
pkgsrc/databases/postgresql82-adminpack: Makefile
pkgsrc/databases/postgresql82-client: Makefile PLIST
pkgsrc/databases/postgresql82-plperl: Makefile
pkgsrc/databases/postgresql82-plpython: Makefile
pkgsrc/databases/postgresql82-pltcl: Makefile
pkgsrc/databases/postgresql82-server: Makefile PLIST
pkgsrc/databases/postgresql82-tsearch2: Makefile
Removed Files:
pkgsrc/databases/postgresql82/patches: patch-ad patch-ae
Log message:
Changes 8.2.16:
* Add new configuration parameter ssl_renegotiation_limit to control
how often we do session key renegotiation for an SSL connection
* Fix possible deadlock during backend startup
* Fix possible crashes due to not handling errors during relcache
reload cleanly
* Fix possible crashes when trying to recover from a failure in
subtransaction start
* Fix server memory leak associated with use of savepoints and a
client encoding different from server's encoding
* Fix incorrect WAL data emitted during end-of-recovery cleanup of a
GIST index page split
* Make substring() for bit types treat any negative length as meaning
"all the rest of the string"
The previous coding treated only -1 that way, and would produce an
invalid result value for other negative values, possibly leading to
a crash (CVE-2010-0442).
* Fix integer-to-bit-string conversions to handle the first
fractional byte correctly when the output bit width is wider than
the given integer by something other than a multiple of 8 bits
* Fix some cases of pathologically slow regular expression matching
* Fix the STOP WAL LOCATION entry in backup history files to report
the next WAL segment's name when the end location is exactly at a
segment boundary
* Fix some more cases of temporary-file leakage
* Improve constraint exclusion processing of boolean-variable cases,
in particular make it possible to exclude a partition that has a
"bool_column = false" constraint
* When reading "pg_hba.conf" and related files, do not treat
@something as a file inclusion request if the @ appears inside
quote marks; also, never treat @ by itself as a file inclusion
request
* Prevent infinite loop on some platforms if a directory is named as
an inclusion target in "pg_hba.conf" and related files
* Fix possible infinite loop if SSL_read or SSL_write fails without
setting errno
This is reportedly possible with some Windows versions of openssl.
* Fix psql's numericlocale option to not format strings it shouldn't
in latex and troff output formats
* Make psql return the correct exit status (3) when ON_ERROR_STOP and
--single-transaction are both specified and an error occurs during
the implied "COMMIT"
* Fix plpgsql failure in one case where a composite column is set to NULL
* Fix possible failure when calling PL/Perl functions from PL/PerlU
or vice versa
* Add volatile markings in PL/Python to avoid possible
compiler-specific misbehavior
* Ensure PL/Tcl initializes the Tcl interpreter fully
The only known symptom of this oversight is that the Tcl clock
command misbehaves if using Tcl 8.5 or later.
* Prevent crash in "contrib/dblink" when too many key columns are
specified to a dblink_build_sql_* function
* Fix assorted crashes in "contrib/xml2" caused by sloppy memory
management
* Make building of "contrib/xml2" more robust on Windows
* Fix race condition in Windows signal handling
One known symptom of this bug is that rows in pg_listener could be
dropped under heavy load.
* Update time zone data files to tzdata release 2010e for DST law
changes in Bangladesh, Chile, Fiji, Mexico, Paraguay, Samoa.
---
Module Name: pkgsrc
Committed By: adam
Date: Fri Apr 23 16:03:24 UTC 2010
Modified Files:
pkgsrc/databases/postgresql82: Makefile.common
pkgsrc/databases/postgresql83: Makefile.common
pkgsrc/databases/postgresql84: Makefile.common
Log message:
Fixed meta package building
|