Navigation:
Browse pkgsrc
(this page)
databases postgres..
CVSweb ] [ 
Homepage ] [ 
RSS ] [ 
Required by ] [ 
Add to tracker ] 2010-05-22 12:38:55 by Matthias Scheler | Files touched by this commit (10) |  |
Log message:
Pullup ticket #3182 - requested by adam
databases/postgresql84-client: security update
databases/postgresql84-plperl: security update
databases/postgresql84-plpython: security update
databases/postgresql84-pltcl: security update
databases/postgresql84-server: security update
databases/postgresql84: security update
Revisions pulled up:
- databases/postgresql84-client/Makefile 1.8
- databases/postgresql84-client/PLIST 1.6
- databases/postgresql84-client/buildlink3.mk 1.3
- databases/postgresql84-plperl/PLIST 1.3
- databases/postgresql84-plpython/PLIST 1.3
- databases/postgresql84-pltcl/PLIST 1.3
- databases/postgresql84-server/PLIST 1.5
- databases/postgresql84/Makefile.common 1.6
- databases/postgresql84/distinfo 1.5
- databases/postgresql84/patches/patch-ad 1.3
---
Module Name: pkgsrc
Committed By: adam
Date: Thu May 20 12:36:39 UTC 2010
Modified Files:
pkgsrc/databases/postgresql84: Makefile.common distinfo
pkgsrc/databases/postgresql84-client: Makefile PLIST
buildlink3.mk
pkgsrc/databases/postgresql84-plperl: PLIST
pkgsrc/databases/postgresql84-plpython: PLIST
pkgsrc/databases/postgresql84-pltcl: PLIST
pkgsrc/databases/postgresql84-server: PLIST
Added Files:
pkgsrc/databases/postgresql84/patches: patch-ad
Log message:
Changes 8.4.4:
* Enforce restrictions in plperl using an opmask applied to the whole
interpreter, instead of using "Safe.pm"
* Prevent PL/Tcl from executing untrustworthy code from pltcl_modules
* Fix data corruption during WAL replay of ALTER ... SET TABLESPACE
* Fix possible crash if a cache reset message is received during
rebuild of a relcache entry
* Apply per-function GUC settings while running the language
validator for the function
* Do constraint exclusion for inherited "UPDATE" and \
"DELETE" target
tables when constraint_exclusion = partition
* Do not allow an unprivileged user to reset superuser-only parameter
settings
* Avoid possible crash during backend shutdown if shutdown occurs
when a CONTEXT addition would be made to log entries
* Fix erroneous handling of %r parameter in recovery_end_command
* Ensure the archiver process responds to changes in archive_command
as soon as possible
* Fix pl/pgsql's CASE statement to not fail when the case expression
is a query that returns no rows
* Update pl/perl's "ppport.h" for modern Perl versions
* Fix assorted memory leaks in pl/python
* Handle empty-string connect parameters properly in ecpg
* Prevent infinite recursion in psql when expanding a variable that
refers to itself
* Fix psql's \copy to not add spaces around a dot within \copy
(select ...)
* Avoid formatting failure in psql when running in a locale context
that doesn't match the client_encoding
* Fix unnecessary "GIN indexes do not support whole-index scans"
errors for unsatisfiable queries using "contrib/intarray" operators
* Ensure that "contrib/pgstattuple" functions respond to cancel
interrupts promptly
* Make server startup deal properly with the case that shmget()
returns EINVAL for an existing shared memory segment
* Avoid possible crashes in syslogger process on Windows
* Deal more robustly with incomplete time zone information in the
Windows registry
* Update the set of known Windows time zone names
* Update time zone data files to tzdata release 2010j for DST law
changes in Argentina, Australian Antarctic, Bangladesh, Mexico,
Morocco, Pakistan, Palestine, Russia, Syria, Tunisia; also
historical corrections for Taiwan.
Also, add PKST (Pakistan Summer Time) to the default set of
timezone abbreviations.
|
| 2010-05-12 23:20:07 by Matthias Scheler | Files touched by this commit (38) | |
Log message: Pullup ticket #3113 - requested by spz: databases/postgresql82: security update databases/postgresql82-adminpack: security update databases/postgresql82-client: security update databases/postgresql82-plperl: security update databases/postgresql82-plpython: security update databases/postgresql82-pltcl: security update databases/postgresql82-server: security update databases/postgresql82-tsearch2: security update databases/postgresql83: security update databases/postgresql83-adminpack: security update databases/postgresql83-client: security update databases/postgresql83-plperl: security update databases/postgresql83-plpython: security update databases/postgresql83-pltcl: security update databases/postgresql83-server: security update databases/postgresql84: security update databases/postgresql84-adminpack: security update databases/postgresql84-client: security update databases/postgresql84-plperl: security update databases/postgresql84-plpython: security update databases/postgresql84-pltcl: security update databases/postgresql84-server: security update databases/postgresql82: security update databases/postgresql83: security update databases/postgresql84: security update Revisions pulled up: - databases/postgresql82-adminpack/Makefile 1.8 - databases/postgresql82-client/Makefile 1.13 - databases/postgresql82-client/PLIST 1.18 - databases/postgresql82-plperl/Makefile 1.10 - databases/postgresql82-plpython/Makefile 1.10 - databases/postgresql82-pltcl/Makefile 1.7 - databases/postgresql82-server/Makefile 1.11 - databases/postgresql82-server/PLIST 1.12 - databases/postgresql82-tsearch2/Makefile 1.8 - databases/postgresql82/Makefile.common 1.19-1.20 - databases/postgresql82/distinfo 1.19 - databases/postgresql82/patches/patch-ad delete - databases/postgresql82/patches/patch-ae delete - databases/postgresql83-adminpack/Makefile 1.4 - databases/postgresql83-client/Makefile 1.13-1.14 - databases/postgresql83-client/PLIST 1.12 - databases/postgresql83-plperl/Makefile 1.6 - databases/postgresql83-plpython/Makefile 1.7 - databases/postgresql83-pltcl/Makefile 1.4 - databases/postgresql83-server/Makefile 1.11 - databases/postgresql83-server/PLIST 1.10 - databases/postgresql83/Makefile.common 1.10-1.11 - databases/postgresql83/distinfo 1.11 - databases/postgresql83/patches/patch-ad delete - databases/postgresql83/patches/patch-ae delete - databases/postgresql84-adminpack/Makefile 1.3 - databases/postgresql84-client/Makefile 1.6-1.7 - databases/postgresql84-client/PLIST 1.5 - databases/postgresql84-plperl/Makefile 1.3 - databases/postgresql84-plpython/Makefile 1.4 - databases/postgresql84-pltcl/Makefile 1.3 - databases/postgresql84-server/Makefile 1.7 - databases/postgresql84-server/PLIST 1.4 - databases/postgresql84/Makefile.common 1.4-1.5 - databases/postgresql84/distinfo 1.4 - databases/postgresql84/patches/patch-ad delete - databases/postgresql84/patches/patch-ae delete - databases/postgresql84/patches/patch-ai 1.2 --- Module Name: pkgsrc Committed By: adam Date: Mon Apr 12 09:58:39 UTC 2010 Modified Files: pkgsrc/databases/postgresql84: Makefile.common distinfo pkgsrc/databases/postgresql84-adminpack: Makefile pkgsrc/databases/postgresql84-client: Makefile pkgsrc/databases/postgresql84-plperl: Makefile pkgsrc/databases/postgresql84-plpython: Makefile pkgsrc/databases/postgresql84-pltcl: Makefile pkgsrc/databases/postgresql84-server: Makefile PLIST pkgsrc/databases/postgresql84/patches: patch-ai Removed Files: pkgsrc/databases/postgresql84/patches: patch-ad patch-ae Log message: Changes 8.4.3: * Add new configuration parameter ssl_renegotiation_limit to control how often we do session key renegotiation for an SSL connection * Fix possible deadlock during backend startup * Fix possible crashes due to not handling errors during relcache reload cleanly * Fix possible crash due to use of dangling pointer to a cached plan * Fix possible crash due to overenthusiastic invalidation of cached plan for "ROLLBACK" * Fix possible crashes when trying to recover from a failure in subtransaction start * Fix server memory leak associated with use of savepoints and a client encoding different from server's encoding * Fix incorrect WAL data emitted during end-of-recovery cleanup of a GIST index page split * Fix bug in WAL redo cleanup method for GIN indexes * Fix incorrect comparison of scan key in GIN index search * Make substring() for bit types treat any negative length as meaning "all the rest of the string" The previous coding treated only -1 that way, and would produce an invalid result value for other negative values, possibly leading to a crash (CVE-2010-0442). * Fix integer-to-bit-string conversions to handle the first fractional byte correctly when the output bit width is wider than the given integer by something other than a multiple of 8 bits * Fix some cases of pathologically slow regular expression matching * Fix bug occurring when trying to inline a SQL function that returns a set of a composite type that contains dropped columns * Fix bug with trying to update a field of an element of a composite-type array column * Avoid failure when "EXPLAIN" has to print a FieldStore or assignment ArrayRef expression These cases can arise now that "EXPLAIN VERBOSE" tries to print plan node target lists. * Avoid an unnecessary coercion failure in some cases where an undecorated literal string appears in a subquery within "UNION"/"INTERSECT"/"EXCEPT" This fixes a regression for some cases that worked before 8.4. * Avoid undesirable rowtype compatibility check failures in some cases where a whole-row Var has a rowtype that contains dropped columns * Fix the STOP WAL LOCATION entry in backup history files to report the next WAL segment's name when the end location is exactly at a segment boundary * Always pass the catalog ID to an option validator function specified in "CREATE FOREIGN DATA WRAPPER" * Fix some more cases of temporary-file leakage * Add support for doing FULL JOIN ON FALSE * Improve constraint exclusion processing of boolean-variable cases, in particular make it possible to exclude a partition that has a "bool_column = false" constraint * Prevent treating an INOUT cast as representing binary compatibility * Include column name in the message when warning about inability to grant or revoke column-level privileges This is more useful than before and helps to prevent confusion when a "REVOKE" generates multiple messages, which formerly appeared to be duplicates. * When reading "pg_hba.conf" and related files, do not treat @something as a file inclusion request if the @ appears inside quote marks; also, never treat @ by itself as a file inclusion request * Prevent infinite loop on some platforms if a directory is named as an inclusion target in "pg_hba.conf" and related files * Fix possible infinite loop if SSL_read or SSL_write fails without setting errno This is reportedly possible with some Windows versions of openssl. * Disallow GSSAPI authentication on local connections, since it requires a hostname to function correctly * Protect ecpg against applications freeing strings unexpectedly * Make ecpg report the proper SQLSTATE if the connection disappears * Fix translation of cell contents in psql \d output * Fix psql's numericlocale option to not format strings it shouldn't in latex and troff output formats * Fix a small per-query memory leak in psql * Make psql return the correct exit status (3) when ON_ERROR_STOP and --single-transaction are both specified and an error occurs during the implied "COMMIT" * Fix pg_dump's output of permissions for foreign servers * Fix possible crash in parallel pg_restore due to out-of-range dependency IDs * Fix plpgsql failure in one case where a composite column is set to NULL * Fix possible failure when calling PL/Perl functions from PL/PerlU or vice versa * Add volatile markings in PL/Python to avoid possible compiler-specific misbehavior * Ensure PL/Tcl initializes the Tcl interpreter fully The only known symptom of this oversight is that the Tcl clock command misbehaves if using Tcl 8.5 or later. * Prevent ExecutorEnd from being run on portals created within a failed transaction or subtransaction This is known to cause issues when using "contrib/auto_explain". * Prevent crash in "contrib/dblink" when too many key columns are specified to a dblink_build_sql_* function * Allow zero-dimensional arrays in "contrib/ltree" operations * Fix assorted crashes in "contrib/xml2" caused by sloppy memory management * Make building of "contrib/xml2" more robust on Windows * Fix race condition in Windows signal handling One known symptom of this bug is that rows in pg_listener could be dropped under heavy load. * Make the configure script report failure if the C compiler does not provide a working 64-bit integer datatype This case has been broken for some time, and no longer seems worth supporting, so just reject it at configure time instead. * Update time zone data files to tzdata release 2010e for DST law changes in Bangladesh, Chile, Fiji, Mexico, Paraguay, Samoa. --- Module Name: pkgsrc Committed By: taca Date: Thu Apr 15 03:25:25 UTC 2010 Modified Files: pkgsrc/databases/postgresql84-client: Makefile PLIST Log message: Add missing some documentation files to PLIST. Bump PKGREVISION. --- Module Name: pkgsrc Committed By: adam Date: Mon Apr 12 09:53:50 UTC 2010 Modified Files: pkgsrc/databases/postgresql83: Makefile.common distinfo pkgsrc/databases/postgresql83-adminpack: Makefile pkgsrc/databases/postgresql83-client: Makefile pkgsrc/databases/postgresql83-plperl: Makefile pkgsrc/databases/postgresql83-plpython: Makefile pkgsrc/databases/postgresql83-pltcl: Makefile pkgsrc/databases/postgresql83-server: Makefile PLIST Removed Files: pkgsrc/databases/postgresql83/patches: patch-ad patch-ae Log message: Changes 8.3.10: * Add new configuration parameter ssl_renegotiation_limit to control how often we do session key renegotiation for an SSL connection * Fix possible deadlock during backend startup * Fix possible crashes due to not handling errors during relcache reload cleanly * Fix possible crash due to use of dangling pointer to a cached plan * Fix possible crashes when trying to recover from a failure in subtransaction start * Fix server memory leak associated with use of savepoints and a client encoding different from server's encoding * Fix incorrect WAL data emitted during end-of-recovery cleanup of a GIST index page split * Make substring() for bit types treat any negative length as meaning "all the rest of the string" The previous coding treated only -1 that way, and would produce an invalid result value for other negative values, possibly leading to a crash (CVE-2010-0442). * Fix integer-to-bit-string conversions to handle the first fractional byte correctly when the output bit width is wider than the given integer by something other than a multiple of 8 bits * Fix some cases of pathologically slow regular expression matching * Fix assorted crashes in xml processing caused by sloppy memory management * Fix bug with trying to update a field of an element of a composite-type array column * Fix the STOP WAL LOCATION entry in backup history files to report the next WAL segment's name when the end location is exactly at a segment boundary * Fix some more cases of temporary-file leakage This corrects a problem introduced in the previous minor release. One case that failed is when a plpgsql function returning set is called within another function's exception handler. * Improve constraint exclusion processing of boolean-variable cases, in particular make it possible to exclude a partition that has a "bool_column = false" constraint * When reading "pg_hba.conf" and related files, do not treat @something as a file inclusion request if the @ appears inside quote marks; also, never treat @ by itself as a file inclusion request * Prevent infinite loop on some platforms if a directory is named as an inclusion target in "pg_hba.conf" and related files * Fix possible infinite loop if SSL_read or SSL_write fails without setting errno This is reportedly possible with some Windows versions of openssl. * Disallow GSSAPI authentication on local connections, since it requires a hostname to function correctly * Make ecpg report the proper SQLSTATE if the connection disappears * Fix psql's numericlocale option to not format strings it shouldn't in latex and troff output formats * Make psql return the correct exit status (3) when ON_ERROR_STOP and --single-transaction are both specified and an error occurs during the implied "COMMIT" * Fix plpgsql failure in one case where a composite column is set to NULL * Fix possible failure when calling PL/Perl functions from PL/PerlU or vice versa * Add volatile markings in PL/Python to avoid possible compiler-specific misbehavior * Ensure PL/Tcl initializes the Tcl interpreter fully The only known symptom of this oversight is that the Tcl clock command misbehaves if using Tcl 8.5 or later. * Prevent crash in "contrib/dblink" when too many key columns are specified to a dblink_build_sql_* function * Allow zero-dimensional arrays in "contrib/ltree" operations * Fix assorted crashes in "contrib/xml2" caused by sloppy memory management * Make building of "contrib/xml2" more robust on Windows * Fix race condition in Windows signal handling One known symptom of this bug is that rows in pg_listener could be dropped under heavy load. * Update time zone data files to tzdata release 2010e for DST law changes in Bangladesh, Chile, Fiji, Mexico, Paraguay, Samoa. --- Module Name: pkgsrc Committed By: taca Date: Thu Apr 15 03:25:05 UTC 2010 Modified Files: pkgsrc/databases/postgresql83-client: Makefile PLIST Log message: Add missing some documentation files to PLIST. Bump PKGREVISION. --- Module Name: pkgsrc Committed By: adam Date: Mon Apr 12 09:48:49 UTC 2010 Modified Files: pkgsrc/databases/postgresql82: Makefile.common distinfo pkgsrc/databases/postgresql82-adminpack: Makefile pkgsrc/databases/postgresql82-client: Makefile PLIST pkgsrc/databases/postgresql82-plperl: Makefile pkgsrc/databases/postgresql82-plpython: Makefile pkgsrc/databases/postgresql82-pltcl: Makefile pkgsrc/databases/postgresql82-server: Makefile PLIST pkgsrc/databases/postgresql82-tsearch2: Makefile Removed Files: pkgsrc/databases/postgresql82/patches: patch-ad patch-ae Log message: Changes 8.2.16: * Add new configuration parameter ssl_renegotiation_limit to control how often we do session key renegotiation for an SSL connection * Fix possible deadlock during backend startup * Fix possible crashes due to not handling errors during relcache reload cleanly * Fix possible crashes when trying to recover from a failure in subtransaction start * Fix server memory leak associated with use of savepoints and a client encoding different from server's encoding * Fix incorrect WAL data emitted during end-of-recovery cleanup of a GIST index page split * Make substring() for bit types treat any negative length as meaning "all the rest of the string" The previous coding treated only -1 that way, and would produce an invalid result value for other negative values, possibly leading to a crash (CVE-2010-0442). * Fix integer-to-bit-string conversions to handle the first fractional byte correctly when the output bit width is wider than the given integer by something other than a multiple of 8 bits * Fix some cases of pathologically slow regular expression matching * Fix the STOP WAL LOCATION entry in backup history files to report the next WAL segment's name when the end location is exactly at a segment boundary * Fix some more cases of temporary-file leakage * Improve constraint exclusion processing of boolean-variable cases, in particular make it possible to exclude a partition that has a "bool_column = false" constraint * When reading "pg_hba.conf" and related files, do not treat @something as a file inclusion request if the @ appears inside quote marks; also, never treat @ by itself as a file inclusion request * Prevent infinite loop on some platforms if a directory is named as an inclusion target in "pg_hba.conf" and related files * Fix possible infinite loop if SSL_read or SSL_write fails without setting errno This is reportedly possible with some Windows versions of openssl. * Fix psql's numericlocale option to not format strings it shouldn't in latex and troff output formats * Make psql return the correct exit status (3) when ON_ERROR_STOP and --single-transaction are both specified and an error occurs during the implied "COMMIT" * Fix plpgsql failure in one case where a composite column is set to NULL * Fix possible failure when calling PL/Perl functions from PL/PerlU or vice versa * Add volatile markings in PL/Python to avoid possible compiler-specific misbehavior * Ensure PL/Tcl initializes the Tcl interpreter fully The only known symptom of this oversight is that the Tcl clock command misbehaves if using Tcl 8.5 or later. * Prevent crash in "contrib/dblink" when too many key columns are specified to a dblink_build_sql_* function * Fix assorted crashes in "contrib/xml2" caused by sloppy memory management * Make building of "contrib/xml2" more robust on Windows * Fix race condition in Windows signal handling One known symptom of this bug is that rows in pg_listener could be dropped under heavy load. * Update time zone data files to tzdata release 2010e for DST law changes in Bangladesh, Chile, Fiji, Mexico, Paraguay, Samoa. --- Module Name: pkgsrc Committed By: adam Date: Fri Apr 23 16:03:24 UTC 2010 Modified Files: pkgsrc/databases/postgresql82: Makefile.common pkgsrc/databases/postgresql83: Makefile.common pkgsrc/databases/postgresql84: Makefile.common Log message: Fixed meta package building |
New packages: