./databases/postgresql84-server, PostgreSQL database server programs

[ CVSweb ] [ Homepage ] [ RSS ] [ Required by ] [ Add to tracker ]


Branch: pkgsrc-2013Q1, Version: 8.4.17, Package name: postgresql84-server-8.4.17, Maintainer: adam

PostgreSQL is a robust, next-generation, Object-Relational DBMS (ORDBMS),
derived from the Berkeley Postgres database management system. While
PostgreSQL retains the powerful object-relational data model, rich data types
and easy extensibility of Postgres, it replaces the PostQuel query language
with an extended subset of SQL.

PostgreSQL is free and the complete source is available.

This package contains the database server programs.

DEINSTALL [+/-]

Required to run:
[databases/postgresql84-client]

Required to build:
[devel/bison] [devel/gmake]

Master sites: (Expand)

SHA1: 1c8760ad7048f6e62ac8c822fee653117f5beb57
RMD160: 122acee594551be5e42f208dfde522a0ad1ce17d
Filesize: 14448.27 KB

Version history: (Expand)


CVS history: (Expand)


   2013-04-09 12:33:33 by Matthias Scheler | Files touched by this commit (18) | Package updated
Log message:
Pullup ticket #4112 - requested by fhajny
databases/postgresql84: security update
databases/postgresql84-client: security update
databases/postgresql84-server: security update
databases/postgresql90: security update
databases/postgresql90-client: security update
databases/postgresql90-docs: security update
databases/postgresql90-server: security update
databases/postgresql91: security update
databases/postgresql91-client: security update
databases/postgresql91-docs: security update
databases/postgresql91-server: security update
databases/postgresql92: security update
databases/postgresql92-client: security update
databases/postgresql92-docs: security update
databases/postgresql92-server: security update

Revisions pulled up:
- databases/Makefile                                            1.428
- databases/postgresql84-client/PLIST                           1.19
- databases/postgresql84-server/PLIST                           1.15
- databases/postgresql84/Makefile.common                        1.26
- databases/postgresql84/distinfo                               1.25
- databases/postgresql90-docs/PLIST                             1.15
- databases/postgresql90-server/PLIST                           1.12
- databases/postgresql90/Makefile.common                        1.24
- databases/postgresql90/distinfo                               1.17
- databases/postgresql91-docs/PLIST                             1.11
- databases/postgresql91-server/PLIST                           1.7
- databases/postgresql91/Makefile.common                        1.14
- databases/postgresql91/distinfo                               1.14
- databases/postgresql92-client/PLIST                           1.4
- databases/postgresql92-docs/PLIST                             1.4
- databases/postgresql92-server/PLIST                           1.3
- databases/postgresql92/Makefile.common                        1.5
- databases/postgresql92/distinfo                               1.4
- databases/postgresql92/patches/patch-contrib_dblink_dblink.c  1.2

---
   Module Name:	pkgsrc
   Committed By:	adam
   Date:		Thu Apr  4 21:08:38 UTC 2013

   Modified Files:
   	pkgsrc/databases: Makefile
   	pkgsrc/databases/postgresql84: Makefile.common distinfo
   	pkgsrc/databases/postgresql84-client: PLIST
   	pkgsrc/databases/postgresql84-server: PLIST
   	pkgsrc/databases/postgresql90: Makefile.common distinfo
   	pkgsrc/databases/postgresql90-docs: PLIST
   	pkgsrc/databases/postgresql90-server: PLIST
   	pkgsrc/databases/postgresql91: Makefile.common distinfo
   	pkgsrc/databases/postgresql91-docs: PLIST
   	pkgsrc/databases/postgresql91-server: PLIST
   	pkgsrc/databases/postgresql92: Makefile.common distinfo
   	pkgsrc/databases/postgresql92-client: PLIST
   	pkgsrc/databases/postgresql92-docs: PLIST
   	pkgsrc/databases/postgresql92-server: PLIST
   	pkgsrc/databases/postgresql92/patches: patch-contrib_dblink_dblink.c
   	pkgsrc/mk: pgsql.buildlink3.mk
   Removed Files:
   	pkgsrc/databases/jdbc-postgresql83: DESCR Makefile PLIST distinfo
   	pkgsrc/databases/postgresql83: DESCR Makefile Makefile.common PLIST
   	    distinfo options.mk
   	pkgsrc/databases/postgresql83-client: DESCR Makefile PLIST
   	    buildlink3.mk
   	pkgsrc/databases/postgresql83-plperl: DESCR MESSAGE Makefile PLIST
   	pkgsrc/databases/postgresql83-plpython: DESCR MESSAGE Makefile PLIST
   	pkgsrc/databases/postgresql83-pltcl: DESCR MESSAGE Makefile PLIST
   	pkgsrc/databases/postgresql83-server: DEINSTALL DESCR MESSAGE Makefile
   	    PLIST
   	pkgsrc/databases/postgresql83-server/files: pgsql.sh
   	pkgsrc/databases/postgresql83-uuid: Makefile
   	pkgsrc/databases/postgresql83/files: GNUmakefile.libpq dynloader-ltdl.h
   	pkgsrc/databases/postgresql83/patches: patch-aa patch-ab patch-ac
   	    patch-ad patch-af patch-ag patch-ah patch-ai patch-ba
   	    patch-src_interfaces_ecpg_ecpglib_Makefile
   	    patch-src_makefiles_Makefile.solaris patch-src_pl_plperl_plperl.h
   	    patch-src_pl_plpgsql_src_Makefile

   Log message:
   The PostgreSQL Global Development Group has released a security update to all \ 
current versions of the PostgreSQL database system, including versions 9.2.4, \ 
9.1.9, 9.0.13, and 8.4.17. This update fixes a high-exposure security \ 
vulnerability in versions 9.0 and later. All users of the affected versions are \ 
strongly urged to apply the update immediately.

   A major security issue fixed in this release, CVE-2013-1899, makes it \ 
possible for a connection request containing a database name that begins with \ 
"-" to be crafted that can damage or destroy files within a server's \ 
data directory. Anyone with access to the port the PostgreSQL server listens on \ 
can initiate this request.

   Two lesser security fixes are also included in this release: CVE-2013-1900, \ 
wherein random numbers generated by contrib/pgcrypto functions may be easy for \ 
another database user to guess, and CVE-2013-1901, which mistakenly allows an \ 
unprivileged user to run commands that could interfere with in-progress backups. \ 
Finally, this release fixes two security issues with the graphical installers \ 
for Linux and Mac OS X: insecure passing of superuser passwords to a script, \ 
CVE-2013-1903 and the use of predictable filenames in /tmp CVE-2013-1902.