./databases/postgresql91-server, PostgreSQL database server programs

[ CVSweb ] [ Homepage ] [ RSS ] [ Required by ] [ Add to tracker ]


Branch: pkgsrc-2013Q1, Version: 9.1.9, Package name: postgresql91-server-9.1.9, Maintainer: adam

PostgreSQL is a robust, next-generation, Object-Relational DBMS (ORDBMS),
derived from the Berkeley Postgres database management system. While
PostgreSQL retains the powerful object-relational data model, rich data types
and easy extensibility of Postgres, it replaces the PostQuel query language
with an extended subset of SQL.

PostgreSQL is free and the complete source is available.

This package contains the database server programs.

DEINSTALL [+/-]

Required to run:
[databases/postgresql91-client]

Required to build:
[devel/bison] [devel/gmake]

Master sites: (Expand)

SHA1: 4cbbfc5be9b8e6fe3d67c5075c212bcb057eac20
RMD160: 65aa38a4f687cd278bedcf4f1516089ab65924d1
Filesize: 15444.747 KB

Version history: (Expand)


CVS history: (Expand)


   2013-04-09 12:33:33 by Matthias Scheler | Files touched by this commit (18) | Package updated
Log message:
Pullup ticket #4112 - requested by fhajny
databases/postgresql84: security update
databases/postgresql84-client: security update
databases/postgresql84-server: security update
databases/postgresql90: security update
databases/postgresql90-client: security update
databases/postgresql90-docs: security update
databases/postgresql90-server: security update
databases/postgresql91: security update
databases/postgresql91-client: security update
databases/postgresql91-docs: security update
databases/postgresql91-server: security update
databases/postgresql92: security update
databases/postgresql92-client: security update
databases/postgresql92-docs: security update
databases/postgresql92-server: security update

Revisions pulled up:
- databases/Makefile                                            1.428
- databases/postgresql84-client/PLIST                           1.19
- databases/postgresql84-server/PLIST                           1.15
- databases/postgresql84/Makefile.common                        1.26
- databases/postgresql84/distinfo                               1.25
- databases/postgresql90-docs/PLIST                             1.15
- databases/postgresql90-server/PLIST                           1.12
- databases/postgresql90/Makefile.common                        1.24
- databases/postgresql90/distinfo                               1.17
- databases/postgresql91-docs/PLIST                             1.11
- databases/postgresql91-server/PLIST                           1.7
- databases/postgresql91/Makefile.common                        1.14
- databases/postgresql91/distinfo                               1.14
- databases/postgresql92-client/PLIST                           1.4
- databases/postgresql92-docs/PLIST                             1.4
- databases/postgresql92-server/PLIST                           1.3
- databases/postgresql92/Makefile.common                        1.5
- databases/postgresql92/distinfo                               1.4
- databases/postgresql92/patches/patch-contrib_dblink_dblink.c  1.2

---
   Module Name:	pkgsrc
   Committed By:	adam
   Date:		Thu Apr  4 21:08:38 UTC 2013

   Modified Files:
   	pkgsrc/databases: Makefile
   	pkgsrc/databases/postgresql84: Makefile.common distinfo
   	pkgsrc/databases/postgresql84-client: PLIST
   	pkgsrc/databases/postgresql84-server: PLIST
   	pkgsrc/databases/postgresql90: Makefile.common distinfo
   	pkgsrc/databases/postgresql90-docs: PLIST
   	pkgsrc/databases/postgresql90-server: PLIST
   	pkgsrc/databases/postgresql91: Makefile.common distinfo
   	pkgsrc/databases/postgresql91-docs: PLIST
   	pkgsrc/databases/postgresql91-server: PLIST
   	pkgsrc/databases/postgresql92: Makefile.common distinfo
   	pkgsrc/databases/postgresql92-client: PLIST
   	pkgsrc/databases/postgresql92-docs: PLIST
   	pkgsrc/databases/postgresql92-server: PLIST
   	pkgsrc/databases/postgresql92/patches: patch-contrib_dblink_dblink.c
   	pkgsrc/mk: pgsql.buildlink3.mk
   Removed Files:
   	pkgsrc/databases/jdbc-postgresql83: DESCR Makefile PLIST distinfo
   	pkgsrc/databases/postgresql83: DESCR Makefile Makefile.common PLIST
   	    distinfo options.mk
   	pkgsrc/databases/postgresql83-client: DESCR Makefile PLIST
   	    buildlink3.mk
   	pkgsrc/databases/postgresql83-plperl: DESCR MESSAGE Makefile PLIST
   	pkgsrc/databases/postgresql83-plpython: DESCR MESSAGE Makefile PLIST
   	pkgsrc/databases/postgresql83-pltcl: DESCR MESSAGE Makefile PLIST
   	pkgsrc/databases/postgresql83-server: DEINSTALL DESCR MESSAGE Makefile
   	    PLIST
   	pkgsrc/databases/postgresql83-server/files: pgsql.sh
   	pkgsrc/databases/postgresql83-uuid: Makefile
   	pkgsrc/databases/postgresql83/files: GNUmakefile.libpq dynloader-ltdl.h
   	pkgsrc/databases/postgresql83/patches: patch-aa patch-ab patch-ac
   	    patch-ad patch-af patch-ag patch-ah patch-ai patch-ba
   	    patch-src_interfaces_ecpg_ecpglib_Makefile
   	    patch-src_makefiles_Makefile.solaris patch-src_pl_plperl_plperl.h
   	    patch-src_pl_plpgsql_src_Makefile

   Log message:
   The PostgreSQL Global Development Group has released a security update to all \ 
current versions of the PostgreSQL database system, including versions 9.2.4, \ 
9.1.9, 9.0.13, and 8.4.17. This update fixes a high-exposure security \ 
vulnerability in versions 9.0 and later. All users of the affected versions are \ 
strongly urged to apply the update immediately.

   A major security issue fixed in this release, CVE-2013-1899, makes it \ 
possible for a connection request containing a database name that begins with \ 
"-" to be crafted that can damage or destroy files within a server's \ 
data directory. Anyone with access to the port the PostgreSQL server listens on \ 
can initiate this request.

   Two lesser security fixes are also included in this release: CVE-2013-1900, \ 
wherein random numbers generated by contrib/pgcrypto functions may be easy for \ 
another database user to guess, and CVE-2013-1901, which mistakenly allows an \ 
unprivileged user to run commands that could interfere with in-progress backups. \ 
Finally, this release fixes two security issues with the graphical installers \ 
for Linux and Mac OS X: insecure passing of superuser passwords to a script, \ 
CVE-2013-1903 and the use of predictable filenames in /tmp CVE-2013-1902.