Navigation:
Browse pkgsrc
(this page) 2013-04-04 23:08:38 by Adam Ciarcinski | Files touched by this commit (66) |  |
Log message: The PostgreSQL Global Development Group has released a security update to all \ current versions of the PostgreSQL database system, including versions 9.2.4, \ 9.1.9, 9.0.13, and 8.4.17. This update fixes a high-exposure security \ vulnerability in versions 9.0 and later. All users of the affected versions are \ strongly urged to apply the update immediately. A major security issue fixed in this release, CVE-2013-1899, makes it possible \ for a connection request containing a database name that begins with \ "-" to be crafted that can damage or destroy files within a server's \ data directory. Anyone with access to the port the PostgreSQL server listens on \ can initiate this request. Two lesser security fixes are also included in this release: CVE-2013-1900, \ wherein random numbers generated by contrib/pgcrypto functions may be easy for \ another database user to guess, and CVE-2013-1901, which mistakenly allows an \ unprivileged user to run commands that could interfere with in-progress backups. \ Finally, this release fixes two security issues with the graphical installers \ for Linux and Mac OS X: insecure passing of superuser passwords to a script, \ CVE-2013-1903 and the use of predictable filenames in /tmp CVE-2013-1902. |
| 2012-10-02 23:25:56 by Aleksej Saushev | Files touched by this commit (323) |
Log message: Drop superfluous PKG_DESTDIR_SUPPORT, "user-destdir" is default these days. |
| 2009-10-20 13:02:56 by David Brownlee | Files touched by this commit (2) |
Log message:
Updated databases/jdbc-postgresql83 to 605
Version 8.3-605 (2009-07-01)
* fix The Statement and Connection proxies used for connection pooling code \
relied on the underlying real connection and statement code for equals and \
hashcode support. When the proxies are closed we discard the references to the \
real objects, so we can't rely on them for this support because we'll get a \
NullPointerException. (jurka) Thanks to Radu Buzila.
* fix DatabaseMetaData.getColumns was broken for the JDBC 3 and 4 drivers \
when running against 7.2 or older servers. (jurka)
* fix Retrieve columns' default values from pg_attrdef.adbin rather than \
adsrc because adsrc can get out of date when dependent objects are renamed while \
adbin stays up to date. (jurka) Thanks to Dickson Guedes, Tom Lane.
* fix Fix parsing of integer and long data. Some malformed inputs (only a \
negative sign) got treated as valid data. (jurka) Thanks to Heiiki Linnakangas.
* fix Initialize BatchUpdateExceptions with the SQLState of the SQLException \
that they are wrapping. Code that inspects the SQLStates of SQLExceptions, but \
doesn't unwrap the nested exception will not understand the underlying cause and \
may make incorrect decisions about the severity of the error. (jurka) Thanks to \
Fujii Masao.
Version 8.3-605 (2009-07-01)
* fix The Statement and Connection proxies used for connection pooling code \
relied on the underlying real connection and statement code for equals and \
hashcode support. When the proxies are closed we discard the references to the \
real objects, so we can't rely on them for this support because we'll get a \
NullPointerException. (jurka) Thanks to Radu Buzila.
* fix DatabaseMetaData.getColumns was broken for the JDBC 3 and 4 drivers \
when running against 7.2 or older servers. (jurka)
* fix Retrieve columns' default values from pg_attrdef.adbin rather than \
adsrc because adsrc can get out of date when dependent objects are renamed while \
adbin stays up to date. (jurka) Thanks to Dickson Guedes, Tom Lane.
* fix Fix parsing of integer and long data. Some malformed inputs (only a \
negative sign) got treated as valid data. (jurka) Thanks to Heiiki Linnakangas.
* fix Initialize BatchUpdateExceptions with the SQLState of the SQLException \
that they are wrapping. Code that inspects the SQLStates of SQLExceptions, but \
doesn't unwrap the nested exception will not understand the underlying cause and \
may make incorrect decisions about the severity of the error. (jurka) Thanks to \
Fujii Masao.
|
| 2009-06-14 19:43:27 by Joerg Sonnenberger | Files touched by this commit (120) |
Log message: Remove @dirrm entries from PLISTs |
| 2009-02-18 11:56:09 by David Brownlee | Files touched by this commit (3) |
Log message: Use INSTALLATION_DIRS |
2008-07-16 22:49:30 by David Brownlee | Files touched by this commit (4) |  |
Log message: Added databases/jdbc-postgresql83 version 603 This is a pure Java (Type IV) JDBC driver for the PostgreSQL database. It allows Java programs to connect to a PostgreSQL database using standard, database independent Java code. The driver provides a reasonably complete implementation of the JDBC 3 specification in addition to some PostgreSQL specific extensions. |
New packages: