2017-05-24 21:51:14 by Adam Ciarcinski | Files touched by this commit (52) | |
Log message:
Removed databases/postgresql91
|
2016-04-09 14:51:50 by Adam Ciarcinski | Files touched by this commit (90) | |
Log message:
The PostgreSQL Global Development Group has released an update to all supported \
versions of our database system, including 9.5.2, 9.4.7, 9.3.12, 9.2.16, and \
9.1.21. This release fixes two security issues and one index corruption issue in \
version 9.5. It also contains a variety of bug fixes for earlier versions. Users \
of PostgreSQL 9.5.0 or 9.5.1 should update as soon as possible.
This release closes security hole CVE-2016-2193, where a query plan might get \
reused for more than one ROLE in the same session. This could cause the wrong \
set of Row Level Security (RLS) policies to be used for the query.
The update also fixes CVE-2016-3065, a server crash bug triggered by using \
pageinspect with BRIN index pages. Since an attacker might be able to expose a \
few bytes of server memory, this crash is being treated as a security issue.
|
2016-03-05 12:29:49 by Jonathan Perkin | Files touched by this commit (1813) |
Log message:
Bump PKGREVISION for security/openssl ABI bump.
|
2016-02-25 02:06:31 by Tobias Nygren | Files touched by this commit (4) |
Log message:
Update to PostgreSQL 9.1.20 (2016-02-11)
This release fixes two security issues, as well as several bugs found
over the last four months.
CVE-2016-0773 Unicode regular expression buffer overflow
CVE-2016-0766 PL/Java privilege escalation
|
2014-02-23 12:25:54 by Adam Ciarcinski | Files touched by this commit (89) | |
Log message:
Changes:
This update fixes CVE-2014-0060, in which PostgreSQL did not properly enforce \
the WITH ADMIN OPTION permission for ROLE management.
This update also fixes some issues which affect binary replication and row \
locking, and can cause recoverable data corruption in some cases.
In addition to the above, the following issues are fixed in this release:
Fix WAL logging of visibility map change
Make sure that GIN indexes log all insertions
Get pause_at_recovery_target to pause at correct time
Ensure walreceiver sends hot-standby feedback messages on time
Prevent timeout interrupts from taking control away from mainline code
Eliminate several race conditions
Fix some broken HINTs in error messages
Prevent server lockup on SSL connection loss
Fix two Unicode handling issues
Prevent crash on certain subselect syntax
Prevent crash on select from zero column table
Fix two bugs with LATERAL
Fix issue with UNION ALL, partitioning, and updates
Ensure that ANALYZE understands domains over ranges
Eliminate permissions check when using default tablespace
Fix memory leakage in JSON functions
Allow extensions with event triggers
Distinguish numbers correctly in JSON output
Fix permissions for pg_start_backup() and pg_stop_backup()
Accept SHIFT_JIS as locale name
Fix .* expansion for SQL function variables
Prevent infinite loop on some COPY connection failures
Several fixes for client issues on Windows
Enable building PostgreSQL with Visual Studio 2013
Update time zone files for recent changes
|
2014-02-13 00:18:57 by Matthias Scheler | Files touched by this commit (1568) |
Log message:
Recursive PKGREVISION bump for OpenSSL API version bump.
|
2013-12-03 00:08:55 by Benny Siegert | Files touched by this commit (8) |
Log message:
Now all of the postgresql packages should compile on MirBSD.
|
2013-07-15 04:02:29 by Ryo ONODERA | Files touched by this commit (177) |
Log message:
* .include "../../devel/readline/buildlink3.mk" with USE_GNU_READLINE=yes
are replaced with .include "../../devel/readline/buildlink3.mk", and
USE_GNU_READLINE are removed,
* .include "../../devel/readline/buildlink3.mk" without USE_GNU_READLINE
are replaced with .include "../../mk/readline.buildlink3.mk".
|
2013-02-09 12:19:19 by Adam Ciarcinski | Files touched by this commit (86) | |
Log message:
The PostgreSQL Global Development Group has released a security update to all \
current versions of the PostgreSQL database system, including versions 9.2.3, \
9.1.8, 9.0.12, 8.4.16, and 8.3.23. This update fixes a denial-of-service (DOS) \
vulnerability. All users should update their PostgreSQL installations as soon as \
possible.
The security issue fixed in this release, CVE-2013-0255, allows a previously \
authenticated user to crash the server by calling an internal function with \
invalid arguments. This issue was discovered by independent security researcher \
Sumit Soni this week and reported via Secunia SVCRP, and we are grateful for \
their efforts in making PostgreSQL more secure.
Today's update also fixes a performance regression which caused a decrease in \
throughput when using dynamic queries in stored procedures in version 9.2. \
Applications which use PL/pgSQL's EXECUTE are strongly affected by this \
regression and should be updated. Additionally, we have fixed intermittent \
crashes caused by CREATE/DROP INDEX CONCURRENTLY, and multiple minor issues with \
replication.
This release is expected to be the final update for version 8.3, which is now \
End-of-Life (EOL). Users of version 8.3 should plan to upgrade to a later \
version of PostgreSQL immediately. For more information, see our Versioning \
Policy.
This update release also contains fixes for many minor issues discovered and \
patched by the PostgreSQL community in the last two months, including:
* Prevent unnecessary table scans during vacuuming
* Prevent spurious cached plan error in PL/pgSQL
* Allow sub-SELECTs to be subscripted
* Prevent DROP OWNED from dropping databases or tablespaces
* Make ECPG use translated messages
* Allow PL/Python to use multi-table trigger functions (again) in 9.1 and 9.2
* Fix several activity log management issues on Windows
* Prevent autovacuum file truncation from being cancelled by deadlock_timeout
* Make extensions build with the .exe suffix automatically on Windows
* Fix concurrency issues with CREATE/DROP DATABASE
* Reject out-of-range values in to_date() conversion function
* Revert cost estimation for large indexes back to pre-9.2 behavior
* Make pg_basebackup tolerate timeline switches
* Cleanup leftover temp table entries during crash recovery
* Prevent infinite loop when COPY inserts a large tuple into a table with a \
large fillfactor
* Prevent integer overflow in dynahash creation
* Make pg_upgrade work with INVALID indexes
* Fix bugs in TYPE privileges
* Allow Contrib installchecks to run in their own databases
* Many documentation updates
* Add new timezone "FET".
|
2013-02-07 00:24:19 by Jonathan Perkin | Files touched by this commit (1351) | |
Log message:
PKGREVISION bumps for the security/openssl 1.0.1d update.
|