Log message:
The PostgreSQL Global Development Group has released a security update to all \ 
current versions of the PostgreSQL database system, including versions 9.2.4, \ 
9.1.9, 9.0.13, and 8.4.17. This update fixes a high-exposure security \ 
vulnerability in versions 9.0 and later. All users of the affected versions are \ 
strongly urged to apply the update immediately.

A major security issue fixed in this release, CVE-2013-1899, makes it possible \ 
for a connection request containing a database name that begins with \ 
"-" to be crafted that can damage or destroy files within a server's \ 
data directory. Anyone with access to the port the PostgreSQL server listens on \ 
can initiate this request.

Two lesser security fixes are also included in this release: CVE-2013-1900, \ 
wherein random numbers generated by contrib/pgcrypto functions may be easy for \ 
another database user to guess, and CVE-2013-1901, which mistakenly allows an \ 
unprivileged user to run commands that could interfere with in-progress backups. \ 
Finally, this release fixes two security issues with the graphical installers \ 
for Linux and Mac OS X: insecure passing of superuser passwords to a script, \ 
CVE-2013-1903 and the use of predictable filenames in /tmp CVE-2013-1902.

Log message:
The PostgreSQL Global Development Group has released a security update to all \ 
current versions of the PostgreSQL database system, including versions 9.2.3, \ 
9.1.8, 9.0.12, 8.4.16, and 8.3.23. This update fixes a denial-of-service (DOS) \ 
vulnerability. All users should update their PostgreSQL installations as soon as \ 
possible.

The security issue fixed in this release, CVE-2013-0255, allows a previously \ 
authenticated user to crash the server by calling an internal function with \ 
invalid arguments. This issue was discovered by independent security researcher \ 
Sumit Soni this week and reported via Secunia SVCRP, and we are grateful for \ 
their efforts in making PostgreSQL more secure.

Today's update also fixes a performance regression which caused a decrease in \ 
throughput when using dynamic queries in stored procedures in version 9.2. \ 
Applications which use PL/pgSQL's EXECUTE are strongly affected by this \ 
regression and should be updated. Additionally, we have fixed intermittent \ 
crashes caused by CREATE/DROP INDEX CONCURRENTLY, and multiple minor issues with \ 
replication.

This release is expected to be the final update for version 8.3, which is now \ 
End-of-Life (EOL). Users of version 8.3 should plan to upgrade to a later \ 
version of PostgreSQL immediately. For more information, see our Versioning \ 
Policy.

This update release also contains fixes for many minor issues discovered and \ 
patched by the PostgreSQL community in the last two months, including:

* Prevent unnecessary table scans during vacuuming
* Prevent spurious cached plan error in PL/pgSQL
* Allow sub-SELECTs to be subscripted
* Prevent DROP OWNED from dropping databases or tablespaces
* Make ECPG use translated messages
* Allow PL/Python to use multi-table trigger functions (again) in 9.1 and 9.2
* Fix several activity log management issues on Windows
* Prevent autovacuum file truncation from being cancelled by deadlock_timeout
* Make extensions build with the .exe suffix automatically on Windows
* Fix concurrency issues with CREATE/DROP DATABASE
* Reject out-of-range values in to_date() conversion function
* Revert cost estimation for large indexes back to pre-9.2 behavior
* Make pg_basebackup tolerate timeline switches
* Cleanup leftover temp table entries during crash recovery
* Prevent infinite loop when COPY inserts a large tuple into a table with a \ 
large fillfactor
* Prevent integer overflow in dynahash creation
* Make pg_upgrade work with INVALID indexes
* Fix bugs in TYPE privileges
* Allow Contrib installchecks to run in their own databases
* Many documentation updates
* Add new timezone "FET".

Log message:
PKGREVISION bumps for the security/openssl 1.0.1d update.

Log message:
This release fixes a significant page ordering issue with Hot Standby which \ 
could cause index corruption on the standby under some circumstances. In \ 
addition, this update patches timing issues with checkpoint and transaction ID \ 
wraparound which could cause data corruption in some cases. Today's update also \ 
fixes multiple issues with CREATE INDEX CONCURRENTLY and DROP INDEX \ 
CONCURRENTLY, which can cause those commands to fail or produce corrupt indexes. \ 
Users who use this feature may want to REINDEX or recreate affected indexes (see \ 
below).

This update release also contains fixes for many minor issues discovered and \ 
patched by the PostgreSQL community in the last month, including several fixes \ 
which are specific to version 9.2. These include:

* Prevent psql crash due to incorrectly encoded input data
* Fix pg_regress gmake build issues
* Make sure correct directory is created for extensions
* Fix some issues with buffer locks and VACUUM
* Multiple fixes and improvements for pg_upgrade
* Fix bugs with end-of-recovery when failing over to a standby
* Avoid bogus "out-of-sequence timeline ID" errors in standby-mode
* Don't launch new child processes during shutdown
* Improve the ability of JOINs to use partial indexes
* Fix assorted integer overflow errors
* Eliminate memory leaks in record_out() and record_send()
* Skip searching for subtransaction logs at COMMIT
* Fix WaitLatch() timing issues
* Fix handling of inherited check constraints in ALTER COLUMN TYPE
* Make ALTER EXTENSION SET SCHEMA behave as documented
* Have SEQUENCE SET statements in the "data" section of sectional dumps
* Prevent parser from believing that VIEWs have system columns
* Fix --clean mode for pg_dump
* Prevent hash table corruption on out-of-memory
* Various query planner and executor fixes and improvements
* Multiple documentation updates
* DST updates for seven timezones

Log message:
The PostgreSQL Global Development Group announces PostgreSQL 9.2, the latest \ 
release of the leader in open source databases. Since the beta release was \ 
announced in May, developers and vendors have praised it as a leap forward in \ 
performance, scalability and flexibility. Users are expected to switch to this \ 
version in record numbers.

PostgreSQL 9.2 will ship with native JSON support, covering indexes, replication \ 
and performance improvements, and many more features. We are eagerly awaiting \ 
this release and will make it available in Early Access as soon as it’s \ 
released by the PostgreSQL community," said Ines Sombra, Lead Data \ 
Engineer, Engine Yard.