Subject: CVS commit: [pkgsrc-2017Q2] pkgsrc/databases
From: S.P.Zeidler
Date: 2017-09-13 08:24:07
Message id: 20170913062407.91181FA98@cvs.NetBSD.org
Log Message:
Pullup ticket #5541 - requested by taca
databases/postgresql96: security update
databases/postgresql96-client: security update
databases/postgresql96-docs: security update
databases/postgresql96-server: security update

Revisions pulled up:
- databases/postgresql96-client/Makefile                        1.3
- databases/postgresql96-client/PLIST                           1.3
- databases/postgresql96-docs/PLIST                             1.4
- databases/postgresql96/Makefile.common                        1.4
- databases/postgresql96/distinfo                               1.5
- databases/postgresql96/patches/patch-src_pl_plperl_plperl.h   1.2

-------------------------------------------------------------------
   Module Name:	pkgsrc
   Committed By:	adam
   Date:		Sun Aug 13 19:25:18 UTC 2017

   Modified Files:
   	pkgsrc/databases/postgresql92: Makefile.common distinfo
   	pkgsrc/databases/postgresql92-docs: PLIST
   	pkgsrc/databases/postgresql92/patches: patch-src_pl_plperl_plperl.h
   	pkgsrc/databases/postgresql93: Makefile.common distinfo
   	pkgsrc/databases/postgresql93-docs: PLIST
   	pkgsrc/databases/postgresql93/patches: patch-src_pl_plperl_plperl.h
   	pkgsrc/databases/postgresql94: Makefile.common distinfo
   	pkgsrc/databases/postgresql94-docs: PLIST
   	pkgsrc/databases/postgresql94/patches: patch-src_pl_plperl_plperl.h
   	pkgsrc/databases/postgresql95: Makefile.common distinfo
   	pkgsrc/databases/postgresql95-client: Makefile
   	pkgsrc/databases/postgresql95-docs: PLIST
   	pkgsrc/databases/postgresql95/patches: patch-src_pl_plperl_plperl.h
   	pkgsrc/databases/postgresql96: Makefile.common distinfo
   	pkgsrc/databases/postgresql96-client: Makefile PLIST
   	pkgsrc/databases/postgresql96-docs: PLIST
   	pkgsrc/databases/postgresql96/patches: patch-src_pl_plperl_plperl.h

   Log Message:
   The PostgreSQL Global Development Group has released an update to all \ 
supported versions of our database system, including 9.6.4, 9.5.8, 9.4.13, \ 
9.3.18, and 9.2.22. This release fixes three security issues. It also patches \ 
over 50 other bugs reported over the last three months. Users who are affected \ 
by the below security issues should update as soon as possible. Users affected \ 
by CVE-2017-7547 will need to perform additional steps after upgrading to \ 
resolve the issue. Other users should plan to update at the next convenient \ 
downtime.

   Three security vulnerabilities have been closed by this release:
   * CVE-2017-7546: Empty password accepted in some authentication methods
   * CVE-2017-7547: The "pg_user_mappings" catalog view discloses \ 
passwords to users lacking server privileges
   * CVE-2017-7548: lo_put() function ignores ACLs

   To generate a diff of this commit:
   cvs rdiff -u -r1.3 -r1.4 pkgsrc/databases/postgresql96/Makefile.common
   cvs rdiff -u -r1.4 -r1.5 pkgsrc/databases/postgresql96/distinfo
   cvs rdiff -u -r1.2 -r1.3 pkgsrc/databases/postgresql96-client/Makefile \
       pkgsrc/databases/postgresql96-client/PLIST
   cvs rdiff -u -r1.3 -r1.4 pkgsrc/databases/postgresql96-docs/PLIST
   cvs rdiff -u -r1.1 -r1.2 \
       pkgsrc/databases/postgresql96/patches/patch-src_pl_plperl_plperl.h
Files:
RevisionActionfile
1.3.2.1modifypkgsrc/databases/postgresql96/Makefile.common
1.4.2.1modifypkgsrc/databases/postgresql96/distinfo
1.2.2.1modifypkgsrc/databases/postgresql96-client/Makefile
1.2.2.1modifypkgsrc/databases/postgresql96-client/PLIST
1.3.2.1modifypkgsrc/databases/postgresql96-docs/PLIST
1.1.6.1modifypkgsrc/databases/postgresql96/patches/patch-src_pl_plperl_plperl.h