Subject: CVS commit: pkgsrc/databases
From: Adam Ciarcinski
Date: 2015-10-11 13:24:59
Message id: 20151011112459.2330F98@cvs.netbsd.org

Log Message:
Changes 9.1.19:
Two security issues have been fixed in this release which affect users of \ 
specific PostgreSQL features:

CVE-2015-5289: json or jsonb input values constructed from arbitrary user input \ 
can crash the PostgreSQL server and cause a denial of service.

CVE-2015-5288: The crypt() function included with the optional pgCrypto \ 
extension could be exploited to read a few additional bytes of memory. No \ 
working exploit for this issue has been developed.

Files:
RevisionActionfile
1.27modifypkgsrc/databases/postgresql91/Makefile.common
1.25modifypkgsrc/databases/postgresql91/distinfo
1.21modifypkgsrc/databases/postgresql91-docs/PLIST
1.12modifypkgsrc/databases/postgresql91-server/PLIST