Updates for all maintained versions of PostgreSQL are available today:
8.3.3, 8.2.9, 8.1.13, 8.0.17 and 7.4.21. These releases fix more than
two dozen minor issues reported and patched over the last few months.
All PostgreSQL users should plan to update at their earliest
convenience. People in affected time zones, in particular, should
upgrade as soon as possible.
Release Notes:
http://www.postgresql.org/docs/8.3/static/release.html
Also, fix umask error in periodic script [1].
PR: ports/124457 [1]
Submitted by: Alexandre Perrin
The affected ports are the ones with gettext as a run-dependency
according to ports/INDEX-7 (5007 of them) and the ones with USE_GETTEXT
in Makefile (29 of them).
PR: ports/124340
Submitted by: edwin@
Approved by: portmgr (pav)
This includes a bunch of security fixes: CVE-2007-6067, CVE-2007-4772,
CVE-2007-6601, CVE-2007-6600 and CVE-2007-4769.
Security: http://www.postgresql.org/about/news.905
The recent security release (8.0.11, 8.1.7, 8.2.2) has been withdrawn.
It contained an issue which causes error with custom data types, type
constraints and expression indexes. These upgrades fix the problem.
A vulnerability allows suppressing the normal checks that a SQL
function returns the data type it's declared to do. These errors can
easily be exploited to cause a backend crash, and in principle might
be used to read database content that the user should not be able to
access. [CVE-2007-0555]
A vulnerability involving changing the data type of a table column
can easily be exploited to cause a backend crash, and in principle
might be used to read database content that the user should not be
able to access. [CVE-2007-0556]
The release includes a set of other fixes as well. Please see the
release information at
http://www.postgresql.org/docs/8.1/static/release.html#RELEASE-8-1-7
Security: http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-0555
Security: http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-0556
The PostgreSQL Global Development Group today released versions 8.1.4, 8.0.8,
7.4.13 and 7.3.15. This is an urgent update to close a security hole which
can permit a SQL injection attack on some applications running PostgreSQL.
Users are urged to apply the update as soon as reasonably possible. Since the
update affects client functionality, most driver projects will be updating
this week as well.
Because the security issue involved is complex, we have added a section in
Techdocs to explain it: http://www.postgresql.org/docs/techdocs.52. Please
read this first before applying the updates.
Also, fix rc_subr startup problems on FreeBSD-7.x.
Security: http://www.postgresql.org/docs/techdocs.50
PR: ports/95154
We have not checked for this KEYWORD for a long time now, so this
is a complete noop, and thus no PORTREVISION bump. Removing it at
this point is mostly for pedantic reasons, and partly to avoid
perpetuating this anachronism by copy and paste to future scripts.
A critical fix repairs an error in ReadBuffer that can cause data loss
due to overwriting recently-added pages. This applies to the 8.1 and
8.0 branches on all platforms.
Note that this update might require a reindex of textual columns under
certain conditions; please see UPDATING.
Other fixes included are:
-- Character string locale comparison bug. This may require a REINDEX
on text column indexes in some locales, such as Hungarian.
-- Prevent accidental changes of locale by plperl
-- Two fixes for Japanese encodings
-- Two fixes for COPY CSV
-- Fixes for functions returning RECORD
-- Fixes to autovacuum, dblink and pgcrypto
"start" when booting, since there's no need waste time checking for
running processes when the OS is starting up.
Bumping portrevision.
PR: 90884
Submitted by: Victor Snezhko <snezhko@indorsoft.ru>
in bsd.autotools.mk essentially makes this a no-op given that all the
old variables set a USE_AUTOTOOLS_COMPAT variable, which is parsed in
exactly the same way as USE_AUTOTOOLS itself.
Moreover, USE_AUTOTOOLS has already been extensively tested by the GNOME
team -- all GNOME 2.12.x ports use it.
Preliminary documentation can be found at:
http://people.FreeBSD.org/~ade/autotools.txt
which is in the process of being SGMLized before introduction into the
Porters Handbook.
Light blue touch-paper. Run.
installed from ports. The base heimdal distribution installs libraries
that have no depenency information. While this is quite correct, it
means that each library that links with libpq.so must also know if
libpq.so is linked with libkrb.so et al. Problem is, there's no good
way to get this information (pg_config has a --libs option starting at
version 8.1) and all ports using postgresql must be changed to make it
possible to link with a libpq.so that was configured to use the
Kerberos implementation installed in /usr by default. Hence, we
require one of the ports (heimdal or krb5) if postgresql is to be
linked with Kerberos. At least for now, until we can fix this in some
better way.
Also, if MIT Kerberos (security/krb5) is installed, users should
ideally remove the base heimdal installation so linkers will not pick
it up in preference to the krb5 libs (base heimdal has higher version
numbers than krb5 port).
PR: 80869, 88098, 85178
The new release includes performance improvements and advanced SQL
features which will support bigger data warehouses, higher-volume
transaction processing, and more complex distributed enterprise
software.
Major new features in this release include:
Roles:
PostgreSQL now supports database roles, which simplify the
management of large numbers of users with complex
overlapping database rights.
IN/OUT Parameters:
PostgreSQL functions now support IN, OUT and INOUT
parameters, which substantially improves support of complex
business logic for J2EE and .NET applications.
Two-Phase Commit (2PC):
Long in demand for WAN applications and heterogeneous data
centers using PostgreSQL, this feature allows
ACID-compliant transactions across widely separated
servers.
Some Performance Enhancements found in this release include:
Improved Multiprocessor (SMP) Performance:
The buffer manager for 8.1 has been enhanced to scale almost
linearly with the number of processors, leading to significant
performance gains on 8-way, 16-way, dual-core, and multi-core
CPU servers.
Bitmap Scan:
Indexes will be dynamically converted to bitmaps in memory when
appropriate, giving up to twenty times faster index performance
on complex queries against very large tables.
Table Partitioning:
The query planner is now able to avoid scanning whole sections
of a large table using a technique known as Constraint
Exclusion.
Shared Row Locking:
PostgreSQL's "better than row-level locking" now supports even
higher levels of concurrency through the addition of shared
row locks for foreign keys.
For a more complete listing of changes in this release, please see the
Release Notes visible at:
http://www.postgresql.org/docs/current/static/release.html#RELEASE-8-1
installed, the patched gram.y file would not be used and the security
patch would be a no-op. Also, I've had reports of compilation errors
related to bison.
Since checking for the correct version of bison is hard and error
prone, I'm doing what the postgresql distribution does - patching the
yacc:ed .c file to get rid of the building dependency.
Bumping portrevision of -server.
Pointy hat to: me
Noticed by: Mike Harding and others
Security: http://www.vuxml.org/freebsd/6b4b0b3f-8127-11d9-a9e7-0001020eed82.html
Approved by: seanc (implicit)
Over the past several weeks, Tom Lane has been working on replacing
our old Cache Management Alorithm (ARC) with a new, patent free one
(2Q).
In order to reduce the number of 8.x deployments out there that are
using the old manager, we have just released 8.0.2, and encourage
adminstrators to upgrade at their earliest convience.
For those already running 8.x on your production servers, please
note that this upgrade does *NOT* require a dump restore, but due to
a bump in the major version number for the client library (libpq),
it *WILL* require all client applications to be recompiled at the
same time.
For full release info, see
http://www.postgresql.org/docs/8.0/static/release.html#RELEASE-8-0-2
Apart from the upgrade, three new config options are added:
A patch (experimental) for supporting proper collation
of utf-8 encoded locales, using IBM's ICU package (devel/icu). See
http://people.freebsd.org/~girgen/postgresql-icu/README.html for more
info.
An optional patch written by Evgen Potemkin, which allows
PostgreSQL to make hierarchical queries à la Oracle [1].
An option is added that allows the use of 64 bit ints to
store dates [2].
PR: ports/79165 [1], ports/76999 [2]
Submitted by: Marcos Tischer Vallim [1], Christian Ullrich [2]
Approved by: ade, seanc (implicit)
add support to select login class for running postgresql [2].
The new startup script, using rc.subr, is now installed for all
versions of postgresql. Bump portrevisions, since startup script is
modified.
PR: 78630 [1]
Submitted by: Vivek Khera [1]
Submitted by: Brian B. [2]
Approved by: seanc (implicit)
installed, the patched gram.y file would not be used and the security
patch would be a no-op. Also, I've had reports of compilation errors
related to bison.
Since checking for the correct version of bison is hard and error
prone, I'm doing what the postgresql distribution does - patching the
yacc:ed .c file to get rid of the building dependency.
Bumping portrevision of -server.
Pointy hat to: me
Noticed by: Mike Harding and others
Security: http://www.vuxml.org/freebsd/6b4b0b3f-8127-11d9-a9e7-0001020eed82.html
Approved by: seanc (implicit)
