The recent security release (8.0.11, 8.1.7, 8.2.2) has been withdrawn.
It contained an issue which causes error with custom data types, type
constraints and expression indexes. These upgrades fix the problem.
A vulnerability allows suppressing the normal checks that a SQL
function returns the data type it's declared to do. These errors can
easily be exploited to cause a backend crash, and in principle might
be used to read database content that the user should not be able to
access. [CVE-2007-0555]
A vulnerability involving changing the data type of a table column
can easily be exploited to cause a backend crash, and in principle
might be used to read database content that the user should not be
able to access. [CVE-2007-0556]
The release includes a set of other fixes as well. Please see the
release information at
http://www.postgresql.org/docs/8.0/static/release.html#RELEASE-8-0-11
Security: http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-0555
Security: http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-0556
The PostgreSQL Global Development Group today released versions 8.1.4, 8.0.8,
7.4.13 and 7.3.15. This is an urgent update to close a security hole which
can permit a SQL injection attack on some applications running PostgreSQL.
Users are urged to apply the update as soon as reasonably possible. Since the
update affects client functionality, most driver projects will be updating
this week as well.
Because the security issue involved is complex, we have added a section in
Techdocs to explain it: http://www.postgresql.org/docs/techdocs.52. Please
read this first before applying the updates.
Also, fix rc_subr startup problems on FreeBSD-7.x.
Security: http://www.postgresql.org/docs/techdocs.50
PR: ports/95154
We have not checked for this KEYWORD for a long time now, so this
is a complete noop, and thus no PORTREVISION bump. Removing it at
this point is mostly for pedantic reasons, and partly to avoid
perpetuating this anachronism by copy and paste to future scripts.
A critical fix repairs an error in ReadBuffer that can cause data loss
due to overwriting recently-added pages. This applies to the 8.1 and
8.0 branches on all platforms.
Note that this update might require a reindex of textual columns under
certain conditions; please see UPDATING.
Other fixes included are:
-- Character string locale comparison bug. This may require a REINDEX
on text column indexes in some locales, such as Hungarian.
-- Prevent accidental changes of locale by plperl
-- Two fixes for Japanese encodings
-- Two fixes for COPY CSV
-- Fixes for functions returning RECORD
-- Fixes to autovacuum, dblink and pgcrypto
"start" when booting, since there's no need waste time checking for
running processes when the OS is starting up.
Bumping portrevision.
PR: 90884
Submitted by: Victor Snezhko <snezhko@indorsoft.ru>
in bsd.autotools.mk essentially makes this a no-op given that all the
old variables set a USE_AUTOTOOLS_COMPAT variable, which is parsed in
exactly the same way as USE_AUTOTOOLS itself.
Moreover, USE_AUTOTOOLS has already been extensively tested by the GNOME
team -- all GNOME 2.12.x ports use it.
Preliminary documentation can be found at:
http://people.FreeBSD.org/~ade/autotools.txt
which is in the process of being SGMLized before introduction into the
Porters Handbook.
Light blue touch-paper. Run.
installed from ports. The base heimdal distribution installs libraries
that have no depenency information. While this is quite correct, it
means that each library that links with libpq.so must also know if
libpq.so is linked with libkrb.so et al. Problem is, there's no good
way to get this information (pg_config has a --libs option starting at
version 8.1) and all ports using postgresql must be changed to make it
possible to link with a libpq.so that was configured to use the
Kerberos implementation installed in /usr by default. Hence, we
require one of the ports (heimdal or krb5) if postgresql is to be
linked with Kerberos. At least for now, until we can fix this in some
better way.
Also, if MIT Kerberos (security/krb5) is installed, users should
ideally remove the base heimdal installation so linkers will not pick
it up in preference to the krb5 libs (base heimdal has higher version
numbers than krb5 port).
PR: 80869, 88098, 85178
installed, the patched gram.y file would not be used and the security
patch would be a no-op. Also, I've had reports of compilation errors
related to bison.
Since checking for the correct version of bison is hard and error
prone, I'm doing what the postgresql distribution does - patching the
yacc:ed .c file to get rid of the building dependency.
Bumping portrevision of -server.
Pointy hat to: me
Noticed by: Mike Harding and others
Security: http://www.vuxml.org/freebsd/6b4b0b3f-8127-11d9-a9e7-0001020eed82.html
Approved by: seanc (implicit)
Over the past several weeks, Tom Lane has been working on replacing
our old Cache Management Alorithm (ARC) with a new, patent free one
(2Q).
In order to reduce the number of 8.x deployments out there that are
using the old manager, we have just released 8.0.2, and encourage
adminstrators to upgrade at their earliest convience.
For those already running 8.x on your production servers, please
note that this upgrade does *NOT* require a dump restore, but due to
a bump in the major version number for the client library (libpq),
it *WILL* require all client applications to be recompiled at the
same time.
For full release info, see
http://www.postgresql.org/docs/8.0/static/release.html#RELEASE-8-0-2
Apart from the upgrade, three new config options are added:
A patch (experimental) for supporting proper collation
of utf-8 encoded locales, using IBM's ICU package (devel/icu). See
http://people.freebsd.org/~girgen/postgresql-icu/README.html for more
info.
An optional patch written by Evgen Potemkin, which allows
PostgreSQL to make hierarchical queries à la Oracle [1].
An option is added that allows the use of 64 bit ints to
store dates [2].
PR: ports/79165 [1], ports/76999 [2]
Submitted by: Marcos Tischer Vallim [1], Christian Ullrich [2]
Approved by: ade, seanc (implicit)
add support to select login class for running postgresql [2].
The new startup script, using rc.subr, is now installed for all
versions of postgresql. Bump portrevisions, since startup script is
modified.
PR: 78630 [1]
Submitted by: Vivek Khera [1]
Submitted by: Brian B. [2]
Approved by: seanc (implicit)
installed, the patched gram.y file would not be used and the security
patch would be a no-op. Also, I've had reports of compilation errors
related to bison.
Since checking for the correct version of bison is hard and error
prone, I'm doing what the postgresql distribution does - patching the
yacc:ed .c file to get rid of the building dependency.
Bumping portrevision of -server.
Pointy hat to: me
Noticed by: Mike Harding and others
Security: http://www.vuxml.org/freebsd/6b4b0b3f-8127-11d9-a9e7-0001020eed82.html
Approved by: seanc (implicit)
Prevent overrunning a heap-allocated buffer if more than 1024
parameters to a refcursor declaration are specified. This is a
minimally-invasive fix for the buffer overrun.
Define LATEST_LINK to avoid package name clashes between the different
branches of PostgreSQL. [1] (Since postgresql-tcltk is hardwired to
branch 7.4, keep its LATEST_LINK to a generic value.)
Set UNIQUENAME and let it be the same for server & client, so each
branch's ports will share the same options file. This adds some no-op
knobs to the -client port, but IMO it is better this way.
Add space inside paranthesis in OSVERSION conditional to work around
(ancient) make bug. [2]
Remove the Rendez-Vouz knob for 8.0 since I can't find the software
needed to even compile it on FreeBSD.
Bump portrevision (for -server only).
Noted by: kris [1]
PR: ports/77530 [2]
Security: http://www.vuxml.org/freebsd/6b4b0b3f-8127-11d9-a9e7-0001020eed82.html
Approved by: seanc (mentor)
the "LOAD" option, the PostgreSQL Global Development Group is
announcing the release of new versions of PostgreSQL.
Update to 7.3.9, 7.4.7 & 8.0.1.
Take the opportunity to reset PORTREVISION of slave ports.
Back out name change of startup script. The new script uses rc.subr(8),
and as such also uses rcorder(8). But, rcorder does not exist in FreeBSD
4.x. Hence rename the script it back to the top of the directory
list. [1]
The periodic script should of course be executable. [2]
[1] Noted by Niels Chr. Bank-Pedersen <ncbp at bank-pedersen dot dk>
[2] Noted by Fritz Heinrichmeyer <fritz.heinrichmeyer at fernuni-hagen dot de>
are savepoints (within transactions), point-in-time recovery and
tablespaces. Check out the release notes and the shiny new
PostgreSQL.org website at:
http://www.PostgreSQL.org/docs/8.0/static/release.html#RELEASE-8-0
The port uses the new postgresql ports' layout and is split into a
server and a client part. The following knobs can be used by ports
depending on PostgreSQL:
# USE_PGSQL - Add PostgreSQL client dependency.
# If no version is given (by the maintainer via the port or
# by the user via defined variable), try to find the
# currently installed version. Fall back to default if
# necessary (PostgreSQL-7.4 = 74).
# DEFAULT_PGSQL_VER
# - PostgreSQL default version. Can be overridden within a port.
# Default: 74.
# WANT_PGSQL_VER
# - Maintainer can set an arbitrary version of PostgreSQL by
# using it.
# BROKEN_WITH_PGSQL
# - This variable can be defined if the ports doesn't support
# one or more versions of PostgreSQL.
PR: 75344
Approved by: portmgr@ (kris), ade & sean (mentors)
stuffing the 8.0.0 release in here for the time being. Port epoch bumped
because 8.0.rc* is greater than 8.0.0. A note from UPDATING to people who
want to use 8.0.0 via -devel in production:
The -devel port has been updated to contain 8.0 release since
postgresql80-server can not be updated until 4.11 is released and the
changes in PR ports/75344 are committed. Users who need 8.0 now can
use the -devel port, however, once postgresql80-server has been
committed, -devel will begin tracking 8.1. Please be smart about
tracking ports and if used in production, update to
databases/postgresql80-server as soon as it becomes available. No
dump/reload will be required when changing from -devel to
postgresql80-server.
Check out the release notes and the shiny new PostgreSQL.org website at:
http://www.PostgreSQL.org/docs/8.0/static/release.html#RELEASE-8-0
Note that none of these ports are (yet) hooked into the tree,
and will not compile unless you set a specific environmental
variable. This should be warning enough to leave well alone
for now :)
Submitted by: maintainer
advisories in http://www.postgresql.org/news/234.html
Note that postgresql 7.2.x is NOT being updated here since it is
due for termination real soon now.
Submitted by: maintainer, also referenced in ports/73142 (no patch)
* Prevent possible loss of committed transactions during crash
* Repair possible crash during concurrent btree index insertions
PR: 71176
Submitted by: SUGIMURA Takashi <sugimura@jp.FreeBSD.org>
Reviewed by: Palle Girgensohn <girgen@pingpong.net> (maintainer)
Release notes available at http://www.postgresql.org/news/173.html
NOTICE: unlike most minor versions, this version does require
some updates to the pg_* system tables. Full instructions for
how to do this are included in the full HISTORY file.
DO NOT UPGRADE WITHOUT READING THESE INSTRUCTIONS.
SIZEfy.
Submitted by: Palle Girgensohn <girgen@pingpong.net> (maintainer)
PR: 64105
