freebsd-ports/databases/postgresql90-client
Palle Girgensohn 0642ae4b77 Update PostgreSQL port to latest version.
Two security issues have been fixed in this release which affect users
of specific PostgreSQL features:

CVE-2015-5289: json or jsonb input values constructed from arbitrary
user input can crash the PostgreSQL server and cause a denial of
service.

CVE-2015-5288: The crypt( function included with the optional pgCrypto
extension could be exploited to read a few additional bytes of memory.
No working exploit for this issue has been developed.

This update will also disable SSL renegotiation by default;
previously, it was enabled by default.   SSL renegotiation will be
removed entirely in PostgreSQL versions 9.5 and later.

URL:		http://www.postgresql.org/about/news/1615/
Security:	CVE-2015-5288 CVE-2015-5289
2015-10-08 21:25:01 +00:00
..
Makefile Update PostgreSQL port to latest version. 2015-10-08 21:25:01 +00:00