ea28815591
A major security issue fixed in this release, CVE-2013-1899, makes it possible for a connection request containing a database name that begins with "-" to be crafted that can damage or destroy files within a server's data directory. Anyone with access to the port the PostgreSQL server listens on can initiate this request. Two lesser security fixes are also included in this release: CVE-2013-1900, wherein random numbers generated by contrib/pgcrypto functions may be easy for another database user to guess, and CVE-2013-1901, which mistakenly allows an unprivileged user to run commands that could interfere with in-progress backups. Finally, this release fixes two security issues with the graphical installers for Linux and Mac OS X: insecure passing of superuser passwords to a script, CVE-2013-1903 and the use of predictable filenames in /tmp CVE-2013-1902.
110 lines
3.7 KiB
Text
110 lines
3.7 KiB
Text
# $NetBSD: Makefile.common,v 1.26 2013/04/04 21:08:32 adam Exp $
|
|
#
|
|
# used by databases/postgresql84-adminpack/Makefile
|
|
# used by databases/postgresql84-client/Makefile
|
|
# used by databases/postgresql84-dblink/Makefile
|
|
# used by databases/postgresql84-pgcrypto/Makefile
|
|
# used by databases/postgresql84-plperl/Makefile
|
|
# used by databases/postgresql84-plpython/Makefile
|
|
# used by databases/postgresql84-pltcl/Makefile
|
|
# used by databases/postgresql84-server/Makefile
|
|
#
|
|
# This Makefile fragment is included by all PostgreSQL packages built from
|
|
# the main sources of the PostgreSQL distribution except jdbc-postgresql.
|
|
#
|
|
# The PostgreSQL package naming scheme, aside from the obvious piecewise
|
|
# packages, is as follows:
|
|
# <lang>-postgresql client-side interface to PostgreSQL
|
|
# postgresql-<lang> server-side module for PostgreSQL backend
|
|
|
|
DISTNAME= postgresql-8.4.17
|
|
CATEGORIES= databases
|
|
MASTER_SITES= ${MASTER_SITE_PGSQL:=source/v${PKGVERSION_NOREV}/}
|
|
EXTRACT_SUFX= .tar.bz2
|
|
|
|
MAINTAINER?= adam@NetBSD.org
|
|
HOMEPAGE= http://www.postgresql.org/
|
|
LICENSE= postgresql-license
|
|
|
|
CONFLICTS+= postgresql-[0-9]*
|
|
CONFLICTS+= postgresql7[0-9]-*
|
|
CONFLICTS+= postgresql8[0-3]-*
|
|
CONFLICTS+= postgresql9[0-9]-*
|
|
|
|
.if !empty(PKGNAME:M*-*-*)
|
|
module= ${PKGNAME:C/-[0-9].*$//:C/^.*-//}
|
|
CONFLICTS+= postgresql8[0-35-9]-${module}-[0-9]*
|
|
CONFLICTS+= postgresql9[0-9]-${module}-[0-9]*
|
|
.endif
|
|
|
|
DISTINFO_FILE?= ${.CURDIR}/../postgresql84/distinfo
|
|
COMMON_FILESDIR?= ${.CURDIR}/../postgresql84/files
|
|
PATCHDIR?= ${.CURDIR}/../postgresql84/patches
|
|
|
|
USE_PKGLOCALEDIR= yes
|
|
USE_TOOLS+= bison gmake lex msgfmt
|
|
PKG_SYSCONFSUBDIR= postgresql
|
|
|
|
.include "../../mk/bsd.prefs.mk"
|
|
|
|
PG_TEMPLATE.SunOS= solaris
|
|
PG_TEMPLATE.IRIX= irix5
|
|
.if !defined(PG_TEMPLATE.${OPSYS})
|
|
PG_TEMPLATE.${OPSYS}= ${LOWER_OPSYS}
|
|
.endif
|
|
|
|
GNU_CONFIGURE= yes
|
|
CONFIGURE_ARGS+= --sysconfdir=${PKG_SYSCONFDIR}
|
|
CONFIGURE_ARGS+= --datadir=${PREFIX}/share/postgresql
|
|
CONFIGURE_ARGS+= --localedir=${PREFIX}/${PKGLOCALEDIR}/locale
|
|
CONFIGURE_ARGS+= --with-template=${PG_TEMPLATE.${OPSYS}}
|
|
|
|
CONFIGURE_ARGS+= --enable-nls
|
|
CONFIGURE_ARGS+= --without-perl
|
|
CONFIGURE_ARGS+= --without-python
|
|
CONFIGURE_ARGS+= --without-readline
|
|
CONFIGURE_ARGS+= --without-tcl
|
|
CONFIGURE_ARGS+= --without-zlib
|
|
|
|
# PGSQL_BLCKSZ is the size in bytes of a PostgreSQL disk page or block.
|
|
# This also limits the size of a tuple. The valid values are powers
|
|
# of 2 up to 32768, and the default size is 8196. Please don't change
|
|
# this value unless you know what you are doing.
|
|
BUILD_DEFS+= PGSQL_BLCKSZ
|
|
.if defined(PGSQL_BLCKSZ)
|
|
CONFIGURE_ARGS+= --with-blocksize=${PGSQL_BLCKSZ}
|
|
.endif
|
|
|
|
# PostgreSQL explicitly forbids any use of -ffast-math
|
|
BUILDLINK_TRANSFORM+= rm:-ffast-math
|
|
|
|
# USE_LIBLTDL is "yes" or "no" depending on whether we're using libltdl
|
|
# to provide "dlopen" functionality for the PostgreSQL backend.
|
|
.if ${OPSYS} == "Interix"
|
|
USE_LIBLTDL?= yes
|
|
.endif
|
|
USE_LIBLTDL?= no
|
|
|
|
.include "../../devel/gettext-lib/buildlink3.mk"
|
|
LIBS.SunOS+= -lintl
|
|
|
|
.if !defined(META_PACKAGE)
|
|
post-extract:
|
|
. if !empty(USE_LIBLTDL:M[yY][eE][sS])
|
|
cp -f ${COMMON_FILESDIR}/dynloader-ltdl.h \
|
|
${WRKSRC}/src/backend/port/dynloader/${PG_TEMPLATE.${OPSYS}:Q}.h
|
|
${ECHO} "static int dummy = 0;" \
|
|
> ${WRKSRC}/src/backend/port/dynloader/${PG_TEMPLATE.${OPSYS}:Q}.c
|
|
. endif
|
|
touch ${WRKSRC}/src/template/dragonfly
|
|
cp ${WRKSRC}/src/backend/port/dynloader/freebsd.c \
|
|
${WRKSRC}/src/backend/port/dynloader/dragonfly.c
|
|
cp ${WRKSRC}/src/backend/port/dynloader/freebsd.h \
|
|
${WRKSRC}/src/backend/port/dynloader/dragonfly.h
|
|
cp ${WRKSRC}/src/include/port/freebsd.h \
|
|
${WRKSRC}/src/include/port/dragonfly.h
|
|
cp ${WRKSRC}/src/makefiles/Makefile.freebsd \
|
|
${WRKSRC}/src/makefiles/Makefile.dragonfly
|
|
.endif
|
|
|
|
.include "../../databases/postgresql84/options.mk"
|