supported versions of our database system, including 9.6.5, 9.5.9,
9.4.14, 9.3.19, and 9.2.23.
This release includes fixes that prevent a crash in pg_restore when
using parallel mode. It also patches over a few other bugs reported
since the last releases in August.
Additionally, in 9.4.14 only, there is a fix to an issue with walsenders
preventing primary-server shutdown unless immediate shutdown mode is used.
Users should plan to update at the next convenient downtime.
Bug Fixes and Improvements
This update also fixes a number of bugs reported in the last few weeks.
Some of these issues affect only version 9.6, but many affect all
supported versions:
* Show foreign tables in information_schema.table_privileges view.
This fix applies to new databases, see the release notes for the
procedure to apply the fix to an existing database.
* Correctly identify columns that are of a range type or domain type
over a composite type or domain type being searched for
* Prevent crash when passing fixed-length pass-by-reference data types
to parallel worker processes
* Change ecpg’s parser to allow RETURNING clauses without attached C
variables
* Change ecpg’s parser to recognize backslash continuation of C
preprocessor command lines
* Improve selection of compiler flags for PL/Perl on Windows
Two security issues have been fixed in this release which affect users
of specific PostgreSQL features:
CVE-2015-5289: json or jsonb input values constructed from arbitrary
user input can crash the PostgreSQL server and cause a denial of
service.
CVE-2015-5288: The crypt( function included with the optional pgCrypto
extension could be exploited to read a few additional bytes of memory.
No working exploit for this issue has been developed.
This update will also disable SSL renegotiation by default;
previously, it was enabled by default. SSL renegotiation will be
removed entirely in PostgreSQL versions 9.5 and later.
URL: http://www.postgresql.org/about/news/1615/
Security: CVE-2015-5288 CVE-2015-5289
This update fixes multiple security issues reported in PostgreSQL over the past
few months. All of these issues require prior authentication, and some require
additional conditions, and as such are not considered generally urgent.
However, users should examine the list of security holes patched below in case
they are particularly vulnerable.
Security: CVE-2015-0241,CVE-2015-0242,CVE-2015-0243,
CVE-2015-0244,CVE-2014-8161
a zeising, kwm production, with help from dumbbell, bdrewery:
NEW XORG ON FREEBSD 9-STABLE AND 10-STABLE
This update switches over to use the new xorg stack by default on FreeBSD 9
and 10 stable, on osversions where vt(9) is available.
It is still possible to use the old stack by specifying WITHOUT_NEW_XORG in
/etc/make.conf .
FreeBSD 8-STABLE and released versions of FreeBSD still use
the old version.
A package repository with binary packages for new xorg will
be available soon.
This patch also contains updates of libxcb and related ports, pixman, as well
as some drivers and utilities.
Bump portrevisions for xf86-* ports, as well as virtualbox-ose-additions due
to xserver version change.
Apart from these updates, the way shared libraries are handled has been
changed for all xorg ports, as well as libxml2 and freetype, which means
ltverhack is gone and as a consequence shared libraries have been bumped.
The plan is that this change will make library bumps less likely in the
future.
All affected ports have had their portrevisions bumped as a consequence of
this.
Fix some issues where WITH_NEW_XORG weren't detected properly on CURRENT.
Update instructions, hardware support, and more notes can be found on
https://wiki.freebsd.org/Graphics
Thanks to: all testers, bdrewery and the FreeBSD x11@ team
exp-run by: bdrewery [1]
PR: ports/187602 [1]
Approved by: portmgr (bdrewery), core (jhb)
version of the database system, including versions 9.3.4, 9.2.8, 9.1.13,
9.0.17, and 8.4.21. This minor release fixes a data corruption issue with
replication and crash recovery in version 9.3, as well as several other minor
issues in all versions. All users of version 9.3 are urged to update their
installations at the next possible downtime. Users of older versions should
update at their convenience.
The data corruption issue in PostgreSQL 9.3 affects binary replication
standbys, servers being recovered from point-in-time-recovery backup, and
standalone servers which recover from a system crash. The bug causes
unrecoverable index corruption during recovery due to incorrect replay of row
locking operations. This can then cause query results to be inconsistent
depending on whether or not an index is used, and eventually lead to primary
key violations and similar issues. For this reason, users are encouraged to
replace each of their standby databases with a new base backup after applying
the update.
See release notes for more changes.
URL: http://www.postgresql.org/docs/current/static/release.html
URL: https://wiki.postgresql.org/wiki/20140320UpdateIssues
A change specific to the FreeBSD port:
Modify the contrib/uuid-ossp to actually work (not crashing the backend) by
using the libc implementation of uuid instead of the ossp port. Schemas and
queries will just work. Based on the work of Andrew Gierth. 9.1+ EXTENSION
support added by girgen@.
URL: http://pgfoundry.org/projects/uuid-freebsd
PR: ports/121745, ports/182846
