Commit graph

37 commits

Author SHA1 Message Date
Palle Girgensohn
c007195e81 Update to latest versions of PostgreSQL
The PostgreSQL Global Development Group has released an update to all supported
versions of our database system, including 10.1, 9.6.6, 9.5.10, 9.4.15, 9.3.20,
and 9.2.24. This release fixes three security issues. This release also fixes
issues found in BRIN indexing, logical replication and other bugs reported over
the past three months.

Please note that the CVE-2017-12172 does not affect the FreeBSD port unless you
decided to not use the contrib/startscript instead of the startscript
distributed with the FreeBSD port/package.

Security:	CVE-2017-12172, CVE-2017-15099, CVE-2017-15098
URL:		https://www.postgresql.org/about/news/1801/
2017-11-09 16:11:21 +00:00
Baptiste Daroussin
e03c9bb90c Recommand psycopg2 over PyGreSQL
Submitted by:	Christoph Moench-Tegeder <cmt@burggraben.net>
2017-10-15 17:53:04 +00:00
Palle Girgensohn
548c838795 The PostgreSQL Global Development Group has released an update to all
supported versions of our database system, including 9.6.5, 9.5.9,
9.4.14, 9.3.19, and 9.2.23.

This release includes fixes that prevent a crash in pg_restore when
using parallel mode. It also patches over a few other bugs reported
since the last releases in August.

Additionally, in 9.4.14 only, there is a fix to an issue with walsenders
preventing primary-server shutdown unless immediate shutdown mode is used.

Users should plan to update at the next convenient downtime.

Bug Fixes and Improvements

This update also fixes a number of bugs reported in the last few weeks.
Some of these issues affect only version 9.6, but many affect all
supported versions:

* Show foreign tables in information_schema.table_privileges view.
This fix applies to new databases, see the release notes for the
procedure to apply the fix to an existing database.
* Correctly identify columns that are of a range type or domain type
over a composite type or domain type being searched for
* Prevent crash when passing fixed-length pass-by-reference data types
to parallel worker processes
* Change ecpg’s parser to allow RETURNING clauses without attached C
variables
* Change ecpg’s parser to recognize backslash continuation of C
preprocessor command lines
* Improve selection of compiler flags for PL/Perl on Windows
2017-09-05 09:27:11 +00:00
Palle Girgensohn
27530e04c3 The PostgreSQL Global Development Group has released an update to all
supported versions of our database system, including 9.6.4, 9.5.8,
9.4.13, 9.3.18, and 9.2.22. This release fixes three security issues.
It also patches over 50 other bugs reported over the last three months.
Users who are affected by the below security issues should update as
soon as possible.  Users affected by CVE-2017-7547
(https://access.redhat.com/security/cve/CVE-2017-7547) will need to
perform additional steps after upgrading to resolve the issue.  Other
users should plan to update at the next convenient downtime.

URL:		https://www.postgresql.org/about/news/1772/
Security:	CVE-2017-7546, CVE-2017-7547, CVE-2017-7548
2017-08-10 14:21:20 +00:00
Dmitry Marakasov
7184f1831f - Include pg_regress to all postgresql*-client ports, to allow running regression tests for postgresql extensions
PR:		217874
Approved by:	maintainer timeout (pgsql, 4 months)
2017-07-17 11:15:50 +00:00
Palle Girgensohn
3f93622427 PostgreSQL security updates
The PostgreSQL Global Development Group has released an update to all supported
versions of our database system, including 9.6.3, 9.5.7, 9.4.12, 9.3.17, and
9.2.21. This release fixes three security issues. It also patches a number of
other bugs reported over the last three months. Users who use the PGREQUIRESSL
environment variable to control connections, and users who rely on security
isolation between database users when using foreign servers, should update as
soon as possible. Other users should plan to update at the next convenient
downtime.

URL:    https://www.postgresql.org/about/news/1746/
Security:       CVE-2017-7484, CVE-2017-7485, CVE-2017-7486

Also modify rcorder and let sshd start before PostgreSQL, so any problems
during startup can be reviewed promplty from an ssh login.
2017-05-11 14:28:22 +00:00
Palle Girgensohn
f17d7f2051 PostgreSQL 9.6.2, 9.5.6, 9.4.11, 9.3.16 and 9.2.20 released!
The PostgreSQL Global Development Group has released an update to all supported
versions of our database system, including 9.6.2, 9.5.6, 9.4.11, 9.3.16, and
9.2.20. This release includes fixes that prevent data corruption issues in
index builds and in certain write-ahead-log replay situations, which are
detailed below. It also patches over 75 other bugs reported over the last three
months.

Users should plan to apply this update at the next scheduled downtime.

Build corruption with CREATE INDEX CONCURRENTLY

There existed a race condition if CREATE INDEX CONCURRENTLY was called on a
column that had not been indexed before, then rows that were updated by
transactions running at the same time as the CREATE INDEX CONCURRENTLY command
could have been indexed incorrectly.

If you suspect this may have happened, the most reliable solution is to rebuild
affected indexes after installing this update.

This issue is present in the 9.2, 9.3, 9.4, 9.5, and 9.6 series of PostgreSQL.

URL	https://www.postgresql.org/about/news/1733/
2017-02-09 15:22:44 +00:00
Sunpoet Po-Chuan Hsieh
e730d999d3 Add more PLIST_SUB to Mk/Uses/python.mk
- Add PYTHON_PYOEXTENSION and PYTHON_SUFFIX
- Add PYTHON2 and PYTHON3
- Respect PYTHON_VERSION
- Rename PYOEXTENSION to PYTHON_PYOEXTENSION

This change would help:
- Build databases/postgresql*-plpython with Python 3
  (It has PLIST issue since bsd.python.mk to Uses/python.mk transition)
- Simplify Makefile

PR:		205807
Differential Revision:	https://reviews.FreeBSD.org/D4758
Exp-run by:	antoine
2017-01-07 21:42:28 +00:00
Palle Girgensohn
57c3f72fc1 Update PostgreSQL to latest versions.
The PostgreSQL Global Development Group has released an update to all supported
versions of our database system, including 9.6.1, 9.5.5, 9.4.10, 9.3.15,
9.2.19, and 9.1.24.

This release fixes two issues that can cause data corruption, which are
described in more detail below. It also patches a number of other bugs reported
over the last three months. The project urges users to apply this update at the
next possible downtime.
2016-10-27 14:04:55 +00:00
Olli Hauer
750e77a5e7 - fix sizes
- s/USE_OPENSSL/USES=ssl/

assumed OK for commit ~1h after first notify about wrong sizes in distinfo
2016-08-11 18:35:31 +00:00
Palle Girgensohn
630169ef43 The PostgreSQL Global Development Group has released an update to all supported
versions of our database system, including 9.5.4, 9.4.9, 9.3.14, 9.2.18 and
9.1.23. This release fixes two security issues. It also patches a number of
other bugs reported over the last three months. Users who rely on security
isolation between database users should update as soon as possible. Other users
should plan to update at the next convenient downtime.

If you are using the ICU patch, please consult UPDATING.

Improve periodic cleanup, suggested by claudius (at) ambtec.de. [1]

PR:		210941 [1]
Security:	CVE-2016-5423, CVE-2016-5424
2016-08-11 16:39:40 +00:00
Mathieu Arnold
1a8a092d9f Rename all files containing a : in their filename.
While there, run make makepatch on affected ports, and rename patches
accordingly.

Sponsored by:	Absolight
2016-06-17 23:28:04 +00:00
Dmitry Marakasov
e87a8bd319 - Fix trailing whitespace in pkg-messages
Approved by:	portmgr blanket
2016-05-19 11:09:14 +00:00
Palle Girgensohn
71b5462067 Update PostgreSQL to latest versions
URL:	http://www.postgresql.org/docs/9.5/static/release-9-5-3.html
2016-05-12 22:36:10 +00:00
Palle Girgensohn
1b201272e7 Update PostgreSQL 9.1, 9.2 9.3 and 9.4 to latest versions.
URL:	http://www.postgresql.org/about/news/1656/
2016-03-31 14:49:01 +00:00
Palle Girgensohn
70a06c4f2e Update PostgreSQL to latest versions.
Security Fixes for Regular Expressions, PL/Java

This release closes security hole CVE-2016-0773, an issue with regular
expression (regex) parsing. Prior code allowed users to pass in expressions
which included out-of-range Unicode characters, triggering a backend crash.
This issue is critical for PostgreSQL systems with untrusted users or which
generate regexes based on user input.

The update also fixes CVE-2016-0766, a privilege escalation issue for users of
PL/Java.  Certain custom configuration settings (GUCS) for PL/Java will now be
modifiable only by the database superuser

URL:		http://www.postgresql.org/about/news/1644/
Security:	CVE-2016-0773, CVE-2016-0766
2016-02-13 22:42:04 +00:00
Palle Girgensohn
0642ae4b77 Update PostgreSQL port to latest version.
Two security issues have been fixed in this release which affect users
of specific PostgreSQL features:

CVE-2015-5289: json or jsonb input values constructed from arbitrary
user input can crash the PostgreSQL server and cause a denial of
service.

CVE-2015-5288: The crypt( function included with the optional pgCrypto
extension could be exploited to read a few additional bytes of memory.
No working exploit for this issue has been developed.

This update will also disable SSL renegotiation by default;
previously, it was enabled by default.   SSL renegotiation will be
removed entirely in PostgreSQL versions 9.5 and later.

URL:		http://www.postgresql.org/about/news/1615/
Security:	CVE-2015-5288 CVE-2015-5289
2015-10-08 21:25:01 +00:00
Palle Girgensohn
7d7b994589 Fix broken XML support.
PR:	ports/202649
2015-10-06 08:47:42 +00:00
Baptiste Daroussin
bc46027203 Simplify a bit the Makefiles
Use OPTIONS_SUB to automatically PLIST_SUB
Use OPTIONS helpers
2015-07-22 22:45:35 +00:00
Baptiste Daroussin
ab7ead91d4 Cleanup plist and avoid useless @exec 2015-07-22 21:46:27 +00:00
Palle Girgensohn
07d4926020 Update PostgreSQL to latest versions.
Earlier update releases attempted to fix an issue in PostgreSQL 9.3 and 9.4
with "multixact wraparound", but failed to account for issues doing multixact
cleanup during crash recovery. This could cause servers to be unable to restart
after a crash. As such, all users of 9.3 and 9.4 should apply this update as
soon as possible.

URL:	http://www.postgresql.org/about/news/1592/
2015-06-12 13:00:49 +00:00
Palle Girgensohn
5e8dafff53 Update PostgreSQL to latest versions.
The update is mostly to fix the file persmission problem described
in the URL below. You might want to wait until next upgrade, depending
on you local configuration.
URL:	http://www.postgresql.org/about/news/1590/
2015-06-05 14:57:29 +00:00
Palle Girgensohn
89f2bb6e59 Update PostgreSQL ports to latest version.
Data Corruption Fix

For users of PostgreSQL versions 9.3 or 9.4, this release fixes a problem where
the database will fail to protect against "multixact wraparound", resulting in
data corruption or loss. Users with a high transaction rate (1 million or more
per hour) in a database with many foreign keys are especially vulnerable. We
strongly urge all users of 9.4 and 9.3 to update their installations in the
next few days.

Users of versions 9.2 and earlier are not affected by this issue.

Security:	fc38cd83-00b3-11e5-8ebd-0026551a22dc
2015-05-22 23:22:19 +00:00
Palle Girgensohn
68916dd375 Chase upcoming update of ICU to 5.5. 2015-04-18 12:37:22 +00:00
Palle Girgensohn
b6d78357da remove redundant cpe markers on the slave ports 2015-04-05 09:00:59 +00:00
Bartek Rutkowski
8e7427b5e6 databases/postgresql94-server: add CPE information
- Maintainer's timeout (pgsql@FreeBSD.org)

PR:		197489
Submitted by:	Shun <shun.fbsd.pr@dropcut.net>
2015-04-03 12:32:06 +00:00
Palle Girgensohn
92faabe150 In previous commit,
"Revert the change from readline to libedit, and instead make libedit optional.",
I failed to get the PORTREVISION set correctly. Fixed now.

PR:	ports/197362
2015-02-07 17:18:48 +00:00
Palle Girgensohn
262af710e7 Update PostgreSQL-9.x to latests versions.
This update fixes multiple security issues reported in PostgreSQL over the past
few months. All of these issues require prior authentication, and some require
additional conditions, and as such are not considered generally urgent.
However, users should examine the list of security holes patched below in case
they are particularly vulnerable.

Security:	CVE-2015-0241,CVE-2015-0242,CVE-2015-0243,
		CVE-2015-0244,CVE-2014-8161
2015-02-05 22:54:34 +00:00
Palle Girgensohn
60b705aaf6 Release PostgreSQL 9.4
Major enhancements in PostgreSQL 9.4 include:

Add jsonb, a more capable and efficient data type for storing JSON data

Add new SQL command ALTER SYSTEM for changing postgresql.conf configuration
file entries

Reduce lock strength for some ALTER TABLE commands

Allow materialized views to be refreshed without blocking concurrent reads

Add support for logical decoding of WAL data, to allow database changes to be
streamed out in a customizable format

Allow background worker processes to be dynamically registered, started and
terminated The above items are explained in more detail in the sections below.

URL:	http://www.postgresql.org/docs/9.4/static/release-9-4.html
2014-12-18 15:42:17 +00:00
Palle Girgensohn
0a9dd85530 Update PostgreSQL 9.4 to release candidate 1. 2014-11-19 16:09:14 +00:00
Palle Girgensohn
1375907999 Update to PostgreSQL 9.4 beta3 2014-10-09 15:20:52 +00:00
Antoine Brodin
4a0d014c07 Remove some duplicate lines from plist (or duplicate plist)
Reported by:	pkg developer mode
2014-08-25 16:44:07 +00:00
Marcus von Appen
a38c833874 - Unbreak builds after the lang/python27 update (r363790)
Exp-run:	192242, 192244
2014-08-02 07:01:53 +00:00
Palle Girgensohn
f319c969b6 Prepare for upcoming ICU-5.3 upgrade. 2014-06-09 21:57:43 +00:00
Alex Kozlov
fe7fc772a5 - Fix various distinfo errors
- Remove unused USE_* knobs
- Convert USE_TWISTED_RUN to USES
- Remove empty lines after .include <bsd.port.mk>

Approved by:	portmgr (antoine)
2014-05-31 16:37:58 +00:00
Palle Girgensohn
44c5c2289a fix broken plist 2014-05-20 21:58:23 +00:00
Palle Girgensohn
871f7f3137 The PostgreSQL Global Development Group announced that the first beta
release of PostgreSQL 9.4, the latest version of the world's leading
open source database, is available today.  This beta contains previews
of all of the features which will be available in version 9.4, and is
ready for testing by the worldwide PostgreSQL community.  Please
download, test, and report what you find.

Major Features
--------------

The new major features available for testing in this beta include:

* JSONB: 9.4 includes the new JSONB "binary JSON" type. This new
  storage format for document data is higher-performance, and comes with
  indexing, functions and operators for manipulating JSON data.
* Replication: The new Data Change Streaming API allows decoding and
  transformation of the replication stream.  This lays the foundation
  for new replication tools that support high-speed and more flexible
  replication and scale-out solutions.
* Materialized Views with "Refresh Concurrently", which permit
  fast-response background summary reports for complex data.
* ALTER SYSTEM SET, which enables modifications to postgresql.conf
  from the SQL command line and from remote clients, easing
  administration tasks.
2014-05-18 14:44:53 +00:00