The NetBSD Project

CVS log for pkgsrc/databases/jdbc-postgresql83/Attic/distinfo

[BACK] Up to [cvs.NetBSD.org] / pkgsrc / databases / jdbc-postgresql83

Request diff between arbitrary revisions


Default branch: MAIN


Revision 1.3, Thu Apr 4 21:08:38 2013 UTC (10 years, 11 months ago) by adam
Branch: MAIN
CVS Tags: pkgsrc-2013Q2-base, pkgsrc-2013Q2, HEAD
Changes since 1.2: +1 -1 lines
FILE REMOVED

The PostgreSQL Global Development Group has released a security update to all current versions of the PostgreSQL database system, including versions 9.2.4, 9.1.9, 9.0.13, and 8.4.17. This update fixes a high-exposure security vulnerability in versions 9.0 and later. All users of the affected versions are strongly urged to apply the update immediately.

A major security issue fixed in this release, CVE-2013-1899, makes it possible for a connection request containing a database name that begins with "-" to be crafted that can damage or destroy files within a server's data directory. Anyone with access to the port the PostgreSQL server listens on can initiate this request.

Two lesser security fixes are also included in this release: CVE-2013-1900, wherein random numbers generated by contrib/pgcrypto functions may be easy for another database user to guess, and CVE-2013-1901, which mistakenly allows an unprivileged user to run commands that could interfere with in-progress backups. Finally, this release fixes two security issues with the graphical installers for Linux and Mac OS X: insecure passing of superuser passwords to a script, CVE-2013-1903 and the use of predictable filenames in /tmp CVE-2013-1902.

Revision 1.2 / (download) - annotate - [select for diffs], Tue Oct 20 11:02:55 2009 UTC (14 years, 5 months ago) by abs
Branch: MAIN
CVS Tags: pkgsrc-2013Q1-base, pkgsrc-2013Q1, pkgsrc-2012Q4-base, pkgsrc-2012Q4, pkgsrc-2012Q3-base, pkgsrc-2012Q3, pkgsrc-2012Q2-base, pkgsrc-2012Q2, pkgsrc-2012Q1-base, pkgsrc-2012Q1, pkgsrc-2011Q4-base, pkgsrc-2011Q4, pkgsrc-2011Q3-base, pkgsrc-2011Q3, pkgsrc-2011Q2-base, pkgsrc-2011Q2, pkgsrc-2011Q1-base, pkgsrc-2011Q1, pkgsrc-2010Q4-base, pkgsrc-2010Q4, pkgsrc-2010Q3-base, pkgsrc-2010Q3, pkgsrc-2010Q2-base, pkgsrc-2010Q2, pkgsrc-2010Q1-base, pkgsrc-2010Q1, pkgsrc-2009Q4-base, pkgsrc-2009Q4
Changes since 1.1: +7 -7 lines
Diff to previous 1.1 (colored)

Updated databases/jdbc-postgresql83 to 605

Version 8.3-605 (2009-07-01)

    * fix The Statement and Connection proxies used for connection pooling code relied on the underlying real connection and statement code for equals and hashcode support. When the proxies are closed we discard the references to the real objects, so we can't rely on them for this support because we'll get a NullPointerException. (jurka) Thanks to Radu Buzila.
    * fix DatabaseMetaData.getColumns was broken for the JDBC 3 and 4 drivers when running against 7.2 or older servers. (jurka)
    * fix Retrieve columns' default values from pg_attrdef.adbin rather than adsrc because adsrc can get out of date when dependent objects are renamed while adbin stays up to date. (jurka) Thanks to Dickson Guedes, Tom Lane.
    * fix Fix parsing of integer and long data. Some malformed inputs (only a negative sign) got treated as valid data. (jurka) Thanks to Heiiki Linnakangas.
    * fix Initialize BatchUpdateExceptions with the SQLState of the SQLException that they are wrapping. Code that inspects the SQLStates of SQLExceptions, but doesn't unwrap the nested exception will not understand the underlying cause and may make incorrect decisions about the severity of the error. (jurka) Thanks to Fujii Masao.


Version 8.3-605 (2009-07-01)

    * fix The Statement and Connection proxies used for connection pooling code relied on the underlying real connection and statement code for equals and hashcode support. When the proxies are closed we discard the references to the real objects, so we can't rely on them for this support because we'll get a NullPointerException. (jurka) Thanks to Radu Buzila.
    * fix DatabaseMetaData.getColumns was broken for the JDBC 3 and 4 drivers when running against 7.2 or older servers. (jurka)
    * fix Retrieve columns' default values from pg_attrdef.adbin rather than adsrc because adsrc can get out of date when dependent objects are renamed while adbin stays up to date. (jurka) Thanks to Dickson Guedes, Tom Lane.
    * fix Fix parsing of integer and long data. Some malformed inputs (only a negative sign) got treated as valid data. (jurka) Thanks to Heiiki Linnakangas.
    * fix Initialize BatchUpdateExceptions with the SQLState of the SQLException that they are wrapping. Code that inspects the SQLStates of SQLExceptions, but doesn't unwrap the nested exception will not understand the underlying cause and may make incorrect decisions about the severity of the error. (jurka) Thanks to Fujii Masao.

Revision 1.1.1.1 / (download) - annotate - [select for diffs] (vendor branch), Wed Jul 16 20:49:30 2008 UTC (15 years, 8 months ago) by abs
Branch: TNF
CVS Tags: pkgsrc-base, pkgsrc-2009Q3-base, pkgsrc-2009Q3, pkgsrc-2009Q2-base, pkgsrc-2009Q2, pkgsrc-2009Q1-base, pkgsrc-2009Q1, pkgsrc-2008Q4-base, pkgsrc-2008Q4, pkgsrc-2008Q3-base, pkgsrc-2008Q3, cube-native-xorg-base, cube-native-xorg
Changes since 1.1: +0 -0 lines
Diff to previous 1.1 (colored)

Added databases/jdbc-postgresql83 version 603

This is a pure Java (Type IV) JDBC driver for the PostgreSQL
database.  It allows Java programs to connect to a PostgreSQL
database using standard, database independent Java code.

The driver provides a reasonably complete implementation of the
JDBC 3 specification in addition to some PostgreSQL specific
extensions.

Revision 1.1 / (download) - annotate - [select for diffs], Wed Jul 16 20:49:30 2008 UTC (15 years, 8 months ago) by abs
Branch: MAIN

Initial revision

This form allows you to request diff's between any two revisions of a file. You may select a symbolic revision name using the selection box or you may type in a numeric name using the type-in text box.




CVSweb <webmaster@jp.NetBSD.org>