The NetBSD Project

CVS log for pkgsrc/databases/postgresql83/Attic/Makefile

[BACK] Up to [] / pkgsrc / databases / postgresql83

Request diff between arbitrary revisions

Default branch: MAIN

Revision 1.9, Thu Apr 4 21:08:26 2013 UTC (9 years, 9 months ago) by adam
Branch: MAIN
CVS Tags: pkgsrc-2013Q2-base, pkgsrc-2013Q2, HEAD
Changes since 1.8: +1 -1 lines

The PostgreSQL Global Development Group has released a security update to all current versions of the PostgreSQL database system, including versions 9.2.4, 9.1.9, 9.0.13, and 8.4.17. This update fixes a high-exposure security vulnerability in versions 9.0 and later. All users of the affected versions are strongly urged to apply the update immediately.

A major security issue fixed in this release, CVE-2013-1899, makes it possible for a connection request containing a database name that begins with "-" to be crafted that can damage or destroy files within a server's data directory. Anyone with access to the port the PostgreSQL server listens on can initiate this request.

Two lesser security fixes are also included in this release: CVE-2013-1900, wherein random numbers generated by contrib/pgcrypto functions may be easy for another database user to guess, and CVE-2013-1901, which mistakenly allows an unprivileged user to run commands that could interfere with in-progress backups. Finally, this release fixes two security issues with the graphical installers for Linux and Mac OS X: insecure passing of superuser passwords to a script, CVE-2013-1903 and the use of predictable filenames in /tmp CVE-2013-1902.

Revision / (download) - annotate - [select for diffs], Mon Jul 2 23:06:56 2012 UTC (10 years, 7 months ago) by tron
Branch: pkgsrc-2012Q2
Changes since 1.7: +1 -2 lines
Diff to previous 1.7 (colored) next main 1.8 (colored)

Pullup ticket #3842 - requested by morr
databases/postgresql83-adminpack: security update
databases/postgresql83-client: security update
databases/postgresql83-plperl: security update
databases/postgresql83-pltcl: security update
databases/postgresql83-server: security update
databases/postgresql83-uuid: security update
databases/postgresql83: security update

Revisions pulled up:
- databases/postgresql83-adminpack/Makefile                     1.10
- databases/postgresql83-client/Makefile                        1.27
- databases/postgresql83-client/PLIST                           1.21
- databases/postgresql83-plperl/Makefile                        1.16
- databases/postgresql83-plpython/Makefile                      1.14
- databases/postgresql83-pltcl/Makefile                         1.10
- databases/postgresql83-server/Makefile                        1.19
- databases/postgresql83-server/PLIST                           1.18
- databases/postgresql83-uuid/Makefile                          1.3
- databases/postgresql83/Makefile                               1.8
- databases/postgresql83/Makefile.common                        1.24
- databases/postgresql83/distinfo                               1.22

   Module Name:	pkgsrc
   Committed By:	morr
   Date:		Sun Jul  1 19:19:42 UTC 2012

   Modified Files:
   	pkgsrc/databases/postgresql83: Makefile.common distinfo
   	pkgsrc/databases/postgresql83-client: PLIST
   	pkgsrc/databases/postgresql83-plpython: Makefile
   	pkgsrc/databases/postgresql83-server: PLIST

   Log Message:
   Security update to version 8.3.19.


   * Fix incorrect password transformation in contrib/pgcrypto's DES crypt() function (Solar Designer)
   * If a password string contained the byte value 0x80, the remainder of the password was ignored, causing the password to be much weaker than it appeared. With this fix, the rest of the string is properly included in the DES hash. Any stored password values that are affected by this bug will thus no longer match, so the stored values may need to be updated. (CVE-2012-2143)
   * Ignore SECURITY DEFINER and SET attributes for a procedural language's call handler (Tom Lane)
   * Applying such attributes to a call handler could crash the server. (CVE-2012-2655)
   * Allow numeric timezone offsets in timestamp input to be up to 16 hours away from UTC (Tom Lane)
   * Some historical time zones have offsets larger than 15 hours, the previous limit. This could result in dumped data values being rejected during reload.
   * Fix timestamp conversion to cope when the given time is exactly the last DST transition time for the current timezone (Tom Lane)
   * This oversight has been there a long time, but was not noticed previously because most DST-using zones are presumed to have an indefinite sequence of future DST transitions.
   * Fix text to name and char to name casts to perform string truncation correctly in multibyte encodings (Karl Schnaitter)
   * Fix memory copying bug in to_tsquery() (Heikki Linnakangas)
   * Fix slow session startup when pg_attribute is very large (Tom Lane)
   * If pg_attribute exceeds one-fourth of shared_buffers, cache rebuilding code that is sometimes needed during session start would trigger the synchronized-scan logic, causing it to take many times longer than normal. The problem was particularly acute if many new sessions were starting at once.
   * Ensure sequential scans check for query cancel reasonably often (Merlin Moncure)
   * A scan encountering many consecutive pages that contain no live tuples would not respond to interrupts meanwhile.
   * Ensure the Windows implementation of PGSemaphoreLock() clears ImmediateInterruptOK before returning (Tom Lane)
   * This oversight meant that a query-cancel interrupt received later in the same query could be accepted at an unsafe time, with unpredictable but not good consequences.
   * Show whole-row variables safely when printing views or rules (Abbas Butt, Tom Lane)
   * Corner cases involving ambiguous names (that is, the name could be either a table or column name of the query) were printed in an ambiguous way, risking that the view or rule would be interpreted differently after dump and reload. Avoid the ambiguous case by attaching a no-op cast.
   * Ensure autovacuum worker processes perform stack depth checking properly (Heikki Linnakangas)
   * Previously, infinite recursion in a function invoked by auto-ANALYZE could crash worker processes.
   * Fix logging collector to not lose log coherency under high load (Andrew Dunstan)
   * The collector previously could fail to reassemble large messages if it got too busy.
   * Fix logging collector to ensure it will restart file rotation after receiving SIGHUP (Tom Lane)
   * Fix PL/pgSQL's GET DIAGNOSTICS command when the target is the function's first variable (Tom Lane)
   * Fix several performance problems in pg_dump when the database contains many objects (Jeff Janes, Tom Lane)
   * pg_dump could get very slow if the database contained many schemas, or if many objects are in dependency loops, or if there are many owned sequences.
   * Fix contrib/dblink's dblink_exec() to not leak temporary database connections upon error (Tom Lane)
   * Update time zone data files to tzdata release 2012c for DST law changes in Antarctica, Armenia, Chile, Cuba, Falkland Islands, Gaza, Haiti, Hebron, Morocco, Syria, and Tokelau Islands; also historical corrections for Canada.

   Module Name:    pkgsrc
   Committed By:   morr
   Date:           Sun Jul  1 19:21:14 UTC 2012

   Modified Files:
           pkgsrc/databases/postgresql83: Makefile
           pkgsrc/databases/postgresql83-adminpack: Makefile
           pkgsrc/databases/postgresql83-client: Makefile
           pkgsrc/databases/postgresql83-plperl: Makefile
           pkgsrc/databases/postgresql83-pltcl: Makefile
           pkgsrc/databases/postgresql83-server: Makefile
           pkgsrc/databases/postgresql83-uuid: Makefile

   Log Message:

Revision 1.8 / (download) - annotate - [select for diffs], Sun Jul 1 19:21:13 2012 UTC (10 years, 7 months ago) by morr
Branch: MAIN
CVS Tags: pkgsrc-2013Q1-base, pkgsrc-2013Q1, pkgsrc-2012Q4-base, pkgsrc-2012Q4, pkgsrc-2012Q3-base, pkgsrc-2012Q3
Changes since 1.7: +1 -2 lines
Diff to previous 1.7 (colored)


Revision 1.7 / (download) - annotate - [select for diffs], Thu Jun 14 07:45:38 2012 UTC (10 years, 7 months ago) by sbd
Branch: MAIN
CVS Tags: pkgsrc-2012Q2-base
Branch point for: pkgsrc-2012Q2
Changes since 1.6: +2 -1 lines
Diff to previous 1.6 (colored)

Recursive PKGREVISION bump for libxml2 buildlink addition.

Revision 1.6 / (download) - annotate - [select for diffs], Tue Sep 27 11:03:59 2011 UTC (11 years, 4 months ago) by adam
Branch: MAIN
CVS Tags: pkgsrc-2012Q1-base, pkgsrc-2012Q1, pkgsrc-2011Q4-base, pkgsrc-2011Q4, pkgsrc-2011Q3-base, pkgsrc-2011Q3
Changes since 1.5: +1 -2 lines
Diff to previous 1.5 (colored)

Changes 8.3.16:
* Fix bugs in indexing of in-doubt HOT-updated tuples
* Fix multiple bugs in GiST index page split processing
* Fix possible buffer overrun in tsvector_concat()
* Fix crash in xml_recv when processing a "standalone" parameter
* Avoid possibly accessing off the end of memory in "ANALYZE" and in
  SJIS-2004 encoding conversion
* Fix race condition in relcache init file invalidation
* Fix memory leak at end of a GiST index scan
* Fix performance problem when constructing a large, lossy bitmap
* Fix array- and path-creating functions to ensure padding bytes are zeroes
* Work around gcc 4.6.0 bug that breaks WAL replay
* Fix dump bug for VALUES in a view
* Disallow SELECT FOR UPDATE/SHARE on sequences
  This operation doesn't work as expected and can lead to failures.
* Defend against integer overflow when computing size of a hash table
* Fix cases where "CLUSTER" might attempt to access already-removed
  TOAST data
* Fix portability bugs in use of credentials control messages for
  "peer" authentication
* Fix SSPI login when multiple roundtrips are required
* Fix typo in pg_srand48 seed initialization
* Avoid integer overflow when the sum of LIMIT and OFFSET values
  exceeds 2^63
* Add overflow checks to int4 and int8 versions of generate_series()
* Fix trailing-zero removal in to_char()
* Fix pg_size_pretty() to avoid overflow for inputs close to 2^63
* In pg_ctl, support silent mode for service registrations on Windows
* Fix psql's counting of script file line numbers during COPY from a
  different file
* more...

Revision 1.5 / (download) - annotate - [select for diffs], Fri Apr 22 13:43:14 2011 UTC (11 years, 9 months ago) by obache
Branch: MAIN
CVS Tags: pkgsrc-2011Q2-base, pkgsrc-2011Q2
Changes since 1.4: +2 -1 lines
Diff to previous 1.4 (colored)

recursive bump from gettext-lib shlib bump.

Revision 1.4 / (download) - annotate - [select for diffs], Sun Dec 19 09:53:52 2010 UTC (12 years, 1 month ago) by adam
Branch: MAIN
CVS Tags: pkgsrc-2011Q1-base, pkgsrc-2011Q1, pkgsrc-2010Q4-base, pkgsrc-2010Q4
Changes since 1.3: +4 -4 lines
Diff to previous 1.3 (colored)

Changes 8.3.13:
* Force the default wal_sync_method to be fdatasync on Linux
* Fix assorted bugs in WAL replay logic for GIN indexes
* Fix recovery from base backup when the starting checkpoint WAL
  record is not in the same WAL segment as its redo point
* Fix persistent slowdown of autovacuum workers when multiple workers
  remain active for a long time
* Add support for detecting register-stack overrun on IA64
* Add a check for stack overflow in copyObject()
* Fix detection of page splits in temporary GiST indexes
* Avoid memory leakage while "ANALYZE"'ing complex index expressions
* Ensure an index that uses a whole-row Var still depends on its
* Do not "inline" a SQL function with multiple OUT parameters
* Behave correctly if ORDER BY, LIMIT, FOR UPDATE, or WITH is
  attached to the VALUES part of INSERT ... VALUES
* Fix constant-folding of COALESCE() expressions
* Fix postmaster crash when connection acceptance (accept() or one of
  the calls made immediately after it) fails, and the postmaster was
  compiled with GSSAPI support
* Fix missed unlink of temporary files when log_temp_files is active
* Add print functionality for InhRelation nodes
* Fix incorrect calculation of distance from a point to a horizontal
  line segment
* Fix PL/pgSQL's handling of "simple" expressions to not fail in
  recursion or error-recovery cases
* Fix PL/Python's handling of set-returning functions
* Fix bug in "contrib/cube"'s GiST picksplit algorithm
* Don't emit "identifier will be truncated" notices in
  "contrib/dblink" except when creating new connections
* Fix potential coredump on missing public key in "contrib/pgcrypto"
* Fix memory leak in "contrib/xml2"'s XPath query functions
* Update time zone data files to tzdata release 2010o for DST law
  changes in Fiji and Samoa; also historical corrections for Hong

Revision 1.3 / (download) - annotate - [select for diffs], Thu Jun 12 02:14:20 2008 UTC (14 years, 7 months ago) by joerg
Branch: MAIN
CVS Tags: pkgsrc-2010Q3-base, pkgsrc-2010Q3, pkgsrc-2010Q2-base, pkgsrc-2010Q2, pkgsrc-2010Q1-base, pkgsrc-2010Q1, pkgsrc-2009Q4-base, pkgsrc-2009Q4, pkgsrc-2009Q3-base, pkgsrc-2009Q3, pkgsrc-2009Q2-base, pkgsrc-2009Q2, pkgsrc-2009Q1-base, pkgsrc-2009Q1, pkgsrc-2008Q4-base, pkgsrc-2008Q4, pkgsrc-2008Q3-base, pkgsrc-2008Q3, pkgsrc-2008Q2-base, pkgsrc-2008Q2, cwrapper, cube-native-xorg-base, cube-native-xorg
Changes since 1.2: +3 -3 lines
Diff to previous 1.2 (colored)

Add DESTDIR support.

Revision 1.2 / (download) - annotate - [select for diffs], Thu Mar 13 16:47:37 2008 UTC (14 years, 10 months ago) by joerg
Branch: MAIN
CVS Tags: pkgsrc-2008Q1-base, pkgsrc-2008Q1
Changes since 1.1: +2 -9 lines
Diff to previous 1.1 (colored)

Mark the main postgresql8[0-3] packages as meta packages.
This avoids the problems in PR 34914.

Revision / (download) - annotate - [select for diffs] (vendor branch), Tue Mar 4 12:41:36 2008 UTC (14 years, 10 months ago) by adam
Branch: TNF
CVS Tags: pkgsrc-base
Changes since 1.1: +0 -0 lines
Diff to previous 1.1 (colored)

PostgreSQL 8.3
With significant new functionality and performance enhancements, this
release represents a major leap forward for PostgreSQL. This was made
possible by a growing community that has dramatically accelerated the
pace of development. This release adds the following major features:

  * Full text search is integrated into the core database system
  * Support for the SQL/XML standard, including new operators and an
    XML data type
  * Enumerated data types (ENUM)
  * Arrays of composite types
  * Universally Unique Identifier (UUID) data type
  * Add control over whether NULLs sort first or last
  * Updatable cursors
  * Server configuration parameters can now be set on a per-function
  * User-defined types can now have type modifiers
  * Automatically re-plan cached queries when table definitions change
    or statistics are updated
  * Numerous improvements in logging and statistics collection
  * Support Security Service Provider Interface (SSPI) for
    authentication on Windows
  * Support multiple concurrent autovacuum processes, and other
    autovacuum improvements
  * Allow the whole PostgreSQL distribution to be compiled with
    Microsoft Visual C++

Revision 1.1 / (download) - annotate - [select for diffs], Tue Mar 4 12:41:36 2008 UTC (14 years, 10 months ago) by adam
Branch: MAIN

Initial revision

This form allows you to request diff's between any two revisions of a file. You may select a symbolic revision name using the selection box or you may type in a numeric name using the type-in text box.

CVSweb <>