FreeBSD ports tree https://cgit-dev.freebsd.org/ports/atom?h=12.4-eol 2023-12-28T10:20:24Z 2023-12-28T10:20:24Z Palle Girgensohn girgen@FreeBSD.org 2023-12-28T10:20:24Z urn:sha1:16f2f4c4df2ddeefb9612870166e6f15237cc4d4 PR: 275851 (submitted by takeda at takeda.tk) 2023-11-17T11:46:00Z Jan Beich jbeich@FreeBSD.org 2023-10-05T20:43:38Z urn:sha1:e55b80195e2af4bd63088de216ccd3e23be81c1f Changes: https://github.com/unicode-org/icu/releases/tag/release-74-1 Reported by: GitHub (watch releases) PR: 274317 Exp-run by: antoine (incomplete) Approved by: fluffy 2023-11-09T15:09:19Z Palle Girgensohn girgen@FreeBSD.org 2023-11-09T14:37:31Z urn:sha1:a5d53f45faf9f85a1bbdf6113c6b456569a6757f PostgreSQL 16.1, 15.5, 14.10, 13.13, 12.17, and 11.22 Released! The PostgreSQL Global Development Group has released an update to all supported versions of PostgreSQL, including 16.1, 15.5, 14.10, 13.13, 12.17, and 11.22 This release fixes three security vulnerabilities and over 55 bugs reported over the last several months. Release notes: https://www.postgresql.org/about/news/postgresql-161-155-1410-1313-1217-and-1122-released-2749/ Security: CVE-2023-5868, CVE-2023-5869, CVE-2023-5870 Security: 31f45d06-7f0e-11ee-94b4-6cc21735f730 Security: 0f445859-7f0e-11ee-94b4-6cc21735f730 Security: bbb18fcb-7f0d-11ee-94b4-6cc21735f730 2023-08-10T14:13:24Z Palle Girgensohn girgen@FreeBSD.org 2023-08-10T13:55:07Z urn:sha1:3554a40b0542d6b01a2a92dc78323880ac5aba3c PostgreSQL 15.4, 14.9, 13.12, 12.16, 11.21, and PostgreSQL 16 Beta 3 Released. The PostgreSQL Global Development Group has released an update to all supported versions of PostgreSQL, including 15.4, 14.9, 13.12, 12.16, and 11.21, as well as the third beta release of PostgreSQL 16. This release fixes two security vulnerabilities and over 40 bugs reported over the last several months. If you use BRIN indexes to look up NULL values, you will need to reindex them after upgrading to this release. On PostgreSQL 12 and above, you can use REINDEX CONCURRENTLY to avoid blocking writes to the affected index and table, for example: REINDEX INDEX CONCURRENTLY your_index_name; Also, remove the patch for postgresql.conf.sample suggesting to turn off update_process_title [1], since it is no longer a problem. Release notes: https://www.postgresql.org/about/news/postgresql-154-149-1312-1216-1121-and-postgresql-16-beta-3-released-2689/ [1]: https://commitfest.postgresql.org/19/1715/ 2023-07-05T14:11:39Z Palle Girgensohn girgen@FreeBSD.org 2023-05-25T15:53:31Z urn:sha1:4ee225f90aa3f81a418859086a0bca660f44e7ef URL: https://www.postgresql.org/about/news/postgresql-16-beta-1-released-2643/ Release notes: https://www.postgresql.org/docs/16/release-16.html 2023-05-11T15:42:57Z Palle Girgensohn girgen@FreeBSD.org 2023-05-11T15:21:54Z urn:sha1:3fd6f200dc8c12022515f7c3f662df148941e261 The PostgreSQL Global Development Group has released an update to all supported versions of PostgreSQL, including 15.3, 14.8, 13.11, 12.15, and 11.20. This release fixes two security vulnerabilities over 80 bugs reported over the last several months. CVE-2023-2454: CREATE SCHEMA ... schema_element defeats protective search_path changes. This enabled an attacker having database-level CREATE privilege to execute arbitrary code as the bootstrap superuser. Database owners have that right by default, and explicit grants may extend it to other users. CVE-2023-2455: Row security policies disregard user ID changes after inlining. While CVE-2016-2193 fixed most interaction between row security and user ID changes, it missed a scenario involving function inlining. This leads to potentially incorrect policies being applied in cases where role-specific policies are used and a given query is planned under one role and then executed under other roles. This scenario can happen under security definer functions or when a common user and query is planned initially and then re-used across multiple SET ROLEs. Applying an incorrect policy may permit a user to complete otherwise-forbidden reads and modifications. This affects only databases that have used CREATE POLICY to define a row security policy. Security: fbb5a260-f00f-11ed-bbae-6cc21735f730 Security: 4b636f50-f011-11ed-bbae-6cc21735f730 Release-notes: https://www.postgresql.org/docs/release/ 2023-04-15T13:14:58Z Muhammad Moinur Rahman bofh@FreeBSD.org 2023-04-15T11:59:01Z urn:sha1:ddfc15b451da2c7390561e8dfe81977b3e591961 - postgresql 11 is set to reach EOL on 2023-11-09 See : https://www.postgresql.org/support/versioning/ - Set EXPIRATION_DATE on 2023-12-31 - Fix CONFLICTS for postgresql11-pgtcl 2023-04-13T00:56:37Z Jan Beich jbeich@FreeBSD.org 2023-03-23T17:56:40Z urn:sha1:f1f1a8be887ee2c5d75bec33cb8f8a89454e606b - Temporarily switch to GitHub auto archive (release artifacts are N/A atm) Changes: https://github.com/unicode-org/icu/releases/tag/release-73-1 Reported by: GitHub (watch releases) PR: 270422 Exp-run by: antoine 2023-02-09T14:52:35Z Palle Girgensohn girgen@FreeBSD.org 2023-02-09T14:48:12Z urn:sha1:8f04ac817353175e8f73e8561d404b81b9d20ce4 The PostgreSQL Global Development Group has released an update to all supported versions of PostgreSQL, including 15.2, 14.7, 13.10, 12.14, and 11.19. This release closes one security vulnerability and fixes over 60 bugs reported over the last several months. Release notes: https://www.postgresql.org/docs/release/ Security: CVE-2022-41862: Client memory disclosure when connecting, with Kerberos, to modified server. 2022-11-15T15:40:59Z Dmitry Marakasov amdmi3@FreeBSD.org 2022-05-17T10:49:50Z urn:sha1:d512e8cce2abc9375784bc1dc4c91d5353e867a0 PostgreSQL server may use late-mounted filesystems, so require these in rc.d scripts. Real life example is when /tmp is late-mounted tmpfs atop of ZFS, and if posgresql-server starts before mountlate, its socket which resides on /tmp is hidden under tmpfs which is mounted afterwards. PR: 267500 Approved by: maintainer timeout (pgsql, 2 weeks)