FreeBSD ports tree https://cgit-dev.freebsd.org/ports/atom?h=main 2018-02-10T22:03:15Z 2018-02-10T22:03:15Z Rene Ladan rene@FreeBSD.org 2018-02-10T22:03:15Z urn:sha1:2a60d94fd7129acb2447f23051a7fb768405aa67 2018-01-01 devel/p5-Parse-Pidl: yes 2018-02-08 devel/rubygem-piston: No longer maintained upstream 2017-04-05 databases/postgresql92-server: PostgreSQL 9.2 support has reached End-of-line. Please upgrade to a later version. 2018-02-08T17:38:36Z Palle Girgensohn girgen@FreeBSD.org 2018-02-08T17:38:36Z urn:sha1:955b7d13bc3c846c8db5252aba9551900f2bcd5a 2018-02-08 Security Update Release ================================== The PostgreSQL Global Development Group has released an update to all supported versions of our database system, including 10.2, 9.6.7, 9.5.11, 9.4.16, 9.3.21. This release fixes two security issues. This release also fixes issues with VACUUM, GIN indexes, and hash indexes that could lead to data corruption, as well as fixes for using parallel queries and logical replication. All users using the affected versions of PostgreSQL should update as soon as possible. Please see the notes on "Updating" below for any post-update steps that may be required. Please note that PostgreSQL changed its versioning scheme with the release of version 10.0, so updating to version 10.2 from 10.0 or 10.1 is considered a minor update. Security Issues --------------- Two security vulnerabilities have been fixed by this release: * CVE-2018-1052: Fix the processing of partition keys containing multiple expressions * CVE-2018-1053: Ensure that all temporary files made with "pg_upgrade" are non-world-readable Local fixes to the FreeBSD ports -------------------------------- Inform users about data checksums [1]. Make sure /usr/bin/su is used regardless of PATH settings [2]. Enable DTRACE by default [3]. PR: 214671 [1], 223157 [2], 215028 [3] Security: c602c791-0cf4-11e8-a2ec-6cc21735f730 2018-01-30T13:45:50Z Mathieu Arnold mat@FreeBSD.org 2018-01-30T13:45:50Z urn:sha1:9083493096e0f11baa3b399432687ea0dd775a29 PR: 225049 Submitted by: mat Approved by: maintainer timeout Sponsored by: Absolight 2018-01-11T18:31:41Z Tijl Coosemans tijl@FreeBSD.org 2018-01-11T18:31:41Z urn:sha1:9b5bfcb565f4836b50eb05634214f599258670fe 2017-12-18T14:46:23Z Ed Maste emaste@FreeBSD.org 2017-12-18T14:46:23Z urn:sha1:a44b787110191c2f1d597a1a87dd6ac2a6623e30 postgresql*-client ports fail to build with lld as /usr/bin/ld with errors like /usr/bin/ld: error: can't create dynamic relocation R_X86_64_PC32 against symbol: __mb_sb_limit in readonly segment >>> defined in /lib/libc.so.7 >>> referenced by pgstrcasecmp.c >>> pgstrcasecmp.o:(pg_strcasecmp) in archive ../../src/port/libpgport.a Although this appears to affect only -client ports, just set LLD_UNSAFE for all of the postgresql*-* ports for simplicity. Approved by: portmgr (blanket for LLD_UNSAFE) 2017-11-09T16:11:21Z Palle Girgensohn girgen@FreeBSD.org 2017-11-09T16:11:21Z urn:sha1:c007195e816a28e3cf09eb0e3d1863ab200265a2 The PostgreSQL Global Development Group has released an update to all supported versions of our database system, including 10.1, 9.6.6, 9.5.10, 9.4.15, 9.3.20, and 9.2.24. This release fixes three security issues. This release also fixes issues found in BRIN indexing, logical replication and other bugs reported over the past three months. Please note that the CVE-2017-12172 does not affect the FreeBSD port unless you decided to not use the contrib/startscript instead of the startscript distributed with the FreeBSD port/package. Security: CVE-2017-12172, CVE-2017-15099, CVE-2017-15098 URL: https://www.postgresql.org/about/news/1801/ 2017-11-09T02:31:47Z Jan Beich jbeich@FreeBSD.org 2017-11-09T02:31:47Z urn:sha1:99b0558e425b0f42bed2d3895ca2f5b51d0db2bf Changes: http://site.icu-project.org/download/60 ABI: https://abi-laboratory.pro/tracker/timeline/icu4c/ PR: 223373 Exp-run by: antoine 2017-09-25T00:02:36Z Jan Beich jbeich@FreeBSD.org 2017-09-25T00:02:36Z urn:sha1:a38219861723215d3c7d044cc973c09fd60c0646 - Temporarily keep C++98 working in consumers for Clang's default -std= Changes: http://site.icu-project.org/download/59 PR: 218788 Submitted by: takefu@airport.fm, dcarmich@dcarmichael.net (early version) Exp-run by: antoine 2017-09-05T09:27:11Z Palle Girgensohn girgen@FreeBSD.org 2017-09-05T09:27:11Z urn:sha1:548c838795dfe6d521e7c18e1b2b38133ebe0fa9 supported versions of our database system, including 9.6.5, 9.5.9, 9.4.14, 9.3.19, and 9.2.23. This release includes fixes that prevent a crash in pg_restore when using parallel mode. It also patches over a few other bugs reported since the last releases in August. Additionally, in 9.4.14 only, there is a fix to an issue with walsenders preventing primary-server shutdown unless immediate shutdown mode is used. Users should plan to update at the next convenient downtime. Bug Fixes and Improvements This update also fixes a number of bugs reported in the last few weeks. Some of these issues affect only version 9.6, but many affect all supported versions: * Show foreign tables in information_schema.table_privileges view. This fix applies to new databases, see the release notes for the procedure to apply the fix to an existing database. * Correctly identify columns that are of a range type or domain type over a composite type or domain type being searched for * Prevent crash when passing fixed-length pass-by-reference data types to parallel worker processes * Change ecpg’s parser to allow RETURNING clauses without attached C variables * Change ecpg’s parser to recognize backslash continuation of C preprocessor command lines * Improve selection of compiler flags for PL/Perl on Windows 2017-08-10T14:21:20Z Palle Girgensohn girgen@FreeBSD.org 2017-08-10T14:21:20Z urn:sha1:27530e04c3dfba151467e9eaa76b246d3dccf145 supported versions of our database system, including 9.6.4, 9.5.8, 9.4.13, 9.3.18, and 9.2.22. This release fixes three security issues. It also patches over 50 other bugs reported over the last three months. Users who are affected by the below security issues should update as soon as possible. Users affected by CVE-2017-7547 (https://access.redhat.com/security/cve/CVE-2017-7547) will need to perform additional steps after upgrading to resolve the issue. Other users should plan to update at the next convenient downtime. URL: https://www.postgresql.org/about/news/1772/ Security: CVE-2017-7546, CVE-2017-7547, CVE-2017-7548