- Address postgresql*-servers for crypt vulnerability (CVE-2012-2143)

http://www.postgresql.org/about/news/1397/ With hat: pgsql
author: Jason Helfman <jgh@FreeBSD.org> 2012-05-30 22:26:15 +0000
committer: Jason Helfman <jgh@FreeBSD.org> 2012-05-30 22:26:15 +0000
commit: 8efd38a2acd90422d224e1fa1d4f626f7860bf65 (patch)
tree: 49ddd7bd48b77fbe1cf65ae4b8980a1a8da8399f /UPDATING
parent: 2e709bad88c632541301f9dd56cda17a66a6e59e (diff)
download: ports-8efd38a2acd90422d224e1fa1d4f626f7860bf65.tar.gz
ports-8efd38a2acd90422d224e1fa1d4f626f7860bf65.zip
1 files changed, 11 insertions, 0 deletions
diff --git a/UPDATING b/UPDATING
index c2de183bccc6..1941a77fc761 100644
--- a/UPDATING
+++ b/UPDATING
@@ -6,6 +6,17 @@ You should get into the habit of checking this file for changes each time
 you update your ports collection, before attempting any port upgrades.
 
 20120530:
+  AFFECTS: users of databases/postgresql*-server
+  AUTHOR:  jgh@FreeBSD.org
+
+  Affected users are those who use the crypt(text, text) function with
+  DES encryption in the optional pg_crypto module. Passwords affected
+  are those that contain characters that cannot be represented with
+  7-bit ASCII. If a password contains a character that has the most
+  significant bit set (0x80), and DES encryption is used, that character
+  and all characters after it will be ignored.
+
+20120530:
   AFFECTS: users of net/nss-pam-ldap
   AUTHOR: scheidell@FreeBSD.org
author	Jason Helfman <jgh@FreeBSD.org>	2012-05-30 22:26:15 +0000
committer	Jason Helfman <jgh@FreeBSD.org>	2012-05-30 22:26:15 +0000
commit	8efd38a2acd90422d224e1fa1d4f626f7860bf65 (patch)
tree	49ddd7bd48b77fbe1cf65ae4b8980a1a8da8399f /UPDATING
parent	2e709bad88c632541301f9dd56cda17a66a6e59e (diff)
download	ports-8efd38a2acd90422d224e1fa1d4f626f7860bf65.tar.gz ports-8efd38a2acd90422d224e1fa1d4f626f7860bf65.zip