diff options
author | Palle Girgensohn <girgen@FreeBSD.org> | 2020-02-13 19:14:36 +0000 |
---|---|---|
committer | Palle Girgensohn <girgen@FreeBSD.org> | 2020-02-13 19:14:36 +0000 |
commit | 0782cccb139e9c7982cd27d695075990a46e5095 (patch) | |
tree | 6ba90a631d2e3a9ed49b330adc61241b7415f4b1 /databases/postgresql11-server | |
parent | b01411ae7a5637f18f5fd5508a1dcfd10c6fcfbc (diff) | |
download | ports-0782cccb139e9c7982cd27d695075990a46e5095.tar.gz ports-0782cccb139e9c7982cd27d695075990a46e5095.zip |
The PostgreSQL Global Development Group has released an update to all
supported versions of our database system, including 12.2, 11.7, 10.12,
9.6.17, 9.5.21, and 9.4.26. This release fixes one security issue found
in the PostgreSQL server and over 75 bugs reported over the last three
months.
Users should plan to update as soon as possible.
PostgreSQL 9.4 Now EOL
This is the last release for PostgreSQL 9.4, which will no longer
receive security updates and bug fixes. PostgreSQL 9.4 introduced new
features such as JSONB support, the `ALTER SYSTEM` command, the ability
to stream logical changes to an output plugin, and more:
https://www.postgresql.org/about/news/1557/
https://www.postgresql.org/docs/9.4/release-9-4.html
While we are very proud of this release, these features are also found
in newer versions of PostgreSQL. Many of these features have also
received improvements, and, per our versioning policy, it is time to
retire PostgreSQL 9.4.
To receive continued support, we suggest that you make plans to upgrade
to a newer, supported version of PostgreSQL. Please see the PostgreSQL
versioning policy for more information.
Security Issues
* CVE-2020-1720: `ALTER ... DEPENDS ON EXTENSION` is missing
authorization checks.
Versions Affected: 9.6 - 12
The `ALTER ... DEPENDS ON EXTENSION` sub-commands do not perform
authorization checks, which can allow an unprivileged user to drop any
function, procedure, materialized view, index, or trigger under certain
conditions. This attack is possible if an administrator has installed an
extension and an unprivileged user can `CREATE`, or an extension owner
either executes `DROP EXTENSION` predictably or can be convinced to
execute `DROP EXTENSION`.
Release notes: https://www.postgresql.org/docs/current/release.html
Notes
Notes:
svn path=/head/; revision=526063
Diffstat (limited to 'databases/postgresql11-server')
-rw-r--r-- | databases/postgresql11-server/Makefile | 2 | ||||
-rw-r--r-- | databases/postgresql11-server/distinfo | 6 |
2 files changed, 4 insertions, 4 deletions
diff --git a/databases/postgresql11-server/Makefile b/databases/postgresql11-server/Makefile index ad9399780c60..aeed3d6ece82 100644 --- a/databases/postgresql11-server/Makefile +++ b/databases/postgresql11-server/Makefile @@ -1,7 +1,7 @@ # Created by: Marc G. Fournier <scrappy@FreeBSD.org> # $FreeBSD$ -DISTVERSION?= 11.6 +DISTVERSION?= 11.7 # PORTREVISION must be ?= otherwise, all slave ports get this PORTREVISION and # not their own. Probably best to keep it at ?=0 when reset here too. PORTREVISION?= 0 diff --git a/databases/postgresql11-server/distinfo b/databases/postgresql11-server/distinfo index 9952f7217724..c10f3b8186db 100644 --- a/databases/postgresql11-server/distinfo +++ b/databases/postgresql11-server/distinfo @@ -1,3 +1,3 @@ -TIMESTAMP = 1573552509 -SHA256 (postgresql/postgresql-11.6.tar.bz2) = 49924f7ff92965fdb20c86e0696f2dc9f8553e1563124ead7beedf8910c13170 -SIZE (postgresql/postgresql-11.6.tar.bz2) = 19843202 +TIMESTAMP = 1581419816 +SHA256 (postgresql/postgresql-11.7.tar.bz2) = 324ae93a8846fbb6a25d562d271bc441ffa8794654c5b2839384834de220a313 +SIZE (postgresql/postgresql-11.7.tar.bz2) = 19890063 |