aboutsummaryrefslogtreecommitdiff
path: root/databases/postgresql92-server/files
diff options
context:
space:
mode:
authorPalle Girgensohn <girgen@FreeBSD.org>2012-06-04 11:00:52 +0000
committerPalle Girgensohn <girgen@FreeBSD.org>2012-06-04 11:00:52 +0000
commit3d2b0e285a074ae100671923ddf0e98f6a765488 (patch)
treea02f3a4eae268135de9af75b4be0b9a57b94e6b8 /databases/postgresql92-server/files
parentad17fa0e98a6b95efeff595bfa90d5a6797ddb69 (diff)
The PostgreSQL Global Development Group today released security updates for all
active branches of the PostgreSQL database system, including versions 9.1.4, 9.0.8, 8.4.12 and 8.3.19. Users of the crypt(text, text) function with DES encryption in the optional pg_crypto module should upgrade their installations immediately, if you have'nt already updated since the port was patched on May 30. All other database administrators are urged to upgrade your version of PostgreSQL at the next scheduled downtime. URL: http://www.postgresql.org/about/news/1398/ Security: http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-2143 Fix incorrect password transformation in contrib/pgcrypto’s DES crypt() function This was fixed in a patch release for the FreeBSD ports on May 30. Security: http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-2655 Ignore SECURITY DEFINER and SET attributes for a procedural language’s call handle
Notes
Notes: svn path=/head/; revision=298347
Diffstat (limited to 'databases/postgresql92-server/files')
-rw-r--r--databases/postgresql92-server/files/patch-crypt-des.c12
1 files changed, 0 insertions, 12 deletions
diff --git a/databases/postgresql92-server/files/patch-crypt-des.c b/databases/postgresql92-server/files/patch-crypt-des.c
deleted file mode 100644
index ce61aaa5b2b7..000000000000
--- a/databases/postgresql92-server/files/patch-crypt-des.c
+++ /dev/null
@@ -1,12 +0,0 @@
---- ./contrib/pgcrypto/crypt-des.c
-+++ ./contrib/pgcrypto/crypt-des.c
-@@ -670,7 +670,8 @@ px_crypt_des(const char *key, const char *setting)
- q = (uint8 *) keybuf;
- while (q - (uint8 *) keybuf - 8)
- {
-- if ((*q++ = *key << 1))
-+ *q++ = *key << 1;
-+ if (*key != '\0')
- key++;
- }
- if (des_setkey((char *) keybuf))