| Commit message (Collapse) | Author | Age | Files | Lines |
|---|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
Two security issues have been fixed in this release which affect users
of specific PostgreSQL features:
CVE-2015-5289: json or jsonb input values constructed from arbitrary
user input can crash the PostgreSQL server and cause a denial of
service.
CVE-2015-5288: The crypt( function included with the optional pgCrypto
extension could be exploited to read a few additional bytes of memory.
No working exploit for this issue has been developed.
This update will also disable SSL renegotiation by default;
previously, it was enabled by default. SSL renegotiation will be
removed entirely in PostgreSQL versions 9.5 and later.
URL: http://www.postgresql.org/about/news/1615/
Security: CVE-2015-5288 CVE-2015-5289
Notes:
svn path=/head/; revision=398895
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
Data Corruption Fix
For users of PostgreSQL versions 9.3 or 9.4, this release fixes a problem where
the database will fail to protect against "multixact wraparound", resulting in
data corruption or loss. Users with a high transaction rate (1 million or more
per hour) in a database with many foreign keys are especially vulnerable. We
strongly urge all users of 9.4 and 9.3 to update their installations in the
next few days.
Users of versions 9.2 and earlier are not affected by this issue.
Security: fc38cd83-00b3-11e5-8ebd-0026551a22dc
Notes:
svn path=/head/; revision=387089
|
| |
|
|
|
|
|
| |
PR: ports/197362
Notes:
svn path=/head/; revision=378604
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
| |
This update fixes multiple security issues reported in PostgreSQL over the past
few months. All of these issues require prior authentication, and some require
additional conditions, and as such are not considered generally urgent.
However, users should examine the list of security holes patched below in case
they are particularly vulnerable.
Security: CVE-2015-0241,CVE-2015-0242,CVE-2015-0243,
CVE-2015-0244,CVE-2014-8161
Notes:
svn path=/head/; revision=378500
|
| |
|
|
| |
Notes:
svn path=/head/; revision=372796
|
| |
|
|
|
|
|
|
|
|
| |
We need -pthread in LDFLAGS for threaded extensions like plv8js to work.
PR: 175783
Submitted by: Li-Wen Hsu <lwhsu@FreeBSD.org>
Notes:
svn path=/head/; revision=372487
|
| |
|
|
| |
Notes:
svn path=/head/; revision=370540
|
| |
|
|
| |
Notes:
svn path=/head/; revision=359941
|
| |
|
|
| |
Notes:
svn path=/head/; revision=354693
|
|
|
release of PostgreSQL 9.4, the latest version of the world's leading
open source database, is available today. This beta contains previews
of all of the features which will be available in version 9.4, and is
ready for testing by the worldwide PostgreSQL community. Please
download, test, and report what you find.
Major Features
--------------
The new major features available for testing in this beta include:
* JSONB: 9.4 includes the new JSONB "binary JSON" type. This new
storage format for document data is higher-performance, and comes with
indexing, functions and operators for manipulating JSON data.
* Replication: The new Data Change Streaming API allows decoding and
transformation of the replication stream. This lays the foundation
for new replication tools that support high-speed and more flexible
replication and scale-out solutions.
* Materialized Views with "Refresh Concurrently", which permit
fast-response background summary reports for complex data.
* ALTER SYSTEM SET, which enables modifications to postgresql.conf
from the SQL command line and from remote clients, easing
administration tasks.
Notes:
svn path=/head/; revision=354425
|
