diff options
| author | Palle Girgensohn <girgen@FreeBSD.org> | 2012-06-04 11:00:52 +0000 | 
|---|---|---|
| committer | Palle Girgensohn <girgen@FreeBSD.org> | 2012-06-04 11:00:52 +0000 | 
| commit | 3d2b0e285a074ae100671923ddf0e98f6a765488 (patch) | |
| tree | a02f3a4eae268135de9af75b4be0b9a57b94e6b8 /databases/postgresql91-server/files | |
| parent | Fix loading of old options (diff) | |
The PostgreSQL Global Development Group today released security updates for all
active branches of the PostgreSQL database system, including versions 9.1.4,
9.0.8, 8.4.12 and 8.3.19.
Users of the crypt(text, text) function with DES encryption in the optional
pg_crypto module should upgrade their installations immediately, if you have'nt
already updated since the port was patched on May 30.  All other database
administrators are urged to upgrade your version of PostgreSQL at the
next scheduled downtime.
URL:      http://www.postgresql.org/about/news/1398/
Security: http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-2143
          Fix incorrect password transformation in contrib/pgcryptoâs DES crypt() function
	  This was fixed in a patch release for the FreeBSD ports on May 30.
Security: http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-2655
          Ignore SECURITY DEFINER and SET attributes for a procedural languageâs call handle
Diffstat (limited to 'databases/postgresql91-server/files')
| -rw-r--r-- | databases/postgresql91-server/files/patch-crypt-des.c | 12 | 
1 files changed, 0 insertions, 12 deletions
| diff --git a/databases/postgresql91-server/files/patch-crypt-des.c b/databases/postgresql91-server/files/patch-crypt-des.c deleted file mode 100644 index ce61aaa5b2b7..000000000000 --- a/databases/postgresql91-server/files/patch-crypt-des.c +++ /dev/null @@ -1,12 +0,0 @@ ---- ./contrib/pgcrypto/crypt-des.c -+++ ./contrib/pgcrypto/crypt-des.c -@@ -670,7 +670,8 @@ px_crypt_des(const char *key, const char *setting) - 	q = (uint8 *) keybuf; - 	while (q - (uint8 *) keybuf - 8) - 	{ --		if ((*q++ = *key << 1)) -+		*q++ = *key << 1; -+		if (*key != '\0') - 			key++; - 	} - 	if (des_setkey((char *) keybuf)) | 
