From 3d2b0e285a074ae100671923ddf0e98f6a765488 Mon Sep 17 00:00:00 2001 From: Palle Girgensohn Date: Mon, 4 Jun 2012 11:00:52 +0000 Subject: The PostgreSQL Global Development Group today released security updates for all active branches of the PostgreSQL database system, including versions 9.1.4, 9.0.8, 8.4.12 and 8.3.19. MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit Users of the crypt(text, text) function with DES encryption in the optional pg_crypto module should upgrade their installations immediately, if you have'nt already updated since the port was patched on May 30. All other database administrators are urged to upgrade your version of PostgreSQL at the next scheduled downtime. URL: http://www.postgresql.org/about/news/1398/ Security: http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-2143 Fix incorrect password transformation in contrib/pgcrypto’s DES crypt() function This was fixed in a patch release for the FreeBSD ports on May 30. Security: http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-2655 Ignore SECURITY DEFINER and SET attributes for a procedural language’s call handle --- databases/postgresql84-server/Makefile | 4 ++-- databases/postgresql84-server/distinfo | 4 ++-- databases/postgresql84-server/files/patch-crypt-des.c | 12 ------------ databases/postgresql84-server/pkg-plist-server | 1 + 4 files changed, 5 insertions(+), 16 deletions(-) delete mode 100644 databases/postgresql84-server/files/patch-crypt-des.c (limited to 'databases/postgresql84-server') diff --git a/databases/postgresql84-server/Makefile b/databases/postgresql84-server/Makefile index 5ac8cd1de70c..fe71d32a04a7 100644 --- a/databases/postgresql84-server/Makefile +++ b/databases/postgresql84-server/Makefile @@ -6,8 +6,8 @@ # PORTNAME?= postgresql -DISTVERSION?= 8.4.11 -PORTREVISION?= 1 +DISTVERSION?= 8.4.12 +PORTREVISION?= 0 CATEGORIES?= databases MASTER_SITES= ${MASTER_SITE_PGSQL} MASTER_SITE_SUBDIR= source/v${DISTVERSION} diff --git a/databases/postgresql84-server/distinfo b/databases/postgresql84-server/distinfo index 7e9a7a1883f8..03b93cae580f 100644 --- a/databases/postgresql84-server/distinfo +++ b/databases/postgresql84-server/distinfo @@ -1,4 +1,4 @@ -SHA256 (postgresql/postgresql-8.4.11.tar.bz2) = 5bbc9ff1d16282b592600d7c6b9cb1a93049d4aa9a961e3c2c8d5fb13b189c8f -SIZE (postgresql/postgresql-8.4.11.tar.bz2) = 14502434 +SHA256 (postgresql/postgresql-8.4.12.tar.bz2) = 99b7b330ec183828988c7e8ec1b675393f24b10017a2e1d03b8ff48c4dfc0f77 +SIZE (postgresql/postgresql-8.4.12.tar.bz2) = 14509007 SHA256 (postgresql/pg-840-icu-2009-09-15.diff.gz) = c09d3b59340a3bb6ea754e985739d4fbb47f730d1e48a357c5585825034fc72e SIZE (postgresql/pg-840-icu-2009-09-15.diff.gz) = 4321 diff --git a/databases/postgresql84-server/files/patch-crypt-des.c b/databases/postgresql84-server/files/patch-crypt-des.c deleted file mode 100644 index ce61aaa5b2b7..000000000000 --- a/databases/postgresql84-server/files/patch-crypt-des.c +++ /dev/null @@ -1,12 +0,0 @@ ---- ./contrib/pgcrypto/crypt-des.c -+++ ./contrib/pgcrypto/crypt-des.c -@@ -670,7 +670,8 @@ px_crypt_des(const char *key, const char *setting) - q = (uint8 *) keybuf; - while (q - (uint8 *) keybuf - 8) - { -- if ((*q++ = *key << 1)) -+ *q++ = *key << 1; -+ if (*key != '\0') - key++; - } - if (des_setkey((char *) keybuf)) diff --git a/databases/postgresql84-server/pkg-plist-server b/databases/postgresql84-server/pkg-plist-server index abab938e7197..ab8330ece20f 100644 --- a/databases/postgresql84-server/pkg-plist-server +++ b/databases/postgresql84-server/pkg-plist-server @@ -223,6 +223,7 @@ share/postgresql/snowball_create.sql %%TZDATA%%share/postgresql/timezone/America/Coral_Harbour %%TZDATA%%share/postgresql/timezone/America/Cordoba %%TZDATA%%share/postgresql/timezone/America/Costa_Rica +%%TZDATA%%share/postgresql/timezone/America/Creston %%TZDATA%%share/postgresql/timezone/America/Cuiaba %%TZDATA%%share/postgresql/timezone/America/Curacao %%TZDATA%%share/postgresql/timezone/America/Danmarkshavn -- cgit v1.2.3