diff options
Diffstat (limited to 'databases')
25 files changed, 68 insertions, 133 deletions
diff --git a/databases/postgresql12-server/Makefile b/databases/postgresql12-server/Makefile index 9a8fc4370856..6ba84eb2c9c6 100644 --- a/databases/postgresql12-server/Makefile +++ b/databases/postgresql12-server/Makefile @@ -1,4 +1,4 @@ -DISTVERSION?= 12.18 +DISTVERSION?= 12.19 # PORTREVISION must be ?= otherwise, all slave ports get this PORTREVISION and # not their own. Probably best to keep it at ?=0 when reset here too. PORTREVISION?= 0 diff --git a/databases/postgresql12-server/distinfo b/databases/postgresql12-server/distinfo index 3c9545cf422b..a9c254216026 100644 --- a/databases/postgresql12-server/distinfo +++ b/databases/postgresql12-server/distinfo @@ -1,3 +1,3 @@ -TIMESTAMP = 1707301238 -SHA256 (postgresql/postgresql-12.18.tar.bz2) = 4f9919725d941ce9868e07fe1ed1d3a86748599b483386547583928b74c3918a -SIZE (postgresql/postgresql-12.18.tar.bz2) = 21208935 +TIMESTAMP = 1715095959 +SHA256 (postgresql/postgresql-12.19.tar.bz2) = 617e3de52c22e822f4f57d01d5b2240503e198a9eccaf598a851109bd18e6fbb +SIZE (postgresql/postgresql-12.19.tar.bz2) = 21218699 diff --git a/databases/postgresql12-server/files/pkg-message-contrib.in b/databases/postgresql12-server/files/pkg-message-contrib.in index 2d9f3d86e71c..006f700a3ae1 100644 --- a/databases/postgresql12-server/files/pkg-message-contrib.in +++ b/databases/postgresql12-server/files/pkg-message-contrib.in @@ -2,7 +2,7 @@ { type: install message: <<EOM The PostgreSQL contrib utilities have been installed. Please see -%%PREFIX%%/share/doc/postgresql/contrib/README +%%DOCSDIR%%/README-contrib for more information. EOM } diff --git a/databases/postgresql13-server/Makefile b/databases/postgresql13-server/Makefile index 7270ba17d2b6..1ff3d0035045 100644 --- a/databases/postgresql13-server/Makefile +++ b/databases/postgresql13-server/Makefile @@ -1,4 +1,4 @@ -DISTVERSION?= 13.14 +DISTVERSION?= 13.15 # PORTREVISION must be ?= otherwise, all slave ports get this PORTREVISION and # not their own. Probably best to keep it at ?=0 when reset here too. PORTREVISION?= 0 diff --git a/databases/postgresql13-server/distinfo b/databases/postgresql13-server/distinfo index 80076e8078ef..7bed84f9d7ba 100644 --- a/databases/postgresql13-server/distinfo +++ b/databases/postgresql13-server/distinfo @@ -1,3 +1,3 @@ -TIMESTAMP = 1707301284 -SHA256 (postgresql/postgresql-13.14.tar.bz2) = b8df078551898960bd500dc5d38a177e9905376df81fe7f2b660a1407fa6a5ed -SIZE (postgresql/postgresql-13.14.tar.bz2) = 21584146 +TIMESTAMP = 1715095960 +SHA256 (postgresql/postgresql-13.15.tar.bz2) = 42edd415446d33b8c242be76d1ad057531b2264b2e86939339b7075c6e4ec925 +SIZE (postgresql/postgresql-13.15.tar.bz2) = 21597871 diff --git a/databases/postgresql13-server/files/patch-disable-llvm-jit-inlining-with-tls b/databases/postgresql13-server/files/patch-disable-llvm-jit-inlining-with-tls deleted file mode 100644 index 02686061ce99..000000000000 --- a/databases/postgresql13-server/files/patch-disable-llvm-jit-inlining-with-tls +++ /dev/null @@ -1,24 +0,0 @@ -Do not inline functions which access TLS in LLVM JIT, as -this leads to crashes with unsupported relocation error - -diff --git src/backend/jit/llvm/llvmjit_inline.cpp src/backend/jit/llvm/llvmjit_inline.cpp -index 2617a46..a063edb 100644 ---- src/backend/jit/llvm/llvmjit_inline.cpp -+++ src/backend/jit/llvm/llvmjit_inline.cpp -@@ -608,6 +608,16 @@ function_inlinable(llvm::Function &F, - if (rv->materialize()) - elog(FATAL, "failed to materialize metadata"); - -+ /* -+ * Don't inline functions with thread-local variables until -+ * related crashes are investigated (see BUG #16696) -+ */ -+ if (rv->isThreadLocal()) { -+ ilog(DEBUG1, "cannot inline %s due to thread-local variable %s", -+ F.getName().data(), rv->getName().data()); -+ return false; -+ } -+ - /* - * Never want to inline externally visible vars, cheap enough to - * reference. diff --git a/databases/postgresql13-server/files/pkg-message-contrib.in b/databases/postgresql13-server/files/pkg-message-contrib.in index 2d9f3d86e71c..006f700a3ae1 100644 --- a/databases/postgresql13-server/files/pkg-message-contrib.in +++ b/databases/postgresql13-server/files/pkg-message-contrib.in @@ -2,7 +2,7 @@ { type: install message: <<EOM The PostgreSQL contrib utilities have been installed. Please see -%%PREFIX%%/share/doc/postgresql/contrib/README +%%DOCSDIR%%/README-contrib for more information. EOM } diff --git a/databases/postgresql14-server/Makefile b/databases/postgresql14-server/Makefile index a4599c1bb31c..6dc8a6c17b13 100644 --- a/databases/postgresql14-server/Makefile +++ b/databases/postgresql14-server/Makefile @@ -1,4 +1,4 @@ -DISTVERSION?= 14.11 +DISTVERSION?= 14.12 # PORTREVISION must be ?= otherwise, all slave ports get this PORTREVISION and # not their own. Probably best to keep it at ?=0 when reset here too. PORTREVISION?= 0 diff --git a/databases/postgresql14-server/distinfo b/databases/postgresql14-server/distinfo index 6d31689b1b7b..97f5e287f4d5 100644 --- a/databases/postgresql14-server/distinfo +++ b/databases/postgresql14-server/distinfo @@ -1,3 +1,3 @@ -TIMESTAMP = 1707301184 -SHA256 (postgresql/postgresql-14.11.tar.bz2) = a670bd7dce22dcad4297b261136b3b1d4a09a6f541719562aa14ca63bf2968a8 -SIZE (postgresql/postgresql-14.11.tar.bz2) = 22354758 +TIMESTAMP = 1715095961 +SHA256 (postgresql/postgresql-14.12.tar.bz2) = 6118d08f9ddcc1bd83cf2b7cc74d3b583bdcec2f37e6245a8ac003b8faa80923 +SIZE (postgresql/postgresql-14.12.tar.bz2) = 22390865 diff --git a/databases/postgresql14-server/files/patch-disable-llvm-jit-inlining-with-tls b/databases/postgresql14-server/files/patch-disable-llvm-jit-inlining-with-tls deleted file mode 100644 index 02686061ce99..000000000000 --- a/databases/postgresql14-server/files/patch-disable-llvm-jit-inlining-with-tls +++ /dev/null @@ -1,24 +0,0 @@ -Do not inline functions which access TLS in LLVM JIT, as -this leads to crashes with unsupported relocation error - -diff --git src/backend/jit/llvm/llvmjit_inline.cpp src/backend/jit/llvm/llvmjit_inline.cpp -index 2617a46..a063edb 100644 ---- src/backend/jit/llvm/llvmjit_inline.cpp -+++ src/backend/jit/llvm/llvmjit_inline.cpp -@@ -608,6 +608,16 @@ function_inlinable(llvm::Function &F, - if (rv->materialize()) - elog(FATAL, "failed to materialize metadata"); - -+ /* -+ * Don't inline functions with thread-local variables until -+ * related crashes are investigated (see BUG #16696) -+ */ -+ if (rv->isThreadLocal()) { -+ ilog(DEBUG1, "cannot inline %s due to thread-local variable %s", -+ F.getName().data(), rv->getName().data()); -+ return false; -+ } -+ - /* - * Never want to inline externally visible vars, cheap enough to - * reference. diff --git a/databases/postgresql14-server/files/pkg-message-contrib.in b/databases/postgresql14-server/files/pkg-message-contrib.in index 2d9f3d86e71c..006f700a3ae1 100644 --- a/databases/postgresql14-server/files/pkg-message-contrib.in +++ b/databases/postgresql14-server/files/pkg-message-contrib.in @@ -2,7 +2,7 @@ { type: install message: <<EOM The PostgreSQL contrib utilities have been installed. Please see -%%PREFIX%%/share/doc/postgresql/contrib/README +%%DOCSDIR%%/README-contrib for more information. EOM } diff --git a/databases/postgresql14-server/files/pkg-message-server.in b/databases/postgresql14-server/files/pkg-message-server.in index 6370d4a017cc..8253d3c2541b 100644 --- a/databases/postgresql14-server/files/pkg-message-server.in +++ b/databases/postgresql14-server/files/pkg-message-server.in @@ -62,10 +62,22 @@ NB. If you're not using a checksumming filesystem like ZFS, you might wish to enable data checksumming. It can be enabled during the initdb phase, by adding the "--data-checksums" flag to the postgresql_initdb_flags rcvar. Otherwise you can enable it later by - pg_checksums. Check the initdb(1) manpage for more info + using pg_checksums. Check the initdb(1) manpage for more info and make sure you understand the performance implications. ====================================================================== + +SECURITY ADVICE + +If upgradring from a version 14.x < 14.12: +A security vulnerability was found in the system views pg_stats_ext +and pg_stats_ext_exprs, potentially allowing authenticated database +users to see data they shouldn't. If this is of concern in your +installation, run the SQL script %%DATADIR%%/fix-CVE-2024-4317.sql +for each of your databases. For details, see +https://www.postgresql.org/support/security/CVE-2024-4317/ + + EOM } ] diff --git a/databases/postgresql14-server/pkg-plist-server b/databases/postgresql14-server/pkg-plist-server index 15de69ff20f5..8f00f179a298 100644 --- a/databases/postgresql14-server/pkg-plist-server +++ b/databases/postgresql14-server/pkg-plist-server @@ -750,6 +750,7 @@ lib/postgresql/utf8_and_win.so %%DATADIR%%/errcodes.txt %%DATADIR%%/extension/plpgsql--1.0.sql %%DATADIR%%/extension/plpgsql.control +%%DATADIR%%/fix-CVE-2024-4317.sql %%DATADIR%%/information_schema.sql %%DATADIR%%/pg_hba.conf.sample %%DATADIR%%/pg_ident.conf.sample diff --git a/databases/postgresql15-server/Makefile b/databases/postgresql15-server/Makefile index 73cdb6c2b2da..ad7d23054e86 100644 --- a/databases/postgresql15-server/Makefile +++ b/databases/postgresql15-server/Makefile @@ -1,4 +1,4 @@ -DISTVERSION?= 15.6 +DISTVERSION?= 15.7 # PORTREVISION must be ?= otherwise, all slave ports get this PORTREVISION and # not their own. Probably best to keep it at ?=0 when reset here too. PORTREVISION?= 0 diff --git a/databases/postgresql15-server/distinfo b/databases/postgresql15-server/distinfo index b23b22c9acc4..845cdd374469 100644 --- a/databases/postgresql15-server/distinfo +++ b/databases/postgresql15-server/distinfo @@ -1,3 +1,3 @@ -TIMESTAMP = 1707301241 -SHA256 (postgresql/postgresql-15.6.tar.bz2) = 8455146ed9c69c93a57de954aead0302cafad035c2b242175d6aa1e17ebcb2fb -SIZE (postgresql/postgresql-15.6.tar.bz2) = 23093967 +TIMESTAMP = 1715095962 +SHA256 (postgresql/postgresql-15.7.tar.bz2) = a46fe49485ab6385e39dabbbb654f5d3049206f76cd695e224268729520998f7 +SIZE (postgresql/postgresql-15.7.tar.bz2) = 23112318 diff --git a/databases/postgresql15-server/files/patch-disable-llvm-jit-inlining-with-tls b/databases/postgresql15-server/files/patch-disable-llvm-jit-inlining-with-tls deleted file mode 100644 index 02686061ce99..000000000000 --- a/databases/postgresql15-server/files/patch-disable-llvm-jit-inlining-with-tls +++ /dev/null @@ -1,24 +0,0 @@ -Do not inline functions which access TLS in LLVM JIT, as -this leads to crashes with unsupported relocation error - -diff --git src/backend/jit/llvm/llvmjit_inline.cpp src/backend/jit/llvm/llvmjit_inline.cpp -index 2617a46..a063edb 100644 ---- src/backend/jit/llvm/llvmjit_inline.cpp -+++ src/backend/jit/llvm/llvmjit_inline.cpp -@@ -608,6 +608,16 @@ function_inlinable(llvm::Function &F, - if (rv->materialize()) - elog(FATAL, "failed to materialize metadata"); - -+ /* -+ * Don't inline functions with thread-local variables until -+ * related crashes are investigated (see BUG #16696) -+ */ -+ if (rv->isThreadLocal()) { -+ ilog(DEBUG1, "cannot inline %s due to thread-local variable %s", -+ F.getName().data(), rv->getName().data()); -+ return false; -+ } -+ - /* - * Never want to inline externally visible vars, cheap enough to - * reference. diff --git a/databases/postgresql15-server/files/pkg-message-contrib.in b/databases/postgresql15-server/files/pkg-message-contrib.in index 2d9f3d86e71c..006f700a3ae1 100644 --- a/databases/postgresql15-server/files/pkg-message-contrib.in +++ b/databases/postgresql15-server/files/pkg-message-contrib.in @@ -2,7 +2,7 @@ { type: install message: <<EOM The PostgreSQL contrib utilities have been installed. Please see -%%PREFIX%%/share/doc/postgresql/contrib/README +%%DOCSDIR%%/README-contrib for more information. EOM } diff --git a/databases/postgresql15-server/files/pkg-message-server.in b/databases/postgresql15-server/files/pkg-message-server.in index 6370d4a017cc..946ff1d75b6d 100644 --- a/databases/postgresql15-server/files/pkg-message-server.in +++ b/databases/postgresql15-server/files/pkg-message-server.in @@ -62,10 +62,22 @@ NB. If you're not using a checksumming filesystem like ZFS, you might wish to enable data checksumming. It can be enabled during the initdb phase, by adding the "--data-checksums" flag to the postgresql_initdb_flags rcvar. Otherwise you can enable it later by - pg_checksums. Check the initdb(1) manpage for more info + using pg_checksums. Check the initdb(1) manpage for more info and make sure you understand the performance implications. ====================================================================== + +SECURITY ADVICE + +If upgradring from a version 15.x < 15.7: +A security vulnerability was found in the system views pg_stats_ext +and pg_stats_ext_exprs, potentially allowing authenticated database +users to see data they shouldn't. If this is of concern in your +installation, run the SQL script %%DATADIR%%/fix-CVE-2024-4317.sql +for each of your databases. For details, see +https://www.postgresql.org/support/security/CVE-2024-4317/ + + EOM } ] diff --git a/databases/postgresql15-server/pkg-plist-server b/databases/postgresql15-server/pkg-plist-server index 4399bd1bd895..cea77992a139 100644 --- a/databases/postgresql15-server/pkg-plist-server +++ b/databases/postgresql15-server/pkg-plist-server @@ -786,6 +786,7 @@ lib/postgresql/utf8_and_win.so %%DATADIR%%/errcodes.txt %%DATADIR%%/extension/plpgsql--1.0.sql %%DATADIR%%/extension/plpgsql.control +%%DATADIR%%/fix-CVE-2024-4317.sql %%DATADIR%%/information_schema.sql %%DATADIR%%/pg_hba.conf.sample %%DATADIR%%/pg_ident.conf.sample diff --git a/databases/postgresql16-server/Makefile b/databases/postgresql16-server/Makefile index bb6e623c3449..2adc5a60ec4a 100644 --- a/databases/postgresql16-server/Makefile +++ b/databases/postgresql16-server/Makefile @@ -1,5 +1,5 @@ PORTNAME?= postgresql -DISTVERSION?= 16.2 +DISTVERSION?= 16.3 # PORTREVISION must be ?= otherwise, all slave ports get this PORTREVISION and # not their own. Probably best to keep it at ?=0 when reset here too. PORTREVISION?= 0 @@ -81,7 +81,7 @@ CONFIGURE_ENV+= PATH=${PREFIX}/bin:${PATH} .endif .if defined(SERVER_ONLY) -OPTIONS_DEFINE= DTRACE LDAP INTDATE TZDATA XML DOCS +OPTIONS_DEFINE= DTRACE LDAP TZDATA XML DOCS LDAP_DESC= Build with LDAP authentication support TZDATA_DESC= Use internal timezone database XML_DESC= Build with XML data type @@ -114,12 +114,6 @@ LLVM_CONFIGURE_ENV= LLVM_CONFIG=${LLVM_CONFIG} \ CLANG=${LOCALBASE}/bin/clang${LLVM_VERSION} LLVM_USES= llvm:max=15,min=11,lib -# See http://www.freebsd.org/cgi/query-pr.cgi?pr=ports/76999 for more info -# (requires dump/restore if modified.) -OPTIONS_DEFINE+= INTDATE -INTDATE_DESC= Builds with 64-bit date/time type -OPTIONS_DEFAULT+= INTDATE - CONFIGURE_ARGS+= --with-icu LIB_DEPENDS+= libicudata.so:devel/icu USES+= pkgconfig @@ -162,8 +156,6 @@ XML_LIB_DEPENDS= libxml2.so:textproc/libxml2 TZDATA_CONFIGURE_OFF= --with-system-tzdata=/usr/share/zoneinfo -INTDATE_CONFIGURE_OFF= --disable-integer-datetimes - NLS_CONFIGURE_ENABLE= nls NLS_USES= gettext diff --git a/databases/postgresql16-server/distinfo b/databases/postgresql16-server/distinfo index bb2283ecf3ea..a5b9b692f324 100644 --- a/databases/postgresql16-server/distinfo +++ b/databases/postgresql16-server/distinfo @@ -1,3 +1,3 @@ -TIMESTAMP = 1707301242 -SHA256 (postgresql/postgresql-16.2.tar.bz2) = 446e88294dbc2c9085ab4b7061a646fa604b4bec03521d5ea671c2e5ad9b2952 -SIZE (postgresql/postgresql-16.2.tar.bz2) = 24711703 +TIMESTAMP = 1715095963 +SHA256 (postgresql/postgresql-16.3.tar.bz2) = 331963d5d3dc4caf4216a049fa40b66d6bcb8c730615859411b9518764e60585 +SIZE (postgresql/postgresql-16.3.tar.bz2) = 24737644 diff --git a/databases/postgresql16-server/files/patch-disable-llvm-jit-inlining-with-tls b/databases/postgresql16-server/files/patch-disable-llvm-jit-inlining-with-tls deleted file mode 100644 index 02686061ce99..000000000000 --- a/databases/postgresql16-server/files/patch-disable-llvm-jit-inlining-with-tls +++ /dev/null @@ -1,24 +0,0 @@ -Do not inline functions which access TLS in LLVM JIT, as -this leads to crashes with unsupported relocation error - -diff --git src/backend/jit/llvm/llvmjit_inline.cpp src/backend/jit/llvm/llvmjit_inline.cpp -index 2617a46..a063edb 100644 ---- src/backend/jit/llvm/llvmjit_inline.cpp -+++ src/backend/jit/llvm/llvmjit_inline.cpp -@@ -608,6 +608,16 @@ function_inlinable(llvm::Function &F, - if (rv->materialize()) - elog(FATAL, "failed to materialize metadata"); - -+ /* -+ * Don't inline functions with thread-local variables until -+ * related crashes are investigated (see BUG #16696) -+ */ -+ if (rv->isThreadLocal()) { -+ ilog(DEBUG1, "cannot inline %s due to thread-local variable %s", -+ F.getName().data(), rv->getName().data()); -+ return false; -+ } -+ - /* - * Never want to inline externally visible vars, cheap enough to - * reference. diff --git a/databases/postgresql16-server/files/pkg-message-contrib.in b/databases/postgresql16-server/files/pkg-message-contrib.in index 2d9f3d86e71c..006f700a3ae1 100644 --- a/databases/postgresql16-server/files/pkg-message-contrib.in +++ b/databases/postgresql16-server/files/pkg-message-contrib.in @@ -2,7 +2,7 @@ { type: install message: <<EOM The PostgreSQL contrib utilities have been installed. Please see -%%PREFIX%%/share/doc/postgresql/contrib/README +%%DOCSDIR%%/README-contrib for more information. EOM } diff --git a/databases/postgresql16-server/files/pkg-message-server.in b/databases/postgresql16-server/files/pkg-message-server.in index 6370d4a017cc..1d79c1d88b58 100644 --- a/databases/postgresql16-server/files/pkg-message-server.in +++ b/databases/postgresql16-server/files/pkg-message-server.in @@ -62,10 +62,22 @@ NB. If you're not using a checksumming filesystem like ZFS, you might wish to enable data checksumming. It can be enabled during the initdb phase, by adding the "--data-checksums" flag to the postgresql_initdb_flags rcvar. Otherwise you can enable it later by - pg_checksums. Check the initdb(1) manpage for more info + using pg_checksums. Check the initdb(1) manpage for more info and make sure you understand the performance implications. ====================================================================== + +SECURITY ADVICE + +If upgradring from a version 16.x < 16.3 +A security vulnerability was found in the system views pg_stats_ext +and pg_stats_ext_exprs, potentially allowing authenticated database +users to see data they shouldn't. If this is of concern in your +installation, run the SQL script %%DATADIR%%/fix-CVE-2024-4317.sql +for each of your databases. For details, see +https://www.postgresql.org/support/security/CVE-2024-4317/ + + EOM } ] diff --git a/databases/postgresql16-server/pkg-plist-server b/databases/postgresql16-server/pkg-plist-server index 7e434ac68e7b..898700cf027f 100644 --- a/databases/postgresql16-server/pkg-plist-server +++ b/databases/postgresql16-server/pkg-plist-server @@ -800,6 +800,7 @@ lib/postgresql/utf8_and_win.so %%DATADIR%%/errcodes.txt %%DATADIR%%/extension/plpgsql--1.0.sql %%DATADIR%%/extension/plpgsql.control +%%DATADIR%%/fix-CVE-2024-4317.sql %%DATADIR%%/information_schema.sql %%DATADIR%%/pg_hba.conf.sample %%DATADIR%%/pg_ident.conf.sample |