| Commit message (Collapse) | Author | Files | Lines |
|---|
|
2024-12-31 databases/postgresql12-server: PostgreSQL-12 is end-of-life
|
|
The PostgreSQL Global Development Group has released an update to all
supported versions of PostgreSQL, including 16.4, 15.8, 14.13, 13.16,
and 12.20. This release fixes 1 security vulnerability and over 55 bugs
reported over the last several months.
PR: 279671 - make the rc script service jails aware
PR: 279536 - remove LLVM max version restriction
PR: 278887 - SETENV -> SETENVI for -contrib ports
Release notes: https://www.postgresql.org/docs/release/
|
|
Submitted by: John W. O'Brien
|
|
If postgresql_login_class is not set, honour the setting in /etc/passwd.
The previous commit ignored the passwd setting and set the login class
to "default" if it was left unset.
PR: 275851
|
|
PR: 275851 (submitted by takeda at takeda.tk)
|
|
PostgreSQL server may use late-mounted filesystems, so require these
in rc.d scripts. Real life example is when /tmp is late-mounted tmpfs
atop of ZFS, and if posgresql-server starts before mountlate, its
socket which resides on /tmp is hidden under tmpfs which is mounted
afterwards.
PR: 267500
Approved by: maintainer timeout (pgsql, 2 weeks)
|
|
Introduce PostgreSQL-15 to the ports tree.
Make version 15 the master port, and add plist parameter for the
postgresql version.
Release notes: https://www.postgresql.org/docs/devel/release.html
|
|
Changeset ab83f2b4bb78 changed the startup order for Postgresql. The cleartmp
rc.d now comes after the Postgresql startup. Unfortunately, Postgresql likes
to create a socket in /tmp/.s.PGSQL.5432. After cleartmp does its work, that
socket disappears from the filesystem.
Submitted by: Jeroen Pulles
PR: 256335
|
|
PostgreSQL 13.3, 12.7, 11.12, 10.17, and 9.6.22 Released!
The PostgreSQL Global Development Group has released an update to all supported
versions of our database system, including 13.3, 12.7, 11.12, 10.17, and
9.6.22. This release closes three security vulnerabilities and fixes over 45
bugs reported over the last three months.
Security fixes in this release:
CVE-2021-32027: Buffer overrun from integer overflow in array subscripting
calculations
CVE-2021-32028: Memory disclosure in INSERT ... ON CONFLICT ... DO UPDATE
CVE-2021-32029: Memory disclosure in partitioned-table UPDATE ... RETURNING
Also plenty of bug fixes. See the release note for details.
Changes to the port:
Make sure we use the matching version of llvm. This fixes a problem with the
llvm version string not being monotonically increasing with the version
number. [1]
Better pkg message about checksums for postgresql 12+. [2] [4]
Adjust login class parameter to adhere to the documentation in rc.subr(8) [3]:
The rc.conf parameter for the login class of the postgresql daemon has
changed name from postgresql_class to postgresql_login_class, since
rc.subr(8) states that the parameter should be named ${name}_login_class.
Allow parallel builds. [5]
Correct the directory name for the user postgres in pkg message. [6]
PR: 250824 [1], 253558 [2], 236060 [3], 233106 [4], 230656 [5]
PR: 226674 [6]
Submitted by: Michael Zhilin [2], Michael Zhilin [3], Dmitry Chestnykh [4]
Submitted by: Steve Wills [5], knezour [6]
Security: 76e0bb86-b4cb-11eb-b9c9-6cc21735f730
Security: 62da9702-b4cc-11eb-b9c9-6cc21735f730
Release notes: https://www.postgresql.org/docs/release/
|
|
|
|
|
|
The data directory was badly named data11 instead of the more correct data12.
PR: 239798
Submitted by: Dmitry Wagin
Notes:
svn path=/head/; revision=512199
|
|
supported versions of our database system, including 11.5, 10.10,
9.6.15, 9.5.19, and 9.4.24, as well as the third beta of PostgreSQL 12.
This release fixes two security issues in the PostgreSQL server, two
security issues found in one of the PostgreSQL Windows installers, and
over 40 bugs reported since the previous release.
Users should install these updates as soon as possible.
A Note on the PostgreSQL 12 Beta
================================
In the spirit of the open source PostgreSQL community, we strongly
encourage you to test the new features of PostgreSQL 12 in your database
systems to help us eliminate any bugs or other issues that may exist.
While we do not advise you to run PostgreSQL 12 Beta 3 in your
production environments, we encourage you to find ways to run your
typical application workloads against this beta release.
Your testing and feedback will help the community ensure that the
PostgreSQL 12 release upholds our standards of providing a stable,
reliable release of the world's most advanced open source relational
database.
Security Issues
===============
Two security vulnerabilities have been closed by this release:
* CVE-2019-10208: `TYPE` in `pg_temp` executes arbitrary SQL during
`SECURITY DEFINER` execution
Versions Affected: 9.4 - 11
Given a suitable `SECURITY DEFINER` function, an attacker can execute
arbitrary SQL under the identity of the function owner. An attack
requires `EXECUTE` permission on the function, which must itself contain
a function call having inexact argument type match. For example,
`length('foo'::varchar)` and `length('foo')` are inexact, while
`length('foo'::text)` is exact. As part of exploiting this
vulnerability, the attacker uses `CREATE DOMAIN` to create a type in a
`pg_temp` schema. The attack pattern and fix are similar to that for
CVE-2007-2138.
Writing `SECURITY DEFINER` functions continues to require following the
considerations noted in the documentation:
https://www.postgresql.org/docs/devel/sql-createfunction.html#SQL-CREATEFUNCTION-SECURITY
The PostgreSQL project thanks Tom Lane for reporting this problem.
* CVE-2019-10209: Memory disclosure in cross-type comparison for hashed
subplan
Versions Affected: 11
In a database containing hypothetical, user-defined hash equality operators, an attacker could read arbitrary bytes of server memory. For an attack to become possible, a superuser would need to create unusual operators. It is possible for operators not purpose-crafted for attack to have the properties that enable an attack, but we are not aware of specific examples.
The PostgreSQL project thanks Andreas Seltenreich for reporting this problem.
Notes:
svn path=/head/; revision=508390
|
|
supported versions of our database system, including 11.3, 10.8, 9.6.13,
9.5.17, and 9.4.22. This release fixes two security issues in the
PostgreSQL server, a security issue found in two of the PostgreSQL
Windows installers, and over 60 bugs reported over the last three months.
Security: CVE-2019-10129: Memory disclosure in partition routing
Prior to this release, a user running PostgreSQL 11 can read arbitrary
bytes of server memory by executing a purpose-crafted INSERT statement
to a partitioned table.
Security: CVE-2019-10130: Selectivity estimators bypass row security policies
PostgreSQL maintains statistics for tables by sampling data available in
columns; this data is consulted during the query planning process. Prior
to this release, a user able to execute SQL queries with permissions to
read a given column could craft a leaky operator that could read
whatever data had been sampled from that column. If this happened to
include values from rows that the user is forbidden to see by a row
security policy, the user could effectively bypass the policy. This is
fixed by only allowing a non-leakproof operator to use this data if
there are no relevant row security policies for the table.
This issue is present in PostgreSQL 9.5, 9.6, 10, and 11. The PostgreSQL
project thanks Dean Rasheed for reporting this problem.
Also fix a FreeBSD port problem with LLVM [1] and add promote command
to `service postgresql` [2]
PR: 236100, 234879
Submitted by: tomonori.usaka@ubin.jp [1], Trix Farrar [2]
Notes:
svn path=/head/; revision=501149
|
|
Submitted by: Jonathan Chen
PR: 232487
Notes:
svn path=/head/; revision=482724
|
|
PostgreSQL 11, the latest version of the world’s most advanced open
source database.
PostgreSQL 11 provides users with improvements to overall performance of
the database system, with specific enhancements associated with very
large databases and high computational workloads. Further, PostgreSQL 11
makes significant improvements to the table partitioning system, adds
support for stored procedures capable of transaction management,
improves query parallelism and adds parallelized data definition
capabilities, and introduces just-in-time (JIT) compilation for
accelerating the execution of expressions in queries.
"For PostgreSQL 11, our development community focused on adding features
that improve PostgreSQL's ability to manage very large databases," said
Bruce Momjian, a core team member of the PostgreSQL Global Development
Group. "On top of PostgreSQL's proven performance for transactional
workloads, PostgreSQL 11 makes it even easier for developers to run big
data applications at scale."
PostgreSQL benefits from over 20 years of open source development and
has become the preferred open source relational database for developers.
The project continues to receive recognition across the industry, and
has been featured as the "DBMS of the Year 2017" by DB-Engines and in
the SD Times 2018 100.
PostgreSQL 11 is the first major release since PostgreSQL 10 was
released on October 5, 2017. The next update release for PostgreSQL 11
containing bug fixes will be PostgreSQL 11.1, and the next major release
with new features will be PostgreSQL 12.
Release Notes: https://www.postgresql.org/docs/11/static/release-11.html
Notes:
svn path=/head/; revision=482456
|
|
2018-02-08 Security Update Release
==================================
The PostgreSQL Global Development Group has released an update to all supported
versions of our database system, including 10.2, 9.6.7, 9.5.11, 9.4.16, 9.3.21.
This release fixes two security issues. This release also fixes issues with
VACUUM, GIN indexes, and hash indexes that could lead to data corruption, as
well as fixes for using parallel queries and logical replication.
All users using the affected versions of PostgreSQL should update as soon as
possible. Please see the notes on "Updating" below for any post-update steps
that may be required.
Please note that PostgreSQL changed its versioning scheme with the release of
version 10.0, so updating to version 10.2 from 10.0 or 10.1 is considered a
minor update.
Security Issues
---------------
Two security vulnerabilities have been fixed by this release:
* CVE-2018-1052: Fix the processing of partition keys containing multiple
expressions
* CVE-2018-1053: Ensure that all temporary files made with "pg_upgrade" are
non-world-readable
Local fixes to the FreeBSD ports
--------------------------------
Inform users about data checksums [1].
Make sure /usr/bin/su is used regardless of PATH settings [2].
Enable DTRACE by default [3].
PR: 214671 [1], 223157 [2], 215028 [3]
Security: c602c791-0cf4-11e8-a2ec-6cc21735f730
Notes:
svn path=/head/; revision=461251
|
|
...and make sure not to bump portrevision more than necessary.
POINTED OUT BY: Peter Laursen
Notes:
svn path=/head/; revision=450532
|
|
The PostgreSQL Global Development Group announces today that the
third beta release of PostgreSQL 10 is available for download. This
release contains previews of all of the features which will be
available in the final release of version 10, including fixes to many
of the issues found in the second beta. Users are encouraged to begin
testing their applications against 10 beta3.
URL: https://www.postgresql.org/about/news/1771/
Notes:
svn path=/head/; revision=447680
|
|
The PostgreSQL Global Development Group has released an update to all supported
versions of our database system, including 9.6.3, 9.5.7, 9.4.12, 9.3.17, and
9.2.21. This release fixes three security issues. It also patches a number of
other bugs reported over the last three months. Users who use the PGREQUIRESSL
environment variable to control connections, and users who rely on security
isolation between database users when using foreign servers, should update as
soon as possible. Other users should plan to update at the next convenient
downtime.
URL: https://www.postgresql.org/about/news/1746/
Security: CVE-2017-7484, CVE-2017-7485, CVE-2017-7486
Also modify rcorder and let sshd start before PostgreSQL, so any problems
during startup can be reviewed promplty from an ssh login.
Notes:
svn path=/head/; revision=440628
|
|
The PostgreSQL Global Development Group has released an update to all supported
versions of our database system, including 9.6.1, 9.5.5, 9.4.10, 9.3.15,
9.2.19, and 9.1.24.
This release fixes two issues that can cause data corruption, which are
described in more detail below. It also patches a number of other bugs reported
over the last three months. The project urges users to apply this update at the
next possible downtime.
Notes:
svn path=/head/; revision=424765
|
|
Notes:
svn path=/head/; revision=422551
|
|
Please read the entry from 20160905 in UPDATING:
daemon user has changed to `postgres'
ICU is default on
Notes:
svn path=/head/; revision=421360
|
|
- re-assign LOCALBASE to PREFIX
- add PG_GROUP to SUB_PLIST for packaging fix
- fix permissions for package installations
PR: ports/162776
Submitted by: jgh, Phil Phillips < pphillips at experts-exchange.com >
Reviewed by: rene (mentor)
Approved by: crees (maintainer, mentor)
Notes:
svn path=/head/; revision=289587
|
|
literal name_enable wherever possible, and ${name}_enable
when it's not, to prepare for the demise of set_rcvar().
In cases where I had to hand-edit unusual instances also
modify formatting slightly to be more uniform (and in
some cases, correct). This includes adding some $FreeBSD$
tags, and most importantly moving rcvar= to right after
name= so it's clear that one is derived from the other.
Notes:
svn path=/head/; revision=289156
|
|
See http://www.postgresql.org/about/news.1313 for more info.
Also, use USERS knob instead of explicitally creating the pgsql user
while still accepting alternative names, using [1] with some added
magic.
PR: 157667 [1]
Notes:
svn path=/head/; revision=275407
|
|
This update contains a critical fix to the pg_upgrade utility
which prevents significant downtime issues. Do not use
pg_upgrade without installing this update first.
The issue with pg_upgrade and the fix are detailed on the PostgreSQL
wiki: http://wiki.postgresql.org/wiki/20110408pg_upgrade_fix
Users who have already used pg_upgrade should run the database repair
script given on that page on their databases as soon as possible.
See the release notes for each version at
http://www.postgresql.org/docs/current/static/release.html for a full
list of changes with details.
Allow the username of the postgresql user to configurable for 8.4 and 9.0.
Largely inspired by the work of Jason Helfman [153668, 153136].
Change PGUSER knob to PG_USER not to clash with PGUSER environment.
PR: 153668, 153136, 155493, 155137
Notes:
svn path=/head/; revision=272900
|
|
s#. %%RC_SUBR%%#. /etc/rc.subr#
Notes:
svn path=/head/; revision=251553
|
|
propogated by copy and paste.
1. Primarily the "empty variable" default assignment, which is mostly
${name}_flags="", but fix a few others as well.
2. Where they are not already documented, add the existence of the _flags
(or other deleted empties) option to the comments, and in some cases add
comments from scratch.
3. Replace things that look like:
prefix=%%PREFIX%%
command=${prefix}/sbin/foo
to just use %%PREFIX%%. In many cases the $prefix variable is only used
once, and in some cases it is not used at all.
4. In a few cases remove ${name}_flags from command_args
5. Remove a long-stale comment about putting the port's rc.d script in
/etc/rc.d (which is no longer necessary).
No PORTREVISION bumps because all of these changes are noops.
Notes:
svn path=/head/; revision=237892
|
|
Release notes:
http://www.postgresql.org/docs/7.3/static/release.html#RELEASE-7-3-17
http://www.postgresql.org/docs/7.4/static/release.html#RELEASE-7-4-15
http://www.postgresql.org/docs/8.0/static/release.html#RELEASE-8-0-10
http://www.postgresql.org/docs/8.1/static/release.html#RELEASE-8-1-6
http://www.postgresql.org/docs/8.2/static/release-8-2-1.html
The server-side utilities of postgresql (initdb, initlocation,
ipcclean, pg_controldata, pg_ctl, pg_id and pg_resetxlog) are now
installed by the respective postgresql*-server port (previously they
where installed with the client). If you update the client, you should
also update the server to make sure you are not left without the
server-side tools. Do something like:
portupgrade postgresql-client postgresql-server
Notes:
svn path=/head/; revision=181869
|
|
PostgreSQL 8.2.0
Complete release notes are available at
http://www.postgresql.org/docs/current/static/release-8-2.html
Notes:
svn path=/head/; revision=179046
|
|
Release notes:
8.1.5 http://www.postgresql.org/docs/8.1/static/release.html#RELEASE-8-1-5
8.0.9 http://www.postgresql.org/docs/8.0/static/release.html#RELEASE-8-0-9
7.4.14 http://www.postgresql.org/docs/7.4/static/release.html#RELEASE-7-4-14
7.3.16 http://www.postgresql.org/docs/7.3/static/release.html#RELEASE-7-3-16
Change name of the rc script from '010.pgsql.sh' to 'postgresql'
Add optional hierachy patch added for 7.4 and 8.1 ports.
Chase heimdal libs update [reported by several]
For 8.1+ the port enables autovacuum in ~pgsql/postgresql.conf when
running initdb
Cleanup the ports, moving pkg-message-* to files/pkg-message-*.in and
files/pgsql.sh.tmpl to files/postgresql.in. [ports/97767]
PR: ports/97767, submitted by delphij@FreeBSD.org
Notes:
svn path=/head/; revision=176828
|
|
The PostgreSQL Global Development Group today released versions 8.1.4, 8.0.8,
7.4.13 and 7.3.15. This is an urgent update to close a security hole which
can permit a SQL injection attack on some applications running PostgreSQL.
Users are urged to apply the update as soon as reasonably possible. Since the
update affects client functionality, most driver projects will be updating
this week as well.
Because the security issue involved is complex, we have added a section in
Techdocs to explain it: http://www.postgresql.org/docs/techdocs.52. Please
read this first before applying the updates.
Also, fix rc_subr startup problems on FreeBSD-7.x.
Security: http://www.postgresql.org/docs/techdocs.50
PR: ports/95154
Notes:
svn path=/head/; revision=163198
|
|
We have not checked for this KEYWORD for a long time now, so this
is a complete noop, and thus no PORTREVISION bump. Removing it at
this point is mostly for pedantic reasons, and partly to avoid
perpetuating this anachronism by copy and paste to future scripts.
Notes:
svn path=/head/; revision=156534
|
|
"start" when booting, since there's no need waste time checking for
running processes when the OS is starting up.
Bumping portrevision.
PR: 90884
Submitted by: Victor Snezhko <snezhko@indorsoft.ru>
Notes:
svn path=/head/; revision=152024
|
|
add support to select login class for running postgresql [2].
The new startup script, using rc.subr, is now installed for all
versions of postgresql. Bump portrevisions, since startup script is
modified.
PR: 78630 [1]
Submitted by: Vivek Khera [1]
Submitted by: Brian B. [2]
Approved by: seanc (implicit)
Notes:
svn path=/head/; revision=131605
|
|
port (files/pgsql.sh.tmpl) lacks a parameter in the
restart option, causing logs to be send to stdout,
instead of the log file.
Submitted by: Fernando Schapachnik <fernando@mecon.gov.ar>
Approved by: maintainer
PR: 53142
Approved by: fjoe (implicit)
Notes:
svn path=/head/; revision=82824
|
|
security, and feature additions. Reduce diffs between postgresql-devel
port. Re-initdb required when upgrading from previous release. See
release notes for details.
Schemas added are system catalogs updated. ::braces for impact::
http://developer.postgresql.org/docs/postgres/release.html#RELEASE-7-3-1
PR: ports/46701
Submitted by: girgen@pingpong.net
Notes:
svn path=/head/; revision=72481
|
|
PR: 36975
Submitted by: maintainer
Notes:
svn path=/head/; revision=57555
|
|
* Pass the -s option to pg_ctl, to avoid clobbering the display.
It will show error messages only.
* Echo the port name after shutdown.
No functional changes, no PORTREVISION.
Notes:
svn path=/head/; revision=42166
|
|
* Move the call to configure.postgresql7 from pre-fetch to pre-extract, so it
won't hang while performing batch fetch operations (like portupgrade -F)
* Add some TCL related files to pkg-plist.tcl, and add a PLIST_SUB in the
Makefile to register the correct tcl version in the plist.
* Do not start postgresql if the database directory does not exist: the
startup sequence could hang because of this.
* Use the "-s" option when starting postgresql with pg_ctl, so it won't
display informational messages. Display only the port name, as do other
packages startup scripts.
Approved by: Palle Girgensohn <girgen@partitur.se>
Notes:
svn path=/head/; revision=41897
|
|
PR: ports/26741
Submitted by: maintainer
Notes:
svn path=/head/; revision=41758
|
|
PR: 23371
Submitted by: maintainer
Notes:
svn path=/head/; revision=35882
|
|
Obtained from: Palle Girgensohn <girgen@partitur.se>
Notes:
svn path=/head/; revision=28745
|
|
thanks for complete diffs ;-)
closed PR
PR: 18699
Obtained from: Palle Girgensohn <girgen@partitur.se>
Notes:
svn path=/head/; revision=28731
|
|
Notes:
svn path=/head/; revision=21083
|
|
maintenance release with bugfixes
Thanks for the complete submission !
Submitted by: Palle Girgensohn <girgen@partitur.se>
Notes:
svn path=/head/; revision=20294
|
|
Many bugfixes and cosmetic changes
Changes by Scrappy and me
My additional changes:
- had to link libpgtcl.so with the crypt library to get rid of the
pgaccess error message, that crypt is missing
- had to add -i option in the startup script, so that pgaccess is
able to connect to the postmaster process
- removed all unnecessary patches
- updated PLIST
Thanks to the postgresql developement team, who did a great job to
simplify the postgresql port, by applying the patches and making
the autoconf mechanism more consistent.
Submitted by: The Hermit Hacker <scrappy@hub.org>
Notes:
svn path=/head/; revision=10625
|
|
background because of the -S option.
- remove the -D datadir option, it's meaningless, because the pgsql
user environment overwrites it with the PGDATA env variable.
Since this is important and might cause some headache, I mentioned
this in ~pgsql/.profile and the startup script.
Submitted by: John Fiber
Notes:
svn path=/head/; revision=8127
|
|
Notes:
svn path=/head/; revision=8096
|
