| Commit message (Collapse) | Author | Age | Files | Lines |
|---|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
The PostgreSQL Global Development Group has released an update to all
supported versions of PostgreSQL, including 17.4, 16.8, 15.12, 14.17,
and 13.20.
The issues listed below affect PostgreSQL 17. Some of these issues may
also affect other supported versions of PostgreSQL.
Improve behavior of quoting functions in libpq. The fix for
CVE-2025-1094 caused the quoting functions to not honor their string
length parameters and, in some cases, cause crashes. This problem could
be noticeable from a PostgreSQL client library, based on how it is
integrated with libpq.
Fix small memory leak in pg_createsubscriber.
Also fix a problem in the FreeBSD port, where the rc script wouldn't
return properly, messing up orchestration tools like ansible. [1]
PR: 272502 [1]
Release notes: https://www.postgresql.org/docs/release/
|
| |
|
|
|
|
|
|
| |
Upstream Python package maintainers recommend using the psycopg 3.x over
psycopg2 for new projects since the latter is in maintenance mode only.
Approved by: girgen (pgsql)
Differential Revision: https://reviews.freebsd.org/D48493
|
| |
|
|
|
|
|
|
|
|
|
|
|
| |
The PostgreSQL Global Development Group has released an update to all
supported versions of PostgreSQL, including 16.4, 15.8, 14.13, 13.16,
and 12.20. This release fixes 1 security vulnerability and over 55 bugs
reported over the last several months.
PR: 279671 - make the rc script service jails aware
PR: 279536 - remove LLVM max version restriction
PR: 278887 - SETENV -> SETENVI for -contrib ports
Release notes: https://www.postgresql.org/docs/release/
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
PostgreSQL 16.3, 15.7, 14.12, 13.15, and 12.19 Released!
The PostgreSQL Global Development Group has released an update to all
supported versions of PostgreSQL, including 16.3, 15.7, 14.12, 13.15,
and 12.19. This release fixes one security vulnerability and over 55
bugs reported over the last several months.
Please note that the fix in this release for CVE-2024-4317 only fixes
fresh PostgreSQL installations, namely those that are created with the
initdb utility after this fix is applied. If you have a current
PostgreSQL installation and are concerned about this issue, please
follow the additional updating instructions provided in the
CVE-2024-4317 description or the release notes for the remediation. [1]
The script is installed as /usr/local/share/postgresql/fix-CVE-2024-4317.sql
PostgreSQL 12 will stop receiving fixes on November 14, 2024. If you are
running PostgreSQL 12 in a production environment, we suggest that you
make plans to upgrade to a newer, supported version of PostgreSQL.
Please see our versioning policy for more information.
[1]: https://www.postgresql.org/support/security/CVE-2024-4317/
Security: d53c30c1-0d7b-11ef-ba02-6cc21735f730
PR: 277428 (remove unneded patch)
PR: 260494 (remove deprecated INTDATE option)
PR: 265860 (correct path for contrib README file in pkg-message)
|
| |
|
|
| |
Submitted by: John W. O'Brien
|
| |
|
|
|
|
|
|
| |
If postgresql_login_class is not set, honour the setting in /etc/passwd.
The previous commit ignored the passwd setting and set the login class
to "default" if it was left unset.
PR: 275851
|
| |
|
|
| |
PR: 275851 (submitted by takeda at takeda.tk)
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
PostgreSQL 16.1, 15.5, 14.10, 13.13, 12.17, and 11.22 Released!
The PostgreSQL Global Development Group has released an update to all
supported versions of PostgreSQL, including 16.1, 15.5, 14.10, 13.13,
12.17, and 11.22 This release fixes three security vulnerabilities and
over 55 bugs reported over the last several months.
Release notes: https://www.postgresql.org/about/news/postgresql-161-155-1410-1313-1217-and-1122-released-2749/
Security: CVE-2023-5868, CVE-2023-5869, CVE-2023-5870
Security: 31f45d06-7f0e-11ee-94b4-6cc21735f730
Security: 0f445859-7f0e-11ee-94b4-6cc21735f730
Security: bbb18fcb-7f0d-11ee-94b4-6cc21735f730
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
PostgreSQL 15.4, 14.9, 13.12, 12.16, 11.21, and PostgreSQL 16 Beta 3
Released.
The PostgreSQL Global Development Group has released an update to all
supported versions of PostgreSQL, including 15.4, 14.9, 13.12, 12.16,
and 11.21, as well as the third beta release of PostgreSQL 16. This
release fixes two security vulnerabilities and over 40 bugs reported
over the last several months.
If you use BRIN indexes to look up NULL values, you will need to reindex
them after upgrading to this release. On PostgreSQL 12 and above, you
can use REINDEX CONCURRENTLY to avoid blocking writes to the affected
index and table, for example:
REINDEX INDEX CONCURRENTLY your_index_name;
Also, remove the patch for postgresql.conf.sample suggesting to turn off
update_process_title [1], since it is no longer a problem.
Release notes: https://www.postgresql.org/about/news/postgresql-154-149-1312-1216-1121-and-postgresql-16-beta-3-released-2689/
[1]: https://commitfest.postgresql.org/19/1715/
|
| |
|
|
|
|
|
|
|
|
|
| |
PostgreSQL server may use late-mounted filesystems, so require these
in rc.d scripts. Real life example is when /tmp is late-mounted tmpfs
atop of ZFS, and if posgresql-server starts before mountlate, its
socket which resides on /tmp is hidden under tmpfs which is mounted
afterwards.
PR: 267500
Approved by: maintainer timeout (pgsql, 2 weeks)
|
| |
|
|
|
|
|
| |
Convert to ASCII and trim EOL whitespace. The scripts are now identical
across all PostgreSQL server versions we have in the ports.
Verified by: cksum(1)
|
| |
|
|
|
|
|
|
|
| |
Introduce PostgreSQL-15 to the ports tree.
Make version 15 the master port, and add plist parameter for the
postgresql version.
Release notes: https://www.postgresql.org/docs/devel/release.html
|
| |
|
|
| |
Remove stale patch since it redefines the code that is already upstream.
|
| |
|
|
|
|
|
|
|
|
| |
Changeset ab83f2b4bb78 changed the startup order for Postgresql. The cleartmp
rc.d now comes after the Postgresql startup. Unfortunately, Postgresql likes
to create a socket in /tmp/.s.PGSQL.5432. After cleartmp does its work, that
socket disappears from the filesystem.
Submitted by: Jeroen Pulles
PR: 256335
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
PostgreSQL 13.3, 12.7, 11.12, 10.17, and 9.6.22 Released!
The PostgreSQL Global Development Group has released an update to all supported
versions of our database system, including 13.3, 12.7, 11.12, 10.17, and
9.6.22. This release closes three security vulnerabilities and fixes over 45
bugs reported over the last three months.
Security fixes in this release:
CVE-2021-32027: Buffer overrun from integer overflow in array subscripting
calculations
CVE-2021-32028: Memory disclosure in INSERT ... ON CONFLICT ... DO UPDATE
CVE-2021-32029: Memory disclosure in partitioned-table UPDATE ... RETURNING
Also plenty of bug fixes. See the release note for details.
Changes to the port:
Make sure we use the matching version of llvm. This fixes a problem with the
llvm version string not being monotonically increasing with the version
number. [1]
Better pkg message about checksums for postgresql 12+. [2] [4]
Adjust login class parameter to adhere to the documentation in rc.subr(8) [3]:
The rc.conf parameter for the login class of the postgresql daemon has
changed name from postgresql_class to postgresql_login_class, since
rc.subr(8) states that the parameter should be named ${name}_login_class.
Allow parallel builds. [5]
Correct the directory name for the user postgres in pkg message. [6]
PR: 250824 [1], 253558 [2], 236060 [3], 233106 [4], 230656 [5]
PR: 226674 [6]
Submitted by: Michael Zhilin [2], Michael Zhilin [3], Dmitry Chestnykh [4]
Submitted by: Steve Wills [5], knezour [6]
Security: 76e0bb86-b4cb-11eb-b9c9-6cc21735f730
Security: 62da9702-b4cc-11eb-b9c9-6cc21735f730
Release notes: https://www.postgresql.org/docs/release/
|
| | |
|
| |
|
|
|
| |
Reported by: tmunro
Reviewed by: girgen
|
| | |
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
The PostgreSQL Global Development Group has released an update to all supported
versions of our database system, including 13.2, 12.6, 11.11, 10.16, 9.6.21,
and 9.5.25. This release closes two security vulnerabilities and fixes over 80
bugs reported over the last three months.
Additionally, this is the final release of PostgreSQL 9.5. If you are running
PostgreSQL 9.5 in a production environment, we suggest that you make plans to
upgrade.
Release notes: https://www.postgresql.org/about/news/postgresql-132-126-1111-1016-9621-and-9525-released-2165/
Security notes: https://www.postgresql.org/support/security/
Security: CVE-2021-3393, CVE-2021-20229
Notes:
svn path=/head/; revision=564956
|
| |
|
|
|
|
|
| |
PR: 251192 (Submitted by Dmitry Marakasov)
Notes:
svn path=/head/; revision=558181
|
| |
|
|
|
|
|
|
|
| |
Changes: http://site.icu-project.org/download/68
ABI: https://abi-laboratory.pro/tracker/timeline/icu4c/
Reported by: GitHub (watch releases)
Notes:
svn path=/head/; revision=553940
|
| |
|
|
|
|
|
| |
Submitted by: Raivo Hool
Notes:
svn path=/head/; revision=550053
|
|
|
Release notes: https://www.postgresql.org/about/news/2077/
Notes:
svn path=/head/; revision=549921
|
