1
0
mirror of https://git.FreeBSD.org/ports.git synced 2024-12-24 04:33:24 +00:00

The PostgreSQL Global Development Group today released security updates for all

active branches of the PostgreSQL database system, including versions 9.1.4,
9.0.8, 8.4.12 and 8.3.19.

Users of the crypt(text, text) function with DES encryption in the optional
pg_crypto module should upgrade their installations immediately, if you have'nt
already updated since the port was patched on May 30.  All other database
administrators are urged to upgrade your version of PostgreSQL at the
next scheduled downtime.

URL:      http://www.postgresql.org/about/news/1398/

Security: http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-2143
          Fix incorrect password transformation in contrib/pgcrypto’s DES crypt() function
	  This was fixed in a patch release for the FreeBSD ports on May 30.

Security: http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-2655
          Ignore SECURITY DEFINER and SET attributes for a procedural language’s call handle
This commit is contained in:
Palle Girgensohn 2012-06-04 11:00:52 +00:00
parent ad17fa0e98
commit 3d2b0e285a
Notes: svn2git 2021-03-31 03:12:20 +00:00
svn path=/head/; revision=298347
21 changed files with 27 additions and 82 deletions

View File

@ -5,8 +5,8 @@
# $FreeBSD$
#
DISTVERSION?= 8.3.18
PORTREVISION?= 1
DISTVERSION?= 8.3.19
PORTREVISION?= 0
PKGNAMESUFFIX?= -server
MAINTAINER?= pgsql@FreeBSD.org

View File

@ -1,4 +1,4 @@
SHA256 (postgresql/postgresql-8.3.18.tar.bz2) = 5db4904a8959f09274e1e0ee7f21c354128d5dbb4e946b78391f6bc4723c3746
SIZE (postgresql/postgresql-8.3.18.tar.bz2) = 14563583
SHA256 (postgresql/postgresql-8.3.19.tar.bz2) = 986f0d4b7edc633be1d210f27dfd1e47d416b642659e568895218466e50b58d5
SIZE (postgresql/postgresql-8.3.19.tar.bz2) = 14570746
SHA256 (postgresql/pg-8311-icu-xx-2010-05-14.diff.gz) = 44146bdb29a5a7d51c70911096ed6d265bdf09f74f0084ee7ad1883bea2f852a
SIZE (postgresql/pg-8311-icu-xx-2010-05-14.diff.gz) = 5064

View File

@ -1,12 +0,0 @@
--- ./contrib/pgcrypto/crypt-des.c
+++ ./contrib/pgcrypto/crypt-des.c
@@ -670,7 +670,8 @@ px_crypt_des(const char *key, const char *setting)
q = (uint8 *) keybuf;
while (q - (uint8 *) keybuf - 8)
{
- if ((*q++ = *key << 1))
+ *q++ = *key << 1;
+ if (*key != '\0')
key++;
}
if (des_setkey((char *) keybuf))

View File

@ -238,6 +238,7 @@ share/postgresql/snowball_create.sql
%%TZDATA%%share/postgresql/timezone/America/Coral_Harbour
%%TZDATA%%share/postgresql/timezone/America/Cordoba
%%TZDATA%%share/postgresql/timezone/America/Costa_Rica
%%TZDATA%%share/postgresql/timezone/America/Creston
%%TZDATA%%share/postgresql/timezone/America/Cuiaba
%%TZDATA%%share/postgresql/timezone/America/Curacao
%%TZDATA%%share/postgresql/timezone/America/Danmarkshavn

View File

@ -6,8 +6,8 @@
#
PORTNAME?= postgresql
DISTVERSION?= 8.4.11
PORTREVISION?= 1
DISTVERSION?= 8.4.12
PORTREVISION?= 0
CATEGORIES?= databases
MASTER_SITES= ${MASTER_SITE_PGSQL}
MASTER_SITE_SUBDIR= source/v${DISTVERSION}

View File

@ -1,4 +1,4 @@
SHA256 (postgresql/postgresql-8.4.11.tar.bz2) = 5bbc9ff1d16282b592600d7c6b9cb1a93049d4aa9a961e3c2c8d5fb13b189c8f
SIZE (postgresql/postgresql-8.4.11.tar.bz2) = 14502434
SHA256 (postgresql/postgresql-8.4.12.tar.bz2) = 99b7b330ec183828988c7e8ec1b675393f24b10017a2e1d03b8ff48c4dfc0f77
SIZE (postgresql/postgresql-8.4.12.tar.bz2) = 14509007
SHA256 (postgresql/pg-840-icu-2009-09-15.diff.gz) = c09d3b59340a3bb6ea754e985739d4fbb47f730d1e48a357c5585825034fc72e
SIZE (postgresql/pg-840-icu-2009-09-15.diff.gz) = 4321

View File

@ -1,12 +0,0 @@
--- ./contrib/pgcrypto/crypt-des.c
+++ ./contrib/pgcrypto/crypt-des.c
@@ -670,7 +670,8 @@ px_crypt_des(const char *key, const char *setting)
q = (uint8 *) keybuf;
while (q - (uint8 *) keybuf - 8)
{
- if ((*q++ = *key << 1))
+ *q++ = *key << 1;
+ if (*key != '\0')
key++;
}
if (des_setkey((char *) keybuf))

View File

@ -223,6 +223,7 @@ share/postgresql/snowball_create.sql
%%TZDATA%%share/postgresql/timezone/America/Coral_Harbour
%%TZDATA%%share/postgresql/timezone/America/Cordoba
%%TZDATA%%share/postgresql/timezone/America/Costa_Rica
%%TZDATA%%share/postgresql/timezone/America/Creston
%%TZDATA%%share/postgresql/timezone/America/Cuiaba
%%TZDATA%%share/postgresql/timezone/America/Curacao
%%TZDATA%%share/postgresql/timezone/America/Danmarkshavn

View File

@ -8,7 +8,7 @@
# See Mk/bsd.databases.mk for more info
PORTNAME= postgresql
PORTREVISION= 1
PORTREVISION= 0
PKGNAMESUFFIX= -client
COMMENT= PostgreSQL database (client)

View File

@ -5,8 +5,8 @@
# $FreeBSD$
#
DISTVERSION?= 9.0.7
PORTREVISION= 2
DISTVERSION?= 9.0.8
PORTREVISION= 0
PKGNAMESUFFIX?= -server
MAINTAINER?= pgsql@FreeBSD.org

View File

@ -1,4 +1,4 @@
SHA256 (postgresql/postgresql-9.0.7.tar.bz2) = dabe26d71d8b595f9514da1363dc20c3f4b90b6908026dd06984cac448a6d833
SIZE (postgresql/postgresql-9.0.7.tar.bz2) = 14977437
SHA256 (postgresql/postgresql-9.0.8.tar.bz2) = a2981ba8a64b396e2111fee5a9216275e49a2e79e839152a5e4367afd44c0bc2
SIZE (postgresql/postgresql-9.0.8.tar.bz2) = 14998065
SHA256 (postgresql/pg-900-icu-2010-09-19.diff.gz) = 27cea46241ec814965c278330cd96f67ee03422b7758a210713a63b4b5bb77e9
SIZE (postgresql/pg-900-icu-2010-09-19.diff.gz) = 4349

View File

@ -1,12 +0,0 @@
--- ./contrib/pgcrypto/crypt-des.c
+++ ./contrib/pgcrypto/crypt-des.c
@@ -670,7 +670,8 @@ px_crypt_des(const char *key, const char *setting)
q = (uint8 *) keybuf;
while (q - (uint8 *) keybuf - 8)
{
- if ((*q++ = *key << 1))
+ *q++ = *key << 1;
+ if (*key != '\0')
key++;
}
if (des_setkey((char *) keybuf))

View File

@ -234,6 +234,7 @@ share/postgresql/snowball_create.sql
%%TZDATA%%share/postgresql/timezone/America/Coral_Harbour
%%TZDATA%%share/postgresql/timezone/America/Cordoba
%%TZDATA%%share/postgresql/timezone/America/Costa_Rica
%%TZDATA%%share/postgresql/timezone/America/Creston
%%TZDATA%%share/postgresql/timezone/America/Cuiaba
%%TZDATA%%share/postgresql/timezone/America/Curacao
%%TZDATA%%share/postgresql/timezone/America/Danmarkshavn

View File

@ -6,8 +6,8 @@
#
PORTNAME?= postgresql
DISTVERSION?= 9.1.3
PORTREVISION?= 1
DISTVERSION?= 9.1.4
PORTREVISION?= 0
CATEGORIES?= databases
MASTER_SITES= ${MASTER_SITE_PGSQL}
MASTER_SITE_SUBDIR= source/v${DISTVERSION}

View File

@ -1,4 +1,4 @@
SHA256 (postgresql/postgresql-9.1.3.tar.bz2) = 7a79800a624031c1d9bc9cdce73cb40050100ac50a82050cbf7bbbd16ac4d5d5
SIZE (postgresql/postgresql-9.1.3.tar.bz2) = 15582454
SHA256 (postgresql/postgresql-9.1.4.tar.bz2) = a0795a8eb3ae2d1a2914b63bf143d20182835d90699915ff43567c041d3c9712
SIZE (postgresql/postgresql-9.1.4.tar.bz2) = 15631894
SHA256 (postgresql/pg-910-icu-2011-09-22.diff.gz) = a88094ec22a8caeffa06d7c3a6b53d19035b171dad2acb9084da0a617a93e149
SIZE (postgresql/pg-910-icu-2011-09-22.diff.gz) = 4373

View File

@ -1,12 +0,0 @@
--- ./contrib/pgcrypto/crypt-des.c
+++ ./contrib/pgcrypto/crypt-des.c
@@ -670,7 +670,8 @@ px_crypt_des(const char *key, const char *setting)
q = (uint8 *) keybuf;
while (q - (uint8 *) keybuf - 8)
{
- if ((*q++ = *key << 1))
+ *q++ = *key << 1;
+ if (*key != '\0')
key++;
}
if (des_setkey((char *) keybuf))

View File

@ -238,6 +238,7 @@ share/postgresql/snowball_create.sql
%%TZDATA%%share/postgresql/timezone/America/Coral_Harbour
%%TZDATA%%share/postgresql/timezone/America/Cordoba
%%TZDATA%%share/postgresql/timezone/America/Costa_Rica
%%TZDATA%%share/postgresql/timezone/America/Creston
%%TZDATA%%share/postgresql/timezone/America/Cuiaba
%%TZDATA%%share/postgresql/timezone/America/Curacao
%%TZDATA%%share/postgresql/timezone/America/Danmarkshavn

View File

@ -6,11 +6,11 @@
#
PORTNAME?= postgresql
DISTVERSION?= 9.2beta1
PORTREVISION?= 1
DISTVERSION?= 9.2beta2
PORTREVISION?= 0
CATEGORIES?= databases
MASTER_SITES= ${MASTER_SITE_PGSQL}
MASTER_SITE_SUBDIR= source/v9.2.0beta1
MASTER_SITE_SUBDIR= source/v9.2.0beta2
PKGNAMESUFFIX?= -server
MAINTAINER?= pgsql@FreeBSD.org

View File

@ -1,4 +1,4 @@
SHA256 (postgresql/postgresql-9.2beta1.tar.bz2) = 05651ec88af03cc5cec08b091f2381fe8ebdaa87dbc6d193414ff2400084a838
SIZE (postgresql/postgresql-9.2beta1.tar.bz2) = 15908141
SHA256 (postgresql/postgresql-9.2beta2.tar.bz2) = 2a057a5e56a9489d2c4fa450a45ce5f36e4bd21878d1b03e3a856ed4adb8ab4f
SIZE (postgresql/postgresql-9.2beta2.tar.bz2) = 15937360
SHA256 (postgresql/pg-910-icu-2011-09-22.diff.gz) = a88094ec22a8caeffa06d7c3a6b53d19035b171dad2acb9084da0a617a93e149
SIZE (postgresql/pg-910-icu-2011-09-22.diff.gz) = 4373

View File

@ -1,12 +0,0 @@
--- ./contrib/pgcrypto/crypt-des.c
+++ ./contrib/pgcrypto/crypt-des.c
@@ -670,7 +670,8 @@ px_crypt_des(const char *key, const char *setting)
q = (uint8 *) keybuf;
while (q - (uint8 *) keybuf - 8)
{
- if ((*q++ = *key << 1))
+ *q++ = *key << 1;
+ if (*key != '\0')
key++;
}
if (des_setkey((char *) keybuf))

View File

@ -232,6 +232,7 @@ share/postgresql/snowball_create.sql
%%TZDATA%%share/postgresql/timezone/America/Coral_Harbour
%%TZDATA%%share/postgresql/timezone/America/Cordoba
%%TZDATA%%share/postgresql/timezone/America/Costa_Rica
%%TZDATA%%share/postgresql/timezone/America/Creston
%%TZDATA%%share/postgresql/timezone/America/Cuiaba
%%TZDATA%%share/postgresql/timezone/America/Curacao
%%TZDATA%%share/postgresql/timezone/America/Danmarkshavn