mirror of
https://git.FreeBSD.org/ports.git
synced 2024-11-24 00:45:52 +00:00
daea94a3e1
Remove postgresql-contrib in favour for postgresqlNN-contrib. This way we will get packages built, which is nice. Security: CVE-2010-1169 Security: CVE-2010-1170 The PostgreSQL Project today released minor versions updating all active branches of the PostgreSQL object-relational database system, including versions 8.4.4, 8.3.11, 8.2.17, 8.1.21, 8.0.25, and 7.4.29. This release fixes moderate-risk security issues with PL/perl and PL/tcl, as well as a data corruption issue with standby databases. Users of any of these three features should update their PostgreSQL installations immediately. The PL/perl security fix closes a security hole in PL/perl procedures which could allow privilege escalation on the host system, caused by a flaw in Safe.pm; see CVE-2010-1169 and CVE-2010-1447 for details. A second patch prevents PL/tcl's pltcl_modules table from being subverted in order to run arbitrary Tcl scripts; see CVE-2010-1170. These issues only affect users who have enabled either of these two stored procedure languages. Also corrected is use of the command ALTER TABLE SET TABLESPACE, which previously could cause data corruption on Warm Standby database slaves. This issue affects only version 8.4. There are also 21 other bug fixes in this release, some of which apply only to version 8.4, and a few of which are specifically for Windows. While these are generally fixes for minor issues, among the changes are: * Fix for a combinational crash condition * Prevent normal users from resetting some GUCs in their own role definitions * Correctly apply constraint exclusion in UPDATE and DELETE queries * Minor fixes for WAL archiving * Update timezone data for 12 zones See the release notes for a full list of changes with details. Releasenotes at http://www.postgresql.org/docs/current/static/release.html |
||
---|---|---|
.. | ||
Makefile | ||
pkg-descr |