From d6e9ccd73bc7ca4b97f76d0a8a52fc7cd2d10d4b Mon Sep 17 00:00:00 2001 From: Palle Girgensohn Date: Sun, 29 Mar 2020 19:58:13 +0000 Subject: [PATCH] MFH: r526063 r527871 The PostgreSQL Global Development Group has released an update to all supported versions of our database system, including 12.2, 11.7, 10.12, 9.6.17, 9.5.21, and 9.4.26. This release fixes one security issue found in the PostgreSQL server and over 75 bugs reported over the last three months. Users should plan to update as soon as possible. PostgreSQL 9.4 Now EOL This is the last release for PostgreSQL 9.4, which will no longer receive security updates and bug fixes. PostgreSQL 9.4 introduced new features such as JSONB support, the `ALTER SYSTEM` command, the ability to stream logical changes to an output plugin, and more: https://www.postgresql.org/about/news/1557/ https://www.postgresql.org/docs/9.4/release-9-4.html While we are very proud of this release, these features are also found in newer versions of PostgreSQL. Many of these features have also received improvements, and, per our versioning policy, it is time to retire PostgreSQL 9.4. To receive continued support, we suggest that you make plans to upgrade to a newer, supported version of PostgreSQL. Please see the PostgreSQL versioning policy for more information. Security Issues * CVE-2020-1720: `ALTER ... DEPENDS ON EXTENSION` is missing authorization checks. Versions Affected: 9.6 - 12 The `ALTER ... DEPENDS ON EXTENSION` sub-commands do not perform authorization checks, which can allow an unprivileged user to drop any function, procedure, materialized view, index, or trigger under certain conditions. This attack is possible if an administrator has installed an extension and an unprivileged user can `CREATE`, or an extension owner either executes `DROP EXTENSION` predictably or can be convinced to execute `DROP EXTENSION`. Release notes: https://www.postgresql.org/docs/current/release.html databases/postgresql12-server: fix build on GCC architectures Use LLVM only if Clang is used. PR: 244225, 244985 Approved by: ports-secteam (joneum) --- databases/postgresql10-server/Makefile | 2 +- databases/postgresql10-server/distinfo | 6 +++--- databases/postgresql11-server/Makefile | 2 +- databases/postgresql11-server/distinfo | 6 +++--- databases/postgresql12-server/Makefile | 2 +- databases/postgresql12-server/distinfo | 6 +++--- databases/postgresql12-server/pkg-plist-client | 5 +++++ databases/postgresql12-server/pkg-plist-server | 13 +++++++++++++ databases/postgresql94-server/Makefile | 2 +- databases/postgresql94-server/distinfo | 6 +++--- databases/postgresql95-server/Makefile | 2 +- databases/postgresql95-server/distinfo | 6 +++--- databases/postgresql96-server/Makefile | 2 +- databases/postgresql96-server/distinfo | 6 +++--- 14 files changed, 42 insertions(+), 24 deletions(-) diff --git a/databases/postgresql10-server/Makefile b/databases/postgresql10-server/Makefile index 6972a1cea147..016c659dc638 100644 --- a/databases/postgresql10-server/Makefile +++ b/databases/postgresql10-server/Makefile @@ -1,7 +1,7 @@ # Created by: Marc G. Fournier # $FreeBSD$ -DISTVERSION?= 10.11 +DISTVERSION?= 10.12 # PORTREVISION must be ?= otherwise, all slave ports get this PORTREVISION and # not their own. Probably best to keep it at ?=0 when reset here too. PORTREVISION?= 0 diff --git a/databases/postgresql10-server/distinfo b/databases/postgresql10-server/distinfo index f2ede87dc843..e77b68928930 100644 --- a/databases/postgresql10-server/distinfo +++ b/databases/postgresql10-server/distinfo @@ -1,3 +1,3 @@ -TIMESTAMP = 1573552509 -SHA256 (postgresql/postgresql-10.11.tar.bz2) = 0d5d14ff6b075655f4421038fbde3a5d7b418c26a249a187a4175600d7aecc09 -SIZE (postgresql/postgresql-10.11.tar.bz2) = 19017947 +TIMESTAMP = 1581419815 +SHA256 (postgresql/postgresql-10.12.tar.bz2) = 388f7f888c4fbcbdf424ec2bce52535195b426010b720af7bea767e23e594ae7 +SIZE (postgresql/postgresql-10.12.tar.bz2) = 19020488 diff --git a/databases/postgresql11-server/Makefile b/databases/postgresql11-server/Makefile index ad9399780c60..aeed3d6ece82 100644 --- a/databases/postgresql11-server/Makefile +++ b/databases/postgresql11-server/Makefile @@ -1,7 +1,7 @@ # Created by: Marc G. Fournier # $FreeBSD$ -DISTVERSION?= 11.6 +DISTVERSION?= 11.7 # PORTREVISION must be ?= otherwise, all slave ports get this PORTREVISION and # not their own. Probably best to keep it at ?=0 when reset here too. PORTREVISION?= 0 diff --git a/databases/postgresql11-server/distinfo b/databases/postgresql11-server/distinfo index 9952f7217724..c10f3b8186db 100644 --- a/databases/postgresql11-server/distinfo +++ b/databases/postgresql11-server/distinfo @@ -1,3 +1,3 @@ -TIMESTAMP = 1573552509 -SHA256 (postgresql/postgresql-11.6.tar.bz2) = 49924f7ff92965fdb20c86e0696f2dc9f8553e1563124ead7beedf8910c13170 -SIZE (postgresql/postgresql-11.6.tar.bz2) = 19843202 +TIMESTAMP = 1581419816 +SHA256 (postgresql/postgresql-11.7.tar.bz2) = 324ae93a8846fbb6a25d562d271bc441ffa8794654c5b2839384834de220a313 +SIZE (postgresql/postgresql-11.7.tar.bz2) = 19890063 diff --git a/databases/postgresql12-server/Makefile b/databases/postgresql12-server/Makefile index 25507def83b4..1a8f8f47f7cd 100644 --- a/databases/postgresql12-server/Makefile +++ b/databases/postgresql12-server/Makefile @@ -2,7 +2,7 @@ # $FreeBSD$ PORTNAME?= postgresql -DISTVERSION?= 12.1 +DISTVERSION?= 12.2 # PORTREVISION must be ?= otherwise, all slave ports get this PORTREVISION and # not their own. Probably best to keep it at ?=0 when reset here too. PORTREVISION?= 0 diff --git a/databases/postgresql12-server/distinfo b/databases/postgresql12-server/distinfo index d61f0768e27e..61f6a6f0d5db 100644 --- a/databases/postgresql12-server/distinfo +++ b/databases/postgresql12-server/distinfo @@ -1,3 +1,3 @@ -TIMESTAMP = 1573552509 -SHA256 (postgresql/postgresql-12.1.tar.bz2) = a09bf3abbaf6763980d0f8acbb943b7629a8b20073de18d867aecdb7988483ed -SIZE (postgresql/postgresql-12.1.tar.bz2) = 20213711 +TIMESTAMP = 1581419817 +SHA256 (postgresql/postgresql-12.2.tar.bz2) = ad1dcc4c4fc500786b745635a9e1eba950195ce20b8913f50345bb7d5369b5de +SIZE (postgresql/postgresql-12.2.tar.bz2) = 20363545 diff --git a/databases/postgresql12-server/pkg-plist-client b/databases/postgresql12-server/pkg-plist-client index 4d2a9efb40aa..cc15abac37de 100644 --- a/databases/postgresql12-server/pkg-plist-client +++ b/databases/postgresql12-server/pkg-plist-client @@ -1143,6 +1143,8 @@ man/man7/WITH.7.gz %%NLS%%share/locale/fr/LC_MESSAGES/ecpglib6-12.mo %%NLS%%share/locale/fr/LC_MESSAGES/libpq5-12.mo %%NLS%%share/locale/fr/LC_MESSAGES/pg_config-12.mo +%%NLS%%share/locale/fr/LC_MESSAGES/pg_dump-12.mo +%%NLS%%share/locale/fr/LC_MESSAGES/pgscripts-12.mo %%NLS%%share/locale/fr/LC_MESSAGES/psql-12.mo %%NLS%%share/locale/he/LC_MESSAGES/libpq5-12.mo %%NLS%%share/locale/he/LC_MESSAGES/pg_config-12.mo @@ -1162,6 +1164,9 @@ man/man7/WITH.7.gz %%NLS%%share/locale/ko/LC_MESSAGES/ecpglib6-12.mo %%NLS%%share/locale/ko/LC_MESSAGES/libpq5-12.mo %%NLS%%share/locale/ko/LC_MESSAGES/pg_config-12.mo +%%NLS%%share/locale/ko/LC_MESSAGES/pg_dump-12.mo +%%NLS%%share/locale/ko/LC_MESSAGES/pgscripts-12.mo +%%NLS%%share/locale/ko/LC_MESSAGES/psql-12.mo %%NLS%%share/locale/pl/LC_MESSAGES/ecpg-12.mo %%NLS%%share/locale/pl/LC_MESSAGES/ecpglib6-12.mo %%NLS%%share/locale/pl/LC_MESSAGES/pg_config-12.mo diff --git a/databases/postgresql12-server/pkg-plist-server b/databases/postgresql12-server/pkg-plist-server index b92fe281f4df..f1f69cab2fe7 100644 --- a/databases/postgresql12-server/pkg-plist-server +++ b/databases/postgresql12-server/pkg-plist-server @@ -777,8 +777,12 @@ lib/libpgcommon.a %%NLS%%share/locale/es/LC_MESSAGES/postgres-12.mo %%NLS%%share/locale/fr/LC_MESSAGES/initdb-12.mo %%NLS%%share/locale/fr/LC_MESSAGES/pg_archivecleanup-12.mo +%%NLS%%share/locale/fr/LC_MESSAGES/pg_basebackup-12.mo +%%NLS%%share/locale/fr/LC_MESSAGES/pg_checksums-12.mo %%NLS%%share/locale/fr/LC_MESSAGES/pg_controldata-12.mo %%NLS%%share/locale/fr/LC_MESSAGES/pg_ctl-12.mo +%%NLS%%share/locale/fr/LC_MESSAGES/pg_resetwal-12.mo +%%NLS%%share/locale/fr/LC_MESSAGES/pg_rewind-12.mo %%NLS%%share/locale/fr/LC_MESSAGES/pg_test_fsync-12.mo %%NLS%%share/locale/fr/LC_MESSAGES/pg_test_timing-12.mo %%NLS%%share/locale/fr/LC_MESSAGES/pg_upgrade-12.mo @@ -804,11 +808,18 @@ lib/libpgcommon.a %%NLS%%share/locale/ja/LC_MESSAGES/pg_waldump-12.mo %%NLS%%share/locale/ja/LC_MESSAGES/plpgsql-12.mo %%NLS%%share/locale/ja/LC_MESSAGES/postgres-12.mo +%%NLS%%share/locale/ko/LC_MESSAGES/initdb-12.mo +%%NLS%%share/locale/ko/LC_MESSAGES/pg_archivecleanup-12.mo +%%NLS%%share/locale/ko/LC_MESSAGES/pg_basebackup-12.mo +%%NLS%%share/locale/ko/LC_MESSAGES/pg_checksums-12.mo %%NLS%%share/locale/ko/LC_MESSAGES/pg_controldata-12.mo %%NLS%%share/locale/ko/LC_MESSAGES/pg_ctl-12.mo +%%NLS%%share/locale/ko/LC_MESSAGES/pg_resetwal-12.mo +%%NLS%%share/locale/ko/LC_MESSAGES/pg_rewind-12.mo %%NLS%%share/locale/ko/LC_MESSAGES/pg_test_fsync-12.mo %%NLS%%share/locale/ko/LC_MESSAGES/pg_test_timing-12.mo %%NLS%%share/locale/ko/LC_MESSAGES/pg_upgrade-12.mo +%%NLS%%share/locale/ko/LC_MESSAGES/pg_waldump-12.mo %%NLS%%share/locale/ko/LC_MESSAGES/plpgsql-12.mo %%NLS%%share/locale/ko/LC_MESSAGES/postgres-12.mo %%NLS%%share/locale/pl/LC_MESSAGES/pg_controldata-12.mo @@ -860,6 +871,8 @@ lib/libpgcommon.a %%NLS%%share/locale/tr/LC_MESSAGES/pg_waldump-12.mo %%NLS%%share/locale/tr/LC_MESSAGES/plpgsql-12.mo %%NLS%%share/locale/tr/LC_MESSAGES/postgres-12.mo +%%NLS%%share/locale/uk/LC_MESSAGES/initdb-12.mo +%%NLS%%share/locale/uk/LC_MESSAGES/pg_archivecleanup-12.mo %%NLS%%share/locale/uk/LC_MESSAGES/pg_controldata-12.mo %%NLS%%share/locale/uk/LC_MESSAGES/pg_ctl-12.mo %%NLS%%share/locale/uk/LC_MESSAGES/pg_test_fsync-12.mo diff --git a/databases/postgresql94-server/Makefile b/databases/postgresql94-server/Makefile index b966b0b31267..44c4f98cc81d 100644 --- a/databases/postgresql94-server/Makefile +++ b/databases/postgresql94-server/Makefile @@ -1,7 +1,7 @@ # Created by: Marc G. Fournier # $FreeBSD$ -DISTVERSION?= 9.4.25 +DISTVERSION?= 9.4.26 # PORTREVISION must be ?= otherwise, all slave ports get this PORTREVISION and # not their own. Probably best to keep it at ?=0 when reset here too. PORTREVISION?= 0 diff --git a/databases/postgresql94-server/distinfo b/databases/postgresql94-server/distinfo index e03a665bb044..e9efb37f5c1b 100644 --- a/databases/postgresql94-server/distinfo +++ b/databases/postgresql94-server/distinfo @@ -1,5 +1,5 @@ -TIMESTAMP = 1573552509 -SHA256 (postgresql/postgresql-9.4.25.tar.bz2) = cb98afaef4748de76c13202c14198e3e4717adde49fd9c90fdc81da877520928 -SIZE (postgresql/postgresql-9.4.25.tar.bz2) = 16849015 +TIMESTAMP = 1581419818 +SHA256 (postgresql/postgresql-9.4.26.tar.bz2) = f5c014fc4a5c94e8cf11314cbadcade4d84213cfcc82081c9123e1b8847a20b9 +SIZE (postgresql/postgresql-9.4.26.tar.bz2) = 16871195 SHA256 (postgresql/pg-949-icu-2016-10-02.diff.gz) = 34612e685a79874db04bc6b66c700bfc6412042840c532eef0da7832d1f70d43 SIZE (postgresql/pg-949-icu-2016-10-02.diff.gz) = 5289 diff --git a/databases/postgresql95-server/Makefile b/databases/postgresql95-server/Makefile index 72979f7ef26a..2a23bcb2c806 100644 --- a/databases/postgresql95-server/Makefile +++ b/databases/postgresql95-server/Makefile @@ -1,7 +1,7 @@ # Created by: Marc G. Fournier # $FreeBSD$ -DISTVERSION?= 9.5.20 +DISTVERSION?= 9.5.21 # PORTREVISION must be ?= otherwise, all slave ports get this PORTREVISION and # not their own. Probably best to keep it at ?=0 when reset here too. PORTREVISION?= 0 diff --git a/databases/postgresql95-server/distinfo b/databases/postgresql95-server/distinfo index d85bca9b8c49..d0dbfe6e6a5b 100644 --- a/databases/postgresql95-server/distinfo +++ b/databases/postgresql95-server/distinfo @@ -1,5 +1,5 @@ -TIMESTAMP = 1573552509 -SHA256 (postgresql/postgresql-9.5.20.tar.bz2) = 925751b375cf975bebbe79753fbcb5fe85d7a62abe516d4c56861a6b877dde0d -SIZE (postgresql/postgresql-9.5.20.tar.bz2) = 17610134 +TIMESTAMP = 1581419819 +SHA256 (postgresql/postgresql-9.5.21.tar.bz2) = 7eb56e4fa877243c2df78adc5a0ef02f851060c282682b4bb97b854100fb732c +SIZE (postgresql/postgresql-9.5.21.tar.bz2) = 17640928 SHA256 (postgresql/pg-954-icu-2016-08-10.diff.gz) = 5fa083ec38087d6a0961642208f012e902221270708b919b92e9eedaa755e365 SIZE (postgresql/pg-954-icu-2016-08-10.diff.gz) = 5952 diff --git a/databases/postgresql96-server/Makefile b/databases/postgresql96-server/Makefile index 5cf650cc158d..e765ee78dbba 100644 --- a/databases/postgresql96-server/Makefile +++ b/databases/postgresql96-server/Makefile @@ -1,7 +1,7 @@ # Created by: Marc G. Fournier # $FreeBSD$ -DISTVERSION?= 9.6.16 +DISTVERSION?= 9.6.17 # PORTREVISION must be ?= otherwise, all slave ports get this PORTREVISION and # not their own. Probably best to keep it at ?=0 when reset here too. PORTREVISION?= 0 diff --git a/databases/postgresql96-server/distinfo b/databases/postgresql96-server/distinfo index dd5cb1337fc8..c0ee58c5e6ec 100644 --- a/databases/postgresql96-server/distinfo +++ b/databases/postgresql96-server/distinfo @@ -1,5 +1,5 @@ -TIMESTAMP = 1573552509 -SHA256 (postgresql/postgresql-9.6.16.tar.bz2) = 5c6cba9cc0df70ba2b128c4a87d0babfce7c0e2b888f70a9c8485745f66b22e7 -SIZE (postgresql/postgresql-9.6.16.tar.bz2) = 18806372 +TIMESTAMP = 1581419696 +SHA256 (postgresql/postgresql-9.6.17.tar.bz2) = f6e1e32d32545f97c066f3c19f4d58dfab1205c01252cf85c5c92294ace1a0c2 +SIZE (postgresql/postgresql-9.6.17.tar.bz2) = 18812282 SHA256 (postgresql/pg-96b4-icu-2016-10-02.diff.gz) = 85f81baa0fc8f692bcf802c8645196d9e3afdef4f760cef712d940b87655486e SIZE (postgresql/pg-96b4-icu-2016-10-02.diff.gz) = 5998