From 20b4cba0fb41b4e54b70e4a936869b56287ca918 Mon Sep 17 00:00:00 2001 From: sthen Date: Thu, 4 Apr 2013 14:45:46 +0000 Subject: [PATCH] Critical SECURITY update to PostgreSQL, fixing CVE-2013-1899, CVE-2013-1900 and CVE-2013-1901. ok jasper@ "A major security issue fixed in this release, CVE-2013-1899, makes it possible for a connection request containing a database name that begins with "-" to be crafted that can damage or destroy files within a server's data directory. Anyone with access to the port the PostgreSQL server listens on can initiate this request. This issue was discovered by Mitsumasa Kondo and Kyotaro Horiguchi of NTT Open Source Software Center." http://www.postgresql.org/about/news/1456/ --- databases/postgresql/Makefile | 11 ++++++----- databases/postgresql/distinfo | 4 ++-- databases/postgresql/pkg/PLIST-docs | 6 +++++- 3 files changed, 13 insertions(+), 8 deletions(-) diff --git a/databases/postgresql/Makefile b/databases/postgresql/Makefile index 4e640a8bd27..849622d0b6d 100644 --- a/databases/postgresql/Makefile +++ b/databases/postgresql/Makefile @@ -1,11 +1,11 @@ -# $OpenBSD: Makefile,v 1.172 2013/03/11 02:52:07 espie Exp $ +# $OpenBSD: Makefile,v 1.173 2013/04/04 14:45:46 sthen Exp $ COMMENT-main= PostgreSQL RDBMS (client) COMMENT-server= PostgreSQL RDBMS (server) COMMENT-docs= PostgreSQL RDBMS documentation COMMENT-contrib=PostgreSQL RDBMS contributions -VERSION= 9.2.3 +VERSION= 9.2.4 DISTNAME= postgresql-${VERSION} PKGNAME-main= postgresql-client-${VERSION} PKGNAME-server= postgresql-server-${VERSION} @@ -26,9 +26,10 @@ MAINTAINER= Pierre-Emmanuel Andre PERMIT_PACKAGE_CDROM= Yes WANTLIB= c com_err crypto m readline ssl termcap z -MASTER_SITES= ftp://ftp5.us.postgresql.org/pub/PostgreSQL/source/v${VERSION}/ \ - ftp://ftp5.es.postgresql.org/mirror/postgresql/source/v${VERSION}/ \ - ftp://ftp.postgresql.org/pub/source/v${VERSION}/ +MASTER_SITES= http://ftp.postgresql.org/pub/source/v${VERSION}/ \ + http://ftp5.es.postgresql.org/mirror/postgresql/source/v${VERSION}/ \ + ftp://ftp.postgresql.org/pub/source/v${VERSION}/ \ + ftp://ftp5.us.postgresql.org/pub/PostgreSQL/source/v${VERSION}/ MULTI_PACKAGES= -docs -main -server -contrib diff --git a/databases/postgresql/distinfo b/databases/postgresql/distinfo index f88e8079428..6a3feafac11 100644 --- a/databases/postgresql/distinfo +++ b/databases/postgresql/distinfo @@ -1,2 +1,2 @@ -SHA256 (postgresql-9.2.3.tar.gz) = rWZEzajyM2gZdiheh3aqH06OmVMON62MXkILqVJoh+A= -SIZE (postgresql-9.2.3.tar.gz) = 21490350 +SHA256 (postgresql-9.2.4.tar.gz) = 8IQO3Px3gMRAeXQJIc+bUbN64oNVgO30eOjwOEEWai8= +SIZE (postgresql-9.2.4.tar.gz) = 21539369 diff --git a/databases/postgresql/pkg/PLIST-docs b/databases/postgresql/pkg/PLIST-docs index d0d47f11276..2f6b15bf2d5 100644 --- a/databases/postgresql/pkg/PLIST-docs +++ b/databases/postgresql/pkg/PLIST-docs @@ -1,4 +1,4 @@ -@comment $OpenBSD: PLIST-docs,v 1.59 2013/02/07 17:29:05 jasper Exp $ +@comment $OpenBSD: PLIST-docs,v 1.60 2013/04/04 14:45:46 sthen Exp $ share/doc/postgresql/ share/doc/postgresql/COPYRIGHT share/doc/postgresql/HISTORY @@ -767,6 +767,7 @@ share/doc/postgresql/html/release-8-4-13.html share/doc/postgresql/html/release-8-4-14.html share/doc/postgresql/html/release-8-4-15.html share/doc/postgresql/html/release-8-4-16.html +share/doc/postgresql/html/release-8-4-17.html share/doc/postgresql/html/release-8-4-2.html share/doc/postgresql/html/release-8-4-3.html share/doc/postgresql/html/release-8-4-4.html @@ -780,6 +781,7 @@ share/doc/postgresql/html/release-9-0-1.html share/doc/postgresql/html/release-9-0-10.html share/doc/postgresql/html/release-9-0-11.html share/doc/postgresql/html/release-9-0-12.html +share/doc/postgresql/html/release-9-0-13.html share/doc/postgresql/html/release-9-0-2.html share/doc/postgresql/html/release-9-0-3.html share/doc/postgresql/html/release-9-0-4.html @@ -797,10 +799,12 @@ share/doc/postgresql/html/release-9-1-5.html share/doc/postgresql/html/release-9-1-6.html share/doc/postgresql/html/release-9-1-7.html share/doc/postgresql/html/release-9-1-8.html +share/doc/postgresql/html/release-9-1-9.html share/doc/postgresql/html/release-9-1.html share/doc/postgresql/html/release-9-2-1.html share/doc/postgresql/html/release-9-2-2.html share/doc/postgresql/html/release-9-2-3.html +share/doc/postgresql/html/release-9-2-4.html share/doc/postgresql/html/release-9-2.html share/doc/postgresql/html/release.html share/doc/postgresql/html/resources.html