+ CVE fix (CVE-2010-4015)
+ fix nasty behavior:
- Before exiting walreceiver, ensure all the received WAL is fsync'd to disk.
Otherwise the standby server could replay some un-synced WAL, conceivably leading
to data corruption if the system crashes just at that point.
- Make ALTER TABLE revalidate uniqueness and exclusion constraints when needed
Tested in a bulk by landry@
ok ajacoutot@, landry@, sthen@
Initial diff (for rc and beta) from simon@
ok mbalmer@, simon@
commitski jasper@
BE CAREFULL: it's a major upgrade !
You MUST dump/restore all your data for this upgrade.
you apply this and restore afterwards!
Additionally, implicit typecasts are history and not supported anymore.
Versions prior to 8.3 had the feature (some say bug) that functions,
expecting an argument to be of a certain type, have casted a variable of
any other type to the expected type, if possible.
This has changed now. Tests surfaced rare occurrences of regressions,
which were then fixed in about ten minutes - and that code was not even
in the ports tree; no issues found there.
A few more things have changed, namely tsearch2 went from contrib to the
core and native uuid type support was added; for details read the
release announcement at
http://www.postgresql.org/docs/8.3/static/release-8-3.html.
tests & ok mbalmer@ (maintainer)
This update fixes the following problems:
CVE-2007-0555 and CVE-2007-0556. Both of these issues
allow an authenticated attacker with the permissions to run arbitrary SQL to
launch a denial-of-service attack or possibly read out random chunks of
memory. Since attacks to require authenticated access, the security hole is
only considered medium risk. You can read more about the issues on Mitre:
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-0555http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-0556
Vulnerabilities in PostgreSQL SET ROLE/SET SESSION AUTHORIZATION
By issuing SET ROLE with a specially crafted argument, it is possible
for any logged-in database user to acquire the privileges of any other
database user, including superusers. Database superuser status allows
access to the machine's filesystem and hence might be used to mount
remote attacks against the rest of the server's operating system.
This error exists in PostgreSQL releases 8.1.0 - 8.1.2 and is fixed in 8.1.3.
The same underlying bug exists in SET SESSION AUTHORIZATION in all
releases back to 7.3. This variant cannot be exploited for privilege
escalation, because one must already be superuser to use SET SESSION
AUTHORIZATION. However, if the server has been compiled with Asserts
enabled (which is not the default), then it is possible to trigger an
Assert failure before the privilege check is reached. This would cause
a momentary denial of service to other database users. This is repaired
in PostgreSQL releases 8.1.3, 8.0.7, 7.4.12, and 7.3.14.
server package, so that the informationis always available and not only
when the docs package is installed. This was requested by many people.
SECURITY:
Version 8.1.2 fixes security and other problems that were present in 8.1.0.
See http://archives.postgresql.org/pgsql-announce/2006-01/msg00001.php for
details.
Changes in the package layout means that there is now a -client and
-server subpackage, and users no longer need to decide which, as
the -server depends on the -client, just like the sane cases in
mysql and openldap.
Other changes include:
* Removal of the tcl FLAVOR until someone with more tcl/tk knowledge
can make it work correctly.
* The INSTALL-server script now created a _postgresql user and group
if they don't already exist, and also a default database in
/var/postgresql if that directory also doesn't exist.
* The port is marked for NO_SHARED_ARCHS as the -server subpackage
needs shared lib support to build.
* The port will build with spinlocks disabled on hppa until someone
can check and test this problem more closely.
Built and checked on i386, sparc64, amd64, macppc (waiting for regress
test feedback).
Dependent packages will be updated after this commit, shortly.
