Commit Graph

144 Commits

Author SHA1 Message Date
espie
470294650d base64 distinfo with SHA256 2007-04-05 15:37:40 +00:00
simon
738f344933 add the postgresql contributions from the contrib/ directory
as a subpackage, bump as required.

ok mbalmer@, go ahead robert@, kili@
2007-03-22 19:29:17 +00:00
mbalmer
987e110832 Move some manpages that sneaked into the -docs subpackage to the -main
subpackage.  spotted by nikolay.
2007-02-10 08:01:35 +00:00
mbalmer
70b3cc9acd The PostgreSQL 8.2.2 security update introduced a bug that has been fixed
by the PostgreSQL team in 8.2.3.
2007-02-07 15:29:25 +00:00
mbalmer
422a973b91 Security update to PostgreSQL 8.2.2.
This update fixes the following problems:

CVE-2007-0555 and CVE-2007-0556.  Both of these issues
allow an authenticated attacker with the permissions to run arbitrary SQL to
launch a denial-of-service attack or possibly read out random chunks of
memory.  Since attacks to require authenticated access, the security hole is
only considered medium risk.  You can read more about the issues on Mitre:
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-0555
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-0556
2007-02-06 06:57:27 +00:00
mbalmer
1f0785bc5c Update to PostgreSQL 8.2.1
Please note that a database dump/restore is required to upgrade to this
version.  See the full details at the following URL:
http://www.postgresql.org/docs/current/static/release-8-2.html

requested, tested and ok by robert, simon
2007-01-17 16:47:25 +00:00
mbalmer
b15285645c Maintenance update to PostreSQL 8.1.6, bugfixes and changes in DST rules
for canade.  No API changes.
2007-01-13 16:39:45 +00:00
kili
7f006bdda1 new MULTI_PACKAGES 2006-11-23 21:21:54 +00:00
mbalmer
090a0271f4 Give slightly better advice on KerberosV usage.
From Bioern Sandell, <biorn@chalmers.se>, thanks.
2006-10-31 06:50:24 +00:00
mbalmer
ead41b0039 Add a section on KerberosV support to the README.OpenBSD file.
From Tom McLaughlin <tmclaugh@sdf.lonestar.org>, thanks!
2006-10-29 09:29:29 +00:00
mbalmer
83caebe7ac Add a section in the README file about the accounts involved in a PostgreSQL
database and point to two administrative user interfaces (phppgadmin and
pgadmin3).
2006-10-29 08:27:05 +00:00
mbalmer
cf556eb9ba Typo in the MESSAGE-server file. Found by bernd, gracias! 2006-10-18 16:22:18 +00:00
mbalmer
8db0aad7ce Do not install a default database when installing the -server subpackage,
instead give advice on how to install a dabase with proper protection.

ok pvalchev, bernd, krw
2006-10-18 13:54:22 +00:00
mbalmer
681b205576 Update to PostgreSQL 8.1.5. As the file sizes of the libraries are not the
same in most cases, I bumped the minor version just to be on the safe side.
2006-10-15 16:00:11 +00:00
aanriot
06ac215488 put back "nohup", I should have read also this history. PostgreSQL runs
fine without it but we are not sure if the signal race has been fixed or
not, sorry.

spotted by bernd@
2006-10-09 12:22:53 +00:00
aanriot
1a5bf2fd3c - remove "nohup" from the suggested rc script.
- get ride of INSTALL-server and move database init to PLIST-server.
- bump PKGNAME.

ok mbalmer@
2006-10-09 11:55:18 +00:00
espie
ccc1498fc1 more new libspecs. 2006-08-01 22:19:46 +00:00
steven
a63bbadbad remove defunct master site and add a few more mirrors 2006-05-25 13:03:07 +00:00
bernd
53b2b248ac Security update to postgresql-8.1.4.
Fixes SQL-injection attacks. (CVE-2006-2313, CVE-2006-2314)

For detailed information please see:

http://developer.postgresql.org/docs/postgres/release-8-1-4.html
http://secunia.com/advisories/20231/

ok mbalmer@ (MAINTAINER)
2006-05-24 11:18:29 +00:00
mbalmer
2c2240c2f4 Security update to PostgreSQL version 8.1.3.
Vulnerabilities in PostgreSQL SET ROLE/SET SESSION AUTHORIZATION

By issuing SET ROLE with a specially crafted argument, it is possible
for any logged-in database user to acquire the privileges of any other
database user, including superusers.  Database superuser status allows
access to the machine's filesystem and hence might be used to mount
remote attacks against the rest of the server's operating system.
This error exists in PostgreSQL releases 8.1.0 - 8.1.2 and is fixed in 8.1.3.

The same underlying bug exists in SET SESSION AUTHORIZATION in all
releases back to 7.3.  This variant cannot be exploited for privilege
escalation, because one must already be superuser to use SET SESSION
AUTHORIZATION.  However, if the server has been compiled with Asserts
enabled (which is not the default), then it is possible to trigger an
Assert failure before the privilege check is reached.  This would cause
a momentary denial of service to other database users.  This is repaired
in PostgreSQL releases 8.1.3, 8.0.7, 7.4.12, and 7.3.14.
2006-02-14 18:59:36 +00:00
mbalmer
9b330f2067 Update PostgreSQL to version 8.1.2 and move the README.OpenBSD file to the
server package, so that the informationis always available and not only
when the docs package is installed.  This was requested by many people.

SECURITY:
Version 8.1.2 fixes security and other problems that were present in 8.1.0.
See http://archives.postgresql.org/pgsql-announce/2006-01/msg00001.php for
details.
2006-02-05 09:23:22 +00:00
mbalmer
af7df5ea1a SHARED_LIBS
ok bernd
2006-01-07 11:11:17 +00:00
mbalmer
b616bdcee3 Forgot to bump the package name of the -docs subpackage after a change
to the PLIST.

"gentle" reminder by nikolay...
2005-12-31 13:03:39 +00:00
mbalmer
58c3ec46eb Fix a typo, from jk <dhv@scurvy.org>. 2005-12-31 10:40:39 +00:00
mbalmer
c95df04d7d Bump package name. 2005-11-08 23:40:01 +00:00
mbalmer
5a65352148 Rearrange the PLIST's to make sure the subpackages can be individually
installed and deinstalled.

problem found by msf@, thanks!
2005-11-08 22:07:33 +00:00
mbalmer
f3ee50ba8d Update to PostgreSQL 8.1.0
Detailed information can be found at http://www.postgresql.org/docs/whatsnew
2005-11-08 15:20:42 +00:00
mbalmer
086dc2b0cd Update to PostgreSQL 8.0.4. 2005-10-10 22:48:24 +00:00
espie
f90faf868a conflicts from the past: history since 3.7.
As noted on ports@ recently, pkg_add -r relies on conflicts, and the
sheer existence of updates means we MUST take the past into account in
conflicts now.

Note the renaming of hugs98 to valid package names where versions are
concerned.

This commit shows clearly the renaming of the xfce4 plugin packages, the
ditching of eclipse flavors, the splitting of nessus into subpackages,
the splitting of various other software documentations, some packaging bugs
in kdeedu, and a lot of files moving around...

okay pvalchev@
2005-08-16 09:49:51 +00:00
mbalmer
27209e9e87 Remove unused patch file.
Spotted by naddy@
2005-05-26 19:09:18 +00:00
mbalmer
c62248a391 Security update to version 8.0.3
ok robert@
2005-05-11 10:10:39 +00:00
mbalmer
884287bfbe WANTLIB tweaks
ok alek@
2005-04-30 12:02:10 +00:00
mbalmer
5c0dbeb582 Update to PostgreSQL 8.0.2 and take maintainerhsip with the old maintainers
consent.

ok nikolay@, todd@
2005-04-30 10:00:03 +00:00
sturm
b87214004a remove Peter Galbavy as maintainer per his request 2005-04-07 17:45:43 +00:00
sturm
3d35133277 fix kerberos support (from Jesse Kempf <kempf at rpi.edu>) and
mention to start the server with nohup to prevent a signal race (from mpf@)
2005-04-06 06:23:46 +00:00
alek
644f32ce81 Oh my^W^WMore no longer needed WWW:... lines 2005-03-25 15:13:59 +00:00
sturm
b2d36339e6 SECURITY fix
This patch fixes a problem where low privileged users can invoke the
LOAD extension to load arbitrary libraries into the postgres process
space.

ok peter.galbavy at knowtion.net
2005-02-05 15:11:58 +00:00
naddy
3f04f8f321 SIZE 2005-01-05 16:22:24 +00:00
alek
298795d7f4 - Fix libpq soname
- Rework WANTLIB as this port has SUBPACKAGES
- Replace RUN_DEPENDS with LIB_DEPENDS
- Add PKG_ARCH
- Bump PKGNAME

ok sturm@, Brandon Palmer (MAINTAINER)
2005-01-02 00:23:28 +00:00
espie
28a459bb6d WANTLIB markers 2004-11-22 16:59:29 +00:00
espie
2a36ea7b8c trim down INSTALL script, move stuff into PLIST and MESSAGE. 2004-10-12 21:03:13 +00:00
espie
2b80a94147 new-style conflicts. 2004-09-18 10:35:36 +00:00
espie
25ab10e258 new style PLISTs 2004-09-14 23:31:45 +00:00
espie
69800f4dbd new plist 2004-08-09 12:16:55 +00:00
peter
565ffb7a61 Update to PostgreSQL 7.4.3
Changes in the package layout means that there is now a -client and
-server subpackage, and users no longer need to decide which, as
the -server depends on the -client, just like the sane cases in
mysql and openldap.

Other changes include:

* Removal of the tcl FLAVOR until someone with more tcl/tk knowledge
can make it work correctly.

* The INSTALL-server script now created a _postgresql user and group
if they don't already exist, and also a default database in
/var/postgresql if that directory also doesn't exist.

* The port is marked for NO_SHARED_ARCHS as the -server subpackage
needs shared lib support to build.

* The port will build with spinlocks disabled on hppa until someone
can check and test this problem more closely.

Built and checked on i386, sparc64, amd64, macppc (waiting for regress
test feedback).

Dependent packages will be updated after this commit, shortly.
2004-07-26 10:10:46 +00:00
sturm
7297ccd7b0 mark some subpackages arch independent
ok naddy@
2004-02-04 07:39:18 +00:00
brad
6138c7cdf1 upgrade to PostgreSQL 7.3.5
--
ok MAINTAINER (Peter Galbavy)
2003-12-23 19:40:32 +00:00
naddy
2276d3b230 remove WWW lines 2003-12-15 21:42:08 +00:00
margarida
f60aece3cd Security fix:
Two bugs were discovered that lead to a buffer overflow in PostgreSQL
in the abstract data type (ADT) to ASCII conversion functions.
It is believed that, under the right circumstances, an attacker may use
this vulnerability to execute arbitrary instructions on the PostgreSQL
server.

ok Brandon Palmer (maintainer)
2003-11-11 15:11:34 +00:00
sturm
58ca9acb21 new user naming schema
bump PKGNAME where necessary

rohee@ ok leafnode
"you don't have to wait for oks" pval@
2003-06-23 19:11:10 +00:00