Commit Graph

128 Commits

Author SHA1 Message Date
espie
ccc1498fc1 more new libspecs. 2006-08-01 22:19:46 +00:00
steven
a63bbadbad remove defunct master site and add a few more mirrors 2006-05-25 13:03:07 +00:00
bernd
53b2b248ac Security update to postgresql-8.1.4.
Fixes SQL-injection attacks. (CVE-2006-2313, CVE-2006-2314)

For detailed information please see:

http://developer.postgresql.org/docs/postgres/release-8-1-4.html
http://secunia.com/advisories/20231/

ok mbalmer@ (MAINTAINER)
2006-05-24 11:18:29 +00:00
mbalmer
2c2240c2f4 Security update to PostgreSQL version 8.1.3.
Vulnerabilities in PostgreSQL SET ROLE/SET SESSION AUTHORIZATION

By issuing SET ROLE with a specially crafted argument, it is possible
for any logged-in database user to acquire the privileges of any other
database user, including superusers.  Database superuser status allows
access to the machine's filesystem and hence might be used to mount
remote attacks against the rest of the server's operating system.
This error exists in PostgreSQL releases 8.1.0 - 8.1.2 and is fixed in 8.1.3.

The same underlying bug exists in SET SESSION AUTHORIZATION in all
releases back to 7.3.  This variant cannot be exploited for privilege
escalation, because one must already be superuser to use SET SESSION
AUTHORIZATION.  However, if the server has been compiled with Asserts
enabled (which is not the default), then it is possible to trigger an
Assert failure before the privilege check is reached.  This would cause
a momentary denial of service to other database users.  This is repaired
in PostgreSQL releases 8.1.3, 8.0.7, 7.4.12, and 7.3.14.
2006-02-14 18:59:36 +00:00
mbalmer
9b330f2067 Update PostgreSQL to version 8.1.2 and move the README.OpenBSD file to the
server package, so that the informationis always available and not only
when the docs package is installed.  This was requested by many people.

SECURITY:
Version 8.1.2 fixes security and other problems that were present in 8.1.0.
See http://archives.postgresql.org/pgsql-announce/2006-01/msg00001.php for
details.
2006-02-05 09:23:22 +00:00
mbalmer
af7df5ea1a SHARED_LIBS
ok bernd
2006-01-07 11:11:17 +00:00
mbalmer
b616bdcee3 Forgot to bump the package name of the -docs subpackage after a change
to the PLIST.

"gentle" reminder by nikolay...
2005-12-31 13:03:39 +00:00
mbalmer
58c3ec46eb Fix a typo, from jk <dhv@scurvy.org>. 2005-12-31 10:40:39 +00:00
mbalmer
c95df04d7d Bump package name. 2005-11-08 23:40:01 +00:00
mbalmer
5a65352148 Rearrange the PLIST's to make sure the subpackages can be individually
installed and deinstalled.

problem found by msf@, thanks!
2005-11-08 22:07:33 +00:00
mbalmer
f3ee50ba8d Update to PostgreSQL 8.1.0
Detailed information can be found at http://www.postgresql.org/docs/whatsnew
2005-11-08 15:20:42 +00:00
mbalmer
086dc2b0cd Update to PostgreSQL 8.0.4. 2005-10-10 22:48:24 +00:00
espie
f90faf868a conflicts from the past: history since 3.7.
As noted on ports@ recently, pkg_add -r relies on conflicts, and the
sheer existence of updates means we MUST take the past into account in
conflicts now.

Note the renaming of hugs98 to valid package names where versions are
concerned.

This commit shows clearly the renaming of the xfce4 plugin packages, the
ditching of eclipse flavors, the splitting of nessus into subpackages,
the splitting of various other software documentations, some packaging bugs
in kdeedu, and a lot of files moving around...

okay pvalchev@
2005-08-16 09:49:51 +00:00
mbalmer
27209e9e87 Remove unused patch file.
Spotted by naddy@
2005-05-26 19:09:18 +00:00
mbalmer
c62248a391 Security update to version 8.0.3
ok robert@
2005-05-11 10:10:39 +00:00
mbalmer
884287bfbe WANTLIB tweaks
ok alek@
2005-04-30 12:02:10 +00:00
mbalmer
5c0dbeb582 Update to PostgreSQL 8.0.2 and take maintainerhsip with the old maintainers
consent.

ok nikolay@, todd@
2005-04-30 10:00:03 +00:00
sturm
b87214004a remove Peter Galbavy as maintainer per his request 2005-04-07 17:45:43 +00:00
sturm
3d35133277 fix kerberos support (from Jesse Kempf <kempf at rpi.edu>) and
mention to start the server with nohup to prevent a signal race (from mpf@)
2005-04-06 06:23:46 +00:00
alek
644f32ce81 Oh my^W^WMore no longer needed WWW:... lines 2005-03-25 15:13:59 +00:00
sturm
b2d36339e6 SECURITY fix
This patch fixes a problem where low privileged users can invoke the
LOAD extension to load arbitrary libraries into the postgres process
space.

ok peter.galbavy at knowtion.net
2005-02-05 15:11:58 +00:00
naddy
3f04f8f321 SIZE 2005-01-05 16:22:24 +00:00
alek
298795d7f4 - Fix libpq soname
- Rework WANTLIB as this port has SUBPACKAGES
- Replace RUN_DEPENDS with LIB_DEPENDS
- Add PKG_ARCH
- Bump PKGNAME

ok sturm@, Brandon Palmer (MAINTAINER)
2005-01-02 00:23:28 +00:00
espie
28a459bb6d WANTLIB markers 2004-11-22 16:59:29 +00:00
espie
2a36ea7b8c trim down INSTALL script, move stuff into PLIST and MESSAGE. 2004-10-12 21:03:13 +00:00
espie
2b80a94147 new-style conflicts. 2004-09-18 10:35:36 +00:00
espie
25ab10e258 new style PLISTs 2004-09-14 23:31:45 +00:00
espie
69800f4dbd new plist 2004-08-09 12:16:55 +00:00
peter
565ffb7a61 Update to PostgreSQL 7.4.3
Changes in the package layout means that there is now a -client and
-server subpackage, and users no longer need to decide which, as
the -server depends on the -client, just like the sane cases in
mysql and openldap.

Other changes include:

* Removal of the tcl FLAVOR until someone with more tcl/tk knowledge
can make it work correctly.

* The INSTALL-server script now created a _postgresql user and group
if they don't already exist, and also a default database in
/var/postgresql if that directory also doesn't exist.

* The port is marked for NO_SHARED_ARCHS as the -server subpackage
needs shared lib support to build.

* The port will build with spinlocks disabled on hppa until someone
can check and test this problem more closely.

Built and checked on i386, sparc64, amd64, macppc (waiting for regress
test feedback).

Dependent packages will be updated after this commit, shortly.
2004-07-26 10:10:46 +00:00
sturm
7297ccd7b0 mark some subpackages arch independent
ok naddy@
2004-02-04 07:39:18 +00:00
brad
6138c7cdf1 upgrade to PostgreSQL 7.3.5
--
ok MAINTAINER (Peter Galbavy)
2003-12-23 19:40:32 +00:00
naddy
2276d3b230 remove WWW lines 2003-12-15 21:42:08 +00:00
margarida
f60aece3cd Security fix:
Two bugs were discovered that lead to a buffer overflow in PostgreSQL
in the abstract data type (ADT) to ASCII conversion functions.
It is believed that, under the right circumstances, an attacker may use
this vulnerability to execute arbitrary instructions on the PostgreSQL
server.

ok Brandon Palmer (maintainer)
2003-11-11 15:11:34 +00:00
sturm
58ca9acb21 new user naming schema
bump PKGNAME where necessary

rohee@ ok leafnode
"you don't have to wait for oks" pval@
2003-06-23 19:11:10 +00:00
lebel
95cdf8cdfe PERMIT_*_CDROM can't be Yes:
The license says:

Permission to use, copy, modify, and distribute this software and its
documentation for any purpose, without fee, and without a written agreement
is hereby granted, provided that the above copyright notice and this
paragraph and the following two paragraphs appear in all copies.

noticed by markus@
2003-05-20 13:52:00 +00:00
naddy
e0112048dd Update to 7.3.2. Change flavor no_tcl -> tcl.
From: Peter Galbavy <peter.galbavy@knowtion.net>
2003-02-12 17:09:03 +00:00
todd
1e5dc1cf11 add no_tcl flavor, for those not building all of ports,
not wanting to install x to have a database; from brad@,
prodded by Ben Lindstrom
2003-01-08 21:33:21 +00:00
todd
45119a5d02 PKGNAME-tcl= .. from naddy@ .. thanks! 2003-01-03 14:24:55 +00:00
todd
d4832d8f34 build depends on tcl too 2003-01-02 14:48:23 +00:00
todd
90ed63e5cf add tcl multi-package to postgresql 2003-01-02 07:15:34 +00:00
brad
af78bcf1db sloppy update. this port used to install ALL the headers for a good reason. 2002-12-18 05:13:15 +00:00
naddy
8eb8b90598 Update to 7.3.
From: Peter Galbavy <peter.galbavy@knowtion.net>
2002-12-17 16:38:53 +00:00
brad
8cf37ab1d6 remove sourceforge URL 2002-05-19 23:39:57 +00:00
brad
6b3e8838f2 install ALL headers 2002-03-25 03:18:20 +00:00
espie
e3edfb9aea md5->distinfo 2002-03-21 20:20:41 +00:00
espie
59d733d913 Let configure.in be grokkable by our autoconf. Noticed by Brandon Palmer. 2002-02-05 17:27:38 +00:00
brad
dc4fc7d45c YUCK! ftp.postgresql.org is rate limited to 1KB/sec per user so remove it.
--
Pointed out by: Jedi/Sector One <j@pureftpd.org>
2002-01-11 18:56:34 +00:00
pvalchev
08d1f1e568 fill MODGNU_CONFIG_GUESS_DIRS; for powerpc 2001-09-27 05:45:34 +00:00
peter
07a78e7a1e remove file collisions when installing postgresql-docs with either
-clients or docs.

tested by Brandon Palmer.

thanks to Maurice Nonnekes <maurice@amaze.nl> for the patch.
2001-09-26 13:04:28 +00:00
peter
1668a3f1d3 update my e-mail address 2001-09-07 22:48:47 +00:00