pkgsrc-Changes archive
[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index][Old Index]
CVS commit: pkgsrc
Module Name: pkgsrc
Committed By: adam
Date: Thu Apr 4 21:08:38 UTC 2013
Modified Files:
pkgsrc/databases: Makefile
pkgsrc/databases/postgresql84: Makefile.common distinfo
pkgsrc/databases/postgresql84-client: PLIST
pkgsrc/databases/postgresql84-server: PLIST
pkgsrc/databases/postgresql90: Makefile.common distinfo
pkgsrc/databases/postgresql90-docs: PLIST
pkgsrc/databases/postgresql90-server: PLIST
pkgsrc/databases/postgresql91: Makefile.common distinfo
pkgsrc/databases/postgresql91-docs: PLIST
pkgsrc/databases/postgresql91-server: PLIST
pkgsrc/databases/postgresql92: Makefile.common distinfo
pkgsrc/databases/postgresql92-client: PLIST
pkgsrc/databases/postgresql92-docs: PLIST
pkgsrc/databases/postgresql92-server: PLIST
pkgsrc/databases/postgresql92/patches: patch-contrib_dblink_dblink.c
pkgsrc/mk: pgsql.buildlink3.mk
Removed Files:
pkgsrc/databases/jdbc-postgresql83: DESCR Makefile PLIST distinfo
pkgsrc/databases/postgresql83: DESCR Makefile Makefile.common PLIST
distinfo options.mk
pkgsrc/databases/postgresql83-client: DESCR Makefile PLIST
buildlink3.mk
pkgsrc/databases/postgresql83-plperl: DESCR MESSAGE Makefile PLIST
pkgsrc/databases/postgresql83-plpython: DESCR MESSAGE Makefile PLIST
pkgsrc/databases/postgresql83-pltcl: DESCR MESSAGE Makefile PLIST
pkgsrc/databases/postgresql83-server: DEINSTALL DESCR MESSAGE Makefile
PLIST
pkgsrc/databases/postgresql83-server/files: pgsql.sh
pkgsrc/databases/postgresql83-uuid: Makefile
pkgsrc/databases/postgresql83/files: GNUmakefile.libpq dynloader-ltdl.h
pkgsrc/databases/postgresql83/patches: patch-aa patch-ab patch-ac
patch-ad patch-af patch-ag patch-ah patch-ai patch-ba
patch-src_interfaces_ecpg_ecpglib_Makefile
patch-src_makefiles_Makefile.solaris patch-src_pl_plperl_plperl.h
patch-src_pl_plpgsql_src_Makefile
Log Message:
The PostgreSQL Global Development Group has released a security update to all
current versions of the PostgreSQL database system, including versions 9.2.4,
9.1.9, 9.0.13, and 8.4.17. This update fixes a high-exposure security
vulnerability in versions 9.0 and later. All users of the affected versions are
strongly urged to apply the update immediately.
A major security issue fixed in this release, CVE-2013-1899, makes it possible
for a connection request containing a database name that begins with "-" to be
crafted that can damage or destroy files within a server's data directory.
Anyone with access to the port the PostgreSQL server listens on can initiate
this request.
Two lesser security fixes are also included in this release: CVE-2013-1900,
wherein random numbers generated by contrib/pgcrypto functions may be easy for
another database user to guess, and CVE-2013-1901, which mistakenly allows an
unprivileged user to run commands that could interfere with in-progress
backups. Finally, this release fixes two security issues with the graphical
installers for Linux and Mac OS X: insecure passing of superuser passwords to a
script, CVE-2013-1903 and the use of predictable filenames in /tmp
CVE-2013-1902.
To generate a diff of this commit:
cvs rdiff -u -r1.427 -r1.428 pkgsrc/databases/Makefile
cvs rdiff -u -r1.1.1.1 -r0 pkgsrc/databases/jdbc-postgresql83/DESCR
cvs rdiff -u -r1.4 -r0 pkgsrc/databases/jdbc-postgresql83/Makefile
cvs rdiff -u -r1.2 -r0 pkgsrc/databases/jdbc-postgresql83/PLIST \
pkgsrc/databases/jdbc-postgresql83/distinfo
cvs rdiff -u -r1.1.1.1 -r0 pkgsrc/databases/postgresql83/DESCR \
pkgsrc/databases/postgresql83/PLIST
cvs rdiff -u -r1.8 -r0 pkgsrc/databases/postgresql83/Makefile
cvs rdiff -u -r1.29 -r0 pkgsrc/databases/postgresql83/Makefile.common
cvs rdiff -u -r1.28 -r0 pkgsrc/databases/postgresql83/distinfo
cvs rdiff -u -r1.6 -r0 pkgsrc/databases/postgresql83/options.mk
cvs rdiff -u -r1.1.1.1 -r0 pkgsrc/databases/postgresql83-client/DESCR
cvs rdiff -u -r1.31 -r0 pkgsrc/databases/postgresql83-client/Makefile
cvs rdiff -u -r1.25 -r0 pkgsrc/databases/postgresql83-client/PLIST
cvs rdiff -u -r1.7 -r0 pkgsrc/databases/postgresql83-client/buildlink3.mk
cvs rdiff -u -r1.1.1.1 -r0 pkgsrc/databases/postgresql83-plperl/DESCR \
pkgsrc/databases/postgresql83-plperl/MESSAGE
cvs rdiff -u -r1.22 -r0 pkgsrc/databases/postgresql83-plperl/Makefile
cvs rdiff -u -r1.3 -r0 pkgsrc/databases/postgresql83-plperl/PLIST
cvs rdiff -u -r1.1.1.1 -r0 pkgsrc/databases/postgresql83-plpython/DESCR \
pkgsrc/databases/postgresql83-plpython/MESSAGE
cvs rdiff -u -r1.18 -r0 pkgsrc/databases/postgresql83-plpython/Makefile
cvs rdiff -u -r1.3 -r0 pkgsrc/databases/postgresql83-plpython/PLIST
cvs rdiff -u -r1.1.1.1 -r0 pkgsrc/databases/postgresql83-pltcl/DESCR \
pkgsrc/databases/postgresql83-pltcl/MESSAGE
cvs rdiff -u -r1.14 -r0 pkgsrc/databases/postgresql83-pltcl/Makefile
cvs rdiff -u -r1.3 -r0 pkgsrc/databases/postgresql83-pltcl/PLIST
cvs rdiff -u -r1.1.1.1 -r0 pkgsrc/databases/postgresql83-server/DEINSTALL \
pkgsrc/databases/postgresql83-server/DESCR
cvs rdiff -u -r1.3 -r0 pkgsrc/databases/postgresql83-server/MESSAGE
cvs rdiff -u -r1.25 -r0 pkgsrc/databases/postgresql83-server/Makefile
cvs rdiff -u -r1.18 -r0 pkgsrc/databases/postgresql83-server/PLIST
cvs rdiff -u -r1.6 -r0 pkgsrc/databases/postgresql83-server/files/pgsql.sh
cvs rdiff -u -r1.3 -r0 pkgsrc/databases/postgresql83-uuid/Makefile
cvs rdiff -u -r1.1.1.1 -r0 \
pkgsrc/databases/postgresql83/files/GNUmakefile.libpq \
pkgsrc/databases/postgresql83/files/dynloader-ltdl.h
cvs rdiff -u -r1.3 -r0 pkgsrc/databases/postgresql83/patches/patch-aa
cvs rdiff -u -r1.5 -r0 pkgsrc/databases/postgresql83/patches/patch-ab \
pkgsrc/databases/postgresql83/patches/patch-ad
cvs rdiff -u -r1.1.1.1 -r0 pkgsrc/databases/postgresql83/patches/patch-ac \
pkgsrc/databases/postgresql83/patches/patch-af \
pkgsrc/databases/postgresql83/patches/patch-ag \
pkgsrc/databases/postgresql83/patches/patch-ah \
pkgsrc/databases/postgresql83/patches/patch-ai
cvs rdiff -u -r1.2 -r0 pkgsrc/databases/postgresql83/patches/patch-ba
cvs rdiff -u -r1.1 -r0 \
pkgsrc/databases/postgresql83/patches/patch-src_interfaces_ecpg_ecpglib_Makefile
\
pkgsrc/databases/postgresql83/patches/patch-src_makefiles_Makefile.solaris \
pkgsrc/databases/postgresql83/patches/patch-src_pl_plperl_plperl.h \
pkgsrc/databases/postgresql83/patches/patch-src_pl_plpgsql_src_Makefile
cvs rdiff -u -r1.25 -r1.26 pkgsrc/databases/postgresql84/Makefile.common
cvs rdiff -u -r1.24 -r1.25 pkgsrc/databases/postgresql84/distinfo
cvs rdiff -u -r1.18 -r1.19 pkgsrc/databases/postgresql84-client/PLIST
cvs rdiff -u -r1.14 -r1.15 pkgsrc/databases/postgresql84-server/PLIST
cvs rdiff -u -r1.23 -r1.24 pkgsrc/databases/postgresql90/Makefile.common
cvs rdiff -u -r1.16 -r1.17 pkgsrc/databases/postgresql90/distinfo
cvs rdiff -u -r1.14 -r1.15 pkgsrc/databases/postgresql90-docs/PLIST
cvs rdiff -u -r1.11 -r1.12 pkgsrc/databases/postgresql90-server/PLIST
cvs rdiff -u -r1.13 -r1.14 pkgsrc/databases/postgresql91/Makefile.common \
pkgsrc/databases/postgresql91/distinfo
cvs rdiff -u -r1.10 -r1.11 pkgsrc/databases/postgresql91-docs/PLIST
cvs rdiff -u -r1.6 -r1.7 pkgsrc/databases/postgresql91-server/PLIST
cvs rdiff -u -r1.4 -r1.5 pkgsrc/databases/postgresql92/Makefile.common
cvs rdiff -u -r1.3 -r1.4 pkgsrc/databases/postgresql92/distinfo
cvs rdiff -u -r1.3 -r1.4 pkgsrc/databases/postgresql92-client/PLIST
cvs rdiff -u -r1.3 -r1.4 pkgsrc/databases/postgresql92-docs/PLIST
cvs rdiff -u -r1.2 -r1.3 pkgsrc/databases/postgresql92-server/PLIST
cvs rdiff -u -r1.1 -r1.2 \
pkgsrc/databases/postgresql92/patches/patch-contrib_dblink_dblink.c
cvs rdiff -u -r1.34 -r1.35 pkgsrc/mk/pgsql.buildlink3.mk
Please note that diffs are not public domain; they are subject to the
copyright notices on the relevant files.
Home |
Main Index |
Thread Index |
Old Index