head 1.23; access; symbols pkgsrc-2013Q2:1.23.0.30 pkgsrc-2013Q2-base:1.23 pkgsrc-2012Q4:1.23.0.28 pkgsrc-2012Q4-base:1.23 pkgsrc-2011Q4:1.23.0.26 pkgsrc-2011Q4-base:1.23 pkgsrc-2011Q2:1.23.0.24 pkgsrc-2011Q2-base:1.23 pkgsrc-2009Q4:1.23.0.22 pkgsrc-2009Q4-base:1.23 pkgsrc-2008Q4:1.23.0.20 pkgsrc-2008Q4-base:1.23 pkgsrc-2008Q3:1.23.0.18 pkgsrc-2008Q3-base:1.23 cube-native-xorg:1.23.0.16 cube-native-xorg-base:1.23 pkgsrc-2008Q2:1.23.0.14 pkgsrc-2008Q2-base:1.23 pkgsrc-2008Q1:1.23.0.12 pkgsrc-2008Q1-base:1.23 pkgsrc-2007Q4:1.23.0.10 pkgsrc-2007Q4-base:1.23 pkgsrc-2007Q3:1.23.0.8 pkgsrc-2007Q3-base:1.23 pkgsrc-2007Q2:1.23.0.6 pkgsrc-2007Q2-base:1.23 pkgsrc-2007Q1:1.23.0.4 pkgsrc-2007Q1-base:1.23 pkgsrc-2006Q4:1.23.0.2 pkgsrc-2006Q4-base:1.23 pkgsrc-2006Q3:1.21.0.4 pkgsrc-2006Q3-base:1.21 pkgsrc-2006Q2:1.21.0.2 pkgsrc-2006Q2-base:1.21 pkgsrc-2006Q1:1.20.0.2 pkgsrc-2006Q1-base:1.20 pkgsrc-2005Q4:1.19.0.2 pkgsrc-2005Q4-base:1.19 pkgsrc-2005Q3:1.18.0.2 pkgsrc-2005Q3-base:1.18 pkgsrc-2005Q2:1.17.0.4 pkgsrc-2005Q2-base:1.17 pkgsrc-2005Q1:1.17.0.2 pkgsrc-2005Q1-base:1.17 pkgsrc-2004Q4:1.14.0.2 pkgsrc-2004Q4-base:1.14 pkgsrc-2004Q3:1.6.0.2 pkgsrc-2004Q3-base:1.6 pkgsrc-2004Q2:1.3.0.2 pkgsrc-2004Q2-base:1.3 pkgsrc-base:1.1.1.1 TNF:1.1.1; locks; strict; comment @# @; 1.23 date 2006.12.27.15.57.37; author joerg; state dead; branches; next 1.22; 1.22 date 2006.10.18.19.24.07; author adam; state Exp; branches; next 1.21; 1.21 date 2006.05.26.17.47.58; author joerg; state Exp; branches 1.21.4.1; next 1.20; 1.20 date 2006.02.21.20.23.49; author joerg; state Exp; branches 1.20.2.1; next 1.19; 1.19 date 2005.11.08.16.40.38; author joerg; state Exp; branches 1.19.2.1; next 1.18; 1.18 date 2005.06.30.01.50.10; author wiz; state Exp; branches; next 1.17; 1.17 date 2005.03.17.22.35.48; author jschauma; state Exp; branches 1.17.4.1; next 1.16; 1.16 date 2005.02.23.16.33.08; author agc; state Exp; branches; next 1.15; 1.15 date 2005.02.05.14.31.20; author jdolecek; state Exp; branches; next 1.14; 1.14 date 2004.12.18.16.36.29; author jlam; state Exp; branches; next 1.13; 1.13 date 2004.12.18.16.04.16; author jlam; state Exp; branches; next 1.12; 1.12 date 2004.12.18.15.59.55; author jlam; state Exp; branches; next 1.11; 1.11 date 2004.11.04.20.06.12; author recht; state Exp; branches; next 1.10; 1.10 date 2004.10.25.17.12.10; author jdolecek; state Exp; branches; next 1.9; 1.9 date 2004.10.21.12.15.19; author jonb; state Exp; branches; next 1.8; 1.8 date 2004.10.10.12.33.35; author jdolecek; state Exp; branches; next 1.7; 1.7 date 2004.10.10.07.30.22; author jdolecek; state Exp; branches; next 1.6; 1.6 date 2004.07.24.22.44.12; author recht; state Exp; branches; next 1.5; 1.5 date 2004.06.27.16.38.32; author recht; state Exp; branches; next 1.4; 1.4 date 2004.06.25.14.51.23; author taca; state Exp; branches; next 1.3; 1.3 date 2004.04.29.22.23.32; author recht; state Exp; branches; next 1.2; 1.2 date 2004.04.20.22.37.22; author recht; state Exp; branches; next 1.1; 1.1 date 2004.04.19.00.07.13; author recht; state Exp; branches 1.1.1.1; next ; 1.21.4.1 date 2006.10.31.10.18.19; author ghen; state Exp; branches; next ; 1.20.2.1 date 2006.05.31.11.53.44; author salo; state Exp; branches; next ; 1.19.2.1 date 2006.02.26.22.01.11; author seb; state Exp; branches; next ; 1.17.4.1 date 2005.07.16.04.27.45; author snj; state Exp; branches; next ; 1.1.1.1 date 2004.04.19.00.07.13; author recht; state Exp; branches; next ; desc @@ 1.23 log @As discussed on tech-pkg, remove PostgreSQL 7.4. @ text @$NetBSD: distinfo,v 1.22 2006/10/18 19:24:07 adam Exp $ SHA1 (postgresql-7.4.14.tar.bz2) = 1193ae3215a3b36409ee457de812a7e179e608ee RMD160 (postgresql-7.4.14.tar.bz2) = 105f37482ff5591d89ad697a7d3cce1f29845440 Size (postgresql-7.4.14.tar.bz2) = 10277632 bytes SHA1 (patch-aa) = 830a0789195aacd10094e35e7d0d79c5e201491f SHA1 (patch-ab) = f44a544c56452bad197a88cb827e88624c54656c SHA1 (patch-ac) = 8104ac7631dd8566eb455e479dd59da058b68c8f SHA1 (patch-ad) = fae5e82e0943ea982c9d3aace290b56c6a7629f9 SHA1 (patch-ae) = f0e0ad98ebdc972e7c40afd805fbb0d909d5ef3b SHA1 (patch-af) = 7373db75fda125b980f2ead990719798c0d22a48 SHA1 (patch-ag) = a983f23b5e47a4c2f31ba284ff3db51b53cf8414 SHA1 (patch-ah) = 1a9b565bf3a004da5fa33081bc3675cb938e7e5f SHA1 (patch-ai) = 158382638ee3380930d6c9fd9b6381e973ccedc2 SHA1 (patch-aj) = 629e38a0ca475834fb0bf1e03cc4efdfca4fb6ce SHA1 (patch-ak) = 12b4227149ebe4a3516b342c0931de78e3498b2e @ 1.22 log @Changes 7.4.14: * Fix core dump when an untyped literal is taken as ANYARRAY * Fix string_to_array() to handle overlapping matches for the separator string For example, string_to_array('123xx456xxx789', 'xx'). * Fix corner cases in pattern matching for psql's \d commands * Fix index-corrupting bugs in /contrib/ltree (Teodor) * Fix backslash escaping in /contrib/dbmirror * Adjust regression tests for recent changes in US DST laws @ text @d1 1 a1 1 $NetBSD: distinfo,v 1.21 2006/05/26 17:47:58 joerg Exp $ @ 1.21 log @Update PostgreSQL to 7.3.15, 7.4.13, 8.0.8 and 8.1.4 respectively. Common to all versions: * Change the server to reject invalidly-encoded multibyte characters in all cases (Tatsuo, Tom) While PostgreSQL has been moving in this direction for some time, the checks are now applied uniformly to all encodings and all textual input, and are now always errors not merely warnings. This change defends against SQL-injection attacks of the type described in CVE-2006-2313. * Reject unsafe uses of \' in string literals As a server-side defense against SQL-injection attacks of the type described in CVE-2006-2314, the server now only accepts '' and not \' as a representation of ASCII single quote in SQL string literals. By default, \' is rejected only when client_encoding is set to a client-only encoding (SJIS, BIG5, GBK, GB18030, or UHC), which is the scenario in which SQL injection is possible. A new configuration parameter backslash_quote is available to adjust this behavior when needed. Note that full security against CVE-2006-2314 may require client-side changes; the purpose of backslash_quote is in part to make it obvious that insecure clients are insecure. * Modify libpq's string-escaping routines to be aware of encoding considerations This fixes libpq-using applications for the security issues described in CVE-2006-2313 and CVE-2006-2314. Applications that use multiple PostgreSQL connections concurrently should migrate to PQescapeStringConn() and PQescapeByteaConn() to ensure that escaping is done correctly for the settings in use in each database connection. Applications that do string escaping "by hand" should be modified to rely on library routines instead. * Fix some incorrect encoding conversion functions win1251_to_iso, alt_to_iso, euc_tw_to_big5, euc_tw_to_mic, mic_to_euc_tw were all broken to varying extents. * Clean up stray remaining uses of \' in strings (Bruce, Jan) * Fix server to use custom DH SSL parameters correctly (Michael Fuhr) * Fix various minor memory leaks Additionally for 7.4.13 and later: * Fix bug that sometimes caused OR'd index scans to miss rows they should have returned * Fix WAL replay for case where a btree index has been truncated * Fix SIMILAR TO for patterns involving | (Tom) * Fix for Bonjour on Intel Macs (Ashley Clark) Additionally for 8.0.8 and 8.1.4: * Fix SELECT INTO and CREATE TABLE AS to create tables in the default tablespace, not the base directory (Kris Jurka) * Fix problem with password prompting on some Win32 systems (Robert Kinberg) Additionally for 8.1.4: * Fix weak key selection in pgcrypto (Marko Kreen) Errors in fortuna PRNG reseeding logic could cause a predictable session key to be selected by pgp_sym_encrypt() in some cases. This only affects non-OpenSSL-using builds. * Make autovacuum visible in pg_stat_activity (Alvaro) * Disable full_page_writes (Tom) In certain cases, having full_page_writes off would cause crash recovery to fail. A proper fix will appear in 8.2; for now it's just disabled. * Various planner fixes, particularly for bitmap index scans and MIN/MAX optimization (Tom) * Fix incorrect optimization in merge join (Tom) Outer joins could sometimes emit multiple copies of unmatched rows. * Fix crash from using and modifying a plpgsql function in the same transaction * Improve qsort performance (Dann Corbit) Currently this code is only used on Solaris. * Improve pg_dump's handling of default values for domains * Fix pg_dumpall to handle identically-named users and groups reasonably (only possible when dumping from a pre-8.1 server) (Tom) The user and group will be merged into a single role with LOGIN permission. Formerly the merged role wouldn't have LOGIN permission, making it unusable as a user. * Fix pg_restore -n to work as documented (Tom) @ text @d1 1 a1 1 $NetBSD: distinfo,v 1.20 2006/02/21 20:23:49 joerg Exp $ d3 3 a5 3 SHA1 (postgresql-7.4.13.tar.bz2) = 32bb03c00e4905d02fc621988d88b075a8a07194 RMD160 (postgresql-7.4.13.tar.bz2) = 8b107ed07fd44814f8559c4803a95e86176f2b63 Size (postgresql-7.4.13.tar.bz2) = 10248808 bytes @ 1.21.4.1 log @Pullup ticket 1879 - requested by joerg security updates for postgresql - pkgsrc/databases/postgresql74/Makefile.common 1.37 - pkgsrc/databases/postgresql74/distinfo 1.22 - pkgsrc/databases/postgresql74-client/Makefile 1.21 - pkgsrc/databases/postgresql74-contrib/Makefile 1.14 - pkgsrc/databases/postgresql74-docs/Makefile 1.10-1.11 - pkgsrc/databases/postgresql74-docs/PLIST 1.7-1.8 - pkgsrc/databases/postgresql74-lib/Makefile 1.26 - pkgsrc/databases/postgresql74-server/Makefile 1.27 - pkgsrc/databases/postgresql74-server/PLIST 1.6 - pkgsrc/databases/postgresql80/Makefile.common 1.24 - pkgsrc/databases/postgresql80/distinfo 1.14 - pkgsrc/databases/postgresql80/options.mk 1.4 - pkgsrc/databases/postgresql80-client/Makefile 1.17 - pkgsrc/databases/postgresql80-client/PLIST 1.12 - pkgsrc/databases/postgresql80-server/Makefile 1.22 - pkgsrc/databases/postgresql81/Makefile.common 1.7 - pkgsrc/databases/postgresql81/distinfo 1.3 - pkgsrc/databases/postgresql81/options.mk 1.2 - pkgsrc/databases/postgresql81-client/Makefile 1.4 - pkgsrc/databases/postgresql81-client/PLIST 1.3 - pkgsrc/databases/postgresql81-server/Makefile 1.5 Module Name: pkgsrc Committed By: adam Date: Wed Oct 18 16:31:24 UTC 2006 Modified Files: pkgsrc/databases/postgresql81: Makefile.common distinfo options.mk Log Message: Changes 8.1.5: * Disallow aggregate functions in "UPDATE" commands, except within sub-SELECTs (Tom) The behavior of such an aggregate was unpredictable, and in 8.1.X could cause a crash, so it has been disabled. The SQL standard does not allow this either. * Fix core dump when an untyped literal is taken as ANYARRAY * Fix core dump in duration logging for extended query protocol when a "COMMIT" or "ROLLBACK" is executed * Fix mishandling of AFTER triggers when query contains a SQL function returning multiple rows (Tom) * Fix "ALTER TABLE ... TYPE" to recheck NOT NULL for USING clause (Tom) * Fix string_to_array() to handle overlapping matches for the separator string For example, string_to_array('123xx456xxx789', 'xx'). * Fix to_timestamp() for AM/PM formats (Bruce) * Fix autovacuum's calculation that decides whether "ANALYZE" is needed (Alvaro) * Fix corner cases in pattern matching for psql's \d commands * Fix index-corrupting bugs in /contrib/ltree (Teodor) * Numerous robustness fixes in ecpg (Joachim Wieland) * Fix backslash escaping in /contrib/dbmirror * Minor fixes in /contrib/dblink and /contrib/tsearch2 * Efficiency improvements in hash tables and bitmap index scans (Tom) * Fix instability of statistics collection on Win32 (Tom, Andrew) * Fix statement_timeout to use the proper units on Win32 (Bruce) In previous Win32 8.1.X versions, the delay was off by a factor of 100. * Fixes for MSVC and Borland C++ compilers (Hiroshi Saito) * Fixes for AIX and Intel compilers (Tom) --- Module Name: pkgsrc Committed By: adam Date: Wed Oct 18 16:33:21 UTC 2006 Modified Files: pkgsrc/databases/postgresql81-client: Makefile PLIST Log Message: Changes 8.1.5: * Disallow aggregate functions in "UPDATE" commands, except within sub-SELECTs (Tom) The behavior of such an aggregate was unpredictable, and in 8.1.X could cause a crash, so it has been disabled. The SQL standard does not allow this either. * Fix core dump when an untyped literal is taken as ANYARRAY * Fix core dump in duration logging for extended query protocol when a "COMMIT" or "ROLLBACK" is executed * Fix mishandling of AFTER triggers when query contains a SQL function returning multiple rows (Tom) * Fix "ALTER TABLE ... TYPE" to recheck NOT NULL for USING clause (Tom) * Fix string_to_array() to handle overlapping matches for the separator string For example, string_to_array('123xx456xxx789', 'xx'). * Fix to_timestamp() for AM/PM formats (Bruce) * Fix autovacuum's calculation that decides whether "ANALYZE" is needed (Alvaro) * Fix corner cases in pattern matching for psql's \d commands * Fix index-corrupting bugs in /contrib/ltree (Teodor) * Numerous robustness fixes in ecpg (Joachim Wieland) * Fix backslash escaping in /contrib/dbmirror * Minor fixes in /contrib/dblink and /contrib/tsearch2 * Efficiency improvements in hash tables and bitmap index scans (Tom) * Fix instability of statistics collection on Win32 (Tom, Andrew) * Fix statement_timeout to use the proper units on Win32 (Bruce) In previous Win32 8.1.X versions, the delay was off by a factor of 100. * Fixes for MSVC and Borland C++ compilers (Hiroshi Saito) * Fixes for AIX and Intel compilers (Tom) --- Module Name: pkgsrc Committed By: adam Date: Wed Oct 18 16:34:17 UTC 2006 Modified Files: pkgsrc/databases/postgresql81-server: Makefile Log Message: Changes 8.1.5: * Disallow aggregate functions in "UPDATE" commands, except within sub-SELECTs (Tom) The behavior of such an aggregate was unpredictable, and in 8.1.X could cause a crash, so it has been disabled. The SQL standard does not allow this either. * Fix core dump when an untyped literal is taken as ANYARRAY * Fix core dump in duration logging for extended query protocol when a "COMMIT" or "ROLLBACK" is executed * Fix mishandling of AFTER triggers when query contains a SQL function returning multiple rows (Tom) * Fix "ALTER TABLE ... TYPE" to recheck NOT NULL for USING clause (Tom) * Fix string_to_array() to handle overlapping matches for the separator string For example, string_to_array('123xx456xxx789', 'xx'). * Fix to_timestamp() for AM/PM formats (Bruce) * Fix autovacuum's calculation that decides whether "ANALYZE" is needed (Alvaro) * Fix corner cases in pattern matching for psql's \d commands * Fix index-corrupting bugs in /contrib/ltree (Teodor) * Numerous robustness fixes in ecpg (Joachim Wieland) * Fix backslash escaping in /contrib/dbmirror * Minor fixes in /contrib/dblink and /contrib/tsearch2 * Efficiency improvements in hash tables and bitmap index scans (Tom) * Fix instability of statistics collection on Win32 (Tom, Andrew) * Fix statement_timeout to use the proper units on Win32 (Bruce) In previous Win32 8.1.X versions, the delay was off by a factor of 100. * Fixes for MSVC and Borland C++ compilers (Hiroshi Saito) * Fixes for AIX and Intel compilers (Tom) --- Module Name: pkgsrc Committed By: adam Date: Wed Oct 18 18:38:57 UTC 2006 Modified Files: pkgsrc/databases/postgresql80: Makefile.common distinfo options.mk Log Message: Changes 8.0.9: * Fix crash when referencing NEW row values in rule WHERE expressions (Tom) * Fix core dump when an untyped literal is taken as ANYARRAY * Fix mishandling of AFTER triggers when query contains a SQL function returning multiple rows (Tom) * Fix "ALTER TABLE ... TYPE" to recheck NOT NULL for USING clause (Tom) * Fix string_to_array() to handle overlapping matches for the separator string For example, string_to_array('123xx456xxx789', 'xx'). * Fix corner cases in pattern matching for psql's \d commands * Fix index-corrupting bugs in /contrib/ltree (Teodor) * Numerous robustness fixes in ecpg (Joachim Wieland) * Fix backslash escaping in /contrib/dbmirror * Fix instability of statistics collection on Win32 (Tom, Andrew) * Fixes for AIX and Intel compilers (Tom) --- Module Name: pkgsrc Committed By: adam Date: Wed Oct 18 18:39:09 UTC 2006 Modified Files: pkgsrc/databases/postgresql80-client: Makefile PLIST Log Message: Changes 8.0.9: * Fix crash when referencing NEW row values in rule WHERE expressions (Tom) * Fix core dump when an untyped literal is taken as ANYARRAY * Fix mishandling of AFTER triggers when query contains a SQL function returning multiple rows (Tom) * Fix "ALTER TABLE ... TYPE" to recheck NOT NULL for USING clause (Tom) * Fix string_to_array() to handle overlapping matches for the separator string For example, string_to_array('123xx456xxx789', 'xx'). * Fix corner cases in pattern matching for psql's \d commands * Fix index-corrupting bugs in /contrib/ltree (Teodor) * Numerous robustness fixes in ecpg (Joachim Wieland) * Fix backslash escaping in /contrib/dbmirror * Fix instability of statistics collection on Win32 (Tom, Andrew) * Fixes for AIX and Intel compilers (Tom) --- Module Name: pkgsrc Committed By: adam Date: Wed Oct 18 18:39:19 UTC 2006 Modified Files: pkgsrc/databases/postgresql80-server: Makefile Log Message: Changes 8.0.9: * Fix crash when referencing NEW row values in rule WHERE expressions (Tom) * Fix core dump when an untyped literal is taken as ANYARRAY * Fix mishandling of AFTER triggers when query contains a SQL function returning multiple rows (Tom) * Fix "ALTER TABLE ... TYPE" to recheck NOT NULL for USING clause (Tom) * Fix string_to_array() to handle overlapping matches for the separator string For example, string_to_array('123xx456xxx789', 'xx'). * Fix corner cases in pattern matching for psql's \d commands * Fix index-corrupting bugs in /contrib/ltree (Teodor) * Numerous robustness fixes in ecpg (Joachim Wieland) * Fix backslash escaping in /contrib/dbmirror * Fix instability of statistics collection on Win32 (Tom, Andrew) * Fixes for AIX and Intel compilers (Tom) --- Module Name: pkgsrc Committed By: adam Date: Wed Oct 18 19:24:07 UTC 2006 Modified Files: pkgsrc/databases/postgresql74: Makefile.common distinfo pkgsrc/databases/postgresql74-client: Makefile pkgsrc/databases/postgresql74-contrib: Makefile pkgsrc/databases/postgresql74-docs: Makefile PLIST pkgsrc/databases/postgresql74-lib: Makefile pkgsrc/databases/postgresql74-server: Makefile PLIST Log Message: Changes 7.4.14: * Fix core dump when an untyped literal is taken as ANYARRAY * Fix string_to_array() to handle overlapping matches for the separator string For example, string_to_array('123xx456xxx789', 'xx'). * Fix corner cases in pattern matching for psql's \d commands * Fix index-corrupting bugs in /contrib/ltree (Teodor) * Fix backslash escaping in /contrib/dbmirror * Adjust regression tests for recent changes in US DST laws --- Module Name: pkgsrc Committed By: ghen Date: Tue Oct 31 10:12:00 UTC 2006 Modified Files: pkgsrc/databases/postgresql74-docs: Makefile PLIST Log Message: Fix PLIST, bump PKGREVISION. @ text @d1 1 a1 1 $NetBSD: distinfo,v 1.22 2006/10/18 19:24:07 adam Exp $ d3 3 a5 3 SHA1 (postgresql-7.4.14.tar.bz2) = 1193ae3215a3b36409ee457de812a7e179e608ee RMD160 (postgresql-7.4.14.tar.bz2) = 105f37482ff5591d89ad697a7d3cce1f29845440 Size (postgresql-7.4.14.tar.bz2) = 10277632 bytes @ 1.20 log @Update PostgreSQL 7.4.x to 7.4.12. Take maintainership. The fix for locales and plperl in 7.4.11 might make an REINDEX necessary. Changes from 7.4.8 to 7.4.9: - Fix error that allowed VACUUM to remove ctid chains too soon, and add more checking in code that follows ctid links - Fix CHAR() to properly pad spaces to the specified length when using a multiple-byte character set (Yoshiyuki Asaba) - Fix the sense of the test for read-only transaction in COPY - Fix planning problem with outer-join ON clauses that reference only the inner-side relation - Further fixes for x FULL JOIN y ON true corner cases - Make array_in and array_recv more paranoid about validating their OID parameter - Fix missing rows in queries like UPDATE a=... WHERE a... with GiST index on column a - Improve robustness of datetime parsing - Improve checking for partially-written WAL pages - Improve robustness of signal handling when SSL is enabled - Don't try to open more than max_files_per_process files during postmaster startup - Various memory leakage fixes - Various portability improvements - Fix PL/PgSQL to handle var := var correctly when the variable is of pass-by-reference type - Update contrib/tsearch2 to use current Snowball code Changes from 7.4.9 to 7.4.10: - Fix race condition in transaction log management - Prevent failure if client sends Bind protocol message when current transaction is already aborted - /contrib/ltree fixes (Teodor) - AIX and HPUX compile fixes (Tom) - Fix longstanding planning error for outer joins - Prevent core dump in pg_autovacuum when a table has been dropped Changes from 7.4.10 to 7.4.11: - Fix for protocol-level Describe messages issued outside a transaction or in a failed transaction (Tom) - Fix character string comparison for locales that consider different character combinations as equal, such as Hungarian (Tom) - Set locale environment variables during postmaster startup to ensure that plperl won't change the locale later - Fix longstanding bug in strpos() and regular expression handling in certain rarely used Asian multi-byte character sets (Tatsuo) - Fix bug in /contrib/pgcrypto gen_salt, which caused it not to use all available salt space for MD5 and XDES algorithms (Marko Kreen, Solar Designer) - Fix /contrib/dblink to throw an error, rather than crashing, when the number of columns specified is different from what's actually returned by the query (Joe) Changes from 7.4.11 to 7.4.12: - Fix potential crash in SET SESSION AUTHORIZATION (CVE-2006-0553) - Fix bug with row visibility logic in self-inserted rows (Tom) - Fix race condition that could lead to "file already exists" errors during pg_clog file creation (Tom) - Properly check DOMAIN constraints for UNKNOWN parameters in prepared statements (Neil) - Fix to allow restoring dumps that have cross-schema references to custom operators (Tom) - Portability fix for testing presence of finite and isinf during configure (Tom) @ text @d1 1 a1 1 $NetBSD: distinfo,v 1.19 2005/11/08 16:40:38 joerg Exp $ d3 3 a5 3 SHA1 (postgresql-7.4.12.tar.bz2) = fd4e1db4fa3bf1a22d0596337cb1456389ca03e0 RMD160 (postgresql-7.4.12.tar.bz2) = 9a156c571383d666551439b49fd09ca3a96bed6e Size (postgresql-7.4.12.tar.bz2) = 10246537 bytes @ 1.20.2.1 log @Pullup ticket 1680 - requested by joerg security updates for postgresql Revisions pulled up: - pkgsrc/databases/postgresql73/Makefile.common 1.19 - pkgsrc/databases/postgresql73/distinfo 1.13 - pkgsrc/databases/postgresql73-docs/PLIST 1.7 - pkgsrc/databases/postgresql74/Makefile.common 1.36 - pkgsrc/databases/postgresql74/distinfo 1.21 - pkgsrc/databases/postgresql74-docs/PLIST 1.6 - pkgsrc/databases/postgresql80/Makefile.common 1.23 - pkgsrc/databases/postgresql80/distinfo 1.13 - pkgsrc/databases/postgresql80-client/PLIST 1.11 - pkgsrc/databases/postgresql81/Makefile.common 1.6 - pkgsrc/databases/postgresql81/distinfo 1.2 - pkgsrc/databases/postgresql81-client/PLIST 1.2 Module Name: pkgsrc Committed By: joerg Date: Fri May 26 17:47:58 UTC 2006 Modified Files: pkgsrc/databases/postgresql73: Makefile.common distinfo pkgsrc/databases/postgresql73-docs: PLIST pkgsrc/databases/postgresql74: Makefile.common distinfo pkgsrc/databases/postgresql74-docs: PLIST pkgsrc/databases/postgresql80: Makefile.common distinfo pkgsrc/databases/postgresql80-client: PLIST pkgsrc/databases/postgresql81: Makefile.common distinfo pkgsrc/databases/postgresql81-client: PLIST Log Message: Update PostgreSQL to 7.3.15, 7.4.13, 8.0.8 and 8.1.4 respectively. Common to all versions: * Change the server to reject invalidly-encoded multibyte characters in all cases (Tatsuo, Tom) While PostgreSQL has been moving in this direction for some time, the checks are now applied uniformly to all encodings and all textual input, and are now always errors not merely warnings. This change defends against SQL-injection attacks of the type described in CVE-2006-2313. * Reject unsafe uses of \' in string literals As a server-side defense against SQL-injection attacks of the type described in CVE-2006-2314, the server now only accepts '' and not \' as a representation of ASCII single quote in SQL string literals. By default, \' is rejected only when client_encoding is set to a client-only encoding (SJIS, BIG5, GBK, GB18030, or UHC), which is the scenario in which SQL injection is possible. A new configuration parameter backslash_quote is available to adjust this behavior when needed. Note that full security against CVE-2006-2314 may require client-side changes; the purpose of backslash_quote is in part to make it obvious that insecure clients are insecure. * Modify libpq's string-escaping routines to be aware of encoding considerations This fixes libpq-using applications for the security issues described in CVE-2006-2313 and CVE-2006-2314. Applications that use multiple PostgreSQL connections concurrently should migrate to PQescapeStringConn() and PQescapeByteaConn() to ensure that escaping is done correctly for the settings in use in each database connection. Applications that do string escaping "by hand" should be modified to rely on library routines instead. * Fix some incorrect encoding conversion functions win1251_to_iso, alt_to_iso, euc_tw_to_big5, euc_tw_to_mic, mic_to_euc_tw were all broken to varying extents. * Clean up stray remaining uses of \' in strings (Bruce, Jan) * Fix server to use custom DH SSL parameters correctly (Michael Fuhr) * Fix various minor memory leaks Additionally for 7.4.13 and later: * Fix bug that sometimes caused OR'd index scans to miss rows they should have returned * Fix WAL replay for case where a btree index has been truncated * Fix SIMILAR TO for patterns involving | (Tom) * Fix for Bonjour on Intel Macs (Ashley Clark) Additionally for 8.0.8 and 8.1.4: * Fix SELECT INTO and CREATE TABLE AS to create tables in the default tablespace, not the base directory (Kris Jurka) * Fix problem with password prompting on some Win32 systems (Robert Kinberg) Additionally for 8.1.4: * Fix weak key selection in pgcrypto (Marko Kreen) Errors in fortuna PRNG reseeding logic could cause a predictable session key to be selected by pgp_sym_encrypt() in some cases. This only affects non-OpenSSL-using builds. * Make autovacuum visible in pg_stat_activity (Alvaro) * Disable full_page_writes (Tom) In certain cases, having full_page_writes off would cause crash recovery to fail. A proper fix will appear in 8.2; for now it's just disabled. * Various planner fixes, particularly for bitmap index scans and MIN/MAX optimization (Tom) * Fix incorrect optimization in merge join (Tom) Outer joins could sometimes emit multiple copies of unmatched rows. * Fix crash from using and modifying a plpgsql function in the same transaction * Improve qsort performance (Dann Corbit) Currently this code is only used on Solaris. * Improve pg_dump's handling of default values for domains * Fix pg_dumpall to handle identically-named users and groups reasonably (only possible when dumping from a pre-8.1 server) (Tom) The user and group will be merged into a single role with LOGIN permission. Formerly the merged role wouldn't have LOGIN permission, making it unusable as a user. * Fix pg_restore -n to work as documented (Tom) @ text @d1 1 a1 1 $NetBSD: distinfo,v 1.21 2006/05/26 17:47:58 joerg Exp $ d3 3 a5 3 SHA1 (postgresql-7.4.13.tar.bz2) = 32bb03c00e4905d02fc621988d88b075a8a07194 RMD160 (postgresql-7.4.13.tar.bz2) = 8b107ed07fd44814f8559c4803a95e86176f2b63 Size (postgresql-7.4.13.tar.bz2) = 10248808 bytes @ 1.19 log @Allow PostgreSQL 7.4 to build on DragonFly. Bump revision of -lib, since the PLIST changed. Don't define errno manually in contrib/, depend on errno.h to do so. Explicitly include errno.h in some places. @ text @d1 1 a1 1 $NetBSD: distinfo,v 1.18 2005/06/30 01:50:10 wiz Exp $ d3 4 a6 4 SHA1 (postgresql-7.4.8.tar.bz2) = a565ff14e1a3b58a151b219bcffcf53dfc62ec41 RMD160 (postgresql-7.4.8.tar.bz2) = 3ee8c70e0506e2a49bae20bc2282391513ee9d65 Size (postgresql-7.4.8.tar.bz2) = 10235413 bytes SHA1 (patch-aa) = a7d3a63bbef3ae0ad5086fe6a8915be67731deb9 a16 1 SHA1 (patch-al) = 9c4b963c9f727c78c364f76e5146a4eeb1412638 @ 1.19.2.1 log @Pullup ticket 1163 - requested by Joerg Sonnenberger mostly sync databases/postgresql74, databases/tcl-postgresql74, and databases/postgresql74-{client,contrib,docs,lib,plperl,plpython,server} with HEAD, via patch, including security fix. @ text @d1 1 a1 1 $NetBSD: distinfo,v 1.20 2006/02/21 20:23:49 joerg Exp $ d3 4 a6 4 SHA1 (postgresql-7.4.12.tar.bz2) = fd4e1db4fa3bf1a22d0596337cb1456389ca03e0 RMD160 (postgresql-7.4.12.tar.bz2) = 9a156c571383d666551439b49fd09ca3a96bed6e Size (postgresql-7.4.12.tar.bz2) = 10246537 bytes SHA1 (patch-aa) = 830a0789195aacd10094e35e7d0d79c5e201491f d17 1 @ 1.18 log @Update postgresql74* packages to 7.4.8. Release Notes Release 7.4.8 Release date: 2005-05-09 This release contains a variety of fixes from 7.4.7, including several security-related issues. __________________________________________________________________ Migration to version 7.4.8 A dump/restore is not required for those running 7.4.X. However, it is one possible way of handling two significant security problems that have been found in the initial contents of 7.4.X system catalogs. A dump/initdb/reload sequence using 7.4.8's initdb will automatically correct these problems. The larger security problem is that the built-in character set encoding conversion functions can be invoked from SQL commands by unprivileged users, but the functions were not designed for such use and are not secure against malicious choices of arguments. The fix involves changing the declared parameter list of these functions so that they can no longer be invoked from SQL commands. (This does not affect their normal use by the encoding conversion machinery.) The lesser problem is that the "contrib/tsearch2" module creates several functions that are misdeclared to return internal when they do not accept internal arguments. This breaks type safety for all functions using internal arguments. It is strongly recommended that all installations repair these errors, either by initdb or by following the manual repair procedures given below. The errors at least allow unprivileged database users to crash their server process, and may allow unprivileged users to gain the privileges of a database superuser. While here, fix postgresql74-client package installation on 2.0 (broken -X), and avoid the need for gtar in tcl-postgresql74. @ text @d1 1 a1 1 $NetBSD: distinfo,v 1.17 2005/03/17 22:35:48 jschauma Exp $ d6 1 a6 1 SHA1 (patch-aa) = 626b4b4bf0d47913072399535c55d413b90675a4 d8 1 a8 1 SHA1 (patch-ac) = 81ef677cc5d196762b6cc3c3e38dee4a37e75ac2 d13 5 @ 1.17 log @Backport patch from http://developer.postgresql.org/cvsweb.cgi/pgsql/src/pl/plpgsql/src/gram.y.diff?r1=1.64.4.1&r2=1.64.4.2 to fix CAN-2005-0247 for postgresql74 Bump PKGREVISION on postgresql74-lib @ text @d1 1 a1 1 $NetBSD: distinfo,v 1.16 2005/02/23 16:33:08 agc Exp $ d3 3 a5 3 SHA1 (postgresql-7.4.7.tar.bz2) = 48fe9187ae1776265756b807254552b4f6bcfcb8 RMD160 (postgresql-7.4.7.tar.bz2) = 1bbb64c8a9b95cafe0254a0994752b8bbb624346 Size (postgresql-7.4.7.tar.bz2) = 10235394 bytes a12 1 SHA1 (patch-ah) = 4cc4e45679284815c32a5ff3b461b12df55d07c2 @ 1.17.4.1 log @Pullup ticket 609 - requested by Thomas Klausner security update for postgresql74 Revisions pulled up: - pkgsrc/databases/postgresql74/Makefile.common 1.24 - pkgsrc/databases/postgresql74/distinfo 1.18 - pkgsrc/databases/postgresql74-client/Makefile 1.12 - pkgsrc/databases/postgresql74-client/PLIST 1.4 - pkgsrc/databases/postgresql74-client/files/man.client 1.1 - pkgsrc/databases/postgresql74-client/files/man.exclude removed - pkgsrc/databases/postgresql74-docs/PLIST 1.4 - pkgsrc/databases/postgresql74-lib/PLIST 1.5 - pkgsrc/databases/postgresql74/patches/patch-ah removed - pkgsrc/databases/tcl-postgresql74/Makefile 1.3 Module Name: pkgsrc Committed By: wiz Date: Thu Jun 30 01:50:11 UTC 2005 Modified Files: pkgsrc/databases/postgresql74: Makefile.common distinfo pkgsrc/databases/postgresql74-client: Makefile PLIST pkgsrc/databases/postgresql74-docs: PLIST pkgsrc/databases/postgresql74-lib: PLIST pkgsrc/databases/tcl-postgresql74: Makefile Added Files: pkgsrc/databases/postgresql74-client/files: man.client Removed Files: pkgsrc/databases/postgresql74-client/files: man.exclude pkgsrc/databases/postgresql74/patches: patch-ah Log Message: Update postgresql74* packages to 7.4.8. Release Notes Release 7.4.8 Release date: 2005-05-09 This release contains a variety of fixes from 7.4.7, including several security-related issues. __________________________________________________________________ Migration to version 7.4.8 A dump/restore is not required for those running 7.4.X. However, it is one possible way of handling two significant security problems that have been found in the initial contents of 7.4.X system catalogs. A dump/initdb/reload sequence using 7.4.8's initdb will automatically correct these problems. The larger security problem is that the built-in character set encoding conversion functions can be invoked from SQL commands by unprivileged users, but the functions were not designed for such use and are not secure against malicious choices of arguments. The fix involves changing the declared parameter list of these functions so that they can no longer be invoked from SQL commands. (This does not affect their normal use by the encoding conversion machinery.) The lesser problem is that the "contrib/tsearch2" module creates several functions that are misdeclared to return internal when they do not accept internal arguments. This breaks type safety for all functions using internal arguments. It is strongly recommended that all installations repair these errors, either by initdb or by following the manual repair procedures given below. The errors at least allow unprivileged database users to crash their server process, and may allow unprivileged users to gain the privileges of a database superuser. While here, fix postgresql74-client package installation on 2.0 (broken -X), and avoid the need for gtar in tcl-postgresql74. @ text @d1 1 a1 1 $NetBSD: distinfo,v 1.17 2005/03/17 22:35:48 jschauma Exp $ d3 3 a5 3 SHA1 (postgresql-7.4.8.tar.bz2) = a565ff14e1a3b58a151b219bcffcf53dfc62ec41 RMD160 (postgresql-7.4.8.tar.bz2) = 3ee8c70e0506e2a49bae20bc2282391513ee9d65 Size (postgresql-7.4.8.tar.bz2) = 10235413 bytes d13 1 @ 1.16 log @Add RMD160 digests in addition to SHA1 ones. @ text @d1 1 a1 1 $NetBSD: distinfo,v 1.15 2005/02/05 14:31:20 jdolecek Exp $ d13 1 @ 1.15 log @Update postgresql74 to 7.4.7. This is security release only, fixes recently discovered LOAD vulnerability. @ text @d1 1 a1 1 $NetBSD: distinfo,v 1.14 2004/12/18 16:36:29 jlam Exp $ d4 1 @ 1.14 log @Fix postgresql74-plperl so that it finds libperl.so at runtime. The PostgreSQL configure/build infrastructure tries very hard to separate rpath flags from other LDFLAGS, which is completely unnecessary in pkgsrc since the wrapper scripts are smart enough to deal with it on their own. In this case, the GNU configure script was stripping out the rpath to libperl.so when setting perl_embed_ldflags, so modify the configure script to not do this. Also re-enable this package since it's possible to load the plperl.so language module again. I tested this with: createdb foo createlang -d foo plperl @ text @d1 1 a1 1 $NetBSD: distinfo,v 1.13 2004/12/18 16:04:16 jlam Exp $ d3 2 a4 2 SHA1 (postgresql-7.4.6.tar.bz2) = 54e9126053579285b29a3a30e3055d1784a28b0a Size (postgresql-7.4.6.tar.bz2) = 10200107 bytes @ 1.13 log @I lost the checksum for the tarball in my last commit... add it back. @ text @d1 1 a1 1 $NetBSD: distinfo,v 1.12 2004/12/18 15:59:55 jlam Exp $ d7 1 a7 1 SHA1 (patch-ac) = 39ce96f3ea9fc1167c8d21168fd1536077898d58 @ 1.12 log @Patch Makefile.shlib so that when creating shared libraries, we don't only pass only the -L* LDFLAGS to the linker. This is correct for pkgsrc since the wrapper scripts take care of correctly passing the rpath info to the linker, so we don't need to filter those out. This allows plpgsql.so to find libintl.so if we are using the pkgsrc version of it. Bump the PKGREVISION of postgresql*-lib to 7.3.8nb1 and 7.4.6nb2. Link the postgres binary with the necessary flags to allow it to dlopen() modules that use pthreads[*]. This should allow postgres to open a plperl.so module built on a system with perl+threads. Bump the PKGREVISION of postgresql*-server to 7.3.8nb2 and 7.4.6nb2. [*] Note that this behavior can be tweaked globally by setting DLOPEN_REQUIRE_PTHREADS to "yes" or "no" in /etc/mk.conf. @ text @d1 1 a1 1 $NetBSD$ d3 2 @ 1.11 log @Add back the sum for the hierarchical queries patch. @ text @d1 1 a1 1 $NetBSD: distinfo,v 1.10 2004/10/25 17:12:10 jdolecek Exp $ d3 1 a3 5 SHA1 (postgresql-7.4.6.tar.bz2) = 54e9126053579285b29a3a30e3055d1784a28b0a Size (postgresql-7.4.6.tar.bz2) = 10200107 bytes SHA1 (hier-Pg7.4-0.5.3.tar.gz) = 5b99167a9a87130cc2b7f582e28e3aef6f7f67b3 Size (hier-Pg7.4-0.5.3.tar.gz) = 34662 bytes SHA1 (patch-aa) = e9b99b04c02b3f04d21144a22489618948c378a8 d8 2 @ 1.10 log @Update all postgresql74 packages to 7.4.6. This fixes following two issues: * A vulnerability exists due to the insecure creation of temporary files, which could possibly let a malicious user overwrite arbitrary files * Repair possible failure to update hint bits on disk Under rare circumstances this oversight could lead to "could not access transaction status" failures, which qualifies it as a potential-data-loss bug. @ text @d1 1 a1 1 $NetBSD: distinfo,v 1.9 2004/10/21 12:15:19 jonb Exp $ d5 2 @ 1.9 log @Add sum for patch file needed when compiling with PGSQL_USE_HIER=YES @ text @d1 1 a1 1 $NetBSD: distinfo,v 1.8 2004/10/10 12:33:35 jdolecek Exp $ d3 2 a4 4 SHA1 (postgresql-7.4.5.tar.bz2) = 42582179398106fb9cfd5fac44f9fc7c614b07ef Size (postgresql-7.4.5.tar.bz2) = 10180504 bytes SHA1 (hier-Pg7.4-0.5.3.tar.gz) = 5b99167a9a87130cc2b7f582e28e3aef6f7f67b3 Size (hier-Pg7.4-0.5.3.tar.gz) = 34662 bytes d8 1 a8 1 SHA1 (patch-ad) = d0701dd5c629433606c364f2179ae111604008c6 @ 1.8 log @Add patches necessary to build PL/Python, based on information provided in PR pkg/23349 by Michal Pasternak. @ text @d1 1 a1 1 $NetBSD: distinfo,v 1.7 2004/10/10 07:30:22 jdolecek Exp $ d5 2 @ 1.7 log @Update PostgreSQL 7.4 packages to 7.4.5. Changes are mostly reliability fixes. Dump/restore is not necessary for 7.4.x users. Changes in 7.4.5: * Repair possible crash during concurrent btree index insertions This patch fixes a rare case in which concurrent insertions into a btree index could result in a server panic. No permanent damage would result, but it's still worth a re-release. The bug does not exist in pre-7.4 releases. Changes in 7.4.4: * Prevent possible loss of committed transactions during crash Due to insufficient interlocking between transaction commit and checkpointing, it was possible for transactions committed just before the most recent checkpoint to be lost, in whole or in part, following a database crash and restart. This is a serious bug that has existed since PostgreSQL 7.1. * Check HAVING restriction before evaluating result list of an aggregate plan * Avoid crash when session's current userID is deleted * Fix hashed crosstab for zero-rows case (Joe) * Force cache update after renaming a column in a foreign key * Pretty-print UNION queries correctly * Make psql handle \r\n newlines properly in COPY IN * pg_dump handled ACLs with grant options incorrectly * Fix thread support for OS X and Solaris * Updated JDBC driver (build 215) with various fixes * ECPG fixes * Translation updates (various contributors) @ text @d1 1 a1 1 $NetBSD: distinfo,v 1.6 2004/07/24 22:44:12 recht Exp $ d8 2 @ 1.6 log @change pkgname to postgresql74* (from postgresql*) @ text @d1 1 a1 1 $NetBSD: distinfo,v 1.5 2004/06/27 16:38:32 recht Exp $ d3 2 a4 4 SHA1 (postgresql-7.4.3.tar.bz2) = 26df04f0a32a482646850d9b34d95509c97cb585 Size (postgresql-7.4.3.tar.bz2) = 10149755 bytes SHA1 (hier-Pg7.4-0.5.3.tar.gz) = 5b99167a9a87130cc2b7f582e28e3aef6f7f67b3 Size (hier-Pg7.4-0.5.3.tar.gz) = 34662 bytes @ 1.5 log @update to 7.4.3 changes: * Fix temporary memory leak when using non-hashed aggregates (Tom) * ECPG fixes, including some for Informix compatibility (Michael) * Fixes for compiling with thread-safety, particularly Solaris (Bruce) * Fix error in COPY IN termination when using the old network protocol (ljb) * Several important fixes in pg_autovacuum (Matthew T. O'Connor) * Fix problem with reading tar-format dumps on NetBSD and BSD/OS (Bruce) * Several JDBC fixes * Fix ALTER SEQUENCE RESTART where last_value equals the restart value (Tom) * Repair failure to recalculate nested sub-selects (Tom) * Fix problems with non-constant expressions in LIMIT/OFFSET * Support FULL JOIN with no join clause, such as X FULL JOIN Y ON TRUE (Tom) * Fix another zero-column table bug (Tom) * Improve handling of non-qualified identifiers in GROUP BY clauses in sub-selects (Tom) * Do not generate "NATURAL CROSS JOIN" when decompiling rules (Tom) * Add checks for invalid field length in binary COPY (Tom) * Avoid locking conflict between ANALYZE and LISTEN/NOTIFY * Numerous translation updates (various contributors) @ text @d1 1 a1 1 $NetBSD$ d5 2 @ 1.4 log @Adjust docdir in configure. It should fix broken postgresql74-contrib package in bulk build. @ text @d1 1 a1 1 $NetBSD: distinfo,v 1.3 2004/04/29 22:23:32 recht Exp $ d3 2 a4 4 SHA1 (postgresql-7.4.2.tar.bz2) = 52b8a8a3467298c659e424213b72a15b08be9d59 Size (postgresql-7.4.2.tar.bz2) = 10100398 bytes SHA1 (hier-Pg7.4-0.5.2.tar.gz) = 8681cecbb0424a1c147b205a826816ea9146a261 Size (hier-Pg7.4-0.5.2.tar.gz) = 34747 bytes @ 1.3 log @Fix build for NetBSD > 1.6L < 2.0. @ text @d1 1 a1 1 $NetBSD: distinfo,v 1.2 2004/04/20 22:37:22 recht Exp $ d9 1 @ 1.2 log @Follow a suggestion by Josh Berkus (pgsql core team) and build with --enable-thread-safety. Bump PKGREVISIONs accordingly (meta-pkg, -client, -lib). @ text @d1 1 a1 1 $NetBSD: distinfo,v 1.1.1.1 2004/04/19 00:07:13 recht Exp $ d8 1 a8 1 SHA1 (patch-ab) = 0c9bda017744807db2b98051acdab017616a1add @ 1.1 log @Initial revision @ text @d1 1 a1 1 $NetBSD$ d8 1 @ 1.1.1.1 log @Initial import of PostgreSQL 7.4.2 meta-package PostgreSQL is a robust, next-generation, Object-Relational DBMS (ORDBMS), derived from the Berkeley Postgres database management system. While PostgreSQL retains the powerful object-relational data model, rich data types and easy extensibility of Postgres, it replaces the PostQuel query language with an extended subset of SQL. PostgreSQL is free and the complete source is available. This is the meta-package for the PostgreSQL database system. @ text @@