diff options
| author | adam <adam> | 2013-04-04 21:08:25 +0000 |
|---|---|---|
| committer | adam <adam> | 2013-04-04 21:08:25 +0000 |
| commit | 5264ba3b4595974b5e7acaab8087f96505b143aa (patch) | |
| tree | 80c7435d598076d59e5b3c15db33a97bd3db4769 /databases/postgresql92-docs/PLIST | |
| parent | b68a262892edca5dc4013e7cdc6658c5af3040c3 (diff) | |
| download | pkgsrc-5264ba3b4595974b5e7acaab8087f96505b143aa.tar.gz | |
The PostgreSQL Global Development Group has released a security update to all current versions of the PostgreSQL database system, including versions 9.2.4, 9.1.9, 9.0.13, and 8.4.17. This update fixes a high-exposure security vulnerability in versions 9.0 and later. All users of the affected versions are strongly urged to apply the update immediately.
A major security issue fixed in this release, CVE-2013-1899, makes it possible for a connection request containing a database name that begins with "-" to be crafted that can damage or destroy files within a server's data directory. Anyone with access to the port the PostgreSQL server listens on can initiate this request.
Two lesser security fixes are also included in this release: CVE-2013-1900, wherein random numbers generated by contrib/pgcrypto functions may be easy for another database user to guess, and CVE-2013-1901, which mistakenly allows an unprivileged user to run commands that could interfere with in-progress backups. Finally, this release fixes two security issues with the graphical installers for Linux and Mac OS X: insecure passing of superuser passwords to a script, CVE-2013-1903 and the use of predictable filenames in /tmp CVE-2013-1902.
Diffstat (limited to 'databases/postgresql92-docs/PLIST')
| -rw-r--r-- | databases/postgresql92-docs/PLIST | 6 |
1 files changed, 5 insertions, 1 deletions
diff --git a/databases/postgresql92-docs/PLIST b/databases/postgresql92-docs/PLIST index 56d5dbb7616..9d04d0ec017 100644 --- a/databases/postgresql92-docs/PLIST +++ b/databases/postgresql92-docs/PLIST @@ -1,4 +1,4 @@ -@comment $NetBSD: PLIST,v 1.3 2013/02/09 11:19:18 adam Exp $ +@comment $NetBSD: PLIST,v 1.4 2013/04/04 21:08:37 adam Exp $ man/man1/clusterdb.1 man/man1/createdb.1 man/man1/createlang.1 @@ -1000,6 +1000,7 @@ share/doc/postgresql/html/release-8-4-13.html share/doc/postgresql/html/release-8-4-14.html share/doc/postgresql/html/release-8-4-15.html share/doc/postgresql/html/release-8-4-16.html +share/doc/postgresql/html/release-8-4-17.html share/doc/postgresql/html/release-8-4-2.html share/doc/postgresql/html/release-8-4-3.html share/doc/postgresql/html/release-8-4-4.html @@ -1013,6 +1014,7 @@ share/doc/postgresql/html/release-9-0-1.html share/doc/postgresql/html/release-9-0-10.html share/doc/postgresql/html/release-9-0-11.html share/doc/postgresql/html/release-9-0-12.html +share/doc/postgresql/html/release-9-0-13.html share/doc/postgresql/html/release-9-0-2.html share/doc/postgresql/html/release-9-0-3.html share/doc/postgresql/html/release-9-0-4.html @@ -1030,10 +1032,12 @@ share/doc/postgresql/html/release-9-1-5.html share/doc/postgresql/html/release-9-1-6.html share/doc/postgresql/html/release-9-1-7.html share/doc/postgresql/html/release-9-1-8.html +share/doc/postgresql/html/release-9-1-9.html share/doc/postgresql/html/release-9-1.html share/doc/postgresql/html/release-9-2-1.html share/doc/postgresql/html/release-9-2-2.html share/doc/postgresql/html/release-9-2-3.html +share/doc/postgresql/html/release-9-2-4.html share/doc/postgresql/html/release-9-2.html share/doc/postgresql/html/release.html share/doc/postgresql/html/resources.html |