diff options
author | adam <adam> | 2016-08-23 06:28:15 +0000 |
---|---|---|
committer | adam <adam> | 2016-08-23 06:28:15 +0000 |
commit | aae04cac871c8c5b15416e49b19195ec45fea770 (patch) | |
tree | 904e5d0da37d765da22cfa34aea3e5048403d994 /databases/postgresql93/distinfo | |
parent | da1dbd45b13d9f53270772ef882c8d04a88b1ea1 (diff) | |
download | pkgsrc-aae04cac871c8c5b15416e49b19195ec45fea770.tar.gz |
The PostgreSQL Global Development Group has released an update to all supported versions of our database system, including 9.5.4, 9.4.9, 9.3.14, 9.2.18 and 9.1.23. This release fixes two security issues. It also patches a number of other bugs reported over the last three months. Users who rely on security isolation between database users should update as soon as possible. Other users should plan to update at the next convenient downtime.
Security Issues
---------------
Two security holes have been closed by this release:
CVE-2016-5423: certain nested CASE expressions can cause the server to crash.
CVE-2016-5424: database and role names with embedded special characters can allow code injection during administrative operations like pg_dumpall.
The fix for the second issue also adds an option, -reuse-previous, to psql's \connect command. pg_dumpall will also refuse to handle database and role names containing line breaks after the update. For more information on these issues and how they affect backwards-compatibility, see the Release Notes.
Bug Fixes and Improvements
--------------------------
This update also fixes a number of bugs reported in the last few months. Some of these issues affect only version 9.5, but many affect all supported versions:
Fix misbehaviors of IS NULL/IS NOT NULL with composite values
Fix three areas where INSERT ... ON CONFLICT failed to work properly with other SQL features.
Make INET and CIDR data types properly reject bad IPv6 values
Prevent crash in "point ## lseg" operator for NaN input
Avoid possible crash in pg_get_expr()
Fix several one-byte buffer over-reads in to_number()
Don't needlessly plan query if WITH NO DATA is specified
Avoid crash-unsafe state in expensive heap_update() paths
Fix hint bit update during WAL replay of row locking operations
Avoid unnecessary "could not serialize access" with FOR KEY SHARE
Avoid crash in postgres -C when the specified variable is a null string
Fix two issues with logical decoding and subtransactions
Ensure that backends see up-to-date statistics for shared catalogs
Prevent possible failure when vacuuming multixact IDs in an upgraded database
When a manual ANALYZE specifies columns, don't reset changes_since_analyze
Fix ANALYZE's overestimation of n_distinct for columns with nulls
Fix bug in b-tree mark/restore processing
Fix building of large (bigger than shared_buffers) hash indexes
Prevent infinite loop in GiST index build with NaN values
Fix possible crash during a nearest-neighbor indexscan
Fix "PANIC: failed to add BRIN tuple" error
Prevent possible crash during background worker shutdown
Many fixes for issues in parallel pg_dump and pg_restore
Make pg_basebackup accept -Z 0 as no compression
Make regression tests safe for Danish and Welsh locales
Diffstat (limited to 'databases/postgresql93/distinfo')
-rw-r--r-- | databases/postgresql93/distinfo | 14 |
1 files changed, 5 insertions, 9 deletions
diff --git a/databases/postgresql93/distinfo b/databases/postgresql93/distinfo index 267000b3ce8..899d2fc0293 100644 --- a/databases/postgresql93/distinfo +++ b/databases/postgresql93/distinfo @@ -1,9 +1,9 @@ -$NetBSD: distinfo,v 1.19 2016/06/19 20:40:10 fhajny Exp $ +$NetBSD: distinfo,v 1.20 2016/08/23 06:28:15 adam Exp $ -SHA1 (postgresql-9.3.13.tar.bz2) = 5ee33e9b31c3686bd6c6fa0659f8766f5f70b53c -RMD160 (postgresql-9.3.13.tar.bz2) = a4269b8eb9c818e5884acbe88c02551551fbbb33 -SHA512 (postgresql-9.3.13.tar.bz2) = 04658f95d723563c08249faf674f2119358059808c42045e05adaa28264b9ae054d4e81ae2bb6639995e007caa65d21d935ff988d5b0473dc517107ddd8c6ca3 -Size (postgresql-9.3.13.tar.bz2) = 17061824 bytes +SHA1 (postgresql-9.3.14.tar.bz2) = a07cc4d1fd0fdd5ced85b75d821e1eec8eb9cb55 +RMD160 (postgresql-9.3.14.tar.bz2) = e7b6899874901d27f227524039c63823b0d23924 +SHA512 (postgresql-9.3.14.tar.bz2) = 97bd92ffdd661f7428c47a8bc87fde88a2b150e7d08bd577a7159ac65aec319d358495b883b95dff2069d24a8d15d1e7c10c3fae81fc76186bfef0127f257ac4 +Size (postgresql-9.3.14.tar.bz2) = 17042199 bytes SHA1 (patch-config_missing) = c2d7d742922ba6861e7660c75b7b53f09e564813 SHA1 (patch-config_perl.m4) = e035132b1c281a75752d570ac5e29a11176c25c5 SHA1 (patch-configure) = 3de7635fe18532a05a619941fecad7bcda6c51b9 @@ -19,7 +19,3 @@ SHA1 (patch-src_interfaces_libpq_Makefile) = 0066301bc8b31b9e26c79153427537bc386 SHA1 (patch-src_makefiles_Makefile.solaris) = 0168f5bc105ffc89d5db40907a08966d8465f5a0 SHA1 (patch-src_pl_plperl_GNUmakefile) = 6ee3e431f46ce5c2a94df499504b2b8bd458bbef SHA1 (patch-src_pl_plperl_plperl.h) = bd663fa80a47f7b82ce689060750fa6e631fbc61 -SHA1 (patch-src_timezone_localtime.c) = 622f57bc1d10f07ab73f86765cbf587eece57085 -SHA1 (patch-src_timezone_private.h) = 85dac95e40efc16270885087f868aeb76e1b9214 -SHA1 (patch-src_timezone_strftime.c) = 25102dce1b9b22385353af23500636fb18e3bf64 -SHA1 (patch-src_timezone_zic.c) = ed04d781845239ce5dc7c6fca406ce62c10a9605 |