On 02/16 12:43, Jeremy Evans wrote: > On 02/12 05:54, Jeremy Evans wrote: > > This updates to the latest release of PostgreSQL. In addition to the > > usual bug fixes, there are some security fixes: > > > > CVE-2026-2003: PostgreSQL oidvector discloses a few bytes of memory > > > > CVE-2026-2004: PostgreSQL intarray missing validation of type of input > > to selectivity estimator executes arbitrary code > > > > CVE-2026-2005: PostgreSQL pgcrypto heap buffer overflow executes > > arbitrary code > > > > CVE-2026-2006: PostgreSQL missing validation of multibyte character > > length executes arbitrary code > > > > CVE-2026-2007: PostgreSQL pg_trgm heap buffer overflow writes pattern > > onto server memory > > > > Tested locally on amd64. OKs? > > PostgreSQL announced an out-of-band release for next week to fix some > regressions in 18.2. So instead of upgrading to 18.2, we can wait for > 18.3. For more details: > https://www.postgresql.org/about/news/out-of-cycle-release-scheduled-for-february-26-2026-3241/
PostgreSQL 18.3 was released today. Release announcement at: https://www.postgresql.org/about/news/postgresql-183-179-1613-1517-and-1422-released-3246/ Tested on amd64, no issues found. OKs? Best, Jeremy Index: Makefile =================================================================== RCS file: /cvs/ports/databases/postgresql/Makefile,v retrieving revision 1.316 diff -u -p -u -p -r1.316 Makefile --- Makefile 22 Jan 2026 01:24:20 -0000 1.316 +++ Makefile 26 Feb 2026 15:19:03 -0000 @@ -5,11 +5,10 @@ COMMENT-contrib=PostgreSQL RDBMS contrib COMMENT-plpython=Python procedural language for PostgreSQL COMMENT-pg_upgrade=Support for upgrading PostgreSQL data from previous version -VERSION= 18.1 +VERSION= 18.3 PREV_MAJOR= 17 DISTNAME= postgresql-${VERSION} PKGNAME-main= postgresql-client-${VERSION} -REVISION-server=1 DPB_PROPERTIES= parallel Index: distinfo =================================================================== RCS file: /cvs/ports/databases/postgresql/distinfo,v retrieving revision 1.108 diff -u -p -u -p -r1.108 distinfo --- distinfo 23 Nov 2025 03:05:13 -0000 1.108 +++ distinfo 26 Feb 2026 15:19:03 -0000 @@ -1,2 +1,2 @@ -SHA256 (postgresql-18.1.tar.gz) = sPGMLWlz0qoCPPx3/tp4fXu+nDGjl30PBKwpiF+5jsQ= -SIZE (postgresql-18.1.tar.gz) = 29294939 +SHA256 (postgresql-18.3.tar.gz) = ngVP/W4BPaLCyaG/1uBiyYh100DfCAUWVRyWubCSalk= +SIZE (postgresql-18.3.tar.gz) = 29416481 Index: pkg/PLIST-docs =================================================================== RCS file: /cvs/ports/databases/postgresql/pkg/PLIST-docs,v retrieving revision 1.121 diff -u -p -u -p -r1.121 PLIST-docs --- pkg/PLIST-docs 23 Nov 2025 03:05:13 -0000 1.121 +++ pkg/PLIST-docs 26 Feb 2026 15:19:03 -0000 @@ -705,6 +705,8 @@ share/doc/postgresql/html/regress-tap.ht share/doc/postgresql/html/regress-variant.html share/doc/postgresql/html/regress.html share/doc/postgresql/html/release-18-1.html +share/doc/postgresql/html/release-18-2.html +share/doc/postgresql/html/release-18-3.html share/doc/postgresql/html/release-18.html share/doc/postgresql/html/release-prior.html share/doc/postgresql/html/release.html
