On Fri, Aug 11, 2017 at 10:26:34AM +0200, Pierre-Emmanuel André wrote:
> Hi,
>
> A new version of PostgreSQL is available. It fixes 3 CVE:
>
> CVE-2017-7546: Empty password accepted in some authentication methods
> CVE-2017-7547: The "pg_user_mappings" catalog view discloses passwords to
> users lacking server privileges
> CVE-2017-7548: lo_put() function ignores ACLs
>
>
> Tested on @amd64.
>
> Comments, ok ?
>
> Regards,
And the diffs for 6.1 and 6.0.
Comments, ok ?
Regards,
Index: Makefile
===================================================================
RCS file: /cvs/ports/databases/postgresql/Makefile,v
retrieving revision 1.223.2.1
diff -u -p -u -p -r1.223.2.1 Makefile
--- Makefile 25 May 2017 11:34:21 -0000 1.223.2.1
+++ Makefile 14 Aug 2017 12:00:31 -0000
@@ -7,7 +7,7 @@ COMMENT-contrib=PostgreSQL RDBMS contrib
COMMENT-plpython=Python procedural language for PostgreSQL
COMMENT-pg_upgrade=Support for upgrading PostgreSQL data from previous version
-VERSION= 9.6.3
+VERSION= 9.6.4
PREV_MAJOR= 9.5
DISTNAME= postgresql-${VERSION}
PKGNAME-main= postgresql-client-${VERSION}
Index: distinfo
===================================================================
RCS file: /cvs/ports/databases/postgresql/distinfo,v
retrieving revision 1.65.2.1
diff -u -p -u -p -r1.65.2.1 distinfo
--- distinfo 25 May 2017 11:34:21 -0000 1.65.2.1
+++ distinfo 14 Aug 2017 12:00:31 -0000
@@ -1,2 +1,2 @@
-SHA256 (postgresql-9.6.3.tar.gz) = 3wiDciMLHdIdh7uBaGRxUI9MQglNT08ytdjmhv6mn6Y=
-SIZE (postgresql-9.6.3.tar.gz) = 25536998
+SHA256 (postgresql-9.6.4.tar.gz) = rlx+IgvUvaTF9rD6lgG0+c1XvvhLEAI2HhmSMUgLz9A=
+SIZE (postgresql-9.6.4.tar.gz) = 25636545
Index: pkg/PLIST-docs
===================================================================
RCS file: /cvs/ports/databases/postgresql/pkg/PLIST-docs,v
retrieving revision 1.77.2.1
diff -u -p -u -p -r1.77.2.1 PLIST-docs
--- pkg/PLIST-docs 25 May 2017 11:34:21 -0000 1.77.2.1
+++ pkg/PLIST-docs 14 Aug 2017 12:00:31 -0000
@@ -903,6 +903,7 @@ share/doc/postgresql/html/release-9-2-19
share/doc/postgresql/html/release-9-2-2.html
share/doc/postgresql/html/release-9-2-20.html
share/doc/postgresql/html/release-9-2-21.html
+share/doc/postgresql/html/release-9-2-22.html
share/doc/postgresql/html/release-9-2-3.html
share/doc/postgresql/html/release-9-2-4.html
share/doc/postgresql/html/release-9-2-5.html
@@ -920,6 +921,7 @@ share/doc/postgresql/html/release-9-3-14
share/doc/postgresql/html/release-9-3-15.html
share/doc/postgresql/html/release-9-3-16.html
share/doc/postgresql/html/release-9-3-17.html
+share/doc/postgresql/html/release-9-3-18.html
share/doc/postgresql/html/release-9-3-2.html
share/doc/postgresql/html/release-9-3-3.html
share/doc/postgresql/html/release-9-3-4.html
@@ -933,6 +935,7 @@ share/doc/postgresql/html/release-9-4-1.
share/doc/postgresql/html/release-9-4-10.html
share/doc/postgresql/html/release-9-4-11.html
share/doc/postgresql/html/release-9-4-12.html
+share/doc/postgresql/html/release-9-4-13.html
share/doc/postgresql/html/release-9-4-2.html
share/doc/postgresql/html/release-9-4-3.html
share/doc/postgresql/html/release-9-4-4.html
@@ -949,10 +952,12 @@ share/doc/postgresql/html/release-9-5-4.
share/doc/postgresql/html/release-9-5-5.html
share/doc/postgresql/html/release-9-5-6.html
share/doc/postgresql/html/release-9-5-7.html
+share/doc/postgresql/html/release-9-5-8.html
share/doc/postgresql/html/release-9-5.html
share/doc/postgresql/html/release-9-6-1.html
share/doc/postgresql/html/release-9-6-2.html
share/doc/postgresql/html/release-9-6-3.html
+share/doc/postgresql/html/release-9-6-4.html
share/doc/postgresql/html/release-9-6.html
share/doc/postgresql/html/release.html
share/doc/postgresql/html/replication-origins.html
Index: Makefile
===================================================================
RCS file: /cvs/ports/databases/postgresql/Makefile,v
retrieving revision 1.215.2.3
diff -u -p -u -p -r1.215.2.3 Makefile
--- Makefile 6 Apr 2017 03:49:40 -0000 1.215.2.3
+++ Makefile 14 Aug 2017 12:55:47 -0000
@@ -11,7 +11,7 @@ BROKEN-sparc= Requires v9|v9a|v9b; reque
# DO NOT FORGET to also change the @ask-update entry in pkg/PLIST-server
# in case a dump before / restore after pkg_add -u is required!
-VERSION= 9.5.6
+VERSION= 9.5.8
DISTNAME= postgresql-${VERSION}
PKGNAME-main= postgresql-client-${VERSION}
PKGNAME-server= postgresql-server-${VERSION}
Index: distinfo
===================================================================
RCS file: /cvs/ports/databases/postgresql/distinfo,v
retrieving revision 1.62.2.3
diff -u -p -u -p -r1.62.2.3 distinfo
--- distinfo 6 Apr 2017 03:49:40 -0000 1.62.2.3
+++ distinfo 14 Aug 2017 12:55:47 -0000
@@ -1,2 +1,2 @@
-SHA256 (postgresql-9.5.6.tar.gz) = qorJ8S/iVqOhnogP2FUbN/e2npwu6jVSQTNeOmG9vjc=
-SIZE (postgresql-9.5.6.tar.gz) = 24264195
+SHA256 (postgresql-9.5.8.tar.gz) = d8tRGnwbWUZOzyqZXFCARDsNKQdRQtw/g/olB2pqPoA=
+SIZE (postgresql-9.5.8.tar.gz) = 24376560
Index: pkg/PLIST-docs
===================================================================
RCS file: /cvs/ports/databases/postgresql/pkg/PLIST-docs,v
retrieving revision 1.74.2.3
diff -u -p -u -p -r1.74.2.3 PLIST-docs
--- pkg/PLIST-docs 6 Apr 2017 03:49:40 -0000 1.74.2.3
+++ pkg/PLIST-docs 14 Aug 2017 12:55:47 -0000
@@ -532,6 +532,7 @@ share/doc/postgresql/html/pgupgrade.html
share/doc/postgresql/html/pgxlogdump.html
share/doc/postgresql/html/planner-optimizer.html
share/doc/postgresql/html/planner-stats-details.html
+share/doc/postgresql/html/planner-stats-security.html
share/doc/postgresql/html/planner-stats.html
share/doc/postgresql/html/plhandler.html
share/doc/postgresql/html/plperl-builtins.html
@@ -889,6 +890,8 @@ share/doc/postgresql/html/release-9-2-18
share/doc/postgresql/html/release-9-2-19.html
share/doc/postgresql/html/release-9-2-2.html
share/doc/postgresql/html/release-9-2-20.html
+share/doc/postgresql/html/release-9-2-21.html
+share/doc/postgresql/html/release-9-2-22.html
share/doc/postgresql/html/release-9-2-3.html
share/doc/postgresql/html/release-9-2-4.html
share/doc/postgresql/html/release-9-2-5.html
@@ -905,6 +908,8 @@ share/doc/postgresql/html/release-9-3-13
share/doc/postgresql/html/release-9-3-14.html
share/doc/postgresql/html/release-9-3-15.html
share/doc/postgresql/html/release-9-3-16.html
+share/doc/postgresql/html/release-9-3-17.html
+share/doc/postgresql/html/release-9-3-18.html
share/doc/postgresql/html/release-9-3-2.html
share/doc/postgresql/html/release-9-3-3.html
share/doc/postgresql/html/release-9-3-4.html
@@ -917,6 +922,8 @@ share/doc/postgresql/html/release-9-3.ht
share/doc/postgresql/html/release-9-4-1.html
share/doc/postgresql/html/release-9-4-10.html
share/doc/postgresql/html/release-9-4-11.html
+share/doc/postgresql/html/release-9-4-12.html
+share/doc/postgresql/html/release-9-4-13.html
share/doc/postgresql/html/release-9-4-2.html
share/doc/postgresql/html/release-9-4-3.html
share/doc/postgresql/html/release-9-4-4.html
@@ -932,6 +939,8 @@ share/doc/postgresql/html/release-9-5-3.
share/doc/postgresql/html/release-9-5-4.html
share/doc/postgresql/html/release-9-5-5.html
share/doc/postgresql/html/release-9-5-6.html
+share/doc/postgresql/html/release-9-5-7.html
+share/doc/postgresql/html/release-9-5-8.html
share/doc/postgresql/html/release-9-5.html
share/doc/postgresql/html/release.html
share/doc/postgresql/html/replication-origins.html
Index: pkg/PLIST-server
===================================================================
RCS file: /cvs/ports/databases/postgresql/pkg/PLIST-server,v
retrieving revision 1.29
diff -u -p -u -p -r1.29 PLIST-server
--- pkg/PLIST-server 13 May 2016 14:27:48 -0000 1.29
+++ pkg/PLIST-server 14 Aug 2017 12:55:47 -0000
@@ -195,6 +195,7 @@ include/postgresql/server/commands/varia
include/postgresql/server/commands/view.h
include/postgresql/server/common/
include/postgresql/server/common/fe_memutils.h
+include/postgresql/server/common/int128.h
include/postgresql/server/common/pg_lzcompress.h
include/postgresql/server/common/relpath.h
include/postgresql/server/common/restricted_token.h
