pkgsrc-Changes-HG archive
[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index][Old Index]
[pkgsrc/pkgsrc-2005Q2]: pkgsrc/databases Pullup ticket 609 - requested by Tho...
details: https://anonhg.NetBSD.org/pkgsrc/rev/dc14b5a04c11
branches: pkgsrc-2005Q2
changeset: 495873:dc14b5a04c11
user: snj <snj%pkgsrc.org@localhost>
date: Sat Jul 16 04:27:45 2005 +0000
description:
Pullup ticket 609 - requested by Thomas Klausner
security update for postgresql74
Revisions pulled up:
- pkgsrc/databases/postgresql74/Makefile.common 1.24
- pkgsrc/databases/postgresql74/distinfo 1.18
- pkgsrc/databases/postgresql74-client/Makefile 1.12
- pkgsrc/databases/postgresql74-client/PLIST 1.4
- pkgsrc/databases/postgresql74-client/files/man.client 1.1
- pkgsrc/databases/postgresql74-client/files/man.exclude removed
- pkgsrc/databases/postgresql74-docs/PLIST 1.4
- pkgsrc/databases/postgresql74-lib/PLIST 1.5
- pkgsrc/databases/postgresql74/patches/patch-ah removed
- pkgsrc/databases/tcl-postgresql74/Makefile 1.3
Module Name: pkgsrc
Committed By: wiz
Date: Thu Jun 30 01:50:11 UTC 2005
Modified Files:
pkgsrc/databases/postgresql74: Makefile.common distinfo
pkgsrc/databases/postgresql74-client: Makefile PLIST
pkgsrc/databases/postgresql74-docs: PLIST
pkgsrc/databases/postgresql74-lib: PLIST
pkgsrc/databases/tcl-postgresql74: Makefile
Added Files:
pkgsrc/databases/postgresql74-client/files: man.client
Removed Files:
pkgsrc/databases/postgresql74-client/files: man.exclude
pkgsrc/databases/postgresql74/patches: patch-ah
Log Message:
Update postgresql74* packages to 7.4.8.
Release Notes
Release 7.4.8
Release date: 2005-05-09
This release contains a variety of fixes from 7.4.7, including several
security-related issues.
__________________________________________________________________
Migration to version 7.4.8
A dump/restore is not required for those running 7.4.X. However, it is
one possible way of handling two significant security problems that
have been found in the initial contents of 7.4.X system catalogs. A
dump/initdb/reload sequence using 7.4.8's initdb will automatically
correct these problems.
The larger security problem is that the built-in character set encoding
conversion functions can be invoked from SQL commands by unprivileged
users, but the functions were not designed for such use and are not
secure against malicious choices of arguments. The fix involves
changing the declared parameter list of these functions so that they
can no longer be invoked from SQL commands. (This does not affect their
normal use by the encoding conversion machinery.)
The lesser problem is that the "contrib/tsearch2" module creates
several functions that are misdeclared to return internal when they do
not accept internal arguments. This breaks type safety for all
functions using internal arguments.
It is strongly recommended that all installations repair these errors,
either by initdb or by following the manual repair procedures given
below. The errors at least allow unprivileged database users to crash
their server process, and may allow unprivileged users to gain the
privileges of a database superuser.
While here, fix postgresql74-client package installation on 2.0
(broken -X), and avoid the need for gtar in tcl-postgresql74.
diffstat:
databases/postgresql74-client/Makefile | 6 +-
databases/postgresql74-client/PLIST | 6 +-
databases/postgresql74-client/files/man.client | 114 ++++++++++++++++++++++++
databases/postgresql74-client/files/man.exclude | 7 -
databases/postgresql74-docs/PLIST | 15 ++-
databases/postgresql74-lib/PLIST | 3 +-
databases/postgresql74/Makefile.common | 4 +-
databases/postgresql74/distinfo | 9 +-
databases/postgresql74/patches/patch-ah | 85 -----------------
databases/tcl-postgresql74/Makefile | 5 +-
10 files changed, 146 insertions(+), 108 deletions(-)
diffs (truncated from 378 to 300 lines):
diff -r a8e0fd1b6f7d -r dc14b5a04c11 databases/postgresql74-client/Makefile
--- a/databases/postgresql74-client/Makefile Thu Jul 14 22:20:43 2005 +0000
+++ b/databases/postgresql74-client/Makefile Sat Jul 16 04:27:45 2005 +0000
@@ -1,4 +1,4 @@
-# $NetBSD: Makefile,v 1.11 2005/05/16 01:32:22 jlam Exp $
+# $NetBSD: Makefile,v 1.11.2.1 2005/07/16 04:27:45 snj Exp $
PKGNAME= postgresql74-client-${BASE_VERS}
PKGREVISION= # empty
@@ -24,8 +24,8 @@
../../src/include/parser/parse.h ../../src/include/utils/fmgroids.h
post-install:
- ${EGREP} -v "^#" ${FILESDIR}/man.exclude > ${WRKDIR}/man_tar_exclude
- ${TAR} -zxm -C ${PREFIX}/man -X ${WRKDIR}/man_tar_exclude \
+ ${EGREP} -v "^#" ${FILESDIR}/man.client > ${WRKDIR}/man_tar_files
+ ${TAR} -zxm -C ${PREFIX}/man -T ${WRKDIR}/man_tar_files \
-f ${WRKSRC}/doc/man.tar.gz
.include "../../mk/bsd.prefs.mk"
diff -r a8e0fd1b6f7d -r dc14b5a04c11 databases/postgresql74-client/PLIST
--- a/databases/postgresql74-client/PLIST Thu Jul 14 22:20:43 2005 +0000
+++ b/databases/postgresql74-client/PLIST Sat Jul 16 04:27:45 2005 +0000
@@ -1,4 +1,4 @@
-@comment $NetBSD: PLIST,v 1.3 2004/12/18 14:26:15 darcy Exp $
+@comment $NetBSD: PLIST,v 1.3.6.1 2005/07/16 04:27:45 snj Exp $
bin/clusterdb
bin/createdb
bin/createlang
@@ -182,6 +182,10 @@
${PKGLOCALEDIR}/locale/sv/LC_MESSAGES/pg_resetxlog.mo
${PKGLOCALEDIR}/locale/sv/LC_MESSAGES/pgscripts.mo
${PKGLOCALEDIR}/locale/sv/LC_MESSAGES/psql.mo
+${PKGLOCALEDIR}/locale/tr/LC_MESSAGES/pg_controldata.mo
+${PKGLOCALEDIR}/locale/tr/LC_MESSAGES/pg_resetxlog.mo
+${PKGLOCALEDIR}/locale/tr/LC_MESSAGES/pgscripts.mo
+${PKGLOCALEDIR}/locale/tr/LC_MESSAGES/psql.mo
${PKGLOCALEDIR}/locale/zh_CN/LC_MESSAGES/pg_controldata.mo
${PKGLOCALEDIR}/locale/zh_CN/LC_MESSAGES/pg_dump.mo
${PKGLOCALEDIR}/locale/zh_CN/LC_MESSAGES/pg_resetxlog.mo
diff -r a8e0fd1b6f7d -r dc14b5a04c11 databases/postgresql74-client/files/man.client
--- /dev/null Thu Jan 01 00:00:00 1970 +0000
+++ b/databases/postgresql74-client/files/man.client Sat Jul 16 04:27:45 2005 +0000
@@ -0,0 +1,114 @@
+# $NetBSD: man.client,v 1.1.2.2 2005/07/16 04:27:45 snj Exp $
+#
+man1/clusterdb.1
+man1/createdb.1
+man1/createlang.1
+man1/createuser.1
+man1/dropdb.1
+man1/droplang.1
+man1/dropuser.1
+man1/initdb.1
+man1/initlocation.1
+man1/ipcclean.1
+man1/pg_config.1
+man1/pg_controldata.1
+man1/pg_ctl.1
+man1/pg_dump.1
+man1/pg_dumpall.1
+man1/pg_resetxlog.1
+man1/pg_restore.1
+man1/psql.1
+man1/vacuumdb.1
+manl/abort.l
+manl/alter_aggregate.l
+manl/alter_conversion.l
+manl/alter_database.l
+manl/alter_domain.l
+manl/alter_function.l
+manl/alter_group.l
+manl/alter_language.l
+manl/alter_operator_class.l
+manl/alter_schema.l
+manl/alter_sequence.l
+manl/alter_table.l
+manl/alter_trigger.l
+manl/alter_user.l
+manl/analyze.l
+manl/begin.l
+manl/checkpoint.l
+manl/close.l
+manl/cluster.l
+manl/comment.l
+manl/commit.l
+manl/copy.l
+manl/create_aggregate.l
+manl/create_cast.l
+manl/create_constraint_trigger.l
+manl/create_conversion.l
+manl/create_database.l
+manl/create_domain.l
+manl/create_function.l
+manl/create_group.l
+manl/create_index.l
+manl/create_language.l
+manl/create_operator.l
+manl/create_operator_class.l
+manl/create_rule.l
+manl/create_schema.l
+manl/create_sequence.l
+manl/create_table.l
+manl/create_table_as.l
+manl/create_trigger.l
+manl/create_type.l
+manl/create_user.l
+manl/create_view.l
+manl/deallocate.l
+manl/declare.l
+manl/delete.l
+manl/drop_aggregate.l
+manl/drop_cast.l
+manl/drop_conversion.l
+manl/drop_database.l
+manl/drop_domain.l
+manl/drop_function.l
+manl/drop_group.l
+manl/drop_index.l
+manl/drop_language.l
+manl/drop_operator.l
+manl/drop_operator_class.l
+manl/drop_rule.l
+manl/drop_schema.l
+manl/drop_sequence.l
+manl/drop_table.l
+manl/drop_trigger.l
+manl/drop_type.l
+manl/drop_user.l
+manl/drop_view.l
+manl/end.l
+manl/execute.l
+manl/explain.l
+manl/fetch.l
+manl/grant.l
+manl/insert.l
+manl/listen.l
+manl/load.l
+manl/lock.l
+manl/move.l
+manl/notify.l
+manl/prepare.l
+manl/reindex.l
+manl/reset.l
+manl/revoke.l
+manl/rollback.l
+manl/select.l
+manl/select_into.l
+manl/set.l
+manl/set_constraints.l
+manl/set_session_authorization.l
+manl/set_transaction.l
+manl/show.l
+manl/start_transaction.l
+manl/truncate.l
+manl/unlisten.l
+manl/update.l
+manl/vacuum.l
diff -r a8e0fd1b6f7d -r dc14b5a04c11 databases/postgresql74-client/files/man.exclude
--- a/databases/postgresql74-client/files/man.exclude Thu Jul 14 22:20:43 2005 +0000
+++ /dev/null Thu Jan 01 00:00:00 1970 +0000
@@ -1,7 +0,0 @@
-# $NetBSD: man.exclude,v 1.1.1.1 2004/04/19 00:03:25 recht Exp $
-#
-man1/ecpg.1
-man1/pgtclsh.1
-man1/pgtksh.1
-man1/postgres.1
-man1/postmaster.1
diff -r a8e0fd1b6f7d -r dc14b5a04c11 databases/postgresql74-docs/PLIST
--- a/databases/postgresql74-docs/PLIST Thu Jul 14 22:20:43 2005 +0000
+++ b/databases/postgresql74-docs/PLIST Sat Jul 16 04:27:45 2005 +0000
@@ -1,4 +1,4 @@
-@comment $NetBSD: PLIST,v 1.3 2004/06/27 16:38:32 recht Exp $
+@comment $NetBSD: PLIST,v 1.3.8.1 2005/07/16 04:27:45 snj Exp $
share/doc/postgresql/FAQ
share/doc/postgresql/FAQ_AIX
share/doc/postgresql/FAQ_DEV
@@ -432,16 +432,29 @@
share/doc/postgresql/release-7-2-2.html
share/doc/postgresql/release-7-2-3.html
share/doc/postgresql/release-7-2-4.html
+share/doc/postgresql/release-7-2-5.html
+share/doc/postgresql/release-7-2-6.html
+share/doc/postgresql/release-7-2-7.html
+share/doc/postgresql/release-7-2-8.html
share/doc/postgresql/release-7-2.html
share/doc/postgresql/release-7-3-1.html
+share/doc/postgresql/release-7-3-10.html
share/doc/postgresql/release-7-3-2.html
share/doc/postgresql/release-7-3-3.html
share/doc/postgresql/release-7-3-4.html
share/doc/postgresql/release-7-3-5.html
share/doc/postgresql/release-7-3-6.html
+share/doc/postgresql/release-7-3-7.html
+share/doc/postgresql/release-7-3-8.html
+share/doc/postgresql/release-7-3-9.html
share/doc/postgresql/release-7-3.html
share/doc/postgresql/release-7-4-1.html
share/doc/postgresql/release-7-4-2.html
+share/doc/postgresql/release-7-4-3.html
+share/doc/postgresql/release-7-4-4.html
+share/doc/postgresql/release-7-4-5.html
+share/doc/postgresql/release-7-4-6.html
+share/doc/postgresql/release-7-4-7.html
share/doc/postgresql/release-7-4.html
share/doc/postgresql/release.html
share/doc/postgresql/resources.html
diff -r a8e0fd1b6f7d -r dc14b5a04c11 databases/postgresql74-lib/PLIST
--- a/databases/postgresql74-lib/PLIST Thu Jul 14 22:20:43 2005 +0000
+++ b/databases/postgresql74-lib/PLIST Sat Jul 16 04:27:45 2005 +0000
@@ -1,4 +1,4 @@
-@comment $NetBSD: PLIST,v 1.4 2004/12/18 14:26:15 darcy Exp $
+@comment $NetBSD: PLIST,v 1.4.6.1 2005/07/16 04:27:45 snj Exp $
bin/ecpg
bin/pg_config
include/ecpg_informix.h
@@ -385,6 +385,7 @@
${PKGLOCALEDIR}/locale/ru/LC_MESSAGES/libpq.mo
${PKGLOCALEDIR}/locale/sl/LC_MESSAGES/libpq.mo
${PKGLOCALEDIR}/locale/sv/LC_MESSAGES/libpq.mo
+${PKGLOCALEDIR}/locale/tr/LC_MESSAGES/libpq.mo
${PKGLOCALEDIR}/locale/zh_CN/LC_MESSAGES/libpq.mo
${PKGLOCALEDIR}/locale/zh_TW/LC_MESSAGES/libpq.mo
share/postgresql/pg_service.conf.sample
diff -r a8e0fd1b6f7d -r dc14b5a04c11 databases/postgresql74/Makefile.common
--- a/databases/postgresql74/Makefile.common Thu Jul 14 22:20:43 2005 +0000
+++ b/databases/postgresql74/Makefile.common Sat Jul 16 04:27:45 2005 +0000
@@ -1,4 +1,4 @@
-# $NetBSD: Makefile.common,v 1.23 2005/05/22 20:07:46 jlam Exp $
+# $NetBSD: Makefile.common,v 1.23.2.1 2005/07/16 04:27:45 snj Exp $
#
# This Makefile fragment is included by all PostgreSQL packages built from
# the main sources of the PostgreSQL distribution except jdbc-postgresql.
@@ -36,7 +36,7 @@
# BASE_VERS pkgsrc-mangled version number (convert pl -> .)
#
# Note: Do not forget jdbc-postgresql when updating version
-DIST_VERS?= 7.4.7
+DIST_VERS?= 7.4.8
BASE_VERS?= ${DIST_VERS}
BUILDLINK_DEPENDS.postgresql74-lib?= postgresql74-lib>=${BASE_VERS}
diff -r a8e0fd1b6f7d -r dc14b5a04c11 databases/postgresql74/distinfo
--- a/databases/postgresql74/distinfo Thu Jul 14 22:20:43 2005 +0000
+++ b/databases/postgresql74/distinfo Sat Jul 16 04:27:45 2005 +0000
@@ -1,8 +1,8 @@
-$NetBSD: distinfo,v 1.17 2005/03/17 22:35:48 jschauma Exp $
+$NetBSD: distinfo,v 1.17.4.1 2005/07/16 04:27:45 snj Exp $
-SHA1 (postgresql-7.4.7.tar.bz2) = 48fe9187ae1776265756b807254552b4f6bcfcb8
-RMD160 (postgresql-7.4.7.tar.bz2) = 1bbb64c8a9b95cafe0254a0994752b8bbb624346
-Size (postgresql-7.4.7.tar.bz2) = 10235394 bytes
+SHA1 (postgresql-7.4.8.tar.bz2) = a565ff14e1a3b58a151b219bcffcf53dfc62ec41
+RMD160 (postgresql-7.4.8.tar.bz2) = 3ee8c70e0506e2a49bae20bc2282391513ee9d65
+Size (postgresql-7.4.8.tar.bz2) = 10235413 bytes
SHA1 (patch-aa) = 626b4b4bf0d47913072399535c55d413b90675a4
SHA1 (patch-ab) = f44a544c56452bad197a88cb827e88624c54656c
SHA1 (patch-ac) = 81ef677cc5d196762b6cc3c3e38dee4a37e75ac2
@@ -10,4 +10,3 @@
SHA1 (patch-ae) = f0e0ad98ebdc972e7c40afd805fbb0d909d5ef3b
SHA1 (patch-af) = 7373db75fda125b980f2ead990719798c0d22a48
SHA1 (patch-ag) = a983f23b5e47a4c2f31ba284ff3db51b53cf8414
-SHA1 (patch-ah) = 4cc4e45679284815c32a5ff3b461b12df55d07c2
diff -r a8e0fd1b6f7d -r dc14b5a04c11 databases/postgresql74/patches/patch-ah
--- a/databases/postgresql74/patches/patch-ah Thu Jul 14 22:20:43 2005 +0000
+++ /dev/null Thu Jan 01 00:00:00 1970 +0000
@@ -1,85 +0,0 @@
-$NetBSD: patch-ah,v 1.1 2005/03/17 22:35:48 jschauma Exp $
-
---- src/pl/plpgsql/src/gram.y.orig 2005-01-20 19:31:21.000000000 -0500
-+++ src/pl/plpgsql/src/gram.y 2005-03-17 17:29:03.000000000 -0500
-@@ -1713,6 +1713,15 @@
- }
- }
-
-+ /* Check for array overflow */
-+ if (nparams >= 1024)
-+ {
-+ plpgsql_error_lineno = lno;
-+ ereport(ERROR,
-+ (errcode(ERRCODE_PROGRAM_LIMIT_EXCEEDED),
-+ errmsg("too many variables specified in SQL statement")));
-+ }
-+
- expr = malloc(sizeof(PLpgSQL_expr) + sizeof(int) * nparams - sizeof(int));
- expr->dtype = PLPGSQL_DTYPE_EXPR;
- expr->query = strdup(plpgsql_dstring_get(&ds));
-@@ -1856,6 +1865,15 @@
-
- while ((tok = yylex()) == ',')
- {
-+ /* Check for array overflow */
-+ if (nfields >= 1024)
-+ {
-+ plpgsql_error_lineno = plpgsql_scanner_lineno();
-+ ereport(ERROR,
-+ (errcode(ERRCODE_PROGRAM_LIMIT_EXCEEDED),
-+ errmsg("too many variables specified in SQL statement")));
-+ }
Home |
Main Index |
Thread Index |
Old Index