Date: Thu, 8 Feb 2018 20:50:14 +0100 From: Antoine Brodin <antoine@freebsd.org> To: Palle Girgensohn <girgen@freebsd.org> Cc: ports-committers@freebsd.org, svn-ports-all@freebsd.org, svn-ports-head@freebsd.org Subject: Re: svn commit: r461251 - in head/databases: postgresql10-server postgresql10-server/files postgresql92-client postgresql92-contrib postgresql92-server postgresql92-server/files postgresql93-server pos... Message-ID: <CAALwa8nOunsB_EmDxLJN=gyej9E5TY7LqEDKDGx1xkFbadDzTw@mail.gmail.com> In-Reply-To: <201802081738.w18Hca41043031@repo.freebsd.org> References: <201802081738.w18Hca41043031@repo.freebsd.org>
next in thread | previous in thread | raw e-mail | index | archive | help
On Thu, Feb 8, 2018 at 6:38 PM, Palle Girgensohn <girgen@freebsd.org> wrote: > Author: girgen > Date: Thu Feb 8 17:38:36 2018 > New Revision: 461251 > URL: https://svnweb.freebsd.org/changeset/ports/461251 > > Log: > Update to latest versions of PostgreSQL > > 2018-02-08 Security Update Release > ================================== > > The PostgreSQL Global Development Group has released an update to all supported > versions of our database system, including 10.2, 9.6.7, 9.5.11, 9.4.16, 9.3.21. > This release fixes two security issues. This release also fixes issues with > VACUUM, GIN indexes, and hash indexes that could lead to data corruption, as > well as fixes for using parallel queries and logical replication. > > All users using the affected versions of PostgreSQL should update as soon as > possible. Please see the notes on "Updating" below for any post-update steps > that may be required. > > Please note that PostgreSQL changed its versioning scheme with the release of > version 10.0, so updating to version 10.2 from 10.0 or 10.1 is considered a > minor update. > > Security Issues > --------------- > > Two security vulnerabilities have been fixed by this release: > > * CVE-2018-1052: Fix the processing of partition keys containing multiple > expressions > * CVE-2018-1053: Ensure that all temporary files made with "pg_upgrade" are > non-world-readable > > Local fixes to the FreeBSD ports > -------------------------------- > > Inform users about data checksums [1]. > Make sure /usr/bin/su is used regardless of PATH settings [2]. > Enable DTRACE by default [3]. > > PR: 214671 [1], 223157 [2], 215028 [3] > Security: c602c791-0cf4-11e8-a2ec-6cc21735f730 Hi, I see some failures on the build cluster due to a segmentation fault in dtrace. Could the DTRACE option be reverted and more tested? Cheers, Antoine
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?CAALwa8nOunsB_EmDxLJN=gyej9E5TY7LqEDKDGx1xkFbadDzTw>