svn commit: r461251 - in head/databases: postgresql10-server postgresql10-server/files postgresql92-client postgresql92-contrib postgresql92-server postgresql92-server/files postgresql93-server pos...

Antoine Brodin antoine at freebsd.org
Thu Feb 8 19:50:16 UTC 2018 

On Thu, Feb 8, 2018 at 6:38 PM, Palle Girgensohn <girgen at freebsd.org> wrote:
> Author: girgen
> Date: Thu Feb  8 17:38:36 2018
> New Revision: 461251
> URL: https://svnweb.freebsd.org/changeset/ports/461251
>
> Log:
>   Update to latest versions of PostgreSQL
>
>   2018-02-08 Security Update Release
>   ==================================
>
>   The PostgreSQL Global Development Group has released an update to all supported
>   versions of our database system, including 10.2, 9.6.7, 9.5.11, 9.4.16, 9.3.21.
>   This release fixes two security issues. This release also fixes issues with
>   VACUUM, GIN indexes, and hash indexes that could lead to data corruption, as
>   well as fixes for using parallel queries and logical replication.
>
>   All users using the affected versions of PostgreSQL should update as soon as
>   possible. Please see the notes on "Updating" below for any post-update steps
>   that may be required.
>
>   Please note that PostgreSQL changed its versioning scheme with the release of
>   version 10.0, so updating to version 10.2 from 10.0 or 10.1 is considered a
>   minor update.
>
>   Security Issues
>   ---------------
>
>   Two security vulnerabilities have been fixed by this release:
>
>   * CVE-2018-1052: Fix the processing of partition keys containing multiple
>   expressions
>   * CVE-2018-1053: Ensure that all temporary files made with "pg_upgrade" are
>   non-world-readable
>
>   Local fixes to the FreeBSD ports
>   --------------------------------
>
>   Inform users about data checksums [1].
>   Make sure /usr/bin/su is used regardless of PATH settings [2].
>   Enable DTRACE by default [3].
>
>   PR:           214671 [1], 223157 [2], 215028 [3]
>   Security:     c602c791-0cf4-11e8-a2ec-6cc21735f730

Hi,

I see some failures on the build cluster due to a segmentation fault in dtrace.
Could the DTRACE option be reverted and more tested?

Cheers,

Antoine

More information about the svn-ports-all mailing list