From owner-freebsd-ports@FreeBSD.ORG Mon Mar 26 19:13:12 2012 Return-Path: Delivered-To: ports@freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2001:4f8:fff6::34]) by hub.freebsd.org (Postfix) with ESMTP id 7A689106564A; Mon, 26 Mar 2012 19:13:12 +0000 (UTC) (envelope-from utisoft@gmail.com) Received: from mail-bk0-f54.google.com (mail-bk0-f54.google.com [209.85.214.54]) by mx1.freebsd.org (Postfix) with ESMTP id C68A28FC08; Mon, 26 Mar 2012 19:13:11 +0000 (UTC) Received: by bkcjc3 with SMTP id jc3so5881458bkc.13 for ; Mon, 26 Mar 2012 12:13:10 -0700 (PDT) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=gmail.com; s=20120113; h=mime-version:in-reply-to:references:from:date:message-id:subject:to :cc:content-type; bh=kyLc8xjWmA02w3Ds6nOx2eANrvw09f4iZIufFxnfR/w=; b=ZrTfDyQCPdV9unAyZcQ8MmlfpHUTTIoxOv9VGoh7KXVsLMfOeRv0lhp0ZotO4ZGwuf zRu+mCrdcFYzG9JKlx8x9ykqKTeErJD53huejziDviYPELysfFWzh6/Lzzzk2wfwcwKy m/j3xzDObVGniE/Us1mvBNnimzo7UuL25PAMfTf9hOk82uOIT8rCaW1EDCBdo4NvUpmH WahbgbnaLnzTlhZNHaO3OSawl/eNmMrRZk/6NOE+csKlP5udnQkbgMNMyUYGUECN4AFr 05lH/ZLKTW4NAV9pObJIuYidpDjYkEweN6OLqBGcbFeLUhic6DH7jYdGlBpnR0tbLVYH TIwg== Received: by 10.204.148.82 with SMTP id o18mr9174179bkv.108.1332789190621; Mon, 26 Mar 2012 12:13:10 -0700 (PDT) MIME-Version: 1.0 Received: by 10.204.202.142 with HTTP; Mon, 26 Mar 2012 12:12:40 -0700 (PDT) In-Reply-To: <4F701A27.6010806@filez.com> References: <4F6F14AF.9070501@filez.com> <4F701A27.6010806@filez.com> From: Chris Rees Date: Mon, 26 Mar 2012 19:12:40 +0000 Message-ID: To: Radim Kolar Content-Type: text/plain; charset=ISO-8859-1 Cc: ports@freebsd.org, pgsql@freebsd.org Subject: Re: Postgresql 8.2 branch - keep it in tree X-BeenThere: freebsd-ports@freebsd.org X-Mailman-Version: 2.1.5 Precedence: list List-Id: Porting software to FreeBSD List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Mon, 26 Mar 2012 19:13:12 -0000 On 26 March 2012 07:26, Radim Kolar wrote: >> I'm afraid it's not only end of life by upstream, but also vulnerable in >> more than one CVE, and will not be fixed. > CVE Yes, but if you need particular DB version for your app, user will > install it anyway. For security related point of view it does not matter if > he installs it from ports or not. > > >> Can you give more detail on exactly what you are trying to do? >> > According to app supplier it does not work in newer pgsql because: > 1. Tsearch2 module changed > 2. system catalogue changed > 3. string escaping is slightly different > > There are no plans to update application to newer pgsql at this moment. > Similar problem will be with postgresql 8.3. It is only known version which > works with hyperic hq, hibernate complains on other version - "cant store > XXXX class". > > 2) Booting tomcat 5.5 from tree is the same problem. It will be still in use > for years, supported upstream or not. Most java apps today are still for > tomcat 5.5 > > People dont care about CVE, they care about applications. Mark these ports > as vulnerable, but keep them in port tree. Radim, if you ever need the port in future, the following will come in handy: #!/bin/sh cvs -d :pserver:anoncvs@anoncvs.fr.FreeBSD.org:/home/ncvs login for dir in server client contrib do cvs -d :pserver:anoncvs@anoncvs.fr.FreeBSD.org:/home/ncvs co -D 2012-03-26 ports/databases/postgresql82-${dir} done You can always get the port's files-- they will not disappear forever. Chris