Date: Mon, 26 Mar 2012 19:12:40 +0000 From: Chris Rees <utisoft@gmail.com> To: Radim Kolar <hsn@filez.com> Cc: ports@freebsd.org, pgsql@freebsd.org Subject: Re: Postgresql 8.2 branch - keep it in tree Message-ID: <CADLo839nbcxx2UacWkzS54tDRSKL%2Bqz9C%2BNqR3r9ek7t3RC8KA@mail.gmail.com> In-Reply-To: <4F701A27.6010806@filez.com> References: <4F6F14AF.9070501@filez.com> <CADLo83-Lxk3c=NJm3bLhZhNfc%2BdArNa%2B7NDVBKCmGKZV9X7A2w@mail.gmail.com> <4F701A27.6010806@filez.com>
next in thread | previous in thread | raw e-mail | index | archive | help
On 26 March 2012 07:26, Radim Kolar <hsn@filez.com> wrote:
>> I'm afraid it's not only end of life by upstream, but also vulnerable in
>> more than one CVE, and will not be fixed.
> CVE Yes, but if you need particular DB version for your app, user will
> install it anyway. For security related point of view it does not matter if
> he installs it from ports or not.
>
>
>> Can you give more detail on exactly what you are trying to do?
>>
> According to app supplier it does not work in newer pgsql because:
> 1. Tsearch2 module changed
> 2. system catalogue changed
> 3. string escaping is slightly different
>
> There are no plans to update application to newer pgsql at this moment.
> Similar problem will be with postgresql 8.3. It is only known version which
> works with hyperic hq, hibernate complains on other version - "cant store
> XXXX class".
>
> 2) Booting tomcat 5.5 from tree is the same problem. It will be still in use
> for years, supported upstream or not. Most java apps today are still for
> tomcat 5.5
>
> People dont care about CVE, they care about applications. Mark these ports
> as vulnerable, but keep them in port tree.
Radim, if you ever need the port in future, the following will come in handy:
#!/bin/sh
cvs -d :pserver:anoncvs@anoncvs.fr.FreeBSD.org:/home/ncvs login
for dir in server client contrib
do cvs -d :pserver:anoncvs@anoncvs.fr.FreeBSD.org:/home/ncvs co -D
2012-03-26 ports/databases/postgresql82-${dir}
done
You can always get the port's files-- they will not disappear forever.
Chris
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?CADLo839nbcxx2UacWkzS54tDRSKL%2Bqz9C%2BNqR3r9ek7t3RC8KA>