Skip site navigation (1)Skip section navigation (2) 
Date:      Fri, 9 Oct 2015 19:18:55 +0000
From:      Jason Unovitch <jason.unovitch@gmail.com>
To:        Palle Girgensohn <girgen@FreeBSD.org>
Cc:        ports-committers@freebsd.org, svn-ports-all@freebsd.org, svn-ports-head@freebsd.org
Subject:   Re: svn commit: r398895 - in head/databases: postgresql90-client postgresql90-server postgresql91-client postgresql91-docs postgresql91-pltcl postgresql91-server postgresql92-client postgresql92-contri...
Message-ID:  <20151009191855.GB83352@xts-bsd.pa-us.unovitch.com>
In-Reply-To: <201510082125.t98LP1bJ014049@repo.freebsd.org>
References:  <201510082125.t98LP1bJ014049@repo.freebsd.org>
next in thread | previous in thread | raw e-mail | index | archive | help 
On Thu, Oct 08, 2015 at 09:25:01PM +0000, Palle Girgensohn wrote:
> Author: girgen
> Date: Thu Oct  8 21:25:01 2015
> New Revision: 398895
> URL: https://svnweb.freebsd.org/changeset/ports/398895
> 
> Log:
>   Update PostgreSQL port to latest version.
>   
>   Two security issues have been fixed in this release which affect users
>   of specific PostgreSQL features:
>   
>   CVE-2015-5289: json or jsonb input values constructed from arbitrary
>   user input can crash the PostgreSQL server and cause a denial of
>   service.
>   
>   CVE-2015-5288: The crypt( function included with the optional pgCrypto
>   extension could be exploited to read a few additional bytes of memory.
>   No working exploit for this issue has been developed.
>   
>   This update will also disable SSL renegotiation by default;
>   previously, it was enabled by default.   SSL renegotiation will be
>   removed entirely in PostgreSQL versions 9.5 and later.
>   
>   URL:		http://www.postgresql.org/about/news/1615/
>   Security:	CVE-2015-5288 CVE-2015-5289
> 

Palle,
The commit message was missing 'MFH: 2015Q4'.  Can you ensure this gets
taken care of in the quarterly branch?

Just in case, a helpful reminder from the commmitter's guide:
https://www.freebsd.org/doc/en_US.ISO8859-1/articles/committers-guide/ports.html#ports-qa-misc-request-mfh

Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?20151009191855.GB83352>