From owner-freebsd-ports@FreeBSD.ORG  Mon Mar 26 07:26:45 2012
Return-Path: <owner-freebsd-ports@FreeBSD.ORG>
Delivered-To: ports@freebsd.org
Received: from mx1.freebsd.org (mx1.freebsd.org [69.147.83.52])
	by hub.freebsd.org (Postfix) with ESMTP id 51755106564A;
	Mon, 26 Mar 2012 07:26:45 +0000 (UTC) (envelope-from hsn@filez.com)
Received: from ponto.amerinoc.com (ponto.amerinoc.com [64.6.108.239])
	by mx1.freebsd.org (Postfix) with ESMTP id 12DE78FC0A;
	Mon, 26 Mar 2012 07:26:45 +0000 (UTC)
Received: from fbsd8.localdomain (205.83.broadband7.iol.cz [88.102.83.205])
	(authenticated bits=128)
	by ponto.amerinoc.com (8.14.5/8.14.5) with ESMTP id q2Q7QfqI023908
	(version=TLSv1/SSLv3 cipher=DHE-RSA-AES256-SHA bits=256 verify=NO);
	Mon, 26 Mar 2012 09:26:44 +0200 (CEST) (envelope-from hsn@filez.com)
Received: from [127.0.0.1] ([10.0.0.1])
	by fbsd8.localdomain (8.14.4/8.14.4) with ESMTP id q2Q7QZO0051952;
	Mon, 26 Mar 2012 09:26:35 +0200 (CEST) (envelope-from hsn@filez.com)
Message-ID: <4F701A27.6010806@filez.com>
Date: Mon, 26 Mar 2012 09:26:31 +0200
From: Radim Kolar <hsn@filez.com>
User-Agent: Mozilla/5.0 (Windows NT 5.1;
	rv:11.0) Gecko/20120312 Thunderbird/11.0
MIME-Version: 1.0
To: Chris Rees <utisoft@gmail.com>
References: <4F6F14AF.9070501@filez.com>
	<CADLo83-Lxk3c=NJm3bLhZhNfc+dArNa+7NDVBKCmGKZV9X7A2w@mail.gmail.com>
In-Reply-To: <CADLo83-Lxk3c=NJm3bLhZhNfc+dArNa+7NDVBKCmGKZV9X7A2w@mail.gmail.com>
Content-Type: text/plain; charset=ISO-8859-1; format=flowed
Content-Transfer-Encoding: 7bit
X-Antivirus: avast! (VPS 120325-1, 25.03.2012), Outbound message
X-Antivirus-Status: Clean
Cc: ports@freebsd.org, pgsql@freebsd.org
Subject: Re: Postgresql 8.2 branch - keep it in tree
X-BeenThere: freebsd-ports@freebsd.org
X-Mailman-Version: 2.1.5
Precedence: list
List-Id: Porting software to FreeBSD <freebsd-ports.freebsd.org>
List-Unsubscribe: <http://lists.freebsd.org/mailman/listinfo/freebsd-ports>,
	<mailto:freebsd-ports-request@freebsd.org?subject=unsubscribe>
List-Archive: <http://lists.freebsd.org/pipermail/freebsd-ports>
List-Post: <mailto:freebsd-ports@freebsd.org>
List-Help: <mailto:freebsd-ports-request@freebsd.org?subject=help>
List-Subscribe: <http://lists.freebsd.org/mailman/listinfo/freebsd-ports>,
	<mailto:freebsd-ports-request@freebsd.org?subject=subscribe>
X-List-Received-Date: Mon, 26 Mar 2012 07:26:45 -0000

 > I'm afraid it's not only end of life by upstream, but also vulnerable 
in more than one CVE, and will not be fixed.
CVE Yes, but if you need particular DB version for your app, user will 
install it anyway. For security related point of view it does not matter 
if he installs it from ports or not.

> Can you give more detail on exactly what you are trying to do?
>
According to app supplier it does not work in newer pgsql because:
1. Tsearch2 module changed
2. system catalogue changed
3. string escaping is slightly different

There are no plans to update application to newer pgsql at this moment. 
Similar problem will be with postgresql 8.3. It is only known version 
which works with hyperic hq, hibernate complains on other version - 
"cant store XXXX class".

2) Booting tomcat 5.5 from tree is the same problem. It will be still in 
use for years, supported upstream or not. Most java apps today are still 
for tomcat 5.5

People dont care about CVE, they care about applications. Mark these 
ports as vulnerable, but keep them in port tree.