Update PostgreSQL port to latest version.
Two security issues have been fixed in this release which affect users of specific PostgreSQL features: CVE-2015-5289: json or jsonb input values constructed from arbitrary user input can crash the PostgreSQL server and cause a denial of service. CVE-2015-5288: The crypt( function included with the optional pgCrypto extension could be exploited to read a few additional bytes of memory. No working exploit for this issue has been developed. This update will also disable SSL renegotiation by default; previously, it was enabled by default. SSL renegotiation will be removed entirely in PostgreSQL versions 9.5 and later. URL: http://www.postgresql.org/about/news/1615/ Security: CVE-2015-5288 CVE-2015-5289
This commit is contained in:
Palle Girgensohn
@@ -1,6 +1,5 @@
|
||||
# $FreeBSD$
|
||||
|
||||
PORTREVISION= 0
|
||||
WANT_PGSQL_VER= 9.4
|
||||
|
||||
.include "${.CURDIR}/../postgresql90-plpython/Makefile"
|
||||
|
||||
Reference in New Issue
Block a user