This update fixes multiple security issues reported in PostgreSQL over the past
few months. All of these issues require prior authentication, and some require
additional conditions, and as such are not considered generally urgent.
However, users should examine the list of security holes patched below in case
they are particularly vulnerable.
Security: CVE-2015-0241,CVE-2015-0242,CVE-2015-0243,
CVE-2015-0244,CVE-2014-8161
are savepoints (within transactions), point-in-time recovery and
tablespaces. Check out the release notes and the shiny new
PostgreSQL.org website at:
http://www.PostgreSQL.org/docs/8.0/static/release.html#RELEASE-8-0
The port uses the new postgresql ports' layout and is split into a
server and a client part. The following knobs can be used by ports
depending on PostgreSQL:
# USE_PGSQL - Add PostgreSQL client dependency.
# If no version is given (by the maintainer via the port or
# by the user via defined variable), try to find the
# currently installed version. Fall back to default if
# necessary (PostgreSQL-7.4 = 74).
# DEFAULT_PGSQL_VER
# - PostgreSQL default version. Can be overridden within a port.
# Default: 74.
# WANT_PGSQL_VER
# - Maintainer can set an arbitrary version of PostgreSQL by
# using it.
# BROKEN_WITH_PGSQL
# - This variable can be defined if the ports doesn't support
# one or more versions of PostgreSQL.
PR: 75344
Approved by: portmgr@ (kris), ade & sean (mentors)
