Re: PostgreSQL security update
On Mon, 13 Nov 2017 12:13:03 -0500, Daniel Jakotswrote: > On Mon, 13 Nov 2017 17:36:11 +0100, Pierre-Emmanuel André > wrote: > > > Please note that this diff is valid for OpenBSD 6.2 too. > > No objections for the commit to -stable ? > > ok danj@ > Well actually, can you commit the patch attached as well, so the port's patches apply cleanly. Merci pea ;) Index: patches/patch-src_backend_storage_lmgr_s_lock_c === RCS file: /cvs/ports/databases/postgresql/patches/patch-src_backend_storage_lmgr_s_lock_c,v retrieving revision 1.2 diff -u -p -r1.2 patch-src_backend_storage_lmgr_s_lock_c --- patches/patch-src_backend_storage_lmgr_s_lock_c 8 Jan 2015 15:01:11 - 1.2 +++ patches/patch-src_backend_storage_lmgr_s_lock_c 13 Nov 2017 17:14:15 - @@ -1,7 +1,8 @@ $OpenBSD: patch-src_backend_storage_lmgr_s_lock_c,v 1.2 2015/01/08 15:01:11 pea Exp $ src/backend/storage/lmgr/s_lock.c.orig Sun May 11 14:16:48 2014 -+++ src/backend/storage/lmgr/s_lock.c Thu May 15 21:52:50 2014 -@@ -219,7 +219,7 @@ static void +Index: src/backend/storage/lmgr/s_lock.c +--- src/backend/storage/lmgr/s_lock.c.orig src/backend/storage/lmgr/s_lock.c +@@ -251,7 +251,7 @@ static void tas_dummy() { __asm__ __volatile__( Index: patches/patch-src_bin_scripts_vacuumdb_c === RCS file: /cvs/ports/databases/postgresql/patches/patch-src_bin_scripts_vacuumdb_c,v retrieving revision 1.1 diff -u -p -r1.1 patch-src_bin_scripts_vacuumdb_c --- patches/patch-src_bin_scripts_vacuumdb_c 10 Sep 2016 13:03:41 - 1.1 +++ patches/patch-src_bin_scripts_vacuumdb_c 13 Nov 2017 17:14:15 - @@ -1,6 +1,7 @@ $OpenBSD: patch-src_bin_scripts_vacuumdb_c,v 1.1 2016/09/10 13:03:41 ajacoutot Exp $ src/bin/scripts/vacuumdb.c.orig Sat Sep 10 10:37:08 2016 -+++ src/bin/scripts/vacuumdb.c Sat Sep 10 10:38:12 2016 +Index: src/bin/scripts/vacuumdb.c +--- src/bin/scripts/vacuumdb.c.orig src/bin/scripts/vacuumdb.c @@ -10,6 +10,8 @@ *- */ @@ -9,4 +10,4 @@ $OpenBSD: patch-src_bin_scripts_vacuumdb + #include "postgres_fe.h" - #include "common.h" + #ifdef HAVE_SYS_SELECT_H Index: patches/patch-src_include_storage_s_lock_h === RCS file: /cvs/ports/databases/postgresql/patches/patch-src_include_storage_s_lock_h,v retrieving revision 1.3 diff -u -p -r1.3 patch-src_include_storage_s_lock_h --- patches/patch-src_include_storage_s_lock_h 13 Feb 2016 21:54:28 - 1.3 +++ patches/patch-src_include_storage_s_lock_h 13 Nov 2017 17:14:15 - @@ -1,9 +1,10 @@ $OpenBSD: patch-src_include_storage_s_lock_h,v 1.3 2016/02/13 21:54:28 sthen Exp $ src/include/storage/s_lock.h.orig Mon Feb 8 21:15:19 2016 -+++ src/include/storage/s_lock.h Fri Feb 12 17:18:09 2016 -@@ -749,6 +749,29 @@ typedef unsigned char slock_t; +Index: src/include/storage/s_lock.h +--- src/include/storage/s_lock.h.orig src/include/storage/s_lock.h +@@ -693,6 +693,29 @@ typedef unsigned char slock_t; + do { __asm__ __volatile__("" : : : "memory"); *(lock) = 0; } while (0) #endif - +#if defined(__m88k__) /* Motorola 88k */ +#define HAS_TEST_AND_SET
Re: PostgreSQL security update
On Mon, 13 Nov 2017 17:36:11 +0100, Pierre-Emmanuel Andréwrote: > Please note that this diff is valid for OpenBSD 6.2 too. > No objections for the commit to -stable ? ok danj@
Re: PostgreSQL security update
On Mon, Nov 13, 2017 at 05:36:11PM +0100, Pierre-Emmanuel André wrote: > On Sun, Nov 12, 2017 at 03:31:43PM +0100, Adam Wolk wrote: > > On Fri, Nov 10, 2017 at 03:31:36PM +0100, Pierre-Emmanuel André wrote: > > > Hi, > > > > > > Small diff to update PostgreSQL to it's latest version (9.6.6) > > > Release notes: > > > https://www.postgresql.org/docs/9.6/static/release-9-6-6.html > > > (3 CVE fixed) > > > > > > Comments, ok ? > > > > > > Regards, > > > > > > > > > ps: 10.1 is coming but need more tests ;) > > > > This is true for 9.6.5 also but: > > > > trailing whitespace in Makefile (line 23 last entry in SHARED_LIBS) > > trailing whitespace in pkg/README-server (line 154) > > > > pkg/README-server line 138 & 173 longer than 80 characters but I think > > those two can just be let slip. > > > > portcheck complains on SUBST_VARS for pkg/README-server and > > pkg/postgresql.rc but I'm also willing to just slip those as they > > are not a new addition. > > > > all in all it's OK awolk@ for the update, I tested on amd64 snap with a > > 3190 MB database dump of my production server and everything > > seems to work fine. Considering this is a security patch I don't > > mind it being committed without any of the above nitpicks being > > addressed. > > > > Thanks for your review. I will correct them for the next release. > Please note that this diff is valid for OpenBSD 6.2 too. > No objections for the commit to -stable ? > > Regards, > unfortunately my server is still running 6.1 so I can't test against it. I don't see anything that should break on 6.2 and have nothing against it being committed but that said I personally only tested against -current. Regards, Adam
Re: PostgreSQL security update
On Sun, Nov 12, 2017 at 03:31:43PM +0100, Adam Wolk wrote: > On Fri, Nov 10, 2017 at 03:31:36PM +0100, Pierre-Emmanuel André wrote: > > Hi, > > > > Small diff to update PostgreSQL to it's latest version (9.6.6) > > Release notes: https://www.postgresql.org/docs/9.6/static/release-9-6-6.html > > (3 CVE fixed) > > > > Comments, ok ? > > > > Regards, > > > > > > ps: 10.1 is coming but need more tests ;) > > This is true for 9.6.5 also but: > > trailing whitespace in Makefile (line 23 last entry in SHARED_LIBS) > trailing whitespace in pkg/README-server (line 154) > > pkg/README-server line 138 & 173 longer than 80 characters but I think > those two can just be let slip. > > portcheck complains on SUBST_VARS for pkg/README-server and > pkg/postgresql.rc but I'm also willing to just slip those as they > are not a new addition. > > all in all it's OK awolk@ for the update, I tested on amd64 snap with a > 3190 MB database dump of my production server and everything > seems to work fine. Considering this is a security patch I don't > mind it being committed without any of the above nitpicks being > addressed. > Thanks for your review. I will correct them for the next release. Please note that this diff is valid for OpenBSD 6.2 too. No objections for the commit to -stable ? Regards,
Re: PostgreSQL security update
On 2017/11/12 15:31, Adam Wolk wrote: > pkg/README-server line 138 & 173 longer than 80 characters but I think > those two can just be let slip. They're <80 after substitution :)
Re: PostgreSQL security update
On Fri, Nov 10, 2017 at 03:31:36PM +0100, Pierre-Emmanuel André wrote: > Hi, > > Small diff to update PostgreSQL to it's latest version (9.6.6) > Release notes: https://www.postgresql.org/docs/9.6/static/release-9-6-6.html > (3 CVE fixed) > > Comments, ok ? > > Regards, > > > ps: 10.1 is coming but need more tests ;) This is true for 9.6.5 also but: trailing whitespace in Makefile (line 23 last entry in SHARED_LIBS) trailing whitespace in pkg/README-server (line 154) pkg/README-server line 138 & 173 longer than 80 characters but I think those two can just be let slip. portcheck complains on SUBST_VARS for pkg/README-server and pkg/postgresql.rc but I'm also willing to just slip those as they are not a new addition. all in all it's OK awolk@ for the update, I tested on amd64 snap with a 3190 MB database dump of my production server and everything seems to work fine. Considering this is a security patch I don't mind it being committed without any of the above nitpicks being addressed. Regards, Adam
PostgreSQL security update
Hi, Small diff to update PostgreSQL to it's latest version (9.6.6) Release notes: https://www.postgresql.org/docs/9.6/static/release-9-6-6.html (3 CVE fixed) Comments, ok ? Regards, ps: 10.1 is coming but need more tests ;) Index: Makefile === RCS file: /cvs/ports/databases/postgresql/Makefile,v retrieving revision 1.229 diff -u -p -u -p -r1.229 Makefile --- Makefile 13 Sep 2017 14:24:08 - 1.229 +++ Makefile 10 Nov 2017 14:29:13 - @@ -7,7 +7,7 @@ COMMENT-contrib=PostgreSQL RDBMS contrib COMMENT-plpython=Python procedural language for PostgreSQL COMMENT-pg_upgrade=Support for upgrading PostgreSQL data from previous version -VERSION= 9.6.5 +VERSION= 9.6.6 PREV_MAJOR= 9.5 DISTNAME= postgresql-${VERSION} PKGNAME-main= postgresql-client-${VERSION} Index: distinfo === RCS file: /cvs/ports/databases/postgresql/distinfo,v retrieving revision 1.68 diff -u -p -u -p -r1.68 distinfo --- distinfo 13 Sep 2017 14:24:08 - 1.68 +++ distinfo 10 Nov 2017 14:29:13 - @@ -1,2 +1,2 @@ -SHA256 (postgresql-9.6.5.tar.gz) = eelgXTIbVFsu2d8Yrf0uUslQ3JNGtl6VJ/EXExYn3Ao= -SIZE (postgresql-9.6.5.tar.gz) = 25652523 +SHA256 (postgresql-9.6.6.tar.gz) = U+HNX9/19FQVrp1bZFF3J1Jlo+gAyGvsu5TOGDo6UGE= +SIZE (postgresql-9.6.6.tar.gz) = 25709021 Index: pkg/PLIST-docs === RCS file: /cvs/ports/databases/postgresql/pkg/PLIST-docs,v retrieving revision 1.80 diff -u -p -u -p -r1.80 PLIST-docs --- pkg/PLIST-docs 13 Sep 2017 14:24:08 - 1.80 +++ pkg/PLIST-docs 10 Nov 2017 14:29:13 - @@ -905,6 +905,7 @@ share/doc/postgresql/html/release-9-2-20 share/doc/postgresql/html/release-9-2-21.html share/doc/postgresql/html/release-9-2-22.html share/doc/postgresql/html/release-9-2-23.html +share/doc/postgresql/html/release-9-2-24.html share/doc/postgresql/html/release-9-2-3.html share/doc/postgresql/html/release-9-2-4.html share/doc/postgresql/html/release-9-2-5.html @@ -925,6 +926,7 @@ share/doc/postgresql/html/release-9-3-17 share/doc/postgresql/html/release-9-3-18.html share/doc/postgresql/html/release-9-3-19.html share/doc/postgresql/html/release-9-3-2.html +share/doc/postgresql/html/release-9-3-20.html share/doc/postgresql/html/release-9-3-3.html share/doc/postgresql/html/release-9-3-4.html share/doc/postgresql/html/release-9-3-5.html @@ -939,6 +941,7 @@ share/doc/postgresql/html/release-9-4-11 share/doc/postgresql/html/release-9-4-12.html share/doc/postgresql/html/release-9-4-13.html share/doc/postgresql/html/release-9-4-14.html +share/doc/postgresql/html/release-9-4-15.html share/doc/postgresql/html/release-9-4-2.html share/doc/postgresql/html/release-9-4-3.html share/doc/postgresql/html/release-9-4-4.html @@ -949,6 +952,7 @@ share/doc/postgresql/html/release-9-4-8. share/doc/postgresql/html/release-9-4-9.html share/doc/postgresql/html/release-9-4.html share/doc/postgresql/html/release-9-5-1.html +share/doc/postgresql/html/release-9-5-10.html share/doc/postgresql/html/release-9-5-2.html share/doc/postgresql/html/release-9-5-3.html share/doc/postgresql/html/release-9-5-4.html @@ -963,6 +967,7 @@ share/doc/postgresql/html/release-9-6-2. share/doc/postgresql/html/release-9-6-3.html share/doc/postgresql/html/release-9-6-4.html share/doc/postgresql/html/release-9-6-5.html +share/doc/postgresql/html/release-9-6-6.html share/doc/postgresql/html/release-9-6.html share/doc/postgresql/html/release.html share/doc/postgresql/html/replication-origins.html