PostgreSQL security update

Previous Topic Next Topic
 
classic Classic list List threaded Threaded
7 messages Options
Reply | Threaded
Open this post in threaded view
|

PostgreSQL security update

Pierre-Emmanuel André
Hi,

Small diff to update PostgreSQL to it's latest version (9.6.6)
Release notes: https://www.postgresql.org/docs/9.6/static/release-9-6-6.html
(3 CVE fixed)

Comments, ok ?

Regards,


ps: 10.1 is coming but need more tests ;)

postgresql-9.6.6.diff (3K) Download Attachment
Reply | Threaded
Open this post in threaded view
|

Re: PostgreSQL security update

Adam Wolk-2
On Fri, Nov 10, 2017 at 03:31:36PM +0100, Pierre-Emmanuel André wrote:

> Hi,
>
> Small diff to update PostgreSQL to it's latest version (9.6.6)
> Release notes: https://www.postgresql.org/docs/9.6/static/release-9-6-6.html
> (3 CVE fixed)
>
> Comments, ok ?
>
> Regards,
>
>
> ps: 10.1 is coming but need more tests ;)

This is true for 9.6.5 also but:

trailing whitespace in Makefile (line 23 last entry in SHARED_LIBS)
trailing whitespace in pkg/README-server (line 154)

pkg/README-server line 138 & 173 longer than 80 characters but I think
those two can just be let slip.

portcheck complains on SUBST_VARS for pkg/README-server and
pkg/postgresql.rc but I'm also willing to just slip those as they
are not a new addition.

all in all it's OK awolk@ for the update, I tested on amd64 snap with a
3190 MB database dump of my production server and everything
seems to work fine. Considering this is a security patch I don't
mind it being committed without any of the above nitpicks being
addressed.

Regards,
Adam

Reply | Threaded
Open this post in threaded view
|

Re: PostgreSQL security update

Stuart Henderson
On 2017/11/12 15:31, Adam Wolk wrote:
> pkg/README-server line 138 & 173 longer than 80 characters but I think
> those two can just be let slip.

They're <80 after substitution :)

Reply | Threaded
Open this post in threaded view
|

Re: PostgreSQL security update

Pierre-Emmanuel André
In reply to this post by Adam Wolk-2
On Sun, Nov 12, 2017 at 03:31:43PM +0100, Adam Wolk wrote:

> On Fri, Nov 10, 2017 at 03:31:36PM +0100, Pierre-Emmanuel André wrote:
> > Hi,
> >
> > Small diff to update PostgreSQL to it's latest version (9.6.6)
> > Release notes: https://www.postgresql.org/docs/9.6/static/release-9-6-6.html
> > (3 CVE fixed)
> >
> > Comments, ok ?
> >
> > Regards,
> >
> >
> > ps: 10.1 is coming but need more tests ;)
>
> This is true for 9.6.5 also but:
>
> trailing whitespace in Makefile (line 23 last entry in SHARED_LIBS)
> trailing whitespace in pkg/README-server (line 154)
>
> pkg/README-server line 138 & 173 longer than 80 characters but I think
> those two can just be let slip.
>
> portcheck complains on SUBST_VARS for pkg/README-server and
> pkg/postgresql.rc but I'm also willing to just slip those as they
> are not a new addition.
>
> all in all it's OK awolk@ for the update, I tested on amd64 snap with a
> 3190 MB database dump of my production server and everything
> seems to work fine. Considering this is a security patch I don't
> mind it being committed without any of the above nitpicks being
> addressed.
>

Thanks for your review. I will correct them for the next release.
Please note that this diff is valid for OpenBSD 6.2 too.
No objections for the commit to -stable ?

Regards,

Reply | Threaded
Open this post in threaded view
|

Re: PostgreSQL security update

Adam Wolk-2
On Mon, Nov 13, 2017 at 05:36:11PM +0100, Pierre-Emmanuel André wrote:

> On Sun, Nov 12, 2017 at 03:31:43PM +0100, Adam Wolk wrote:
> > On Fri, Nov 10, 2017 at 03:31:36PM +0100, Pierre-Emmanuel André wrote:
> > > Hi,
> > >
> > > Small diff to update PostgreSQL to it's latest version (9.6.6)
> > > Release notes: https://www.postgresql.org/docs/9.6/static/release-9-6-6.html
> > > (3 CVE fixed)
> > >
> > > Comments, ok ?
> > >
> > > Regards,
> > >
> > >
> > > ps: 10.1 is coming but need more tests ;)
> >
> > This is true for 9.6.5 also but:
> >
> > trailing whitespace in Makefile (line 23 last entry in SHARED_LIBS)
> > trailing whitespace in pkg/README-server (line 154)
> >
> > pkg/README-server line 138 & 173 longer than 80 characters but I think
> > those two can just be let slip.
> >
> > portcheck complains on SUBST_VARS for pkg/README-server and
> > pkg/postgresql.rc but I'm also willing to just slip those as they
> > are not a new addition.
> >
> > all in all it's OK awolk@ for the update, I tested on amd64 snap with a
> > 3190 MB database dump of my production server and everything
> > seems to work fine. Considering this is a security patch I don't
> > mind it being committed without any of the above nitpicks being
> > addressed.
> >
>
> Thanks for your review. I will correct them for the next release.
> Please note that this diff is valid for OpenBSD 6.2 too.
> No objections for the commit to -stable ?
>
> Regards,
>

unfortunately my server is still running 6.1 so I can't test against it.

I don't see anything that should break on 6.2 and have nothing against it
being committed but that said I personally only tested against -current.

Regards,
Adam

Reply | Threaded
Open this post in threaded view
|

Re: PostgreSQL security update

Daniel Jakots-3
In reply to this post by Pierre-Emmanuel André
On Mon, 13 Nov 2017 17:36:11 +0100, Pierre-Emmanuel André
<[hidden email]> wrote:

> Please note that this diff is valid for OpenBSD 6.2 too.
> No objections for the commit to -stable ?

ok danj@

Reply | Threaded
Open this post in threaded view
|

Re: PostgreSQL security update

Daniel Jakots-3
On Mon, 13 Nov 2017 12:13:03 -0500, Daniel Jakots <[hidden email]>
wrote:

> On Mon, 13 Nov 2017 17:36:11 +0100, Pierre-Emmanuel André
> <[hidden email]> wrote:
>
> > Please note that this diff is valid for OpenBSD 6.2 too.
> > No objections for the commit to -stable ?  
>
> ok danj@
>

Well actually, can you commit the patch attached as well, so the port's
patches apply cleanly. Merci pea ;)

postgresql.diff (2K) Download Attachment