openbsd/ports
1
0
Fork 0
mirror of https://github.com/openbsd/ports.git synced 2026-06-18 07:24:23 +02:00
Code Issues Packages Projects Releases Wiki Activity
Files
daff152920100187398f5ffe6237607d35500cd2
ports/databases/postgresql
T
History
jeremy af78d2007e Update to PostgreSQL 18.4 
Fixes:

* CVE-2026-6472: PostgreSQL CREATE TYPE does not check multirange schema
  CREATE privilege
* CVE-2026-6473: PostgreSQL server undersizes allocations, via integer
  wraparound
* CVE-2026-6474: PostgreSQL timeofday() can disclose portions of server
  memory
* CVE-2026-6475: PostgreSQL pg_basebackup and pg_rewind can overwrite
  unrelated files of origin superuser choice
* CVE-2026-6476: PostgreSQL pg_createsubscriber allows SQL injection via
  subscription name
* CVE-2026-6477: PostgreSQL libpq lo_* functions let server superuser
  overwrite client stack
* CVE-2026-6478: PostgreSQL discloses MD5-hashed passwords via covert
  timing channel
* CVE-2026-6479: PostgreSQL SSL/GSS init causes denial of service, via
  uncontrolled recursion
* CVE-2026-6575: PostgreSQL pg_restore_attribute_stats accepts values
  that cause query planning to read past end of stats array
* CVE-2026-6637: PostgreSQL refint allows stack buffer overflow and SQL
  injection
* CVE-2026-6638: PostgreSQL REFRESH PUBLICATION allows SQL injection via
  table name

From Mark Patruck
2026-05-25 00:36:13 +00:00
..
patches
pkg
Update to PostgreSQL 18.4
2026-05-25 00:36:13 +00:00
distinfo
Update to PostgreSQL 18.4
2026-05-25 00:36:13 +00:00
Makefile
Update to PostgreSQL 18.4
2026-05-25 00:36:13 +00:00
postgresql.port.mk