Created attachment 172279 [details] 502.pgsql.in.patch Periodic script 502.pgsql does not delete postgresql directory dump files.
Seems trivial. I'll apply it at the next upstream update.
A commit references this bug: Author: girgen Date: Thu Aug 11 16:39:42 UTC 2016 New revision: 420089 URL: https://svnweb.freebsd.org/changeset/ports/420089 Log: The PostgreSQL Global Development Group has released an update to all supported versions of our database system, including 9.5.4, 9.4.9, 9.3.14, 9.2.18 and 9.1.23. This release fixes two security issues. It also patches a number of other bugs reported over the last three months. Users who rely on security isolation between database users should update as soon as possible. Other users should plan to update at the next convenient downtime. If you are using the ICU patch, please consult UPDATING. Improve periodic cleanup, suggested by claudius (at) ambtec.de. [1] PR: 210941 [1] Security: CVE-2016-5423, CVE-2016-5424 Changes: head/UPDATING head/databases/postgresql91-server/Makefile head/databases/postgresql91-server/distinfo head/databases/postgresql91-server/files/502.pgsql.in head/databases/postgresql92-server/Makefile head/databases/postgresql92-server/distinfo head/databases/postgresql92-server/files/502.pgsql.in head/databases/postgresql93-server/Makefile head/databases/postgresql93-server/distinfo head/databases/postgresql93-server/files/502.pgsql.in head/databases/postgresql94-server/Makefile head/databases/postgresql94-server/distinfo head/databases/postgresql94-server/files/502.pgsql.in head/databases/postgresql95-server/Makefile head/databases/postgresql95-server/distinfo head/databases/postgresql95-server/files/502.pgsql.in
Committed. Thanks!
A commit references this bug: Author: feld Date: Wed Aug 24 14:30:49 UTC 2016 New revision: 420792 URL: https://svnweb.freebsd.org/changeset/ports/420792 Log: MFH: r420089 r420093 The PostgreSQL Global Development Group has released an update to all supported versions of our database system, including 9.5.4, 9.4.9, 9.3.14, 9.2.18 and 9.1.23. This release fixes two security issues. It also patches a number of other bugs reported over the last three months. Users who rely on security isolation between database users should update as soon as possible. Other users should plan to update at the next convenient downtime. If you are using the ICU patch, please consult UPDATING. Improve periodic cleanup, suggested by claudius (at) ambtec.de. [1] PR: 210941 [1] Security: CVE-2016-5423, CVE-2016-5424 Approved by: ports-secteam (with hat) Changes: _U branches/2016Q3/ branches/2016Q3/UPDATING branches/2016Q3/databases/postgresql91-server/Makefile branches/2016Q3/databases/postgresql91-server/distinfo branches/2016Q3/databases/postgresql91-server/files/502.pgsql.in branches/2016Q3/databases/postgresql92-server/Makefile branches/2016Q3/databases/postgresql92-server/distinfo branches/2016Q3/databases/postgresql92-server/files/502.pgsql.in branches/2016Q3/databases/postgresql93-server/Makefile branches/2016Q3/databases/postgresql93-server/distinfo branches/2016Q3/databases/postgresql93-server/files/502.pgsql.in branches/2016Q3/databases/postgresql94-server/Makefile branches/2016Q3/databases/postgresql94-server/distinfo branches/2016Q3/databases/postgresql94-server/files/502.pgsql.in branches/2016Q3/databases/postgresql95-server/Makefile branches/2016Q3/databases/postgresql95-server/distinfo branches/2016Q3/databases/postgresql95-server/files/502.pgsql.in