226205 – databases/postgresql10-server: MFH to 2018Q1

Bug 226205 - databases/postgresql10-server: MFH to 2018Q1

Summary: databases/postgresql10-server: MFH to 2018Q1

Status:	Closed FIXED

Alias:	None

Product:	Ports & Packages
Classification:	Unclassified
Component:	Individual Port(s) (show other bugs)
Version:	Latest
Hardware:	Any Any

Importance:	--- Affects Many People
Assignee:	pgsql

URL:	http://vuxml.freebsd.org/freebsd/c602...
Keywords:

Depends on:
Blocks:

Reported:	2018-02-25 18:44 UTC by swegen
Modified:	2018-02-26 10:01 UTC (History)
CC List:	2 users (show)

See Also:

Flags:	bugzilla: maintainer-feedback? (pgsql)

Attachments
Add an attachment (proposed patch, testcase, etc.)

Note You need to log in before you can comment on or make changes to this bug.

Description swegen 2018-02-25 18:44:24 UTC

PostgreSQL is still vulnerable in the current quarterly branch since 2018-02-08. Why an MFH is not requested?

Comment 1 Palle Girgensohn freebsd_committer

2018-02-26 09:59:52 UTC

I had some weird conflicts when trying yo MFH those fixes the first time around, and didn't have time to look into it.

The vulnerabilites in these CVE:s are really not relevent for a mainstream FreeBSD ports installation of postgresql, since it has to do with pg_upgrade, which is badly supported, and postgresql10-server, which is not the default version. Hence it has not been top priority.

Best regards,
Palle