K 10
svn:author
V 6
girgen
K 8
svn:date
V 27
2016-02-14T19:35:49.031893Z
K 7
svn:log
V 756
MFH: r408835

Update PostgreSQL to latest versions.

Security Fixes for Regular Expressions, PL/Java

This release closes security hole CVE-2016-0773, an issue with regular
expression (regex) parsing. Prior code allowed users to pass in expressions
which included out-of-range Unicode characters, triggering a backend crash.
This issue is critical for PostgreSQL systems with untrusted users or which
generate regexes based on user input.

The update also fixes CVE-2016-0766, a privilege escalation issue for users of
PL/Java.  Certain custom configuration settings (GUCS) for PL/Java will now be
modifiable only by the database superuser

URL:		http://www.postgresql.org/about/news/1644/
Security:	CVE-2016-0773, CVE-2016-0766
Approved by:	ports-secteam

END