Postgresql 8.2 branch - keep it in tree
utisoft at gmail.com
Mon Mar 26 19:13:12 UTC 2012
On 26 March 2012 07:26, Radim Kolar <hsn at filez.com> wrote:
>> I'm afraid it's not only end of life by upstream, but also vulnerable in
>> more than one CVE, and will not be fixed.
> CVE Yes, but if you need particular DB version for your app, user will
> install it anyway. For security related point of view it does not matter if
> he installs it from ports or not.
>> Can you give more detail on exactly what you are trying to do?
> According to app supplier it does not work in newer pgsql because:
> 1. Tsearch2 module changed
> 2. system catalogue changed
> 3. string escaping is slightly different
> There are no plans to update application to newer pgsql at this moment.
> Similar problem will be with postgresql 8.3. It is only known version which
> works with hyperic hq, hibernate complains on other version - "cant store
> XXXX class".
> 2) Booting tomcat 5.5 from tree is the same problem. It will be still in use
> for years, supported upstream or not. Most java apps today are still for
> tomcat 5.5
> People dont care about CVE, they care about applications. Mark these ports
> as vulnerable, but keep them in port tree.
Radim, if you ever need the port in future, the following will come in handy:
cvs -d :pserver:anoncvs at anoncvs.fr.FreeBSD.org:/home/ncvs login
for dir in server client contrib
do cvs -d :pserver:anoncvs at anoncvs.fr.FreeBSD.org:/home/ncvs co -D
You can always get the port's files-- they will not disappear forever.
More information about the freebsd-ports