Remove expired/expiring ports:
2016-10-01 databases/postgresql91-client: End-of-life is near
2016-10-08 databases/postgresql91-pgtcl: Depends on expired PostgreSQL 9.1
2016-10-01 databases/postgresql91-server: End-of-life is near
2016-10-08 databases/postgresql-pllua: Depends on expired PostgreSQL 9.1

- Update devel/icu to 57.1.
- Clean up the Makefile.
- Follow some upstream recommendations (--with-data-packaging=archive,
  --disable-renaming, -DICU_NO_USER_DATA_OVERRIDE).
- Patch makefiles to install static libraries with INSTALL_DATA so they
  aren't stripped.
- Patch config/mh-bsd-gcc to sync with config/mh-linux-gcc.
- Fix endianness detection in ICU.  The code wanted to use BYTE_ORDER
  defined in machine/endian.h, but this isn't visible because ICU is
  compiled with _XOPEN_SOURCE.  Patch the code to use _BYTE_ORDER instead.
- Compile ICU with C++11 compiler to enable move constructors.
- Patch ICU to fix a problem with atomics in the case of a C++11 compiler
  without C++11 header <atomic> (like Clang on FreeBSD 9).
- Bump all ports that depend on it due to library version change.
- Add USES=compiler:c++0x to some ports that pick up -std=c++0x from ICU
  pkgconfig files.
- Add USES=compiler:c++11-lib to graphics/libcdr01 because it also needs
  a C++11 runtime library now.  Add this to all ports that depend on it
  so their executables load the right libstdc++.so on FreeBSD 9.

PR:		205120
Exp-run by:	antoine
Approved by:	portmgr (antoine)

- fix sizes
- s/USE_OPENSSL/USES=ssl/

assumed OK for commit ~1h after first notify about wrong sizes in distinfo

The PostgreSQL Global Development Group has released an update to all supported
versions of our database system, including 9.5.4, 9.4.9, 9.3.14, 9.2.18 and
9.1.23. This release fixes two security issues. It also patches a number of
other bugs reported over the last three months. Users who rely on security
isolation between database users should update as soon as possible. Other users
should plan to update at the next convenient downtime.

If you are using the ICU patch, please consult UPDATING.

Improve periodic cleanup, suggested by claudius (at) ambtec.de. [1]

PR:		210941 [1]
Security:	CVE-2016-5423, CVE-2016-5424

Bump PORTREVISION for the icu revert.

This time not bumping lang/php70, but devel/php70-intl which is the one
really depending on icu.

PR:		205120
With hat:	portmgr
Sponsored by:	Absolight

devel/icu: bump PORTREVISION on dependent ports

Rename all files containing a : in their filename.

While there, run make makepatch on affected ports, and rename patches
accordingly.

Sponsored by:	Absolight

- Fix trailing whitespace in pkg-messages

Approved by:	portmgr blanket

Update PostgreSQL to latest versions

URL:	http://www.postgresql.org/docs/9.5/static/release-9-5-3.html

Remove ${PORTSDIR}/ from dependencies, categories d, e, f, and g.

With hat:	portmgr
Sponsored by:	Absolight

Update PostgreSQL 9.1, 9.2 9.3 and 9.4 to latest versions.

URL:	http://www.postgresql.org/about/news/1656/

Update PostgreSQL to latest versions.

Security Fixes for Regular Expressions, PL/Java

This release closes security hole CVE-2016-0773, an issue with regular
expression (regex) parsing. Prior code allowed users to pass in expressions
which included out-of-range Unicode characters, triggering a backend crash.
This issue is critical for PostgreSQL systems with untrusted users or which
generate regexes based on user input.

The update also fixes CVE-2016-0766, a privilege escalation issue for users of
PL/Java.  Certain custom configuration settings (GUCS) for PL/Java will now be
modifiable only by the database superuser

URL:		http://www.postgresql.org/about/news/1644/
Security:	CVE-2016-0773, CVE-2016-0766

Some binaries where moved from contrib to base in 9.5, like pgbench and
pg_upgrade. Other where added in 9.5, but the port failed to install them.
Make sure they are properly installed by the correct port (-client or -server)
[1]

Remove unused and hence confusing OSSP_UUID parameters from Makefile [2]

Add options to allow user to be set for the backup script in periodic.
Add this option only to 9.5 for now. It will be updated to other servers at
next regular patch release. [3]

The path to perl in hard coded into pgxs/src/Makefile.global which is
then installed. Hence, we must depend on perl when that file is installed.

Noticed by:	Paul Guyot [1]
PR:		192387 [2]
PR:		172110 [3]
PR:		206046 [4]

Drop 8 support.

With hat:	portmgr
Sponsored by:	Absolight
Differential Revision:	https://reviews.freebsd.org/D3694

Update PostgreSQL port to latest version.

Two security issues have been fixed in this release which affect users
of specific PostgreSQL features:

CVE-2015-5289: json or jsonb input values constructed from arbitrary
user input can crash the PostgreSQL server and cause a denial of
service.

CVE-2015-5288: The crypt( function included with the optional pgCrypto
extension could be exploited to read a few additional bytes of memory.
No working exploit for this issue has been developed.

This update will also disable SSL renegotiation by default;
previously, it was enabled by default.   SSL renegotiation will be
removed entirely in PostgreSQL versions 9.5 and later.

URL:		http://www.postgresql.org/about/news/1615/
Security:	CVE-2015-5288 CVE-2015-5289

Really fix ldap option

Fix ldap option

Only defined options marked as server only for the servers
Remove (server) from the description

UNIQUENAME is not used anymore for long to save options

Simplify a bit the Makefiles

Use OPTIONS_SUB to automatically PLIST_SUB
Use OPTIONS helpers

Cleanup plist and avoid useless @exec

Update PostgreSQL to latest versions.

Earlier update releases attempted to fix an issue in PostgreSQL 9.3 and 9.4
with "multixact wraparound", but failed to account for issues doing multixact
cleanup during crash recovery. This could cause servers to be unable to restart
after a crash. As such, all users of 9.3 and 9.4 should apply this update as
soon as possible.

URL:	http://www.postgresql.org/about/news/1592/

Update PostgreSQL to latest versions.
The update is mostly to fix the file persmission problem described
in the URL below. You might want to wait until next upgrade, depending
on you local configuration.
URL:	http://www.postgresql.org/about/news/1590/

Update PostgreSQL ports to latest version.

Data Corruption Fix

For users of PostgreSQL versions 9.3 or 9.4, this release fixes a problem where
the database will fail to protect against "multixact wraparound", resulting in
data corruption or loss. Users with a high transaction rate (1 million or more
per hour) in a database with many foreign keys are especially vulnerable. We
strongly urge all users of 9.4 and 9.3 to update their installations in the
next few days.

Users of versions 9.2 and earlier are not affected by this issue.

Security:	fc38cd83-00b3-11e5-8ebd-0026551a22dc

MASTER_SITES cleanup.

- Replace ${MASTER_SITE_FOO} with FOO.
- Merge MASTER_SITE_SUBDIR into MASTER_SITES when possible. (This means 99.9%
  of the time.)
- Remove occurrences of MASTER_SITE_LOCAL when no subdirectory was present and
  no hint of what it should be was present.
- Fix some logic.
- And generally, make things more simple and easy to understand.

While there, add magic values to the FESTIVAL, GENTOO, GIMP, GNUPG, QT and
SAMBA macros.

Also, replace some EXTRACT_SUFX occurences with USES=tar:*.

Checked by:	make fetch-urlall-list
With hat:	portmgr
Sponsored by:	Absolight

Commit the missing part of last commit: Chase upcoming update of ICU to 5.5.

Chase upcoming update of ICU to 5.5.

remove redundant cpe markers on the slave ports

databases category: Remove $PTHREAD_LIBS

Note: virtuoso did not pass check-plist from before, so it was fixed.

approved by:	PTHREAD blanket

databases/postgresql91-server: add CPE information

- Maintainer's timeout (pgsql@FreeBSD.org)

PR:		197486
Submitted by:	Shun <shun.fbsd.pr@dropcut.net>

Revert the change from readline to libedit, and instead make libedit optional.
PR:	ports/197362

Update PostgreSQL-9.x to latests versions.

This update fixes multiple security issues reported in PostgreSQL over the past
few months. All of these issues require prior authentication, and some require
additional conditions, and as such are not considered generally urgent.
However, users should examine the list of security holes patched below in case
they are particularly vulnerable.

Security:	CVE-2015-0241,CVE-2015-0242,CVE-2015-0243,
		CVE-2015-0244,CVE-2014-8161

Revert r247147.
We need -pthread in LDFLAGS for threaded extensions like plv8js to work.

PR:		175783
Submitted by:	Li-Wen Hsu <lwhsu@FreeBSD.org>

Turn OPTIONS_SINGLE KRB5 into an OPTIONS_RADIO like it is supposed to be

PR:		193451
Submitted by:	dmitry2004@yandex.ru

Convert pgsql ports to use USES+=pgsql

Reviewed by:	bapt

- Unbreak builds after the lang/python27 update (r363790)

Exp-run:	192242, 192244

Update to the latest snapshots.

uuid-ossp patch has been outdated with irrelevant changes (for us),
so massage back in.

In head of postgresql, this is handled properly, so eventually the ossp patches
can go.

net/openldap24-*:
- Convert to USES=libtool and bump dependent ports
- Avoid USE_AUTOTOOLS
- Don't use PTHREAD_LIBS
- Use MAKE_CMD

databases/glom:
- Drop :keepla
- Add INSTALL_TARGET=install-strip

databases/libgda4* databases/libgda5*:
- Convert to USES=libtool and bump dependent ports
- USES=tar:xz
- Use INSTALL_TARGET=install-strip
- Use @sample

Fix non default LIB_DEPENDS

With hat:	portmgr

Properly call MAKE_CMD

Fix bad ICU_patchfile

PR:		191044
Submitted by:	melvyn

In preparation for upcoming ICU-5.3 upgrade, I failed to update distfile on
slave ports

The FreeBSD x11@ and graphics team proudly presents
a zeising, kwm production, with help from dumbbell, bdrewery:

NEW XORG ON FREEBSD 9-STABLE AND 10-STABLE

This update switches over to use the new xorg stack by default on FreeBSD 9
and 10 stable, on osversions where vt(9) is available.
It is still possible to use the old stack by specifying WITHOUT_NEW_XORG in
/etc/make.conf .
FreeBSD 8-STABLE and released versions of FreeBSD still use
the old version.
A package repository with binary packages for new xorg will
be available soon.

This patch also contains updates of libxcb and related ports, pixman, as well

Fix mistake with ossp-uuid: don't use --with-ossp-uuid, since it will need
the ossp library present, and then we never use it.

The PostgreSQL Global Development Group has released an update to all supported
version of the database system, including versions 9.3.4, 9.2.8, 9.1.13,
9.0.17, and 8.4.21. This minor release fixes a data corruption issue with
replication and crash recovery in version 9.3, as well as several other minor
issues in all versions.  All users of version 9.3 are urged to update their
installations at the next possible downtime.  Users of older versions should
update at their convenience.

The data corruption issue in PostgreSQL 9.3 affects binary replication
standbys, servers being recovered from point-in-time-recovery backup, and
standalone servers which recover from a system crash. The bug causes
unrecoverable index corruption during recovery due to incorrect replay of row
locking operations.  This can then cause query results to be inconsistent
depending on whether or not an index is used, and eventually lead to primary
key violations and similar issues.  For this reason, users are encouraged to

Stage support

Reviewed by:	postgresql@
Tested by:	miwi and me

remove missing tzdata files

The PostgreSQL Global Development Group has released an important
update to all supported versions of the PostgreSQL database system,
which includes minor versions 9.3.3, 9.2.7, 9.1.12, 9.0.16, and
8.4.20. This update contains fixes for multiple security issues, as
well as several fixes for replication and data integrity issues.  All
users are urged to update their installations at the earliest
opportunity, especially those using binary replication or running a
high-security application.

This update fixes CVE-2014-0060, in which PostgreSQL did not properly
enforce the WITH ADMIN OPTION permission for ROLE management. Before
this fix, any member of a ROLE was able to grant others access to the
same ROLE regardless if the member was given the WITH ADMIN OPTION
permission. It also fixes multiple privilege escalation issues,
including: CVE-2014-0061, CVE-2014-0062, CVE-2014-0063, CVE-2014-0064,
CVE-2014-0065, and CVE-2014-0066. More information on these issues can
be found on our security page and the security issue detail wiki page.

Security:	CVE-2014-0060,CVE-2014-0061,CVE-2014-0062,CVE-2014-0063
		CVE-2014-0064,CVE-2014-0065,CVE-2014-0066,CVE-2014-0067

fix messed up file sizes for icu patch

Chase ICU update

Chase boost and icu bump
While here convert some LIB_DEPENDS

In preparation for making libtool generate libraries with a sane name, fix all
LIB_DEPENDS in databases

The PostgreSQL Global Development Group has released a critical update
to all supported versions of the PostgreSQL database system, which
includes minor versions 9.3.2, 9.2.6, 9.1.11, 9.0.15, and 8.4.19. This
update fixes three serious data-loss bugs affecting replication and
database maintenance.  All users are urged to update their
installations at the earliest opportunity.

URL:	http://www.postgresql.org/about/news/1492/

- Fix PLIST for python3

Submitted by:	sunpoet (myself)
Approved by:	crees (pgsql)

- Remove DISTV: only used in PKGNAMESUFFIX and complained by portlint
- Convert to new LIB_DEPENDS format for postgresql*-contrib

Submitted by:	sunpoet (myself)
Reviewed by:	crees (pgsql)
Approved by:	jgh (pgsql)

Update PostgreSQL ports to 9.3.1, 9.2.5, 9.1.10, 9.0.14, and 8.4.18.

Note that users of the hstore extension on version 9.3 must take an additional,
post upgrade step of running "ALTER EXTENSION hstore UPDATE" in each database
after update.

URL:	http://www.postgresql.org/about/news/1487/

- Fix pkg name collision

Reviewed by: pgsql@
With hat: pgsql@

- revert r329725

Reported by: qat@
With hat: pgsql@

- Fix pkg name collision

Reviewed by: crees@
With hat: pgsql@

Add NO_STAGE all over the place in preparation for the staging support (cat:
databases)

- convert from USE_GMAKE to USES=gmake
- trim historical headers

With hat: pgsql@

Don't build client with ldap-- this is unnecessary and causes build breakage
for package building because of lack of LDAP installation.

PR:		ports/177381
Tested by:	Chris Dukes <chris.dukes.aix@gmail.com>

databases/postgresql-server ports: Unbreak NLS

Submitted by:	bapt

databases/postgresql{84,91,92}-server: Readd bsd.port.pre.mk; it is required for
checking existence of files in FILESDIR

Convert USE_GETTEXT -> USES=gettext

While here:
- Trim headers
- Remove some useless pre.mk/post.mk
- Convert to optionsng

The PostgreSQL Global Development Group has released a security
update to all current versions of the PostgreSQL database system,
including versions 9.2.4, 9.1.9, 9.0.13, and 8.4.17. This update
fixes a high-exposure security vulnerability in versions 9.0 and
later. All users of the affected versions are strongly urged to apply
the update *immediately*.

A major security issue (for versions 9.x only) fixed in this release,
[CVE-2013-1899](http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-1899),
makes it possible for a connection request containing a database name
that begins with "-" to be crafted that can damage or destroy files
within a server's data directory. Anyone with access to the port the
PostgreSQL server listens on can initiate this request. This issue was
discovered by Mitsumasa Kondo and Kyotaro Horiguchi of NTT Open Source
Software Center.

PostgreSQL 9.2.3, 9.1.8, 9.0.12, 8.4.16 and 8.3.23 released

This update fixes a denial-of-service (DOS) vulnerability.  All users
should update their PostgreSQL installations as soon as possible.

The security issue fixed in this release, CVE-2013-0255, allows a
previously authenticated user to crash the server by calling
an internal function with invalid arguments.

URL:	http://www.postgresql.org/about/news/1446/
Security: http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-0255

Remove versioned PKGNAMESUFFIX from -plpython ports; the versions differ anyway

Submitted by:	sunpoet

Fix package build for -plpython

Although the plpython work was done by rm, this problem was actually my fault

Noticed by:	sunpoet

- add pkg-plist changes, forgotten in r310678
- fix portname in MOVED
- remove trailing whitespace in MOVED, while here

- remove broken configurable non-default user/group for postgresql-server
- while here fix formatting of new header

With hat: pgsql@

Chase ICU update properly and bump PORTREVISION

Chase ICU update to 50

The PostgreSQL Global Development Group has released an update to all current
versions of the PostgreSQL database system, including versions 9.2.2, 9.1.7,
9.0.11, 8.4.15, and 8.3.22.  Users of PostgreSQL Hot Standby replication
should update at the next possible opportunity. Other users should update
at their next maintenance window.

Deprecate the 8.3.22 version, since it is near end-of-life.

URL:	http://www.postgresql.org/about/news/1430/

Feature safe: yes

- adopt optionsNG

with hat pgsql@
Feature safe: yes

Update PostgreSQL to 9.2.1, 9.1.6, 9.0.10, 8.4.14 and 8.3.21 respectively.

This update fixes critical issues for major versions 9.1 and 9.2, and
users running those versions should apply it as soon as possible.

URL:	http://www.postgresql.org/about/news/1416/

Use pre-build instead of pre-everything for backupwarning-- stop making people
wait before fetching etc

Suggested by:	ohauer
Discussed with:	girgen

While here, fix package for postgresql92-server

The PostgreSQL Global Development Group today released security updates for all
active branches
of the PostgreSQL database system, including versions 9.1.5, 9.0.9, 8.4.13 and
8.3.20. This
update patches security holes associated with libxml2 and libxslt, similar to
those affecting
other open source projects. All users are urged to update their installations at
the first
available opportunity.

This security release fixes a vulnerability in the built-in XML functionality,
and a vulnerability
in the XSLT functionality supplied by the optional XML2 extension. Both
vulnerabilities allow
reading of arbitrary files by any authenticated database user, and the XSLT
vulnerability
allows writing files as well. The fixes cause limited backwards compatibility
issues.
These issues correspond to the following two vulnerabilities:

CVE-2012-3488: PostgreSQL insecure use of libxslt
CVE-2012-3489: PostgreSQL insecure use of libxml2
This release also contains several fixes to version 9.1, and a smaller number of
fixes to older versions, including:

The PostgreSQL Global Development Group today released security updates for all
active branches of the PostgreSQL database system, including versions 9.1.4,
9.0.8, 8.4.12 and 8.3.19.

Users of the crypt(text, text) function with DES encryption in the optional
pg_crypto module should upgrade their installations immediately, if you have'nt
already updated since the port was patched on May 30.  All other database
administrators are urged to upgrade your version of PostgreSQL at the
next scheduled downtime.

URL:      http://www.postgresql.org/about/news/1398/

Security: http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-2143
          Fix incorrect password transformation in contrib/pgcrypto’s DES
crypt() function
          This was fixed in a patch release for the FreeBSD ports on May 30.

Security: http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-2655
          Ignore SECURITY DEFINER and SET attributes for a procedural
language’s call handle

- Address postgresql*-servers for crypt vulnerability (CVE-2012-2143)

http://www.postgresql.org/about/news/1397/

With hat: pgsql

Break postgresql-pltcl up into versioned ports; now we will have packages

Fix plist for 9.1

Various tidiness patches:
 - Compact -plperl ports
 - Portlint for 90-plperl
 - Update version numbers in pkg-install-server
 - s/spaces/tabs/
 - Use ${} instead of $()
 - s/YES/yes/
 - Tidy IGNORE values

Submitted by:   sunpoet

Don't clobber do-build from slave ports

PR:             ports/165265
Submitted by:   Ben Morrow <ben@morrow.me.uk>

Over to new team, pgsql@FreeBSD.org

Fix plist.

Pointyhat:      pav --> girgen

The PostgreSQL Global Development Group today released security updates for all
active branches of the PostgreSQL object-relational database system, including
versions 9.1.3, 9.0.7, 8.4.11 and 8.3.18.

Users of pg_dump, users of SSL certificates for validation or users of triggers
using SECURITY DEFINER should upgrade their installations immediately. All
other database administrators are urged to upgrade your version of PostgreSQL
at the next scheduled downtime. More details on the security fixes here:

URL:    http://www.postgresql.org/about/news/1377/

Security: http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-0866
Security: http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-0867
Security: http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-0868

Remove p5- from postgresql*-plperl 's mention in pkg-message-client

Fix -plperl plist for 9.1

Install new pg_basebackup tool by default

Submitted by:   kuriyama

Minor changes for UNIQUENAME; remove excessive hyphens

Apologies for the noise here; I'm getting used to the consequences of
slaving ports like this-- postgresql has an unusual arrangement here.

Submitted by:   Neil Darlow (neil@darlow.co.uk)

- Stop clobbering postgresql-server/-client OPTIONS with -contrib OPTIONS
- Minor optimisation (stop testing for !SLAVE_ONLY twice)

PR:             ports/164662

Use DISTVERSION instead of PORTVERSION to generate UNIQUENAME; options
don't work correctly otherwise.

http://lists.freebsd.org/pipermail/freebsd-ports/2012-January/072756.html

Pointyhat:      crees

- To preserve my sanity, slave 82 and 83 to 84, and 90 to 91, resulting in
  three fewer Makefiles to maintain

- Switch patch master site

- Various cleanups

Add OPTION to postgresql9[10]-contrib for building without uuid-ossp

Requested by:   sunpoet

- Add profile support for PostgreSQL servers
- re-assign LOCALBASE to PREFIX
- add PG_GROUP to SUB_PLIST for packaging fix
- fix permissions for package installations

PR:     ports/162776
Submitted by:   jgh, Phil Phillips < pphillips at experts-exchange.com >
Reviewed by: rene (mentor)
Approved by: crees (maintainer, mentor)

fix typo %%PG_GROUP%% in pkg-plist-server

Spotted by: decke
Approved by:    crees, rene (mentors,implicit)

- Reset ports due to maintainer timeouts and lack of response to emails

With hat:       portmgr

Fix plist to create directory with proper ownerships PostgreSQL database
may start.

PR:     ports/164273 (critical)
Submitted by: Alexander Yerenkow <yerenkow at gmail.com>
Approved by:    maintainer-timeout: girgen (1 day), portmgr (linimon)

In the rc.d scripts, change assignments to rcvar to use the
literal name_enable wherever possible, and ${name}_enable
when it's not, to prepare for the demise of set_rcvar().

In cases where I had to hand-edit unusual instances also
modify formatting slightly to be more uniform (and in
some cases, correct). This includes adding some $FreeBSD$
tags, and most importantly moving rcvar= to right after
name= so it's clear that one is derived from the other.

The PostgreSQL Global Development Group today released updates for all
active branches of the PostgreSQL object-relational database system,
including versions 9.1.2, 9.0.6, 8.4.10, 8.3.17 and 8.2.23.

This release contains 52 fixes to version 9.1, and a smaller number of
fixes to older versions, including:

- Fix bugs in information_schema.referential_constraints view**
- Correct collations for citext columns and indexes**
- Prevent possible crash when joining to a scalar function
- Prevent transitory data corruption of GIN indexes after a crash
- Prevent data corruption on TOAST columns when copying data
- Fix failures during hot standby startup
- Correct another "variable not found in subplan target list" bug
- Fix bug with sorting on aggregate expressions in windowing functions