Gentoo Websites Logo
Go to: Gentoo Home Documentation Forums Lists Bugs Planet Store Wiki Get Gentoo!
Bug 627462 (CVE-2017-7546, CVE-2017-7547, CVE-2017-7548) - <dev-db/postgresql-{9.2.22,9.3.18,9.4.13,9.5.8,9.6.4}: multiple vulnerabilities (CVE-2017-{7546,7547,7548})
Summary: <dev-db/postgresql-{9.2.22,9.3.18,9.4.13,9.5.8,9.6.4}: multiple vulnerabiliti...
Status: RESOLVED FIXED
Alias: CVE-2017-7546, CVE-2017-7547, CVE-2017-7548
Product: Gentoo Security
Classification: Unclassified
Component: Vulnerabilities (show other bugs)
Hardware: All Linux
: Normal normal (vote)
Assignee: Gentoo Security
URL: https://www.postgresql.org/about/news...
Whiteboard: A1 [glsa cve]
Keywords:
: 624944 (view as bug list)
Depends on:
Blocks: python-3.5-stable CVE-2017-7484, CVE-2017-7485, CVE-2017-7486
  Show dependency tree
 
Reported: 2017-08-10 14:56 UTC by Aaron W. Swenson
Modified: 2018-04-02 23:01 UTC (History)
5 users (show)

See Also:
Package list:
Runtime testing required: No


Attachments

Note You need to log in before you can comment on or make changes to this bug.
Description Aaron W. Swenson gentoo-dev 2017-08-10 14:56:53 UTC
The CVE notes from $URL are copied in the next section.

7546 is the most severe as it would allow a remote user to gain privileged access without a password. This would allow an attacker unrestricted access to the database if a DBA were so foolish to set an empty password for a database superuser account.

7547 can reveal passwords used to access other databases, not necessarily the database the user is directly connected to.

The least severe is 7548 which would lead to data corruption or other malicious modification of data stored within the database, but the remote user must have gained access to the system.

====================================

CVE-2017-7546: Empty password accepted in some authentication methods

libpq, and by extension any connection driver that utilizes libpq, ignores empty passwords and does not transmit them to the server. When using libpq or a libpq-based connection driver to perform password-based authentication methods, it would appear that setting an empty password would be the equivalent of disabling password login. However, using a non-libpq based connection driver could allow a client with an empty password to log in.

To fix this issue, this update disables empty passwords from being submitted in any of the password-based authentication methods. The server will reject any empty passwords from being set on accounts.

**********************************

CVE-2017-7547: The "pg_user_mappings" catalog view discloses passwords to users lacking server privileges

This fix pertains to the usage of the foreign data wrapper functionality, particularly for the user mapping feature.

Before this fix, a user had access to see the options in pg_user_mappings even if the user did not have the USAGE permission on the associated foreign server. This meant that a user could see details such as a password that might have been set by the server administrator rather than the user.

This fix will only fix the behavior in newly created clusters utilizing initdb. To fix this issue on existing systems, you will need to follow the below steps. For more details, please see the release notes.

In your postgresql.conf file, add the following:

allow_system_table_mods = true
After adding that line, you will need to restart your PostgreSQL cluster.

In each database of the cluster, run the following commands as a superuser:

SET search_path = pg_catalog;
CREATE OR REPLACE VIEW pg_user_mappings AS
SELECT
    U.oid       AS umid,
    S.oid       AS srvid,
    S.srvname   AS srvname,
    U.umuser    AS umuser,
    CASE WHEN U.umuser = 0 THEN
        'public'
    ELSE
        A.rolname
    END AS usename,
    CASE WHEN (U.umuser <> 0 AND A.rolname = current_user
                 AND (pg_has_role(S.srvowner, 'USAGE')
                      OR has_server_privilege(S.oid, 'USAGE')))
                OR (U.umuser = 0 AND pg_has_role(S.srvowner, 'USAGE'))
                OR (SELECT rolsuper FROM pg_authid WHERE rolname = current_user)
                THEN U.umoptions
             ELSE NULL END AS umoptions
FROM pg_user_mapping U
LEFT JOIN pg_authid A ON (A.oid = U.umuser)
JOIN pg_foreign_server S ON (U.umserver = S.oid);
You also need to run the command on your template0 and template1 databases, otherwise the vulnerability will exist in future databases that you create.

First, you will need to allow template0 to accept connections. In PostgreSQL 9.5 you can run the following:

ALTER DATABASE template0 WITH ALLOW_CONNECTIONS true;
In PostgreSQL 9.4 and below, you will have to run this command:

UPDATE pg_database SET datallowconn = true WHERE datname = 'template0';
Then, in your template0 and template1 databases, run the commands as describe in Step 3

When you are done, you will need to disallow connections from template0. In PostgreSQL 9.5, you can run the following:

ALTER DATABASE template0 WITH ALLOW_CONNECTIONS false;
In PostgreSQL 9.4 and below, you will have to run the following:

UPDATE pg_database SET datallowconn = false WHERE datname = 'template0';
Remove the following line from your postgresql.conf file:

allow_system_table_mods = false
Restart your PostgreSQL cluster

For more details, please see the release notes.

**********************************

CVE-2017-7548: lo_put() function ignores ACLs

The lo_put() function should require the same permissions as lowrite(), but there was a missing permission check which would allow any user to change the data in a large object.

To fix this, the lo_put() function was changed to check the UPDATE privileges on the target object.

==================================

Stabilization targets:
=dev-db/postgresql-9.2.22 ~alpha ~amd64 ~arm ~arm64 ~hppa ~ia64 ~ppc ~ppc64 ~sparc ~x86
=dev-db/postgresql-9.3.18 ~alpha ~amd64 ~arm ~arm64 ~hppa ~ia64 ~ppc ~ppc64 ~sparc ~x86
=dev-db/postgresql-9.4.13 ~alpha ~amd64 ~arm ~arm64 ~hppa ~ia64 ~ppc ~ppc64 ~sparc ~x86
=dev-db/postgresql-9.5.8 ~amd64 ~arm ~arm64 ~hppa ~ia64 ~ppc ~ppc64 ~sparc ~x86
=dev-db/postgresql-9.6.4 ~amd64 ~arm ~ia64

As noted previously, upstream has dropped support for Alpha beginning 9.5 which is why it's excluded on the last two targets.

Slot 9.6 only had 3 arches stabilized (bug 624432), so only those are listed here.

==================================

Since there may be some new arch testers, here's how I test these:

# for u in -server server ; do FEATURES="userpriv test" USE="$u" emerge -v dev-db/postgresql:9.{2..6} || break ; done

Or:
# for p in postgresql-9.* postgresql-10* ; do USE="-server" ebuild $p {clean,install} || break ; done
# for p in postgresql-9.* postgresql-10* ; do USE="server" FEATURES="userpriv test" ebuild $p {clean,install} || break ; done
Comment 1 Stabilization helper bot gentoo-dev 2017-08-10 15:00:32 UTC
An automated check of this bug failed - the following atoms are unknown:

dev-db/postgresql-9.3.18
dev-db/postgresql-9.4.13
dev-db/postgresql-9.5.8
dev-db/postgresql-9.6.4
dev-db/postgresql-9.2.22

Please verify the atom list.
Comment 2 Aaron W. Swenson gentoo-dev 2017-08-10 15:04:32 UTC
Packages pushed to tree.

commit 8475b7b1352af134678fe0280d97478a8e713013 (HEAD -> master, origin/master, origin/HEAD)
Author: Aaron W. Swenson <titanofold@gentoo.org>
Date:   Thu Aug 10 11:03:21 2017 -0400

    dev-db/postgresql: Security Version Bump

    Security releases:
      9.2.22
      9.3.18
      9.4.13
      9.5.8
      9.6.4

    Version bump:
      10_beta3

    Three security vulnerabilities have been closed by this release:
     * CVE-2017-7546: Empty password accepted in some authentication methods
     * CVE-2017-7547: The "pg_user_mappings" catalog view discloses passwords
                      to users lacking server privileges
     * CVE-2017-7548: lo_put() function ignores ACLs

    Full release notes at: https://www.postgresql.org/about/news/1772/

    Gentoo-Bug: 627462

    Package-Manager: Portage-2.3.6, Repoman-2.3.1
Comment 3 Stabilization helper bot gentoo-dev 2017-08-10 16:03:24 UTC
An automated check of this bug failed - repoman reported dependency errors (35 lines truncated): 

> dependency.bad dev-db/postgresql/postgresql-9.2.22.ebuild: DEPEND: hppa(default/linux/hppa/13.0) ['>=app-eselect/eselect-postgresql-2.0']
> dependency.bad dev-db/postgresql/postgresql-9.2.22.ebuild: RDEPEND: hppa(default/linux/hppa/13.0) ['>=app-eselect/eselect-postgresql-2.0']
> dependency.bad dev-db/postgresql/postgresql-9.3.18.ebuild: DEPEND: hppa(default/linux/hppa/13.0) ['>=app-eselect/eselect-postgresql-2.0']
> dependency.bad dev-db/postgresql/postgresql-9.2.22.ebuild: DEPEND: hppa(default/linux/hppa/13.0) ['>=app-eselect/eselect-postgresql-2.0']
> dependency.bad dev-db/postgresql/postgresql-9.2.22.ebuild: RDEPEND: hppa(default/linux/hppa/13.0) ['>=app-eselect/eselect-postgresql-2.0']
> dependency.bad dev-db/postgresql/postgresql-9.3.18.ebuild: DEPEND: hppa(default/linux/hppa/13.0) ['>=app-eselect/eselect-postgresql-2.0']
> dependency.bad dev-db/postgresql/postgresql-9.2.22.ebuild: DEPEND: hppa(default/linux/hppa/13.0) ['>=app-eselect/eselect-postgresql-2.0']
> dependency.bad dev-db/postgresql/postgresql-9.2.22.ebuild: RDEPEND: hppa(default/linux/hppa/13.0) ['>=app-eselect/eselect-postgresql-2.0']
> dependency.bad dev-db/postgresql/postgresql-9.3.18.ebuild: DEPEND: hppa(default/linux/hppa/13.0) ['>=app-eselect/eselect-postgresql-2.0']
> dependency.bad dev-db/postgresql/postgresql-9.2.22.ebuild: DEPEND: hppa(default/linux/hppa/13.0) ['>=app-eselect/eselect-postgresql-2.0']
> dependency.bad dev-db/postgresql/postgresql-9.2.22.ebuild: RDEPEND: hppa(default/linux/hppa/13.0) ['>=app-eselect/eselect-postgresql-2.0']
> dependency.bad dev-db/postgresql/postgresql-9.3.18.ebuild: DEPEND: hppa(default/linux/hppa/13.0) ['>=app-eselect/eselect-postgresql-2.0']
> dependency.bad dev-db/postgresql/postgresql-9.2.22.ebuild: DEPEND: hppa(default/linux/hppa/13.0) ['>=app-eselect/eselect-postgresql-2.0']
> dependency.bad dev-db/postgresql/postgresql-9.2.22.ebuild: RDEPEND: hppa(default/linux/hppa/13.0) ['>=app-eselect/eselect-postgresql-2.0']
> dependency.bad dev-db/postgresql/postgresql-9.3.18.ebuild: DEPEND: hppa(default/linux/hppa/13.0) ['>=app-eselect/eselect-postgresql-2.0']
Comment 4 Sergei Trofimovich gentoo-dev 2017-08-11 22:14:41 UTC
ia64 stable
Comment 5 Stabilization helper bot gentoo-dev 2017-08-11 23:04:28 UTC
An automated check of this bug failed - repoman reported dependency errors (35 lines truncated): 

> dependency.bad dev-db/postgresql/postgresql-9.2.22.ebuild: DEPEND: hppa(default/linux/hppa/13.0) ['>=app-eselect/eselect-postgresql-2.0']
> dependency.bad dev-db/postgresql/postgresql-9.2.22.ebuild: RDEPEND: hppa(default/linux/hppa/13.0) ['>=app-eselect/eselect-postgresql-2.0']
> dependency.bad dev-db/postgresql/postgresql-9.3.18.ebuild: DEPEND: hppa(default/linux/hppa/13.0) ['>=app-eselect/eselect-postgresql-2.0']
> dependency.bad dev-db/postgresql/postgresql-9.2.22.ebuild: DEPEND: hppa(default/linux/hppa/13.0) ['>=app-eselect/eselect-postgresql-2.0']
> dependency.bad dev-db/postgresql/postgresql-9.2.22.ebuild: RDEPEND: hppa(default/linux/hppa/13.0) ['>=app-eselect/eselect-postgresql-2.0']
> dependency.bad dev-db/postgresql/postgresql-9.3.18.ebuild: DEPEND: hppa(default/linux/hppa/13.0) ['>=app-eselect/eselect-postgresql-2.0']
> dependency.bad dev-db/postgresql/postgresql-9.2.22.ebuild: DEPEND: hppa(default/linux/hppa/13.0) ['>=app-eselect/eselect-postgresql-2.0']
> dependency.bad dev-db/postgresql/postgresql-9.2.22.ebuild: RDEPEND: hppa(default/linux/hppa/13.0) ['>=app-eselect/eselect-postgresql-2.0']
> dependency.bad dev-db/postgresql/postgresql-9.3.18.ebuild: DEPEND: hppa(default/linux/hppa/13.0) ['>=app-eselect/eselect-postgresql-2.0']
> dependency.bad dev-db/postgresql/postgresql-9.2.22.ebuild: DEPEND: hppa(default/linux/hppa/13.0) ['>=app-eselect/eselect-postgresql-2.0']
> dependency.bad dev-db/postgresql/postgresql-9.2.22.ebuild: RDEPEND: hppa(default/linux/hppa/13.0) ['>=app-eselect/eselect-postgresql-2.0']
> dependency.bad dev-db/postgresql/postgresql-9.3.18.ebuild: DEPEND: hppa(default/linux/hppa/13.0) ['>=app-eselect/eselect-postgresql-2.0']
> dependency.bad dev-db/postgresql/postgresql-9.2.22.ebuild: DEPEND: hppa(default/linux/hppa/13.0) ['>=app-eselect/eselect-postgresql-2.0']
> dependency.bad dev-db/postgresql/postgresql-9.2.22.ebuild: RDEPEND: hppa(default/linux/hppa/13.0) ['>=app-eselect/eselect-postgresql-2.0']
> dependency.bad dev-db/postgresql/postgresql-9.3.18.ebuild: DEPEND: hppa(default/linux/hppa/13.0) ['>=app-eselect/eselect-postgresql-2.0']
Comment 6 Sergei Trofimovich gentoo-dev 2017-08-18 21:57:14 UTC
ppc/ppc64 stable
Comment 7 Markus Meier gentoo-dev 2017-08-23 04:58:51 UTC
arm stable
Comment 8 Tobias Klausmann gentoo-dev 2017-09-04 07:32:58 UTC
Stable on alpha.
Comment 10 Sergei Trofimovich gentoo-dev 2017-09-24 17:57:53 UTC
ppc64 stable
Comment 11 Sergei Trofimovich gentoo-dev 2017-09-24 20:07:13 UTC
ppc stable
Comment 12 Larry the Git Cow gentoo-dev 2017-09-30 03:47:15 UTC
The bug has been referenced in the following commit(s):

https://gitweb.gentoo.org/repo/gentoo.git/commit/?id=2bc2b3101f0b4ee3e4d70d7804c78146961a4ed4

commit 2bc2b3101f0b4ee3e4d70d7804c78146961a4ed4
Author:     Michael Palimaka <kensington@gentoo.org>
AuthorDate: 2017-09-30 03:46:42 +0000
Commit:     Michael Palimaka <kensington@gentoo.org>
CommitDate: 2017-09-30 03:47:02 +0000

    dev-db/postgresql: amd64/x86 stable
    
    Bug: https://bugs.gentoo.org/627462
    Package-Manager: Portage-2.3.8, Repoman-2.3.3

 dev-db/postgresql/postgresql-9.2.22.ebuild | 2 +-
 dev-db/postgresql/postgresql-9.3.18.ebuild | 2 +-
 dev-db/postgresql/postgresql-9.4.13.ebuild | 2 +-
 dev-db/postgresql/postgresql-9.5.8.ebuild  | 2 +-
 dev-db/postgresql/postgresql-9.6.4.ebuild  | 2 +-
 5 files changed, 5 insertions(+), 5 deletions(-)}
Comment 13 Matt Turner gentoo-dev 2017-09-30 03:51:12 UTC
*** Bug 624944 has been marked as a duplicate of this bug. ***
Comment 14 Yury German Gentoo Infrastructure gentoo-dev Security 2017-10-02 06:02:06 UTC
hppa / please complete stabilization for this security bug, it is holding up completion and cleanup of this bug. 

New GLSA Request filed.
Comment 15 Rolf Eike Beer 2017-10-03 19:17:05 UTC
tried a test on hppa, which fails because the usual local breakage on hppa, so no test results:

============== creating temporary instance            ==============
============== initializing database system           ==============

pg_regress: initdb failed
Examine /var/tmp/portage/dev-db/postgresql-9.6.4/work/postgresql-9.6.4/src/test/regress/log/initdb.log for the reason.
Command was: "initdb" -D "/var/tmp/portage/dev-db/postgresql-9.6.4/work/postgresql-9.6.4/src/test/regress/./tmp_check/data" --noclean --nosync > "/var/tmp/portage/dev-db/postgresql-9.6.4/work/postgresql-9.6.4/src/test/regress/log/initdb.log" 2>&1
make[1]: *** [GNUmakefile:130: check] Error 2
make[1]: Leaving directory '/var/tmp/portage/dev-db/postgresql-9.6.4/work/postgresql-9.6.4/src/test/regress'
make: *** [GNUmakefile:67: check] Error 2
 * ERROR: dev-db/postgresql-9.6.4::gentoo failed (test phase):
 *   emake failed
 * 
 * If you need support, post the output of `emerge --info '=dev-db/postgresql-9.6.4::gentoo'`,
 * the complete build log and the output of `emerge -pqv '=dev-db/postgresql-9.6.4::gentoo'`.
 * The complete build log is located at '/var/tmp/portage/dev-db/postgresql-9.6.4/temp/build.log'.
 * The ebuild environment file is located at '/var/tmp/portage/dev-db/postgresql-9.6.4/temp/environment'.
 * Working directory: '/var/tmp/portage/dev-db/postgresql-9.6.4/work/postgresql-9.6.4'
 * S: '/var/tmp/portage/dev-db/postgresql-9.6.4/work/postgresql-9.6.4'
pioneer ~ # cat /var/tmp/portage/dev-db/postgresql-9.6.4/work/postgresql-9.6.4/src/test/regress/log/initdb.log
Running in noclean mode.  Mistakes will not be cleaned up.
The files belonging to this database system will be owned by user "portage".
This user must also own the server process.

initdb: invalid locale settings; check LANG and LC_* environment variables
Comment 16 Sergei Trofimovich gentoo-dev 2017-10-03 19:46:16 UTC
sparc stable (thanks to Rolf Eike Beer)
Comment 17 Aaron W. Swenson gentoo-dev 2017-10-05 20:59:57 UTC
(In reply to Rolf Eike Beer from comment #15)
> tried a test on hppa, which fails because the usual local breakage on hppa,
> so no test results:
> 
> ============== creating temporary instance            ==============
> ============== initializing database system           ==============
> 
> pg_regress: initdb failed
> Examine
> /var/tmp/portage/dev-db/postgresql-9.6.4/work/postgresql-9.6.4/src/test/
> regress/log/initdb.log for the reason.
> Command was: "initdb" -D
> "/var/tmp/portage/dev-db/postgresql-9.6.4/work/postgresql-9.6.4/src/test/
> regress/./tmp_check/data" --noclean --nosync >
> "/var/tmp/portage/dev-db/postgresql-9.6.4/work/postgresql-9.6.4/src/test/
> regress/log/initdb.log" 2>&1
> make[1]: *** [GNUmakefile:130: check] Error 2
> make[1]: Leaving directory
> '/var/tmp/portage/dev-db/postgresql-9.6.4/work/postgresql-9.6.4/src/test/
> regress'
> make: *** [GNUmakefile:67: check] Error 2
>  * ERROR: dev-db/postgresql-9.6.4::gentoo failed (test phase):
>  *   emake failed
>  * 
>  * If you need support, post the output of `emerge --info
> '=dev-db/postgresql-9.6.4::gentoo'`,
>  * the complete build log and the output of `emerge -pqv
> '=dev-db/postgresql-9.6.4::gentoo'`.
>  * The complete build log is located at
> '/var/tmp/portage/dev-db/postgresql-9.6.4/temp/build.log'.
>  * The ebuild environment file is located at
> '/var/tmp/portage/dev-db/postgresql-9.6.4/temp/environment'.
>  * Working directory:
> '/var/tmp/portage/dev-db/postgresql-9.6.4/work/postgresql-9.6.4'
>  * S: '/var/tmp/portage/dev-db/postgresql-9.6.4/work/postgresql-9.6.4'
> pioneer ~ # cat
> /var/tmp/portage/dev-db/postgresql-9.6.4/work/postgresql-9.6.4/src/test/
> regress/log/initdb.log
> Running in noclean mode.  Mistakes will not be cleaned up.
> The files belonging to this database system will be owned by user "portage".
> This user must also own the server process.
> 
> initdb: invalid locale settings; check LANG and LC_* environment variables

I've never seen a report about this before now. Please make a separate bug.

Does this issue prevent a successful emerge and subsequent emerge --config?
Comment 18 GLSAMaker/CVETool Bot gentoo-dev 2017-10-08 13:56:43 UTC
This issue was resolved and addressed in
 GLSA 201710-06 at https://security.gentoo.org/glsa/201710-06
by GLSA coordinator Aaron Bauman (b-man).
Comment 19 Aaron Bauman Gentoo Infrastructure gentoo-dev Security 2017-10-08 13:58:25 UTC
re-opening for cleanup.

@maintainer(s), I am leaving the blocked bugs in place until you cleanup.  They don't seem to be needed though.
Comment 20 Aaron W. Swenson gentoo-dev 2017-10-08 14:35:40 UTC
I haven't removed all as we're waiting on HPPA, which is now 3 or 4 versions behind current (depending on the definition of current).

commit 4205f0659c831b9e6594bb6973c21d4f8842f45c (HEAD -> master, origin/master, origin/HEAD)
Author: Aaron W. Swenson <titanofold@gentoo.org>
Date:   Sun Oct 8 10:31:20 2017 -0400

    dev-db/postgresql: Partial Security Cleanup

    Remove some of the affected packages.

    Package-Manager: Portage-2.3.8, Repoman-2.3.3
Comment 21 Stabilization helper bot gentoo-dev 2018-01-14 23:00:09 UTC
An automated check of this bug failed - the following atom is unknown:

app-eselect/eselect-postgresql-2.1

Please verify the atom list.
Comment 22 Stabilization helper bot gentoo-dev 2018-02-10 20:00:27 UTC
An automated check of this bug failed - the following atoms are unknown:

dev-db/postgresql-9.5.8
dev-db/postgresql-9.4.13
dev-db/postgresql-9.6.4
app-eselect/eselect-postgresql-2.1
dev-db/postgresql-9.3.18

Please verify the atom list.
Comment 23 Larry the Git Cow gentoo-dev 2018-02-11 15:55:02 UTC
The bug has been referenced in the following commit(s):

https://gitweb.gentoo.org/repo/gentoo.git/commit/?id=850efe2a5700c2ba30f9e9860dd83143cf15da34

commit 850efe2a5700c2ba30f9e9860dd83143cf15da34
Author:     Aaron W. Swenson <titanofold@gentoo.org>
AuthorDate: 2018-02-11 15:54:10 +0000
Commit:     Aaron W. Swenson <titanofold@gentoo.org>
CommitDate: 2018-02-11 15:54:38 +0000

    dev-db/postgresql: Cleanup Old and Insecure Files
    
    Bug: https://bugs.gentoo.org/627462
    Bug: https://bugs.gentoo.org/636978
    Bug: https://bugs.gentoo.org/630824
    Bug: https://bugs.gentoo.org/603720
    Bug: https://bugs.gentoo.org/603716
    Package-Manager: Portage-2.3.19, Repoman-2.3.6

 dev-db/postgresql/Manifest                         |   6 -
 .../files/postgresql-9.2-9.4-tz-dir-overflow.patch |  16 -
 dev-db/postgresql/files/postgresql.confd           |  58 ---
 dev-db/postgresql/files/postgresql.init            | 137 -------
 dev-db/postgresql/files/postgresql.init-9.3        | 142 -------
 dev-db/postgresql/files/postgresql.service         |  55 ---
 dev-db/postgresql/files/postgresql.service-9.6     |  56 ---
 dev-db/postgresql/postgresql-9.2.19.ebuild         | 390 ------------------
 dev-db/postgresql/postgresql-9.2.22.ebuild         | 441 --------------------
 dev-db/postgresql/postgresql-9.2.23-r1.ebuild      | 445 ---------------------
 dev-db/postgresql/postgresql-9.2.23.ebuild         | 441 --------------------
 dev-db/postgresql/postgresql-9.3.15.ebuild         | 395 ------------------
 dev-db/postgresql/postgresql-9.4.10.ebuild         | 427 --------------------
 dev-db/postgresql/postgresql-9.5.5.ebuild          | 438 --------------------
 14 files changed, 3447 deletions(-)}
Comment 24 Stabilization helper bot gentoo-dev 2018-02-11 16:00:30 UTC
An automated check of this bug failed - the following atoms are unknown:

dev-db/postgresql-9.3.18
dev-db/postgresql-9.5.8
dev-db/postgresql-9.6.4
dev-db/postgresql-9.4.13
dev-db/postgresql-9.2.22
app-eselect/eselect-postgresql-2.1

Please verify the atom list.
Comment 25 Aaron Bauman Gentoo Infrastructure gentoo-dev Security 2018-04-02 23:01:30 UTC
Tree is clean