summaryrefslogtreecommitdiffstats
path: root/meta-oe/recipes-support/postgresql/postgresql.inc
diff options
context:
space:
mode:
authorKang Kai <kai.kang@windriver.com>2014-10-29 08:30:55 +0800
committerMartin Jansa <Martin.Jansa@gmail.com>2014-11-07 15:05:45 +0100
commitbd9378688e32c96e26b65c3f74724c7c7d81aada (patch)
treedc4befd39f5707d81f9b9f301a9a4afc5f2cd0e4 /meta-oe/recipes-support/postgresql/postgresql.inc
parent30f8a0515a959ac4c45771b406fdcf01cc1aca1c (diff)
downloadmeta-openembedded-bd9378688e32c96e26b65c3f74724c7c7d81aada.tar.gz
postgresql: add fix for CVE-2014-0062 Security Advisory
Race condition in the (1) CREATE INDEX and (2) unspecified ALTER TABLE commands in PostgreSQL before 8.4.20, 9.0.x before 9.0.16, 9.1.x before 9.1.12, 9.2.x before 9.2.7, and 9.3.x before 9.3.3 allows remote authenticated users to create an unauthorized index or read portions of unauthorized tables by creating or deleting a table with the same name during the timing window. http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2014-0062 Signed-off-by: Yue Tao <Yue.Tao@windriver.com> Signed-off-by: Kai Kang <kai.kang@windriver.com> Signed-off-by: Martin Jansa <Martin.Jansa@gmail.com>
Diffstat (limited to 'meta-oe/recipes-support/postgresql/postgresql.inc')
-rw-r--r--meta-oe/recipes-support/postgresql/postgresql.inc1
1 files changed, 1 insertions, 0 deletions
diff --git a/meta-oe/recipes-support/postgresql/postgresql.inc b/meta-oe/recipes-support/postgresql/postgresql.inc
index e2e5947b7..9cfb2b6d8 100644
--- a/meta-oe/recipes-support/postgresql/postgresql.inc
+++ b/meta-oe/recipes-support/postgresql/postgresql.inc
@@ -34,6 +34,7 @@ SRC_URI = "http://ftp.postgresql.org/pub/source/v${PV}/${BP}.tar.bz2 \
34 file://0002-Predict-integer-overflow-to-avoid-buffer-overruns.patch \ 34 file://0002-Predict-integer-overflow-to-avoid-buffer-overruns.patch \
35 file://0003-Shore-up-ADMIN-OPTION-restrictions.patch \ 35 file://0003-Shore-up-ADMIN-OPTION-restrictions.patch \
36 file://0004-Prevent-privilege-escalation-in-explicit-calls-to-PL.patch \ 36 file://0004-Prevent-privilege-escalation-in-explicit-calls-to-PL.patch \
37 file://0005-Avoid-repeated-name-lookups-during-table-and-index-D.patch \
37 " 38 "
38 39
39LEAD_SONAME = "libpq.so" 40LEAD_SONAME = "libpq.so"