diff options
author | Kang Kai <kai.kang@windriver.com> | 2014-10-29 08:30:56 +0800 |
---|---|---|
committer | Martin Jansa <Martin.Jansa@gmail.com> | 2014-11-07 15:05:45 +0100 |
commit | f1978efac9fa2aec041e92b9d6f8f61bf48dace6 (patch) | |
tree | 4af13df51812acfeaebf84471b0af770edd6e281 /meta-oe/recipes-support/postgresql/postgresql.inc | |
parent | bd9378688e32c96e26b65c3f74724c7c7d81aada (diff) | |
download | meta-openembedded-f1978efac9fa2aec041e92b9d6f8f61bf48dace6.tar.gz |
postgresql: add fix for CVE-2014-0063 Security Advisory
Multiple stack-based buffer overflows in PostgreSQL before 8.4.20, 9.0.x
before 9.0.16, 9.1.x before 9.1.12, 9.2.x before 9.2.7, and 9.3.x before
9.3.3 allow remote authenticated users to cause a denial of service
(crash) or possibly execute arbitrary code via vectors related to an
incorrect MAXDATELEN constant and datetime values involving (1)
intervals, (2) timestamps, or (3) timezones, a different vulnerability
than CVE-2014-0065.
http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2014-0063
Signed-off-by: Yue Tao <Yue.Tao@windriver.com>
Signed-off-by: Kai Kang <kai.kang@windriver.com>
Signed-off-by: Martin Jansa <Martin.Jansa@gmail.com>
Diffstat (limited to 'meta-oe/recipes-support/postgresql/postgresql.inc')
-rw-r--r-- | meta-oe/recipes-support/postgresql/postgresql.inc | 1 |
1 files changed, 1 insertions, 0 deletions
diff --git a/meta-oe/recipes-support/postgresql/postgresql.inc b/meta-oe/recipes-support/postgresql/postgresql.inc index 9cfb2b6d8..4a62eb68d 100644 --- a/meta-oe/recipes-support/postgresql/postgresql.inc +++ b/meta-oe/recipes-support/postgresql/postgresql.inc | |||
@@ -35,6 +35,7 @@ SRC_URI = "http://ftp.postgresql.org/pub/source/v${PV}/${BP}.tar.bz2 \ | |||
35 | file://0003-Shore-up-ADMIN-OPTION-restrictions.patch \ | 35 | file://0003-Shore-up-ADMIN-OPTION-restrictions.patch \ |
36 | file://0004-Prevent-privilege-escalation-in-explicit-calls-to-PL.patch \ | 36 | file://0004-Prevent-privilege-escalation-in-explicit-calls-to-PL.patch \ |
37 | file://0005-Avoid-repeated-name-lookups-during-table-and-index-D.patch \ | 37 | file://0005-Avoid-repeated-name-lookups-during-table-and-index-D.patch \ |
38 | file://0006-Fix-handling-of-wide-datetime-input-output.patch \ | ||
38 | " | 39 | " |
39 | 40 | ||
40 | LEAD_SONAME = "libpq.so" | 41 | LEAD_SONAME = "libpq.so" |