diff options
author | Kang Kai <kai.kang@windriver.com> | 2014-10-29 08:30:57 +0800 |
---|---|---|
committer | Martin Jansa <Martin.Jansa@gmail.com> | 2014-11-07 15:05:45 +0100 |
commit | 59e457955474385b3ca47488ca0028fc72869b7f (patch) | |
tree | 01ab8468cad8f12fd41b60068b4957df31510512 /meta-oe/recipes-support/postgresql/postgresql.inc | |
parent | f1978efac9fa2aec041e92b9d6f8f61bf48dace6 (diff) | |
download | meta-openembedded-contrib-59e457955474385b3ca47488ca0028fc72869b7f.tar.gz |
postgresql: add fix for CVE-2014-0067 Security Advisory
The make check command for the test suites in PostgreSQL 9.3.3 and
earlier does not properly invoke initdb to specify the authentication
requirements for a database cluster to be used for the tests, which
allows local users to gain privileges by leveraging access to this
cluster.
http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2014-0067
Signed-off-by: Yue Tao <Yue.Tao@windriver.com>
Signed-off-by: Kai Kang <kai.kang@windriver.com>
Signed-off-by: Martin Jansa <Martin.Jansa@gmail.com>
Diffstat (limited to 'meta-oe/recipes-support/postgresql/postgresql.inc')
-rw-r--r-- | meta-oe/recipes-support/postgresql/postgresql.inc | 1 |
1 files changed, 1 insertions, 0 deletions
diff --git a/meta-oe/recipes-support/postgresql/postgresql.inc b/meta-oe/recipes-support/postgresql/postgresql.inc index 4a62eb68d4..ce31205079 100644 --- a/meta-oe/recipes-support/postgresql/postgresql.inc +++ b/meta-oe/recipes-support/postgresql/postgresql.inc @@ -36,6 +36,7 @@ SRC_URI = "http://ftp.postgresql.org/pub/source/v${PV}/${BP}.tar.bz2 \ file://0004-Prevent-privilege-escalation-in-explicit-calls-to-PL.patch \ file://0005-Avoid-repeated-name-lookups-during-table-and-index-D.patch \ file://0006-Fix-handling-of-wide-datetime-input-output.patch \ + file://0007-Make-pqsignal-available-to-pg_regress-of-ECPG-and-is.patch \ " LEAD_SONAME = "libpq.so" |