From 1289a88977b3c3279d0ce4e70d0783e25786510d Mon Sep 17 00:00:00 2001 From: Guocai He Date: Mon, 25 May 2026 15:42:06 +0800 Subject: [PATCH] postgresql: fix CVE-2026-6479 CVE-2026-6479 was partially fixed by the 17.8 -> 17.10 version upgrade, but an additional patch is needed to completely fix the issue. Add missing include of IO::Socket::INET in Cluster.pm test module. The postmaster test 004_negotiate.pl could fail due to IO::Socket::INET gone missing, in environments that cannot use Unix sockets. Reference: https://security-tracker.debian.org/tracker/CVE-2026-6479 https://github.com/postgres/postgres/commit/eb5559b7df98581bd9a5142433122d1ba076d568 Signed-off-by: Guocai He Signed-off-by: Khem Raj --- ...01-Add-missing-include-in-Cluster.pm.patch | 38 +++++++++++++++++++ .../postgresql/postgresql_17.10.bb | 3 +- 2 files changed, 40 insertions(+), 1 deletion(-) create mode 100644 meta-oe/recipes-dbs/postgresql/files/0001-Add-missing-include-in-Cluster.pm.patch diff --git a/meta-oe/recipes-dbs/postgresql/files/0001-Add-missing-include-in-Cluster.pm.patch b/meta-oe/recipes-dbs/postgresql/files/0001-Add-missing-include-in-Cluster.pm.patch new file mode 100644 index 0000000000..d4e6273e6d --- /dev/null +++ b/meta-oe/recipes-dbs/postgresql/files/0001-Add-missing-include-in-Cluster.pm.patch @@ -0,0 +1,38 @@ +From eb5559b7df98581bd9a5142433122d1ba076d568 Mon Sep 17 00:00:00 2001 +From: Michael Paquier +Date: Tue, 12 May 2026 16:44:28 +0900 +Subject: [PATCH] Add missing include in Cluster.pm + +The postmaster test 004_negotiate.pl could fail due to IO::Socket::INET +gone missing, in environments that cannot use Unix sockets. + +Oversight in the backport done in 6dffaeb8e54c, so like the other commit +this is applied across the v14~17 range. Per buildfarm member drongo. + +Security: CVE-2026-6479 +Backpatch-through: 14 + +CVE: CVE-2026-6479 + +Upstream-Status: Backport [https://github.com/postgres/postgres/commit/eb5559b7df] + +Signed-off-by: Guocai He +--- + src/test/perl/PostgreSQL/Test/Cluster.pm | 1 + + 1 file changed, 1 insertion(+) + +diff --git a/src/test/perl/PostgreSQL/Test/Cluster.pm b/src/test/perl/PostgreSQL/Test/Cluster.pm +index a8635f4e6ad..4c2428a9247 100644 +--- a/src/test/perl/PostgreSQL/Test/Cluster.pm ++++ b/src/test/perl/PostgreSQL/Test/Cluster.pm +@@ -104,6 +104,7 @@ use File::Path qw(rmtree mkpath); + use File::Spec; + use File::stat qw(stat); + use File::Temp (); ++use IO::Socket::INET; + use IPC::Run; + use PostgreSQL::Version; + use PostgreSQL::Test::RecursiveCopy; +-- +2.34.1 + diff --git a/meta-oe/recipes-dbs/postgresql/postgresql_17.10.bb b/meta-oe/recipes-dbs/postgresql/postgresql_17.10.bb index 98b8d4891a..7afd8b4dbf 100644 --- a/meta-oe/recipes-dbs/postgresql/postgresql_17.10.bb +++ b/meta-oe/recipes-dbs/postgresql/postgresql_17.10.bb @@ -10,7 +10,8 @@ SRC_URI += "\ file://0004-config_info.c-not-expose-build-info.patch \ file://0005-postgresql-fix-ptest-failure-of-sysviews.patch \ file://0001-tcl.m4-Recognize-tclsh9.patch \ -" + file://0001-Add-missing-include-in-Cluster.pm.patch \ + " SRC_URI[sha256sum] = "078a03516dcdbdb705fecaf415ea3d13a956c589e46f09fed68a06fb00598c90"