mirrors/meta-openembedded
1
0
Fork 0
mirror of https://github.com/openembedded/meta-openembedded.git synced 2026-06-06 03:10:01 +00:00
Code Issues Projects Releases Wiki Activity

postgresql: add fix for CVE-2014-0062 Security Advisory

Browse Source 
Race condition in the (1) CREATE INDEX and (2) unspecified ALTER TABLE
commands in PostgreSQL before 8.4.20, 9.0.x before 9.0.16, 9.1.x before
9.1.12, 9.2.x before 9.2.7, and 9.3.x before 9.3.3 allows remote
authenticated users to create an unauthorized index or read portions of
unauthorized tables by creating or deleting a table with the same name
during the timing window.

http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2014-0062

Signed-off-by: Yue Tao <Yue.Tao@windriver.com>
Signed-off-by: Kai Kang <kai.kang@windriver.com>
Signed-off-by: Martin Jansa <Martin.Jansa@gmail.com>
This commit is contained in:
Kang Kai
2014-10-29 08:30:55 +08:00
committed by Martin Jansa
parent 30f8a0515a
commit bd9378688e
2 changed files with 1083 additions and 0 deletions
Download Patch File Download Diff File Expand all files Collapse all files
meta-oe/recipes-support/postgresql/files/0005-Avoid-repeated-name-lookups-during-table-and-index-D.patch
+1082
View File
File diff suppressed because it is too large Load Diff
meta-oe/recipes-support/postgresql/postgresql.inc
+1
View File
@@ -34,6 +34,7 @@ SRC_URI = "http://ftp.postgresql.org/pub/source/v${PV}/${BP}.tar.bz2 \
file://0002-Predict-integer-overflow-to-avoid-buffer-overruns.patch \
file://0003-Shore-up-ADMIN-OPTION-restrictions.patch \
file://0004-Prevent-privilege-escalation-in-explicit-calls-to-PL.patch \
file://0005-Avoid-repeated-name-lookups-during-table-and-index-D.patch \
"
LEAD_SONAME = "libpq.so"