diff options
author | Kang Kai <kai.kang@windriver.com> | 2014-10-29 08:30:52 +0800 |
---|---|---|
committer | Martin Jansa <Martin.Jansa@gmail.com> | 2014-11-07 15:05:45 +0100 |
commit | cd4cd791999f9684c1b9b50d4ce600d9e8dd423d (patch) | |
tree | 67b6ad191e063703bd2daab33b243365990462a9 /meta-oe/recipes-support/postgresql/postgresql.inc | |
parent | 3692902448c29828ce7d25d553a4e6bf11cbb9ec (diff) | |
download | meta-openembedded-contrib-cd4cd791999f9684c1b9b50d4ce600d9e8dd423d.tar.gz |
postgresql: add fix for CVE-2014-0064 Security Advisory
Multiple integer overflows in the path_in and other unspecified
functions in PostgreSQL before 8.4.20, 9.0.x before 9.0.16, 9.1.x before
9.1.12, 9.2.x before 9.2.7, and 9.3.x before 9.3.3 allow remote
authenticated users to have unspecified impact and attack vectors, which
trigger a buffer overflow. NOTE: this identifier has been SPLIT due to
different affected versions; use CVE-2014-2669 for the hstore vector.
http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2014-0064
Signed-off-by: Yue Tao <Yue.Tao@windriver.com>
Signed-off-by: Kai Kang <kai.kang@windriver.com>
Signed-off-by: Martin Jansa <Martin.Jansa@gmail.com>
Diffstat (limited to 'meta-oe/recipes-support/postgresql/postgresql.inc')
-rw-r--r-- | meta-oe/recipes-support/postgresql/postgresql.inc | 5 |
1 files changed, 3 insertions, 2 deletions
diff --git a/meta-oe/recipes-support/postgresql/postgresql.inc b/meta-oe/recipes-support/postgresql/postgresql.inc index d45f4b5edf..9b242e0476 100644 --- a/meta-oe/recipes-support/postgresql/postgresql.inc +++ b/meta-oe/recipes-support/postgresql/postgresql.inc @@ -28,10 +28,11 @@ SRC_URI = "http://ftp.postgresql.org/pub/source/v${PV}/${BP}.tar.bz2 \ file://postgresql.init \ file://postgresql-bashprofile \ file://postgresql.pam \ - file://0001-Use-pkg-config-for-libxml2-detection.patch \ file://postgresql-setup \ file://postgresql.service \ -" + file://0001-Use-pkg-config-for-libxml2-detection.patch \ + file://0002-Predict-integer-overflow-to-avoid-buffer-overruns.patch \ + " LEAD_SONAME = "libpq.so" |