[oe-commits] Kang Kai : postgresql: add fix for CVE-2014-0064 Security Advisory
git at git.openembedded.org
git at git.openembedded.org
Wed Dec 3 14:15:41 UTC 2014
Module: meta-openembedded.git
Branch: dizzy
Commit: 62d029bbec465ba54c5e2056dd4ab66d47230489
URL: http://git.openembedded.org/?p=meta-openembedded.git&a=commit;h=62d029bbec465ba54c5e2056dd4ab66d47230489
Author: Kang Kai <kai.kang at windriver.com>
Date: Wed Oct 29 08:30:52 2014 +0800
postgresql: add fix for CVE-2014-0064 Security Advisory
Multiple integer overflows in the path_in and other unspecified
functions in PostgreSQL before 8.4.20, 9.0.x before 9.0.16, 9.1.x before
9.1.12, 9.2.x before 9.2.7, and 9.3.x before 9.3.3 allow remote
authenticated users to have unspecified impact and attack vectors, which
trigger a buffer overflow. NOTE: this identifier has been SPLIT due to
different affected versions; use CVE-2014-2669 for the hstore vector.
http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2014-0064
Signed-off-by: Yue Tao <Yue.Tao at windriver.com>
Signed-off-by: Kai Kang <kai.kang at windriver.com>
Signed-off-by: Martin Jansa <Martin.Jansa at gmail.com>
Signed-off-by: Armin Kuster <akuster808 at gmail.com>
---
...integer-overflow-to-avoid-buffer-overruns.patch | 605 +++++++++++++++++++++
meta-oe/recipes-support/postgresql/postgresql.inc | 5 +-
2 files changed, 608 insertions(+), 2 deletions(-)
Diff: http://git.openembedded.org/?p=meta-openembedded.git/?a=commitdiff;h=62d029bbec465ba54c5e2056dd4ab66d47230489
More information about the Openembedded-commits
mailing list