[oe-commits] Kang Kai : postgresql: add fix for CVE-2014-0062 Security Advisory
git at git.openembedded.org
git at git.openembedded.org
Wed Dec 3 14:15:42 UTC 2014
Module: meta-openembedded.git
Branch: dizzy
Commit: e569c274230e1bc304f137b2dcad7822b709a140
URL: http://git.openembedded.org/?p=meta-openembedded.git&a=commit;h=e569c274230e1bc304f137b2dcad7822b709a140
Author: Kang Kai <kai.kang at windriver.com>
Date: Wed Oct 29 08:30:55 2014 +0800
postgresql: add fix for CVE-2014-0062 Security Advisory
Race condition in the (1) CREATE INDEX and (2) unspecified ALTER TABLE
commands in PostgreSQL before 8.4.20, 9.0.x before 9.0.16, 9.1.x before
9.1.12, 9.2.x before 9.2.7, and 9.3.x before 9.3.3 allows remote
authenticated users to create an unauthorized index or read portions of
unauthorized tables by creating or deleting a table with the same name
during the timing window.
http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2014-0062
Signed-off-by: Yue Tao <Yue.Tao at windriver.com>
Signed-off-by: Kai Kang <kai.kang at windriver.com>
Signed-off-by: Martin Jansa <Martin.Jansa at gmail.com>
Signed-off-by: Armin Kuster <akuster808 at gmail.com>
---
...ted-name-lookups-during-table-and-index-D.patch | 1082 ++++++++++++++++++++
meta-oe/recipes-support/postgresql/postgresql.inc | 1 +
2 files changed, 1083 insertions(+)
Diff: http://git.openembedded.org/?p=meta-openembedded.git/?a=commitdiff;h=e569c274230e1bc304f137b2dcad7822b709a140
More information about the Openembedded-commits
mailing list