[oe-commits] Kang Kai : postgresql: add fix for CVE-2014-0064 Security Advisory
git at git.openembedded.org
git at git.openembedded.org
Fri Nov 7 14:47:24 UTC 2014
Module: meta-openembedded.git
Branch: master-next
Commit: cd4cd791999f9684c1b9b50d4ce600d9e8dd423d
URL: http://git.openembedded.org/?p=meta-openembedded.git&a=commit;h=cd4cd791999f9684c1b9b50d4ce600d9e8dd423d
Author: Kang Kai <kai.kang at windriver.com>
Date: Wed Oct 29 08:30:52 2014 +0800
postgresql: add fix for CVE-2014-0064 Security Advisory
Multiple integer overflows in the path_in and other unspecified
functions in PostgreSQL before 8.4.20, 9.0.x before 9.0.16, 9.1.x before
9.1.12, 9.2.x before 9.2.7, and 9.3.x before 9.3.3 allow remote
authenticated users to have unspecified impact and attack vectors, which
trigger a buffer overflow. NOTE: this identifier has been SPLIT due to
different affected versions; use CVE-2014-2669 for the hstore vector.
http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2014-0064
Signed-off-by: Yue Tao <Yue.Tao at windriver.com>
Signed-off-by: Kai Kang <kai.kang at windriver.com>
Signed-off-by: Martin Jansa <Martin.Jansa at gmail.com>
---
...integer-overflow-to-avoid-buffer-overruns.patch | 605 +++++++++++++++++++++
meta-oe/recipes-support/postgresql/postgresql.inc | 5 +-
2 files changed, 608 insertions(+), 2 deletions(-)
Diff: http://git.openembedded.org/?p=meta-openembedded.git/?a=commitdiff;h=cd4cd791999f9684c1b9b50d4ce600d9e8dd423d
More information about the Openembedded-commits
mailing list