[oe-commits] [meta-openembedded] 43/51: postgresql: Security Advisory-postgresql-CVE-2016-0766

git at git.openembedded.org git at git.openembedded.org
Mon Mar 14 11:14:30 UTC 2016 

martin_jansa pushed a commit to branch master
in repository meta-openembedded.

commit 21f72b1fe09ca919316f8ed8545b9bf88aa83b29
Author: Zhixiong Chi <zhixiong.chi at windriver.com>
AuthorDate: Tue Mar 8 13:43:20 2016 +0800

    postgresql: Security Advisory-postgresql-CVE-2016-0766
    
    add CVE-2016-0766 patch for avoiding attackers to gain privileges
    via unspecified vectors.
    Patch comes from:
    http://git.postgresql.org/gitweb/?p=postgresql.git;a=summary
    commit f4aa3a18a20d51575562520754aa376b3b08b2d0
    
    Signed-off-by: Zhixiong Chi <Zhixiong.Chi at windriver.com>
    Signed-off-by: Martin Jansa <Martin.Jansa at gmail.com>
---
 .../files/postgresql-CVE-2016-0766.patch           | 35 ++++++++++++++++++++++
 meta-oe/recipes-support/postgresql/postgresql.inc  |  1 +
 2 files changed, 36 insertions(+)

diff --git a/meta-oe/recipes-support/postgresql/files/postgresql-CVE-2016-0766.patch b/meta-oe/recipes-support/postgresql/files/postgresql-CVE-2016-0766.patch
new file mode 100644
index 0000000..df89eb0
--- /dev/null
+++ b/meta-oe/recipes-support/postgresql/files/postgresql-CVE-2016-0766.patch
@@ -0,0 +1,35 @@
+From f4aa3a18a20d51575562520754aa376b3b08b2d0 Mon Sep 17 00:00:00 2001
+From: Noah Misch <noah at leadboat.com>
+Date: Fri, 5 Feb 2016 20:22:51 -0500
+Subject: [PATCH] Force certain "pljava" custom GUCs to be PGC_SUSET.
+
+Future PL/Java versions will close CVE-2016-0766 by making these GUCs
+PGC_SUSET.  This PostgreSQL change independently mitigates that PL/Java
+vulnerability, helping sites that update PostgreSQL more frequently than
+PL/Java.  Back-patch to 9.1 (all supported versions).
+
+Upstream-Status: Backport
+
+Signed-off-by: Noah Misch <noah at leadboat.com>
+Index: postgresql-9.4.4/src/backend/utils/misc/guc.c
+===================================================================
+--- postgresql-9.4.4.orig/src/backend/utils/misc/guc.c	2015-06-10 03:29:38.000000000 +0800
++++ postgresql-9.4.4/src/backend/utils/misc/guc.c	2016-03-04 15:58:26.459266951 +0800
+@@ -7072,6 +7072,17 @@
+ 		!process_shared_preload_libraries_in_progress)
+ 		elog(FATAL, "cannot create PGC_POSTMASTER variables after startup");
+ 
++	/*
++	 * Before pljava commit 398f3b876ed402bdaec8bc804f29e2be95c75139
++	 * (2015-12-15), two of that module's PGC_USERSET variables facilitated
++	 * trivial escalation to superuser privileges.  Restrict the variables to
++	 * protect sites that have yet to upgrade pljava.
++	 */
++	if (context == PGC_USERSET &&
++		(strcmp(name, "pljava.classpath") == 0 ||
++		 strcmp(name, "pljava.vmoptions") == 0))
++		context = PGC_SUSET;
++
+ 	gen = (struct config_generic *) guc_malloc(ERROR, sz);
+ 	memset(gen, 0, sz);
+ 
diff --git a/meta-oe/recipes-support/postgresql/postgresql.inc b/meta-oe/recipes-support/postgresql/postgresql.inc
index dbc02a0..06e601f 100644
--- a/meta-oe/recipes-support/postgresql/postgresql.inc
+++ b/meta-oe/recipes-support/postgresql/postgresql.inc
@@ -31,6 +31,7 @@ SRC_URI = "http://ftp.postgresql.org/pub/source/v${PV}/${BP}.tar.bz2 \
     file://postgresql-setup \
     file://postgresql.service \
     file://0001-Use-pkg-config-for-libxml2-detection.patch \
+    file://postgresql-CVE-2016-0766.patch \
 "
 
 LEAD_SONAME = "libpq.so"

-- 
To stop receiving notification emails like this one, please contact
the administrator of this repository.

More information about the Openembedded-commits mailing list