postgresql: add fix for CVE-2014-0060 Security Advisory - linux/meta-openembedded.git - Mirror of git.openembedded.org/meta-openembedded

diff options

author	Kang Kai <kai.kang@windriver.com>	2014-10-29 08:30:53 +0800
committer	Martin Jansa <Martin.Jansa@gmail.com>	2014-12-01 14:24:51 +0100
commit	08398ec33330425ad8a1706d92e0eb5055afbb81 (patch)
tree	f8fb392e6e17678779d8b44d0c62a34eeef21cbb /meta-oe/recipes-support/postgresql/files/0006-Fix-handling-of-wide-datetime-input-output.patch
parent	62d029bbec465ba54c5e2056dd4ab66d47230489 (diff)
download	meta-openembedded-08398ec33330425ad8a1706d92e0eb5055afbb81.tar.gz

postgresql: add fix for CVE-2014-0060 Security Advisory

PostgreSQL before 8.4.20, 9.0.x before 9.0.16, 9.1.x before 9.1.12, 9.2.x before 9.2.7, and 9.3.x before 9.3.3 does not properly enforce the ADMIN OPTION restriction, which allows remote authenticated members of a role to add or remove arbitrary users to that role by calling the SET ROLE command before the associated GRANT command. http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2014-0060 Signed-off-by: Yue Tao <Yue.Tao@windriver.com> Signed-off-by: Kai Kang <kai.kang@windriver.com> Signed-off-by: Martin Jansa <Martin.Jansa@gmail.com> Signed-off-by: Armin Kuster <akuster808@gmail.com>

Diffstat (limited to 'meta-oe/recipes-support/postgresql/files/0006-Fix-handling-of-wide-datetime-input-output.patch')

0 files changed, 0 insertions, 0 deletions


context:
space:
mode: