From 59e457955474385b3ca47488ca0028fc72869b7f Mon Sep 17 00:00:00 2001
From: Kang Kai <kai.kang@windriver.com>
Date: Wed, 29 Oct 2014 08:30:57 +0800
Subject: postgresql: add fix for CVE-2014-0067 Security Advisory

The make check command for the test suites in PostgreSQL 9.3.3 and
earlier does not properly invoke initdb to specify the authentication
requirements for a database cluster to be used for the tests, which
allows local users to gain privileges by leveraging access to this
cluster.

http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2014-0067

Signed-off-by: Yue Tao <Yue.Tao@windriver.com>
Signed-off-by: Kai Kang <kai.kang@windriver.com>
Signed-off-by: Martin Jansa <Martin.Jansa@gmail.com>
---
 meta-oe/recipes-support/postgresql/postgresql.inc | 1 +
 1 file changed, 1 insertion(+)

(limited to 'meta-oe/recipes-support/postgresql/postgresql.inc')

diff --git a/meta-oe/recipes-support/postgresql/postgresql.inc b/meta-oe/recipes-support/postgresql/postgresql.inc
index 4a62eb68d4..ce31205079 100644
--- a/meta-oe/recipes-support/postgresql/postgresql.inc
+++ b/meta-oe/recipes-support/postgresql/postgresql.inc
@@ -36,6 +36,7 @@ SRC_URI = "http://ftp.postgresql.org/pub/source/v${PV}/${BP}.tar.bz2 \
            file://0004-Prevent-privilege-escalation-in-explicit-calls-to-PL.patch \
            file://0005-Avoid-repeated-name-lookups-during-table-and-index-D.patch \
            file://0006-Fix-handling-of-wide-datetime-input-output.patch \
+           file://0007-Make-pqsignal-available-to-pg_regress-of-ECPG-and-is.patch \
           "
 
 LEAD_SONAME = "libpq.so"
-- 
cgit v1.2.3-54-g00ecf