diff options
| author | Gustavo Zacarias <gustavo@zacarias.com.ar> | 2015-10-08 15:59:12 -0300 |
|---|---|---|
| committer | Thomas Petazzoni <thomas.petazzoni@free-electrons.com> | 2015-10-09 15:24:34 +0200 |
| commit | 4cab124a0b1b7504e50fd02357022cdad1a61865 (patch) | |
| tree | 180d71f044bd9af27c83d1b8e0f768883d9e36ef /package/postgresql/postgresql.mk | |
| parent | 633f2f570a342cbb68a1b9147c7d5d68d429c2fb (diff) | |
| download | buildroot-4cab124a0b1b7504e50fd02357022cdad1a61865.tar.gz buildroot-4cab124a0b1b7504e50fd02357022cdad1a61865.zip | |
postgresql: security bump to version 9.4.5
Fixes:
CVE-2015-5289: json or jsonb input values constructed from arbitrary
user input can crash the PostgreSQL server and cause a denial of
service.
CVE-2015-5288: The crypt() function included with the optional pgCrypto
extension could be exploited to read a few additional bytes of memory.
No working exploit for this issue has been developed.
sparc build fix patch upstream so drop it.
Signed-off-by: Gustavo Zacarias <gustavo@zacarias.com.ar>
Reviewed-by: Vicente Olivert Riera <Vincent.Riera@imgtec.com>
Tested-by: Vicente Olivert Riera <Vincent.Riera@imgtec.com>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@free-electrons.com>
Diffstat (limited to 'package/postgresql/postgresql.mk')
| -rw-r--r-- | package/postgresql/postgresql.mk | 2 |
1 files changed, 1 insertions, 1 deletions
diff --git a/package/postgresql/postgresql.mk b/package/postgresql/postgresql.mk index e710e928d9..a42fe73b31 100644 --- a/package/postgresql/postgresql.mk +++ b/package/postgresql/postgresql.mk @@ -4,7 +4,7 @@ # ################################################################################ -POSTGRESQL_VERSION = 9.4.4 +POSTGRESQL_VERSION = 9.4.5 POSTGRESQL_SOURCE = postgresql-$(POSTGRESQL_VERSION).tar.bz2 POSTGRESQL_SITE = http://ftp.postgresql.org/pub/source/v$(POSTGRESQL_VERSION) POSTGRESQL_LICENSE = PostgreSQL |
