OpenPOWER buildroot sources https://git.raptorcs.com/git/buildroot/atom?h=2016.11 2016-11-01T13:58:37+00:00 2016-11-01T13:58:37+00:00 Vicente Olivert Riera Vincent.Riera@imgtec.com 2016-10-31T16:31:25+00:00 urn:sha1:fcb554d39dd3476557406023d18543063ce8442c Signed-off-by: Vicente Olivert Riera <Vincent.Riera@imgtec.com> Signed-off-by: Thomas Petazzoni <thomas.petazzoni@free-electrons.com> 2016-10-22T13:35:37+00:00 Peter Seiderer ps.report@gmx.net 2016-10-20T19:49:32+00:00 urn:sha1:0603b9ea3eff9e11aba2b7408215e03d9247b977 For release notes see [1]. [1] https://www.postgresql.org/docs/9.6/static/release-9-6.html Signed-off-by: Peter Seiderer <ps.report@gmx.net> Signed-off-by: Thomas Petazzoni <thomas.petazzoni@free-electrons.com> 2016-10-13T05:41:19+00:00 Gustavo Zacarias gustavo@zacarias.com.ar 2016-10-12T23:17:27+00:00 urn:sha1:5454e25a69b13b4680d4d313864f98acdd9f835a Fixes: CVE-2016-5423 - CASE/WHEN with inlining can cause untrusted pointer dereference (bsc#993454). CVE-2016-5424 - Fix client programs' handling of special characters in database and role names (bsc#993453). Signed-off-by: Gustavo Zacarias <gustavo@zacarias.com.ar> Signed-off-by: Peter Korsgaard <peter@korsgaard.com> 2016-05-13T19:48:38+00:00 Vicente Olivert Riera Vincent.Riera@imgtec.com 2016-05-13T12:21:13+00:00 urn:sha1:17b034e64082b82c0b03952d4959bd8139c1b182 Signed-off-by: Vicente Olivert Riera <Vincent.Riera@imgtec.com> Signed-off-by: Thomas Petazzoni <thomas.petazzoni@free-electrons.com> 2016-04-14T12:37:46+00:00 Vicente Olivert Riera Vincent.Riera@imgtec.com 2016-04-14T08:53:58+00:00 urn:sha1:73aaf7391674411a6a023afa5f67bbad9532ee39 Also remove a patch which is no longer necessary and do not autoreconf. Signed-off-by: Vicente Olivert Riera <Vincent.Riera@imgtec.com> Signed-off-by: Thomas Petazzoni <thomas.petazzoni@free-electrons.com> 2016-02-16T20:33:12+00:00 Gustavo Zacarias gustavo@zacarias.com.ar 2016-02-16T16:02:38+00:00 urn:sha1:cd80d3c03185dfd0ef1c214c98da35e61f0737c5 Fixes: CVE-2016-0766 - privilege escalation issue for users of PL/Java. CVE-2016-0773 - issue with regular expression (regex) parsing. Prior code allowed users to pass in expressions which included out-of-range Unicode characters, triggering a backend crash. This issue is critical for PostgreSQL systems with untrusted users or which generate regexes based on user input. Signed-off-by: Gustavo Zacarias <gustavo@zacarias.com.ar> Signed-off-by: Thomas Petazzoni <thomas.petazzoni@free-electrons.com> 2015-10-09T13:24:34+00:00 Gustavo Zacarias gustavo@zacarias.com.ar 2015-10-08T18:59:12+00:00 urn:sha1:4cab124a0b1b7504e50fd02357022cdad1a61865 Fixes: CVE-2015-5289: json or jsonb input values constructed from arbitrary user input can crash the PostgreSQL server and cause a denial of service. CVE-2015-5288: The crypt() function included with the optional pgCrypto extension could be exploited to read a few additional bytes of memory. No working exploit for this issue has been developed. sparc build fix patch upstream so drop it. Signed-off-by: Gustavo Zacarias <gustavo@zacarias.com.ar> Reviewed-by: Vicente Olivert Riera <Vincent.Riera@imgtec.com> Tested-by: Vicente Olivert Riera <Vincent.Riera@imgtec.com> Signed-off-by: Thomas Petazzoni <thomas.petazzoni@free-electrons.com> 2015-06-21T04:39:19+00:00 Vicente Olivert Riera Vincent.Riera@imgtec.com 2015-06-18T16:46:06+00:00 urn:sha1:0b9d184ddde036af7c1af786ff413387e221a2b0 - Bump to version 9.4.4 - Update hash file Signed-off-by: Vicente Olivert Riera <Vincent.Riera@imgtec.com> Signed-off-by: Thomas Petazzoni <thomas.petazzoni@free-electrons.com> 2015-06-09T20:43:17+00:00 Gustavo Zacarias gustavo@zacarias.com.ar 2015-06-08T18:43:25+00:00 urn:sha1:233862860cfd4474dcc2d298d54b1f058b624e8e Signed-off-by: Gustavo Zacarias <gustavo@zacarias.com.ar> Signed-off-by: Thomas Petazzoni <thomas.petazzoni@free-electrons.com> 2015-05-26T21:53:34+00:00 Gustavo Zacarias gustavo@zacarias.com.ar 2015-05-26T19:45:57+00:00 urn:sha1:dffd39168af7ee419f3fe86152d36db2d1dfcc5a Fixes: CVE-2015-3165 (denial of service) CVE-2015-3166 (information disclosure) CVE-2015-3167 (side-channel key exposure) Signed-off-by: Gustavo Zacarias <gustavo@zacarias.com.ar> Signed-off-by: Peter Korsgaard <peter@korsgaard.com>