OpenPOWER buildroot sources https://git.raptorcs.com/git/buildroot/atom?h=2018.02 2018-03-03T19:15:59+00:00 2018-03-03T19:15:59+00:00 Adam Duskett aduskett@gmail.com 2018-03-03T17:59:23+00:00 urn:sha1:00fc361b0a1693e701485ab177e9d12b59652170 Helps mitigate CVE-2018-1058 see: https://www.postgresql.org/docs/current/static/release-10-3.html for more bugfixes. Signed-off-by: Adam Duskett <aduskett@gmail.com> Signed-off-by: Peter Korsgaard <peter@korsgaard.com> 2018-02-13T21:06:28+00:00 Baruch Siach baruch@tkos.co.il 2018-02-10T20:16:38+00:00 urn:sha1:005c52f4bd1b977fa94f168908eff48830ee4b74 Copyright year update. Fixes: http://autobuild.buildroot.net/results/d79/d7989660584430945644e3a4406ba33cee22863d/ http://autobuild.buildroot.net/results/b51/b5141b64ed838caa1daca1bf4fe322dd2afaf0b5/ http://autobuild.buildroot.net/results/a37/a375d533036a1b95af32b6bda086e93174b8c5f0/ Cc: Peter Seiderer <ps.report@gmx.net> Signed-off-by: Baruch Siach <baruch@tkos.co.il> Reviewed-by: Matt Weber <matthew.weber@rockwellcollins.com> Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com> 2018-02-10T07:57:08+00:00 Adam Duskett aduskett@gmail.com 2018-02-09T12:02:31+00:00 urn:sha1:93781734b7d93ad4ca77add807c5e10a2862b6b9 from https://www.postgresql.org/about/news/1829/ [1] CVE-2018-1052: Fix the processing of partition keys containing multiple expressions [2] CVE-2018-1053: Ensure that all temporary files made with "pg_upgrade" are non-world-readable Signed-off-by: Adam Duskett <aduskett@gmail.com> Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com> 2017-11-27T08:44:24+00:00 Adam Duskett aduskett@gmail.com 2017-11-25T17:12:14+00:00 urn:sha1:b101114b82dba39cc58b66dbc870f2ef613afbcf - Add a hash for the license file. - PostgreSQL 10.0 and above will default to checking for /dev/urandom if an SSL library is not found, which will fail when cross compiling. Since /dev/urandom is guaranteed to be provided on Linux systems, add ac_cv_file__dev_urandom=yes to the configure environment if a SSL library is not selected. Signed-off-by: Adam Duskett <Adamduskett@outlook.com> [Thomas: minor tweaks to the /dev/urandom comment in the .mk file.] Signed-off-by: Thomas Petazzoni <thomas.petazzoni@free-electrons.com> 2017-11-11T22:23:55+00:00 Peter Korsgaard peter@korsgaard.com 2017-11-11T10:44:56+00:00 urn:sha1:b97353f2b50add10971e8477ad0b4cede9244578 Fixes the following security issues: CVE-2017-12172: Start scripts permit database administrator to modify root-owned files. CVE-2017-15098: Memory disclosure in JSON functions. CVE-2017-15099: INSERT ... ON CONFLICT DO UPDATE fails to enforce SELECT privileges. See the announcement for more details: https://www.postgresql.org/about/news/1801/ While we're at it, also add a hash for the license file. Signed-off-by: Peter Korsgaard <peter@korsgaard.com> Signed-off-by: Thomas Petazzoni <thomas.petazzoni@free-electrons.com> 2017-09-05T19:17:45+00:00 Adam Duskett aduskett@gmail.com 2017-09-05T12:20:10+00:00 urn:sha1:95e284bd2732390eb34cb72c798032fd7ac8920c Signed-off-by: Adam Duskett <aduskett@gmail.com> Signed-off-by: Thomas Petazzoni <thomas.petazzoni@free-electrons.com> 2017-05-11T15:51:37+00:00 Vicente Olivert Riera Vincent.Riera@imgtec.com 2017-05-11T14:20:14+00:00 urn:sha1:e2bb446ff50c3bd346beca07d5e7f3dc11591a1c Three security vulnerabilities have been closed by this release: CVE-2017-7484: selectivity estimators bypass SELECT privilege checks CVE-2017-7485: libpq ignores PGREQUIRESSL environment variable CVE-2017-7486: pg_user_mappings view discloses foreign server passwords More details: https://www.postgresql.org/about/news/1746/ Signed-off-by: Vicente Olivert Riera <Vincent.Riera@imgtec.com> Signed-off-by: Thomas Petazzoni <thomas.petazzoni@free-electrons.com> 2017-03-18T14:53:25+00:00 Vicente Olivert Riera Vincent.Riera@imgtec.com 2017-03-13T11:52:13+00:00 urn:sha1:cd3d6c32ca515d5fb8dcc47cb17b2677fd480948 Signed-off-by: Vicente Olivert Riera <Vincent.Riera@imgtec.com> Signed-off-by: Thomas Petazzoni <thomas.petazzoni@free-electrons.com> 2017-02-15T21:34:44+00:00 Thomas Petazzoni thomas.petazzoni@free-electrons.com 2017-02-15T21:34:44+00:00 urn:sha1:8ae3dce5275915a1784b00bf145af907827fed0d Just like all non-mainstream architectures, postgresql doesn't provide its internal spinlock implementation on OpenRISC, so disable it. Fixes: http://autobuild.buildroot.net/results/e9de750e34f10c4a2403696936260ad1547d0d15/ Signed-off-by: Thomas Petazzoni <thomas.petazzoni@free-electrons.com> 2016-11-28T20:37:38+00:00 Peter Seiderer ps.report@gmx.net 2016-11-28T18:53:51+00:00 urn:sha1:e64ee501a0c8a8700c9a5f0e03e2f6979a0f810d Supplementary change the pgac_cv_snprintf_long_long_int_modifier from complete format '%lld' to modifier 'll' version only (forgotten in commit 02c43157ab09f6fe4078fd1145fc9d403d66c089 ([1])). Fixes Bug 9451 ([2]). [1] https://git.buildroot.net/buildroot/commit/?id=02c43157ab09f6fe4078fd1145fc9d403d66c089 [2] https://bugs.busybox.net/show_bug.cgi?id=9451 Reported-by: Daniel <dde@innovaphone.com> Signed-off-by: Peter Seiderer <ps.report@gmx.net> Signed-off-by: Thomas Petazzoni <thomas.petazzoni@free-electrons.com>