aboutsummaryrefslogtreecommitdiffstats
diff options
context:
space:
mode:
authorNatanael Copa <ncopa@alpinelinux.org>2014-03-05 10:27:38 +0000
committerNatanael Copa <ncopa@alpinelinux.org>2014-03-05 10:28:19 +0000
commit1933d0fb784eabd5081234251baeb16bab7a8be9 (patch)
treea137e892fe0228aff7b8e25b4d2f96d7d6ff5a8f
parent18c70cf5207e857f2bd47b6ea814f3f080542b68 (diff)
downloadaports-1933d0fb784eabd5081234251baeb16bab7a8be9.tar.bz2
aports-1933d0fb784eabd5081234251baeb16bab7a8be9.tar.xz
main/postgresql: security upgrade to 9.1.12 (various CVEs)
fixes #2728 CVE-2014-0060 SET ROLE bypasses lack of ADMIN OPTION. CVE-2014-0061 Privilege escalation via calls to validator functions. CVE-2014-0062 Race condition in CREATE INDEX allows for privilege escalation. CVE-2014-0063 Potential buffer overruns due to integer overflow in size calculations. CVE-2014-0064 Potential buffer overruns in datetime input/output. CVE-2014-0065 Potential buffer overruns of fixed-size buffers. CVE-2014-0066 Potential null pointer dereference crash when crypt(3) returns NULL.
-rw-r--r--main/postgresql/APKBUILD4
1 files changed, 2 insertions, 2 deletions
diff --git a/main/postgresql/APKBUILD b/main/postgresql/APKBUILD
index 562fc1e804..c86efe8a61 100644
--- a/main/postgresql/APKBUILD
+++ b/main/postgresql/APKBUILD
@@ -1,6 +1,6 @@
# Maintainer: Natanael Copa <ncopa@alpinelinux.org>
pkgname=postgresql
-pkgver=9.1.9
+pkgver=9.1.12
pkgrel=0
pkgdesc="A sophisticated object-relational DBMS"
url="http://www.postgresql.org/"
@@ -57,7 +57,7 @@ client() {
}
-md5sums="6b5ea53dde48fcd79acfc8c196b83535 postgresql-9.1.9.tar.bz2
+md5sums="a14eb8a602af44f1827a9ecf928e7b44 postgresql-9.1.12.tar.bz2
4d2f5be74fae4895db3d993e69bbda10 postgresql.initd
b609795f715cefcc30b08e4ed01f4416 postgresql.confd
df2d90fc713b4e89fd21abb9e36cd688 pg-restore.initd