From 1933d0fb784eabd5081234251baeb16bab7a8be9 Mon Sep 17 00:00:00 2001
From: Natanael Copa <ncopa@alpinelinux.org>
Date: Wed, 5 Mar 2014 10:27:38 +0000
Subject: main/postgresql: security upgrade to 9.1.12 (various CVEs)

fixes #2728

CVE-2014-0060   SET ROLE bypasses lack of ADMIN OPTION.
CVE-2014-0061   Privilege escalation via calls to validator functions.
CVE-2014-0062   Race condition in CREATE INDEX allows for privilege
                escalation.
CVE-2014-0063   Potential buffer overruns due to integer overflow in
                size calculations.
CVE-2014-0064   Potential buffer overruns in datetime input/output.
CVE-2014-0065   Potential buffer overruns of fixed-size buffers.
CVE-2014-0066   Potential null pointer dereference crash when crypt(3)
                returns NULL.
---
 main/postgresql/APKBUILD | 4 ++--
 1 file changed, 2 insertions(+), 2 deletions(-)

(limited to 'main')

diff --git a/main/postgresql/APKBUILD b/main/postgresql/APKBUILD
index 562fc1e804..c86efe8a61 100644
--- a/main/postgresql/APKBUILD
+++ b/main/postgresql/APKBUILD
@@ -1,6 +1,6 @@
 # Maintainer: Natanael Copa <ncopa@alpinelinux.org>
 pkgname=postgresql
-pkgver=9.1.9
+pkgver=9.1.12
 pkgrel=0
 pkgdesc="A sophisticated object-relational DBMS"
 url="http://www.postgresql.org/"
@@ -57,7 +57,7 @@ client() {
 }
 
 
-md5sums="6b5ea53dde48fcd79acfc8c196b83535  postgresql-9.1.9.tar.bz2
+md5sums="a14eb8a602af44f1827a9ecf928e7b44  postgresql-9.1.12.tar.bz2
 4d2f5be74fae4895db3d993e69bbda10  postgresql.initd
 b609795f715cefcc30b08e4ed01f4416  postgresql.confd
 df2d90fc713b4e89fd21abb9e36cd688  pg-restore.initd
-- 
cgit v1.2.3