Fixes:
CVE-2016-0766 - privilege escalation issue for users of PL/Java.
CVE-2016-0773 - issue with regular expression (regex) parsing. Prior
code allowed users to pass in expressions which included out-of-range
Unicode characters, triggering a backend crash. This issue is critical
for PostgreSQL systems with untrusted users or which generate regexes
based on user input.
Signed-off-by: Gustavo Zacarias <gustavo@zacarias.com.ar>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@free-electrons.com>
Fixes:
CVE-2015-5289: json or jsonb input values constructed from arbitrary
user input can crash the PostgreSQL server and cause a denial of
service.
CVE-2015-5288: The crypt() function included with the optional pgCrypto
extension could be exploited to read a few additional bytes of memory.
No working exploit for this issue has been developed.
sparc build fix patch upstream so drop it.
Signed-off-by: Gustavo Zacarias <gustavo@zacarias.com.ar>
Reviewed-by: Vicente Olivert Riera <Vincent.Riera@imgtec.com>
Tested-by: Vicente Olivert Riera <Vincent.Riera@imgtec.com>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@free-electrons.com>
The 'ZIC=$$(ZIC)' assignment is seen as 'ZIC=$(ZIC)' by the shell, that
interprets that as command substitution causing an error like:
/bin/sh: ZIC: command not found
Signed-off-by: Baruch Siach <baruch@tkos.co.il>
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
- overwrite platform support with linux template
- disable spinlock support
[Thomas: use the --with-template=linux option unconditionally.]
Signed-off-by: Peter Seiderer <ps.report@gmx.net>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@free-electrons.com>
Assist configure IPv6 support detection for uclibc,
fixes the following uclibc compile failure:
auth.c: In function ‘CheckRADIUSAuth’:
auth.c:2379:24: error: ‘in6addr_any’ undeclared (first use in this function)
localaddr.sin6_addr = in6addr_any;
Signed-off-by: Peter Seiderer <ps.report@gmx.net>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@free-electrons.com>
Build with uclibc and locale support failes with the following error
message:
regc_pg_locale.c: In function ‘pg_wc_isdigit’:
regc_pg_locale.c:312:6: error: dereferencing pointer to incomplete type
isdigit_l((unsigned char) c, pg_regex_locale));
This can be fixed by overwriting the HAVE_LOCALE_T detection (thanks
to Alex Potapenko <opotapenko@gmail.com> for the hint [1]).
[1] http://lists.busybox.net/pipermail/buildroot/2015-March/121088.html
Signed-off-by: Peter Seiderer <ps.report@gmx.net>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@free-electrons.com>
To be consistent with the recent change of FOO_MAKE_OPT into FOO_MAKE_OPTS,
make the same change for FOO_CONF_OPT.
Sed command used:
find * -type f | xargs sed -i 's#_CONF_OPT\>#&S#g'
Signed-off-by: Thomas De Schampheleire <thomas.de.schampheleire@gmail.com>
Reviewed-by: "Yann E. MORIN" <yann.morin.1998@free.fr>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@free-electrons.com>
Normally pg_config is a native application compiled for the
target architecture. Since we cannot execute those on the
host system, provide a simple shell script as replacement.
Signed-off-by: Floris Bos <bos@je-eigen-domein.nl>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@free-electrons.com>
Certain packages need the headers/libraries from Postgresql to build
properly.
[Thomas: slightly reword the commit message.]
Signed-off-by: Nathaniel Roach <nroach44@gmail.com>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@free-electrons.com>
