CaROS/meta-openembedded
3
1
Fork 0
mirror of git://git.openembedded.org/meta-openembedded synced 2026-01-01 13:58:06 +00:00
Code Issues Packages Projects Releases Wiki Activity

postgresql: Security Advisory-postgresql-CVE-2016-0766

Browse Source 
add CVE-2016-0766 patch for avoiding attackers to gain privileges
via unspecified vectors.
Patch comes from:
http://git.postgresql.org/gitweb/?p=postgresql.git;a=summary
commit f4aa3a18a20d51575562520754aa376b3b08b2d0

Signed-off-by: Zhixiong Chi <Zhixiong.Chi@windriver.com>
Signed-off-by: Martin Jansa <Martin.Jansa@gmail.com>
Signed-off-by: Armin Kuster <akuster808@gmail.com>
This commit is contained in:
Zhixiong Chi 2016-03-08 13:43:20 +08:00 committed by Armin Kuster
parent fe34300893
commit fb3ef4d502
2 changed files with 36 additions and 0 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

35
meta-oe/recipes-support/postgresql/files/postgresql-CVE-2016-0766.patch Normal file
View File

@ -0,0 +1,35 @@
From f4aa3a18a20d51575562520754aa376b3b08b2d0 Mon Sep 17 00:00:00 2001
From: Noah Misch <noah@leadboat.com>
Date: Fri, 5 Feb 2016 20:22:51 -0500
Subject: [PATCH] Force certain "pljava" custom GUCs to be PGC_SUSET.
Future PL/Java versions will close CVE-2016-0766 by making these GUCs
PGC_SUSET. This PostgreSQL change independently mitigates that PL/Java
vulnerability, helping sites that update PostgreSQL more frequently than
PL/Java. Back-patch to 9.1 (all supported versions).
Upstream-Status: Backport
Signed-off-by: Noah Misch <noah@leadboat.com>
Index: postgresql-9.4.4/src/backend/utils/misc/guc.c
===================================================================
--- postgresql-9.4.4.orig/src/backend/utils/misc/guc.c 2015-06-10 03:29:38.000000000 +0800
+++ postgresql-9.4.4/src/backend/utils/misc/guc.c 2016-03-04 15:58:26.459266951 +0800
@@ -7072,6 +7072,17 @@
!process_shared_preload_libraries_in_progress)
elog(FATAL, "cannot create PGC_POSTMASTER variables after startup");
+ /*
+ * Before pljava commit 398f3b876ed402bdaec8bc804f29e2be95c75139
+ * (2015-12-15), two of that module's PGC_USERSET variables facilitated
+ * trivial escalation to superuser privileges. Restrict the variables to
+ * protect sites that have yet to upgrade pljava.
+ */
+ if (context == PGC_USERSET &&
+ (strcmp(name, "pljava.classpath") == 0 ||
+ strcmp(name, "pljava.vmoptions") == 0))
+ context = PGC_SUSET;
+
gen = (struct config_generic *) guc_malloc(ERROR, sz);
memset(gen, 0, sz);

1
meta-oe/recipes-support/postgresql/postgresql.inc
View File

@ -31,6 +31,7 @@ SRC_URI = "http://ftp.postgresql.org/pub/source/v${PV}/${BP}.tar.bz2 \
file://postgresql-setup \
file://postgresql.service \
file://0001-Use-pkg-config-for-libxml2-detection.patch \
file://postgresql-CVE-2016-0766.patch \
"
LEAD_SONAME = "libpq.so"