postgresql: add fix for CVE-2014-0062 Security Advisory (bd937868) · Commits · poplar / meta-openembedded

Commit bd937868 authored Oct 29, 2014 by

Kang Kai Committed by Martin Jansa Nov 07, 2014

postgresql: add fix for CVE-2014-0062 Security Advisory

Race condition in the (1) CREATE INDEX and (2) unspecified ALTER TABLE
commands in PostgreSQL before 8.4.20, 9.0.x before 9.0.16, 9.1.x before
9.1.12, 9.2.x before 9.2.7, and 9.3.x before 9.3.3 allows remote
authenticated users to create an unauthorized index or read portions of
unauthorized tables by creating or deleting a table with the same name
during the timing window.

http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2014-0062



Signed-off-by: Yue Tao <Yue.Tao@windriver.com>
Signed-off-by: Kai Kang <kai.kang@windriver.com>
Signed-off-by: Martin Jansa <Martin.Jansa@gmail.com>

parent 30f8a051

Hide whitespace changes

Inline Side-by-side

Please register or to comment

Admin message

postgresql: add fix for CVE-2014-0062 Security Advisory