* [Buildroot] [git commit branch/2018.02.x] postgresql: security bump to version 10.6
@ 2018-11-14 22:19 Peter Korsgaard
0 siblings, 0 replies; only message in thread
From: Peter Korsgaard @ 2018-11-14 22:19 UTC (permalink / raw)
To: buildroot
commit: https://git.buildroot.net/buildroot/commit/?id=49e16bb1031486848373e1f135b4db4ce45e2daf
branch: https://git.buildroot.net/buildroot/commit/?id=refs/heads/2018.02.x
Fixes the following security issue:
CVE-2018-16850: SQL injection in pg_upgrade and pg_dump, via CREATE TRIGGER
... REFERENCING
For more details, see the advisory:
https://www.postgresql.org/about/news/1905/
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
---
package/postgresql/postgresql.hash | 4 ++--
package/postgresql/postgresql.mk | 2 +-
2 files changed, 3 insertions(+), 3 deletions(-)
diff --git a/package/postgresql/postgresql.hash b/package/postgresql/postgresql.hash
index a9cc93c76c..05f94b4c76 100644
--- a/package/postgresql/postgresql.hash
+++ b/package/postgresql/postgresql.hash
@@ -1,5 +1,5 @@
-# From https://ftp.postgresql.org/pub/source/v10.5/postgresql-10.5.tar.bz2.sha256
-sha256 6c8e616c91a45142b85c0aeb1f29ebba4a361309e86469e0fb4617b6a73c4011 postgresql-10.5.tar.bz2
+# From https://ftp.postgresql.org/pub/source/v10.6/postgresql-10.6.tar.bz2.sha256
+sha256 68a8276f08bda8fbefe562faaf8831cb20664a7a1d3ffdbbcc5b83e08637624b postgresql-10.6.tar.bz2
# License file, Locally calculated
sha256 24cfc70cf16b3a23242c49ffce39510683bdd48cbedb8a46fe03976ee5f5c21e COPYRIGHT
diff --git a/package/postgresql/postgresql.mk b/package/postgresql/postgresql.mk
index f6dad978e3..66af8fe5a9 100644
--- a/package/postgresql/postgresql.mk
+++ b/package/postgresql/postgresql.mk
@@ -4,7 +4,7 @@
#
################################################################################
-POSTGRESQL_VERSION = 10.5
+POSTGRESQL_VERSION = 10.6
POSTGRESQL_SOURCE = postgresql-$(POSTGRESQL_VERSION).tar.bz2
POSTGRESQL_SITE = http://ftp.postgresql.org/pub/source/v$(POSTGRESQL_VERSION)
POSTGRESQL_LICENSE = PostgreSQL
^ permalink raw reply related [flat|nested] only message in thread
only message in thread, other threads:[~2018-11-14 22:19 UTC | newest]
Thread overview: (only message) (download: mbox.gz / follow: Atom feed)
-- links below jump to the message on this page --
2018-11-14 22:19 [Buildroot] [git commit branch/2018.02.x] postgresql: security bump to version 10.6 Peter Korsgaard
This is an external index of several public inboxes,
see mirroring instructions on how to clone and mirror
all data and code used by this external index.