[v2,2017.02.x,1/1] postgresql: security bump to 9.6.7

Message ID 20180212121216.23280-1-aduskett@gmail.com
State Accepted, archived
Headers show
Series
  • [v2,2017.02.x,1/1] postgresql: security bump to 9.6.7
Related show

Commit Message

Adam Duskett Feb. 12, 2018, 12:12 p.m.
from https://www.postgresql.org/about/news/1829/

Fixes:
[1] CVE-2018-1052: Fix the processing of partition keys containing multiple
                   expressions

[2] CVE-2018-1053: Ensure that all temporary files made with "pg_upgrade" are
                   non-world-readable

Signed-off-by: Adam Duskett <aduskett@gmail.com>
---
Changes V1 -> v2:
  - Fixed license file sha256sum
  - Fixed subject-prefix (Thomas)

 package/postgresql/postgresql.hash | 6 +++---
 package/postgresql/postgresql.mk   | 2 +-
 2 files changed, 4 insertions(+), 4 deletions(-)

Comments

Peter Korsgaard Feb. 15, 2018, 9:29 p.m. | #1
>>>>> "Adam" == Adam Duskett <aduskett@gmail.com> writes:

 > from https://www.postgresql.org/about/news/1829/
 > Fixes:
 > [1] CVE-2018-1052: Fix the processing of partition keys containing multiple
 >                    expressions

 > [2] CVE-2018-1053: Ensure that all temporary files made with "pg_upgrade" are
 >                    non-world-readable

 > Signed-off-by: Adam Duskett <aduskett@gmail.com>
 > ---
 > Changes V1 -> v2:
 >   - Fixed license file sha256sum
 >   - Fixed subject-prefix (Thomas)

Committed to 2017.02.x, thanks.

Patch

diff --git a/package/postgresql/postgresql.hash b/package/postgresql/postgresql.hash
index e62838911e..092e852d10 100644
--- a/package/postgresql/postgresql.hash
+++ b/package/postgresql/postgresql.hash
@@ -1,4 +1,4 @@ 
-# From https://ftp.postgresql.org/pub/source/v9.6.6/postgresql-9.6.6.tar.bz2.sha256
-sha256 399cdffcb872f785ba67e25d275463d74521566318cfef8fe219050d063c8154  postgresql-9.6.6.tar.bz2
+# From https://ftp.postgresql.org/pub/source/v9.6.7/postgresql-9.6.7.tar.bz2.sha256
+sha256 2ebe3df3c1d1eab78023bdc3ffa55a154aa84300416b075ef996598d78a624c6  postgresql-9.6.7.tar.bz2
 # License file, Locally calculated
-sha256 7dc8de32741ad1b03e21710771b55a1b9d460671d47f28a8840f917e38c66676  COPYRIGHT
+sha256 24cfc70cf16b3a23242c49ffce39510683bdd48cbedb8a46fe03976ee5f5c21e  COPYRIGHT
diff --git a/package/postgresql/postgresql.mk b/package/postgresql/postgresql.mk
index 50ce212c1c..86f79c05ee 100644
--- a/package/postgresql/postgresql.mk
+++ b/package/postgresql/postgresql.mk
@@ -4,7 +4,7 @@ 
 #
 ################################################################################
 
-POSTGRESQL_VERSION = 9.6.6
+POSTGRESQL_VERSION = 9.6.7
 POSTGRESQL_SOURCE = postgresql-$(POSTGRESQL_VERSION).tar.bz2
 POSTGRESQL_SITE = http://ftp.postgresql.org/pub/source/v$(POSTGRESQL_VERSION)
 POSTGRESQL_LICENSE = PostgreSQL