postgresql: security bump to version 9.6.5

Fixes the following security issues (9.6.4): CVE-2017-7546: Empty password accepted in some authentication methods CVE-2017-7547: The "pg_user_mappings" catalog view discloses passwords to users lacking server privileges CVE-2017-7548: lo_put() function ignores ACLs For more info, see https://www.postgresql.org/about/news/1772/ [Peter: extend commit message with security fixes info] Signed-off-by: Adam Duskett <aduskett@gmail.com> Signed-off-by: Thomas Petazzoni <thomas.petazzoni@free-electrons.com> (cherry picked from commit 95e284bd27) Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
2017-09-05 08:20:10 -04:00 · 2017-09-05 08:20:10 -04:00 · 0e3334e25b
commit 0e3334e25b
parent f16d963789
2 changed files with 3 additions and 3 deletions
--- a/package/postgresql/postgresql.hash
+++ b/package/postgresql/postgresql.hash
@ -1,2 +1,2 @@
-# From https://ftp.postgresql.org/pub/source/v9.6.3/postgresql-9.6.3.tar.bz2.sha256
-sha256 1645b3736901f6d854e695a937389e68ff2066ce0cde9d73919d6ab7c995b9c6  postgresql-9.6.3.tar.bz2
+# From https://ftp.postgresql.org/pub/source/v9.6.5/postgresql-9.6.5.tar.bz2.sha256
+sha256 06da12a7e3dddeb803962af8309fa06da9d6989f49e22865335f0a14bad0744c  postgresql-9.6.5.tar.bz2
--- a/package/postgresql/postgresql.mk
+++ b/package/postgresql/postgresql.mk
@ -4,7 +4,7 @@
 #
 ################################################################################

-POSTGRESQL_VERSION = 9.6.3
+POSTGRESQL_VERSION = 9.6.5
 POSTGRESQL_SOURCE = postgresql-$(POSTGRESQL_VERSION).tar.bz2
 POSTGRESQL_SITE = http://ftp.postgresql.org/pub/source/v$(POSTGRESQL_VERSION)
 POSTGRESQL_LICENSE = PostgreSQL