Commit Graph

46287 Commits

Author SHA1 Message Date
Fabrice Fontaine
460ee0dbe0 package/qt5multimedia: put back gstreamer 0.10 optional dependency
Commit b2e16ea64a tried to remove
gstreamer 0.10 support by removing its dependency but this was just
masking the issue as we have a build failure with gstreamer 0.10

So put back this dependency.

Signed-off-by: Fabrice Fontaine <fontaine.fabrice@gmail.com>
Signed-off-by: Arnout Vandecappelle (Essensium/Mind) <arnout@mind.be>
2019-05-14 23:09:53 +02:00
Fabrice Fontaine
d5b2c53fa4 package/qt5multimedia: fix build with gstreamer 0.10
Fixes:
 - http://autobuild.buildroot.org/results/de26fd4f5ab130bd87ea9d7709d9568290362758

Signed-off-by: Fabrice Fontaine <fontaine.fabrice@gmail.com>
Reviewed-by: Peter Seiderer <ps.report@gmx.net>
[Arnout: patch applies to 5.12.2 version only]
Signed-off-by: Arnout Vandecappelle (Essensium/Mind) <arnout@mind.be>
2019-05-14 23:08:35 +02:00
Fabrice Fontaine
415077b420 package/samba4: add cmocka dependency
Use system version of cmocka instead of the embedded one

Signed-off-by: Fabrice Fontaine <fontaine.fabrice@gmail.com>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
2019-05-14 19:21:48 +02:00
Marcin Niestroj
2b31f91e6d package/lua-flu: bump to 20181218 release
Also drop patch which is part of new release.

Signed-off-by: Marcin Niestroj <m.niestroj@grinn-global.com>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
2019-05-14 19:21:39 +02:00
Marcin Niestroj
e3fa1c1820 package/dt-utils: bump to v2019.01.0
Also drop patch which is part of new release.

Signed-off-by: Marcin Niestroj <m.niestroj@grinn-global.com>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
2019-05-14 19:21:21 +02:00
Evgeniy Didin
08c330c464 toolchain: bump ARC tools to arc-2019.03-rc1
This commit bumps ARC toolchain to arc-2019.03-rc1.  We want to test
how new toolchain-rc1 builds packages, so we can make fixes before
release of toolcain.

ARC GNU tools of version arc-2019.03-rc1 bring some quite significant
changes like:
* Binutils v2.32.51.20190308 with additional ARC patches
* GCC 8.3.1 with additional ARC patches
* glibc 2.29 with additional ARC patches

Please note that it is a release candidate and it might contain some
breakages, please don't use it for production builds.

Signed-off-by: Evgeniy Didin <Evgeniy.Didin@synopsys.com>
Cc: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
Cc: arc-buildroot@synopsys.com
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
2019-05-14 19:17:42 +02:00
Max Filippov
7eb857f199 package/uclibc: fix preadv/pwritev offset argument type
preadv/pwritev don't provide separate version for 64-bit wide off_t,
and default to 32-bit wide off_t, which results in a mismatch between
declaration and definition for user programs built with
-D_FILE_OFFSET_BITS=64.

Signed-off-by: Max Filippov <jcmvbkbc@gmail.com>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
2019-05-14 18:46:41 +02:00
Jörg Krause
f8886a07a2 package/ninja: always use host-python3
The current logic selects Python3 for the host only if Python3 is
selected for the target, otherwise it selects Python2.

As Meson, the only package infrastructure using ninja, needs Python 3,
it is desirable to also depend on Python 3 on the host for the ninja
host package.

Otherwise, if no Python interpreter is selected for the target, both
Python 2 and Python 3 are build for the host, which is time consuming
without any benefit.

For example when building libmpdclient (and all its target and host
dependencies) the actual elapsed time for is reduced from around 286s
to 207s as reported by `time -p make clean all`.

Signed-off-by: Jörg Krause <joerg.krause@embedded.rocks>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
2019-05-14 18:31:35 +02:00
Adam Duskett
4fa0bb57b3 package/ca-certificates: bump to version 20190110
Also add a hash for the license file.

Signed-off-by: Adam Duskett <Aduskett@gmail.com>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
2019-05-14 18:25:26 +02:00
Fabrice Fontaine
1ba1ce8351 package/linknx: fix build with log4cpp
Fixes:
 - http://autobuild.buildroot.org/results/1863f8f27041bc15ca68e786ba3b8e4764c40574

Signed-off-by: Fabrice Fontaine <fontaine.fabrice@gmail.com>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
2019-05-14 18:22:23 +02:00
Fabrice Fontaine
57ec3ec06e package/gdb: fix build of 7.12.1 with glibc 2.29
Between glibc 2.28 and glibc 2.29, commit
89983cb37c9319806a551e8fe9f3a11ff8f973e1 ("Update siginfo constants
from Linux kernel (bug 21286)") was merged. This commit moved the
TRAP_HWBKPT definition from an IA64-specific header to an
architecture-agnostic header.

This change exhibited a build issue that until then was only visible
on IA64 (which Buildroot does not support). This Buildroot commit
backports a patch from gdb upstream (which is in gdb since 8.2) which
mentions IA64 because it was originally meant to fix only the
IA64-related issue. But the glibc change, this change has become
visible on all architectures.

Fixes:
 - No autobuilder failures

Signed-off-by: Fabrice Fontaine <fontaine.fabrice@gmail.com>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
2019-05-14 18:21:49 +02:00
Fabrice Fontaine
b8b23ac208 package/gdb: fix build of 8.0.1 with glibc 2.29
Between glibc 2.28 and glibc 2.29, commit
89983cb37c9319806a551e8fe9f3a11ff8f973e1 ("Update siginfo constants
from Linux kernel (bug 21286)") was merged. This commit moved the
TRAP_HWBKPT definition from an IA64-specific header to an
architecture-agnostic header.

This change exhibited a build issue that until then was only visible
on IA64 (which Buildroot does not support). This Buildroot commit
backports a patch from gdb upstream (which is in gdb since 8.2) which
mentions IA64 because it was originally meant to fix only the
IA64-related issue. But the glibc change, this change has become
visible on all architectures.

Fixes:
 - No autobuilder failures

Signed-off-by: Fabrice Fontaine <fontaine.fabrice@gmail.com>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
2019-05-14 18:21:42 +02:00
Etienne Carriere
2635966f8f package/optee-benchmark: bump version to 3.5.0
Bump OP-TEE Benchmark package version to release 3.5.0
which now provides an identified LICENSE file.

Signed-off-by: Etienne Carriere <etienne.carriere@linaro.org>
[Thomas: add missing LICENSE_FILES variable, fix hash]
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
2019-05-14 18:13:22 +02:00
Etienne Carriere
e53299f67c package/optee-examples: bump version to 3.5.0
Bump OP-TEE Examples package version to release 3.5.0.
This change discard now useless patches on OP-TEE Examples
package.

Signed-off-by: Etienne Carriere <etienne.carriere@linaro.org>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
2019-05-14 18:09:48 +02:00
Etienne Carriere
26701e2705 package/optee-test: bump version to 3.5.0
Bump OP-TEE Test package version to release 3.5.0. This
change updates patches on OP-TEE Test package accordingly.

Signed-off-by: Etienne Carriere <etienne.carriere@linaro.org>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
2019-05-14 18:09:48 +02:00
Etienne Carriere
40dd1344f2 package/optee-client: bump version to 3.5.0
Bump OP-TEE Client package version to release 3.5.0.
This change discard now useless patches on OP-TEE Client
package.

Signed-off-by: Etienne Carriere <etienne.carriere@linaro.org>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
2019-05-14 18:09:48 +02:00
Etienne Carriere
5f274d52a5 boot/optee-os: bump version to 3.5.0
Bump OP-TEE OS package version to OP-TEE release 3.5.0.

The hash of the license file changed due to a fairly minor change in
the file:

  -Unless it has its own copyright/license embedded in its body, each source file
  +Unless it has its own copyright/license embedded in its body, each file

Signed-off-by: Etienne Carriere <etienne.carriere@linaro.org>
[Thomas: update the license file hash]
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
2019-05-14 18:09:24 +02:00
Etienne Carriere
b978a2a1e7 boot/optee-os: install trusted shared libraries
Install generated trusted shared libraries in the target file
system next to the trusted applications.

Signed-off-by: Etienne Carriere <etienne.carriere@linaro.org>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
2019-05-14 17:46:44 +02:00
Etienne Carriere
6ad03fd403 boot/optee-os: fix TA files installation
This change fixes the TA binary files install sequence that were
previously install in target filesystem though
OPTEE_OS_INSTALL_IMAGES_CMDS instead of expected
OPTEE_OS_INSTALL_TARGET_CMDS.

This change removes useless mkdir prior call to $(INSTALL) that
already handles parent directory creation when needed.

This change conditions the .ta files installation upon their
availability as they may exist or not depending on the exact OPTEE
version/configuration selected.

Signed-off-by: Etienne Carriere <etienne.carriere@linaro.org>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
2019-05-14 17:45:53 +02:00
David Rosca
d63ba6546b package/qt5base: enable journald logging
Allows Qt applications to log into systemd journal with
QT_LOGGING_TO_CONSOLE=0 environment variable.

Signed-off-by: David Rosca <nowrep@gmail.com>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
2019-05-14 17:44:27 +02:00
Marcin Niestroj
6762af4109 configs/chiliboard: bump U-Boot to 2019.04
Signed-off-by: Marcin Niestroj <m.niestroj@grinn-global.com>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
2019-05-14 17:41:12 +02:00
Marcin Niestroj
0efffe62d6 configs/chiliboard: bump Linux to 5.1.1
Signed-off-by: Marcin Niestroj <m.niestroj@grinn-global.com>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
2019-05-14 17:41:12 +02:00
Marcin Niestroj
f6e9bbd6b9 configs/liteboard: bump U-Boot to 2019.04
Signed-off-by: Marcin Niestroj <m.niestroj@grinn-global.com>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
2019-05-14 17:41:12 +02:00
Marcin Niestroj
987d6521d1 configs/liteboard: bump Linux to 5.1.1
Signed-off-by: Marcin Niestroj <m.niestroj@grinn-global.com>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
2019-05-14 17:41:12 +02:00
Peter Korsgaard
a443cb5aa4 {linux, linux-headers}: bump 4.{9, 14, 19}.x / 5.{0, 1}.x series
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
2019-05-14 17:39:49 +02:00
Peter Korsgaard
7037a761ee package/samba4: security bump to version 4.9.8
Fixes the following security issues:

CVE-2018-16860: The checksum validation in the S4U2Self handler in the
embedded Heimdal KDC did not first confirm that the checksum was keyed,
allowing replacement of the requested target (client) principal.

For more details, see the advisory:
https://www.samba.org/samba/security/CVE-2018-16860.html

Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
2019-05-14 17:39:32 +02:00
Fabrice Fontaine
1cbc81729e package/gdb: fix build of 8.1.1 since the bump to glibc 2.29
Between glibc 2.28 and glibc 2.29, commit
89983cb37c9319806a551e8fe9f3a11ff8f973e1 ("Update siginfo constants
from Linux kernel (bug 21286)") was merged. This commit moved the
TRAP_HWBKPT definition from an IA64-specific header to an
architecture-agnostic header.

This change exhibited a build issue that until then was only visible
on IA64 (which Buildroot does not support). This Buildroot commit
backports a patch from gdb upstream (which is in gdb since 8.2) which
mentions IA64 because it was originally meant to fix only the
IA64-related issue. But the glibc change, this change has become
visible on all architectures.

Fixes:

 - http://autobuild.buildroot.org/results/a81eb395bd95306fcbb07c1443c9134fd63fa379

Signed-off-by: Fabrice Fontaine <fontaine.fabrice@gmail.com>
[Thomas: extend commit log]
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
2019-05-13 21:17:06 +02:00
Fabrice Fontaine
c6a9b38aa4 package/mono: needs C++
mono needs a working C++ compiler to get the exact type of size_t since
version 5.16.0.179 and
d8af77551d

Fixes:
 - http://autobuild.buildroot.org/results/ee6d037154127cc6572f06e9a78bae383ea381bc

Signed-off-by: Fabrice Fontaine <fontaine.fabrice@gmail.com>
Tested-by: Angelo Compagnucci <angelo@amarulasolutions.com>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
2019-05-13 20:53:47 +02:00
Charlie Turner
59c3a4ff73 docs/manual: clarify location of local.mk
In particular, the manual was incorrect when the user had selected an
out-of-tree build.

Signed-off-by: Charlie Turner <cturner@igalia.com>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
2019-05-13 20:49:19 +02:00
Bernd Kuhls
cde99db79a package/sqlite: security bump version to 3.28.0
Release notes: https://www.sqlite.org/releaselog/3_28_0.html

Fixes https://nvd.nist.gov/vuln/detail/CVE-2019-5018

Signed-off-by: Bernd Kuhls <bernd.kuhls@t-online.de>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
2019-05-13 20:47:41 +02:00
Thomas Petazzoni
2e2381bf8d configs/bananapi_m64: uboot needs host pylibfdt to build
Fixes:

  https://gitlab.com/buildroot.org/buildroot/-/jobs/210208532

Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
2019-05-13 20:16:53 +02:00
Thomas Petazzoni
59112066f7 configs/friendlyarm_nanopi_a64: kernel needs host-openssl to build
Fixes:

  https://gitlab.com/buildroot.org/buildroot/-/jobs/210208558

Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
2019-05-13 20:11:57 +02:00
Thomas Petazzoni
28577a3ee2 configs/friendlyarm_nanopi_neo2: kernel needs host-openssl to build
Fixes:

  https://gitlab.com/buildroot.org/buildroot/-/jobs/210208559

Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
2019-05-13 20:10:05 +02:00
Fabrice Fontaine
653bf93837 package/rpm: fix build with NLS
Add TARGET_NLS_LIBS to LIBS to definitely fix linking with lintl instead
of calling autoreconf

Fixes:
 - http://autobuild.buildroot.org/results/a1446b419f5f59f65fe80849182e38457de203b5

Signed-off-by: Fabrice Fontaine <fontaine.fabrice@gmail.com>
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
2019-05-12 22:18:27 +02:00
Fabrice Fontaine
d033c614b0 package/samba4: fix build on mips64el
Fixes:
 - http://autobuild.buildroot.org/results/bae0508e84c905dc23ad7cf1153cd1e9d8e4d734

Signed-off-by: Fabrice Fontaine <fontaine.fabrice@gmail.com>
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
2019-05-12 22:17:11 +02:00
Thomas Petazzoni
f8bcfe656c configs/olimex_a64_olinuxino: kernel needs host-openssl to build
Fixes:

  https://gitlab.com/buildroot.org/buildroot/-/jobs/210208600

Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
2019-05-12 12:00:43 +02:00
Thomas Petazzoni
5bd8d57c44 configs/orangepi_pc2: kernel needs host-openssl to build
Fixes:

  https://gitlab.com/buildroot.org/buildroot/-/jobs/210208607

Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
2019-05-12 11:59:57 +02:00
Thomas Petazzoni
446af3055f configs/orangepi_prime: kernel needs host-openssl to build
Fixes:

  https://gitlab.com/buildroot.org/buildroot/-/jobs/210208611

Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
2019-05-12 11:59:10 +02:00
Thomas Petazzoni
90234890cc configs/pine64_sopine: kernel needs host-openssl to build
Fixes:

  https://gitlab.com/buildroot.org/buildroot/-/jobs/210208624

Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
2019-05-12 11:57:25 +02:00
Thomas Petazzoni
e978990254 configs/pine64: kernel needs host-openssl to build
Fixes:

  https://gitlab.com/buildroot.org/buildroot/-/jobs/210208623

Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
2019-05-12 11:56:26 +02:00
Fabrice Fontaine
ac38d6ce9c package/qt5enginio: needs ssl
qt5enginio needs Qt5 with ssl support, a dependency could be added on
BR2_PACKAGE_QT5BASE_OPENSSL but this proposal was rejected in the first
iteration of this patch.

Qt5 has ssl support through libressl on Qt 5.6 or openssl in latest Qt
however we can't select libressl without adding a circular dependency as
some packages (such as sqlcipher) force openssl through
BR2_PACKAGE_OPENSSL_FORCE_LIBOPENSSL.

Any solution at the Kconfig level that tries to select libressl will
lead to circular dependencies. Since Qt 5.6 is more or less deprecated
anyway, and since it is not tested in the autobuilders, solve this with
a comment. The comment is only shown for Qt 5.6, when libressl is not
selected. Note that it is also shown when qt5enginio is not selected.

Fixes:
 - http://autobuild.buildroot.org/results/60678cab68ec9aa17184b8417b64b3b79adf428a

Signed-off-by: Fabrice Fontaine <fontaine.fabrice@gmail.com>
Signed-off-by: Arnout Vandecappelle (Essensium/Mind) <arnout@mind.be>
2019-05-10 16:37:20 +02:00
Peter Seiderer
037cf1d5a1 package/libopenh264: bump version to v1.8.0
Signed-off-by: Peter Seiderer <ps.report@gmx.net>
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
2019-05-10 16:02:41 +02:00
Peter Seiderer
bda85d89d9 package/libinput: bump version to 1.13.2
For detail see [1].

[1] https://lists.freedesktop.org/archives/wayland-devel/2019-May/040548.html

Signed-off-by: Peter Seiderer <ps.report@gmx.net>
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
2019-05-10 16:01:41 +02:00
Thomas Petazzoni
4292b23123 package/cracklib: properly handle BR2_SYSTEM_ENABLE_NLS=y configurations
Use the TARGET_NLS_DEPENDENCIES and TARGET_NLS_LIBS variables to
correctly handle BR2_SYSTEM_ENABLE_NLS=y configurations.

Fixes:

  http://autobuild.buildroot.net/results/dda70b5b88c75d36c61fbf1cc5fca16ea8414582/

Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
2019-05-10 15:59:43 +02:00
Baruch Siach
b8ef3fb826 package/strace: disable bpf support for m68k
Mismatch in struct bpf_prog_info fields offset between kernel headers
and strace local definition causes build failure. Disable bpf support
for m68k until upstream (either strace or the kernel) find a solution.

https://lists.strace.io/pipermail/strace-devel/2019-May/thread.html#8750

Fixes:
http://autobuild.buildroot.net/results/c036b11bf1f2fc39f42661634ef3e03360fb85de/
http://autobuild.buildroot.net/results/f142e4c7f0d512bb872572f5e678230117ab0ad5/
http://autobuild.buildroot.net/results/b74a17cfa7112c026938cacafdd18c6dca285005/

Signed-off-by: Baruch Siach <baruch@tkos.co.il>
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
2019-05-10 15:56:51 +02:00
Vadim Kochan
28878798cf support/dependencies: Add hint for ArchLinux when host needs IA32 libs
Add hint about which package needs to be installed to provide IA32 libs
support for the host when it is needed.

Signed-off-by: Vadim Kochan <vadim4j@gmail.com>
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
2019-05-10 11:04:09 +02:00
Baruch Siach
8af35b92cc iproute2: bump to version 5.0.0
Drop upstream patch.

Cc: Petr Vorel <petr.vorel@gmail.com>
Signed-off-by: Baruch Siach <baruch@tkos.co.il>
Reviewed-by: Petr Vorel <petr.vorel@gmail.com>
Tested-by: Petr Vorel <petr.vorel@gmail.com>
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
2019-05-10 11:02:29 +02:00
Thomas Petazzoni
79b8540d62 board/pc: drop unused grub-efi.cfg file
Following commit fee29b05bb
("configs/pc_x86_64_efi: use a GPT partition table"),
board/pc/grub-efi.cfg is no longer used anywhere: the
post-image-efi-gpt.sh script generates the grub configuration.

Also, since post-image-efi-gpt.sh generates a grub configuration file
that uses the root filesystem partition UUID as the root= kernel
argument, the instructions in the readme.txt file to tweak root= from
/dev/sda2 to /dev/vda2 is no longer relevant. This was noted in the
commit log of fee29b05bb:

    The root filesystem location is passed to the kernel by a partition
    UUID, so it is possible to boot on QEMU, directly from the disk image,
    or dump the image to a physical device.

Fixes: #11841
Cc: Pete Morici <pmorici@dev295.com>
Cc: Carlos A. M. dos Santos <unixmania@gmail.com>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
2019-05-10 10:30:15 +02:00
Peter Korsgaard
5ea93e24cb package/postgresql: security bump to version 11.3
Fixes the following security issues:

CVE-2019-10129: Memory disclosure in partition routing

Prior to this release, a user running PostgreSQL 11 can read arbitrary bytes
of server memory by executing a purpose-crafted INSERT statement to a
partitioned table.

CVE-2019-10130: Selectivity estimators bypass row security policies

PostgreSQL maintains statistics for tables by sampling data available in
columns; this data is consulted during the query planning process.  Prior to
this release, a user able to execute SQL queries with permissions to read a
given column could craft a leaky operator that could read whatever data had
been sampled from that column.  If this happened to include values from rows
that the user is forbidden to see by a row security policy, the user could
effectively bypass the policy.  This is fixed by only allowing a
non-leakproof operator to use this data if there are no relevant row
security policies for the table.

For more details, see the release notes:
https://www.postgresql.org/about/news/1939/

Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
2019-05-10 10:30:05 +02:00
Peter Korsgaard
6606f6c6a1 {linux, linux-headers}: bump 4.{9, 14, 19}.x / 5.0.x series
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
2019-05-10 10:28:30 +02:00