Commit2a08ab3

committed

Last-minute updates for release notes.

1 parentc452abb commit2a08ab3Copy full SHA for 2a08ab3

File tree

+66

-0

lines changed

+66

-0

lines changed

Lines changed: 22 additions & 0 deletions

Original file line number	Diff line number	Diff line change
`@@ -33,6 +33,28 @@`
`33`	`33`
`34`	`34`	`<itemizedlist>`
`35`	`35`
	`36`	`+ <listitem>`
	`37`	`+ <para>`
	`38`	`+ Ensure that all temporary files made`
	`39`	`+ by <application>pg_upgrade</application> are non-world-readable`
	`40`	`+ (Tom Lane, Noah Misch)`
	`41`	`+ </para>`
	`42`	`+`
	`43`	`+ <para>`
	`44`	`+ <application>pg_upgrade</application> normally restricts its`
	`45`	`+ temporary files to be readable and writable only by the calling user.`
	`46`	`+ But the temporary file containing <literal>pg_dumpall -g</literal>`
	`47`	`+ output would be group- or world-readable, or even writable, if the`
	`48`	`+ user's <literal>umask</literal> setting allows. In typical usage on`
	`49`	`+ multi-user machines, the <literal>umask</literal> and/or the working`
	`50`	`+ directory's permissions would be tight enough to prevent problems;`
	`51`	`+ but there may be people using <application>pg_upgrade</application>`
	`52`	`+ in scenarios where this oversight would permit disclosure of database`
	`53`	`+ passwords to unfriendly eyes.`
	`54`	`+ (CVE-2018-1053)`
	`55`	`+ </para>`
	`56`	`+ </listitem>`
	`57`	`+`
`36`	`58`	`<listitem>`
`37`	`59`	`<para>`
`38`	`60`	`Fix vacuuming of tuples that were updated while key-share locked`

Lines changed: 22 additions & 0 deletions

Original file line number	Diff line number	Diff line change
`@@ -33,6 +33,28 @@`
`33`	`33`
`34`	`34`	`<itemizedlist>`
`35`	`35`
	`36`	`+ <listitem>`
	`37`	`+ <para>`
	`38`	`+ Ensure that all temporary files made`
	`39`	`+ by <application>pg_upgrade</application> are non-world-readable`
	`40`	`+ (Tom Lane, Noah Misch)`
	`41`	`+ </para>`
	`42`	`+`
	`43`	`+ <para>`
	`44`	`+ <application>pg_upgrade</application> normally restricts its`
	`45`	`+ temporary files to be readable and writable only by the calling user.`
	`46`	`+ But the temporary file containing <literal>pg_dumpall -g</literal>`
	`47`	`+ output would be group- or world-readable, or even writable, if the`
	`48`	`+ user's <literal>umask</literal> setting allows. In typical usage on`
	`49`	`+ multi-user machines, the <literal>umask</literal> and/or the working`
	`50`	`+ directory's permissions would be tight enough to prevent problems;`
	`51`	`+ but there may be people using <application>pg_upgrade</application>`
	`52`	`+ in scenarios where this oversight would permit disclosure of database`
	`53`	`+ passwords to unfriendly eyes.`
	`54`	`+ (CVE-2018-1053)`
	`55`	`+ </para>`
	`56`	`+ </listitem>`
	`57`	`+`
`36`	`58`	`<listitem>`
`37`	`59`	`<para>`
`38`	`60`	`Fix vacuuming of tuples that were updated while key-share locked`

Lines changed: 22 additions & 0 deletions

Original file line number	Diff line number	Diff line change
`@@ -33,6 +33,28 @@`
`33`	`33`
`34`	`34`	`<itemizedlist>`
`35`	`35`
	`36`	`+ <listitem>`
	`37`	`+ <para>`
	`38`	`+ Ensure that all temporary files made`
	`39`	`+ by <application>pg_upgrade</application> are non-world-readable`
	`40`	`+ (Tom Lane, Noah Misch)`
	`41`	`+ </para>`
	`42`	`+`
	`43`	`+ <para>`
	`44`	`+ <application>pg_upgrade</application> normally restricts its`
	`45`	`+ temporary files to be readable and writable only by the calling user.`
	`46`	`+ But the temporary file containing <literal>pg_dumpall -g</literal>`
	`47`	`+ output would be group- or world-readable, or even writable, if the`
	`48`	`+ user's <literal>umask</literal> setting allows. In typical usage on`
	`49`	`+ multi-user machines, the <literal>umask</literal> and/or the working`
	`50`	`+ directory's permissions would be tight enough to prevent problems;`
	`51`	`+ but there may be people using <application>pg_upgrade</application>`
	`52`	`+ in scenarios where this oversight would permit disclosure of database`
	`53`	`+ passwords to unfriendly eyes.`
	`54`	`+ (CVE-2018-1053)`
	`55`	`+ </para>`
	`56`	`+ </listitem>`
	`57`	`+`
`36`	`58`	`<listitem>`
`37`	`59`	`<para>`
`38`	`60`	`Fix vacuuming of tuples that were updated while key-share locked`

Comments

(0)