Movatterモバイル変換

[0]ホーム
URL:

Skip to content

Navigation Menu

Sign in
Appearance settings

Search code, repositories, users, issues, pull requests...

Provide feedback

We read every piece of feedback, and take your input very seriously.

Saved searches

Use saved searches to filter your results more quickly

 Sign up
Appearance settings

Commit2c0382f

Browse files
committed
Last-minute updates for release notes.
Security:CVE-2025-12817,CVE-2025-12818
1 parente2fb3df commit2c0382f

File tree

1 file changed

+61
-0
lines changed

1 file changed

+61
-0
lines changed

‎doc/src/sgml/release-17.sgml‎

Lines changed: 61 additions & 0 deletions
Original file line numberDiff line numberDiff line change
@@ -35,6 +35,67 @@
3535

3636
<listitem>
3737
<!--
38+
Author: Nathan Bossart <nathan@postgresql.org>
39+
Branch: master [5e4fcbe53] 2025-11-10 09:00:00 -0600
40+
Branch: REL_18_STABLE [00eb646ea] 2025-11-10 09:00:00 -0600
41+
Branch: REL_17_STABLE [e2fb3dfa8] 2025-11-10 09:00:00 -0600
42+
Branch: REL_16_STABLE [d20abb587] 2025-11-10 09:00:00 -0600
43+
Branch: REL_15_STABLE [2393d374a] 2025-11-10 09:00:00 -0600
44+
Branch: REL_14_STABLE [95cce5669] 2025-11-10 09:00:00 -0600
45+
Branch: REL_13_STABLE [8a2530ebc] 2025-11-10 09:00:00 -0600
46+
-->
47+
<para>
48+
Check for <literal>CREATE</literal> privileges on the schema
49+
in <command>CREATE STATISTICS</command> (Jelte Fennema-Nio)
50+
<ulink url="&commit_baseurl;e2fb3dfa8">&sect;</ulink>
51+
</para>
52+
53+
<para>
54+
This omission allowed table owners to create statistics in any
55+
schema, potentially leading to unexpected naming conflicts.
56+
</para>
57+
58+
<para>
59+
The <productname>PostgreSQL</productname> Project thanks
60+
Jelte Fennema-Nio for reporting this problem.
61+
(CVE-2025-12817)
62+
</para>
63+
</listitem>
64+
65+
<listitem>
66+
<!--
67+
Author: Jacob Champion <jchampion@postgresql.org>
68+
Branch: master [600086f47] 2025-11-10 06:20:33 -0800
69+
Branch: REL_18_STABLE [7eb8fcad8] 2025-11-10 06:03:01 -0800
70+
Branch: REL_17_STABLE [f5999f018] 2025-11-10 06:03:03 -0800
71+
Branch: REL_16_STABLE [585fd9b3c] 2025-11-10 06:03:04 -0800
72+
Branch: REL_15_STABLE [91421565f] 2025-11-10 06:03:05 -0800
73+
Branch: REL_14_STABLE [96d2c7e96] 2025-11-10 06:03:05 -0800
74+
Branch: REL_13_STABLE [d6f0c0d6d] 2025-11-10 06:03:06 -0800
75+
-->
76+
<para>
77+
Avoid integer overflow in allocation-size calculations
78+
within <application>libpq</application> (Jacob Champion)
79+
<ulink url="&commit_baseurl;f5999f018">&sect;</ulink>
80+
</para>
81+
82+
<para>
83+
Several places in <application>libpq</application> were not
84+
sufficiently careful about computing the required size of a memory
85+
allocation. Sufficiently large inputs could cause integer overflow,
86+
resulting in an undersized buffer, which would then lead to writing
87+
past the end of the buffer.
88+
</para>
89+
90+
<para>
91+
The <productname>PostgreSQL</productname> Project thanks Aleksey
92+
Solovev of Positive Technologies for reporting this problem.
93+
(CVE-2025-12818)
94+
</para>
95+
</listitem>
96+
97+
<listitem>
98+
<!--
3899
Author: Amit Langote <amitlan@postgresql.org>
39100
Branch: master [ef5e60a9d] 2025-10-09 01:07:59 -0400
40101
Branch: REL_18_STABLE [dc9125111] 2025-10-09 01:07:52 -0400

0 commit comments

Comments
 (0)
[8]ページ先頭
©2009-2025 Movatter.jp