Movatterモバイル変換

[0]ホーム
URL:

Skip to content

Navigation Menu

Sign in
Appearance settings

Search code, repositories, users, issues, pull requests...

Provide feedback

We read every piece of feedback, and take your input very seriously.

Saved searches

Use saved searches to filter your results more quickly

 Sign up
Appearance settings

Commit1eaeb02

Browse files
committed
Last-minute updates for release notes.
Security:CVE-2018-16850
1 parentdc3e436 commit1eaeb02

File tree

2 files changed

+84
-22
lines changed

2 files changed

+84
-22
lines changed

‎doc/src/sgml/release-10.sgml

Lines changed: 33 additions & 8 deletions
Original file line numberDiff line numberDiff line change
@@ -38,6 +38,20 @@
3838

3939
<itemizedlist>
4040

41+
<listitem>
42+
<para>
43+
Ensure proper quoting of transition table names
44+
when <application>pg_dump</application> emits <command>CREATE TRIGGER
45+
... REFERENCING</command> commands (Tom Lane)
46+
</para>
47+
48+
<para>
49+
This oversight could be exploited by an unprivileged user to gain
50+
superuser privileges during the next dump/reload
51+
or <application>pg_upgrade</application> run. (CVE-2018-16850)
52+
</para>
53+
</listitem>
54+
4155
<listitem>
4256
<!--
4357
Author: Tom Lane <tgl@sss.pgh.pa.us>
@@ -202,6 +216,25 @@ Branch: REL9_3_STABLE [591d0ac88] 2018-09-15 13:42:34 -0400
202216
</para>
203217
</listitem>
204218

219+
<listitem>
220+
<para>
221+
Prevent creation of a partition in a trigger attached to its parent
222+
table (Amit Langote)
223+
</para>
224+
225+
<para>
226+
Ideally we'd allow that, but for the moment it has to be blocked to
227+
avoid crashes.
228+
</para>
229+
</listitem>
230+
231+
<listitem>
232+
<para>
233+
Fix problems with applying <literal>ON COMMIT DELETE ROWS</literal> to
234+
a partitioned temporary table (Amit Langote)
235+
</para>
236+
</listitem>
237+
205238
<listitem>
206239
<para>
207240
Fix character-class checks to not fail on Windows for Unicode
@@ -899,14 +932,6 @@ Branch: REL_10_STABLE [cb282eab1] 2018-08-22 14:23:03 +0900
899932
</para>
900933
</listitem>
901934

902-
<listitem>
903-
<para>
904-
Ensure proper quoting of transition table names
905-
when <application>pg_dump</application> emits <command>CREATE TRIGGER
906-
... REFERENCING</command> commands (Tom Lane)
907-
</para>
908-
</listitem>
909-
910935
<listitem>
911936
<!--
912937
Author: Tom Lane <tgl@sss.pgh.pa.us>

‎doc/src/sgml/release-11.sgml

Lines changed: 51 additions & 14 deletions
Original file line numberDiff line numberDiff line change
@@ -35,6 +35,26 @@
3535

3636
<listitem>
3737
<!--
38+
Author: Tom Lane <tgl@sss.pgh.pa.us>
39+
Branch: master [350410be4] 2018-10-19 00:50:16 -0400
40+
Branch: REL_11_STABLE [06292bb94] 2018-10-19 00:50:16 -0400
41+
Branch: REL_10_STABLE [09397f0ed] 2018-10-19 00:50:17 -0400
42+
-->
43+
<para>
44+
Ensure proper quoting of transition table names
45+
when <application>pg_dump</application> emits <command>CREATE TRIGGER
46+
... REFERENCING</command> commands (Tom Lane)
47+
</para>
48+
49+
<para>
50+
This oversight could be exploited by an unprivileged user to gain
51+
superuser privileges during the next dump/reload
52+
or <application>pg_upgrade</application> run. (CVE-2018-16850)
53+
</para>
54+
</listitem>
55+
56+
<listitem>
57+
<!--
3858
Author: Alvaro Herrera <alvherre@alvh.no-ip.org>
3959
Branch: master [dfa608141] 2018-11-03 13:25:19 -0300
4060
Branch: REL_11_STABLE [33e6c34c3] 2018-11-03 13:25:29 -0300
@@ -132,6 +152,37 @@ Branch: REL_11_STABLE [6eb31cedb] 2018-11-03 16:00:00 -0700
132152

133153
<listitem>
134154
<!--
155+
Author: Michael Paquier <michael@paquier.xyz>
156+
Branch: master [dc3e436b1] 2018-11-05 11:04:02 +0900
157+
Branch: REL_11_STABLE [7c222d5e5] 2018-11-05 11:04:14 +0900
158+
Branch: REL_10_STABLE [8aad248f7] 2018-11-05 11:04:20 +0900
159+
-->
160+
<para>
161+
Prevent creation of a partition in a trigger attached to its parent
162+
table (Amit Langote)
163+
</para>
164+
165+
<para>
166+
Ideally we'd allow that, but for the moment it has to be blocked to
167+
avoid crashes.
168+
</para>
169+
</listitem>
170+
171+
<listitem>
172+
<!--
173+
Author: Michael Paquier <michael@paquier.xyz>
174+
Branch: master [4bc772e2a] 2018-11-05 09:14:33 +0900
175+
Branch: REL_11_STABLE [948af5232] 2018-11-05 09:15:08 +0900
176+
Branch: REL_10_STABLE [70c38e708] 2018-11-05 09:15:25 +0900
177+
-->
178+
<para>
179+
Fix problems with applying <literal>ON COMMIT DELETE ROWS</literal> to
180+
a partitioned temporary table (Amit Langote)
181+
</para>
182+
</listitem>
183+
184+
<listitem>
185+
<!--
135186
Author: Tom Lane <tgl@sss.pgh.pa.us>
136187
Branch: master [981dc2baa] 2018-11-03 13:56:10 -0400
137188
Branch: REL_11_STABLE [bf4a9562e] 2018-11-03 13:56:10 -0400
@@ -233,20 +284,6 @@ Branch: REL9_5_STABLE [ac3be116a] 2018-10-19 22:22:57 -0400
233284

234285
<listitem>
235286
<!--
236-
Author: Tom Lane <tgl@sss.pgh.pa.us>
237-
Branch: master [350410be4] 2018-10-19 00:50:16 -0400
238-
Branch: REL_11_STABLE [06292bb94] 2018-10-19 00:50:16 -0400
239-
Branch: REL_10_STABLE [09397f0ed] 2018-10-19 00:50:17 -0400
240-
-->
241-
<para>
242-
Ensure proper quoting of transition table names
243-
when <application>pg_dump</application> emits <command>CREATE TRIGGER
244-
... REFERENCING</command> commands (Tom Lane)
245-
</para>
246-
</listitem>
247-
248-
<listitem>
249-
<!--
250287
Author: Michael Paquier <michael@paquier.xyz>
251288
Branch: master [d55241af7] 2018-10-19 22:44:12 +0900
252289
Branch: REL_11_STABLE [cc7f27eae] 2018-10-19 22:45:07 +0900

0 commit comments

Comments
 (0)
[8]ページ先頭
©2009-2025 Movatter.jp