Movatterモバイル変換

[0]ホーム
URL:

Skip to content

Navigation Menu

Sign in
Appearance settings

Search code, repositories, users, issues, pull requests...

Provide feedback

We read every piece of feedback, and take your input very seriously.

Saved searches

Use saved searches to filter your results more quickly

 Sign up
Appearance settings

Commit27cfad5

Browse files
committed
Last-minute updates for release notes.
Security:CVE-2020-1720
1 parent1631617 commit27cfad5

File tree

1 file changed

+42
-0
lines changed

1 file changed

+42
-0
lines changed

‎doc/src/sgml/release-10.sgml

Lines changed: 42 additions & 0 deletions
Original file line numberDiff line numberDiff line change
@@ -35,6 +35,30 @@
3535

3636
<listitem>
3737
<!--
38+
Author: Alvaro Herrera <alvherre@alvh.no-ip.org>
39+
Branch: master [b048f558d] 2020-02-10 11:47:09 -0300
40+
Branch: REL_12_STABLE [2ad125322] 2020-02-10 11:47:09 -0300
41+
Branch: REL_11_STABLE [bdd19e48a] 2020-02-10 11:47:09 -0300
42+
Branch: REL_10_STABLE [ac1a998ed] 2020-02-10 11:47:09 -0300
43+
Branch: REL9_6_STABLE [e8b8eb937] 2020-02-10 12:06:25 -0300
44+
-->
45+
<para>
46+
Add missing permissions checks for <command>ALTER ... DEPENDS ON
47+
EXTENSION</command> (&Aacute;lvaro Herrera)
48+
</para>
49+
50+
<para>
51+
Marking an object as dependent on an extension did not have any
52+
privilege check whatsoever. This oversight allowed any user to mark
53+
routines, triggers, materialized views, or indexes as droppable by
54+
anyone able to drop an extension. Require that the calling user own
55+
the specified object (and hence have privilege to drop it).
56+
(CVE-2020-1720)
57+
</para>
58+
</listitem>
59+
60+
<listitem>
61+
<!--
3862
Author: Peter Eisentraut <peter@eisentraut.org>
3963
Branch: master [b9c130a1f] 2020-01-06 08:40:00 +0100
4064
Branch: REL_12_STABLE [8c2bfd9f9] 2020-01-06 10:43:55 +0100
@@ -768,6 +792,24 @@ Branch: REL9_4_STABLE [56c06999d] 2019-11-13 11:35:37 -0500
768792

769793
<listitem>
770794
<!--
795+
Author: Alvaro Herrera <alvherre@alvh.no-ip.org>
796+
Branch: master [8fa8e0115] 2020-02-10 12:14:58 -0300
797+
Branch: REL_12_STABLE [87d014da9] 2020-02-10 12:14:58 -0300
798+
Branch: REL_11_STABLE [ca902add6] 2020-02-10 12:14:58 -0300
799+
Branch: REL_10_STABLE [163161723] 2020-02-10 12:14:58 -0300
800+
Branch: REL9_6_STABLE [5575fc208] 2020-02-10 12:14:58 -0300
801+
Branch: REL9_5_STABLE [1b2ae4bcd] 2020-02-10 12:16:40 -0300
802+
Branch: REL9_4_STABLE [6f1e443a6] 2020-02-10 12:14:58 -0300
803+
-->
804+
<para>
805+
Apply more thorough syntax checking
806+
to <application>createuser</application>'s
807+
<option>--connection-limit</option> option (&Aacute;lvaro Herrera)
808+
</para>
809+
</listitem>
810+
811+
<listitem>
812+
<!--
771813
Author: Tom Lane <tgl@sss.pgh.pa.us>
772814
Branch: master [215824f91] 2020-01-26 14:31:08 -0500
773815
Branch: REL_12_STABLE [7294f99a0] 2020-01-26 14:31:08 -0500

0 commit comments

Comments
 (0)
[8]ページ先頭
©2009-2025 Movatter.jp