Movatterモバイル変換

[0]ホーム
URL:

Skip to content

Navigation Menu

Sign in
Appearance settings

Search code, repositories, users, issues, pull requests...

Provide feedback

We read every piece of feedback, and take your input very seriously.

Saved searches

Use saved searches to filter your results more quickly

 Sign up
Appearance settings

Commit3fd77b1

Browse files
committed
Last-minute updates for release notes.
Security:CVE-2018-10915,CVE-2018-10925
1 parenta8094d0 commit3fd77b1

File tree

4 files changed

+154
-30
lines changed

4 files changed

+154
-30
lines changed

‎doc/src/sgml/release-9.3.sgml

Lines changed: 28 additions & 0 deletions
Original file line numberDiff line numberDiff line change
@@ -39,6 +39,34 @@
3939

4040
<itemizedlist>
4141

42+
<listitem>
43+
<para>
44+
Fix failure to reset <application>libpq</application>'s state fully
45+
between connection attempts (Tom Lane)
46+
</para>
47+
48+
<para>
49+
An unprivileged user of <filename>dblink</filename>
50+
or <filename>postgres_fdw</filename> could bypass the checks intended
51+
to prevent use of server-side credentials, such as
52+
a <filename>~/.pgpass</filename> file owned by the operating-system
53+
user running the server. Servers allowing peer authentication on
54+
local connections are particularly vulnerable. Other attacks such
55+
as SQL injection into a <filename>postgres_fdw</filename> session
56+
are also possible.
57+
Attacking <filename>postgres_fdw</filename> in this way requires the
58+
ability to create a foreign server object with selected connection
59+
parameters, but any user with access to <filename>dblink</filename>
60+
could exploit the problem.
61+
In general, an attacker with the ability to select the connection
62+
parameters for a <application>libpq</application>-using application
63+
could cause mischief, though other plausible attack scenarios are
64+
harder to think of.
65+
Our thanks to Andrew Krasichkov for reporting this issue.
66+
(CVE-2018-10915)
67+
</para>
68+
</listitem>
69+
4270
<listitem>
4371
<para>
4472
Ensure that updates to the <structfield>relfrozenxid</structfield>

‎doc/src/sgml/release-9.4.sgml

Lines changed: 28 additions & 0 deletions
Original file line numberDiff line numberDiff line change
@@ -33,6 +33,34 @@
3333

3434
<itemizedlist>
3535

36+
<listitem>
37+
<para>
38+
Fix failure to reset <application>libpq</application>'s state fully
39+
between connection attempts (Tom Lane)
40+
</para>
41+
42+
<para>
43+
An unprivileged user of <filename>dblink</filename>
44+
or <filename>postgres_fdw</filename> could bypass the checks intended
45+
to prevent use of server-side credentials, such as
46+
a <filename>~/.pgpass</filename> file owned by the operating-system
47+
user running the server. Servers allowing peer authentication on
48+
local connections are particularly vulnerable. Other attacks such
49+
as SQL injection into a <filename>postgres_fdw</filename> session
50+
are also possible.
51+
Attacking <filename>postgres_fdw</filename> in this way requires the
52+
ability to create a foreign server object with selected connection
53+
parameters, but any user with access to <filename>dblink</filename>
54+
could exploit the problem.
55+
In general, an attacker with the ability to select the connection
56+
parameters for a <application>libpq</application>-using application
57+
could cause mischief, though other plausible attack scenarios are
58+
harder to think of.
59+
Our thanks to Andrew Krasichkov for reporting this issue.
60+
(CVE-2018-10915)
61+
</para>
62+
</listitem>
63+
3664
<listitem>
3765
<para>
3866
Ensure that updates to the <structfield>relfrozenxid</structfield>

‎doc/src/sgml/release-9.5.sgml

Lines changed: 49 additions & 15 deletions
Original file line numberDiff line numberDiff line change
@@ -33,6 +33,55 @@
3333

3434
<itemizedlist>
3535

36+
<listitem>
37+
<para>
38+
Fix failure to reset <application>libpq</application>'s state fully
39+
between connection attempts (Tom Lane)
40+
</para>
41+
42+
<para>
43+
An unprivileged user of <filename>dblink</filename>
44+
or <filename>postgres_fdw</filename> could bypass the checks intended
45+
to prevent use of server-side credentials, such as
46+
a <filename>~/.pgpass</filename> file owned by the operating-system
47+
user running the server. Servers allowing peer authentication on
48+
local connections are particularly vulnerable. Other attacks such
49+
as SQL injection into a <filename>postgres_fdw</filename> session
50+
are also possible.
51+
Attacking <filename>postgres_fdw</filename> in this way requires the
52+
ability to create a foreign server object with selected connection
53+
parameters, but any user with access to <filename>dblink</filename>
54+
could exploit the problem.
55+
In general, an attacker with the ability to select the connection
56+
parameters for a <application>libpq</application>-using application
57+
could cause mischief, though other plausible attack scenarios are
58+
harder to think of.
59+
Our thanks to Andrew Krasichkov for reporting this issue.
60+
(CVE-2018-10915)
61+
</para>
62+
</listitem>
63+
64+
<listitem>
65+
<para>
66+
Fix <literal>INSERT ... ON CONFLICT UPDATE</literal> through a view
67+
that isn't just <literal>SELECT * FROM ...</literal>
68+
(Dean Rasheed, Amit Langote)
69+
</para>
70+
71+
<para>
72+
Erroneous expansion of an updatable view could lead to crashes
73+
or <quote>attribute ... has the wrong type</quote> errors, if the
74+
view's <literal>SELECT</literal> list doesn't match one-to-one with
75+
the underlying table's columns.
76+
Furthermore, this bug could be leveraged to allow updates of columns
77+
that an attacking user lacks <literal>UPDATE</literal> privilege for,
78+
if that user has <literal>INSERT</literal> and <literal>UPDATE</literal>
79+
privileges for some other column(s) of the table.
80+
Any user could also use it for disclosure of server memory.
81+
(CVE-2018-10925)
82+
</para>
83+
</listitem>
84+
3685
<listitem>
3786
<para>
3887
Ensure that updates to the <structfield>relfrozenxid</structfield>
@@ -140,21 +189,6 @@
140189
</para>
141190
</listitem>
142191

143-
<listitem>
144-
<para>
145-
Fix <literal>INSERT ... ON CONFLICT UPDATE</literal> through a view
146-
that isn't just <literal>SELECT * FROM ...</literal>
147-
(Dean Rasheed, Amit Langote)
148-
</para>
149-
150-
<para>
151-
Erroneous expansion of an updatable view could lead to crashes
152-
or <quote>attribute ... has the wrong type</quote> errors, if the
153-
view's <literal>SELECT</literal> list doesn't match one-to-one with
154-
the underlying table's columns.
155-
</para>
156-
</listitem>
157-
158192
<listitem>
159193
<para>
160194
Ensure a table's cached index list is correctly rebuilt after an index

‎doc/src/sgml/release-9.6.sgml

Lines changed: 49 additions & 15 deletions
Original file line numberDiff line numberDiff line change
@@ -33,6 +33,55 @@
3333

3434
<itemizedlist>
3535

36+
<listitem>
37+
<para>
38+
Fix failure to reset <application>libpq</application>'s state fully
39+
between connection attempts (Tom Lane)
40+
</para>
41+
42+
<para>
43+
An unprivileged user of <filename>dblink</filename>
44+
or <filename>postgres_fdw</filename> could bypass the checks intended
45+
to prevent use of server-side credentials, such as
46+
a <filename>~/.pgpass</filename> file owned by the operating-system
47+
user running the server. Servers allowing peer authentication on
48+
local connections are particularly vulnerable. Other attacks such
49+
as SQL injection into a <filename>postgres_fdw</filename> session
50+
are also possible.
51+
Attacking <filename>postgres_fdw</filename> in this way requires the
52+
ability to create a foreign server object with selected connection
53+
parameters, but any user with access to <filename>dblink</filename>
54+
could exploit the problem.
55+
In general, an attacker with the ability to select the connection
56+
parameters for a <application>libpq</application>-using application
57+
could cause mischief, though other plausible attack scenarios are
58+
harder to think of.
59+
Our thanks to Andrew Krasichkov for reporting this issue.
60+
(CVE-2018-10915)
61+
</para>
62+
</listitem>
63+
64+
<listitem>
65+
<para>
66+
Fix <literal>INSERT ... ON CONFLICT UPDATE</literal> through a view
67+
that isn't just <literal>SELECT * FROM ...</literal>
68+
(Dean Rasheed, Amit Langote)
69+
</para>
70+
71+
<para>
72+
Erroneous expansion of an updatable view could lead to crashes
73+
or <quote>attribute ... has the wrong type</quote> errors, if the
74+
view's <literal>SELECT</literal> list doesn't match one-to-one with
75+
the underlying table's columns.
76+
Furthermore, this bug could be leveraged to allow updates of columns
77+
that an attacking user lacks <literal>UPDATE</literal> privilege for,
78+
if that user has <literal>INSERT</literal> and <literal>UPDATE</literal>
79+
privileges for some other column(s) of the table.
80+
Any user could also use it for disclosure of server memory.
81+
(CVE-2018-10925)
82+
</para>
83+
</listitem>
84+
3685
<listitem>
3786
<para>
3887
Ensure that updates to the <structfield>relfrozenxid</structfield>
@@ -140,21 +189,6 @@
140189
</para>
141190
</listitem>
142191

143-
<listitem>
144-
<para>
145-
Fix <literal>INSERT ... ON CONFLICT UPDATE</literal> through a view
146-
that isn't just <literal>SELECT * FROM ...</literal>
147-
(Dean Rasheed, Amit Langote)
148-
</para>
149-
150-
<para>
151-
Erroneous expansion of an updatable view could lead to crashes
152-
or <quote>attribute ... has the wrong type</quote> errors, if the
153-
view's <literal>SELECT</literal> list doesn't match one-to-one with
154-
the underlying table's columns.
155-
</para>
156-
</listitem>
157-
158192
<listitem>
159193
<para>
160194
Ensure a table's cached index list is correctly rebuilt after an index

0 commit comments

Comments
 (0)
[8]ページ先頭
©2009-2025 Movatter.jp