@@ -77,6 +77,49 @@ Branch: REL9_5_STABLE [8aa6e9780] 2016-03-23 16:04:35 -0400
7777 </para>
7878 </listitem>
7979
80+ <!--
81+ Author: Stephen Frost <sfrost@snowman.net>
82+ Branch: master [86ebf30fd] 2016-03-28 09:03:20 -0400
83+ Branch: REL9_5_STABLE [db69e58a0] 2016-03-28 09:03:41 -0400
84+ -->
85+
86+ <listitem>
87+ <para>
88+ Maintain row-security status properly in cached plans (Stephen Frost)
89+ </para>
90+
91+ <para>
92+ In a session that performs queries as more than one role, the plan
93+ cache might incorrectly re-use a plan that was generated for another
94+ role ID, thus possibly applying the wrong set of policies when
95+ row-level security (RLS) is in use.
96+ (CVE-2016-2193)
97+ </para>
98+ </listitem>
99+
100+ <!--
101+ Author: Alvaro Herrera <alvherre@alvh.no-ip.org>
102+ Branch: master [3e1338475] 2016-03-28 10:57:42 -0300
103+ Branch: REL9_5_STABLE [bf78a6f10] 2016-03-28 10:57:46 -0300
104+ -->
105+
106+ <listitem>
107+ <para>
108+ Add must-be-superuser checks to some
109+ new <filename>contrib/pageinspect</> functions (Andreas Seltenreich)
110+ </para>
111+
112+ <para>
113+ Most functions in the <filename>pageinspect</> extension that
114+ inspect <type>bytea</> values disallow calls by non-superusers,
115+ but <function>brin_page_type()</> and <function>brin_metapage_info()</>
116+ failed to do so. Passing contrived <type>bytea</> values to them might
117+ crash the server or disclose a few bytes of server memory. Add the
118+ missing permissions checks to prevent misuse.
119+ (CVE-2016-3065)
120+ </para>
121+ </listitem>
122+
80123<!--
81124Author: Simon Riggs <simon@2ndQuadrant.com>
82125Branch: master [c7111d11b] 2016-03-03 09:53:43 +0000