Commit89b661b

committed

Update release notes for 9.2.4, 9.1.9, 9.0.13, 8.4.17.

1 parent17fe279 commit89b661bCopy full SHA for 89b661b

File tree

+70

-0

lines changed

+70

-0

lines changed

Lines changed: 14 additions & 0 deletions

Original file line number	Diff line number	Diff line change
`@@ -41,6 +41,20 @@`
`41`	`41`
`42`	`42`	`<itemizedlist>`
`43`	`43`
	`44`	`+ <listitem>`
	`45`	`+ <para>`
	`46`	`+ Fix insecure parsing of server command-line switches (Mitsumasa`
	`47`	`+ Kondo, Kyotaro Horiguchi)`
	`48`	`+ </para>`
	`49`	`+`
	`50`	`+ <para>`
	`51`	`+ A connection request containing a database name that begins with`
	`52`	`+ <quote><literal>-</></quote> could be crafted to damage or destroy`
	`53`	`+ files within the server's data directory, even if the request is`
	`54`	`+ eventually rejected. (CVE-2013-1899)`
	`55`	`+ </para>`
	`56`	`+ </listitem>`
	`57`	`+`
`44`	`58`	`<listitem>`
`45`	`59`	`<para>`
`46`	`60`	`Reset OpenSSL randomness state in each postmaster child process`

Lines changed: 28 additions & 0 deletions

Original file line number	Diff line number	Diff line change
`@@ -41,6 +41,20 @@`
`41`	`41`
`42`	`42`	`<itemizedlist>`
`43`	`43`
	`44`	`+ <listitem>`
	`45`	`+ <para>`
	`46`	`+ Fix insecure parsing of server command-line switches (Mitsumasa`
	`47`	`+ Kondo, Kyotaro Horiguchi)`
	`48`	`+ </para>`
	`49`	`+`
	`50`	`+ <para>`
	`51`	`+ A connection request containing a database name that begins with`
	`52`	`+ <quote><literal>-</></quote> could be crafted to damage or destroy`
	`53`	`+ files within the server's data directory, even if the request is`
	`54`	`+ eventually rejected. (CVE-2013-1899)`
	`55`	`+ </para>`
	`56`	`+ </listitem>`
	`57`	`+`
`44`	`58`	`<listitem>`
`45`	`59`	`<para>`
`46`	`60`	`Reset OpenSSL randomness state in each postmaster child process`
`@@ -56,6 +70,20 @@`
`56`	`70`	`</para>`
`57`	`71`	`</listitem>`
`58`	`72`
	`73`	`+ <listitem>`
	`74`	`+ <para>`
	`75`	`+ Make REPLICATION privilege checks test current user not authenticated`
	`76`	`+ user (Noah Misch)`
	`77`	`+ </para>`
	`78`	`+`
	`79`	`+ <para>`
	`80`	`+ An unprivileged database user could exploit this mistake to call`
	`81`	`+ <function>pg_start_backup()</> or <function>pg_stop_backup()</>,`
	`82`	`+ thus possibly interfering with creation of routine backups.`
	`83`	`+ (CVE-2013-1901)`
	`84`	`+ </para>`
	`85`	`+ </listitem>`
	`86`	`+`
`59`	`87`	`<listitem>`
`60`	`88`	`<para>`
`61`	`89`	`Fix GiST indexes to not use <quote>fuzzy</> geometric comparisons when`

Lines changed: 28 additions & 0 deletions

Original file line number	Diff line number	Diff line change
`@@ -41,6 +41,20 @@`
`41`	`41`
`42`	`42`	`<itemizedlist>`
`43`	`43`
	`44`	`+ <listitem>`
	`45`	`+ <para>`
	`46`	`+ Fix insecure parsing of server command-line switches (Mitsumasa`
	`47`	`+ Kondo, Kyotaro Horiguchi)`
	`48`	`+ </para>`
	`49`	`+`
	`50`	`+ <para>`
	`51`	`+ A connection request containing a database name that begins with`
	`52`	`+ <quote><literal>-</></quote> could be crafted to damage or destroy`
	`53`	`+ files within the server's data directory, even if the request is`
	`54`	`+ eventually rejected. (CVE-2013-1899)`
	`55`	`+ </para>`
	`56`	`+ </listitem>`
	`57`	`+`
`44`	`58`	`<listitem>`
`45`	`59`	`<para>`
`46`	`60`	`Reset OpenSSL randomness state in each postmaster child process`
`@@ -56,6 +70,20 @@`
`56`	`70`	`</para>`
`57`	`71`	`</listitem>`
`58`	`72`
	`73`	`+ <listitem>`
	`74`	`+ <para>`
	`75`	`+ Make REPLICATION privilege checks test current user not authenticated`
	`76`	`+ user (Noah Misch)`
	`77`	`+ </para>`
	`78`	`+`
	`79`	`+ <para>`
	`80`	`+ An unprivileged database user could exploit this mistake to call`
	`81`	`+ <function>pg_start_backup()</> or <function>pg_stop_backup()</>,`
	`82`	`+ thus possibly interfering with creation of routine backups.`
	`83`	`+ (CVE-2013-1901)`
	`84`	`+ </para>`
	`85`	`+ </listitem>`
	`86`	`+`
`59`	`87`	`<listitem>`
`60`	`88`	`<para>`
`61`	`89`	`Fix GiST indexes to not use <quote>fuzzy</> geometric comparisons when`

Comments

(0)