Movatterモバイル変換

[0]ホーム
URL:

Skip to content

Navigation Menu

Sign in
Appearance settings

Search code, repositories, users, issues, pull requests...

Provide feedback

We read every piece of feedback, and take your input very seriously.

Saved searches

Use saved searches to filter your results more quickly

 Sign up
Appearance settings

Commitce5a2d2

Browse files
committed
Last-minute updates for release notes.
Security:CVE-2020-1720
1 parent87d014d commitce5a2d2

File tree

1 file changed

+42
-0
lines changed

1 file changed

+42
-0
lines changed

‎doc/src/sgml/release-12.sgml

Lines changed: 42 additions & 0 deletions
Original file line numberDiff line numberDiff line change
@@ -37,6 +37,30 @@
3737
<listitem>
3838
<!--
3939
Author: Alvaro Herrera <alvherre@alvh.no-ip.org>
40+
Branch: master [b048f558d] 2020-02-10 11:47:09 -0300
41+
Branch: REL_12_STABLE [2ad125322] 2020-02-10 11:47:09 -0300
42+
Branch: REL_11_STABLE [bdd19e48a] 2020-02-10 11:47:09 -0300
43+
Branch: REL_10_STABLE [ac1a998ed] 2020-02-10 11:47:09 -0300
44+
Branch: REL9_6_STABLE [e8b8eb937] 2020-02-10 12:06:25 -0300
45+
-->
46+
<para>
47+
Add missing permissions checks for <command>ALTER ... DEPENDS ON
48+
EXTENSION</command> (&Aacute;lvaro Herrera)
49+
</para>
50+
51+
<para>
52+
Marking an object as dependent on an extension did not have any
53+
privilege check whatsoever. This oversight allowed any user to mark
54+
routines, triggers, materialized views, or indexes as droppable by
55+
anyone able to drop an extension. Require that the calling user own
56+
the specified object (and hence have privilege to drop it).
57+
(CVE-2020-1720)
58+
</para>
59+
</listitem>
60+
61+
<listitem>
62+
<!--
63+
Author: Alvaro Herrera <alvherre@alvh.no-ip.org>
4064
Branch: master [9710d3d4a] 2020-02-07 17:09:36 -0300
4165
Branch: REL_12_STABLE [ce054a8cd] 2020-02-07 17:09:36 -0300
4266
-->
@@ -1201,6 +1225,24 @@ Branch: REL9_4_STABLE [56c06999d] 2019-11-13 11:35:37 -0500
12011225

12021226
<listitem>
12031227
<!--
1228+
Author: Alvaro Herrera <alvherre@alvh.no-ip.org>
1229+
Branch: master [8fa8e0115] 2020-02-10 12:14:58 -0300
1230+
Branch: REL_12_STABLE [87d014da9] 2020-02-10 12:14:58 -0300
1231+
Branch: REL_11_STABLE [ca902add6] 2020-02-10 12:14:58 -0300
1232+
Branch: REL_10_STABLE [163161723] 2020-02-10 12:14:58 -0300
1233+
Branch: REL9_6_STABLE [5575fc208] 2020-02-10 12:14:58 -0300
1234+
Branch: REL9_5_STABLE [1b2ae4bcd] 2020-02-10 12:16:40 -0300
1235+
Branch: REL9_4_STABLE [6f1e443a6] 2020-02-10 12:14:58 -0300
1236+
-->
1237+
<para>
1238+
Apply more thorough syntax checking
1239+
to <application>createuser</application>'s
1240+
<option>--connection-limit</option> option (&Aacute;lvaro Herrera)
1241+
</para>
1242+
</listitem>
1243+
1244+
<listitem>
1245+
<!--
12041246
Author: Tom Lane <tgl@sss.pgh.pa.us>
12051247
Branch: master [4ba4bfaf2] 2019-12-26 15:19:39 -0500
12061248
Branch: REL_12_STABLE [883c27a1c] 2019-12-26 15:19:39 -0500

0 commit comments

Comments
 (0)
[8]ページ先頭
©2009-2025 Movatter.jp