Movatterモバイル変換

[0]ホーム
URL:

Skip to content

Navigation Menu

Sign in
Appearance settings

Search code, repositories, users, issues, pull requests...

Provide feedback

We read every piece of feedback, and take your input very seriously.

Saved searches

Use saved searches to filter your results more quickly

 Sign up
Appearance settings

Commitf1a3368

Browse files
committed
Last-minute updates for release notes.
Security:CVE-2020-1720
1 parentca902ad commitf1a3368

File tree

1 file changed

+42
-0
lines changed

1 file changed

+42
-0
lines changed

‎doc/src/sgml/release-11.sgml‎

Lines changed: 42 additions & 0 deletions
Original file line numberDiff line numberDiff line change
@@ -36,6 +36,30 @@
3636
<listitem>
3737
<!--
3838
Author: Alvaro Herrera <alvherre@alvh.no-ip.org>
39+
Branch: master [b048f558d] 2020-02-10 11:47:09 -0300
40+
Branch: REL_12_STABLE [2ad125322] 2020-02-10 11:47:09 -0300
41+
Branch: REL_11_STABLE [bdd19e48a] 2020-02-10 11:47:09 -0300
42+
Branch: REL_10_STABLE [ac1a998ed] 2020-02-10 11:47:09 -0300
43+
Branch: REL9_6_STABLE [e8b8eb937] 2020-02-10 12:06:25 -0300
44+
-->
45+
<para>
46+
Add missing permissions checks for <command>ALTER ... DEPENDS ON
47+
EXTENSION</command> (&Aacute;lvaro Herrera)
48+
</para>
49+
50+
<para>
51+
Marking an object as dependent on an extension did not have any
52+
privilege check whatsoever. This oversight allowed any user to mark
53+
routines, triggers, materialized views, or indexes as droppable by
54+
anyone able to drop an extension. Require that the calling user own
55+
the specified object (and hence have privilege to drop it).
56+
(CVE-2020-1720)
57+
</para>
58+
</listitem>
59+
60+
<listitem>
61+
<!--
62+
Author: Alvaro Herrera <alvherre@alvh.no-ip.org>
3963
Branch: master [1fa846f1c] 2020-01-02 17:04:24 -0300
4064
Branch: REL_12_STABLE [d73214839] 2020-01-02 17:04:24 -0300
4165
Branch: REL_11_STABLE [adc9cb6f2] 2020-01-02 17:04:24 -0300
@@ -925,6 +949,24 @@ Branch: REL9_4_STABLE [56c06999d] 2019-11-13 11:35:37 -0500
925949

926950
<listitem>
927951
<!--
952+
Author: Alvaro Herrera <alvherre@alvh.no-ip.org>
953+
Branch: master [8fa8e0115] 2020-02-10 12:14:58 -0300
954+
Branch: REL_12_STABLE [87d014da9] 2020-02-10 12:14:58 -0300
955+
Branch: REL_11_STABLE [ca902add6] 2020-02-10 12:14:58 -0300
956+
Branch: REL_10_STABLE [163161723] 2020-02-10 12:14:58 -0300
957+
Branch: REL9_6_STABLE [5575fc208] 2020-02-10 12:14:58 -0300
958+
Branch: REL9_5_STABLE [1b2ae4bcd] 2020-02-10 12:16:40 -0300
959+
Branch: REL9_4_STABLE [6f1e443a6] 2020-02-10 12:14:58 -0300
960+
-->
961+
<para>
962+
Apply more thorough syntax checking
963+
to <application>createuser</application>'s
964+
<option>--connection-limit</option> option (&Aacute;lvaro Herrera)
965+
</para>
966+
</listitem>
967+
968+
<listitem>
969+
<!--
928970
Author: Tom Lane <tgl@sss.pgh.pa.us>
929971
Branch: master [4ba4bfaf2] 2019-12-26 15:19:39 -0500
930972
Branch: REL_12_STABLE [883c27a1c] 2019-12-26 15:19:39 -0500

0 commit comments

Comments
 (0)
[8]ページ先頭
©2009-2025 Movatter.jp