mirrors/postgres
1
0
Fork 0
Code Issues Pull Requests Packages Projects Releases Wiki Activity

Last-minute updates for release notes.

Browse Source 
Security: CVE-2018-16850
This commit is contained in:
Tom Lane 2018-11-05 10:48:23 -05:00
parent af5ab115bc
commit 2da33cbd52
2 changed files with 84 additions and 22 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

41
doc/src/sgml/release-10.sgml
View File

@ -38,6 +38,20 @@
<itemizedlist> <itemizedlist>
<listitem>
<para>
Ensure proper quoting of transition table names
when <application>pg_dump</application> emits <command>CREATE TRIGGER
... REFERENCING</command> commands (Tom Lane)
</para>
<para>
This oversight could be exploited by an unprivileged user to gain
superuser privileges during the next dump/reload
or <application>pg_upgrade</application> run. (CVE-2018-16850)
</para>
</listitem>
<listitem> <listitem>
<!-- <!--
Author: Tom Lane <tgl@sss.pgh.pa.us> Author: Tom Lane <tgl@sss.pgh.pa.us>
@ -202,6 +216,25 @@ Branch: REL9_3_STABLE [591d0ac88] 2018-09-15 13:42:34 -0400
</para> </para>
</listitem> </listitem>
<listitem>
<para>
Prevent creation of a partition in a trigger attached to its parent
table (Amit Langote)
</para>
<para>
Ideally we'd allow that, but for the moment it has to be blocked to
avoid crashes.
</para>
</listitem>
<listitem>
<para>
Fix problems with applying <literal>ON COMMIT DELETE ROWS</literal> to
a partitioned temporary table (Amit Langote)
</para>
</listitem>
<listitem> <listitem>
<para> <para>
Fix character-class checks to not fail on Windows for Unicode Fix character-class checks to not fail on Windows for Unicode
@ -899,14 +932,6 @@ Branch: REL_10_STABLE [cb282eab1] 2018-08-22 14:23:03 +0900
</para> </para>
</listitem> </listitem>
<listitem>
<para>
Ensure proper quoting of transition table names
when <application>pg_dump</application> emits <command>CREATE TRIGGER
... REFERENCING</command> commands (Tom Lane)
</para>
</listitem>
<listitem> <listitem>
<!-- <!--
Author: Tom Lane <tgl@sss.pgh.pa.us> Author: Tom Lane <tgl@sss.pgh.pa.us>

65
doc/src/sgml/release-11.sgml
View File

@ -35,6 +35,26 @@
<listitem> <listitem>
<!-- <!--
Author: Tom Lane <tgl@sss.pgh.pa.us>
Branch: master [350410be4] 2018-10-19 00:50:16 -0400
Branch: REL_11_STABLE [06292bb94] 2018-10-19 00:50:16 -0400
Branch: REL_10_STABLE [09397f0ed] 2018-10-19 00:50:17 -0400
-->
<para>
Ensure proper quoting of transition table names
when <application>pg_dump</application> emits <command>CREATE TRIGGER
... REFERENCING</command> commands (Tom Lane)
</para>
<para>
This oversight could be exploited by an unprivileged user to gain
superuser privileges during the next dump/reload
or <application>pg_upgrade</application> run. (CVE-2018-16850)
</para>
</listitem>
<listitem>
<!--
Author: Alvaro Herrera <alvherre@alvh.no-ip.org> Author: Alvaro Herrera <alvherre@alvh.no-ip.org>
Branch: master [dfa608141] 2018-11-03 13:25:19 -0300 Branch: master [dfa608141] 2018-11-03 13:25:19 -0300
Branch: REL_11_STABLE [33e6c34c3] 2018-11-03 13:25:29 -0300 Branch: REL_11_STABLE [33e6c34c3] 2018-11-03 13:25:29 -0300
@ -132,6 +152,37 @@ Branch: REL_11_STABLE [6eb31cedb] 2018-11-03 16:00:00 -0700
<listitem> <listitem>
<!-- <!--
Author: Michael Paquier <michael@paquier.xyz>
Branch: master [dc3e436b1] 2018-11-05 11:04:02 +0900
Branch: REL_11_STABLE [7c222d5e5] 2018-11-05 11:04:14 +0900
Branch: REL_10_STABLE [8aad248f7] 2018-11-05 11:04:20 +0900
-->
<para>
Prevent creation of a partition in a trigger attached to its parent
table (Amit Langote)
</para>
<para>
Ideally we'd allow that, but for the moment it has to be blocked to
avoid crashes.
</para>
</listitem>
<listitem>
<!--
Author: Michael Paquier <michael@paquier.xyz>
Branch: master [4bc772e2a] 2018-11-05 09:14:33 +0900
Branch: REL_11_STABLE [948af5232] 2018-11-05 09:15:08 +0900
Branch: REL_10_STABLE [70c38e708] 2018-11-05 09:15:25 +0900
-->
<para>
Fix problems with applying <literal>ON COMMIT DELETE ROWS</literal> to
a partitioned temporary table (Amit Langote)
</para>
</listitem>
<listitem>
<!--
Author: Tom Lane <tgl@sss.pgh.pa.us> Author: Tom Lane <tgl@sss.pgh.pa.us>
Branch: master [981dc2baa] 2018-11-03 13:56:10 -0400 Branch: master [981dc2baa] 2018-11-03 13:56:10 -0400
Branch: REL_11_STABLE [bf4a9562e] 2018-11-03 13:56:10 -0400 Branch: REL_11_STABLE [bf4a9562e] 2018-11-03 13:56:10 -0400
@ -233,20 +284,6 @@ Branch: REL9_5_STABLE [ac3be116a] 2018-10-19 22:22:57 -0400
<listitem> <listitem>
<!-- <!--
Author: Tom Lane <tgl@sss.pgh.pa.us>
Branch: master [350410be4] 2018-10-19 00:50:16 -0400
Branch: REL_11_STABLE [06292bb94] 2018-10-19 00:50:16 -0400
Branch: REL_10_STABLE [09397f0ed] 2018-10-19 00:50:17 -0400
-->
<para>
Ensure proper quoting of transition table names
when <application>pg_dump</application> emits <command>CREATE TRIGGER
... REFERENCING</command> commands (Tom Lane)
</para>
</listitem>
<listitem>
<!--
Author: Michael Paquier <michael@paquier.xyz> Author: Michael Paquier <michael@paquier.xyz>
Branch: master [d55241af7] 2018-10-19 22:44:12 +0900 Branch: master [d55241af7] 2018-10-19 22:44:12 +0900
Branch: REL_11_STABLE [cc7f27eae] 2018-10-19 22:45:07 +0900 Branch: REL_11_STABLE [cc7f27eae] 2018-10-19 22:45:07 +0900