summaryrefslogtreecommitdiff
diff options
context:
space:
mode:
authorTom Lane <tgl@sss.pgh.pa.us>2018-11-05 10:48:23 -0500
committerTom Lane <tgl@sss.pgh.pa.us>2018-11-05 10:48:23 -0500
commit613373b52b08dee01fad2f25162dd92486740c76 (patch)
tree7ae90c4ecbb272d88e07d938b503c3600785caf2
parent5d846a2dd7b1d3e61f8bb813e1f7b7e1ad18607b (diff)
Last-minute updates for release notes.
Security: CVE-2018-16850
-rw-r--r--doc/src/sgml/release-10.sgml41
1 files changed, 33 insertions, 8 deletions
diff --git a/doc/src/sgml/release-10.sgml b/doc/src/sgml/release-10.sgml
index 12e9df753cb..372307c250a 100644
--- a/doc/src/sgml/release-10.sgml
+++ b/doc/src/sgml/release-10.sgml
@@ -39,6 +39,20 @@
<itemizedlist>
<listitem>
+ <para>
+ Ensure proper quoting of transition table names
+ when <application>pg_dump</application> emits <command>CREATE TRIGGER
+ ... REFERENCING</command> commands (Tom Lane)
+ </para>
+
+ <para>
+ This oversight could be exploited by an unprivileged user to gain
+ superuser privileges during the next dump/reload
+ or <application>pg_upgrade</application> run. (CVE-2018-16850)
+ </para>
+ </listitem>
+
+ <listitem>
<!--
Author: Tom Lane <tgl@sss.pgh.pa.us>
Branch: master [3d0f68dd3] 2018-10-02 11:54:12 -0400
@@ -204,6 +218,25 @@ Branch: REL9_3_STABLE [591d0ac88] 2018-09-15 13:42:34 -0400
<listitem>
<para>
+ Prevent creation of a partition in a trigger attached to its parent
+ table (Amit Langote)
+ </para>
+
+ <para>
+ Ideally we'd allow that, but for the moment it has to be blocked to
+ avoid crashes.
+ </para>
+ </listitem>
+
+ <listitem>
+ <para>
+ Fix problems with applying <literal>ON COMMIT DELETE ROWS</literal> to
+ a partitioned temporary table (Amit Langote)
+ </para>
+ </listitem>
+
+ <listitem>
+ <para>
Fix character-class checks to not fail on Windows for Unicode
characters above U+FFFF (Tom Lane, Kenji Uno)
</para>
@@ -900,14 +933,6 @@ Branch: REL_10_STABLE [cb282eab1] 2018-08-22 14:23:03 +0900
</listitem>
<listitem>
- <para>
- Ensure proper quoting of transition table names
- when <application>pg_dump</application> emits <command>CREATE TRIGGER
- ... REFERENCING</command> commands (Tom Lane)
- </para>
- </listitem>
-
- <listitem>
<!--
Author: Tom Lane <tgl@sss.pgh.pa.us>
Branch: master [5b5ed4756] 2018-08-07 13:13:42 -0400