diff options
| author | Tom Lane <tgl@sss.pgh.pa.us> | 2019-05-06 12:45:59 -0400 | 
|---|---|---|
| committer | Tom Lane <tgl@sss.pgh.pa.us> | 2019-05-06 12:45:59 -0400 | 
| commit | ffe69b4afdae8284ad3f0d4c57640f077799cfa9 (patch) | |
| tree | e9daf503738f67333887d4d9a88fb263be3d3cac | |
| parent | 54ff9fa588fb85f3e192bb7fe365d9db2eeed8a9 (diff) | |
Last-minute updates for release notes.
Security: CVE-2019-10129, CVE-2019-10130
| -rw-r--r-- | doc/src/sgml/release-9.4.sgml | 17 | 
1 files changed, 17 insertions, 0 deletions
| diff --git a/doc/src/sgml/release-9.4.sgml b/doc/src/sgml/release-9.4.sgml index c55c194266a..9bec0bf5589 100644 --- a/doc/src/sgml/release-9.4.sgml +++ b/doc/src/sgml/release-9.4.sgml @@ -161,6 +161,23 @@      <listitem>       <para> +      Check the appropriate user's permissions when enforcing rules about +      letting a leaky operator see <structname>pg_statistic</structname> +      data (Dean Rasheed) +     </para> + +     <para> +      When an underlying table is being accessed via a view, consider the +      privileges of the view owner while deciding whether leaky operators +      may be applied to the table's statistics data, rather than the +      privileges of the user making the query.  This makes the planner's +      rules about what data is visible match up with the executor's, +      avoiding unnecessarily-poor plans. +     </para> +    </listitem> + +    <listitem> +     <para>        Avoid O(N^2) performance issue when rolling back a transaction that        created many tables (Tomas Vondra)       </para> | 
