Skip to content

Commit b5576e1

Browse files
tglsfdctglsfdc
committed
Last-minute updates for release notes.
Security: CVE-2022-1552
1 parent 539f8c5 commit b5576e1

File tree

1 file changed

+59
-22
lines changed

1 file changed

+59
-22
lines changed

doc/src/sgml/release-11.sgml

Lines changed: 59 additions & 22 deletions
Original file line numberDiff line numberDiff line change
@@ -35,6 +35,49 @@
3535

3636
<listitem>
3737
<!--
38+
Author: Noah Misch <noah@leadboat.com>
39+
Branch: master [a117cebd6] 2022-05-09 08:35:08 -0700
40+
Branch: REL_14_STABLE [ab49ce7c3] 2022-05-09 08:35:12 -0700
41+
Branch: REL_13_STABLE [35edcc0ce] 2022-05-09 08:35:12 -0700
42+
Branch: REL_12_STABLE [7f098f7b5] 2022-05-09 08:35:12 -0700
43+
Branch: REL_11_STABLE [48ca2904c] 2022-05-09 08:35:13 -0700
44+
Branch: REL_10_STABLE [ef792f785] 2022-05-09 08:35:13 -0700
45+
Author: Noah Misch <noah@leadboat.com>
46+
Branch: master [0abc1a059] 2022-05-09 08:35:08 -0700
47+
Branch: REL_14_STABLE [677a49478] 2022-05-09 08:35:12 -0700
48+
Branch: REL_13_STABLE [88743d581] 2022-05-09 08:35:12 -0700
49+
Branch: REL_12_STABLE [880511cb0] 2022-05-09 08:35:12 -0700
50+
Branch: REL_11_STABLE [34ff15660] 2022-05-09 08:35:13 -0700
51+
Branch: REL_10_STABLE [f26d57028] 2022-05-09 08:35:13 -0700
52+
-->
53+
<para>
54+
Confine additional operations within <quote>security restricted
55+
operation</quote> sandboxes (Sergey Shinderuk, Noah Misch)
56+
</para>
57+
58+
<para>
59+
Autovacuum, <command>CLUSTER</command>, <command>CREATE
60+
INDEX</command>, <command>REINDEX</command>, <command>REFRESH
61+
MATERIALIZED VIEW</command>,
62+
and <application>pg_amcheck</application> activated
63+
the <quote>security restricted operation</quote> protection
64+
mechanism too late, or even not at all in some code paths.
65+
A user having permission to create non-temporary objects within a
66+
database could define an object that would execute arbitrary SQL
67+
code with superuser permissions the next time that autovacuum
68+
processed the object, or that some superuser ran one of the affected
69+
commands against it.
70+
</para>
71+
72+
<para>
73+
The <productname>PostgreSQL</productname> Project thanks
74+
Alexander Lakhin for reporting this problem.
75+
(CVE-2022-1552)
76+
</para>
77+
</listitem>
78+
79+
<listitem>
80+
<!--
3881
Author: Tom Lane <tgl@sss.pgh.pa.us>
3982
Branch: master [ec62cb0aa] 2022-03-17 18:18:05 -0400
4083
Branch: REL_14_STABLE [1d072bd20] 2022-03-17 18:18:05 -0400
@@ -75,28 +118,6 @@ Branch: REL_10_STABLE [205214c8b] 2022-03-17 18:18:05 -0400
75118
<listitem>
76119
<!--
77120
Author: Tom Lane <tgl@sss.pgh.pa.us>
78-
Branch: master [eafdf9de0] 2022-04-20 18:08:23 -0400
79-
Branch: REL_14_STABLE [e34632947] 2022-04-20 18:08:24 -0400
80-
Branch: REL_13_STABLE [8275ba773] 2022-04-20 18:08:15 -0400
81-
Branch: REL_12_STABLE [33fe55c06] 2022-04-20 18:08:15 -0400
82-
Branch: REL_11_STABLE [e7adbd282] 2022-04-20 18:08:15 -0400
83-
Branch: REL_10_STABLE [a1e4782a0] 2022-04-20 18:08:15 -0400
84-
-->
85-
<para>
86-
Disallow infinite endpoints in the timestamp variants
87-
of <function>generate_series()</function> (Tom Lane)
88-
</para>
89-
90-
<para>
91-
Previously, such a call would run until canceled (or
92-
out-of-disk-space). The numeric variant already threw an error for
93-
an infinite endpoint value, so do likewise for timestamps.
94-
</para>
95-
</listitem>
96-
97-
<listitem>
98-
<!--
99-
Author: Tom Lane <tgl@sss.pgh.pa.us>
100121
Branch: master [068739fb4] 2022-03-18 16:01:42 -0400
101122
Branch: REL_14_STABLE [ae8ec7feb] 2022-03-18 16:01:42 -0400
102123
Branch: REL_13_STABLE [88ae77588] 2022-03-18 16:01:42 -0400
@@ -119,6 +140,22 @@ Branch: REL_10_STABLE [e6fd4a3da] 2022-03-18 16:01:42 -0400
119140
<listitem>
120141
<!--
121142
Author: Tom Lane <tgl@sss.pgh.pa.us>
143+
Branch: master [fe20afaee] 2022-05-09 14:15:37 -0400
144+
Branch: REL_14_STABLE [ab2f78392] 2022-05-09 14:15:37 -0400
145+
Branch: REL_13_STABLE [91a3a74c6] 2022-05-09 14:15:37 -0400
146+
Branch: REL_12_STABLE [90e52884e] 2022-05-09 14:15:37 -0400
147+
Branch: REL_11_STABLE [539f8c563] 2022-05-09 14:15:37 -0400
148+
Branch: REL_10_STABLE [4eabaffca] 2022-05-09 14:15:37 -0400
149+
-->
150+
<para>
151+
Avoid core dump in parser for a <literal>VALUES</literal> clause with
152+
zero columns (Tom Lane)
153+
</para>
154+
</listitem>
155+
156+
<listitem>
157+
<!--
158+
Author: Tom Lane <tgl@sss.pgh.pa.us>
122159
Branch: master [2591ee8ec] 2022-03-21 17:44:29 -0400
123160
Branch: REL_14_STABLE [48b6035f0] 2022-03-21 17:44:29 -0400
124161
Branch: REL_13_STABLE [dfefe38fb] 2022-03-21 17:44:29 -0400

0 commit comments

Comments
 (0)