Skip to content

Commit db034c2

Browse files
tglsfdctglsfdc
committed
Last-minute updates for release notes.
Security: CVE-2022-1552
1 parent 4eabaff commit db034c2

File tree

1 file changed

+59
-22
lines changed

1 file changed

+59
-22
lines changed

doc/src/sgml/release-10.sgml

Lines changed: 59 additions & 22 deletions
Original file line numberDiff line numberDiff line change
@@ -41,6 +41,49 @@
4141

4242
<listitem>
4343
<!--
44+
Author: Noah Misch <noah@leadboat.com>
45+
Branch: master [a117cebd6] 2022-05-09 08:35:08 -0700
46+
Branch: REL_14_STABLE [ab49ce7c3] 2022-05-09 08:35:12 -0700
47+
Branch: REL_13_STABLE [35edcc0ce] 2022-05-09 08:35:12 -0700
48+
Branch: REL_12_STABLE [7f098f7b5] 2022-05-09 08:35:12 -0700
49+
Branch: REL_11_STABLE [48ca2904c] 2022-05-09 08:35:13 -0700
50+
Branch: REL_10_STABLE [ef792f785] 2022-05-09 08:35:13 -0700
51+
Author: Noah Misch <noah@leadboat.com>
52+
Branch: master [0abc1a059] 2022-05-09 08:35:08 -0700
53+
Branch: REL_14_STABLE [677a49478] 2022-05-09 08:35:12 -0700
54+
Branch: REL_13_STABLE [88743d581] 2022-05-09 08:35:12 -0700
55+
Branch: REL_12_STABLE [880511cb0] 2022-05-09 08:35:12 -0700
56+
Branch: REL_11_STABLE [34ff15660] 2022-05-09 08:35:13 -0700
57+
Branch: REL_10_STABLE [f26d57028] 2022-05-09 08:35:13 -0700
58+
-->
59+
<para>
60+
Confine additional operations within <quote>security restricted
61+
operation</quote> sandboxes (Sergey Shinderuk, Noah Misch)
62+
</para>
63+
64+
<para>
65+
Autovacuum, <command>CLUSTER</command>, <command>CREATE
66+
INDEX</command>, <command>REINDEX</command>, <command>REFRESH
67+
MATERIALIZED VIEW</command>,
68+
and <application>pg_amcheck</application> activated
69+
the <quote>security restricted operation</quote> protection
70+
mechanism too late, or even not at all in some code paths.
71+
A user having permission to create non-temporary objects within a
72+
database could define an object that would execute arbitrary SQL
73+
code with superuser permissions the next time that autovacuum
74+
processed the object, or that some superuser ran one of the affected
75+
commands against it.
76+
</para>
77+
78+
<para>
79+
The <productname>PostgreSQL</productname> Project thanks
80+
Alexander Lakhin for reporting this problem.
81+
(CVE-2022-1552)
82+
</para>
83+
</listitem>
84+
85+
<listitem>
86+
<!--
4487
Author: Tom Lane <tgl@sss.pgh.pa.us>
4588
Branch: master [ec62cb0aa] 2022-03-17 18:18:05 -0400
4689
Branch: REL_14_STABLE [1d072bd20] 2022-03-17 18:18:05 -0400
@@ -81,28 +124,6 @@ Branch: REL_10_STABLE [205214c8b] 2022-03-17 18:18:05 -0400
81124
<listitem>
82125
<!--
83126
Author: Tom Lane <tgl@sss.pgh.pa.us>
84-
Branch: master [eafdf9de0] 2022-04-20 18:08:23 -0400
85-
Branch: REL_14_STABLE [e34632947] 2022-04-20 18:08:24 -0400
86-
Branch: REL_13_STABLE [8275ba773] 2022-04-20 18:08:15 -0400
87-
Branch: REL_12_STABLE [33fe55c06] 2022-04-20 18:08:15 -0400
88-
Branch: REL_11_STABLE [e7adbd282] 2022-04-20 18:08:15 -0400
89-
Branch: REL_10_STABLE [a1e4782a0] 2022-04-20 18:08:15 -0400
90-
-->
91-
<para>
92-
Disallow infinite endpoints in the timestamp variants
93-
of <function>generate_series()</function> (Tom Lane)
94-
</para>
95-
96-
<para>
97-
Previously, such a call would run until canceled (or
98-
out-of-disk-space). The numeric variant already threw an error for
99-
an infinite endpoint value, so do likewise for timestamps.
100-
</para>
101-
</listitem>
102-
103-
<listitem>
104-
<!--
105-
Author: Tom Lane <tgl@sss.pgh.pa.us>
106127
Branch: master [068739fb4] 2022-03-18 16:01:42 -0400
107128
Branch: REL_14_STABLE [ae8ec7feb] 2022-03-18 16:01:42 -0400
108129
Branch: REL_13_STABLE [88ae77588] 2022-03-18 16:01:42 -0400
@@ -125,6 +146,22 @@ Branch: REL_10_STABLE [e6fd4a3da] 2022-03-18 16:01:42 -0400
125146
<listitem>
126147
<!--
127148
Author: Tom Lane <tgl@sss.pgh.pa.us>
149+
Branch: master [fe20afaee] 2022-05-09 14:15:37 -0400
150+
Branch: REL_14_STABLE [ab2f78392] 2022-05-09 14:15:37 -0400
151+
Branch: REL_13_STABLE [91a3a74c6] 2022-05-09 14:15:37 -0400
152+
Branch: REL_12_STABLE [90e52884e] 2022-05-09 14:15:37 -0400
153+
Branch: REL_11_STABLE [539f8c563] 2022-05-09 14:15:37 -0400
154+
Branch: REL_10_STABLE [4eabaffca] 2022-05-09 14:15:37 -0400
155+
-->
156+
<para>
157+
Avoid core dump in parser for a <literal>VALUES</literal> clause with
158+
zero columns (Tom Lane)
159+
</para>
160+
</listitem>
161+
162+
<listitem>
163+
<!--
164+
Author: Tom Lane <tgl@sss.pgh.pa.us>
128165
Branch: master [2591ee8ec] 2022-03-21 17:44:29 -0400
129166
Branch: REL_14_STABLE [48b6035f0] 2022-03-21 17:44:29 -0400
130167
Branch: REL_13_STABLE [dfefe38fb] 2022-03-21 17:44:29 -0400

0 commit comments

Comments
 (0)