Skip to content

Commit b4516b1

Browse files
tglsfdctglsfdc
committed
Last-minute updates for release notes.
Security: CVE-2022-1552
1 parent 90e5288 commit b4516b1

File tree

1 file changed

+59
-22
lines changed

1 file changed

+59
-22
lines changed

doc/src/sgml/release-12.sgml

Lines changed: 59 additions & 22 deletions
Original file line numberDiff line numberDiff line change
@@ -35,6 +35,49 @@
3535

3636
<listitem>
3737
<!--
38+
Author: Noah Misch <noah@leadboat.com>
39+
Branch: master [a117cebd6] 2022-05-09 08:35:08 -0700
40+
Branch: REL_14_STABLE [ab49ce7c3] 2022-05-09 08:35:12 -0700
41+
Branch: REL_13_STABLE [35edcc0ce] 2022-05-09 08:35:12 -0700
42+
Branch: REL_12_STABLE [7f098f7b5] 2022-05-09 08:35:12 -0700
43+
Branch: REL_11_STABLE [48ca2904c] 2022-05-09 08:35:13 -0700
44+
Branch: REL_10_STABLE [ef792f785] 2022-05-09 08:35:13 -0700
45+
Author: Noah Misch <noah@leadboat.com>
46+
Branch: master [0abc1a059] 2022-05-09 08:35:08 -0700
47+
Branch: REL_14_STABLE [677a49478] 2022-05-09 08:35:12 -0700
48+
Branch: REL_13_STABLE [88743d581] 2022-05-09 08:35:12 -0700
49+
Branch: REL_12_STABLE [880511cb0] 2022-05-09 08:35:12 -0700
50+
Branch: REL_11_STABLE [34ff15660] 2022-05-09 08:35:13 -0700
51+
Branch: REL_10_STABLE [f26d57028] 2022-05-09 08:35:13 -0700
52+
-->
53+
<para>
54+
Confine additional operations within <quote>security restricted
55+
operation</quote> sandboxes (Sergey Shinderuk, Noah Misch)
56+
</para>
57+
58+
<para>
59+
Autovacuum, <command>CLUSTER</command>, <command>CREATE
60+
INDEX</command>, <command>REINDEX</command>, <command>REFRESH
61+
MATERIALIZED VIEW</command>,
62+
and <application>pg_amcheck</application> activated
63+
the <quote>security restricted operation</quote> protection
64+
mechanism too late, or even not at all in some code paths.
65+
A user having permission to create non-temporary objects within a
66+
database could define an object that would execute arbitrary SQL
67+
code with superuser permissions the next time that autovacuum
68+
processed the object, or that some superuser ran one of the affected
69+
commands against it.
70+
</para>
71+
72+
<para>
73+
The <productname>PostgreSQL</productname> Project thanks
74+
Alexander Lakhin for reporting this problem.
75+
(CVE-2022-1552)
76+
</para>
77+
</listitem>
78+
79+
<listitem>
80+
<!--
3881
Author: Tom Lane <tgl@sss.pgh.pa.us>
3982
Branch: master [ec62cb0aa] 2022-03-17 18:18:05 -0400
4083
Branch: REL_14_STABLE [1d072bd20] 2022-03-17 18:18:05 -0400
@@ -75,28 +118,6 @@ Branch: REL_10_STABLE [205214c8b] 2022-03-17 18:18:05 -0400
75118
<listitem>
76119
<!--
77120
Author: Tom Lane <tgl@sss.pgh.pa.us>
78-
Branch: master [eafdf9de0] 2022-04-20 18:08:23 -0400
79-
Branch: REL_14_STABLE [e34632947] 2022-04-20 18:08:24 -0400
80-
Branch: REL_13_STABLE [8275ba773] 2022-04-20 18:08:15 -0400
81-
Branch: REL_12_STABLE [33fe55c06] 2022-04-20 18:08:15 -0400
82-
Branch: REL_11_STABLE [e7adbd282] 2022-04-20 18:08:15 -0400
83-
Branch: REL_10_STABLE [a1e4782a0] 2022-04-20 18:08:15 -0400
84-
-->
85-
<para>
86-
Disallow infinite endpoints in the timestamp variants
87-
of <function>generate_series()</function> (Tom Lane)
88-
</para>
89-
90-
<para>
91-
Previously, such a call would run until canceled (or
92-
out-of-disk-space). The numeric variant already threw an error for
93-
an infinite endpoint value, so do likewise for timestamps.
94-
</para>
95-
</listitem>
96-
97-
<listitem>
98-
<!--
99-
Author: Tom Lane <tgl@sss.pgh.pa.us>
100121
Branch: master [068739fb4] 2022-03-18 16:01:42 -0400
101122
Branch: REL_14_STABLE [ae8ec7feb] 2022-03-18 16:01:42 -0400
102123
Branch: REL_13_STABLE [88ae77588] 2022-03-18 16:01:42 -0400
@@ -119,6 +140,22 @@ Branch: REL_10_STABLE [e6fd4a3da] 2022-03-18 16:01:42 -0400
119140
<listitem>
120141
<!--
121142
Author: Tom Lane <tgl@sss.pgh.pa.us>
143+
Branch: master [fe20afaee] 2022-05-09 14:15:37 -0400
144+
Branch: REL_14_STABLE [ab2f78392] 2022-05-09 14:15:37 -0400
145+
Branch: REL_13_STABLE [91a3a74c6] 2022-05-09 14:15:37 -0400
146+
Branch: REL_12_STABLE [90e52884e] 2022-05-09 14:15:37 -0400
147+
Branch: REL_11_STABLE [539f8c563] 2022-05-09 14:15:37 -0400
148+
Branch: REL_10_STABLE [4eabaffca] 2022-05-09 14:15:37 -0400
149+
-->
150+
<para>
151+
Avoid core dump in parser for a <literal>VALUES</literal> clause with
152+
zero columns (Tom Lane)
153+
</para>
154+
</listitem>
155+
156+
<listitem>
157+
<!--
158+
Author: Tom Lane <tgl@sss.pgh.pa.us>
122159
Branch: master [2591ee8ec] 2022-03-21 17:44:29 -0400
123160
Branch: REL_14_STABLE [48b6035f0] 2022-03-21 17:44:29 -0400
124161
Branch: REL_13_STABLE [dfefe38fb] 2022-03-21 17:44:29 -0400

0 commit comments

Comments
 (0)
pFad - Phonifier reborn

Pfad - The Proxy pFad of © 2024 Garber Painting. All rights reserved.

Note: This service is not intended for secure transactions such as banking, social media, email, or purchasing. Use at your own risk. We assume no liability whatsoever for broken pages.


Alternative Proxies:

Alternative Proxy

pFad Proxy

pFad v3 Proxy

pFad v4 Proxy