Skip to content
Projects
Groups
Snippets
Help
Loading...
Help
Support
Keyboard shortcuts
?
Submit feedback
Contribute to GitLab
Sign in
Toggle navigation
P
Postgres FD Implementation
Project overview
Project overview
Details
Activity
Releases
Repository
Repository
Files
Commits
Branches
Tags
Contributors
Graph
Compare
Issues
0
Issues
0
List
Boards
Labels
Milestones
Merge Requests
0
Merge Requests
0
CI / CD
CI / CD
Pipelines
Jobs
Schedules
Analytics
Analytics
CI / CD
Repository
Value Stream
Wiki
Wiki
Snippets
Snippets
Members
Members
Collapse sidebar
Close sidebar
Activity
Graph
Create a new issue
Jobs
Commits
Issue Boards
Open sidebar
Abuhujair Javed
Postgres FD Implementation
Commits
0ae1d095
Commit
0ae1d095
authored
May 09, 2022
by
Tom Lane
Browse files
Options
Browse Files
Download
Email Patches
Plain Diff
Last-minute updates for release notes.
Security: CVE-2022-1552
parent
ab2f7839
Changes
1
Show whitespace changes
Inline
Side-by-side
Showing
1 changed file
with
60 additions
and
23 deletions
+60
-23
doc/src/sgml/release-14.sgml
doc/src/sgml/release-14.sgml
+60
-23
No files found.
doc/src/sgml/release-14.sgml
View file @
0ae1d095
...
...
@@ -26,7 +26,7 @@
However, if you have any GiST indexes on columns of type
<type>ltree</type> (supplied by the <filename>contrib/ltree</filename>
extension), you should re-index them after updating.
See the
first
changelog entry below.
See the
second
changelog entry below.
</para>
<para>
...
...
@@ -42,6 +42,49 @@
<listitem>
<!--
Author: Noah Misch <noah@leadboat.com>
Branch: master [a117cebd6] 2022-05-09 08:35:08 -0700
Branch: REL_14_STABLE [ab49ce7c3] 2022-05-09 08:35:12 -0700
Branch: REL_13_STABLE [35edcc0ce] 2022-05-09 08:35:12 -0700
Branch: REL_12_STABLE [7f098f7b5] 2022-05-09 08:35:12 -0700
Branch: REL_11_STABLE [48ca2904c] 2022-05-09 08:35:13 -0700
Branch: REL_10_STABLE [ef792f785] 2022-05-09 08:35:13 -0700
Author: Noah Misch <noah@leadboat.com>
Branch: master [0abc1a059] 2022-05-09 08:35:08 -0700
Branch: REL_14_STABLE [677a49478] 2022-05-09 08:35:12 -0700
Branch: REL_13_STABLE [88743d581] 2022-05-09 08:35:12 -0700
Branch: REL_12_STABLE [880511cb0] 2022-05-09 08:35:12 -0700
Branch: REL_11_STABLE [34ff15660] 2022-05-09 08:35:13 -0700
Branch: REL_10_STABLE [f26d57028] 2022-05-09 08:35:13 -0700
-->
<para>
Confine additional operations within <quote>security restricted
operation</quote> sandboxes (Sergey Shinderuk, Noah Misch)
</para>
<para>
Autovacuum, <command>CLUSTER</command>, <command>CREATE
INDEX</command>, <command>REINDEX</command>, <command>REFRESH
MATERIALIZED VIEW</command>,
and <application>pg_amcheck</application> activated
the <quote>security restricted operation</quote> protection
mechanism too late, or even not at all in some code paths.
A user having permission to create non-temporary objects within a
database could define an object that would execute arbitrary SQL
code with superuser permissions the next time that autovacuum
processed the object, or that some superuser ran one of the affected
commands against it.
</para>
<para>
The <productname>PostgreSQL</productname> Project thanks
Alexander Lakhin for reporting this problem.
(CVE-2022-1552)
</para>
</listitem>
<listitem>
<!--
Author: Alexander Korotkov <akorotkov@postgresql.org>
Branch: master [7e74aafc4] 2022-03-16 11:41:18 +0300
Branch: REL_14_STABLE [7d30f59da] 2022-03-16 11:41:30 +0300
...
...
@@ -128,28 +171,6 @@ Branch: REL_14_STABLE [7a8d8219c] 2022-04-19 21:03:27 +0200
<listitem>
<!--
Author: Tom Lane <tgl@sss.pgh.pa.us>
Branch: master [eafdf9de0] 2022-04-20 18:08:23 -0400
Branch: REL_14_STABLE [e34632947] 2022-04-20 18:08:24 -0400
Branch: REL_13_STABLE [8275ba773] 2022-04-20 18:08:15 -0400
Branch: REL_12_STABLE [33fe55c06] 2022-04-20 18:08:15 -0400
Branch: REL_11_STABLE [e7adbd282] 2022-04-20 18:08:15 -0400
Branch: REL_10_STABLE [a1e4782a0] 2022-04-20 18:08:15 -0400
-->
<para>
Disallow infinite endpoints in the timestamp variants
of <function>generate_series()</function> (Tom Lane)
</para>
<para>
Previously, such a call would run until canceled (or
out-of-disk-space). The numeric variant already threw an error for
an infinite endpoint value, so do likewise for timestamps.
</para>
</listitem>
<listitem>
<!--
Author: Andres Freund <andres@anarazel.de>
Branch: master [43a7dc96e] 2022-03-27 21:46:23 -0700
Branch: REL_14_STABLE [c1a0d7d1c] 2022-03-27 21:44:39 -0700
...
...
@@ -189,6 +210,22 @@ Branch: REL_10_STABLE [e6fd4a3da] 2022-03-18 16:01:42 -0400
<listitem>
<!--
Author: Tom Lane <tgl@sss.pgh.pa.us>
Branch: master [fe20afaee] 2022-05-09 14:15:37 -0400
Branch: REL_14_STABLE [ab2f78392] 2022-05-09 14:15:37 -0400
Branch: REL_13_STABLE [91a3a74c6] 2022-05-09 14:15:37 -0400
Branch: REL_12_STABLE [90e52884e] 2022-05-09 14:15:37 -0400
Branch: REL_11_STABLE [539f8c563] 2022-05-09 14:15:37 -0400
Branch: REL_10_STABLE [4eabaffca] 2022-05-09 14:15:37 -0400
-->
<para>
Avoid core dump in parser for a <literal>VALUES</literal> clause with
zero columns (Tom Lane)
</para>
</listitem>
<listitem>
<!--
Author: Etsuro Fujita <efujita@postgresql.org>
Branch: master [5c854e7a2] 2022-04-28 15:15:00 +0900
Branch: REL_14_STABLE [ebb790241] 2022-04-28 15:15:02 +0900
...
...
Write
Preview
Markdown
is supported
0%
Try again
or
attach a new file
Attach a file
Cancel
You are about to add
0
people
to the discussion. Proceed with caution.
Finish editing this message first!
Cancel
Please
register
or
sign in
to comment
