Last-minute updates for release notes.

Security: CVE-2018-16850

diff --git a/doc/src/sgml/release-10.sgml b/doc/src/sgml/release-10.sgml
index b18626fb69262439eab8fd87242a9b3ad022da47..c268ec2a0eaf895578f7d6a2068ce50b4327c383 100644 (file)
--- a/doc/src/sgml/release-10.sgml
+++ b/doc/src/sgml/release-10.sgml
@@ -38,6 +38,20 @@
 
    
 
+    
+     
+      Ensure proper quoting of transition table names
+      when pg_dump emits CREATE TRIGGER
+      ... REFERENCING commands (Tom Lane)
+     
+
+     
+      This oversight could be exploited by an unprivileged user to gain
+      superuser privileges during the next dump/reload
+      or pg_upgrade run.  (CVE-2018-16850)
+     
+    
+
     
 
+     
+      Ensure proper quoting of transition table names
+      when pg_dump emits CREATE TRIGGER
+      ... REFERENCING commands (Tom Lane)
+     
+
+     
+      This oversight could be exploited by an unprivileged user to gain
+      superuser privileges during the next dump/reload
+      or pg_upgrade run.  (CVE-2018-16850)
+     
+    
+
+    
+
+     
+      Prevent creation of a partition in a trigger attached to its parent
+      table (Amit Langote)
+     
+
+     
+      Ideally we'd allow that, but for the moment it has to be blocked to
+      avoid crashes.
+     
+    
+
+    
+
+     
+      Fix problems with applying ON COMMIT DELETE ROWS to
+      a partitioned temporary table (Amit Langote)
+     
+    
+
+    
+
-     
-      Ensure proper quoting of transition table names
-      when pg_dump emits CREATE TRIGGER
-      ... REFERENCING commands (Tom Lane)
-     
-    
-
-    
-