projects / postgresql.git / commitdiff
? search:
summary | shortlog | log | commit | commitdiff | tree
raw | patch | inline | side by side (parent: f50e888)
Last-minute updates for release notes.
authorTom Lane
Mon, 8 Feb 2021 16:10:40 +0000 (11:10 -0500)
committerTom Lane
Mon, 8 Feb 2021 16:10:40 +0000 (11:10 -0500)
Security: CVE-2021-3393, CVE-2021-20229

doc/src/sgml/release-12.sgml patch | blob | blame | history

diff --git a/doc/src/sgml/release-12.sgml b/doc/src/sgml/release-12.sgml
index 2fcd00411886d860f11708da276ffccfb0a48715..142f2721c81ba37cce2106be2f0be159939dca45 100644 (file)
--- a/doc/src/sgml/release-12.sgml
+++ b/doc/src/sgml/release-12.sgml
@@ -23,7 +23,7 @@
    
 
    
-    However, see the first two changelog items below,
+    However, see the second and third changelog items below,
     which describe cases in which reindexing indexes after the upgrade
     may be advisable.
    
@@ -42,6 +42,30 @@
     
 
+     
+      Fix information leakage in constraint-violation error messages
+      (Heikki Linnakangas)
+     
+
+     
+      If an UPDATE command attempts to move a row to a
+      different partition but finds that it violates some constraint on
+      the new partition, and the columns in that partition are in
+      different physical positions than in the parent table, the error
+      message could reveal the contents of columns that the user does not
+      have SELECT privilege on.
+      (CVE-2021-3393)
+     
+    
+
+    
+