projects / postgresql.git / commitdiff
? search:
summary | shortlog | log | commit | commitdiff | tree
raw | patch | inline | side by side (parent: 8673743)
Last-minute updates for release notes.
authorTom Lane
Mon, 5 Aug 2019 15:49:14 +0000 (11:49 -0400)
committerTom Lane
Mon, 5 Aug 2019 15:49:14 +0000 (11:49 -0400)
Security: CVE-2019-10208, CVE-2019-10209

doc/src/sgml/release-9.4.sgml patch | blob | blame | history

diff --git a/doc/src/sgml/release-9.4.sgml b/doc/src/sgml/release-9.4.sgml
index 8fde65b27fdba6b9262613158e6bfe67f1e44c4d..36ef9009e6777f083b7830337849732deb175e08 100644 (file)
--- a/doc/src/sgml/release-9.4.sgml
+++ b/doc/src/sgml/release-9.4.sgml
@@ -41,6 +41,36 @@
 
     
 
+     
+      Require schema qualification to cast to a temporary type when using
+      functional cast syntax (Noah Misch)
+     
+
+     
+      We have long required invocations of temporary functions to
+      explicitly specify the temporary schema, that
+      is pg_temp.func_name(args).
+      Require this as well for casting to temporary types using functional
+      notation, for
+      example pg_temp.type_name(arg).
+      Otherwise it's possible to capture a function call using a temporary
+      object, allowing privilege escalation in much the same ways that we
+      blocked in CVE-2007-2138.
+      (CVE-2019-10208)
+     
+    
+
+    
+