From: Tom Lane Date: Mon, 5 Nov 2018 15:48:23 +0000 (-0500) Subject: Last-minute updates for release notes. X-Git-Tag: REL_12_BETA1~1303 X-Git-Url: https://granicus.if.org/sourcecode?a=commitdiff_plain;h=1eaeb02a30b307bad4d6a9cc2d596273a5a38a7a;p=postgresql Last-minute updates for release notes. Security: CVE-2018-16850 --- diff --git a/doc/src/sgml/release-10.sgml b/doc/src/sgml/release-10.sgml index b18626fb69..c268ec2a0e 100644 --- a/doc/src/sgml/release-10.sgml +++ b/doc/src/sgml/release-10.sgml @@ -38,6 +38,20 @@ + + + Ensure proper quoting of transition table names + when pg_dump emits CREATE TRIGGER + ... REFERENCING commands (Tom Lane) + + + + This oversight could be exploited by an unprivileged user to gain + superuser privileges during the next dump/reload + or pg_upgrade run. (CVE-2018-16850) + + + + + Ensure proper quoting of transition table names + when pg_dump emits CREATE TRIGGER + ... REFERENCING commands (Tom Lane) + + + + This oversight could be exploited by an unprivileged user to gain + superuser privileges during the next dump/reload + or pg_upgrade run. (CVE-2018-16850) + + + + + + + Prevent creation of a partition in a trigger attached to its parent + table (Amit Langote) + + + + Ideally we'd allow that, but for the moment it has to be blocked to + avoid crashes. + + + + + + + Fix problems with applying ON COMMIT DELETE ROWS to + a partitioned temporary table (Amit Langote) + + + + + - - Ensure proper quoting of transition table names - when pg_dump emits CREATE TRIGGER - ... REFERENCING commands (Tom Lane) - - - - -