From 23c8b0ccc6e200643d1ee860cd71372d06d4a94b Mon Sep 17 00:00:00 2001 From: Tom Lane <tgl@sss.pgh.pa.us> Date: Fri, 20 Apr 2007 03:27:23 +0000 Subject: [PATCH] Fix markup. Security: CVE-2007-2138 --- doc/src/sgml/release.sgml | 17 ++++++----------- 1 file changed, 6 insertions(+), 11 deletions(-) diff --git a/doc/src/sgml/release.sgml b/doc/src/sgml/release.sgml index fd938eb8f9..f7a6710a11 100644 --- a/doc/src/sgml/release.sgml +++ b/doc/src/sgml/release.sgml @@ -1,4 +1,4 @@ -<!-- $PostgreSQL: pgsql/doc/src/sgml/release.sgml,v 1.501 2007/04/20 02:37:37 tgl Exp $ --> +<!-- $PostgreSQL: pgsql/doc/src/sgml/release.sgml,v 1.502 2007/04/20 03:27:23 tgl Exp $ --> <!-- Typical markup: @@ -73,8 +73,7 @@ do it for earlier branch release files. truly secure value of <varname>search_path</>. Without it, an unprivileged SQL user can use temporary objects to execute code with the privileges of the security-definer function (CVE-2007-2138). - See <xref linkend="sql-createfunction" - endterm="sql-createfunction-title"> for more information. + See <command>CREATE FUNCTION</> for more information. </para> </listitem> @@ -3106,8 +3105,7 @@ do it for earlier branch release files. truly secure value of <varname>search_path</>. Without it, an unprivileged SQL user can use temporary objects to execute code with the privileges of the security-definer function (CVE-2007-2138). - See <xref linkend="sql-createfunction" - endterm="sql-createfunction-title"> for more information. + See <command>CREATE FUNCTION</> for more information. </para> </listitem> @@ -6146,8 +6144,7 @@ psql -t -f fixseq.sql db1 | psql -e db1 truly secure value of <varname>search_path</>. Without it, an unprivileged SQL user can use temporary objects to execute code with the privileges of the security-definer function (CVE-2007-2138). - See <xref linkend="sql-createfunction" - endterm="sql-createfunction-title"> for more information. + See <command>CREATE FUNCTION</> for more information. </para> </listitem> @@ -9656,8 +9653,7 @@ typedefs (Michael)</para></listitem> truly secure value of <varname>search_path</>. Without it, an unprivileged SQL user can use temporary objects to execute code with the privileges of the security-definer function (CVE-2007-2138). - See <xref linkend="sql-createfunction" - endterm="sql-createfunction-title"> for more information. + See <command>CREATE FUNCTION</> for more information. </para> </listitem> @@ -12843,8 +12839,7 @@ DROP SCHEMA information_schema CASCADE; truly secure value of <varname>search_path</>. Without it, an unprivileged SQL user can use temporary objects to execute code with the privileges of the security-definer function (CVE-2007-2138). - See <xref linkend="sql-createfunction" - endterm="sql-createfunction-title"> for more information. + See <command>CREATE FUNCTION</> for more information. </para> </listitem> -- 2.40.0