From 82942036372f93eade0ca8d974e7d979f366819e Mon Sep 17 00:00:00 2001
From: Tom Lane <tgl@sss.pgh.pa.us>
Date: Fri, 20 Apr 2007 03:10:51 +0000
Subject: [PATCH] Fix markup.

Security: CVE-2007-2138
---
 doc/src/sgml/ref/create_function.sgml | 4 ++--
 1 file changed, 2 insertions(+), 2 deletions(-)

diff --git a/doc/src/sgml/ref/create_function.sgml b/doc/src/sgml/ref/create_function.sgml
index 42553f52203..8adf939952b 100644
--- a/doc/src/sgml/ref/create_function.sgml
+++ b/doc/src/sgml/ref/create_function.sgml
@@ -1,5 +1,5 @@
 <!--
-$Header: /cvsroot/pgsql/doc/src/sgml/ref/create_function.sgml,v 1.53.2.2 2007/04/20 02:38:44 tgl Exp $
+$Header: /cvsroot/pgsql/doc/src/sgml/ref/create_function.sgml,v 1.53.2.3 2007/04/20 03:10:51 tgl Exp $
 -->
 
 <refentry id="SQL-CREATEFUNCTION">
@@ -389,7 +389,7 @@ CREATE FUNCTION add(integer, integer) RETURNS integer
     Because a <literal>SECURITY DEFINER</literal> function is executed
     with the privileges of the user that created it, care is needed to
     ensure that the function cannot be misused.  For security,
-    <xref linkend="guc-search-path"> should be set to exclude any schemas
+    <varname>search_path</> should be set to exclude any schemas
     writable by untrusted users.  This prevents
     malicious users from creating objects that mask objects used by the
     function.  Particularly important is in this regard is the