Update release notes for security-related releases in all active branches.

Security: CVE-2007-0555, CVE-2007-0556

doc/src/sgml/release.sgml

@@ -1,10 +1,79 @@
 <!--
-$Header: /cvsroot/pgsql/doc/src/sgml/release.sgml,v 1.235.2.49 2007/01/06 04:17:15 momjian Exp $
+$Header: /cvsroot/pgsql/doc/src/sgml/release.sgml,v 1.235.2.50 2007/02/02 00:11:02 tgl Exp $
 -->
 
 <appendix id="release">
  <title>Release Notes</title>
 
+  <sect1 id="release-7-4-16">
+   <title>Release 7.4.16</title>
+
+   <note>
+   <title>Release date</title>
+   <simpara>2007-02-05</simpara>
+   </note>
+
+   <para>
+    This release contains a variety of fixes from 7.4.15, including
+    a security fix.
+   </para>
+
+   <sect2>
+    <title>Migration to version 7.4.16</title>
+
+    <para>
+     A dump/restore is not required for those running 7.4.X.  However,
+     if you are upgrading from a version earlier than 7.4.11, see the release
+     notes for 7.4.11.
+    </para>
+
+   </sect2>
+
+   <sect2>
+    <title>Changes</title>
+
+    <itemizedlist>
+
+     <listitem>
+     <para>
+      Remove security vulnerability that allowed connected users
+      to read backend memory (Tom)
+     </para>
+     <para>
+      The vulnerability involves suppressing the normal check that a SQL
+      function returns the data type it's declared to, or changing the
+      data type of a table column used in a SQL function (CVE-2007-0555).
+      This error can easily be exploited to cause a backend crash, and in
+      principle might be used to read database content that the user
+      should not be able to access.
+     </para>
+     </listitem>
+
+     <listitem>
+     <para>
+      Fix rare bug wherein btree index page splits could fail
+      due to choosing an infeasible split point (Heikki Linnakangas)
+     </para>
+     </listitem>
+
+     <listitem>
+     <para>
+      Fix for rare Assert() crash triggered by <literal>UNION</> (Tom)
+     </para>
+     </listitem>
+
+     <listitem>
+     <para>
+      Tighten security of multi-byte character processing for UTF8 sequences
+      over three bytes long (Tom)
+     </para>
+     </listitem>
+
+    </itemizedlist>
+
+   </sect2>
+  </sect1>
+ 
   <sect1 id="release-7-4-15">
    <title>Release 7.4.15</title>
 
@@ -3051,6 +3120,68 @@ DROP SCHEMA information_schema CASCADE;
   </sect2>
  </sect1>
 
+  <sect1 id="release-7-3-18">
+   <title>Release 7.3.18</title>
+
+   <note>
+   <title>Release date</title>
+   <simpara>2007-02-05</simpara>
+   </note>
+
+   <para>
+    This release contains a variety of fixes from 7.3.17, including
+    a security fix.
+   </para>
+
+   <sect2>
+    <title>Migration to version 7.3.18</title>
+
+    <para>
+     A dump/restore is not required for those running 7.3.X.  However,
+     if you are upgrading from a version earlier than 7.3.13, see the release
+     notes for 7.3.13.
+    </para>
+
+   </sect2>
+
+   <sect2>
+    <title>Changes</title>
+
+    <itemizedlist>
+
+     <listitem>
+     <para>
+      Remove security vulnerability that allowed connected users
+      to read backend memory (Tom)
+     </para>
+     <para>
+      The vulnerability involves changing the
+      data type of a table column used in a SQL function (CVE-2007-0555).
+      This error can easily be exploited to cause a backend crash, and in
+      principle might be used to read database content that the user
+      should not be able to access.
+     </para>
+     </listitem>
+
+     <listitem>
+     <para>
+      Fix rare bug wherein btree index page splits could fail
+      due to choosing an infeasible split point (Heikki Linnakangas)
+     </para>
+     </listitem>
+
+     <listitem>
+     <para>
+      Tighten security of multi-byte character processing for UTF8 sequences
+      over three bytes long (Tom)
+     </para>
+     </listitem>
+
+    </itemizedlist>
+
+   </sect2>
+  </sect1>
+
   <sect1 id="release-7-3-17">
    <title>Release 7.3.17</title>