mirror of
				https://github.com/postgres/postgres.git
				synced 2025-10-25 13:17:41 +03:00 
			
		
		
		
	Last-minute updates for release notes.
Add entries for security and not-quite-security issues. Security: CVE-2015-5288, CVE-2015-5289
This commit is contained in:
		| @@ -40,6 +40,20 @@ | |||||||
|  |  | ||||||
|    <itemizedlist> |    <itemizedlist> | ||||||
|  |  | ||||||
|  |     <listitem> | ||||||
|  |      <para> | ||||||
|  |       Fix <filename>contrib/pgcrypto</> to detect and report | ||||||
|  |       too-short <function>crypt()</> salts (Josh Kupershmidt) | ||||||
|  |      </para> | ||||||
|  |  | ||||||
|  |      <para> | ||||||
|  |       Certain invalid salt arguments crashed the server or disclosed a few | ||||||
|  |       bytes of server memory.  We have not ruled out the viability of | ||||||
|  |       attacks that arrange for presence of confidential information in the | ||||||
|  |       disclosed bytes, but they seem unlikely.  (CVE-2015-5288) | ||||||
|  |      </para> | ||||||
|  |     </listitem> | ||||||
|  |  | ||||||
|     <listitem> |     <listitem> | ||||||
|      <para> |      <para> | ||||||
|       Fix subtransaction cleanup after a portal (cursor) belonging to an |       Fix subtransaction cleanup after a portal (cursor) belonging to an | ||||||
| @@ -124,6 +138,14 @@ | |||||||
|      </para> |      </para> | ||||||
|     </listitem> |     </listitem> | ||||||
|  |  | ||||||
|  |     <listitem> | ||||||
|  |      <para> | ||||||
|  |       Guard against hard-to-reach stack overflows involving record types, | ||||||
|  |       range types, <type>json</>, <type>jsonb</>, <type>tsquery</>, | ||||||
|  |       <type>ltxtquery</> and <type>query_int</> (Noah Misch) | ||||||
|  |      </para> | ||||||
|  |     </listitem> | ||||||
|  |  | ||||||
|     <listitem> |     <listitem> | ||||||
|      <para> |      <para> | ||||||
|       Fix handling of <literal>DOW</> and <literal>DOY</> in datetime input |       Fix handling of <literal>DOW</> and <literal>DOY</> in datetime input | ||||||
|   | |||||||
| @@ -34,6 +34,20 @@ | |||||||
|  |  | ||||||
|    <itemizedlist> |    <itemizedlist> | ||||||
|  |  | ||||||
|  |     <listitem> | ||||||
|  |      <para> | ||||||
|  |       Fix <filename>contrib/pgcrypto</> to detect and report | ||||||
|  |       too-short <function>crypt()</> salts (Josh Kupershmidt) | ||||||
|  |      </para> | ||||||
|  |  | ||||||
|  |      <para> | ||||||
|  |       Certain invalid salt arguments crashed the server or disclosed a few | ||||||
|  |       bytes of server memory.  We have not ruled out the viability of | ||||||
|  |       attacks that arrange for presence of confidential information in the | ||||||
|  |       disclosed bytes, but they seem unlikely.  (CVE-2015-5288) | ||||||
|  |      </para> | ||||||
|  |     </listitem> | ||||||
|  |  | ||||||
|     <listitem> |     <listitem> | ||||||
|      <para> |      <para> | ||||||
|       Fix subtransaction cleanup after a portal (cursor) belonging to an |       Fix subtransaction cleanup after a portal (cursor) belonging to an | ||||||
| @@ -130,6 +144,14 @@ | |||||||
|      </para> |      </para> | ||||||
|     </listitem> |     </listitem> | ||||||
|  |  | ||||||
|  |     <listitem> | ||||||
|  |      <para> | ||||||
|  |       Guard against hard-to-reach stack overflows involving record types, | ||||||
|  |       range types, <type>json</>, <type>jsonb</>, <type>tsquery</>, | ||||||
|  |       <type>ltxtquery</> and <type>query_int</> (Noah Misch) | ||||||
|  |      </para> | ||||||
|  |     </listitem> | ||||||
|  |  | ||||||
|     <listitem> |     <listitem> | ||||||
|      <para> |      <para> | ||||||
|       Fix handling of <literal>DOW</> and <literal>DOY</> in datetime input |       Fix handling of <literal>DOW</> and <literal>DOY</> in datetime input | ||||||
|   | |||||||
| @@ -34,6 +34,20 @@ | |||||||
|  |  | ||||||
|    <itemizedlist> |    <itemizedlist> | ||||||
|  |  | ||||||
|  |     <listitem> | ||||||
|  |      <para> | ||||||
|  |       Fix <filename>contrib/pgcrypto</> to detect and report | ||||||
|  |       too-short <function>crypt()</> salts (Josh Kupershmidt) | ||||||
|  |      </para> | ||||||
|  |  | ||||||
|  |      <para> | ||||||
|  |       Certain invalid salt arguments crashed the server or disclosed a few | ||||||
|  |       bytes of server memory.  We have not ruled out the viability of | ||||||
|  |       attacks that arrange for presence of confidential information in the | ||||||
|  |       disclosed bytes, but they seem unlikely.  (CVE-2015-5288) | ||||||
|  |      </para> | ||||||
|  |     </listitem> | ||||||
|  |  | ||||||
|     <listitem> |     <listitem> | ||||||
|      <para> |      <para> | ||||||
|       Fix subtransaction cleanup after a portal (cursor) belonging to an |       Fix subtransaction cleanup after a portal (cursor) belonging to an | ||||||
| @@ -136,6 +150,14 @@ Branch: REL9_1_STABLE [9b1b9446f] 2015-08-27 12:22:10 -0400 | |||||||
|      </para> |      </para> | ||||||
|     </listitem> |     </listitem> | ||||||
|  |  | ||||||
|  |     <listitem> | ||||||
|  |      <para> | ||||||
|  |       Guard against hard-to-reach stack overflows involving record types, | ||||||
|  |       range types, <type>json</>, <type>jsonb</>, <type>tsquery</>, | ||||||
|  |       <type>ltxtquery</> and <type>query_int</> (Noah Misch) | ||||||
|  |      </para> | ||||||
|  |     </listitem> | ||||||
|  |  | ||||||
|     <listitem> |     <listitem> | ||||||
|      <para> |      <para> | ||||||
|       Fix handling of <literal>DOW</> and <literal>DOY</> in datetime input |       Fix handling of <literal>DOW</> and <literal>DOY</> in datetime input | ||||||
|   | |||||||
| @@ -34,6 +34,34 @@ | |||||||
|  |  | ||||||
|    <itemizedlist> |    <itemizedlist> | ||||||
|  |  | ||||||
|  |     <listitem> | ||||||
|  |      <para> | ||||||
|  |       Guard against stack overflows in <type>json</> parsing | ||||||
|  |       (Oskari Saarenmaa) | ||||||
|  |      </para> | ||||||
|  |  | ||||||
|  |      <para> | ||||||
|  |       If an application constructs PostgreSQL <type>json</> | ||||||
|  |       or <type>jsonb</> values from arbitrary user input, the application's | ||||||
|  |       users can reliably crash the PostgreSQL server, causing momentary | ||||||
|  |       denial of service.  (CVE-2015-5289) | ||||||
|  |      </para> | ||||||
|  |     </listitem> | ||||||
|  |  | ||||||
|  |     <listitem> | ||||||
|  |      <para> | ||||||
|  |       Fix <filename>contrib/pgcrypto</> to detect and report | ||||||
|  |       too-short <function>crypt()</> salts (Josh Kupershmidt) | ||||||
|  |      </para> | ||||||
|  |  | ||||||
|  |      <para> | ||||||
|  |       Certain invalid salt arguments crashed the server or disclosed a few | ||||||
|  |       bytes of server memory.  We have not ruled out the viability of | ||||||
|  |       attacks that arrange for presence of confidential information in the | ||||||
|  |       disclosed bytes, but they seem unlikely.  (CVE-2015-5288) | ||||||
|  |      </para> | ||||||
|  |     </listitem> | ||||||
|  |  | ||||||
|     <listitem> |     <listitem> | ||||||
|      <para> |      <para> | ||||||
|       Fix subtransaction cleanup after a portal (cursor) belonging to an |       Fix subtransaction cleanup after a portal (cursor) belonging to an | ||||||
| @@ -146,6 +174,14 @@ | |||||||
|      </para> |      </para> | ||||||
|     </listitem> |     </listitem> | ||||||
|  |  | ||||||
|  |     <listitem> | ||||||
|  |      <para> | ||||||
|  |       Guard against hard-to-reach stack overflows involving record types, | ||||||
|  |       range types, <type>json</>, <type>jsonb</>, <type>tsquery</>, | ||||||
|  |       <type>ltxtquery</> and <type>query_int</> (Noah Misch) | ||||||
|  |      </para> | ||||||
|  |     </listitem> | ||||||
|  |  | ||||||
|     <listitem> |     <listitem> | ||||||
|      <para> |      <para> | ||||||
|       Fix handling of <literal>DOW</> and <literal>DOY</> in datetime input |       Fix handling of <literal>DOW</> and <literal>DOY</> in datetime input | ||||||
|   | |||||||
		Reference in New Issue
	
	Block a user