database/postgres
database/postgres
1
0
Fork 0
mirror of https://github.com/postgres/postgres.git synced 2025-04-27 22:56:53 +03:00
Code

Last-minute updates for release notes.

Browse Source 
Security: CVE-2017-12172, CVE-2017-15098, CVE-2017-15099
This commit is contained in:
Tom Lane 2017-11-06 12:02:30 -05:00
parent c0c8807ded
commit fb3930ab1f
2 changed files with 67 additions and 0 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

25
doc/src/sgml/release-9.2.sgml
View File

@ -40,6 +40,31 @@
<itemizedlist> <itemizedlist>
<listitem>
<para>
Fix sample server-start scripts to become <literal>$PGUSER</literal>
before opening <literal>$PGLOG</literal> (Noah Misch)
</para>
<para>
Previously, the postmaster log file was opened while still running as
root. The database owner could therefore mount an attack against
another system user by making <literal>$PGLOG</literal> be a symbolic
link to some other file, which would then become corrupted by appending
log messages.
</para>
<para>
By default, these scripts are not installed anywhere. Users who have
made use of them will need to manually recopy them, or apply the same
changes to their modified versions. If the
existing <literal>$PGLOG</literal> file is root-owned, it will need to
be removed or renamed out of the way before restarting the server with
the corrected script.
(CVE-2017-12172)
</para>
</listitem>
<listitem> <listitem>
<para> <para>
Properly reject attempts to convert infinite float values to Properly reject attempts to convert infinite float values to

42
doc/src/sgml/release-9.3.sgml
View File

@ -34,6 +34,48 @@
<itemizedlist> <itemizedlist>
<listitem>
<para>
Fix crash due to rowtype mismatch
in <function>json{b}_populate_recordset()</function>
(Michael Paquier, Tom Lane)
</para>
<para>
These functions used the result rowtype specified in the <literal>FROM
... AS</literal> clause without checking that it matched the actual
rowtype of the supplied tuple value. If it didn't, that would usually
result in a crash, though disclosure of server memory contents seems
possible as well.
(CVE-2017-15098)
</para>
</listitem>
<listitem>
<para>
Fix sample server-start scripts to become <literal>$PGUSER</literal>
before opening <literal>$PGLOG</literal> (Noah Misch)
</para>
<para>
Previously, the postmaster log file was opened while still running as
root. The database owner could therefore mount an attack against
another system user by making <literal>$PGLOG</literal> be a symbolic
link to some other file, which would then become corrupted by appending
log messages.
</para>
<para>
By default, these scripts are not installed anywhere. Users who have
made use of them will need to manually recopy them, or apply the same
changes to their modified versions. If the
existing <literal>$PGLOG</literal> file is root-owned, it will need to
be removed or renamed out of the way before restarting the server with
the corrected script.
(CVE-2017-12172)
</para>
</listitem>
<listitem> <listitem>
<para> <para>
Properly reject attempts to convert infinite float values to Properly reject attempts to convert infinite float values to