diff options
| author | Tom Lane <tgl@sss.pgh.pa.us> | 2018-02-05 14:43:40 -0500 |
|---|---|---|
| committer | Tom Lane <tgl@sss.pgh.pa.us> | 2018-02-05 14:44:08 -0500 |
| commit | 9a12ac37be9683da09c3dc33d0ee43728ca49517 (patch) | |
| tree | d12335967d94996e8fc4b18bed4097490fb90900 | |
| parent | 0a5dcba2abc68996a22387f1186889447a4126ce (diff) | |
| download | postgresql-9a12ac37be9683da09c3dc33d0ee43728ca49517.tar.gz postgresql-9a12ac37be9683da09c3dc33d0ee43728ca49517.zip | |
Last-minute updates for release notes.
Security: CVE-2018-1052, CVE-2018-1053
| -rw-r--r-- | doc/src/sgml/release-9.3.sgml | 22 | ||||
| -rw-r--r-- | doc/src/sgml/release-9.4.sgml | 22 |
2 files changed, 44 insertions, 0 deletions
diff --git a/doc/src/sgml/release-9.3.sgml b/doc/src/sgml/release-9.3.sgml index 8be44e33f61..6d339db8d33 100644 --- a/doc/src/sgml/release-9.3.sgml +++ b/doc/src/sgml/release-9.3.sgml @@ -35,6 +35,28 @@ <listitem> <para> + Ensure that all temporary files made + by <application>pg_upgrade</application> are non-world-readable + (Tom Lane, Noah Misch) + </para> + + <para> + <application>pg_upgrade</application> normally restricts its + temporary files to be readable and writable only by the calling user. + But the temporary file containing <literal>pg_dumpall -g</literal> + output would be group- or world-readable, or even writable, if the + user's <literal>umask</literal> setting allows. In typical usage on + multi-user machines, the <literal>umask</literal> and/or the working + directory's permissions would be tight enough to prevent problems; + but there may be people using <application>pg_upgrade</application> + in scenarios where this oversight would permit disclosure of database + passwords to unfriendly eyes. + (CVE-2018-1053) + </para> + </listitem> + + <listitem> + <para> Fix vacuuming of tuples that were updated while key-share locked (Andres Freund, Álvaro Herrera) </para> diff --git a/doc/src/sgml/release-9.4.sgml b/doc/src/sgml/release-9.4.sgml index 8817fea473d..da6cf38f70a 100644 --- a/doc/src/sgml/release-9.4.sgml +++ b/doc/src/sgml/release-9.4.sgml @@ -35,6 +35,28 @@ <listitem> <para> + Ensure that all temporary files made + by <application>pg_upgrade</application> are non-world-readable + (Tom Lane, Noah Misch) + </para> + + <para> + <application>pg_upgrade</application> normally restricts its + temporary files to be readable and writable only by the calling user. + But the temporary file containing <literal>pg_dumpall -g</literal> + output would be group- or world-readable, or even writable, if the + user's <literal>umask</literal> setting allows. In typical usage on + multi-user machines, the <literal>umask</literal> and/or the working + directory's permissions would be tight enough to prevent problems; + but there may be people using <application>pg_upgrade</application> + in scenarios where this oversight would permit disclosure of database + passwords to unfriendly eyes. + (CVE-2018-1053) + </para> + </listitem> + + <listitem> + <para> Fix vacuuming of tuples that were updated while key-share locked (Andres Freund, Álvaro Herrera) </para> |