Last-minute updates for release notes.

Add entries for security and not-quite-security issues. Security: CVE-2015-5288, CVE-2015-5289
author: Tom Lane <tgl@sss.pgh.pa.us> 2015-10-05 10:57:15 -0400
committer: Tom Lane <tgl@sss.pgh.pa.us> 2015-10-05 10:57:48 -0400
commit: dd5502a8d5caf4775e06a31d17641d49250f3d34 (patch)
tree: 8830f52ded30c725e536294aba89bac70d0e9bef
parent: 6cb5bdec09521c16892bf9071a705b47bbfb3fac (diff)
download: postgresql-dd5502a8d5caf4775e06a31d17641d49250f3d34.tar.gz
postgresql-dd5502a8d5caf4775e06a31d17641d49250f3d34.zip
3 files changed, 66 insertions, 0 deletions
diff --git a/doc/src/sgml/release-9.0.sgml b/doc/src/sgml/release-9.0.sgml
index 93198931f88..ef8eb1c9ad2 100644
--- a/doc/src/sgml/release-9.0.sgml
+++ b/doc/src/sgml/release-9.0.sgml
@@ -42,6 +42,20 @@
 
     <listitem>
      <para>
+      Fix <filename>contrib/pgcrypto</> to detect and report
+      too-short <function>crypt()</> salts (Josh Kupershmidt)
+     </para>
+
+     <para>
+      Certain invalid salt arguments crashed the server or disclosed a few
+      bytes of server memory.  We have not ruled out the viability of
+      attacks that arrange for presence of confidential information in the
+      disclosed bytes, but they seem unlikely.  (CVE-2015-5288)
+     </para>
+    </listitem>
+
+    <listitem>
+     <para>
       Fix subtransaction cleanup after a portal (cursor) belonging to an
       outer subtransaction fails (Tom Lane, Michael Paquier)
      </para>
@@ -126,6 +140,14 @@
 
     <listitem>
      <para>
+      Guard against hard-to-reach stack overflows involving record types,
+      range types, <type>json</>, <type>jsonb</>, <type>tsquery</>,
+      <type>ltxtquery</> and <type>query_int</> (Noah Misch)
+     </para>
+    </listitem>
+
+    <listitem>
+     <para>
       Fix handling of <literal>DOW</> and <literal>DOY</> in datetime input
       (Greg Stark)
      </para>
diff --git a/doc/src/sgml/release-9.1.sgml b/doc/src/sgml/release-9.1.sgml
index afffb43969b..fde6b61bced 100644
--- a/doc/src/sgml/release-9.1.sgml
+++ b/doc/src/sgml/release-9.1.sgml
@@ -36,6 +36,20 @@
 
     <listitem>
      <para>
+      Fix <filename>contrib/pgcrypto</> to detect and report
+      too-short <function>crypt()</> salts (Josh Kupershmidt)
+     </para>
+
+     <para>
+      Certain invalid salt arguments crashed the server or disclosed a few
+      bytes of server memory.  We have not ruled out the viability of
+      attacks that arrange for presence of confidential information in the
+      disclosed bytes, but they seem unlikely.  (CVE-2015-5288)
+     </para>
+    </listitem>
+
+    <listitem>
+     <para>
       Fix subtransaction cleanup after a portal (cursor) belonging to an
       outer subtransaction fails (Tom Lane, Michael Paquier)
      </para>
@@ -132,6 +146,14 @@
 
     <listitem>
      <para>
+      Guard against hard-to-reach stack overflows involving record types,
+      range types, <type>json</>, <type>jsonb</>, <type>tsquery</>,
+      <type>ltxtquery</> and <type>query_int</> (Noah Misch)
+     </para>
+    </listitem>
+
+    <listitem>
+     <para>
       Fix handling of <literal>DOW</> and <literal>DOY</> in datetime input
       (Greg Stark)
      </para>
diff --git a/doc/src/sgml/release-9.2.sgml b/doc/src/sgml/release-9.2.sgml
index 676b6554e52..4bfede5bc0e 100644
--- a/doc/src/sgml/release-9.2.sgml
+++ b/doc/src/sgml/release-9.2.sgml
@@ -36,6 +36,20 @@
 
     <listitem>
      <para>
+      Fix <filename>contrib/pgcrypto</> to detect and report
+      too-short <function>crypt()</> salts (Josh Kupershmidt)
+     </para>
+
+     <para>
+      Certain invalid salt arguments crashed the server or disclosed a few
+      bytes of server memory.  We have not ruled out the viability of
+      attacks that arrange for presence of confidential information in the
+      disclosed bytes, but they seem unlikely.  (CVE-2015-5288)
+     </para>
+    </listitem>
+
+    <listitem>
+     <para>
       Fix subtransaction cleanup after a portal (cursor) belonging to an
       outer subtransaction fails (Tom Lane, Michael Paquier)
      </para>
@@ -138,6 +152,14 @@ Branch: REL9_1_STABLE [9b1b9446f] 2015-08-27 12:22:10 -0400
 
     <listitem>
      <para>
+      Guard against hard-to-reach stack overflows involving record types,
+      range types, <type>json</>, <type>jsonb</>, <type>tsquery</>,
+      <type>ltxtquery</> and <type>query_int</> (Noah Misch)
+     </para>
+    </listitem>
+
+    <listitem>
+     <para>
       Fix handling of <literal>DOW</> and <literal>DOY</> in datetime input
       (Greg Stark)
      </para>
author	Tom Lane <tgl@sss.pgh.pa.us>	2015-10-05 10:57:15 -0400
committer	Tom Lane <tgl@sss.pgh.pa.us>	2015-10-05 10:57:48 -0400
commit	dd5502a8d5caf4775e06a31d17641d49250f3d34 (patch)
tree	8830f52ded30c725e536294aba89bac70d0e9bef
parent	6cb5bdec09521c16892bf9071a705b47bbfb3fac (diff)
download	postgresql-dd5502a8d5caf4775e06a31d17641d49250f3d34.tar.gz postgresql-dd5502a8d5caf4775e06a31d17641d49250f3d34.zip