diff options
| -rw-r--r-- | doc/src/sgml/release-9.0.sgml | 22 | ||||
| -rw-r--r-- | doc/src/sgml/release-9.1.sgml | 22 | ||||
| -rw-r--r-- | doc/src/sgml/release-9.2.sgml | 22 |
3 files changed, 66 insertions, 0 deletions
diff --git a/doc/src/sgml/release-9.0.sgml b/doc/src/sgml/release-9.0.sgml index 93198931f88..ef8eb1c9ad2 100644 --- a/doc/src/sgml/release-9.0.sgml +++ b/doc/src/sgml/release-9.0.sgml @@ -42,6 +42,20 @@ <listitem> <para> + Fix <filename>contrib/pgcrypto</> to detect and report + too-short <function>crypt()</> salts (Josh Kupershmidt) + </para> + + <para> + Certain invalid salt arguments crashed the server or disclosed a few + bytes of server memory. We have not ruled out the viability of + attacks that arrange for presence of confidential information in the + disclosed bytes, but they seem unlikely. (CVE-2015-5288) + </para> + </listitem> + + <listitem> + <para> Fix subtransaction cleanup after a portal (cursor) belonging to an outer subtransaction fails (Tom Lane, Michael Paquier) </para> @@ -126,6 +140,14 @@ <listitem> <para> + Guard against hard-to-reach stack overflows involving record types, + range types, <type>json</>, <type>jsonb</>, <type>tsquery</>, + <type>ltxtquery</> and <type>query_int</> (Noah Misch) + </para> + </listitem> + + <listitem> + <para> Fix handling of <literal>DOW</> and <literal>DOY</> in datetime input (Greg Stark) </para> diff --git a/doc/src/sgml/release-9.1.sgml b/doc/src/sgml/release-9.1.sgml index afffb43969b..fde6b61bced 100644 --- a/doc/src/sgml/release-9.1.sgml +++ b/doc/src/sgml/release-9.1.sgml @@ -36,6 +36,20 @@ <listitem> <para> + Fix <filename>contrib/pgcrypto</> to detect and report + too-short <function>crypt()</> salts (Josh Kupershmidt) + </para> + + <para> + Certain invalid salt arguments crashed the server or disclosed a few + bytes of server memory. We have not ruled out the viability of + attacks that arrange for presence of confidential information in the + disclosed bytes, but they seem unlikely. (CVE-2015-5288) + </para> + </listitem> + + <listitem> + <para> Fix subtransaction cleanup after a portal (cursor) belonging to an outer subtransaction fails (Tom Lane, Michael Paquier) </para> @@ -132,6 +146,14 @@ <listitem> <para> + Guard against hard-to-reach stack overflows involving record types, + range types, <type>json</>, <type>jsonb</>, <type>tsquery</>, + <type>ltxtquery</> and <type>query_int</> (Noah Misch) + </para> + </listitem> + + <listitem> + <para> Fix handling of <literal>DOW</> and <literal>DOY</> in datetime input (Greg Stark) </para> diff --git a/doc/src/sgml/release-9.2.sgml b/doc/src/sgml/release-9.2.sgml index 676b6554e52..4bfede5bc0e 100644 --- a/doc/src/sgml/release-9.2.sgml +++ b/doc/src/sgml/release-9.2.sgml @@ -36,6 +36,20 @@ <listitem> <para> + Fix <filename>contrib/pgcrypto</> to detect and report + too-short <function>crypt()</> salts (Josh Kupershmidt) + </para> + + <para> + Certain invalid salt arguments crashed the server or disclosed a few + bytes of server memory. We have not ruled out the viability of + attacks that arrange for presence of confidential information in the + disclosed bytes, but they seem unlikely. (CVE-2015-5288) + </para> + </listitem> + + <listitem> + <para> Fix subtransaction cleanup after a portal (cursor) belonging to an outer subtransaction fails (Tom Lane, Michael Paquier) </para> @@ -138,6 +152,14 @@ Branch: REL9_1_STABLE [9b1b9446f] 2015-08-27 12:22:10 -0400 <listitem> <para> + Guard against hard-to-reach stack overflows involving record types, + range types, <type>json</>, <type>jsonb</>, <type>tsquery</>, + <type>ltxtquery</> and <type>query_int</> (Noah Misch) + </para> + </listitem> + + <listitem> + <para> Fix handling of <literal>DOW</> and <literal>DOY</> in datetime input (Greg Stark) </para> |