diff options
| author | Tom Lane | 2007-02-02 00:11:14 +0000 |
|---|---|---|
| committer | Tom Lane | 2007-02-02 00:11:14 +0000 |
| commit | c07313161fd11ee0e0283bc51b66ee80fffa008f (patch) | |
| tree | 60ca48b2d74f476356876654111237a16fef9b09 | |
| parent | 6be54294cbfb548a4d0ba1284dc83d2a0c88ca3e (diff) | |
Update release notes for security-related releases in all active branches.
Security: CVE-2007-0555, CVE-2007-0556
| -rw-r--r-- | doc/src/sgml/release.sgml | 64 |
1 files changed, 63 insertions, 1 deletions
diff --git a/doc/src/sgml/release.sgml b/doc/src/sgml/release.sgml index b12fe50a39e..78f0650f91f 100644 --- a/doc/src/sgml/release.sgml +++ b/doc/src/sgml/release.sgml @@ -1,10 +1,72 @@ <!-- -$Header: /cvsroot/pgsql/doc/src/sgml/release.sgml,v 1.163.2.38 2007/01/06 04:15:43 momjian Exp $ +$Header: /cvsroot/pgsql/doc/src/sgml/release.sgml,v 1.163.2.39 2007/02/02 00:11:14 tgl Exp $ --> <appendix id="release"> <title>Release Notes</title> + <sect1 id="release-7-3-18"> + <title>Release 7.3.18</title> + + <note> + <title>Release date</title> + <simpara>2007-02-05</simpara> + </note> + + <para> + This release contains a variety of fixes from 7.3.17, including + a security fix. + </para> + + <sect2> + <title>Migration to version 7.3.18</title> + + <para> + A dump/restore is not required for those running 7.3.X. However, + if you are upgrading from a version earlier than 7.3.13, see the release + notes for 7.3.13. + </para> + + </sect2> + + <sect2> + <title>Changes</title> + + <itemizedlist> + + <listitem> + <para> + Remove security vulnerability that allowed connected users + to read backend memory (Tom) + </para> + <para> + The vulnerability involves changing the + data type of a table column used in a SQL function (CVE-2007-0555). + This error can easily be exploited to cause a backend crash, and in + principle might be used to read database content that the user + should not be able to access. + </para> + </listitem> + + <listitem> + <para> + Fix rare bug wherein btree index page splits could fail + due to choosing an infeasible split point (Heikki Linnakangas) + </para> + </listitem> + + <listitem> + <para> + Tighten security of multi-byte character processing for UTF8 sequences + over three bytes long (Tom) + </para> + </listitem> + + </itemizedlist> + + </sect2> + </sect1> + <sect1 id="release-7-3-17"> <title>Release 7.3.17</title> |