diff options
| author | Tom Lane | 2025-11-10 18:36:13 +0000 |
|---|---|---|
| committer | Tom Lane | 2025-11-10 18:36:13 +0000 |
| commit | ee953cd8f0a9325ad67fef94539df8b4201efafe (patch) | |
| tree | 3c66c9d982be9831fe449dca379bc554c0b8d36b | |
| parent | 95cce56696867c7629d12c3ba1da8edd5bedaa8e (diff) | |
Last-minute updates for release notes.
Security: CVE-2025-12817, CVE-2025-12818
| -rw-r--r-- | doc/src/sgml/release-14.sgml | 61 |
1 files changed, 61 insertions, 0 deletions
diff --git a/doc/src/sgml/release-14.sgml b/doc/src/sgml/release-14.sgml index 68c9096fe2f..cf17c2df263 100644 --- a/doc/src/sgml/release-14.sgml +++ b/doc/src/sgml/release-14.sgml @@ -35,6 +35,67 @@ <listitem> <!-- +Author: Nathan Bossart <nathan@postgresql.org> +Branch: master [5e4fcbe53] 2025-11-10 09:00:00 -0600 +Branch: REL_18_STABLE [00eb646ea] 2025-11-10 09:00:00 -0600 +Branch: REL_17_STABLE [e2fb3dfa8] 2025-11-10 09:00:00 -0600 +Branch: REL_16_STABLE [d20abb587] 2025-11-10 09:00:00 -0600 +Branch: REL_15_STABLE [2393d374a] 2025-11-10 09:00:00 -0600 +Branch: REL_14_STABLE [95cce5669] 2025-11-10 09:00:00 -0600 +Branch: REL_13_STABLE [8a2530ebc] 2025-11-10 09:00:00 -0600 +--> + <para> + Check for <literal>CREATE</literal> privileges on the schema + in <command>CREATE STATISTICS</command> (Jelte Fennema-Nio) + <ulink url="&commit_baseurl;95cce5669">§</ulink> + </para> + + <para> + This omission allowed table owners to create statistics in any + schema, potentially leading to unexpected naming conflicts. + </para> + + <para> + The <productname>PostgreSQL</productname> Project thanks + Jelte Fennema-Nio for reporting this problem. + (CVE-2025-12817) + </para> + </listitem> + + <listitem> +<!-- +Author: Jacob Champion <jchampion@postgresql.org> +Branch: master [600086f47] 2025-11-10 06:20:33 -0800 +Branch: REL_18_STABLE [7eb8fcad8] 2025-11-10 06:03:01 -0800 +Branch: REL_17_STABLE [f5999f018] 2025-11-10 06:03:03 -0800 +Branch: REL_16_STABLE [585fd9b3c] 2025-11-10 06:03:04 -0800 +Branch: REL_15_STABLE [91421565f] 2025-11-10 06:03:05 -0800 +Branch: REL_14_STABLE [96d2c7e96] 2025-11-10 06:03:05 -0800 +Branch: REL_13_STABLE [d6f0c0d6d] 2025-11-10 06:03:06 -0800 +--> + <para> + Avoid integer overflow in allocation-size calculations + within <application>libpq</application> (Jacob Champion) + <ulink url="&commit_baseurl;96d2c7e96">§</ulink> + </para> + + <para> + Several places in <application>libpq</application> were not + sufficiently careful about computing the required size of a memory + allocation. Sufficiently large inputs could cause integer overflow, + resulting in an undersized buffer, which would then lead to writing + past the end of the buffer. + </para> + + <para> + The <productname>PostgreSQL</productname> Project thanks Aleksey + Solovev of Positive Technologies for reporting this problem. + (CVE-2025-12818) + </para> + </listitem> + + <listitem> +<!-- Author: Tom Lane <tgl@sss.pgh.pa.us> Branch: master [cdf7feb96] 2025-09-13 16:55:51 -0400 Branch: REL_18_STABLE Release: REL_18_0 [802308693] 2025-09-13 16:55:51 -0400 |