diff options
| -rw-r--r-- | doc/src/sgml/release-14.sgml | 86 |
1 files changed, 85 insertions, 1 deletions
diff --git a/doc/src/sgml/release-14.sgml b/doc/src/sgml/release-14.sgml index e2a70b5f839..0c76ddd2c95 100644 --- a/doc/src/sgml/release-14.sgml +++ b/doc/src/sgml/release-14.sgml @@ -25,7 +25,7 @@ <para> However, note that installations using physical replication should update standby servers before the primary server, as explained in - the first changelog entry below. + the third changelog entry below. </para> <para> @@ -43,6 +43,74 @@ <listitem> <!-- +Author: Tom Lane <tgl@sss.pgh.pa.us> +Branch: master [28e241255] 2021-11-08 11:01:43 -0500 +Branch: REL_14_STABLE [9d5a76b8d] 2021-11-08 11:01:43 -0500 +Branch: REL_13_STABLE [e92ed93e8] 2021-11-08 11:01:43 -0500 +Branch: REL_12_STABLE [d1bd26740] 2021-11-08 11:01:43 -0500 +Branch: REL_11_STABLE [9394fb828] 2021-11-08 11:01:43 -0500 +Branch: REL_10_STABLE [9ae0f1112] 2021-11-08 11:01:43 -0500 +Branch: REL9_6_STABLE [046c2c846] 2021-11-08 11:01:43 -0500 +--> + <para> + Make the server reject extraneous data after an SSL or GSS + encryption handshake (Tom Lane) + </para> + + <para> + A man-in-the-middle with the ability to inject data into the TCP + connection could stuff some cleartext data into the start of a + supposedly encryption-protected database session. + This could be abused to send faked SQL commands to the server, + although that would only work if the server did not demand any + authentication data. (However, a server relying on SSL certificate + authentication might well not do so.) + </para> + + <para> + The <productname>PostgreSQL</productname> Project thanks + Jacob Champion for reporting this problem. + (CVE-2021-23214) + </para> + </listitem> + + <listitem> +<!-- +Author: Tom Lane <tgl@sss.pgh.pa.us> +Branch: master [160c02588] 2021-11-08 11:14:56 -0500 +Branch: REL_14_STABLE [30547d791] 2021-11-08 11:14:56 -0500 +Branch: REL_13_STABLE [844b31692] 2021-11-08 11:14:56 -0500 +Branch: REL_12_STABLE [36bb95ef2] 2021-11-08 11:14:56 -0500 +Branch: REL_11_STABLE [a021a1d2a] 2021-11-08 11:14:56 -0500 +Branch: REL_10_STABLE [e65d9c8cd] 2021-11-08 11:14:56 -0500 +Branch: REL9_6_STABLE [d83cdfdca] 2021-11-08 11:14:57 -0500 +--> + <para> + Make <application>libpq</application> reject extraneous data after + an SSL or GSS encryption handshake (Tom Lane) + </para> + + <para> + A man-in-the-middle with the ability to inject data into the TCP + connection could stuff some cleartext data into the start of a + supposedly encryption-protected database session. + This could probably be abused to inject faked responses to the + client's first few queries, although other details of libpq's + behavior make that harder than it sounds. A different line of + attack is to exfiltrate the client's password, or other sensitive + data that might be sent early in the session. That has been shown + to be possible with a server vulnerable to CVE-2021-23214. + </para> + + <para> + The <productname>PostgreSQL</productname> Project thanks + Jacob Champion for reporting this problem. + (CVE-2021-23222) + </para> + </listitem> + + <listitem> +<!-- Author: Alvaro Herrera <alvherre@alvh.no-ip.org> Branch: master [ff9f111bc] 2021-09-29 11:21:51 -0300 Branch: REL_14_STABLE [64a8687a6] 2021-09-29 11:41:01 -0300 @@ -338,6 +406,22 @@ Branch: REL9_6_STABLE [0de8f9bc8] 2021-10-06 13:24:22 +0100 <listitem> <!-- +Author: David Rowley <drowley@postgresql.org> +Branch: master [39a310567] 2021-11-08 14:40:33 +1300 +Branch: REL_14_STABLE [1f194ed6c] 2021-11-08 14:41:13 +1300 +--> + <para> + Avoid choosing the wrong hash equality operator for Memoize plans + (David Rowley) + </para> + + <para> + This error could result in crashes or incorrect query results. + </para> + </listitem> + + <listitem> +<!-- Author: Tom Lane <tgl@sss.pgh.pa.us> Branch: master [4d5f651f1] 2021-10-14 12:43:55 -0400 Branch: REL_14_STABLE [fd059ac2e] 2021-10-14 12:43:43 -0400 |