Skip to content

Commit 272ede7

Browse files
tglsfdctglsfdc
committed
Last-minute updates for release notes.
Add entries for security and not-quite-security issues. Security: CVE-2015-5288, CVE-2015-5289
1 parent 10cfd6f commit 272ede7

File tree

5 files changed

+183
-0
lines changed

5 files changed

+183
-0
lines changed

doc/src/sgml/release-9.0.sgml

+22
Original file line numberDiff line numberDiff line change
@@ -40,6 +40,20 @@
4040

4141
<itemizedlist>
4242

43+
<listitem>
44+
<para>
45+
Fix <filename>contrib/pgcrypto</> to detect and report
46+
too-short <function>crypt()</> salts (Josh Kupershmidt)
47+
</para>
48+
49+
<para>
50+
Certain invalid salt arguments crashed the server or disclosed a few
51+
bytes of server memory. We have not ruled out the viability of
52+
attacks that arrange for presence of confidential information in the
53+
disclosed bytes, but they seem unlikely. (CVE-2015-5288)
54+
</para>
55+
</listitem>
56+
4357
<listitem>
4458
<para>
4559
Fix subtransaction cleanup after a portal (cursor) belonging to an
@@ -124,6 +138,14 @@
124138
</para>
125139
</listitem>
126140

141+
<listitem>
142+
<para>
143+
Guard against hard-to-reach stack overflows involving record types,
144+
range types, <type>json</>, <type>jsonb</>, <type>tsquery</>,
145+
<type>ltxtquery</> and <type>query_int</> (Noah Misch)
146+
</para>
147+
</listitem>
148+
127149
<listitem>
128150
<para>
129151
Fix handling of <literal>DOW</> and <literal>DOY</> in datetime input

doc/src/sgml/release-9.1.sgml

+22
Original file line numberDiff line numberDiff line change
@@ -34,6 +34,20 @@
3434

3535
<itemizedlist>
3636

37+
<listitem>
38+
<para>
39+
Fix <filename>contrib/pgcrypto</> to detect and report
40+
too-short <function>crypt()</> salts (Josh Kupershmidt)
41+
</para>
42+
43+
<para>
44+
Certain invalid salt arguments crashed the server or disclosed a few
45+
bytes of server memory. We have not ruled out the viability of
46+
attacks that arrange for presence of confidential information in the
47+
disclosed bytes, but they seem unlikely. (CVE-2015-5288)
48+
</para>
49+
</listitem>
50+
3751
<listitem>
3852
<para>
3953
Fix subtransaction cleanup after a portal (cursor) belonging to an
@@ -130,6 +144,14 @@
130144
</para>
131145
</listitem>
132146

147+
<listitem>
148+
<para>
149+
Guard against hard-to-reach stack overflows involving record types,
150+
range types, <type>json</>, <type>jsonb</>, <type>tsquery</>,
151+
<type>ltxtquery</> and <type>query_int</> (Noah Misch)
152+
</para>
153+
</listitem>
154+
133155
<listitem>
134156
<para>
135157
Fix handling of <literal>DOW</> and <literal>DOY</> in datetime input

doc/src/sgml/release-9.2.sgml

+22
Original file line numberDiff line numberDiff line change
@@ -34,6 +34,20 @@
3434

3535
<itemizedlist>
3636

37+
<listitem>
38+
<para>
39+
Fix <filename>contrib/pgcrypto</> to detect and report
40+
too-short <function>crypt()</> salts (Josh Kupershmidt)
41+
</para>
42+
43+
<para>
44+
Certain invalid salt arguments crashed the server or disclosed a few
45+
bytes of server memory. We have not ruled out the viability of
46+
attacks that arrange for presence of confidential information in the
47+
disclosed bytes, but they seem unlikely. (CVE-2015-5288)
48+
</para>
49+
</listitem>
50+
3751
<listitem>
3852
<para>
3953
Fix subtransaction cleanup after a portal (cursor) belonging to an
@@ -136,6 +150,14 @@ Branch: REL9_1_STABLE [9b1b9446f] 2015-08-27 12:22:10 -0400
136150
</para>
137151
</listitem>
138152

153+
<listitem>
154+
<para>
155+
Guard against hard-to-reach stack overflows involving record types,
156+
range types, <type>json</>, <type>jsonb</>, <type>tsquery</>,
157+
<type>ltxtquery</> and <type>query_int</> (Noah Misch)
158+
</para>
159+
</listitem>
160+
139161
<listitem>
140162
<para>
141163
Fix handling of <literal>DOW</> and <literal>DOY</> in datetime input

doc/src/sgml/release-9.3.sgml

+36
Original file line numberDiff line numberDiff line change
@@ -34,6 +34,34 @@
3434

3535
<itemizedlist>
3636

37+
<listitem>
38+
<para>
39+
Guard against stack overflows in <type>json</> parsing
40+
(Oskari Saarenmaa)
41+
</para>
42+
43+
<para>
44+
If an application constructs PostgreSQL <type>json</>
45+
or <type>jsonb</> values from arbitrary user input, the application's
46+
users can reliably crash the PostgreSQL server, causing momentary
47+
denial of service. (CVE-2015-5289)
48+
</para>
49+
</listitem>
50+
51+
<listitem>
52+
<para>
53+
Fix <filename>contrib/pgcrypto</> to detect and report
54+
too-short <function>crypt()</> salts (Josh Kupershmidt)
55+
</para>
56+
57+
<para>
58+
Certain invalid salt arguments crashed the server or disclosed a few
59+
bytes of server memory. We have not ruled out the viability of
60+
attacks that arrange for presence of confidential information in the
61+
disclosed bytes, but they seem unlikely. (CVE-2015-5288)
62+
</para>
63+
</listitem>
64+
3765
<listitem>
3866
<para>
3967
Fix subtransaction cleanup after a portal (cursor) belonging to an
@@ -146,6 +174,14 @@
146174
</para>
147175
</listitem>
148176

177+
<listitem>
178+
<para>
179+
Guard against hard-to-reach stack overflows involving record types,
180+
range types, <type>json</>, <type>jsonb</>, <type>tsquery</>,
181+
<type>ltxtquery</> and <type>query_int</> (Noah Misch)
182+
</para>
183+
</listitem>
184+
149185
<listitem>
150186
<para>
151187
Fix handling of <literal>DOW</> and <literal>DOY</> in datetime input

doc/src/sgml/release-9.4.sgml

+81
Original file line numberDiff line numberDiff line change
@@ -33,6 +33,53 @@
3333

3434
<itemizedlist>
3535

36+
<!--
37+
Author: Noah Misch <noah@leadboat.com>
38+
Branch: master [08fa47c48] 2015-10-05 10:06:29 -0400
39+
Branch: REL9_5_STABLE [98f30d2e5] 2015-10-05 10:06:33 -0400
40+
Branch: REL9_4_STABLE [16d58b5b5] 2015-10-05 10:06:34 -0400
41+
Branch: REL9_3_STABLE [f8862172e] 2015-10-05 10:06:34 -0400
42+
-->
43+
44+
<listitem>
45+
<para>
46+
Guard against stack overflows in <type>json</> parsing
47+
(Oskari Saarenmaa)
48+
</para>
49+
50+
<para>
51+
If an application constructs PostgreSQL <type>json</>
52+
or <type>jsonb</> values from arbitrary user input, the application's
53+
users can reliably crash the PostgreSQL server, causing momentary
54+
denial of service. (CVE-2015-5289)
55+
</para>
56+
</listitem>
57+
58+
<!--
59+
Author: Noah Misch <noah@leadboat.com>
60+
Branch: master [1d812c8b0] 2015-10-05 10:06:29 -0400
61+
Branch: REL9_5_STABLE [4d6752277] 2015-10-05 10:06:33 -0400
62+
Branch: REL9_4_STABLE [4d95419e8] 2015-10-05 10:06:34 -0400
63+
Branch: REL9_3_STABLE [cc1210f0a] 2015-10-05 10:06:34 -0400
64+
Branch: REL9_2_STABLE [56232f987] 2015-10-05 10:06:35 -0400
65+
Branch: REL9_1_STABLE [48f6310bc] 2015-10-05 10:06:35 -0400
66+
Branch: REL9_0_STABLE [188e081ef] 2015-10-05 10:06:36 -0400
67+
-->
68+
69+
<listitem>
70+
<para>
71+
Fix <filename>contrib/pgcrypto</> to detect and report
72+
too-short <function>crypt()</> salts (Josh Kupershmidt)
73+
</para>
74+
75+
<para>
76+
Certain invalid salt arguments crashed the server or disclosed a few
77+
bytes of server memory. We have not ruled out the viability of
78+
attacks that arrange for presence of confidential information in the
79+
disclosed bytes, but they seem unlikely. (CVE-2015-5288)
80+
</para>
81+
</listitem>
82+
3683
<!--
3784
Author: Tom Lane <tgl@sss.pgh.pa.us>
3885
Branch: master [c5454f99c] 2015-09-04 13:37:14 -0400
@@ -201,6 +248,13 @@ Branch: REL9_3_STABLE [fee2275ae] 2015-09-24 14:53:33 +0200
201248
Branch: REL9_2_STABLE [f12932dd4] 2015-09-24 14:53:33 +0200
202249
Branch: REL9_1_STABLE [ff090bbb7] 2015-09-24 14:53:33 +0200
203250
Branch: REL9_0_STABLE [078d471a9] 2015-09-24 14:53:33 +0200
251+
Branch: master [2596d705b] 2015-10-05 11:53:43 +0200
252+
Branch: REL9_5_STABLE [0577821b5] 2015-10-05 11:56:58 +0200
253+
Branch: REL9_4_STABLE [13ac4c035] 2015-10-05 11:57:07 +0200
254+
Branch: REL9_3_STABLE [393341714] 2015-10-05 11:57:11 +0200
255+
Branch: REL9_2_STABLE [e07cfef34] 2015-10-05 11:57:15 +0200
256+
Branch: REL9_1_STABLE [7116a3e98] 2015-10-05 11:57:20 +0200
257+
Branch: REL9_0_STABLE [eeb0b7830] 2015-10-05 11:57:25 +0200
204258
-->
205259

206260
<listitem>
@@ -266,6 +320,33 @@ Branch: REL9_0_STABLE [a89781e34] 2015-09-21 12:12:16 -0400
266320
</para>
267321
</listitem>
268322

323+
<!--
324+
Author: Noah Misch <noah@leadboat.com>
325+
Branch: master [30cb12881] 2015-10-05 10:06:29 -0400
326+
Branch: REL9_5_STABLE [acf0da1e6] 2015-10-05 10:06:33 -0400
327+
Branch: REL9_4_STABLE [a0c02ed5b] 2015-10-05 10:06:34 -0400
328+
Branch: REL9_3_STABLE [9286ff78f] 2015-10-05 10:06:34 -0400
329+
Branch: REL9_2_STABLE [5e43130b5] 2015-10-05 10:06:35 -0400
330+
Branch: REL9_1_STABLE [9581e2699] 2015-10-05 10:06:35 -0400
331+
Branch: REL9_0_STABLE [0398e071a] 2015-10-05 10:06:36 -0400
332+
Branch: master [5976097c0] 2015-10-05 10:06:30 -0400
333+
Branch: REL9_5_STABLE [7bed97d48] 2015-10-05 10:06:33 -0400
334+
Branch: REL9_4_STABLE [bed3f6d03] 2015-10-05 10:06:34 -0400
335+
Branch: REL9_3_STABLE [28dea9485] 2015-10-05 10:06:34 -0400
336+
Branch: REL9_2_STABLE [ea68c221f] 2015-10-05 10:06:35 -0400
337+
Branch: REL9_1_STABLE [879877b00] 2015-10-05 10:06:35 -0400
338+
Branch: REL9_0_STABLE [682a25d41] 2015-10-05 10:06:36 -0400
339+
Branch: REL9_2_STABLE [8dacb29ca] 2015-10-05 10:06:35 -0400
340+
-->
341+
342+
<listitem>
343+
<para>
344+
Guard against hard-to-reach stack overflows involving record types,
345+
range types, <type>json</>, <type>jsonb</>, <type>tsquery</>,
346+
<type>ltxtquery</> and <type>query_int</> (Noah Misch)
347+
</para>
348+
</listitem>
349+
269350
<!--
270351
Author: Greg Stark <stark@mit.edu>
271352
Branch: master [258ee1b63] 2015-09-06 03:35:56 +0100

0 commit comments

Comments
 (0)