From: Tom Lane Date: Mon, 5 Aug 2019 15:49:14 +0000 (-0400) Subject: Last-minute updates for release notes. X-Git-Tag: REL_10_10~1 X-Git-Url: http://git.ipfire.org/?a=commitdiff_plain;h=f61bc0048b6b3a9bac7afd469cb6811d29d29d5d;p=thirdparty%2Fpostgresql.git Last-minute updates for release notes. Security: CVE-2019-10208, CVE-2019-10209 --- diff --git a/doc/src/sgml/release-10.sgml b/doc/src/sgml/release-10.sgml index 453ee1536ca..7b2130e3c19 100644 --- a/doc/src/sgml/release-10.sgml +++ b/doc/src/sgml/release-10.sgml @@ -35,6 +35,36 @@ + + Require schema qualification to cast to a temporary type when using + functional cast syntax (Noah Misch) + + + + We have long required invocations of temporary functions to + explicitly specify the temporary schema, that + is pg_temp.func_name(args). + Require this as well for casting to temporary types using functional + notation, for + example pg_temp.type_name(arg). + Otherwise it's possible to capture a function call using a temporary + object, allowing privilege escalation in much the same ways that we + blocked in CVE-2007-2138. + (CVE-2019-10208) + + + + +