|
1 | 1 | <!-- |
2 | | -$Header: /cvsroot/pgsql/doc/src/sgml/release.sgml,v 1.163.2.38 2007/01/06 04:15:43 momjian Exp $ |
| 2 | +$Header: /cvsroot/pgsql/doc/src/sgml/release.sgml,v 1.163.2.39 2007/02/02 00:11:14 tgl Exp $ |
3 | 3 | --> |
4 | 4 |
|
5 | 5 | <appendix id="release"> |
6 | 6 | <title>Release Notes</title> |
7 | 7 |
|
| 8 | + <sect1 id="release-7-3-18"> |
| 9 | + <title>Release 7.3.18</title> |
| 10 | + |
| 11 | + <note> |
| 12 | + <title>Release date</title> |
| 13 | + <simpara>2007-02-05</simpara> |
| 14 | + </note> |
| 15 | + |
| 16 | + <para> |
| 17 | + This release contains a variety of fixes from 7.3.17, including |
| 18 | + a security fix. |
| 19 | + </para> |
| 20 | + |
| 21 | + <sect2> |
| 22 | + <title>Migration to version 7.3.18</title> |
| 23 | + |
| 24 | + <para> |
| 25 | + A dump/restore is not required for those running 7.3.X. However, |
| 26 | + if you are upgrading from a version earlier than 7.3.13, see the release |
| 27 | + notes for 7.3.13. |
| 28 | + </para> |
| 29 | + |
| 30 | + </sect2> |
| 31 | + |
| 32 | + <sect2> |
| 33 | + <title>Changes</title> |
| 34 | + |
| 35 | + <itemizedlist> |
| 36 | + |
| 37 | + <listitem> |
| 38 | + <para> |
| 39 | + Remove security vulnerability that allowed connected users |
| 40 | + to read backend memory (Tom) |
| 41 | + </para> |
| 42 | + <para> |
| 43 | + The vulnerability involves changing the |
| 44 | + data type of a table column used in a SQL function (CVE-2007-0555). |
| 45 | + This error can easily be exploited to cause a backend crash, and in |
| 46 | + principle might be used to read database content that the user |
| 47 | + should not be able to access. |
| 48 | + </para> |
| 49 | + </listitem> |
| 50 | + |
| 51 | + <listitem> |
| 52 | + <para> |
| 53 | + Fix rare bug wherein btree index page splits could fail |
| 54 | + due to choosing an infeasible split point (Heikki Linnakangas) |
| 55 | + </para> |
| 56 | + </listitem> |
| 57 | + |
| 58 | + <listitem> |
| 59 | + <para> |
| 60 | + Tighten security of multi-byte character processing for UTF8 sequences |
| 61 | + over three bytes long (Tom) |
| 62 | + </para> |
| 63 | + </listitem> |
| 64 | + |
| 65 | + </itemizedlist> |
| 66 | + |
| 67 | + </sect2> |
| 68 | + </sect1> |
| 69 | + |
8 | 70 | <sect1 id="release-7-3-17"> |
9 | 71 | <title>Release 7.3.17</title> |
10 | 72 |
|
|
0 commit comments