diff options
| author | Tom Lane <tgl@sss.pgh.pa.us> | 2007-04-20 03:27:34 +0000 |
|---|---|---|
| committer | Tom Lane <tgl@sss.pgh.pa.us> | 2007-04-20 03:27:34 +0000 |
| commit | ce8a3e6c88bde941225b6c984da7d706f7840b3d (patch) | |
| tree | 4c1c135d205e02513f60be70601b217cf39e53f7 | |
| parent | e05d9875b239c89d3eb25d0a86811ab24791d2c3 (diff) | |
| download | postgresql-REL8_2_4.tar.gz | |
Fix markup.REL8_2_4
Security: CVE-2007-2138
| -rw-r--r-- | doc/src/sgml/release.sgml | 17 |
1 files changed, 6 insertions, 11 deletions
diff --git a/doc/src/sgml/release.sgml b/doc/src/sgml/release.sgml index 4ba9933532..8322df7759 100644 --- a/doc/src/sgml/release.sgml +++ b/doc/src/sgml/release.sgml @@ -1,4 +1,4 @@ -<!-- $PostgreSQL: pgsql/doc/src/sgml/release.sgml,v 1.488.2.9 2007/04/20 02:37:48 tgl Exp $ --> +<!-- $PostgreSQL: pgsql/doc/src/sgml/release.sgml,v 1.488.2.10 2007/04/20 03:27:34 tgl Exp $ --> <!-- Typical markup: @@ -73,8 +73,7 @@ do it for earlier branch release files. truly secure value of <varname>search_path</>. Without it, an unprivileged SQL user can use temporary objects to execute code with the privileges of the security-definer function (CVE-2007-2138). - See <xref linkend="sql-createfunction" - endterm="sql-createfunction-title"> for more information. + See <command>CREATE FUNCTION</> for more information. </para> </listitem> @@ -3106,8 +3105,7 @@ do it for earlier branch release files. truly secure value of <varname>search_path</>. Without it, an unprivileged SQL user can use temporary objects to execute code with the privileges of the security-definer function (CVE-2007-2138). - See <xref linkend="sql-createfunction" - endterm="sql-createfunction-title"> for more information. + See <command>CREATE FUNCTION</> for more information. </para> </listitem> @@ -6146,8 +6144,7 @@ psql -t -f fixseq.sql db1 | psql -e db1 truly secure value of <varname>search_path</>. Without it, an unprivileged SQL user can use temporary objects to execute code with the privileges of the security-definer function (CVE-2007-2138). - See <xref linkend="sql-createfunction" - endterm="sql-createfunction-title"> for more information. + See <command>CREATE FUNCTION</> for more information. </para> </listitem> @@ -9656,8 +9653,7 @@ typedefs (Michael)</para></listitem> truly secure value of <varname>search_path</>. Without it, an unprivileged SQL user can use temporary objects to execute code with the privileges of the security-definer function (CVE-2007-2138). - See <xref linkend="sql-createfunction" - endterm="sql-createfunction-title"> for more information. + See <command>CREATE FUNCTION</> for more information. </para> </listitem> @@ -12843,8 +12839,7 @@ DROP SCHEMA information_schema CASCADE; truly secure value of <varname>search_path</>. Without it, an unprivileged SQL user can use temporary objects to execute code with the privileges of the security-definer function (CVE-2007-2138). - See <xref linkend="sql-createfunction" - endterm="sql-createfunction-title"> for more information. + See <command>CREATE FUNCTION</> for more information. </para> </listitem> |