diff options
author | Tom Lane <tgl@sss.pgh.pa.us> | 2019-05-06 12:45:59 -0400 |
---|---|---|
committer | Tom Lane <tgl@sss.pgh.pa.us> | 2019-05-06 12:45:59 -0400 |
commit | ffe69b4afdae8284ad3f0d4c57640f077799cfa9 (patch) | |
tree | e9daf503738f67333887d4d9a88fb263be3d3cac | |
parent | 54ff9fa588fb85f3e192bb7fe365d9db2eeed8a9 (diff) | |
download | postgresql-ffe69b4afdae8284ad3f0d4c57640f077799cfa9.tar.gz |
Last-minute updates for release notes.
Security: CVE-2019-10129, CVE-2019-10130
-rw-r--r-- | doc/src/sgml/release-9.4.sgml | 17 |
1 files changed, 17 insertions, 0 deletions
diff --git a/doc/src/sgml/release-9.4.sgml b/doc/src/sgml/release-9.4.sgml index c55c194266..9bec0bf558 100644 --- a/doc/src/sgml/release-9.4.sgml +++ b/doc/src/sgml/release-9.4.sgml @@ -161,6 +161,23 @@ <listitem> <para> + Check the appropriate user's permissions when enforcing rules about + letting a leaky operator see <structname>pg_statistic</structname> + data (Dean Rasheed) + </para> + + <para> + When an underlying table is being accessed via a view, consider the + privileges of the view owner while deciding whether leaky operators + may be applied to the table's statistics data, rather than the + privileges of the user making the query. This makes the planner's + rules about what data is visible match up with the executor's, + avoiding unnecessarily-poor plans. + </para> + </listitem> + + <listitem> + <para> Avoid O(N^2) performance issue when rolling back a transaction that created many tables (Tomas Vondra) </para> |