diff options
Diffstat (limited to 'doc/src/sgml/release-8.3.sgml')
| -rw-r--r-- | doc/src/sgml/release-8.3.sgml | 13 |
1 files changed, 13 insertions, 0 deletions
diff --git a/doc/src/sgml/release-8.3.sgml b/doc/src/sgml/release-8.3.sgml index 7d9764c9874..43db2ad35ad 100644 --- a/doc/src/sgml/release-8.3.sgml +++ b/doc/src/sgml/release-8.3.sgml @@ -42,6 +42,19 @@ <listitem> <para> + Prevent execution of <function>enum_recv</> from SQL (Tom Lane) + </para> + + <para> + The function was misdeclared, allowing a simple SQL command to crash the + server. In principle an attacker might be able to use it to examine the + contents of server memory. Our thanks to Sumit Soni (via Secunia SVCRP) + for reporting this issue. (CVE-2013-0255) + </para> + </listitem> + + <listitem> + <para> Fix SQL grammar to allow subscripting or field selection from a sub-SELECT result (Tom Lane) </para> |