From ecbe349e9128b678311a2b8e328cbe258d7807ed Mon Sep 17 00:00:00 2001
From: Tom Lane
Date: Mon, 5 May 2025 11:29:49 -0400
Subject: Last-minute updates for release notes.

Security: CVE-2025-4207
---
 doc/src/sgml/release-17.sgml | 37 +++++++++++++++++++++++++++++++++++--
 1 file changed, 35 insertions(+), 2 deletions(-)
diff --git a/doc/src/sgml/release-17.sgml b/doc/src/sgml/release-17.sgml
index fdb5205a2bf..dddc3229f94 100644
--- a/doc/src/sgml/release-17.sgml
+++ b/doc/src/sgml/release-17.sgml
@@ -25,13 +25,13 @@
    <para>
     However, if you have any self-referential foreign key constraints on
     partitioned tables, it may be necessary to recreate those constraints
-    to ensure that they are being enforced correctly.  See the first
+    to ensure that they are being enforced correctly.  See the second
     changelog entry below.
    </para>
 
    <para>
     Also, if you have any BRIN bloom indexes, it may be advisable to
-    reindex them after updating.  See the second changelog entry below.
+    reindex them after updating.  See the third changelog entry below.
    </para>
 
    <para>
@@ -47,6 +47,39 @@
 
     <listitem>
 <!--
+Author: Noah Misch <noah@leadboat.com>
+Branch: master [627acc3ca] 2025-05-05 04:52:04 -0700
+Branch: REL_17_STABLE [ec5f89e8a] 2025-05-05 04:52:07 -0700
+Branch: REL_16_STABLE [d1264948f] 2025-05-05 04:52:07 -0700
+Branch: REL_15_STABLE [44ba3f55f] 2025-05-05 04:52:08 -0700
+Branch: REL_14_STABLE [3f2ab7393] 2025-05-05 04:52:08 -0700
+Branch: REL_13_STABLE [cbadeaca9] 2025-05-05 04:52:08 -0700
+Branch: master [5be213caa] 2025-05-05 04:52:04 -0700
+Branch: REL_17_STABLE [617d34908] 2025-05-05 04:52:07 -0700
+Branch: REL_16_STABLE [f3bb0b2c4] 2025-05-05 04:52:07 -0700
+Branch: REL_15_STABLE [45fe7e08f] 2025-05-05 04:52:08 -0700
+Branch: REL_14_STABLE [258cde839] 2025-05-05 04:52:08 -0700
+Branch: REL_13_STABLE [7279e5820] 2025-05-05 04:52:08 -0700
+-->
+     <para>
+      Avoid one-byte buffer overread when examining invalidly-encoded
+      strings that are claimed to be in GB18030 encoding
+      (Noah Misch, Andres Freund)
+      <ulink url="&commit_baseurl;ec5f89e8a">&sect;</ulink>
+      <ulink url="&commit_baseurl;617d34908">&sect;</ulink>
+     </para>
+
+     <para>
+      While unlikely, a SIGSEGV crash could occur if an incomplete
+      multibyte character appeared at the end of memory.  This was
+      possible both in the server and
+      in <application>libpq</application>-using applications.
+      (CVE-2025-4207)
+     </para>
+    </listitem>
+
+    <listitem>
+<!--
 Author: Álvaro Herrera <alvherre@kurilemu.de>
 Branch: master [c83a38758] 2025-05-02 21:25:50 +0200
 Branch: REL_17_STABLE [f51ae3187] 2025-05-02 21:25:50 +0200
-- 
cgit v1.2.3

