From: Magnus Hagander <magnus@hagander.net>
Date: Wed, 7 Jul 2010 11:26:28 +0000 (+0000)
Subject: Add reference to CVE-2010-1975, that somebody else got assigned to us.
X-Git-Url: http://git.postgresql.org/gitweb/static/gitweb.js?a=commitdiff_plain;h=0b7f7032e9fcaa481735d795c8e77022661199cd;p=pgweb-old.git

Add reference to CVE-2010-1975, that somebody else got assigned to us.



git-svn-id: file:///Users/dpage/pgweb/svn-repo/trunk@2697 8f5c7a92-453e-0410-a47f-ad33c8a6b003
---

diff --git a/portal/template/en/support/security.html b/portal/template/en/support/security.html
index 73b47265..25edced2 100644
--- a/portal/template/en/support/security.html
+++ b/portal/template/en/support/security.html
@@ -62,7 +62,17 @@ to determine if the bug affects specific installations or not.
   </tr>
 
   <tr valign="top">
+   <td class="colFirst"><a href="http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-1975">CVE-2010-1975</a></td>
+   <td class="colMid">8.4, 8.3, 8.2, 8.1, 8.0, 7.4</td>
+   <td class="colMid">8.4.4, 8.3.11, 8.2.17, 8.1.21, 8.0.25, 7.4.29</td>
+   <td class="colMid">core server</td>
+   <td class="colMid">C</td>
+   <td class="colLast">An unprivileged database user can remove superuser-only
+settings that were applied to his account with ALTER USER by a superuser, thus
+bypassing settings that should be enforced.</td>
+  </tr>
 
+  <tr valign="top">
    <td class="colFirst"><a href="http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-1169">CVE-2010-1169</a></td>
    <td class="colMid">8.4, 8.3, 8.2, 8.1, 8.0, 7.4</td>
    <td class="colMid">8.4.4, 8.3.11, 8.2.17, 8.1.21, 8.0.25, 7.4.29</td>