Received: from malur.postgresql.org ([217.196.149.56])
	by arkaria.postgresql.org with esmtps  (TLS1.3) tls
 TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384
	(Exim 4.96)
	(envelope-from <pgsql-docs-owner+archive@lists.postgresql.org>)
	id 1wO0mp-001FMy-1P
	for pgsql-docs@arkaria.postgresql.org;
	Fri, 15 May 2026 22:13:39 +0000
Received: from localhost ([127.0.0.1] helo=malur.postgresql.org)
	by malur.postgresql.org with esmtp (Exim 4.96)
	(envelope-from <pgsql-docs-owner+archive@lists.postgresql.org>)
	id 1wO0mo-001lv2-10
	for pgsql-docs@arkaria.postgresql.org;
	Fri, 15 May 2026 22:13:38 +0000
Received: from magus.postgresql.org ([2a02:c0:301:0:ffff::29])
	by malur.postgresql.org with esmtps  (TLS1.3) tls
 TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384
	(Exim 4.96)
	(envelope-from <tgl@sss.pgh.pa.us>)
	id 1wO0mo-001lut-0H
	for pgsql-docs@lists.postgresql.org;
	Fri, 15 May 2026 22:13:38 +0000
Received: from sss.pgh.pa.us ([68.162.161.243])
	by magus.postgresql.org with esmtps  (TLS1.3) tls
 TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384
	(Exim 4.98.2)
	(envelope-from <tgl@sss.pgh.pa.us>)
	id 1wO0mi-00000000ozu-2RU7
	for pgsql-docs@lists.postgresql.org;
	Fri, 15 May 2026 22:13:37 +0000
Received: from sss1.sss.pgh.pa.us (localhost [127.0.0.1])
	by sss.pgh.pa.us (8.18.1/8.18.1) with ESMTP id 64FMDRwC1434212;
	Fri, 15 May 2026 18:13:27 -0400
From: Tom Lane <tgl@sss.pgh.pa.us>
To: chris@chrullrich.net
cc: pgsql-docs@lists.postgresql.org
Subject: Re: Error in 18.4 release notes
In-reply-to: 
 <177883653690.764749.14038057906859461991@wrigleys.postgresql.org>
References: <177883653690.764749.14038057906859461991@wrigleys.postgresql.org>
Comments: In-reply-to PG Doc comments form <noreply@postgresql.org>
	message dated "Fri, 15 May 2026 09:15:36 -0000"
MIME-Version: 1.0
Content-Type: text/plain; charset="us-ascii"
Content-ID: <1434210.1778883207.1@sss.pgh.pa.us>
Date: Fri, 15 May 2026 18:13:27 -0400
Message-ID: <1434211.1778883207@sss.pgh.pa.us>
List-Id: <pgsql-docs.lists.postgresql.org>
List-Help: <https://lists.postgresql.org/manage/>
List-Subscribe: <https://lists.postgresql.org/manage/>
List-Post: <mailto:pgsql-docs@lists.postgresql.org>
List-Owner: <mailto:pgsql-docs-owner@lists.postgresql.org>
List-Archive: <https://www.postgresql.org/list/pgsql-docs>
Archived-At: 
 <https://www.postgresql.org/message-id/1434211.1778883207%40sss.pgh.pa.us>
Precedence: bulk

PG Doc comments form <noreply@postgresql.org> writes:
> The 18.4 release notes say this: "Use timing-safe string comparisons in
> authentication code (Michael Paquier) Use timingsafe_bcmp() instead of
> memcpy() or strcmp() when checking passwords, ..."

> I think that should be memcmp() instead of memcpy().

Sigh, you're right --- that's my thinko.  Will fix in git for posterity's
sake, though the notes are already out and probably no-one will care
anymore by the time of the next release.

			regards, tom lane