Fix compilation warnings with libselinux 3.1 in contrib/sepgsql/
Upstream SELinux has recently marked security_context_t as officially
deprecated, causing warnings with -Wdeprecated-declarations. This is
considered as legacy code for some time now by upstream as
security_context_t got removed fro
Doc: improve examples for json_populate_record() and related functions.
Make these examples self-contained by providing declarations of the
user-defined row types they rely on. There wasn't room to do this
in the old doc format, but now there is, and I think it makes the
examples a good bit less
Doc: improve examples for json_populate_record() and related functions.
Make these examples self-contained by providing declarations of the
user-defined row types they rely on. There wasn't room to do this
in the old doc format, but now there is, and I think it makes the
examples a good bit less
snapshot scalability: Move PGXACT->xmin back to PGPROC.
Now that xmin isn't needed for GetSnapshotData() anymore, it leads to
unnecessary cacheline ping-pong to have it in PGXACT, as it is updated
considerably more frequently than the other PGXACT members.
After the changes in dc7420c2c92, this i
Handle new HOT chains in index-build table scans
When a table is scanned by heapam_index_build_range_scan (née
IndexBuildHeapScan) and the table lock being held allows concurrent data
changes, it is possible for new HOT chains to sprout in a page that were
unknown when the scan of a page happened.
Handle new HOT chains in index-build table scans
When a table is scanned by heapam_index_build_range_scan (née
IndexBuildHeapScan) and the table lock being held allows concurrent data
changes, it is possible for new HOT chains to sprout in a page that were
unknown when the scan of a page happened.
Handle new HOT chains in index-build table scans
When a table is scanned by heapam_index_build_range_scan (née
IndexBuildHeapScan) and the table lock being held allows concurrent data
changes, it is possible for new HOT chains to sprout in a page that were
unknown when the scan of a page happened.
Handle new HOT chains in index-build table scans
When a table is scanned by heapam_index_build_range_scan (née
IndexBuildHeapScan) and the table lock being held allows concurrent data
changes, it is possible for new HOT chains to sprout in a page that were
unknown when the scan of a page happened.
Handle new HOT chains in index-build table scans
When a table is scanned by heapam_index_build_range_scan (née
IndexBuildHeapScan) and the table lock being held allows concurrent data
changes, it is possible for new HOT chains to sprout in a page that were
unknown when the scan of a page happened.
Handle new HOT chains in index-build table scans
When a table is scanned by heapam_index_build_range_scan (née
IndexBuildHeapScan) and the table lock being held allows concurrent data
changes, it is possible for new HOT chains to sprout in a page that were
unknown when the scan of a page happened.
Handle new HOT chains in index-build table scans
When a table is scanned by heapam_index_build_range_scan (née
IndexBuildHeapScan) and the table lock being held allows concurrent data
changes, it is possible for new HOT chains to sprout in a page that were
unknown when the scan of a page happened.
Document clashes between logical replication and untrusted users.
Back-patch to v10, which introduced logical replication.
Security: CVE-2020-14349
Branch
--
REL_11_STABLE
Details
---
https://git.postgresql.org/pg/commitdiff/613ed8a588d31f6a3f253e188bf51decb4472b7c
Modified Files
-
Empty search_path in logical replication apply worker and walsender.
This is like CVE-2018-1058 commit
582edc369cdbd348d68441fc50fa26a84afd0c1a. Today, a malicious user of a
publisher or subscriber database can invoke arbitrary SQL functions
under an identity running replication, often a superuse
Empty search_path in logical replication apply worker and walsender.
This is like CVE-2018-1058 commit
582edc369cdbd348d68441fc50fa26a84afd0c1a. Today, a malicious user of a
publisher or subscriber database can invoke arbitrary SQL functions
under an identity running replication, often a superuse
Tag refs/tags/REL_12_4 was created.
Document clashes between logical replication and untrusted users.
Back-patch to v10, which introduced logical replication.
Security: CVE-2020-14349
Branch
--
REL_10_STABLE
Details
---
https://git.postgresql.org/pg/commitdiff/b793d6af9d2f6b780815773b6b82ab80a9cf4c20
Modified Files
-
Last-minute updates for release notes.
Security: CVE-2020-14349, CVE-2020-14350
Branch
--
REL9_6_STABLE
Details
---
https://git.postgresql.org/pg/commitdiff/a7e51a407658c65b3c3458ff6c46a3c182b2
Modified Files
--
doc/src/sgml/release-9.6.sgml | 33
Document clashes between logical replication and untrusted users.
Back-patch to v10, which introduced logical replication.
Security: CVE-2020-14349
Branch
--
master
Details
---
https://git.postgresql.org/pg/commitdiff/cec57b1a0fbcd3833086ba686897c5883e0a2afc
Modified Files
Tag refs/tags/REL_10_14 was created.
Tag refs/tags/REL9_6_19 was created.
Last-minute updates for release notes.
Security: CVE-2020-14349, CVE-2020-14350
Branch
--
REL_11_STABLE
Details
---
https://git.postgresql.org/pg/commitdiff/6f57b9bf39283b89808c45da360c748ab29535c6
Modified Files
--
doc/src/sgml/release-11.sgml | 67 +
Empty search_path in logical replication apply worker and walsender.
This is like CVE-2018-1058 commit
582edc369cdbd348d68441fc50fa26a84afd0c1a. Today, a malicious user of a
publisher or subscriber database can invoke arbitrary SQL functions
under an identity running replication, often a superuse
Tag refs/tags/REL_11_9 was created.
Document clashes between logical replication and untrusted users.
Back-patch to v10, which introduced logical replication.
Security: CVE-2020-14349
Branch
--
REL_13_STABLE
Details
---
https://git.postgresql.org/pg/commitdiff/b601f24c875d79e747eb8b50a4b1555ac22cf8f9
Modified Files
-
Tag refs/tags/REL9_5_23 was created.
Make contrib modules' installation scripts more secure.
Hostile objects located within the installation-time search_path could
capture references in an extension's installation or upgrade script.
If the extension is being installed with superuser privileges, this
opens the door to privilege escala
Tag refs/tags/REL_13_BETA3 was created.
Empty search_path in logical replication apply worker and walsender.
This is like CVE-2018-1058 commit
582edc369cdbd348d68441fc50fa26a84afd0c1a. Today, a malicious user of a
publisher or subscriber database can invoke arbitrary SQL functions
under an identity running replication, often a superuse
Make contrib modules' installation scripts more secure.
Hostile objects located within the installation-time search_path could
capture references in an extension's installation or upgrade script.
If the extension is being installed with superuser privileges, this
opens the door to privilege escala
Last-minute updates for release notes.
Security: CVE-2020-14349, CVE-2020-14350
Branch
--
REL9_5_STABLE
Details
---
https://git.postgresql.org/pg/commitdiff/2e0358752da35d9c3496a5b448983d0ebd0ed9d9
Modified Files
--
doc/src/sgml/release-9.5.sgml | 33
Last-minute updates for release notes.
Security: CVE-2020-14349, CVE-2020-14350
Branch
--
REL_12_STABLE
Details
---
https://git.postgresql.org/pg/commitdiff/f9ddc36ed676eb008f7392608fe250387968685e
Modified Files
--
doc/src/sgml/release-12.sgml | 67 +
Empty search_path in logical replication apply worker and walsender.
This is like CVE-2018-1058 commit
582edc369cdbd348d68441fc50fa26a84afd0c1a. Today, a malicious user of a
publisher or subscriber database can invoke arbitrary SQL functions
under an identity running replication, often a superuse
Document clashes between logical replication and untrusted users.
Back-patch to v10, which introduced logical replication.
Security: CVE-2020-14349
Branch
--
REL_12_STABLE
Details
---
https://git.postgresql.org/pg/commitdiff/515ee4a7e5e9660bb7f2b1056e0bfabce49d4e6e
Modified Files
-
Last-minute updates for release notes.
Security: CVE-2020-14349, CVE-2020-14350
Branch
--
REL_10_STABLE
Details
---
https://git.postgresql.org/pg/commitdiff/d3aa1d4f48a49533cd3ea1dc845aefad89b60065
Modified Files
--
doc/src/sgml/release-10.sgml | 67 +
Make contrib modules' installation scripts more secure.
Hostile objects located within the installation-time search_path could
capture references in an extension's installation or upgrade script.
If the extension is being installed with superuser privileges, this
opens the door to privilege escala
Make contrib modules' installation scripts more secure.
Hostile objects located within the installation-time search_path could
capture references in an extension's installation or upgrade script.
If the extension is being installed with superuser privileges, this
opens the door to privilege escala
Make contrib modules' installation scripts more secure.
Hostile objects located within the installation-time search_path could
capture references in an extension's installation or upgrade script.
If the extension is being installed with superuser privileges, this
opens the door to privilege escala
Make contrib modules' installation scripts more secure.
Hostile objects located within the installation-time search_path could
capture references in an extension's installation or upgrade script.
If the extension is being installed with superuser privileges, this
opens the door to privilege escala
Make contrib modules' installation scripts more secure.
Hostile objects located within the installation-time search_path could
capture references in an extension's installation or upgrade script.
If the extension is being installed with superuser privileges, this
opens the door to privilege escala
39 matches
Mail list logo
