The column names in tuples produced by a whole-row variable (such as tbl.* in contexts other than the top level of a SELECT list) are now always those of the associated named composite type, if there is one. Stop using query-provided column aliases for the columns of whole-row variables that refer to plain tables (Tom Lane) (Note that GiST indexes on ltree columns, that is arrays of ltree, are not affected.) For safety we recommend re-indexing all GiST indexes on ltree columns after installing this update. This means it is very likely that such indexes are now corrupt. If any operations had been done on such an index without first upgrading the ltree extension to version 1.2, they were done assuming that the signature length was 28 bytes rather than the intended 8. The default signature length (hash size) for GiST indexes on ltree columns was accidentally changed while upgrading that operator class to support operator class parameters. (CVE-2022-1552)įix default signature length for gist_ltree_ops indexes (Tomas Vondra, Alexander Korotkov) The PostgreSQL Project thanks Alexander Lakhin for reporting this problem. A user having permission to create non-temporary objects within a database could define an object that would execute arbitrary SQL code with superuser permissions the next time that autovacuum processed the object, or that some superuser ran one of the affected commands against it. Confine additional operations within “ security restricted operation” sandboxes (Sergey Shinderuk, Noah Misch)Īutovacuum, CLUSTER, CREATE INDEX, REINDEX, REFRESH MATERIALIZED VIEW, and pg_amcheck activated the “ security restricted operation” protection mechanism too late, or even not at all in some code paths.
0 Comments
Leave a Reply. |
AuthorWrite something about yourself. No need to be fancy, just an overview. ArchivesCategories |