Обсуждение: set_user 2.0.1 released

Поиск
Список
Период
Сортировка

set_user 2.0.1 released

От
Crunchy Data via PostgreSQL Announce
Дата:
 

set_user 2.0.1 released

Crunchy Data is pleased to announce the release of the PostgreSQL set_user Extension module version 2.0.1.

This release contains one security fix and one other bug fix. It is highly recommended to update to this version of set_user as soon as possible.

Security Issues

  • CVE-2021-38140: Fixed potential privilege escalation using RESET SESSION AUTHORIZATION after calling set_user(). This is now blocked along with RESET ROLE.

Fixes

  • Fix GUC deprecation logic to stop printing noisy NOTICEs every time GUCs are referenced.

Links

Crunchy Data is proud to support the development and maintenance of set_user).

This email was sent to you from Crunchy Data. It was delivered on their behalf by the PostgreSQL project. Any questions about the content of the message should be sent to Crunchy Data.

You were sent this email as a subscriber of the pgsql-announce mailinglist, for for one of the content tags Related Open Source or Security. To unsubscribe from further emails, or change which emails you want to receive, please click the personal unsubscribe link that you can find in the headers of this email, or visit https://lists.postgresql.org/unsubscribe/.