upstream/postgresql
1
0
Fork 0
mirror of https://github.com/postgres/postgres.git synced 2026-02-22 17:31:00 -05:00
Code Issues Projects Releases Packages Wiki Activity Actions
postgresql/src
History
Nathan Bossart 6db5ea8de8 Ensure cached plans are correctly marked as dependent on role. 
If a CTE, subquery, sublink, security invoker view, or coercion
projection references a table with row-level security policies, we
neglected to mark the plan as potentially dependent on which role
is executing it.  This could lead to later executions in the same
session returning or hiding rows that should have been hidden or
returned instead.

Reported-by: Wolfgang Walther
Reviewed-by: Noah Misch
Security: CVE-2024-10976
Backpatch-through: 12
2024-11-11 09:00:00 -06:00
..
backend Ensure cached plans are correctly marked as dependent on role. 2024-11-11 09:00:00 -06:00
bin Translation updates 2024-11-11 13:55:53 +01:00
common Replace pgwin32_is_junction() with lstat(). 2024-11-08 09:29:40 +10:30
fe_utils Prevent mis-encoding of "trailing junk after numeric literal" errors. 2024-09-05 12:42:33 -04:00
include Replace pgwin32_is_junction() with lstat(). 2024-11-08 09:29:40 +10:30
interfaces Translation updates 2024-11-11 13:55:53 +01:00
makefiles Refactor DLSUFFIX handling 2022-03-25 08:56:02 +01:00
pl Block environment variable mutations from trusted PL/Perl. 2024-11-11 06:23:47 -08:00
port Make unlink() work for junction points on Windows. 2024-11-08 09:30:09 +10:30
template On NetBSD, force dynamic symbol resolution at postmaster start. 2022-08-30 17:28:55 -04:00
test Ensure cached plans are correctly marked as dependent on role. 2024-11-11 09:00:00 -06:00
timezone Update time zone data files to tzdata release 2024b. 2024-10-29 11:50:00 -04:00
tools Ensure cached plans are correctly marked as dependent on role. 2024-11-11 09:00:00 -06:00
tutorial Doc: sync src/tutorial/basics.source with SGML documentation. 2022-11-19 13:09:14 -05:00
.gitignore
DEVELOPERS
Makefile
Makefile.global.in Suppress macOS warnings about duplicate libraries in link commands. 2023-09-29 14:07:30 -04:00
Makefile.shlib Stop using "-multiply_defined suppress" on macOS. 2023-09-26 21:06:21 -04:00
nls-global.mk Improve frontend error logging style. 2022-04-08 14:55:14 -04:00