upstream/postgresql
1
0
Fork 0
mirror of https://github.com/postgres/postgres.git synced 2026-03-14 14:42:30 -04:00
Code Issues Projects Releases Packages Wiki Activity Actions
postgresql/src/backend
History
Nathan Bossart 952ff31e2a Ensure cached plans are correctly marked as dependent on role. 
If a CTE, subquery, sublink, security invoker view, or coercion
projection references a table with row-level security policies, we
neglected to mark the plan as potentially dependent on which role
is executing it.  This could lead to later executions in the same
session returning or hiding rows that should have been hidden or
returned instead.

Reported-by: Wolfgang Walther
Reviewed-by: Noah Misch
Security: CVE-2024-10976
Backpatch-through: 12
2024-11-11 09:00:00 -06:00
..
access Improve fix for not entering parallel mode when holding interrupts. 2024-11-08 13:42:01 -05:00
bootstrap Skip WAL for new relfilenodes, under wal_level=minimal. 2020-04-04 12:25:34 -07:00
catalog Suppress new "may be used uninitialized" warning. 2024-11-02 19:42:57 -07:00
commands Message style improvement 2024-11-08 07:32:14 +01:00
executor Ensure cached plans are correctly marked as dependent on role. 2024-11-11 09:00:00 -06:00
foreign Restrict accesses to non-system views and foreign tables during pg_dump. 2024-08-05 06:05:20 -07:00
jit Monkey-patch LLVM code to fix ARM relocation bug. 2024-11-06 23:10:05 +13:00
lib Fix lock assertions in dshash.c. 2022-07-11 15:48:54 +12:00
libpq Fix regression in TLS session ticket disabling 2024-08-19 12:55:11 +02:00
main Fix outdated --help message for postgres -f 2022-08-15 13:37:40 +09:00
nodes Further fixes for MULTIEXPR_SUBLINK fix. 2022-09-06 16:38:18 -04:00
optimizer Improve fix for not entering parallel mode when holding interrupts. 2024-11-08 13:42:01 -05:00
parser Remove incorrect Assert. 2024-09-11 11:42:19 -04:00
partitioning Fix creation of partition descriptor during concurrent detach+drop 2024-08-12 18:17:56 -04:00
po Translation updates 2024-11-11 13:58:30 +01:00
port Check for STATUS_DELETE_PENDING on Windows. 2024-11-08 09:44:46 +10:30
postmaster Avoid deadlock during orphan temp table removal. 2024-04-02 14:59:04 -04:00
regex Avoid character classification in regex escape parsing. 2023-04-21 08:20:47 -07:00
replication Revert "For inplace update, send nontransactional invalidations." 2024-11-02 09:05:07 -07:00
rewrite Ensure cached plans are correctly marked as dependent on role. 2024-11-11 09:00:00 -06:00
snowball In the Snowball dictionary, don't try to stem excessively-long words. 2022-08-31 10:42:05 -04:00
statistics Fix incorrectly reported stats kind in "can't happen" ERROR 2024-03-05 16:19:05 +13:00
storage At end of recovery, reset all sinval-managed caches. 2024-10-25 06:51:08 -07:00
tcop Restrict accesses to non-system views and foreign tables during pg_dump. 2024-08-05 06:05:20 -07:00
tsearch Limit to_tsvector_byid's initial array allocation to something sane. 2023-09-25 11:50:28 -04:00
utils Fix -Wcast-function-type warnings 2024-11-08 09:42:21 +10:30
.gitignore Add .gitignore entries for AIX-specific intermediate build artifacts. 2015-07-08 20:44:22 -04:00
common.mk Remove PARTIAL_LINKING build mode. 2018-03-30 17:33:04 -07:00
Makefile Update copyrights for 2020 2020-01-01 12:21:45 -05:00
nls.mk Translation updates 2020-09-14 13:14:53 +02:00