mirror of
https://github.com/postgres/postgres.git
synced 2026-02-17 01:31:07 -05:00
a117cebd63
When a feature enumerates relations and runs functions associated with all found relations, the feature's user shall not need to trust every user having permission to create objects. BRIN-specific functionality in autovacuum neglected to account for this, as did pg_amcheck and CLUSTER. An attacker having permission to create non-temp objects in at least one schema could execute arbitrary SQL functions under the identity of the bootstrap superuser. CREATE INDEX (not a relation-enumerating operation) and REINDEX protected themselves too late. This change extends to the non-enumerating amcheck interface. Back-patch to v10 (all supported versions). Sergey Shinderuk, reviewed (in earlier versions) by Alexander Lakhin. Reported by Alexander Lakhin. Security: CVE-2022-1552 |
||
|---|---|---|
| .. | ||
| expected | ||
| sql | ||
| t | ||
| .gitignore | ||
| amcheck--1.0--1.1.sql | ||
| amcheck--1.0.sql | ||
| amcheck--1.1--1.2.sql | ||
| amcheck--1.2--1.3.sql | ||
| amcheck.control | ||
| Makefile | ||
| verify_heapam.c | ||
| verify_nbtree.c | ||