upstream/postgresql
1
0
Fork 0
mirror of https://github.com/postgres/postgres.git synced 2026-06-27 17:31:57 -04:00
Code Issues Projects Releases Packages Wiki Activity Actions
postgresql/src/backend
History
Nathan Bossart a44780f412 Check CREATE privilege on multirange type schema in CREATE TYPE. 
This omission allowed roles to create multirange types in any
schema, potentially leading to privilege escalations.  Note that
when a multirange type name is not specified in CREATE TYPE, it is
automatically placed in the range type's schema, which is checked
at the beginning of DefineRange().

Reported-by: Jelte Fennema-Nio <postgres@jeltef.nl>
Author: Jelte Fennema-Nio <postgres@jeltef.nl>
Reviewed-by: Nathan Bossart <nathandbossart@gmail.com>
Reviewed-by: Tomas Vondra <tomas@vondra.me>
Security: CVE-2026-6472
Backpatch-through: 14
2026-05-11 05:13:47 -07:00
..
access Fix nbtree skip array parallel alloc accounting. 2026-04-29 11:22:21 -04:00
archive Update copyright for 2025 2025-01-01 11:21:55 -05:00
backup Fix incorrect errno in OpenWalSummaryFile() 2026-02-03 11:25:14 +09:00
bootstrap Remove unnecessary (char *) casts [mem] 2025-02-12 08:50:13 +01:00
catalog Don't call CheckAttributeType() with InvalidOid on dropped cols 2026-04-23 21:28:59 +03:00
commands Check CREATE privilege on multirange type schema in CREATE TYPE. 2026-05-11 05:13:47 -07:00
executor Fix incorrect logic for hashed IN / NOT IN with non-strict operators 2026-04-24 14:03:41 +12:00
foreign Track the number of presorted outer pathkeys in MergePath 2025-05-08 18:21:32 +09:00
jit jit: No backport::SectionMemoryManager for LLVM 22. 2026-04-03 14:58:59 +13:00
lib Correct list of files in src/backend/lib/README 2025-06-27 09:31:23 +09:00
libpq Apply timingsafe_bcmp() in authentication paths 2026-05-11 05:13:47 -07:00
main Avoid possible crash within libsanitizer. 2025-11-05 11:09:30 -05:00
nodes Fix internal error from CollateExpr in SQL/JSON DEFAULT expressions 2025-10-09 01:07:52 -04:00
optimizer Consider opfamily and collation when removing redundant GROUP BY columns 2026-05-08 12:47:26 +09:00
parser Fix attnum remapping in generateClonedExtStatsStmt() 2026-04-30 11:05:29 -04:00
partitioning Strip PlaceHolderVars from partition pruning operands 2026-04-09 16:43:28 +09:00
po Translation updates 2026-05-11 13:03:08 +02:00
port Don't treat EINVAL from semget() as a hard failure. 2025-08-13 11:59:47 -04:00
postmaster Fix orphaned processes when startup process fails during PM_STARTUP 2026-04-21 09:40:03 +09:00
regex Harden our regex engine against integer overflow in size calculations. 2026-05-11 05:13:47 -07:00
replication Flush statistics during idle periods in parallel apply worker. 2026-04-20 10:23:22 +05:30
rewrite Fix UPDATE/DELETE ... WHERE CURRENT OF on a table with virtual columns. 2026-04-22 11:50:18 +01:00
snowball Use PG_MODULE_MAGIC_EXT in our installable shared libraries. 2025-03-26 11:11:02 -04:00
statistics Fix MCV input array checks in statistics restore functions 2026-05-11 05:13:47 -07:00
storage Make palloc_array() and friends safe against integer overflow. 2026-05-11 05:13:47 -07:00
tcop Fix unbounded recursive handling of SSL/GSS in ProcessStartupPacket() 2026-05-11 05:13:47 -07:00
tsearch Fix overflows with ts_headline() 2026-05-11 05:13:47 -07:00
utils Avoid passing unintended format codes to snprintf(). 2026-05-11 05:13:47 -07:00
.gitignore
common.mk Blind attempt to fix LLVM dependency in the backend 2022-09-15 10:53:48 +07:00
Makefile Fix build inconsistency due to the generation of wait-event code 2026-02-02 08:02:59 +09:00
meson.build Update copyright for 2025 2025-01-01 11:21:55 -05:00
nls.mk Return yyparse() result not via global variable 2025-01-24 06:55:39 +01:00