mirror of
https://github.com/postgres/postgres.git
synced 2026-04-12 20:46:42 -04:00
582edc369c
This makes the client programs behave as documented regardless of the connect-time search_path and regardless of user-created objects. Today, a malicious user with CREATE permission on a search_path schema can take control of certain of these clients' queries and invoke arbitrary SQL functions under the client identity, often a superuser. This is exploitable in the default configuration, where all users have CREATE privilege on schema "public". This changes behavior of user-defined code stored in the database, like pg_index.indexprs and pg_extension_config_dump(). If they reach code bearing unqualified names, "does not exist" or "no schema has been selected to create in" errors might appear. Users may fix such errors by schema-qualifying affected names. After upgrading, consider watching server logs for these errors. The --table arguments of src/bin/scripts clients have been lax; for example, "vacuumdb -Zt pg_am\;CHECKPOINT" performed a checkpoint. That now fails, but for now, "vacuumdb -Zt 'pg_am(amname);CHECKPOINT'" still performs a checkpoint. Back-patch to 9.3 (all supported versions). Reviewed by Tom Lane, though this fix strategy was not his first choice. Reported by Arseniy Sharoglazov. Security: CVE-2018-1058 |
||
|---|---|---|
| .. | ||
| editors | ||
| findoidjoins | ||
| ifaddrs | ||
| make_diff | ||
| msvc | ||
| pginclude | ||
| pgindent | ||
| ccsym | ||
| check_bison_recursion.pl | ||
| codelines | ||
| copyright.pl | ||
| FAQ2txt | ||
| find_badmacros | ||
| find_static | ||
| find_typedef | ||
| fix-old-flex-code.pl | ||
| git-external-diff | ||
| git_changelog | ||
| make_ctags | ||
| make_etags | ||
| make_mkid | ||
| pgtest | ||
| RELEASE_CHANGES | ||
| testint128.c | ||
| valgrind.supp | ||
| version_stamp.pl | ||
| win32tzlist.pl | ||