upstream/postgresql
1
0
Fork 0
mirror of https://github.com/postgres/postgres.git synced 2026-02-24 02:11:28 -05:00
Code Issues Projects Releases Packages Wiki Activity Actions
postgresql/src/backend/rewrite
History
Nathan Bossart cd7ab57532 Ensure cached plans are correctly marked as dependent on role. 
If a CTE, subquery, sublink, security invoker view, or coercion
projection references a table with row-level security policies, we
neglected to mark the plan as potentially dependent on which role
is executing it.  This could lead to later executions in the same
session returning or hiding rows that should have been hidden or
returned instead.

Reported-by: Wolfgang Walther
Reviewed-by: Noah Misch
Security: CVE-2024-10976
Backpatch-through: 12
2024-11-11 09:00:00 -06:00
..
Makefile SEARCH and CYCLE clauses 2021-02-01 14:32:51 +01:00
meson.build Update copyright for 2024 2024-01-03 20:49:05 -05:00
rewriteDefine.c Remove unused #include's from backend .c files 2024-03-04 12:02:20 +01:00
rewriteHandler.c Ensure cached plans are correctly marked as dependent on role. 2024-11-11 09:00:00 -06:00
rewriteManip.c Fix unnecessary casts of copyObject() result 2024-10-17 08:36:48 +02:00
rewriteRemove.c Remove unused #include's from backend .c files 2024-03-04 12:02:20 +01:00
rewriteSearchCycle.c Make the order of the header file includes consistent 2024-03-13 15:07:00 +01:00
rewriteSupport.c Remove unused #include's from backend .c files 2024-03-04 12:02:20 +01:00
rowsecurity.c Add RETURNING support to MERGE. 2024-03-17 13:58:59 +00:00