The PostgreSQL Global Development Team has released an update for all currently supported versions : 15.4, 14.9, 13.12, 12.16, and 11.21, as well as the third beta of PostgreSQL 16. This release fixes two security holes and fixes over 40 bugs reported over the past few months.
If you use BRIN indexes to look up values, you will need to reindex themNULL
after upgrading to this release . On PostgreSQL 12 and later, you can avoid blocking writes to affected indexes and tables with, for example:REINDEX CONCURRENTLY
REINDEX INDEX CONCURRENTLY your_index_name;
For a full list of changes, view the release notes .
PostgreSQL 11 EOL Notice
PostgreSQL 11 will stop receiving fixes on November 9, 2023. If you are running PostgreSQL 11 in production, it is recommended that you plan to upgrade to a newer supported version of PostgreSQL. See Version Control Policy for more information.
Security Question
CVE-2023-39417 : Extended scripts in references @substitutions@
allow SQL injection.
Supported, vulnerable versions: 11 - 15. Security teams usually don't test unsupported versions, but this problem has existed for a long time.
Extension scripts are vulnerable if they are used within quoting constructs ( dollar quoting, ''
, or ) ""
. Vulnerabilities exist for extensions that are not bundled. There are indeed holes in the documentation examples and non-bundled extensions. Therefore, a prerequisite for the attack is that the administrator installs the vulnerable, trusted, non-bundled extension file. Under this prerequisite, an attacker with database-level privileges can execute arbitrary code as a bootstrap superuser. PostgreSQL will prevent this attack in the core server, so there is no need to modify individual extensions. @extowner@
@extschema@
@extschema:...@
CREATE
CVE-2023-39418 : MERGE
Unable to enforce UPDATE
or SELECT
enforce security policies.
Supported, vulnerable versions: 15.
PostgreSQL 15 introduced MERGE
commands that fail to test new rows against the row security policy defined for UPDATE
and . SELECT
Users can store certain rows if UPDATE
and SELECT
policy prohibits them, but INSERT
the policy does not. Subsequent consequences depend on the application. This only affects CREATE POLICY
databases used to define row security policies.
Bug fixes and improvements
The issues listed below affect PostgreSQL 15, some of which may also affect other supported PostgreSQL versions.
- Fixed
NULL
handling of values in BRIN indexes . This repair does not apply to existing BRIN indexes - users will need to runREINDEX
to repair any BRIN indexes that are used to search for NULL values. - Avoid leaving a corrupt database when DROP DATABASE is interrupted.
- Several fixes for partitioned indexes.
- Fix bug if extension contains any objects outside of extension schema
ALTER EXTENSION ... SET SCHEMA
. - Fix dependency tracking for table access methods.
- Do not use partially unique indexes in the planner to prove uniqueness.
- Properly handle RLS policy expressions and sub-SELECTs in security-barrier views when extending rule actions.
- Fix
SERIALIZABLE
race conditions in transaction isolation mode conflict detection. - Fix intermittent failure when trying to update fields of composite columns that require out-of-line TOASTing .
- Fix multiple memory leaks that occurred during the query lifecycle.
- Accept fractional seconds in input to jsonpath
datetime()
methods. - Increased the token limit in
pg_hba.conf
andpg_ident.conf
to 10,240 bytes. - Out-of-memory errors from the JIT will now result in PostgreSQL
FATAL
errors instead of C++ exceptions. - Allows continuation after detection of certain types of B-tree index corruption
VACUUM
. While this repair allows VACUUM to continue, users still need toREINDEX
repair corrupted indexes. - Avoid double replaying prepared transactions during crash recovery.
- Make sure checkpoint calls fsync on newly created empty tables.
- Silence "missing contrecord" errors to avoid logging inaccurate messages from
pg_waldump
and .walsender
- Fix [fuzzystrmatch]( https://www.postgresql.org/docs/current/fuzzystrmatch.html Soundex function to handle empty input correctly.
difference()
- Several fixes for
intarray
, including disallowing overly large input arrays in GiST indexes. - Fix
pg_dump
to correctly handle SQL standard function bodies ( ) that depend on unique indexes when parsing is requiredBEGIN ATOMIC
.
For a full list of available changes, view the release notes .
Fixes in PostgreSQL 16 Beta 3
psql
Add commands in\drg
to display information about role authorization.pg_waldump --save-fullpage
Add the timeline ID to the filename generated using .- Fix crash after deadlock in parallel VACUUM worker.
See the release notes for a complete list of new and changed features.
Download address: https://www.postgresql.org/download/