The PostgreSQL Global Development Group has released an update to all supported versions of PostgreSQL, including 16.1, 15.5, 14.10, 13.13, 12.17, and 11.22 This release fixes three security vulnerabilities and over 55 bugs reported over the last several months.
This release includes fixes for indexes where in certain cases, we advise reindexing. Please see the "Updating" section for more details.
For the full list of changes, please review the release notes.
This is the final release of PostgreSQL 11. PostgreSQL 11 is now end-of-life and will no longer receive security and bug fixes. If you are running PostgreSQL 11 in a production environment, we suggest that you make plans to upgrade to a newer, supported version of PostgreSQL. Please see our versioning policy for more information.
CVSS v3 Base Score: 4.3
Supported, Vulnerable Versions: 11 - 16. The security team typically does not test unsupported versions, but this problem is quite old.
Certain aggregate function calls receiving "unknown"-type arguments could disclose bytes of server memory from the end of the "unknown"-type value to the next zero byte. One typically gets an "unknown"-type value via a string literal having no type designation. We have not confirmed or ruled out viability of attacks that arrange for presence of notable, confidential information in disclosed bytes.
The PostgreSQL project thanks Jingzhou Fu for reporting this problem.
CVSS v3 Base Score: 8.8
Supported, Vulnerable Versions: 11 - 16. The security team typically does not test unsupported versions, but this problem is quite old.
While modifying certain SQL array values, missing overflow checks let authenticated database users write arbitrary bytes to a memory area that facilitates arbitrary code execution. Missing overflow checks also let authenticated database users read a wide area of server memory. The CVE-2021-32027 fix covered some attacks of this description, but it missed others.
The PostgreSQL project thanks Pedro Gallegos for reporting this problem.
pg_signal_backend
can signal certain superuser processesCVSS v3 Base Score: 2.2
Supported, Vulnerable Versions: 11 - 16. The security team typically does not test unsupported versions, but this problem is quite old.
Documentation says the pg_signal_backend
role cannot signal "a backend owned
by a superuser". On the contrary, it can signal background workers, including
the logical replication launcher. It can signal autovacuum
workers and the
autovacuum
launcher. Signaling autovacuum
workers and those two launchers
provides no meaningful exploit, so exploiting this vulnerability requires a
non-core extension with a less-resilient background worker. For example, a
non-core background worker that does not auto-restart would experience a
denial of service with respect to that particular background worker.
The PostgreSQL project thanks Hemanth Sandrana and Mahendrakar Srinivasarao for reporting this problem.
This update fixes over 55 bugs that were reported in the last several months. The issues listed below affect PostgreSQL 16. Some of these issues may also affect other supported versions of PostgreSQL.
interval
columns. Please reindex
any B-tree index that includes an interval
column after installing this
update.date
, timestamptz
, and timestamp
values in BRIN indexes when using a minmax_multi
opsclass.
While not required, we recommend
reindexing BRIN
indexes that include these data types after installing this update.Throw the correct error if pgrowlocks()
is applied to a partitioned table
Fix inconsistent rechecking of concurrently-updated rows during
MERGE
when using
READ COMMITTED
mode.
UPDATE
/DELETE
/MERGE
even when the parent table is excluded by constraints.tsvector
.ALTER SUBSCRIPTION
to apply changes in the run_as_owner
option.COPY FROM
,pg_control
.ORDER BY
or DISTINCT
options.track_io_timing
is enabled, include the time taken by relation extension operations as write
time.CALL
statements, and re-plan them when needed.FATAL
while reading WAL.pg_dump
to
dump the new run_as_owner
option of subscriptions.pg_restore
so that selective restores will include both table-level and column-level ACLs
for selected tables.pg_upgrade
to check for use of obsolete data types abstime
, reltime
, and tinterval
.vacuumdb
to have multiple -N
switches actually exclude tables in multiple schemas.amcheck
will no longer report interrupted page deletion as corruption.btree_gin
indexes on interval
columns to properly return data when
using the <
and <=
operators.All PostgreSQL update releases are cumulative. As with other minor releases,
users are not required to dump and reload their database or use pg_upgrade
in
order to apply this update release; you may simply shutdown PostgreSQL and
update its binaries.
We recommend reindexing certain types of indexes after you apply this update, including:
interval
data typedate
, timestamptz
, and timestamp
data types and a
minmax_multi
opsclassOn PostgreSQL 12 and above, you can use
REINDEX CONCURRENTLY
to avoid blocking writes to the affected index and table, for example:
REINDEX INDEX CONCURRENTLY your_index_name;
Users who have skipped one or more update releases may need to run additional post-update steps; please see the release notes from earlier versions for details.
For more details, please see the release notes.
If you have corrections or suggestions for this release announcement, please send them to the [email protected] public mailing list.