diff options
| -rw-r--r-- | doc/src/sgml/release-15.sgml | 95 | 
1 files changed, 94 insertions, 1 deletions
| diff --git a/doc/src/sgml/release-15.sgml b/doc/src/sgml/release-15.sgml index 196973462b9..e74161cb808 100644 --- a/doc/src/sgml/release-15.sgml +++ b/doc/src/sgml/release-15.sgml @@ -23,7 +23,16 @@     </para>     <para> -    However, if you are upgrading from a version earlier than 15.6, +    However, a security vulnerability was found in the system +    views <structname>pg_stats_ext</structname> +    and <structname>pg_stats_ext_exprs</structname>, potentially allowing +    authenticated database users to see data they shouldn't.  If this is +    of concern in your installation, follow the steps in the first +    changelog entry below to rectify it. +   </para> + +   <para> +    Also, if you are upgrading from a version earlier than 15.6,      see <xref linkend="release-15-6"/>.     </para>    </sect2> @@ -35,6 +44,90 @@      <listitem>  <!-- +Author: Nathan Bossart <nathan@postgresql.org> +Branch: master [521a7156a] 2024-05-06 09:00:00 -0500 +Branch: REL_16_STABLE [2485a85e9] 2024-05-06 09:00:07 -0500 +Branch: REL_15_STABLE [9cc2b6289] 2024-05-06 09:00:13 -0500 +Branch: REL_14_STABLE [c3425383b] 2024-05-06 09:00:19 -0500 +--> +     <para> +      Restrict visibility of <structname>pg_stats_ext</structname> and +      <structname>pg_stats_ext_exprs</structname> entries to the table +      owner (Nathan Bossart) +     </para> + +     <para> +      These views failed to hide statistics for expressions that involve +      columns the accessing user does not have permission to read.  View +      columns such as <structfield>most_common_vals</structfield> might +      expose security-relevant data.  The potential interactions here are +      not fully clear, so in the interest of erring on the side of safety, +      make rows in these views visible only to the owner of the associated +      table. +     </para> + +     <para> +      The <productname>PostgreSQL</productname> Project thanks +      Lukas Fittl for reporting this problem. +      (CVE-2024-4317) +     </para> + +     <para> +      By itself, this fix will only fix the behavior in newly initdb'd +      database clusters.  If you wish to apply this change in an existing +      cluster, you will need to do the following: +     </para> + +     <procedure> +      <step> +       <para> +        Find the SQL script <filename>fix-CVE-2024-4317.sql</filename> in +        the <replaceable>share</replaceable> directory of +        the <productname>PostgreSQL</productname> installation (typically +        located someplace like <filename>/usr/share/postgresql/</filename>). +        Be sure to use the script appropriate to +        your <productname>PostgreSQL</productname> major version. +        If you do not see this file, either your version is not vulnerable +        (only v14–v16 are affected) or your minor version is too +        old to have the fix. +       </para> +      </step> + +      <step> +       <para> +        In <emphasis>each</emphasis> database of the cluster, run +        the <filename>fix-CVE-2024-4317.sql</filename> script as superuser. +        In <application>psql</application> this would look like +<programlisting> +\i /usr/share/postgresql/fix-CVE-2024-4317.sql +</programlisting> +        (adjust the file path as appropriate).  Any error probably indicates +        that you've used the wrong script version.  It will not hurt to run +        the script more than once. +       </para> +      </step> + +      <step> +       <para> +        Do not forget to include the <literal>template0</literal> +        and <literal>template1</literal> databases, or the vulnerability +        will still exist in databases you create later.  To +        fix <literal>template0</literal>, you'll need to temporarily make +        it accept connections.  Do that with +<programlisting> +ALTER DATABASE template0 WITH ALLOW_CONNECTIONS true; +</programlisting> +        and then after fixing <literal>template0</literal>, undo it with +<programlisting> +ALTER DATABASE template0 WITH ALLOW_CONNECTIONS false; +</programlisting> +       </para> +      </step> +     </procedure> +    </listitem> + +    <listitem> +<!--  Author: Tom Lane <tgl@sss.pgh.pa.us>  Branch: master [b4a71cf65] 2024-03-14 14:57:16 -0400  Branch: REL_16_STABLE [52898c63e] 2024-03-14 14:57:16 -0400 | 
