[ubuntu/jammy-security] postgresql-14 14.3-0ubuntu0.22.04.1 (Accepted)

[Marc Deslauriers]

postgresql-14 (14.3-0ubuntu0.22.04.1) jammy-security; urgency=medium

  * New upstream version (LP: #1973627).

    + A dump/restore is not required for those running 14.X.

    + However, if you have any GiST indexes on columns of type ltree (supplied
      by the contrib/ltree extension), you should re-index them after updating.
      See the upstream changelog linked below for further information.

    + Also, if you are upgrading from a version earlier than 14.2, see
      those release notes as well please.

    + Confine additional operations within "security restricted operation"
      sandboxes (Sergey Shinderuk, Noah Misch).

      Autovacuum, CLUSTER, CREATE INDEX, REINDEX, REFRESH MATERIALIZED VIEW,
      and pg_amcheck activated the "security restricted operation" protection
      mechanism too late, or even not at all in some code paths. A user having
      permission to create non-temporary objects within a database could
      define an object that would execute arbitrary SQL code with superuser
      permissions the next time that autovacuum processed the object, or that
      some superuser ran one of the affected commands against it.

      The PostgreSQL Project thanks Alexander Lakhin for reporting this
      problem.
      (CVE-2022-1552)

    + Details about these and many further changes can be found at:
      https://www.postgresql.org/docs/14/release-14-3.html

  * d/p/llvm14-support.patch: drop patch applied upstream.

Date: 2022-05-19 13:52:13.574136+00:00
Changed-By: Athos Ribeiro <athos.ribeiro at canonical.com>
Signed-By: Marc Deslauriers <marc.deslauriers at canonical.com>
https://launchpad.net/ubuntu/+source/postgresql-14/14.3-0ubuntu0.22.04.1
-------------- next part --------------
Sorry, changesfile not available.