[ubuntu/lunar-security] postgresql-15 15.4-0ubuntu0.23.04.1 (Accepted)
marc.deslauriers at canonical.com
Thu Aug 17 11:48:42 UTC 2023
postgresql-15 (15.4-0ubuntu0.23.04.1) lunar-security; urgency=medium
* New upstream version (LP: #2028426).
+ A dump/restore is not required for those running 15.X.
+ However, if you use BRIN indexes, it may be advisable to reindex them.
+ Also, if you are upgrading from a version earlier than 15.1, see
those release notes as well please.
+ Disallow substituting a schema or owner name into an extension script
if the name contains a quote, backslash, or dollar sign (Noah Misch)
This restriction guards against SQL-injection hazards for trusted
+ Fix MERGE to enforce row security policies properly (Dean Rasheed)
+ Fix confusion between empty (no rows) ranges and all-NULL ranges in
BRIN indexes, as well as incorrect merging of all-NULL summaries
Each of these oversights could result in forgetting that a BRIN
index range contains any NULL values, potentially allowing
subsequent queries that should return NULL values to miss doing so.
This fix will not in itself correct faulty BRIN entries.
It's recommended to REINDEX any BRIN indexes that
may be used to search for nulls.
+ Details about these and many further changes can be found at:
Date: 2023-08-16 11:46:07.655936+00:00
Changed-By: Athos Ribeiro <athos.ribeiro at canonical.com>
Signed-By: Marc Deslauriers <marc.deslauriers at canonical.com>
-------------- next part --------------
Sorry, changesfile not available.
More information about the lunar-changes