Find the article on our blog here:
pganalyze.com/blog/5mins-post...
In E114 of "5mins of Postgres" we discuss the updated Postgres minor releases that were just released this week. And specifically, we're going to talk about the security issue that was fixed in this release. Now I'll tell you first off, that this security issue, CVE-2024-4317 is a fairly minor one, but the reason I want to talk about it is, because I was the one who reported it.
I'll explain to you when this can be a problem and how you can apply the fix. If you want to fix this issue, you cannot just upgrade the minor release. You actually do have to take action on an existing database to fix the problem.
Learn more about pganalyze:
pganalyze.com
pganalyze.com/newsletter
/ pganalyze
Check out the pganalyze library for eBooks, webinars, and more:
pganalyze.com/resources
📑 What we have discussed in this episode of 5mins of Postgres:
PostgreSQL 16.3, 15.7, 14.12, 13.15, and 12.19 Released!
www.postgresql.org/about/news...
CVE-2024-4317 - Restrict visibility of "pg_stats_ext" and "pg_stats_ext_exprs" entries to the table owner
www.postgresql.org/support/se...
psql script to fix the system view definition on Postgres 16
git.postgresql.org/gitweb/?p=...
Негізгі бет Ғылым және технология Postgres CVE-2024-4317 and how to fix the system views
Пікірлер: 1