Corrective updates have been generated for all supported PostgreSQL branches: 14.3, 13.7, 12.11, 11.16 and 10.22. The 10.x branch is approaching the end of support (updates will be formed until November 2022). The release of updates for the 11.x branch will last until November 2023, 12.x until November 2024, 13.x until November 2025, 14.x until November 2026.
The new versions offer more than 50 fixes and fix the vulnerability CVE-2022-1552 related to the ability to bypass the isolation of execution of privileged operations Autovacuum, REINDEX, CREATE INDEX, REFRESH MATERIALIZED VIEW, CLUSTER and pg_amcheck. An attacker with the authority to create non-transient objects in any storage scheme can get arbitrary SQL functions to be executed with superuser privileges while the privileged user performs the above operations that affect the attacker's object. Including the exploitation of the vulnerability can occur when the database is automatically cleaned when the autovacuum handler is executed.
If you are unable to perform an update, as a workaround to blocking the problem, you can disable autovacuum and not perform the REINDEX, CREATE INDEX, REFRESH MATERIALIZED VIEW, and CLUSTER operations as a root user, and not run the pg_amcheck utility, and not restore content from a backup created by the pg_dump utility. The execution of VACUUM is considered safe, as is the use of any command operation, if the objects being processed belong to trusted users.
Other changes in the new releases include updating the JIT code to work with LLVM 14, allowing the use of database.schema.table templates in the psql, pg_dump and pg_amcheck utilities, fixing problems leading to corruption of GiST indexes on ltree columns, incorrect rounding of values ββin the format epoch retrieved from data of type interval, incorrect scheduler behavior when using asynchronous remote queries, incorrect sorting of table rows when using a CLUSTER expression on expression-based indexes, data loss on crash immediately after building a sorted GiST index, deadlock on deletion partitioned index, a race condition between the DROP TABLESPACE operation and the state commit (checkpoint).
Additionally, the release of the pg_ivm 1.0 extension with the implementation of IVM (Incremental View Maintenance) support for PostgreSQL 14 can be noted. IVM offers an alternative way to update materialized views, more efficient if changes affect a small part of the view. IVM allows you to instantly update materialized views, applying only incremental changes to them, without recomputing the view produced by using the "REFRESH MATERIALIZED VIEW" operation.
Source: opennet.ru