sabuntawar gyara ga duk rassan PostgreSQL masu tallafi: , , , и , wanda ya ƙunshi wani yanki na gyaran kwaro. Sakin sabuntawa don reshe 9.4 har zuwa Disamba 2019, 9.5 har zuwa Janairu 2021, 9.6 har zuwa Satumba 2021, 10 har zuwa Oktoba 2022, 11 har zuwa Nuwamba 2023.
Sabbin sigogin suna gyara kwari sama da 60 kuma suna kawar da lahani huɗu:
- Raunuka guda biyu (CVE-2019-10127, CVE-2019-10128) sun shafi dandamali ne kawai. Windows kuma suna bayyana a cikin masu shigarwa daga EnterpriseDB da BigSQL, waɗanda ba su saita haƙƙin shiga daidai zuwa kundin bayanai ba, wanda ya ba wa kowane mai amfani mara izini damar shiga. Windows fara aiwatar da lambar a matakin sabis na PostgreSQL.
- Rashin lahani na CVE-2019-10129 yana bayyana a cikin PostgreSQL 11 kuma yana bawa mai amfani damar karanta wuraren ƙwaƙwalwar ajiya na sabani na tsarin sabar ta hanyar aika buƙatun INSERT na musamman zuwa tebur da aka raba.
- Rashin lahani CVE-2019-10130 yana ba ku damar karanta ƙimar bayanan waɗanda aka iyakance damar shiga.
Kafaffen kwari sun haɗa da cin hanci da rashawa lokacin aiwatar da "ALTER TABLE" akan tebur da aka raba, ɓarnar uwar garken lokacin da kuskure ya faru lokacin ƙoƙarin adana siginan kwamfuta tsakanin ma'amala, matsalolin aiki lokacin jujjuya ma'amaloli da suka haɗa da adadi mai yawa na tebur, rashin tallafi ga "KIRKIYAR TEBULI IDAN A'A" magana tana wanzu .. AS EXECUTE .. ", ƙwaƙwalwar ajiyar ƙwaƙwalwa
source: budenet.ru
