Ewepụtala mmelite mmezi maka ngalaba PostgreSQL niile akwadoro: 13.3, 12.7, 11.12, 10.17 na 9.6.22. A ga-ewepụta mmelite maka alaka 9.6 ruo Nọvemba 2021, 10 ruo Nọvemba 2022, 11 ruo Nọvemba 2023, 12 ruo Nọvemba 2024, 13 ruo Nọvemba 2025. Mwepụta ọhụrụ a na-ewepụ adịghị ike atọ ma dozie mperi akwakọba.
Ndabere CVE-2021-32027 nwere ike ibute ide data na-abụghị nke oke n'ihi oke ọnụọgụgụ mmadụ mgbe a na-agbakọ ihe ndeksi nhazi. Site n'iji ụkpụrụ nhazi na ajụjụ SQL, onye na-awakpo nwere ohere imezu ajụjụ SQL nwere ike ide data na-enweghị usoro na mpaghara ebe nchekwa usoro ma mezuo koodu ha na ikike. ihe nkesa DBMS. Nsogbu abụọ ndị ọzọ (CVE-2021-32028, CVE-2021-32029) na-ebute ntapu ebe nchekwa usoro mgbe a na-eji ajụjụ "INSERT ... ON CONFLICT ... MElite" na "MElite ... RETURNING".
Ndozi enweghị ike gụnyere:
- Wepu mgbako na-ezighi ezi mgbe ị na-eme "Mmelite...NA-AKWỤKWỌ" iji melite tebụl ndị agbakwunyere.
- Idozi "ALTER TABLE ... ALTER CONSTRAINT" ọdịda iwu mgbe enwere ihe mgbochi igodo mba ọzọ yana iji tebụl kewara ekewa.
- Ewelitela ọrụ "COMMIT AND Chain".
- Maka mwepụta ọhụrụ nke FreeBSD, a na-edozi ọnọdụ fdatasync ka ọ bụrụ thatwal_sync_method na ndabara.
- Akwụsịghị paramita vacuum_cleanup_index_scale_factor site na ndabara.
- Ebe nchekwa edobere anya na-eme mgbe ị na-ebido njikọ TLS.
- Agbakwunyela nlele ndị ọzọ na pg_upgrade maka ọnụnọ ụdị data dị na tebụl onye ọrụ enweghị ike ịkwalite.
isi: opennet.ru
