Zosintha zowongolera zapangidwira nthambi zonse za PostgreSQL: 13.3, 12.7, 11.12, 10.17 ndi 9.6.22. Zosintha za nthambi 9.6 zidzapangidwa mpaka November 2021, 10 mpaka November 2022, 11 mpaka November 2023, 12 mpaka November 2024, 13 mpaka November 2025. Zotulutsa zatsopanozi zimachotsa zofooka zitatu ndikukonza zolakwika zomwe zasonkhanitsidwa.
Chiwopsezo cha CVE-2021-32027 chikhoza kupangitsa kuti buffer ikhale yopitilira malire chifukwa chakusefukira kwakanthawi kwakanthawi kowerengera. Pakuwongolera zikhalidwe zamafunso a SQL, wowukira yemwe ali ndi mwayi wofunsa mafunso a SQL amatha kulemba chilichonse kumalo osasinthika a memory memory ndikukwaniritsa ma code ake ndi ufulu wa seva ya DBMS. Ziwopsezo zina ziwiri (CVE-2021-32028, CVE-2021-32029) zimadzetsa kutayikira kwa zomwe zili mkati mwa kukumbukira mukamagwiritsa ntchito "INSERT ... PA MZIMU ... PANGANI ZAMBIRI" ndi "KUSINTHA ... KUBWERERA".
Zokonza zosakhala pachiwopsezo zikuphatikiza:
- Chotsani kuwerengera kolakwika pochita "UPDATE...RETURNING" kuti musinthe ma sharded tables.
- Konzani "ALTER TABLE ... ALTER CONSTRAINT" kulephera kwa lamulo pamene pali zoletsa zakunja kuphatikiza kugwiritsa ntchito matebulo ogawa.
- Ntchito ya "COMMIT AND CHAIN" yasinthidwa.
- Pakutulutsa kwatsopano kwa FreeBSD, fdatasync mode tsopano yakhazikitsidwa kukhala thatwal_sync_method mwachisawawa.
- Vacuum_cleanup_index_scale_factor parameter imayimitsidwa mwachisawawa.
- Kudontha kwa kukumbukira kokhazikika komwe kumachitika mukayambitsa kulumikizana kwa TLS.
- Macheke owonjezera awonjezedwa ku pg_upgrade chifukwa cha kupezeka kwa mitundu ya data pamatebulo ogwiritsa ntchito omwe sangathe kukwezedwa.
Source: opennet.ru