Izibuyekezo zokulungisa zenziwe kuwo wonke amagatsha e-PostgreSQL asekelwe: 13.3, 12.7, 11.12, 10.17 kanye no-9.6.22. Izibuyekezo zegatsha 9.6 zizokwenziwa kuze kube nguNovemba 2021, 10 kuze kube November 2022, 11 kuze kube November 2023, 12 kuze kube November 2024, 13 kuze kube November 2025. Ukukhishwa okusha kususa ubungozi obuthathu futhi kulungise amaphutha anqwabelene.
Ukuba sengozini kwe-CVE-2021-32027 kungase kuphumele ekubhaleni ibhafa engaphandle kwemingcele ngenxa yokuchichima okuphelele phakathi nezibalo zenkomba yohlu. Ngokukhohlisa amanani afanayo emibuzweni ye-SQL, umhlaseli onokufinyelela ekusebenziseni imibuzo ye-SQL angabhala noma iyiphi idatha endaweni engafanele yememori yokucubungula futhi azuze ukusetshenziswa kwekhodi yakhe ngamalungelo eseva ye-DBMS. Obunye ubungozi obubili (CVE-2021-32028, CVE-2021-32029) buholela ekuvuzeni kokuqukethwe kwenkumbulo yenqubo lapho kukhohlisa ukuthi “FAKA ... EMQWENI ... YENZA IBUYEKEZO” kanye nokuthi “BUYEKEZA ... UKUBUYISWA”.
Ukulungiswa kokungabi sengozini kufaka:
- Susa izibalo ezingalungile uma wenza "BUYEKEZA...IYABUYELA" ukuze ubuyekeze amathebula abiwe.
- Lungisa ukwehluleka komyalo othi "ALTER TABLE ... ALTER CONSTRAINT" uma kukhona izingqinamba zokhiye bangaphandle kuhlanganiswe nokusetshenziswa kwamathebula ahlukanisiwe.
- Ukusebenza kwe-"COMMIT AND CHAIN" kuthuthukisiwe.
- Ukuze uthole ukukhishwa okusha kwe-FreeBSD, imodi ye-fdatasync manje isisethwe ku- thatwal_sync_method ngokuzenzakalela.
- Ipharamitha ye-vacuum_cleanup_index_scale_factor ivaliwe ngokuzenzakalelayo.
- Ukuvuza kwememori okungaguquki okwenzeka lapho kuqaliswa ukuxhumeka kwe-TLS.
- Ukuhlola okwengeziwe kwengezwe ku-pg_upgrade ukuze kube khona izinhlobo zedatha kumathebula abasebenzisi angakwazi ukuthuthukiswa.
Source: opennet.ru