Last-minute updates for release notes.
authorTom Lane <[email protected]>
Mon, 5 Aug 2024 18:03:20 +0000 (14:03 -0400)
committerTom Lane <[email protected]>
Mon, 5 Aug 2024 18:03:20 +0000 (14:03 -0400)
Security: CVE-2024-7348

doc/src/sgml/release-12.sgml

index e5b7206d44857ce3e4d7143241853d847057b01e..e59b91378dad69b7deb791a43062f3e11b54d5c8 100644 (file)
 
     <listitem>
 <!--
+Author: Masahiko Sawada <[email protected]>
+Branch: master [66e94448a] 2024-08-05 06:05:33 -0700
+Branch: REL_17_STABLE [fdf218f1d] 2024-08-05 06:05:30 -0700
+Branch: REL_16_STABLE [6aba85a4b] 2024-08-05 06:05:28 -0700
+Branch: REL_15_STABLE [e81e53a0c] 2024-08-05 06:05:25 -0700
+Branch: REL_14_STABLE [72ef1675e] 2024-08-05 06:05:23 -0700
+Branch: REL_13_STABLE [bbc94abf6] 2024-08-05 06:05:20 -0700
+Branch: REL_12_STABLE [79c7a7e29] 2024-08-05 06:05:17 -0700
+-->
+     <para>
+      Prevent unauthorized code execution
+      during <application>pg_dump</application> (Masahiko Sawada)
+     </para>
+
+     <para>
+      An attacker able to create and drop non-temporary objects could
+      inject SQL code that would be executed by a
+      concurrent <application>pg_dump</application> session with the
+      privileges of the role running <application>pg_dump</application>
+      (which is often a superuser).  The attack involves replacing a
+      sequence or similar object with a view or foreign table that will
+      execute malicious code.  To prevent this, introduce a new server
+      parameter <varname>restrict_nonsystem_relation_kind</varname> that
+      can disable expansion of non-builtin views as well as access to
+      foreign tables, and teach <application>pg_dump</application> to set
+      it when available.  Note that the attack is prevented only if
+      both <application>pg_dump</application> and the server it is dumping
+      from are new enough to have this fix.
+     </para>
+
+     <para>
+      The <productname>PostgreSQL</productname> Project thanks
+      Noah Misch for reporting this problem.
+      (CVE-2024-7348)
+     </para>
+    </listitem>
+
+    <listitem>
+<!--
 Author: Alvaro Herrera <[email protected]>
 Branch: master [3dd637f3d] 2024-07-24 12:38:18 +0200
 Branch: REL_17_STABLE [2b22543a4] 2024-07-24 12:38:18 +0200