| From: | Noah Misch <noah(at)leadboat(dot)com> |
|---|---|
| To: | pgsql-committers(at)lists(dot)postgresql(dot)org |
| Subject: | pgsql: Empty search_path in logical replication apply worker and walsen |
| Date: | 2020-08-10 16:24:41 |
| Message-ID: | E1k5AbJ-0004t8-6p@gemulon.postgresql.org |
| Views: | Raw Message | Whole Thread | Download mbox | Resend email |
| Thread: | |
| Lists: | pgsql-committers |
Empty search_path in logical replication apply worker and walsender.
This is like CVE-2018-1058 commit
582edc369cdbd348d68441fc50fa26a84afd0c1a. Today, a malicious user of a
publisher or subscriber database can invoke arbitrary SQL functions
under an identity running replication, often a superuser. This fix may
cause "does not exist" or "no schema has been selected to create in"
errors in a replication process. After upgrading, consider watching
server logs for these errors. Objects accruing schema qualification in
the wake of the earlier commit are unlikely to need further correction.
Back-patch to v10, which introduced logical replication.
Security: CVE-2020-14349
Branch
------
master
Details
-------
https://git.postgresql.org/pg/commitdiff/11da97024abbe76b8c81e3f2375b2a62e9717c67
Modified Files
--------------
.../replication/libpqwalreceiver/libpqwalreceiver.c | 17 +++++++++++++++++
src/backend/replication/logical/worker.c | 6 ++++++
src/test/subscription/t/001_rep_changes.pl | 4 ++++
3 files changed, 27 insertions(+)
| From | Date | Subject | |
|---|---|---|---|
| Next Message | Tom Lane | 2020-08-10 19:36:16 | pgsql: Last-minute updates for release notes. |
| Previous Message | Tom Lane | 2020-08-10 14:45:13 | pgsql: Make contrib modules' installation scripts more secure. |