| From: | "Jonathan S(dot) Katz" <jkatz(at)postgresql(dot)org> |
|---|---|
| To: | PostgreSQL Hackers <pgsql-hackers(at)lists(dot)postgresql(dot)org> |
| Subject: | IMPORTANT: Out-of-cycle release scheduled for November 21, 2024 |
| Date: | 2024-11-15 23:28:42 |
| Message-ID: | cd54868c-3162-41f9-bba6-16e6b1449ff3@postgresql.org |
| Views: | Raw Message | Whole Thread | Download mbox | Resend email |
| Thread: | |
| Lists: | pgsql-hackers |
We're scheduling an out-of-cycle release on November 21, 2024 to address
two regressions that were released as part of the November 14, 2024
update release[1]. As part of this release, we will issue fixes for all
supported versions (17.2, 16.6, 15.10, 14.15, 13.20), and for 12.22,
even though PostgreSQL 12 is now EOL.
A high-level description of the regressions are as follows.
1. The fix for CVE-2024-10978 prevented `ALTER USER ... SET ROLE ...`
from having any effect[2]. This will be fixed in the upcoming release.
2. Certain PostgreSQL extensions took a dependency on an Application
Build Interface (ABI) that was modified in this release and caused them
to break[3]. Currently, this can be mitigated by rebuilding the
extensions against the updated definition.
Please follow all standard guidelines for commits ahead of the release.
Thanks for your help in assisting with this release,
Jonathan
[1]
https://www.postgresql.org/about/news/postgresql-171-165-159-1414-1317-and-1221-released-2955/
[2]
https://www.postgresql.org/message-id/CADOZwSb0UsEr4_UTFXC5k7%3DfyyK8uKXekucd%2B-uuGjJsGBfxgw%40mail.gmail.com
[3]
https://www.postgresql.org/message-id/CABOikdNmVBC1LL6pY26dyxAS2f%2BgLZvTsNt%3D2XbcyG7WxXVBBQ%40mail.gmail.com
| From | Date | Subject | |
|---|---|---|---|
| Next Message | David E. Wheeler | 2024-11-16 00:00:02 | Re: Potential ABI breakage in upcoming minor releases |
| Previous Message | Noah Misch | 2024-11-15 23:07:08 | Re: Potential ABI breakage in upcoming minor releases |