git.ipfire.org Git - thirdparty/postgresql.git/commit

author	Nathan Bossart <nathan@postgresql.org>
	Mon, 6 May 2024 14:00:07 +0000 (09:00 -0500)
committer	Nathan Bossart <nathan@postgresql.org>
	Mon, 6 May 2024 14:00:07 +0000 (09:00 -0500)
commit	2485a85e96db137f7962a2e702b99869957f0990
tree	3dda8144d6bae62f81c285c3acce72b054a90c4d	tree \| snapshot
parent	3855bf9c10ae27d0d55c0b0b3ee9bad4cc40d80e	commit \| diff

Fix privilege checks in pg_stats_ext and pg_stats_ext_exprs.

The catalog view pg_stats_ext fails to consider privileges for
expression statistics.  The catalog view pg_stats_ext_exprs fails
to consider privileges and row-level security policies.  To fix,
restrict the data in these views to table owners or roles that
inherit privileges of the table owner.  It may be possible to apply
less restrictive privilege checks in some cases, but that is left
as a future exercise.  Furthermore, for pg_stats_ext_exprs, do not
return data for tables with row-level security enabled, as is
already done for pg_stats_ext.

On the back-branches, a fix-CVE-2024-4317.sql script is provided
that will install into the "share" directory.  This file can be
used to apply the fix to existing clusters.

Bumps catversion on 'master' branch only.

Reported-by: Lukas Fittl
Reviewed-by: Noah Misch, Tomas Vondra, Tom Lane
Security: CVE-2024-4317
Backpatch-through: 14

doc/src/sgml/catalogs.sgml		diff \| blob \| blame \| history
doc/src/sgml/system-views.sgml		diff \| blob \| blame \| history
src/backend/catalog/Makefile		diff \| blob \| blame \| history
src/backend/catalog/fix-CVE-2024-4317.sql	[new file with mode: 0644]	blob
src/backend/catalog/meson.build		diff \| blob \| blame \| history
src/backend/catalog/system_views.sql		diff \| blob \| blame \| history
src/test/regress/expected/rules.out		diff \| blob \| blame \| history
src/test/regress/expected/stats_ext.out		diff \| blob \| blame \| history
src/test/regress/sql/stats_ext.sql		diff \| blob \| blame \| history