git.ipfire.org Git - thirdparty/postgresql.git/commit

author	Nathan Bossart <nathan@postgresql.org>
	Mon, 11 May 2026 12:13:49 +0000 (05:13 -0700)
committer	Noah Misch <noah@leadboat.com>
	Mon, 11 May 2026 12:13:49 +0000 (05:13 -0700)
commit	c27ba08cd5c58659b32805fe807683cde5429ab2
tree	d3c77021b254927d8ac4427e281da3c2af6e3ce7	tree \| snapshot
parent	d7de7fa84d2492f15747163cbb2f4c5c110ec4a4	commit \| diff

Check CREATE privilege on multirange type schema in CREATE TYPE.

This omission allowed roles to create multirange types in any
schema, potentially leading to privilege escalations. Note that
when a multirange type name is not specified in CREATE TYPE, it is
automatically placed in the range type's schema, which is checked
at the beginning of DefineRange().

Reported-by: Jelte Fennema-Nio <postgres@jeltef.nl>
Author: Jelte Fennema-Nio <postgres@jeltef.nl>
Reviewed-by: Nathan Bossart <nathandbossart@gmail.com>
Reviewed-by: Tomas Vondra <tomas@vondra.me>
Security: CVE-2026-6472
Backpatch-through: 14

src/backend/commands/typecmds.c		diff \| blob \| blame \| history
src/test/regress/expected/multirangetypes.out		diff \| blob \| blame \| history
src/test/regress/sql/multirangetypes.sql		diff \| blob \| blame \| history