rdelaage/postgresql
1
0
Fork 0
mirror of https://git.postgresql.org/git/postgresql.git synced 2024-08-31 06:17:23 +02:00
Code Issues Packages Projects Releases Wiki Activity
3a9b18b309
postgresql/src/backend
History
Noah Misch 3a9b18b309 Ban role pg_signal_backend from more superuser backend types. 
Documentation says it cannot signal "a backend owned by a superuser".
On the contrary, it could signal background workers, including the
logical replication launcher.  It could signal autovacuum workers and
the autovacuum launcher.  Block all that.  Signaling autovacuum workers
and those two launchers doesn't stall progress beyond what one could
achieve other ways.  If a cluster uses a non-core extension with a
background worker that does not auto-restart, this could create a denial
of service with respect to that background worker.  A background worker
with bugs in its code for responding to terminations or cancellations
could experience those bugs at a time the pg_signal_backend member
chooses.  Back-patch to v11 (all supported versions).

Reviewed by Jelte Fennema-Nio.  Reported by Hemanth Sandrana and
Mahendrakar Srinivasarao.

Security: CVE-2023-5870
2023-11-06 06:14:13 -08:00
..
access doc: 1-byte varlena headers can be used for user PLAIN storage 2023-10-31 09:10:35 -04:00
archive
backup Change struct tablespaceinfo's oid member from 'char *' to 'Oid' 2023-10-23 15:17:26 -04:00
bootstrap Refactor InitPostgres() to use bitwise option flags 2023-10-11 12:31:49 +09:00
catalog Add XMLText function (SQL/XML X038) 2023-11-06 09:38:29 +01:00
commands Add trailing commas to enum definitions 2023-10-26 09:20:54 +02:00
executor Fix intra-query memory leak when a SRF returns zero rows. 2023-10-28 14:05:01 -04:00
foreign Expand some more uses of "deleg" to "delegation" or "delegated". 2023-05-21 10:55:18 -04:00
jit jit: Changes for LLVM 17. 2023-10-19 05:13:23 +13:00
lib Make binaryheap available to frontend code. 2023-09-18 12:18:33 -07:00
libpq Add trailing commas to enum definitions 2023-10-26 09:20:54 +02:00
main Remove obsolete defense against strxfrm() bugs. 2023-04-20 13:20:14 +12:00
nodes Add trailing commas to enum definitions 2023-10-26 09:20:54 +02:00
optimizer Fix allocation of UniqueRelInfo 2023-11-06 10:04:01 +02:00
parser Add trailing commas to enum definitions 2023-10-26 09:20:54 +02:00
partitioning Add trailing commas to enum definitions 2023-10-26 09:20:54 +02:00
po Translation updates 2023-08-07 12:39:30 +02:00
port Add trailing commas to enum definitions 2023-10-26 09:20:54 +02:00
postmaster pgindent run to fix commits de64268561 and 5ae2087202 2023-10-30 14:52:35 -04:00
regex Add trailing commas to enum definitions 2023-10-26 09:20:54 +02:00
replication Add trailing commas to enum definitions 2023-10-26 09:20:54 +02:00
rewrite Add TupleDescGetDefault() 2023-09-27 18:52:40 +01:00
snowball Fix the install rule for snowball_create.sql. 2023-05-23 11:15:57 -04:00
statistics Take pg_attribute out of VacAttrStats 2023-07-03 07:18:57 +02:00
storage Ban role pg_signal_backend from more superuser backend types. 2023-11-06 06:14:13 -08:00
tcop Introduce the concept of read-only StringInfos 2023-10-26 16:31:48 +13:00
tsearch Limit to_tsvector_byid's initial array allocation to something sane. 2023-09-25 11:50:28 -04:00
utils Add XMLText function (SQL/XML X038) 2023-11-06 09:38:29 +01:00
.gitignore
common.mk
Makefile Add system view pg_wait_events 2023-08-20 15:35:02 +09:00
meson.build Add win32ver data to meson-built postgres.exe. 2023-06-12 07:40:38 -07:00
nls.mk Add missing gettext triggers 2023-05-10 13:51:51 +02:00