rdelaage
/
postgresql
mirror of https://git.postgresql.org/git/postgresql.git
1
0
Fork 0
Code Issues Packages Projects Releases Wiki Activity
53,658 Commits 36 Branches 606 Tags 423 MiB
C 86%
PLpgSQL 5.5%
Perl 4.1%
Yacc 1.3%
Makefile 0.7%
Other 2.3%
Go to file
Noah Misch a117cebd63 Make relation-enumerating operations be security-restricted operations. 
When a feature enumerates relations and runs functions associated with
all found relations, the feature's user shall not need to trust every
user having permission to create objects.  BRIN-specific functionality
in autovacuum neglected to account for this, as did pg_amcheck and
CLUSTER.  An attacker having permission to create non-temp objects in at
least one schema could execute arbitrary SQL functions under the
identity of the bootstrap superuser.  CREATE INDEX (not a
relation-enumerating operation) and REINDEX protected themselves too
late.  This change extends to the non-enumerating amcheck interface.
Back-patch to v10 (all supported versions).

Sergey Shinderuk, reviewed (in earlier versions) by Alexander Lakhin.
Reported by Alexander Lakhin.

Security: CVE-2022-1552
 		2022-05-09 08:35:08 -07:00
config Update config.guess and config.sub 2022-04-07 07:45:25 +02:00
contrib Make relation-enumerating operations be security-restricted operations. 2022-05-09 08:35:08 -07:00
doc Fix some whitespace in documentation markup 2022-05-06 09:14:15 +02:00
src Make relation-enumerating operations be security-restricted operations. 2022-05-09 08:35:08 -07:00
.cirrus.yml Make upgradecheck a no-op in MSVC's vcregress.pl 2022-04-02 12:06:11 +09:00
.dir-locals.el Make Emacs perl-mode indent more like perltidy. 2019-01-13 11:32:31 -08:00
.editorconfig Add .editorconfig 2019-12-18 09:13:13 +01:00
.git-blame-ignore-revs Add a few recent and not so recent revs to git-blame-ignore-revs. 2022-03-19 12:37:28 -07:00
.gitattributes Remove trailing whitespace from *.sgml files. 2022-04-20 11:04:49 -04:00
.gitignore Support for optimizing and emitting code in LLVM JIT provider. 2018-03-22 11:05:22 -07:00
COPYRIGHT Update copyright for 2022 2022-01-07 19:04:57 -05:00
GNUmakefile.in add missing tag from commit b8c4261e5e 2021-07-01 15:47:46 -04:00
HISTORY Canonicalize some URLs 2020-02-10 20:47:50 +01:00
Makefile Dynamically find correct installation docs in Makefile. 2022-01-19 14:48:25 +01:00
README Canonicalize some URLs 2020-02-10 20:47:50 +01:00
README.git Canonicalize some URLs 2020-02-10 20:47:50 +01:00
aclocal.m4 Probe $PROVE not $PERL while checking for modules needed by TAP tests. 2021-11-22 12:54:52 -05:00
configure Simplify configure test 2022-05-04 14:20:36 +02:00
configure.ac Simplify configure test 2022-05-04 14:20:36 +02:00

README 

PostgreSQL Database Management System
=====================================

This directory contains the source code distribution of the PostgreSQL
database management system.

PostgreSQL is an advanced object-relational database management system
that supports an extended subset of the SQL standard, including
transactions, foreign keys, subqueries, triggers, user-defined types
and functions.  This distribution also contains C language bindings.

PostgreSQL has many language interfaces, many of which are listed here:

	https://www.postgresql.org/download/

See the file INSTALL for instructions on how to build and install
PostgreSQL.  That file also lists supported operating systems and
hardware platforms and contains information regarding any other
software packages that are required to build or run the PostgreSQL
system.  Copyright and license information can be found in the
file COPYRIGHT.  A comprehensive documentation set is included in this
distribution; it can be read as described in the installation
instructions.

The latest version of this software may be obtained at
https://www.postgresql.org/download/.  For more information look at our
web site located at https://www.postgresql.org/.