UbuntuUpdates.org

Package "postgresql-client-14"

Name: postgresql-client-14

Description:

front-end programs for PostgreSQL 14
Latest version: 14.11-0ubuntu0.22.04.1
Release: jammy (22.04)
Level: security
Repository: main
Head package: postgresql-14
Homepage: http://www.postgresql.org/

Links

All versions of this package
Bug fixes

List of files in package
Repository home page

Download "postgresql-client-14"

32-bit deb package
64-bit deb package
APT INSTALL

Other versions of "postgresql-client-14" in Jammy

Repository Area Version
base main 14.2-1ubuntu1
updates main 14.11-0ubuntu0.22.04.1
PPA: Postgresql 14.8-1.pgdg18.04+1
PPA: Postgresql 14.11-1.pgdg20.04+1
PPA: Postgresql 14.11-1.pgdg22.04+1

Changelog

Version: 14.5-0ubuntu0.22.04.1 2022-08-18 18:06:20 UTC

  postgresql-14 (14.5-0ubuntu0.22.04.1) jammy-security; urgency=medium

  * New upstream version (LP: #1984012).

    + A dump/restore is not required for those running 14.X.

    + Also, if you are upgrading from a version earlier than 14.4, see
      those release notes as well please.

    + Do not let extension scripts replace objects not already belonging
      to the extension (Tom Lane).
      (CVE-2022-2625)

    + Do not let extension scripts replace objects not already belonging
      to the extension (Tom Lane).

    + Fix permissions checks in CREATE INDEX (Nathan Bossart,
      Noah Misch).

    + Details about these and many further changes can be found at:
      https://www.postgresql.org/docs/14/release-14-5.html

 -- Sergio Durigan Junior <email address hidden> Mon, 08 Aug 2022 18:15:57 -0400
Source diff to previous version
1984012 New upstream microreleases 10.22, 12.12 and 14.5
CVE-2022-2625 extension scripts replace objects not owned by the extension

Version: 14.3-0ubuntu0.22.04.1 2022-05-24 15:06:32 UTC

  postgresql-14 (14.3-0ubuntu0.22.04.1) jammy-security; urgency=medium

  * New upstream version (LP: #1973627).

    + A dump/restore is not required for those running 14.X.

    + However, if you have any GiST indexes on columns of type ltree (supplied
      by the contrib/ltree extension), you should re-index them after updating.
      See the upstream changelog linked below for further information.

    + Also, if you are upgrading from a version earlier than 14.2, see
      those release notes as well please.

    + Confine additional operations within "security restricted operation"
      sandboxes (Sergey Shinderuk, Noah Misch).

      Autovacuum, CLUSTER, CREATE INDEX, REINDEX, REFRESH MATERIALIZED VIEW,
      and pg_amcheck activated the "security restricted operation" protection
      mechanism too late, or even not at all in some code paths. A user having
      permission to create non-temporary objects within a database could
      define an object that would execute arbitrary SQL code with superuser
      permissions the next time that autovacuum processed the object, or that
      some superuser ran one of the affected commands against it.

      The PostgreSQL Project thanks Alexander Lakhin for reporting this
      problem.
      (CVE-2022-1552)

    + Details about these and many further changes can be found at:
      https://www.postgresql.org/docs/14/release-14-3.html

  * d/p/llvm14-support.patch: drop patch applied upstream.

 -- Athos Ribeiro <email address hidden> Mon, 16 May 2022 16:17:01 -0300
1973627 New upstream microreleases 10.21, 12.11, 13.7 and 14.3


About   -   Send Feedback to @ubuntu_updates