UbuntuUpdates.org

Package "postgresql-14"

Name: postgresql-14

Description:

This package is just an umbrella for a group of other packages, it has no description.
Description samples from packages in group:

  • development files for PostgreSQL 14 server-side programming

Latest version: 14.13-0ubuntu0.22.04.1
Release: jammy (22.04)
Level: updates
Repository: universe

Links



Other versions of "postgresql-14" in Jammy

Repository Area Version
base universe 14.2-1ubuntu1
base main 14.2-1ubuntu1
security main 14.13-0ubuntu0.22.04.1
security universe 14.13-0ubuntu0.22.04.1
updates main 14.13-0ubuntu0.22.04.1
PPA: Postgresql 14.15-1.pgdg20.04+1
PPA: Postgresql 14.8-1.pgdg18.04+1
PPA: Postgresql 14.15-1.pgdg22.04+1

Packages in group

Deleted packages are displayed in grey.


Changelog

Version: 14.8-0ubuntu0.22.04.1 2023-05-24 18:07:05 UTC

  postgresql-14 (14.8-0ubuntu0.22.04.1) jammy-security; urgency=medium

  * New upstream version (LP: #2019214).

    + A dump/restore is not required for those running 14.X.

    + Also, if you are upgrading from a version earlier than 14.4, see
      those release notes as well please.

    + Prevent CREATE SCHEMA from defeating changes in search_path
      (Alexander Lakhin)

      Within a CREATE SCHEMA command, objects in the prevailing
      search_path, as well as those in the newly-created schema, would be
      visible even within a called function or script that attempted to set
      a secure search_path. This could allow any user having permission to
      create a schema to hijack the privileges of a security definer
      function or extension script.
      (CVE-2023-2454)

    + Enforce row-level security policies correctly after inlining a
      set-returning function (Stephen Frost, Tom Lane)

      If a set-returning SQL-language function refers to a table having
      row-level security policies, and it can be inlined into a calling
      query, those RLS policies would not get enforced properly in some
      cases involving re-using a cached plan under a different role. This
      could allow a user to see or modify rows that should have been
      invisible.
      (CVE-2023-2455)

    + Details about these and many further changes can be found at:
      https://www.postgresql.org/docs/14/release-14-8.html

 -- Athos Ribeiro <email address hidden> Tue, 16 May 2023 09:37:37 -0300

Source diff to previous version
2019214 New upstream microreleases 12.15, 14.8, and 15.3
CVE-2023-2454 CREATE SCHEMA ... schema_element defeats protective search_path changes
CVE-2023-2455 Row security policies disregard user ID changes after inlining

Version: 14.7-0ubuntu0.22.04.1 2023-03-02 16:07:07 UTC

  postgresql-14 (14.7-0ubuntu0.22.04.1) jammy-security; urgency=medium

  * New upstream version (LP: #2006406).

    + A dump/restore is not required for those running 14.X.

    + Also, if you are upgrading from a version earlier than 14.4, see
      those release notes as well please.

    + libpq can leak memory contents after GSSAPI transport encryption
      initiation fails (Jacob Champion).
      (CVE-2022-41862)

    + Fix calculation of which GENERATED columns need to be updated in
      child tables during an UPDATE on a partitioned table or inheritance
      tree (Amit Langote, Tom Lane).

    + Details about these and many further changes can be found at:
      https://www.postgresql.org/docs/14/release-14-7.html

 -- Sergio Durigan Junior <email address hidden> Thu, 09 Feb 2023 15:18:50 -0500

Source diff to previous version
2006406 New upstream microreleases 12.14 and 14.7

Version: 14.6-0ubuntu0.22.04.1 2023-01-11 00:07:11 UTC

  postgresql-14 (14.6-0ubuntu0.22.04.1) jammy; urgency=medium

  * New upstream version (LP: #1996770).

    + A dump/restore is not required for those running 14.X.

    + Also, if you are upgrading from a version earlier than 14.4, see
      those release notes as well please.

    + Disallow rules named _RETURN that are not ON SELECT rules (Tom Lane).

    + Fix use-after-free hazard in string comparisons. (Tom Lane)

    + Details about these and many further changes can be found at:
      https://www.postgresql.org/docs/14/release-14-6.html

 -- Athos Ribeiro <email address hidden> Thu, 17 Nov 2022 17:11:29 -0300

Source diff to previous version
1996770 New upstream microreleases 10.23, 12.13 and 14.6

Version: 14.5-0ubuntu0.22.04.1 2022-08-18 20:07:11 UTC

  postgresql-14 (14.5-0ubuntu0.22.04.1) jammy-security; urgency=medium

  * New upstream version (LP: #1984012).

    + A dump/restore is not required for those running 14.X.

    + Also, if you are upgrading from a version earlier than 14.4, see
      those release notes as well please.

    + Do not let extension scripts replace objects not already belonging
      to the extension (Tom Lane).
      (CVE-2022-2625)

    + Do not let extension scripts replace objects not already belonging
      to the extension (Tom Lane).

    + Fix permissions checks in CREATE INDEX (Nathan Bossart,
      Noah Misch).

    + Details about these and many further changes can be found at:
      https://www.postgresql.org/docs/14/release-14-5.html

 -- Sergio Durigan Junior <email address hidden> Mon, 08 Aug 2022 18:15:57 -0400

Source diff to previous version
1984012 New upstream microreleases 10.22, 12.12 and 14.5
CVE-2022-2625 extension scripts replace objects not owned by the extension

Version: 14.4-0ubuntu0.22.04.1 2022-07-05 21:46:48 UTC

  postgresql-14 (14.4-0ubuntu0.22.04.1) jammy; urgency=medium

  * New upstream version (LP: #1978249).

    + A dump/restore is not required for those running 14.X.

    + However, if you have any indexes that were created using the
      CONCURRENTLY option under 14.X, you should re-index them after
      updating. See the upstream changelog linked below for further
      information.

    + Also, if you are upgrading from a version earlier than 14.3, see
      those release notes as well please.

    + Prevent possible corruption of indexes created or rebuilt with the
      CONCURRENTLY option (Álvaro Herrera).

      An optimization added in v14 caused CREATE INDEX ... CONCURRENTLY
      and REINDEX ... CONCURRENTLY to sometimes miss indexing rows that were
      updated during the index build. Revert that optimization. It is
      recommended that any indexes made with the CONCURRENTLY option be
      rebuilt after installing this update. (Alternatively, rebuild them
      without CONCURRENTLY.)

    + Details about these and many further changes can be found at:
      https://www.postgresql.org/docs/14/release-14-4.html

 -- Sergio Durigan Junior <email address hidden> Fri, 17 Jun 2022 12:00:44 -0400

1978249 New upstream microrelease 14.4



About   -   Send Feedback to @ubuntu_updates