|
35 | 35 |
|
36 | 36 | <listitem> |
37 | 37 | <!-- |
| 38 | +Author: Tom Lane <tgl@sss.pgh.pa.us> |
| 39 | +Branch: master [b9b21acc7] 2022-08-08 11:12:31 -0400 |
| 40 | +Branch: REL_15_STABLE [cc7e0feba] 2022-08-08 11:12:31 -0400 |
| 41 | +Branch: REL_14_STABLE [5721da7e4] 2022-08-08 11:12:31 -0400 |
| 42 | +Branch: REL_13_STABLE [7e92f78ab] 2022-08-08 11:12:31 -0400 |
| 43 | +Branch: REL_12_STABLE [5579726bd] 2022-08-08 11:12:31 -0400 |
| 44 | +Branch: REL_11_STABLE [f52d2fbd8] 2022-08-08 11:12:31 -0400 |
| 45 | +Branch: REL_10_STABLE [5919bb5a5] 2022-08-08 11:12:31 -0400 |
| 46 | +--> |
| 47 | + <para> |
| 48 | + Do not let extension scripts replace objects not already belonging |
| 49 | + to the extension (Tom Lane) |
| 50 | + </para> |
| 51 | + |
| 52 | + <para> |
| 53 | + This change prevents extension scripts from doing <command>CREATE |
| 54 | + OR REPLACE</command> if there is an existing object that does not |
| 55 | + belong to the extension. It also prevents <command>CREATE IF NOT |
| 56 | + EXISTS</command> in the same situation. This prevents a form of |
| 57 | + trojan-horse attack in which a hostile database user could become |
| 58 | + the owner of an extension object and then modify it to compromise |
| 59 | + future uses of the object by other users. As a side benefit, it |
| 60 | + also reduces the risk of accidentally replacing objects one did |
| 61 | + not mean to. |
| 62 | + </para> |
| 63 | + |
| 64 | + <para> |
| 65 | + The <productname>PostgreSQL</productname> Project thanks |
| 66 | + Sven Klemm for reporting this problem. |
| 67 | + (CVE-2022-2625) |
| 68 | + </para> |
| 69 | + </listitem> |
| 70 | + |
| 71 | + <listitem> |
| 72 | +<!-- |
38 | 73 | Author: Alvaro Herrera <alvherre@alvh.no-ip.org> |
39 | 74 | Branch: master [9e4f914b5] 2022-07-28 08:40:06 +0200 |
40 | 75 | Branch: REL_15_STABLE [8348413db] 2022-07-28 08:26:05 +0200 |
|