Skip to content

REL3_0_0
Compare
Choose a tag to compare
@mpalmi mpalmi released this 27 Sep 15:57
REL3_0_0
This tag was signed with the committer’s verified signature.
mpalmi Mike Palmiotto
GPG key ID: 493F2A5C73FBED10
Learn about vigilant mode.
88e2912

set_session_auth/obj access hook/xact handler/CI

This major version of set_user includes the following features:

  • set_session_auth() function for changing the Authorized User
    irrevocably.
  • Compatibility updates for PostgreSQL versions 9.4 - 14
  • Introduction of object_access_hook for blocking GUC modification via set_config() [1]
  • Introduction of transaction handler to properly handle bailed
    set_user() transactions.
  • Introduction of GitHub Actions to provide testing of PostgreSQL
    version 9.4 -14.
  • Regression test updates.

[1] This Release addresses CVE-2021-41558:

Potential bypass of ProcessUtility_hook using the set_config() function. This is now blocked using the object access hook.

Assets 2
Loading