parent
f2eaee1528
commit
efdfb19224
|
@ -0,0 +1,59 @@
|
||||||
|
Backport of the upstream commit:
|
||||||
|
https://git.postgresql.org/gitweb/?p=postgresql.git;a=commitdiff;h=2699fc035a75d0774c1f013e9320882287f78adb
|
||||||
|
|
||||||
|
Fix CVE-2023-5869
|
||||||
|
|
||||||
|
diff -ur postgresql-10.23/src/backend/commands/matview.c postgresql-10.23_patch/src/backend/commands/matview.c
|
||||||
|
--- postgresql-10.23/src/backend/commands/matview.c 2022-11-07 22:51:10.000000000 +0100
|
||||||
|
+++ postgresql-10.23_patch/src/backend/commands/matview.c 2024-02-12 21:22:57.000000000 +0100
|
||||||
|
@@ -646,14 +646,35 @@
|
||||||
|
errdetail("Row: %s",
|
||||||
|
SPI_getvalue(SPI_tuptable->vals[0], SPI_tuptable->tupdesc, 1))));
|
||||||
|
}
|
||||||
|
-
|
||||||
|
+ /*
|
||||||
|
+ * Create the temporary "diff" table.
|
||||||
|
+ *
|
||||||
|
+ * Temporarily switch out of the SECURITY_RESTRICTED_OPERATION context,
|
||||||
|
+ * because you cannot create temp tables in SRO context. For extra
|
||||||
|
+ * paranoia, add the composite type column only after switching back to
|
||||||
|
+ * SRO context.
|
||||||
|
+ */
|
||||||
|
SetUserIdAndSecContext(relowner,
|
||||||
|
save_sec_context | SECURITY_LOCAL_USERID_CHANGE);
|
||||||
|
+ resetStringInfo(&querybuf);
|
||||||
|
+ appendStringInfo(&querybuf,
|
||||||
|
+ "CREATE TEMP TABLE %s (tid pg_catalog.tid)",
|
||||||
|
+ diffname);
|
||||||
|
+ if (SPI_exec(querybuf.data, 0) != SPI_OK_UTILITY)
|
||||||
|
+ elog(ERROR, "SPI_exec failed: %s", querybuf.data);
|
||||||
|
+ SetUserIdAndSecContext(relowner,
|
||||||
|
+ save_sec_context | SECURITY_RESTRICTED_OPERATION);
|
||||||
|
+ resetStringInfo(&querybuf);
|
||||||
|
+ appendStringInfo(&querybuf,
|
||||||
|
+ "ALTER TABLE %s ADD COLUMN newdata %s",
|
||||||
|
+ diffname, tempname);
|
||||||
|
+ if (SPI_exec(querybuf.data, 0) != SPI_OK_UTILITY)
|
||||||
|
+ elog(ERROR, "SPI_exec failed: %s", querybuf.data);
|
||||||
|
|
||||||
|
/* Start building the query for creating the diff table. */
|
||||||
|
resetStringInfo(&querybuf);
|
||||||
|
appendStringInfo(&querybuf,
|
||||||
|
- "CREATE TEMP TABLE %s AS "
|
||||||
|
+ "INSERT INTO %s "
|
||||||
|
"SELECT mv.ctid AS tid, newdata.*::%s AS newdata "
|
||||||
|
"FROM %s mv FULL JOIN %s newdata ON (",
|
||||||
|
diffname, tempname, matviewname, tempname);
|
||||||
|
@@ -783,11 +804,9 @@
|
||||||
|
"ORDER BY tid");
|
||||||
|
|
||||||
|
/* Create the temporary "diff" table. */
|
||||||
|
- if (SPI_exec(querybuf.data, 0) != SPI_OK_UTILITY)
|
||||||
|
+ if (SPI_exec(querybuf.data, 0) != SPI_OK_INSERT)
|
||||||
|
elog(ERROR, "SPI_exec failed: %s", querybuf.data);
|
||||||
|
|
||||||
|
- SetUserIdAndSecContext(relowner,
|
||||||
|
- save_sec_context | SECURITY_RESTRICTED_OPERATION);
|
||||||
|
|
||||||
|
/*
|
||||||
|
* We have no further use for data from the "full-data" temp table, but we
|
|
@ -59,7 +59,7 @@ Summary: PostgreSQL client programs
|
||||||
Name: postgresql
|
Name: postgresql
|
||||||
%global majorversion 10
|
%global majorversion 10
|
||||||
Version: %{majorversion}.23
|
Version: %{majorversion}.23
|
||||||
Release: 3%{?dist}
|
Release: 4%{?dist}
|
||||||
|
|
||||||
# The PostgreSQL license is very similar to other MIT licenses, but the OSI
|
# The PostgreSQL license is very similar to other MIT licenses, but the OSI
|
||||||
# recognizes it as an independent license, so we do as well.
|
# recognizes it as an independent license, so we do as well.
|
||||||
|
@ -112,6 +112,7 @@ Patch11: postgresql-10.23-CVE-2023-2454.patch
|
||||||
Patch12: postgresql-10.23-CVE-2023-2455.patch
|
Patch12: postgresql-10.23-CVE-2023-2455.patch
|
||||||
# Fixes CVE-2023-5869
|
# Fixes CVE-2023-5869
|
||||||
Patch13: postgresql-array-overflow.patch
|
Patch13: postgresql-array-overflow.patch
|
||||||
|
Patch14: postgresql-CVE-2024-0985.patch
|
||||||
|
|
||||||
BuildRequires: gcc
|
BuildRequires: gcc
|
||||||
BuildRequires: perl(ExtUtils::MakeMaker) glibc-devel bison flex gawk
|
BuildRequires: perl(ExtUtils::MakeMaker) glibc-devel bison flex gawk
|
||||||
|
@ -374,6 +375,7 @@ benchmarks.
|
||||||
%patch11 -p1
|
%patch11 -p1
|
||||||
%patch12 -p1
|
%patch12 -p1
|
||||||
%patch13 -p1
|
%patch13 -p1
|
||||||
|
%patch14 -p1
|
||||||
|
|
||||||
# We used to run autoconf here, but there's no longer any real need to,
|
# We used to run autoconf here, but there's no longer any real need to,
|
||||||
# since Postgres ships with a reasonably modern configure script.
|
# since Postgres ships with a reasonably modern configure script.
|
||||||
|
@ -1178,7 +1180,11 @@ make -C postgresql-setup-%{setup_version} check
|
||||||
|
|
||||||
|
|
||||||
%changelog
|
%changelog
|
||||||
* Thu Jan 11 2024 Filip Janus <fjanus@redhat.com> - 10.23-3
|
* Mon Feb 12 2024 Filip Janus <fjanus@redhat.cmo> - 10.23-4
|
||||||
|
- Fix CVE-2024-0985
|
||||||
|
- backport upstream commit
|
||||||
|
|
||||||
|
* Fri Dec 01 2023 Dominik Rehák <drehak@redhat.com> - 10.23-3
|
||||||
- Fix: CVE-2023-5869
|
- Fix: CVE-2023-5869
|
||||||
|
|
||||||
* Wed Jul 19 2023 Dominik Rehák <drehak@redhat.com> - 10.23-2
|
* Wed Jul 19 2023 Dominik Rehák <drehak@redhat.com> - 10.23-2
|
||||||
|
|
Loading…
Reference in New Issue