Skip to content

Commit

Permalink
Added CVEs to EPAS and PGE releases
Browse files Browse the repository at this point in the history
  • Loading branch information
@gvasquezvargas
gvasquezvargas committed Dec 9, 2024
1 parent 2b03998 commit df5aa4e
Show file tree
Hide file tree
Showing 11 changed files with 102 additions and 67 deletions.
18 changes: 10 additions & 8 deletions product_docs/docs/epas/12/epas_rel_notes/epas12_22_00_rel_notes.mdx
View file
Original file line number Diff line number Diff line change
Expand Up @@ -5,12 +5,14 @@ navTitle: "Version 12.22.00"

Released: 21 Nov 2024

EDB Postgres Advanced Server 12.21.26 includes the following enhancements and bug fixes:
EDB Postgres Advanced Server 12.22 includes the following enhancements and bug fixes:

| Type | Description | Addresses                |
|----------------|-----------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------|-----------------------------------------------------------------------------------------------------|
| Upstream merge | Merged with community PostgreSQL 12.22. This release includes a fix for [CVE-2024-10978](https://www.postgresql.org/support/security/CVE-2024-10978/). See the [PostgreSQL 12.22 Release Notes](https://www.postgresql.org/docs/release/12.22/) for more information. | [CVE-2024-10978](https://www.postgresql.org/support/security/CVE-2024-10978/) |
| Bug fix | Fixed an issue for Auditing. With `edb_audit`, now you can audit the initial connection process or authentication messages as well. | #39540 |
| Bug fix | Fixed an issue for EDB*Loader. Now the `negative bitmapset member not allowed` error is resolved for partitioned tables. | #39562 |
| Bug fix | Fixed an issue for `Oracle Proc*c`and `ecpg with PROC` . Corrected the macro definition in `sqlda-proc.h` to fix the compilation errors when used. | #40573 |
| Bug fix | Fixed an issue for replication. Now the login of locked account on the physical replica is not allowed. | |
| Type | Description | Addresses                |
|-------------------|-----------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------|------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------|
| Upstream merge | Merged with community PostgreSQL 12.22. See the [PostgreSQL 12.22 Release Notes](https://www.postgresql.org/docs/release/12.22/) for more information. | |
| Bug fix | Fixed an issue for Auditing. With `edb_audit`, now you can audit the initial connection process or authentication messages as well. | #39540 |
| Bug fix | Fixed an issue for EDB*Loader. Now the `negative bitmapset member not allowed` error is resolved for partitioned tables. | #39562 |
| Bug fix | Fixed an issue for `Oracle Proc*c`and `ecpg with PROC` . Corrected the macro definition in `sqlda-proc.h` to fix the compilation errors when used. | #40573 |
| Bug fix | Fixed an issue for replication. Now the login of locked account on the physical replica is not allowed. | |
| Security&nbsp;fix | This release includes the fixes that were incorporated in [12.21](https://www.postgresql.org/docs/release/12.21/): <br/> [CVE-2024-10976](https://www.postgresql.org/support/security/CVE-2024-10976/), [CVE-2024-10977](https://www.postgresql.org/support/security/CVE-2024-10977/), [CVE-2024-10978](https://www.postgresql.org/support/security/CVE-2024-10978/), [CVE-2024-10979](https://www.postgresql.org/support/security/CVE-2024-10979/) | [CVE-2024-10976](https://www.postgresql.org/support/security/CVE-2024-10976/) <br/> [CVE-2024-10977](https://www.postgresql.org/support/security/CVE-2024-10977/) <br/> [CVE-2024-10978](https://www.postgresql.org/support/security/CVE-2024-10978/) <br/> [CVE-2024-10979](https://www.postgresql.org/support/security/CVE-2024-10979/) for #43051 |
| Security&nbsp;fix | This release includes a remediation to issues caused by the 12.21 fix to [CVE-2024-10978](https://www.postgresql.org/support/security/CVE-2024-10978/). | [CVE-2024-10978](https://www.postgresql.org/support/security/CVE-2024-10978/) |
16 changes: 9 additions & 7 deletions product_docs/docs/epas/13/epas_rel_notes/epas13_18_00_rel_notes.mdx
View file
Original file line number Diff line number Diff line change
Expand Up @@ -7,10 +7,12 @@ Released: 21 Nov 2024

EDB Postgres Advanced Server 13.18.00 includes the following enhancements and bug fixes:

| Type | Description | Addresses&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp; |
|----------------|-----------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------|-----------------------------------------------------------------------------------------------------|
| Upstream merge | Merged with community PostgreSQL 13.18. This release includes a fix for [CVE-2024-10978](https://www.postgresql.org/support/security/CVE-2024-10978/). See the [PostgreSQL 13.18 Release Notes](https://www.postgresql.org/docs/release/13.18/) for more information. | [CVE-2024-10978](https://www.postgresql.org/support/security/CVE-2024-10978/) |
| Bug&nbsp;fix | Fixed an issue for Auditing. With `edb_audit`, now you can audit the initial connection process or authentication messages as well. | #39540 |
| Bug&nbsp;fix | Fixed an issue for EDB*Loader. Now the `negative bitmapset member not allowed` error is resolved for partitioned tables. | #39562 |
| Bug&nbsp;fix | Fixed an issue for `Oracle Proc*c`and `ecpg with PROC` . Corrected the macro definition in `sqlda-proc.h` to fix the compilation errors when used. | #40573 |
| Bug&nbsp;fix | Fixed an issue for replication. Now the login of locked account on the physical replica is not allowed. | |
| Type | Description | Addresses&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp; |
|-------------------|-----------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------|------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------|
| Upstream merge | Merged with community PostgreSQL 13.18. See the [PostgreSQL 13.18 Release Notes](https://www.postgresql.org/docs/release/13.18/) for more information. | |
| Bug&nbsp;fix | Fixed an issue for Auditing. With `edb_audit`, now you can audit the initial connection process or authentication messages as well. | #39540 |
| Bug&nbsp;fix | Fixed an issue for EDB*Loader. Now the `negative bitmapset member not allowed` error is resolved for partitioned tables. | #39562 |
| Bug&nbsp;fix | Fixed an issue for `Oracle Proc*c`and `ecpg with PROC` . Corrected the macro definition in `sqlda-proc.h` to fix the compilation errors when used. | #40573 |
| Bug&nbsp;fix | Fixed an issue for replication. Now the login of locked account on the physical replica is not allowed. | |
| Security&nbsp;fix | This release includes the fixes that were incorporated in [13.17](https://www.postgresql.org/docs/release/13.17/): <br/> [CVE-2024-10976](https://www.postgresql.org/support/security/CVE-2024-10976/), [CVE-2024-10977](https://www.postgresql.org/support/security/CVE-2024-10977/), [CVE-2024-10978](https://www.postgresql.org/support/security/CVE-2024-10978/), [CVE-2024-10979](https://www.postgresql.org/support/security/CVE-2024-10979/) | [CVE-2024-10976](https://www.postgresql.org/support/security/CVE-2024-10976/) <br/> [CVE-2024-10977](https://www.postgresql.org/support/security/CVE-2024-10977/) <br/> [CVE-2024-10978](https://www.postgresql.org/support/security/CVE-2024-10978/) <br/> [CVE-2024-10979](https://www.postgresql.org/support/security/CVE-2024-10979/) for #43051 |
| Security&nbsp;fix | This release includes a remediation to issues caused by the 13.17 fix to [CVE-2024-10978](https://www.postgresql.org/support/security/CVE-2024-10978/). | [CVE-2024-10978](https://www.postgresql.org/support/security/CVE-2024-10978/) |
Loading

0 comments on commit df5aa4e

Please sign in to comment.