Ngaba uyayisebenzisa iPostgreSQL? Kuya kufuneka uhlaziye kwinguqulelo entsha ngokukhawuleza kangangoko kunokwenzeka

Darkcrizt

Imizuzu ye4

iposi ye-PostgreSQL

Kungekudala Abaphuhlisi bePostgreSQL bakhuphe ukukhutshwa kweenguqulelo ze-9-12 iinguqulelo ezintsha zingu-12.2, 11.7, 10.12, 9.6.17, 9.5.21 no-9.4.26. Ngokuba le yokugqibela (9.4.26) luhlaziyo lokugqibela olulungiselelwe amasebe e-9.4. Ngelixa uhlaziyo lwenguqulo 9.5 luyakwenziwa kude kube nguFebruwari 2021, 9.6 kude kube nguNovemba 2021, PostgreSQL 10 kude kube nguNovemba 2022, PostgreSQL 11 kude kube nguNovemba 2023 kunye nePostgreSQL 12 kude kube nguNovemba 2024.

Ngokukhutshwa kweenguqulelo ezintsha zokulungisa abaphuhlisi bakhankanya i-75 bugs echanekileyo kunye nokuba sesichengeni (CVE-2020-1720) ngenxa yokunqongophala kokuqinisekiswa kogunyaziso xa usenza lo myalelo «NGAPHAMBI…

Malunga nokuba sesichengeni

Kwiimeko ezithile, Ukuba sesichengeni kuvumela umsebenzisi ongenalungelo ukuba asuse nawuphina umsebenzi, inkqubo, umbono obonakalayo, isalathiso, okanye ukuqala. Uhlaselo lunokwenzeka ukuba umlawuli ufake ulwandiso kwaye umsebenzisi angaqhuba i-CREATE command okanye umnini wolwandiso unokucetyiswa ukuba asebenzise i-DROP EXTENSION command.

Kwakhona, ungabona ukubonakala kwesicelo esitsha se-pgcat, esivumela idatha ukuba iphindaphindwe phakathi kweeseva ezininzi zePostgreSQL. Inkqubo ixhasa ukuphindaphinda okunengqiqo ngoguqulelo kunye nokubuyisela kumnye umphathi weskripthi se-SQL esenziwe kwiseva ephambili ekhokelela kutshintsho lwedatha.

Olunye utshintsho

Olunye utshintsho oluchaphazela kuphela uhlobo lwe-12 lukwacacisiwe:

  • Inkxaso yalo naluphi na uhlobo lweetafile ekujoliswe kuzo (iimbono, i-fdw (Isisongeli seDatha yaNgaphandle), iitafile ezinamacandelo, iitafile ze-citus ezihanjisiweyo.
  • Amandla wokuchaza kwakhona amagama etafile (ukuphindaphinda kwitafile enye ukuya kwenye).
  • Inkxaso yokuphindaphindwa kwamacala amabini ngokudluliselwa kweenguqu zalapha ekhaya, ukungahoyi iimpendulo ezivela ngaphandle.
  • Ubukho benkqubo yokusombulula ungquzulwano esekwe kwi-LWW (yokugqibela-umbhali-ophumeleleyo) ialgorithm.
  • Ukukwazi ukugcina ulwazi malunga nenkqubela yokuphindaphindeka kunye neempendulo ezingasetyenziswanga kwitafile eyahlukileyo, enokusetyenziselwa ukubuyisela emva kokungafumaneki okwethutyana kokufumana kwakhona.

Y izilungiso, oku kulandelayo kuyabonakala, uninzi lwazo luchaphazela uguqulelo 12 kodwa bakwakhona nakwezinye iinguqulelo zangaphambili:

  • Ukulungiswa kwe-bug xa kusongezwa izithintelo eziphambili zangaphandle kwitafile eyahluliweyo (aka yamanqanaba amanqanaba etafile). Ukuba lo msebenzi sele usetyenzisiwe, unokusonjululwa ngokufaka kwakhona ulwahlulo oluchaphazelekayo, okanye ngokuwisa nangokongeza kwakhona isithintelo sesitshixo sangaphandle kwitafile yokuqala. Unokufumana ulwazi oluthe kratya malunga nendlela yokwenza la manyathelo kumaxwebhu e-ALTER TABLE.
  • Ukusebenza okungagungqiyo kwitafile ezahlulwe zaziswa ngokulungiswa kwe-CVE-2017-7484 evumela ngoku umcwangcisi ukuba asebenzise amanani-manani kwitafile yomntwana kwikholamu anokuthi umsebenzisi ayifumane kwitafile yomzali xa umbuzo unomphathi ovuzayo.
  • Olunye ulungiso olwahlukeneyo kunye notshintsho kwiitafile ezahluliweyo, kubandakanya ukungakhathaleli ukwahlulahlula amagama aphambili abuyisa iintlobo zobuxoki, ezinje ngeREKODI.
  • Lungiselela ababhalisi abaphindaphindayo abanengqondo ukuze baqhube UKUQHUBA okubangela ikholamu nganye.
  • Lungisa iindlela ezahlukeneyo zengozi kunye nengozi yabapapashi abasengqiqweni kunye nababhalisi.
  • Ukuphuculwa kokusebenza kokuphindaphinda okunengqondo nge-REPLICA IDENTITY FULL.
  • Ulungiso olwahlukeneyo lweenkqubo zewalsender.
  • Ukusebenza kwe-hashes kuphuculwe ngobudlelwane bangaphakathi obukhulu kakhulu.
  • Ulungiso olwahlukeneyo lwezicwangciso zemibuzo efanayo.
  • Ukulungiswa okuphindaphindiweyo kombuzo wokucwangcisa iibhugi, kubandakanya enye echaphazela ukujoyina imiqolo eyodwa.
  • Kubandakanywa ukulungiswa kwamanyathelo okwandiswa kwe-MCV, kubandakanya elinye lokuqikelela okungachanekanga kwamagatya OKANYE.
  • Ukuphuculwa kokusebenza kwendibaniselwano ye-hash efanayo kwii-CPUs kunye ne-cores ezininzi.

Ukuba ufuna ukwazi ngakumbi malunga nokukhutshwa kwezi nguqulelo, ungajonga iinkcukacha kwi eli khonkco lilandelayo.

Malunga nokuhlaziywa kwinguqulelo entsha yokulungisa ehambelana nohlobo okulo, awudingi ukwenza pg_upgrade, Kufuneka uhlaziye nje ibinaries yofakelo lwakho.


Shiya uluvo lwakho

Idilesi yakho ye email aziyi kupapashwa. ezidingekayo ziphawulwe *

*

*

  1. Uxanduva lwedatha: UMiguel Ángel Gatón
  2. Injongo yedatha: Ulawulo lwe-SPAM, ulawulo lwezimvo.
  3. Umthetho: Imvume yakho
  4. Unxibelelwano lwedatha: Idatha ayizukuhanjiswa kubantu besithathu ngaphandle koxanduva lomthetho.
  5. Ukugcinwa kweenkcukacha
  6. Amalungelo: Ngalo naliphi na ixesha unganciphisa, uphinde uphinde ucime ulwazi lwakho.