Ngabe usebenzisa iPostgreSQL? Kufanele ubuyekezele enguqulweni entsha yokulungisa ngokushesha okukhulu

Darkcrizt

Imizuzu ye-4

i-postgreSQL

Muva nje Abathuthukisi bePostgreSQL bamemezele ukukhishwa kokulungiswa kwezinguqulo 9 kuya ku-12 izinhlobo ezintsha zingu-12.2, 11.7, 10.12, 9.6.17, 9.5.21 no-9.4.26. Yikuphi lokhu kugcina (9.4.26) ukuvuselelwa kokugcina okulungiselelwe amagatsha we-9.4. Ngenkathi izibuyekezo zenguqulo 9.5 zizokwakhiwa kuze kube nguFebhuwari 2021, 9.6 kuze kube nguNovemba 2021, PostgreSQL 10 kuze kube nguNovemba 2022, PostgreSQL 11 kuze kube nguNovemba 2023 nePostgreSQL 12 kuze kube nguNovemba 2024.

Ngokukhishwa kwezinguqulo ezintsha zokulungisa Abathuthukisi bakhuluma ngezimbungulu ezingama-75 ezilungisiwe nobungozi obulungisiwe (CVE-2020-1720) ngenxa yokuntuleka kokuqinisekiswa kokugunyazwa lapho kwenziwa umyalo «NGAPHAMBILI… KUYA NGOKWANDISWA».

Mayelana nokuba sengozini

Ezimweni ezithile, ukuba sengozini kuvumela umsebenzisi ongenalungelo lokususa noma yimuphi umsebenzi, inqubo, ukubuka okwenziwe ngokomzimba, inkomba, noma i-trigger. Ukuhlaselwa kungenzeka uma umphathi efake isandiso esithile futhi umsebenzisi angasebenzisa umyalo WOKUDALA noma umnikazi wesandiso angancengwa ukuthi asebenzise umyalo we-DROP EXTENSION.

Futhi, ungabona ukuvela kohlelo olusha lwe-pgcat, oluvumela idatha ukuthi iphindwe phakathi kwamaseva amaningi we-PostgreSQL. Uhlelo lusekela ukuphindaphindeka okunengqondo ngokuhumusha nokuphinda kudlale kwenye indawo yokusingathwa kweskripthi se-SQL esenziwe kuseva enkulu eholela ekuguqulweni kwedatha.

Olunye ushintsho

Olunye ushintsho oluthinta kuphela uhlobo lwe-12 nalo luqokonyisiwe:

  • Ukusekelwa kwanoma yiluphi uhlobo lwamatafula akhonjiwe (ukubukwa, i-fdw (I-Foreign Data Wrapper), amatafula ahlukanisiwe, amatafula e-citus asatshalalisiwe).
  • Amandla wokuchaza kabusha amagama wetafula (ukuphindaphinda kusuka etafuleni elilodwa kuye kwelinye).
  • Ukusekelwa kokuphindaphindeka okwenziwa ngamabhidi amabili ngokudluliswa kwezinguquko zasendaweni kuphela, kunganakwa okuphindaphindwayo okuvela ngaphandle.
  • Ukuba khona kohlelo lokuxazulula izingxabano olususelwa ku-algorithm ye-LWW (last-writer-win).
  • Ikhono lokugcina imininingwane ngenqubekela phambili yokuphindaphindeka nezimpendulo ezingasetshenziswanga etafuleni elihlukile, elingasetshenziswa ukubuyisa ngemuva kokungenzeki okwesikhashana kokutholwa kwenodi.

Y kwezilungiso, okulandelayo kuvela, iningi lazo lithinta inguqulo 12 kepha futhi zikhona kwezinye izinhlobo zangaphambilini:

  • I-bug elungisiwe lapho ifaka izingqinamba zokhiye wangaphandle etafuleni elihlukanisiwe (itafula elihlukaniswe ngamazinga amaningi). Uma lokhu kusebenza sekuvele kusetshenzisiwe, kungaxazululwa ngokufaka futhi ukufaka kabusha ukwahlukanisa okuthintekile, noma ngokulahla nangokwengeza kabusha umkhawulo wokhiye wangaphandle etafuleni lokuqala. Ungathola imininingwane eminingi yokuthi ungazenza kanjani lezi zinyathelo kumadokhumenti e-ALTER TABLE.
  • Inkinga yokusebenza okungaguquki yamatafula ahlukanisiwe owethulwe ngokulungiswa kwe-CVE-2017-7484 okuvumela manje umhleli ukuthi asebenzise izibalo etafuleni lengane kukholamu umsebenzisi akwazi ukufinyelela kuyo etafuleni lomzali lapho umbuzo uqukethe opharetha ovuzayo.
  • Ukulungiswa okunye okuhlukahlukene nezinguquko kumatafula ahlukanisiwe, kufaka phakathi ukunganaki izinkulumo zokhiye zokuhlukanisa ezibuyisa izinhlobo zamanga, njengeRECORD.
  • Lungiselela ababhalisile bokuphindaphindeka okunengqondo ukuze baqalise izingqinamba ze-UPDATE kukholamu ngayinye.
  • Lungisa ukuphahlazeka okuhlukahlukene nokuphahlazeka kwabashicileli abanengqondo nababhalisile.
  • Kuthuthukise ukusebenza kahle kokuphindaphindeka okunengqondo nge-REPLICA IDENTITY FULL.
  • Ukulungiswa okuhlukahlukene kwezinqubo ze-walsender.
  • Ukusebenza kwe-hashes kuyathuthukiswa ngobudlelwano bangaphakathi obukhulu kakhulu.
  • Ukulungiswa okuhlukahlukene kwezinhlelo zombuzo ezifanayo.
  • Ukulungiswa okuningi kwamaphutha wokuhlela umbuzo, kufaka phakathi okukodwa okuthinta ukujoyina komugqa owodwa.
  • Kufakwe izilungiso eziningana ze-MCV ezinwebisa izibalo, kufaka phakathi eyodwa yokulinganisela okungalungile kwezigatshana ze-OR.
  • Kuthuthukise ukusebenza kahle kokuhlangana kwe-hashi okuhambisanayo kuma-CPU anama-cores amaningi.

Uma ufuna ukwazi kabanzi ngokukhishwa kwalezi zinguqulo zokulungisa, ungabheka imininingwane ku- isixhumanisi esilandelayo.

Mayelana nokuvuselelwa enguqulweni entsha yokulungisa ehambelana nenguqulo okuyo, awudingi ukwenza i-pg_upgrade, udinga nje ukuvuselela okubili kokufakwa kwakho.


Shiya umbono wakho

Ikheli lakho le ngeke ishicilelwe. Ezidingekayo ibhalwe nge *

*

*

  1. Ubhekele imininingwane: Miguel Ángel Gatón
  2. Inhloso yedatha: Lawula Ugaxekile, ukuphathwa kwamazwana.
  3. Ukusemthethweni: Imvume yakho
  4. Ukuxhumana kwemininingwane: Imininingwane ngeke idluliselwe kubantu besithathu ngaphandle kwesibopho esisemthethweni.
  5. Isitoreji sedatha: Idatabase ebanjwe yi-Occentus Networks (EU)
  6. Amalungelo: Nganoma yisiphi isikhathi ungakhawulela, uthole futhi ususe imininingwane yakho.