Eymoutiers, France, Februrary 11th, 2026
Dalibo publishes PostgreSQL Anonymizer 3.0, a new major version of
our privacy by design extension.
PostgreSQL Anonymizer is an extension that hides or replaces personally
identifiable information (PII) or commercially sensitive data from a PostgreSQL
database.
The extension offers 6 different masking strategies:
Each strategy is complemented by an enhanced suite of Masking Functions, including advanced techniques such as: Substitution, Randomization, Faking, Pseudonymization, Partial Scrambling, Shuffling, Noise Addition and Generalization.
The extension can be installed with Debian and RPM packages, an Ansible role, a Docker image, etc. You can use it on most major DBaaS providers including : Alibaba Cloud, Crunchy Bridge, Google Cloud SQL, IBM Cloud, Microsoft Azure Database, Neon, Yandex.
It is also available on some Postgres forks such as EDB Advanced Postgres, Greenplum and Yugabyte.
See the INSTALL section of the documentation for more details!
For a large database, static masking can be a time-consuming operation. To improve performance, the extension supports parallel static masking using PostgreSQL background workers.
Instead of using anon.anonymize_database(), you can use the parallel version:
sql
SELECT anon.anonymize_database_parallel(4);
The parameter specifies the number of parallel workers to use. The function will:
This feature was added by Pierre-Marie Petit.
When a masking policy contains a lot of rules, it can be difficult to maintain them as a long list of Security Labels. To simplify thinks and help automating the management of masking rules, rules can now be imported and exported in JSON format via the functions :
anon.export_current_database_rules(policy text DEFAULT 'anon')anon.export_roles_rules(policy text DEFAULT 'anon')anon.import_database_rules(database_rules jsonb, policy text DEFAULT 'anon')anon.import_roles_rules(role_rules jsonb, policy text DEFAULT 'anon'Since roles are instance wide objects they must be managed separately.
This feature was contributed by Benoit Lobréau.
Version 3.0 includes fixes for 2 critical vulnerabilities allowing users to gain superuser privileges under certain circumstances. The risk is very high on PostgreSQL 14 and on instances upgraded from PostgreSQL 14 and earlier.
All users should upgrade the extension to version 3.0 as soon as possible.
If a quick upgrade is not possible, the workaround below can mitigate the risk:
REVOKE CREATE ON SCHEMA public FROM PUBLIC;
DROP FUNCTION anon.get_tablesample_ratio(OID);
For more details see issue 616 (CVE-2026-2360) and issue 617 (CVE-2026-2361).
This major comes with a series of breaking changes, in particular:
anon.pg_masking_rules view is replaced by anon.{all|sys|user}_rulesFor upgrade instructions, please refer to the UPGRADE section in the documentation.
This release also includes code, bugfixes, documentation, code reviews and ideas from Pierre-Marie Petit, Benoit Lobréau, Robin Portigliatti, Ludovic Gilbon and other contributors.
We would like to thanks the people at Efluid who helped us with their ideas, comments and testing.
And also special thanks to the PGRX team for their amazing work!
PostgreSQL Anonymizer is part of the Dalibo Labs initiative. It is mainly developed by Damien Clochard.
This is an open project, contributions are welcome. We need your feedback and ideas! Let us know what you think of this tool, how it fits your needs and what features are missing.
If you want to help, you can find a list of Junior Jobs.