Quick Links

Broken behavior after minor update CVE-2024-10978

From:	Антон Глушаков <a(dot)glushakov86(at)gmail(dot)com>
To:	pgsql-admin(at)lists(dot)postgresql(dot)org
Subject:	Broken behavior after minor update CVE-2024-10978
Date:	2024-11-18 12:17:26
Message-ID:	CAHnOmac-kzCxxm8OKa31FDJiyHRLgwbcs555_-HdeqhRJ6mEow@mail.gmail.com
Views:	Whole Thread \| Raw Message \| Download mbox \| Resend email
Thread:
Lists:	pgsql-admin

After upgrading to version 14.14, the behavior of roles related to the "set
role" option broke.
We actively use the feature "alter user <username> set role db_role"
in order to automatically change the role context upon login.
But now this behavior has changed, and the context does not change, which
unfortunately breaks all role-based access to data.

If this was an abnormal behavior, is there an alternative way to
automatically change the role context when connecting to the DB?

Responses

Re: Broken behavior after minor update CVE-2024-10978 at 2024-11-19 15:31:28 from David G. Johnston

Browse pgsql-admin by date

	From	Date	Subject
Next Message	Motog Plus	2024-11-18 16:08:31	Guidance Needed for PostgreSQL Upgrade from 12 to 15
Previous Message	Laurenz Albe	2024-11-17 18:18:58	Re: RDS restore failed due to WAL log and disk space-- any tidy fixes?