Releases: pgaudit/set_user
REL4_1_0
REL4_1_0RC1
This minor version of set_user includes the following changes:
- Add PostgreSQL 17 support.
- Remove support for PostgreSQL < 12.
REL4_0_1
REL4_0_0
This major version of set_user includes the following features:
- Support for PostgreSQL 15
- Previous attempt to support deprecated GUC values surrounding the allowlist/whitelist feature has been removed. The only GUC supported for this now is
allowlist. (#56) - Build with USE_PGXS by default (#69)
- Properly process next object_access_hook (#60)
- Fix server terminated abnormally if executing reset_user() (#58)
REL4_0_0RC1
This major version of set_user includes the following features:
- Support for PostgreSQL 15
- Previous attempt to support deprecated GUC values surrounding the allowlist/whitelist feature has been removed. The only GUC supported for this now is
allowlist. (#56) - Build with USE_PGXS by default (#69)
- Properly process next object_access_hook (#60)
- Fix server terminated abnormally if executing reset_user() (#58)
REL3_0_0
set_session_auth/obj access hook/xact handler/CI
This major version of set_user includes the following features:
- set_session_auth() function for changing the Authorized User
irrevocably. - Compatibility updates for PostgreSQL versions 9.4 - 14
- Introduction of object_access_hook for blocking GUC modification via
set_config()[1] - Introduction of transaction handler to properly handle bailed
set_user() transactions. - Introduction of GitHub Actions to provide testing of PostgreSQL
version 9.4 -14. - Regression test updates.
[1] This Release addresses CVE-2021-41558:
Potential bypass of ProcessUtility_hook using the
set_config()function. This is now blocked using the object access hook.
REL2_0_1
GUC deprecation and RESET logic bugfixes
- Fix GUC deprecation logic to stop printing noisy NOTICEs every time
GUCs are referenced. - Appropriately check for
RESET SESSION AUTHORIZATIONand drop invalid
reference toRESET USER.
This release addresses CVE-2021-38140:
Potential privilege escalation using
RESET SESSION AUTHORIZATIONafterset_user(). This is now blocked along withRESET ROLE.
REL2_0_0: Add support for DESTDIR to Makefile
Release 2.0.0 adds the following features/bugfixes:
- 6934feb 2020-08-26 | Add support for DESTDIR to Makefile (HEAD, origin/master, origin/HEAD) [Nathan Huff]
- 0ebaad0 2020-06-18 | Prepare for v2.0.0 release (master) [Mike Palmiotto]
- 5fb2d3d 2020-06-18 | Replace usage of whitelist with allowlist [Mike Palmiotto]
- a51ce07 2020-06-01 | Make set_user non-relocatable [Mike Palmiotto]
- 2032607 2020-04-29 | Update README to reflect supported versions [Mike Palmiotto]
- 1875f80 2020-04-28 | Use QueryCompletion for builds on master [Mike Palmiotto]
- 19e4eb8 2020-04-28 | Update PostgreSQL compatibility handling [Mike Palmiotto]
- 65590ea 2020-04-07 | Bump copyright to 2020 [Mike Palmiotto]
- 1bad460 2019-06-26 | Add missing include [Brian Faherty]
- 4cde24c 2019-03-12 | Copyright bump in .c file [John K. Harvey]
- 183d067 2019-03-12 | Update Copyright [John K. Harvey]
REL1_6_2
Release 1.6.2 adds the following features/bugfixes:
- 43973d8 2019-02-28 | Update regression tests for 1.6.2 (HEAD, tag: REL1_6_2, origin/master, origin/HEAD) [Mike Palmiotto]
- 1096551 2019-02-27 | Require reset_user() when using set_user() [Yuli Khodorkovskiy]
- bfb8182 2018-11-29 | Fix builds of set_user for PG12 [Yuli Khodorkovskiy]
- c7157eb 2018-09-28 | Add set_user hooks queue [Mike Palmiotto]
- 70b72d0 2018-09-27 | Update set_user hooks doc in README [Mike Palmiotto]
- 3531230 2018-09-27 | Add utility function for registering hooks [Mike Palmiotto]
- 6df909a 2018-08-23 | Use rendezvous variables for set_user post hooks [Mike Palmiotto]
- 4543aec 2018-09-27 | Fix static analysis findings [Mike Palmiotto]
- 0534fb5 2018-06-27 | Fix readme language to be more consistent [Brian Faherty]
- 91cca0f 2018-06-25 | Add whitelist for set_user() target [Brian Faherty]
REL1_6_2-rc
Release candidate with static analysis fixes and new rendezvous hooks.