[pgpool-general: 9202] Pgpool-II 4.5.4, 4.4.9, 4.3.12, 4.2.19 and 4.1.22 are now officially released.
Bo Peng
pengbo at sraoss.co.jp
Mon Sep 9 09:45:00 JST 2024
Pgpool Global Development Group is pleased to announce the
availability of Pgpool-II 4.5.4, 4.4.9, 4.3.12, 4.2.19 and 4.1.22.
This release contains a security fix.
When the query cache feature is enabled, it was possible that
a database user can read rows from tables that should not be
visible for the user through query cache (CVE-2024-45624).
All versions of Pgpool-II older than 4.5.4, 4.4.9, 4.3.12, 4.2.19, 4.1.22,
and all older versions that has the query cache feature (the query cache
feature was implemented in 3.2) are affected by the vulnerability.
It is strongly recommend to upgrade to Pgpool-II 4.5.4, 4.4.9, 4.3.12, 4.2.19 and 4.1.22 or later.
Or you should better turn off the query cache feature.
For more details please see the release notes:
http://www.pgpool.net/docs/latest/en/html/release.html
You can download the source code and RPMs from:
http://pgpool.net/mediawiki/index.php/Downloads
--
Bo Peng <pengbo at sraoss.co.jp>
SRA OSS K.K.
TEL: 03-5979-2701 FAX: 03-5979-2702
URL: https://www.sraoss.co.jp/
More information about the pgpool-general
mailing list