Version 12.16.20 v12
Released: 21 Aug 2023
Updated: 30 Aug 2023
Upgrading
After you upgrade to this version of EDB Postgres Advanced Server, you need to run edb_sqlpatch on all your databases to complete the upgrade. This application checks that your databases system objects are up to date with this version. See the EDB SQL Patch documentation for more information on how to deploy this tool.
After applying patches
Users making use of the UTL_MAIL package now require EXECUTE permission on the UTL_SMTP and UTL_TCP packages in addition to EXECUTE permission on UTL_MAIL.
Users making use of the UTL_SMTP package now require EXECUTE permission on the UTL_TCP packages in addition to EXECUTE permission on UTL_SMTP.
EDB Postgres Advanced Server 12.16.20 includes the following enhancements and bug fixes:
| Type | Description | Addresses |
|---|---|---|
| Security fix | EDB Postgres Advanced Server (EPAS) SECURITY DEFINER functions and procedures may be hijacked via search_path. | CVE-2023-41117 |
| Security fix | EDB Postgres Advanced Server (EPAS) dbms_aq helper function may run arbitrary SQL as a superuser. | CVE-2023-41119 |
| Security fix | EDB Postgres Advanced Server (EPAS) permissions bypass via accesshistory() | CVE-2023-41113 |
| Security fix | EDB Postgres Advanced Server (EPAS) UTL_FILE permission bypass | CVE-2023-41118 |
| Security fix | EDB Postgres Advanced Server (EPAS) permission bypass for materialized views | CVE-2023-41116 |
| Security fix | EDB Postgres Advanced Server (EPAS) authenticated users may fetch any URL | CVE-2023-41114 |
| Security fix | EDB Postgres Advanced Server (EPAS) permission bypass for large objects | CVE-2023-41115 |
| Security fix | EDB Postgres Advanced Server (EPAS) DBMS_PROFILER data may be removed without permission | CVE-2023-41120 |
| Bug fix | Allowed subtypes in INDEX BY clause of the packaged collection. | #1371 |
| Bug fix | Fixed %type resolution when pointing to a packaged type field. | #1243 |
| Bug fix | Profile: Fixed upgrade when REUSE constraints were ENABLED/DISABLED. | #92739 |
| Bug fix | Set correct collation for packaged cursor parameters. | #92739 |
| Bug fix | Rolled back autonomous transaction creating pg_temp in case of error. | #91614 |
Addresses
Entries in the Addresses column are either CVE numbers or, if preceded by #, a customer case number.