Instaclustr is pleased to announce the availability of new PostgreSQL minor releases 14.3 and 13.7 on the Instaclustr managed platform.
PostgreSQL is the world’s most advanced open source, object-relational database system, and Instaclustr is a leading provider of open source data solutions, allowing customers to avoid the risks of vendor lock-in and unsupported software. Instaclustr’s PostgreSQL managed platform is open source that’s really open source!
This release includes a security fix and other bug fixes, making this an especially important upgrade for customers running in regulated industries and those with heightened compliance needs. Customers can treat this minor release as a “drop-in” replacement, functionally compatible with the previous minor versions. In particular, the following fixes are especially important for our customers (as well as all Postgres users in general):
- A fix for CVE-2022-1552, which closes a hole in the security sandbox around Autovacuum, CREATE INDEX, REINDEX, REFRESH MATERIALIZED VIEW, CLUSTER , and pg_amcheck, which can be exploited by authenticated users for privilege execution attacks.
- Fix of incorrect rounding when extracting epoch values from interval types and incorrect output for types timestamptz and timetz in table_to_xmlschema() .
- Prevention of data loss and/or index corruption when a system crash occurs shortly after building a sorted GiST index.
- Column names in tuples produced by a whole-row variable (e.g. tbl .*) outside of a top-level of a SELECT list are now always associated with those of the associated named composite type, if there is one. For those who might depend on the old behavior, it is possible to workaround this issue by adding an additional layer of sub-selects.
- This update also contains the data release 2022a for DST law changes in Palestine, plus historical corrections for Chile and Ukraine.
Through community mailing lists, Instaclustr has also been made aware of an issue impacting all PostgreSQL 14.1/14.2/14.3 installs. When REINDEX CONCURRENTLY or CREATE INDEX CONCURRENTLY commands are used a corrupted index may result. We will continue to follow this developing issue and provide updates as they become available. Should a patch be released for the issue, we will release it to our managed platform as soon as practical. If you would like further details on this issue please don’t hesitate to contact our Support team.
In addition to the above items, the release also includes an official End-Of-Life notice for PostgreSQL 10, which will officially go out of support on or near November 10, 2022. Instaclustr customers managing a PostgreSQL 10 cluster who need help planning your Postgres upgrade can contact Instaclustr Support.
As with all PostgreSQL releases, there is much more information available in the official PostgreSQL release notes, as well as in the release notes for each version of the documentation.
For customers wanting to experience a PostgreSQL cluster on the Instaclustr managed platform, you can sign up and create a PostgreSQL cluster with these new versions on a free trial.
For customers who are running PostgreSQL on the managed platform, our Technical Operations team will reach out shortly to schedule a time to upgrade your clusters. If you would like to upgrade sooner, or have any questions, please reach out to our Support team.