--- /dev/null
+The PostgreSQL Global Development Group has released an update to all supported
+versions of PostgreSQL, including 16.1, 15.5, 14.10, 13.13, 12.17, and 11.22
+This release fixes three security vulnerabilities and over 55 bugs and reported
+over the last several months.
+
+This release includes fixes for indexes where in certain cases, we advise
+reindexing. Please see the "Update" section for more details.
+
+This is the **final release of PostgreSQL 11**. PostgreSQL 10 will no longer
+receive
+[security and bug fixes](https://www.postgresql.org/support/versioning/).
+If you are running PostgreSQL 10 in a production environment, we suggest that
+you make plans to upgrade.
+
+For the full list of changes, please review the
+[release notes](https://www.postgresql.org/docs/release/).
+
+PostgreSQL 11 EOL Notice
+------------------------
+
+**This is the final release of PostgreSQL 11**. PostgreSQL 11 is now end-of-life
+and will no longer receive security and bug fixes. If you are
+running PostgreSQL 11 in a production environment, we suggest that you make
+plans to upgrade to a newer, supported version of PostgreSQL. Please see our
+[versioning policy](https://www.postgresql.org/support/versioning/) for more
+information.
+
+Security Issues
+---------------
+
+### [CVE-2023-5868](https://www.postgresql.org/support/security/CVE-2023-5868/): Memory disclosure in aggregate function calls
+
+CVSS v3 Base Score: [4.3](https://nvd.nist.gov/vuln-metrics/cvss/v3-calculator?vector=AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N)
+
+Supported, Vulnerable Versions: 11 - 16. The security team typically does not
+test unsupported versions, but this problem is quite old.
+
+Certain aggregate function calls receiving "unknown"-type arguments could
+disclose bytes of server memory from the end of the "unknown"-type value to the
+next zero byte. One typically gets an "unknown"-type value via a string literal
+having no type designation. We have not confirmed or ruled out viability of
+attacks that arrange for presence of notable, confidential information in
+disclosed bytes.
+
+The PostgreSQL project thanks Jingzhou Fu for reporting this problem.
+
+### [CVE-2023-5869](https://www.postgresql.org/support/security/CVE-2023-5869/): Buffer overrun from integer overflow in array modification
+
+CVSS v3 Base Score: [8.8](https://nvd.nist.gov/vuln-metrics/cvss/v3-calculator?vector=AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H)
+
+Supported, Vulnerable Versions: 11 - 16. The security team typically does not
+test unsupported versions, but this problem is quite old.
+
+While modifying certain SQL array values, missing overflow checks let
+authenticated database users write arbitrary bytes to a memory area that
+facilitates arbitrary code execution. Missing overflow checks also let
+authenticated database users read a wide area of server memory. The
+[CVE-2021-32027](https://www.postgresql.org/support/security/CVE-2021-32027/)
+fix covered some attacks of this description, but it missed others.
+
+The PostgreSQL project thanks Pedro Gallegos for reporting this problem.
+
+### [CVE-2023-5870](https://www.postgresql.org/support/security/CVE-2023-5870/): Role `pg_cancel_backend` can signal certain superuser processes
+
+CVSS v3 Base Score: [2.2](https://nvd.nist.gov/vuln-metrics/cvss/v3-calculator?vector=AV:N/AC:H/PR:H/UI:N/S:U/C:N/I:N/A:L)
+
+Supported, Vulnerable Versions: 11 - 16. The security team typically does not
+test unsupported versions, but this problem is quite old.
+
+Documentation says the `pg_cancel_backend` role cannot signal "a backend owned
+by a superuser". On the contrary, it can signal background workers, including
+the logical replication launcher. It can signal `autovacuum` workers and the
+`autovacuum` launcher. Signaling `autovacuum` workers and those two launchers
+provides no meaningful exploit, so exploiting this vulnerability requires a
+non-core extension with a less-resilient background worker. For example, a
+non-core background worker that does not auto-restart would experience a
+denial of service with respect to that particular background worker.
+
+The PostgreSQL project thanks Hemanth Sandrana and Mahendrakar Srinivasarao
+for reporting this problem.
+
+Bug Fixes and Improvements
+--------------------------
+
+This update fixes over 55 bugs that were reported in the last several months.
+The issues listed below affect PostgreSQL 16. Some of these issues may also
+affect other supported versions of PostgreSQL.
+
+* Fix issue where GiST indexes had an incorrect behavior during a "page split"
+operation that could lead to incorrect results in subsequent index searches.
+Please [reindex](https://www.postgresql.org/docs/current/sql-reindex.html) GiST
+indexes after installing this update.
+* Fix issue where B-tree indexes would incorrectly de-duplicate `interval`
+columns. Please [reindex](https://www.postgresql.org/docs/current/sql-reindex.html)
+any B-tree index that includes an `interval` column after installing this
+update.
+* Provide more efficient indexing of `date`, `timestamptz`, and `timestamp`
+values in BRIN indexes. While not required, we recommend
+[reindexing](https://www.postgresql.org/docs/current/sql-reindex.html) BRIN
+indexes that include these data types after installing this update.
+* Fix for bulk table insertion into partitioned tables.
+* Fix for hash-partitioned tables with multiple partition keys during step
+generation and runtime pruning that could lead to crashes in some cases.
+* Throw the correct error if [`pgrowlocks()`](https://www.postgresql.org/docs/current/pgrowlocks.html) is applied to a partitioned table
+
+* Fix inconsistent rechecking of concurrently-updated rows during
+[`MERGE`](https://www.postgresql.org/docs/current/sql-merge.html) when using
+[`READ COMMITTED`](https://www.postgresql.org/docs/current/transaction-iso.html#XACT-READ-COMMITTED)
+mode.
+* Correctly identify the target table in an inherited `UPDATE`/`DELETE`/`MERGE`
+even when the parent table is excluded by constraints.
+* Fix over-allocation of a constructed [`tsvector`](https://www.postgresql.org/docs/current/datatype-textsearch.html#DATATYPE-TSVECTOR).
+* Fix [`ALTER SUBSCRIPTION`](https://www.postgresql.org/docs/current/sql-altersubscription.html)
+to apply changes in the `run_as_owner` option.
+* Several fixes for [`COPY FROM`](https://www.postgresql.org/docs/current/sql-copy.html),
+* Several fixes for handling torn reads with [`pg_control`](https://www.postgresql.org/docs/current/wal-internals.html).
+* Fix "could not find pathkey item to sort" errors occurring while planning
+aggregate functions with `ORDER BY` or `DISTINCT` options.
+* When [`track_io_timing`](https://www.postgresql.org/docs/current/runtime-config-statistics.html#GUC-TRACK-IO-TIMING)
+is enabled, include the time taken by relation extension operations as write
+time.
+* Track the dependencies of cached [`CALL`](https://www.postgresql.org/docs/current/sql-call.html)
+statements, and re-plan them when needed.
+* Treat out-of-memory failures as `FATAL` while reading WAL.
+* Fix [`pg_dump`](https://www.postgresql.org/docs/current/app-pgdump.html) to
+dump the new `run_as_owner` option of subscriptions.
+* Fix [`pg_restore`](https://www.postgresql.org/docs/current/app-pgrestore.html)
+so that selective restores will include both table-level and column-level ACLs
+for selected tables.
+* Add logic to [`pg_upgrade`](https://www.postgresql.org/docs/current/pgupgrade.html)
+to check for use of obsolete data types `abstime`, `reltime`, and `tinterval`.
+* Fix [`vacuumdb`](https://www.postgresql.org/docs/current/app-vacuumdb.html)
+to have multiple `-N` switches actually exclude tables in multiple schemas.
+* [`amcheck`](https://www.postgresql.org/docs/current/amcheck.html)
+will no longer report interrupted page deletion as corruption.
+* Fix `btree_gin` indexes on `interval` columns to properly return data when
+using the `<` and `<=` operators.
+
+Updating
+--------
+
+All PostgreSQL update releases are cumulative. As with other minor releases,
+users are not required to dump and reload their database or use `pg_upgrade` in
+order to apply this update release; you may simply shutdown PostgreSQL and
+update its binaries.
+
+------
+If you use [BRIN]((https://www.postgresql.org/docs/current/brin-intro.html))
+indexes to look up `NULL` values, you will need to [reindex](https://www.postgresql.org/docs/current/sql-reindex.html)
+them after upgrading to this release. On PostgreSQL 12 and above, you can use
+[`REINDEX CONCURRENTLY`](https://www.postgresql.org/docs/current/sql-reindex.html)
+to avoid blocking writes to the affected index and table, for example:
+
+```
+REINDEX INDEX CONCURRENTLY your_index_name;
+```
+----
+
+Users who have skipped one or more update releases may need to run additional
+post-update steps; please see the release notes from earlier versions for
+details.
+
+For more details, please see the
+[release notes](https://www.postgresql.org/docs/release/).
+
+Links
+-----
+* [Download](https://www.postgresql.org/download/)
+* [Release Notes](https://www.postgresql.org/docs/release/)
+* [Security](https://www.postgresql.org/support/security/)
+* [Versioning Policy](https://www.postgresql.org/support/versioning/)
+* [PostgreSQL 16 Release Announcement](https://www.postgresql.org/about/press/)
+* [Follow @postgresql on Twitter](https://twitter.com/postgresql)
+* [Donate](https://www.postgresql.org/about/donate/)
+
+If you have corrections or suggestions for this release announcement, please
+send them to the _pgsql-www@lists.postgresql.org_ public
+[mailing list](https://www.postgresql.org/list/).
projects / press.git / commitdiff