On November 14, 2024 EDB released the following database server versions:
PostgreSQL versions 17.1, 16.5, 15.9, 14.14, 13.17, and 12.21 EDB Postgres Extended Server versions 17.1, 16.5, 15.9, 14.14, 13.17, and 12.21 EDB Postgres Advanced Server versions 16.5, 15.9, 14.14, 13.17, and 12.21
All these servers had two significant regressions that caused us to a plan a re-release of these servers to be available no later than Nov 26, 2024. In addition, we have quarantined the packages for all the servers listed above, so that no further downloads of them can take place.
If you are using any of the above packages, we recommend that you upgrade to the revised releases as soon as possible. If this can’t be done without significant disruption to your business, please contact EDB support.
The first issue is a regression with ‘ALTER ROLE’ and is well described on the Postgres community website here: CVE-2024-10978 . EDB along with the Postgres community view this as an issue that needs to be addressed quickly. Hence the fix will be included in the upcoming maintenance release.
The second issue is described in this Postgres community thread.
The result of the issue reported in this thread is that some existing extensions that were not re-compiled with the latest maintenance releases may cause server crashes. The known EDB supported extensions that are incompatible with these releases are:
- PGD
- pg_squeeze
- pglogical2
- All foreign data wrappers