Headline
CVE-2023-31043: EDB Postgres Advanced Server v13 - Version 13.9.13
EnterpriseDB EDB Postgres Advanced Server (EPAS) before 14.6.0 logs unredacted passwords in situations where optional parameters are used with CREATE/ALTER USER/GROUP/ROLE, and redacting was configured with edb_filter_log.redact_password_commands. The fixed versions are 10.23.33, 11.18.29, 12.13.17, 13.9.13, and 14.6.0.
EDB Postgres Advanced Server 13.9.13 includes the following enhancements:
Type
Description
ID
Category
Upstream merge
Merged with community PostgreSQL 13.9.13. See the community Release Notes for details.
Enhancement
Enhance edb_filter_log.redact_password_commands so that passwords used in the CREATE/ALTER ROLE, CREATE/ALTER USER, and CREATE/ALTER GROUP syntax will get redacted when using optional parameters. [Support Ticket: #86366]
DB-1984
Enhancement
Improve an error when you alter the table column dependent on the package variable. [Support Ticket: #85027]
DB-1950