Skip to content

v0.9.15

Choose a tag to compare

@github-actions github-actions released this 06 Jul 11:21
0ab8e05

What's Changed

Security

  • Improve SQL parameter binding and escaping by @kvch in #965
    • WAL identifier quoting now validates a single complete quoted token instead of trusting leading/trailing ", so a crafted source object name can't break out onto the target.
    • Replication slot CREATE/DROP bind the slot name as a parameter.
    • START_REPLICATION escapes table-filter plugin options and validates the slot name before use.