2024.04.4 Release

Docker tag: quay.io/pganalyze/enterprise:v2024.04.4

Notes

  • This is a security patch release on top of 2024.04.0, 2024.04.1, 2024.04.2 and 2024.04.3
    • This release does not have any new database migrations, and is easy to apply (or rollback)
    • If you're upgrading from a release before 2024.04.0, be sure to read those release notes, and follow the recommended upgrade steps
  • We recommend upgrading as soon as possible if you are utilizing SAML authentication in pganalyze
    • Security impact: The resolved CVE-2024-45409 in ruby-saml would have allowed impersonating any member within your pganalyze organization by an internal threat actor with existing access to your SAML application or SAML identity provider (for example escalating from a view-only role to one that allows modifying server configuration in pganalyze)
    • Contact our security team for questions on the security content of this release

Security


Couldn't find what you were looking for or want to talk about something specific?
Start a conversation with us →