Addressed issues

  • (FIELD-6364) Fixed an issue wherein the --enable-pprof flag did not function as expected.

  • (FIELD-6330) Fixed an issue wherein a specific corner case could incorrectly produce a nil pointer error in the dtr-api container.

  • (FIELD-2238) Fixed an issue wherein pushing an image to an immutable registry resulted in an uninformative error message.


    FIELD-2238 was appended to these release notes on 2023-09-28.

Security information

  • Resolved CVEs, as detailed:



    Problem details from upstream



    In the extension script, a SQL Injection vulnerability was found in PostgreSQL if it uses @extowner@, @extschema@, or @extschema:...@ inside a quoting construct (dollar quoting, '', or ""). If an administrator has installed files of a vulnerable, trusted, non-bundled extension, an attacker with database-level CREATE privilege can execute arbitrary code as the bootstrap superuser.