Crunchy Postgres for Kubernetes 5.5.x Release notes
Release notes for each of the 5.5.x releases.
Component versions
| Crunchy Postgres for Kubernetes | Postgres | pgBackRest | pgbouncer | Patroni | pgadmin |
|---|---|---|---|---|---|
| 5.5.10 | 16.9 | 2.54.2 | 1.24 | 4.0.4 | 4.30, 9.2 |
| 5.5.9 | 16.8 | 2.54.2 | 1.24 | 4.0.4 | 4.30, 9.2 |
| 5.5.8 | 16.8 | 2.54.1 | 1.23 | 4.0.4 | 4.30, 8.14 |
| 5.5.7 | 16.6 | 2.54.1 | 1.23 | 4.0.4 | 4.30, 8.14 |
| 5.5.6 | 16.6 | 2.54.0 | 1.23 | 3.3.5 | 4.30, 8.14 |
| 5.5.5 | 16.6 | 2.53.1 | 1.23 | 3.3.4 | 4.30, 8.12 |
| 5.5.4 | 16.4 | 2.53.1 | 1.23 | 3.3.3 | 4.30, 8.12 |
| 5.5.3 | 16.4 | 2.52.1 | 1.22 | 3.1.2 | 4.30, 8.10 |
| 5.5.2 | 16.3 | 2.51 | 1.22 | 3.1.2 | 4.30, 8.6 |
| 5.5.1 | 16.2 | 2.49 | 1.21 | 3.1.2 | 4.30, 7.8 |
| 5.5.0 | 16.1 | 2.47 | 1.21 | 3.1.1 | 4.30, 7.8 |
Postgres extension versions
| Crunchy Postgres for Kubernetes | PostGIS | pgRouting | pgaudit | pg_cron | pg_partman | pgnodemx | set_user | wal2json | TimescaleDB | orafce | pgvector |
|---|---|---|---|---|---|---|---|---|---|---|---|
| 5.5.10 | 3.0.11 (earliest) 3.4.4 (latest) | 3.0.6 (earliest) 3.4.2 (latest) | 1.5.2 (earliest) 17.0 (latest) | 1.6.5 | 5.2.4 | 1.7 | 4.1.0 | 2.6 | 2.19.3 | 4.14.2 | 0.8.0 |
| 5.5.9 | 3.0.11 (earliest) 3.4.4 (latest) | 3.0.6 (earliest) 3.4.2 (latest) | 1.5.2 (earliest) 17.0 (latest) | 1.6.5 | 5.2.4 | 1.7 | 4.1.0 | 2.6 | 2.18.2 | 4.14.0 | 0.8.0 |
| 5.5.8 | 3.0.11 (earliest) 3.4.4 (latest) | 3.0.6 (earliest) 3.4.2 (latest) | 1.5.2 (earliest) 17.0 (latest) | 1.6.5 | 5.2.4 | 1.7 | 4.1.0 | 2.6 | 2.17.2 | 4.14.0 | 0.8.0 |
| 5.5.7 | 3.0.11 (earliest) 3.4.4 (latest) | 3.0.6 (earliest) 3.4.2 (latest) | 1.5.2 (earliest) 17.0 (latest) | 1.6.5 | 5.2.2 | 1.7 | 4.1.0 | 2.6 | 2.17.2 | 4.14.0 | 0.8.0 |
| 5.5.6 | 3.0.11 (earliest) 3.4.3(latest) | 2.6.3 (earliest) 3.4.2 (latest) | 1.4.3 (earliest) 16.0 (latest) | 1.6.4 | 5.1.0 | 1.7 | 4.1.0 | 2.6 | 2.17.2 | 4.14.0 | 0.8.0 |
| 5.5.5 | 2.5.11 (earliest) 3.4.3(latest) | 2.6.3 (earliest) 3.4.2 (latest) | 1.4.3 (earliest) 16.0 (latest) | 1.6.4 | 5.1.0 | 1.7 | 4.1.0 | 2.6 | 2.17.0 | 4.10.3 | 0.7.4 |
| 5.5.4 | 2.5.11 (earliest) 3.4.3(latest) | 2.6.3 (earliest) 3.4.2 (latest) | 1.4.3 (earliest) 16.0 (latest) | 1.6.4 | 5.1.0 | 1.7 | 4.1.0 | 2.6 | 2.17.0 | 4.10.3 | 0.7.4 |
| 5.5.3 | 2.5.11 (earliest) 3.4.2 (latest) | 2.6.3 (earliest) 3.4.2 (latest) | 1.4.3 (earliest) 16.0 (latest) | 1.6.2 | 5.1.0 | 1.6 | 4.0.1 | 2.5 | 2.15.3 | 4.10.3 | 0.7.3 |
| 5.5.2 | 2.5.11 (earliest) 3.4.2 (latest) | 2.6.3 (earliest) 3.4.2 (latest) | 1.4.3 (earliest) 16.0 (latest) | 1.6.2 | 5.1.0 | 1.6 | 4.0.1 | 2.5 | 2.14.2 | 4.9.4 | 0.7.0 |
| 5.5.1 | 2.5.9 (earliest) 3.4.0 (latest) | 2.6.3 (earliest) 3.4.2 (latest) | 1.4.3 (earliest) 16.0 (latest) | 1.6.2 | 5.0.1 | 1.6 | 4.0.1 | 2.5 | 2.13.0 | 4.9.1 | 0.6.0 |
| 5.5.0 | 2.4.10 (earliest) 3.4.0 (latest) | 2.6.3 (earliest) 3.4.2 (latest) | 1.3.4 (earliest) 16.0 (latest) | 1.6.0 | 5.0.0 | 1.6 | 4.0.1 | 2.5 | 2.12.2 | 4.7.0 | 0.5.1 |
A bold version number indicates that the component version was updated in latest release.
5.5.10
Changes
- PostgreSQL versions 17.5, 16.9, 15.13, 14.18 and 13.21 are now available.
- The pgBouncer is now at version 1.24.1.
- The Citus 13.0.3 is now available for Postgres 15, 16 and 17.
- The orafce is now at version 4.14.2.
- The pg_parquet 0.4.0 extenion is now available.
- The Timescaledb extension is at version 2.19.3 for PG 17, 16, 15, and 14.
Fixes
- PostgresCluster now allows the
--target-timelinerestore option
5.5.9
Breaking Changes
- Component images are now tagged with a consistent suffix. Images with the same suffix are compatible with each other. See the Container Tags section of the documentation for more details.
Changes
- Postgres Exporter is now at 0.17.1.
- pgAdmin is now at version 9.2.
- The Timescaledb extension is at version 2.18.2 for PG 17, 16, 15, and 14.
5.5.8
Changes
- PostgreSQL versions 16.8, 15.12, 14.17 and 13.20 are now available.
- Citus 13.0.0 is now available for Postgres 14, 15, 16 and 17.
- pg_partman is now at version 5.2.4 for PG 17, 16, 15 and 14.
- The hypopg 1.4.1 extenion is now available.
- The pg_jobmon 1.4.1 extenion is now available.
- The pg_parquet 0.2.0 extenion is now available.
Fixes
- When a backup schedule is removed the associated CronJob is now deleted.
5.5.7
Changes
- Tolerate broken replication while configuring PostgreSQL.
- Patroni is now at version 4.0.4.
- pgBackRest is now at version 2.54.1.
- Postgres Exporter is now at 0.16.0.
- The pg_cron extension is now at version 1.6.5.
- pg_partman is now at version 5.2.2 for PG 17, 16, 15 and 14.
5.5.6
Changes
- Continue when Postgres restore intentionally exits early multiple times
- Patroni is now at version 3.3.5.
- pgBackrest is now at version 2.54.0.
- pgAdmin is now at version 8.14.
- orafce is now at version 4.14.0.
- pgvector is now at version 0.8.0.
- The Timescaledb extension is at version 2.17.2 for PG 17, 16, 15, and 14.
5.5.5
Features
- The operator emits a warning event when a
postgresclusteris using a major version of Postgres that is no longer receiving updates
Changes
- PostgreSQL versions 16.6, 15.10, 14.15, 13.18, and 12.22 are now available.
- Patroni is now at version 3.3.4.
5.5.4
Features
- You can now easily enable or disable CPK feature gates via values.yaml settings when installing CPK via Helm. Contributed by Daniel Holmes (@jaitaiwan)
Changes
- PostGIS version 3.4.3 is now available.
- Patroni is now at version 3.3.3.
- pgBackrest is now at version 2.53.1.
- pgBouncer is now at version 1.23.1.
- pgMonitor is now at version 5.1.1.
- pgAdmin is now at version 8.12.
- The pg_cron extension is now at version 1.6.4.
- The pgvector extension is now at version 0.7.4.
- The pgnodemx extension is now at version 1.7.
- The TimescaleDB extension is at version 2.17.0 for PG 17, 16, 15, and 14.
- pgAdmin and pgBackRest images have
taras required by thekubectl cpcommand.
Fixes
- Standalone pgAdmin failed in certain ARM environments
5.5.3
Changes
- PostgreSQL versions 16.4, 15.8, 14.13, 13.16, and 12.20 are now available.
- The pgvector extension is now at version 0.7.3.
- The orafce extension is now at version 4.10.3.
- The TimescaleDB extension is at version 2.15.3 for PG 16, 15, and 14.
- When migrating from Timescale DB 2.14.x you must run this SQL script after you run
ALTER EXTENSION. For more details, see the following pull request #6797.
- When migrating from Timescale DB 2.14.x you must run this SQL script after you run
5.5.2
Features
- Warn when a
PASSWORDoption is included inspec.users.options. - pgAdmin v8 is now supported by the Namespace-Scoped PGAdmin API.
Changes
- PostgreSQL versions 16.3, 15.7, 14.12, 13.15, and 12.19 are now available.
- PostGIS versions 3.4.2, 3.3.6, 3.2.7, 3.1.11, 3.0.11, and 2.5.11 are now available.
- pgAdmin v8.6 is now available.
- pgBackRest is now at version 2.51.
- pgBouncer is now at version 1.22.1.
- The orafce extension is now at version 4.9.4.
- The pg_partman extension is now at version 5.1.0 for PG 16, 15 and 14.
- The pgvector extension is now at version 0.7.0.
- The TimescaleDB extension is now at version 2.14.2 for PG 16, 15, 14, and 13.
- The
postgres-operatorimage now uses UBI Minimal.
Notable Security Fixes
Crunchy PostgreSQL 16.3-0, 15.7-0, and 14.12-0 include:
-
Restrict visibility of
pg_stats_extandpg_stats_ext_exprsentries to the table owner.These views failed to hide statistics for expressions that involve columns the accessing user does not have permission to read. View columns such as
most_common_valsmight expose security-relevant data. The potential interactions here are not fully clear, so in the interest of erring on the side of safety, make rows in these views visible only to the owner of the associated table.By itself, this fix will only fix the behavior in newly initdb'd database clusters. If you wish to apply this change in an existing cluster, you will need to do the following:
-
Find the SQL script
fix-CVE-2024-4317.sqlin the share directory of the PostgreSQL installation. In Crunchy Data's PostgreSQL 16 RPM packages, the script can be found in folder/usr/pgsql-16/share/after installing thepostgresql16-serverRPM. Be sure to use the script appropriate to your PostgreSQL major version. If you do not see this file, either your version is not vulnerable (only v14-v16 are affected) or your minor version is too old to have the fix. -
In each database of the cluster, run the
fix-CVE-2024-4317.sqlscript as superuser. In psql this would look like\i /usr/pgsql-16/share/fix-CVE-2024-4317.sql(adjust the file path as appropriate). Any error probably indicates that you've used the wrong script version. It will not hurt to run the script more than once.
-
Do not forget to include the
template0andtemplate1databases, or the vulnerability will still exist in databases you create later. To fixtemplate0, you'll need to temporarily make it accept connections. Do that with:ALTER DATABASE template0 WITH ALLOW_CONNECTIONS true;and then after fixing
template0, undo it withALTER DATABASE template0 WITH ALLOW_CONNECTIONS false;
-
5.5.1
Fixes
- Only load
datasource.pgbackrest.configurationwhen performing a cloud based restore. - Queue an event based on instance Patroni ‘master’ role change
- The pgAdmin controller now owns any objects it creates
- pgAdmin can now be accessed from Kubernetes networks by default
- Allow numeric characters in pgAdmin config settings. Contributed by Roman Gherta (@rgherta).
Changes
- PostgreSQL versions 16.2, 15.6, 14.11, 13.14, and 12.18 are now available.
- pgBackRest is now at version 2.49.
- patroni is now at version 3.1.2.
- pgMonitor is now at version 4.11.
- The orafce extension is now at version 4.9.1.
- The pg_cron extension is now at version 1.6.2.
- The pg_partman extension is now at version 5.0.1 for PG 16, 15 and 14.
- The pgvector extension is now at version 0.6.0.
- The TimescaleDB extension is now available for PG 16. The extension is at version 2.13.0 for PG 16, 15, 14, and 13.
5.5.0
Features
- The monitoring stack has undergone a number of significant improvements in 5.5, including:
- Transitioning the
crunchy-postgres-exporterimage into a component container, thereby decoupling it from thepostgres-operator. - The ability to append custom exporter queries to the default queries provided by Crunchy Postgres for Kubernetes.
- You can now monitor your standby clusters by editing the
ccp_monitoringpassword. - Postgres 16 support!
- Transitioning the
- We added a new API for pgAdmin 4, which allows you to create a single pgAdmin 4 to manage multiple clusters in a namespace! This new API also comes with a new image containing the latest version of pgAdmin 4.
Changes
- When specified, the
citusextension is loaded before othershared_preload_libraries. - You can reduce metrics to those provided by pgMonitor by setting the
postgres-operator.crunchydata.com/postgres-exporter-collectorsannotation toNone. - PostgreSQL versions 16.1, 15.5, 14.10, 13.13, 12.17, and 11.22 are now available.
- As of February, 2023, public builds will offer the latest PG 16 and 15.
- pgBouncer is now at version 1.21.0.
- The orafce extension is now at version 4.7.0.
- The pg_partman extension is now at version 5.0.0 for PG 16, 15 and 14.
- The pgAudit16 extension is now at version 16.0.
- The pgvector extension is now at version 0.5.1.
- The TimescaleDB extension now at version 2.12.2 for PG 15, 14 and 13, version 2.11.2 for PG 12 and version 2.3.1 for PG 11.
- DNS names for the replica service have been added to the certificates generated for the PostgresCluster to facilitate TLS connections between pgBouncer and read replicas. Contributed by Scott Zelenka (@szelenka)