AWS AmazonRDS high security documentation change
Summary
Added release notes for Aurora PostgreSQL 11.21.12 including security fixes
Security assessment
Explicitly addresses multiple CVEs (CVE-2025-8713 to CVE-2025-12818) and PLv8 vulnerabilities (CVE-2022-1364, CVE-2023-3079). Fixes security issue in routine ownership alteration and race conditions.
Diff
diff --git a/AmazonRDS/latest/AuroraPostgreSQLReleaseNotes/AuroraPostgreSQL.Updates.md b/AmazonRDS/latest/AuroraPostgreSQLReleaseNotes/AuroraPostgreSQL.Updates.md index 75548b4c7..0e845ce46 100644 --- a//AmazonRDS/latest/AuroraPostgreSQLReleaseNotes/AuroraPostgreSQL.Updates.md +++ b//AmazonRDS/latest/AuroraPostgreSQLReleaseNotes/AuroraPostgreSQL.Updates.md @@ -18110,0 +18111,2 @@ This release of Aurora PostgreSQL is compatible with PostgreSQL 11.21. For more + * Aurora PostgreSQL 11.21.12, January 14, 2025 + @@ -18133,0 +18136,49 @@ This release of Aurora PostgreSQL is compatible with PostgreSQL 11.21. For more +#### Aurora PostgreSQL 11.21.12, January 14, 2025 + +**Critical stability enhancements** + + * Fixed an issue where engine minor and patch upgrade takes few seconds longer downtime due to runtime process not exiting gracefully. + + * Fixed an issue related to Optimized Reads-enabled tiered cache functionality that might result in longer recovery times after a failover to Aurora replica instances. + + * Fixed a security issue when altering routine ownership. + + + + +**High priority enhancements** + + * Backported fixes for the following PostgreSQL community security issues: + + * [CVE-2025-8713](https://www.postgresql.org/support/security/CVE-2025-8713/). + +[CVE-2025-8714](https://www.postgresql.org/support/security/CVE-2025-8714/). + +[CVE-2025-8715](https://www.postgresql.org/support/security/CVE-2025-8715/). + +[CVE-2025-12817](https://www.postgresql.org/support/security/CVE-2025-12817/). + +[CVE-2025-12818](https://www.postgresql.org/support/security/CVE-2025-12818/). + + * Backported fixes for the following PLv8 extension's V8 Engine security vulnerabilities: + + * [CVE-2022-1364](https://nvd.nist.gov/vuln/detail/CVE-2022-1364). + + * [CVE-2023-3079](https://nvd.nist.gov/vuln/detail/CVE-2023-3079). + + * Fixed a race condition where old writer instance may not step down after a new writer instance is promoted and continues to write. + + + + +**General enhancements** + + * Fixed an issue that could cause unavailability when `apg_plan_mgmt` is enabled. + + * Fixed an issue with parallel heap scans that could lead to index inconsistency on tables larger than 16TiB when synchronize_seqscans is enabled. + + * Fixed an issue with prolonged Serverless v2 scaling. + + + +