Issues
- Use different keys/IV for forksPG-1510
- Add a DROP EXTENSION checkPG-1509
- Incorrect state of new encrypted files when ALTERing mixed encrypted/not encrypted inherited tablesPG-1508
- ALTER TYPE not handled in TDE event triggerPG-1507
- Add a separate param for passing client certificate while adding KMIP providerPG-1506
- Feature: pg_tde currently validates the connection and provider only when adding a key. Instead, it should perform validation when a new provider is added.PG-1505Resolved issue: PG-1505
- Partitions of `tde_heap` tables do not inherit their encryption status properlyPG-1504
- src/test/regress/expected/create_schema fails with tde_heap on PSP.PG-1501
- ARM Rocky 8 - pg_tde TAP test cases failing/existing due to 'Cannot allocate memory'.PG-1500Resolved issue: PG-1500naeem.akhter
- Enhance Encryption Metadata Visibility in pg_tdePG-1499
- WAL encryption GA
PG-1497 - Alter type causes encrypted tables to become decrypted.PG-1496Resolved issue: PG-1496shahidullah.khan
- An encrypted table decrypt when VACUUM(FULL) rewrite an encrypted table and index decrypted with REINDEX index CONCURRENTLYPG-1494Resolved issue: PG-1494shahidullah.khan
- Improve catalog checking code in smgr handlerPG-1492
- A segmentation fault occurs on replica node during recovery process during streaming replication even wal_encryption is offPG-1490Resolved issue: PG-1490shahidullah.khan
- Replica fails replicating keyring and keys creationPG-1489Resolved issue: PG-1489mohit.joshi
- Fsync file name when changing _dat filesPG-1487
- Add arm64 CI jobsPG-1486Artem Gavrilov
- Invalid magic number in WAL on standby server and replication stops when performing streaming replication with wal_encryption=onPG-1485
- Add test case for pg_tde version check.PG-1484Resolved issue: PG-1484naeem.akhter
- ARM64: Segmentation Fault occurs on replica nodes during replication when alter table encryption/decryption on server nodes during streaming replicationPG-1483Resolved issue: PG-1483shahidullah.khan
- Automate and add an GH action to have integration with Codecov.PG-1482naeem.akhter
- Check code coverage status for builtin test suite of pg_tde.PG-1481Resolved issue: PG-1481naeem.akhter
- Principal key WAL records are written after principal key is already modifiedPG-1478
- Redact sensitive information from key provider information functionsPG-1477
- User shouldn't allow to list/view Global keys info and Global key providers, If he granted local_key_management_to_role.PG-1475
- principal key get corrupted when try to create multiple type provider in a database and then try to set_principal key with same old namePG-1474Resolved issue: PG-1474shahidullah.khan
- Phase - Project implementationPG-1472Diego Fronza
- Phase 2 - Project Plan: design and architecture.PG-1471Diego Fronza
- Phase 1 - ResearchPG-1470Resolved issue: PG-1470Diego Fronza
- Develop and integrate an automatic coredump collection mechanism into PostgreSQLPG-1469Diego Fronza
- Add clang based github CI actionsPG-1467Artem Gavrilov
- Setup valgrind CI actionPG-1466Artem Gavrilov
- Setup ubsan/asan github actionsPG-1465Artem Gavrilov
- Integrate the clang static analyzer for pg_tdePG-1464Artem Gavrilov
- WAL zero blocks should be encryption awarePG-1463
- Base WAL encryption core changes on Unified file APIPG-1462
- Random IV start for WAL keysPG-1461Resolved issue: PG-1461
- Rotate WAL internal key on server startPG-1460
- Wrong username and datname in ps_stat_monitorPG-1459
- Add missing `pg_tde_default_principal_key_info` functionPG-1458Artem Gavrilov
- Rename key management functionsPG-1457Artem Gavrilov
- wal_encryption is not working with KMIP serverPG-1456
- Add random base numbers to encryption IVsPG-1455andreas.karlsson
- 'pg_tde_change_key_provider' binary is missing in nightly Debian packagesPG-1454Resolved issue: PG-1454naeem.akhter
- Wrong command type for queriesPG-1453Artem Gavrilov
- pg_tde_change_key_provider binary has '[-D <datadir>]' option is optional but it don't consider it even environment variable PGDATA is availablePG-1452
- Once the encrypted table fails due to "Error: failed to retrieve principal key", then this message keep coming even user try to create table using heap methodPG-1451Resolved issue: PG-1451shahidullah.khan
- pg_tde_delete_key_provider is not working for 2nd/3rd timePG-1450Resolved issue: PG-1450shahidullah.khan
- Refactoring and simplifying internal key storagePG-1449Resolved issue: PG-1449
50 of
Use different keys/IV for forks
General
Escalation
General
Escalation
Description
Environment
None
Details
Assignee
UnassignedUnassignedReporter
Zsolt ParragiZsolt ParragiNeeds QA
YesPriority
Critical
Details
Details
Assignee
Unassigned
UnassignedReporter
Zsolt Parragi
Zsolt Parragi
Needs QA
Yes
Priority
CriticalSmart Checklist
Smart Checklist
Smart Checklist
Created 2 days ago
Updated 2 days ago
Activity
Show:
After we are encrypting the fsm and visibility map, but we are using the same key as for the main relation. This is extremely unsafe, as the fsm is mostly zeros, we are basically writing the stream required to decrypt the main fork into disk.