Unlock a world of possibilities! Login now and discover the exclusive benefits awaiting you.
May 31, 2023 5:35:57 AM
May 17, 2023 9:47:49 AM
PostgreSQL has identified two security issues. As Qlik Sense Enterprise on Windows relies on PostgreSQL for its repository, we want to provide you with steps on how to mitigate the vulnerabilities.
CREATE
privilege to execute arbitrary code as the bootstrap superuser. Database owners have that right by default, and explicit grants may extend it to other users.SET ROLE
s. Applying an incorrect policy may permit a user to complete otherwise-forbidden reads and modifications. This affects only databases that have used CREATE POLICY
to define a row security policy.
With the next major Qlik Sense Enterprise on Windows release (August 2023), Qlik will update its bundled PostgreSQL database to the latest 14.x version.
As a mitigation for any previous releases, including May 2023, we offer the Qlik Postgres Installer (QPI) to migrate from 9.6 or 12.5 embedded databases to 14.8. We validated PostgreSQL 14.x for all releases back to February 2022.
Download the Qlik Postgres Installer versions 1.3.0 here.
There are two possible scenarios which may apply to you:
Use the new Qlik Postgres Installer (version 1.3.0) to upgrade to Postgres 14.8 and migrate Postgres with QPI. Follow the instructions in Upgrading Qlik Sense Repository Database using the Qlik PostgreSQL Installer.
Download the Qlik Postgres Installer versions 1.3.0 here.
If you have previously used the Qlik Postgres Installer (version 1.2.1 or earlier), you can simply install the latest PostgreSQL version (within your major release) and install it on top of your current 12.x database.
Steps:
https://www.cybersecurity-help.cz/vdb/SB2023051138
Download PostgreSQL | Enterprisedb.com
Qlik Sense Enterprise on Windows all versions
thank you for this message.
With both scenario, at the end, we do not have Qlik Sense Repository Database service anymore.
as a Scenario 3, will it be possible, to wait untill August 2023 and then, make a backup of certificates and database, unisntall qlik sense, install the brand new version with postgres 14.8 and then restore ?
Or do you think, it will be a better solution, for the future to have postgresql-x64-12 service running ?
Have a good week
Johann
Hello @jchoucq
Qlik is providing you with the means to mitigate the vulnerability identified by Postgre. It is up to you whether you are willing to accept the risks and wait, though we will always recommend doing so as soon as possible. The choice is yours, however.
All the best,
Sonja
Thanks @Sonja_Bauernfeind
I do agree with what you said.
But for my experience, in 2 different environments, QPI failed, and we had to upgrade from 9.6 to 12.50 manually (bakup and restore) with the advantage, however, of keeping the same old configuration, with Qlik Sense Repository Database Service.
For the moment, it won't be possible, until Qlik Sense August 2023 is released.
All the best,
Johann
Thanks would this impact NPrinting in some way too?
Thanks,
Hello @Giovanni_Civardi
Our Qlik NPrinting team is currently actively reviewing this.
All the best,
Sonja
Hi,
in a scenario where we already used QPI to migrate postgresql from 9.6 to 12.5, will it be possible to upgrade to postgresql 14.8 ?
Thanks a lot and have a good day.
Joh
@jchoucq not with the tool, but I will soon have a manual way done for you.
Sounds great to hear, thank you very much @Sebastian_Linser
We followed Scenario 2 (v12.5 to v12.15) and while there were no errors during the upgrade, after finished we could not access Qlik Sense (Feb 2023 SR 5) Hub or QMC. I am planning on submitting a ticket, but first wanted to ask if anyone else has run into this problem?