-
- Enthusiast
- Posts: 43
- Liked: 3 times
- Joined: Jul 11, 2022 6:59 am
- Contact:
Upgrading Bundled PostgreSQL for security reasons
Hello,
during Upgrade to latest 12.2 our service contractor switched from MS-Express to the bundled PostgreSQL 15.8-1.
Now some security updates were published https://www.postgresql.org/about/news/p ... ased-2955/
We want to update within next fews days, In preparation i have some questions.
Is the bundled Version of PostgreSQL adjusted/changed in any way by veeam or is it same package which is downloadable on postgreSQL webpage itself?
If yes, will veeam publish a new version or should we download this update on postgreSQL webpage?
Are there some basic tutorials which helps to handle veeam during update? this includes all preparation on veeams side such as stopping/starting services etc.
Thanks,
Hans
during Upgrade to latest 12.2 our service contractor switched from MS-Express to the bundled PostgreSQL 15.8-1.
Now some security updates were published https://www.postgresql.org/about/news/p ... ased-2955/
We want to update within next fews days, In preparation i have some questions.
Is the bundled Version of PostgreSQL adjusted/changed in any way by veeam or is it same package which is downloadable on postgreSQL webpage itself?
If yes, will veeam publish a new version or should we download this update on postgreSQL webpage?
Are there some basic tutorials which helps to handle veeam during update? this includes all preparation on veeams side such as stopping/starting services etc.
Thanks,
Hans
-
- Product Manager
- Posts: 9777
- Liked: 2582 times
- Joined: May 13, 2017 4:51 pm
- Full Name: Fabian K.
- Location: Switzerland
- Contact:
Re: Upgrading Bundled PostgreSQL for security reasons
Hi Hans
Today, you have to download the PostgreSQL installer from the PostgreSQL webpage and run the update yourself. For Veeam Backup & Replication v12.2, we support PostgreSQL 14.x and 15.x.
Best,
Fabian
We use the default PostgreSQL installer but apply optimized configuration settings. You can always reapply these recommended settings using the following PowerShell cmdlet: Set-VBRPSQLDatabaseServerLimitsIs the bundled Version of PostgreSQL adjusted/changed in any way by veeam or is it same package which is downloadable on postgreSQL webpage itself?
Each Veeam Backup & Replication ISO includes the latest PostgreSQL installer available at the time of release. However, we do not upgrade your PostgreSQL server when you update Veeam Backup & Replication. We aim to implement this feature in future versions.If yes, will veeam publish a new version or should we download this update on postgreSQL webpage?
Today, you have to download the PostgreSQL installer from the PostgreSQL webpage and run the update yourself. For Veeam Backup & Replication v12.2, we support PostgreSQL 14.x and 15.x.
Make sure to have a current configuration backup. Then stop all backup/restore activities and Veeam services before proceeding with the PostgreSQL application update.Are there some basic tutorials which helps to handle veeam during update? this includes all preparation on veeams side such as stopping/starting services etc.
Best,
Fabian
Product Management Analyst @ Veeam Software
-
- Enthusiast
- Posts: 43
- Liked: 3 times
- Joined: Jul 11, 2022 6:59 am
- Contact:
Re: Upgrading Bundled PostgreSQL for security reasons
Hello,
thank you for your help. I will run some testinstallations on testserver to see how it works, after that i run the update on our backup server.
I think requests to this issue and postgres in general will increase in next months. I plead to add this info to your currentyl great collection of infos and tutorials.
Thank you,
Hans
thank you for your help. I will run some testinstallations on testserver to see how it works, after that i run the update on our backup server.
I think requests to this issue and postgres in general will increase in next months. I plead to add this info to your currentyl great collection of infos and tutorials.
Thank you,
Hans
-
- Enthusiast
- Posts: 43
- Liked: 3 times
- Joined: Jul 11, 2022 6:59 am
- Contact:
Re: Upgrading Bundled PostgreSQL for security reasons
Hello,
my test installations proceeded well.I hope this works on our backupserver the same way.
I think there should be some "official" tutorials and hints, especially for the case when upgrade fails and may be we have worst case with reinstallation of postgreSQL and restore configuration database.
Thank you,
Hans
my test installations proceeded well.I hope this works on our backupserver the same way.
I think there should be some "official" tutorials and hints, especially for the case when upgrade fails and may be we have worst case with reinstallation of postgreSQL and restore configuration database.
Thank you,
Hans
-
- Enthusiast
- Posts: 43
- Liked: 3 times
- Joined: Jul 11, 2022 6:59 am
- Contact:
Re: Upgrading Bundled PostgreSQL for security reasons
Hello,
we did successful update of our production server, we had no problem. Thank you for your help.
I do not know if Set-VBRPSQLDatabaseServerLimits was run at initial postgresql-installation, so i repeated this step and restartet all parts again.
I assume this step can be skipped during future updates or should one repeat this every time?
Thanks,
Hajo
we did successful update of our production server, we had no problem. Thank you for your help.
I do not know if Set-VBRPSQLDatabaseServerLimits was run at initial postgresql-installation, so i repeated this step and restartet all parts again.
I assume this step can be skipped during future updates or should one repeat this every time?
Thanks,
Hajo
-
- Product Manager
- Posts: 9777
- Liked: 2582 times
- Joined: May 13, 2017 4:51 pm
- Full Name: Fabian K.
- Location: Switzerland
- Contact:
Re: Upgrading Bundled PostgreSQL for security reasons
Hi Hans
Thank you for your feedback. Updating the PostgreSQL server within the supported versions should always just work.
You may have been doing this unknowingly for many years with Microsoft SQL for the configuration database, where Windows Update handled the patching process of the Microsoft SQL server.
Additionally, since version 12.1, we notify you through the Security and Compliance analyzer if the PostgreSQL server isn't using the recommended settings.
Best,
Fabian
Thank you for your feedback. Updating the PostgreSQL server within the supported versions should always just work.
You may have been doing this unknowingly for many years with Microsoft SQL for the configuration database, where Windows Update handled the patching process of the Microsoft SQL server.
The command is applied automatically if you installed a new Veeam Backup & Replication V12 server. If you use a remote PostgreSQL server, then the command must be applied by you. You can read more about it in the "detailed description" section.I do not know if Set-VBRPSQLDatabaseServerLimits was run at initial postgresql-installation
It's not necessary when patching the PostgreSQL server, but I recommend running the command (Set-VBRPSQLDatabaseServerLimits) just to ensure our enhanced settings are applied. Although I'm not a PostgreSQL specialist, it's possible in rare cases that some settings might be overwritten during a PostgreSQL upgrade. Reapplying the command makes sure that you use our recommended settings.I assume this step can be skipped during future updates or should one repeat this every time?
Additionally, since version 12.1, we notify you through the Security and Compliance analyzer if the PostgreSQL server isn't using the recommended settings.
Best,
Fabian
Product Management Analyst @ Veeam Software
Who is online
Users browsing this forum: Bing [Bot], Semrush [Bot] and 2 guests