17
17
review, so each item is truly a community effort.
18
18
__________________________________________________________________
22
Release date: 2010-05-17
24
This release contains a variety of fixes from 8.4.3. For information
25
about new features in the 8.4 major release, see the Section called
27
__________________________________________________________________
29
Migration to Version 8.4.4
31
A dump/restore is not required for those running 8.4.X. However, if you
32
are upgrading from a version earlier than 8.4.2, see the release notes
34
__________________________________________________________________
38
* Enforce restrictions in plperl using an opmask applied to the whole
39
interpreter, instead of using "Safe.pm" (Tim Bunce, Andrew Dunstan)
40
Recent developments have convinced us that "Safe.pm" is too
41
insecure to rely on for making plperl trustable. This change
42
removes use of "Safe.pm" altogether, in favor of using a separate
43
interpreter with an opcode mask that is always applied. Pleasant
44
side effects of the change include that it is now possible to use
45
Perl's strict pragma in a natural way in plperl, and that Perl's $a
46
and $b variables work as expected in sort routines, and that
47
function compilation is significantly faster. (CVE-2010-1169)
48
* Prevent PL/Tcl from executing untrustworthy code from pltcl_modules
50
PL/Tcl's feature for autoloading Tcl code from a database table
51
could be exploited for trojan-horse attacks, because there was no
52
restriction on who could create or insert into that table. This
53
change disables the feature unless pltcl_modules is owned by a
54
superuser. (However, the permissions on the table are not checked,
55
so installations that really need a less-than-secure modules table
56
can still grant suitable privileges to trusted non-superusers.)
57
Also, prevent loading code into the unrestricted "normal" Tcl
58
interpreter unless we are really going to execute a pltclu
59
function. (CVE-2010-1170)
60
* Fix data corruption during WAL replay of ALTER ... SET TABLESPACE
62
When archive_mode is on, ALTER ... SET TABLESPACE generates a WAL
63
record whose replay logic was incorrect. It could write the data to
64
the wrong place, leading to possibly-unrecoverable data corruption.
65
Data corruption would be observed on standby slaves, and could
66
occur on the master as well if a database crash and recovery
67
occurred after committing the ALTER and before the next checkpoint.
68
* Fix possible crash if a cache reset message is received during
69
rebuild of a relcache entry (Heikki)
70
This error was introduced in 8.4.3 while fixing a related failure.
71
* Apply per-function GUC settings while running the language
72
validator for the function (Itagaki Takahiro)
73
This avoids failures if the function's code is invalid without the
74
setting; an example is that SQL functions may not parse if the
75
search_path is not correct.
76
* Do constraint exclusion for inherited "UPDATE" and "DELETE" target
77
tables when constraint_exclusion = partition (Tom)
78
Due to an oversight, this setting previously only caused constraint
79
exclusion to be checked in "SELECT" commands.
80
* Do not allow an unprivileged user to reset superuser-only parameter
82
Previously, if an unprivileged user ran ALTER USER ... RESET ALL
83
for himself, or ALTER DATABASE ... RESET ALL for a database he
84
owns, this would remove all special parameter settings for the user
85
or database, even ones that are only supposed to be changeable by a
86
superuser. Now, the "ALTER" will only remove the parameters that
87
the user has permission to change.
88
* Avoid possible crash during backend shutdown if shutdown occurs
89
when a CONTEXT addition would be made to log entries (Tom)
90
In some cases the context-printing function would fail because the
91
current transaction had already been rolled back when it came time
92
to print a log message.
93
* Fix erroneous handling of %r parameter in recovery_end_command
95
The value always came out zero.
96
* Ensure the archiver process responds to changes in archive_command
97
as soon as possible (Tom)
98
* Fix pl/pgsql's CASE statement to not fail when the case expression
99
is a query that returns no rows (Tom)
100
* Update pl/perl's "ppport.h" for modern Perl versions (Andrew)
101
* Fix assorted memory leaks in pl/python (Andreas Freund, Tom)
102
* Handle empty-string connect parameters properly in ecpg (Michael)
103
* Prevent infinite recursion in psql when expanding a variable that
104
refers to itself (Tom)
105
* Fix psql's \copy to not add spaces around a dot within \copy
107
Addition of spaces around the decimal point in a numeric literal
108
would result in a syntax error.
109
* Avoid formatting failure in psql when running in a locale context
110
that doesn't match the client_encoding (Tom)
111
* Fix unnecessary "GIN indexes do not support whole-index scans"
112
errors for unsatisfiable queries using "contrib/intarray" operators
114
* Ensure that "contrib/pgstattuple" functions respond to cancel
115
interrupts promptly (Tatsuhito Kasahara)
116
* Make server startup deal properly with the case that shmget()
117
returns EINVAL for an existing shared memory segment (Tom)
118
This behavior has been observed on BSD-derived kernels including OS
119
X. It resulted in an entirely-misleading startup failure
120
complaining that the shared memory request size was too large.
121
* Avoid possible crashes in syslogger process on Windows (Heikki)
122
* Deal more robustly with incomplete time zone information in the
123
Windows registry (Magnus)
124
* Update the set of known Windows time zone names (Magnus)
125
* Update time zone data files to tzdata release 2010j for DST law
126
changes in Argentina, Australian Antarctic, Bangladesh, Mexico,
127
Morocco, Pakistan, Palestine, Russia, Syria, Tunisia; also
128
historical corrections for Taiwan.
129
Also, add PKST (Pakistan Summer Time) to the default set of
130
timezone abbreviations.
131
__________________________________________________________________
22
135
Release date: 2010-03-15
1510
1623
unsafe to use a symlink (Simon)
1511
1624
__________________________________________________________________
1628
Release date: 2010-05-17
1630
This release contains a variety of fixes from 8.3.10. For information
1631
about new features in the 8.3 major release, see the Section called
1633
__________________________________________________________________
1635
Migration to Version 8.3.11
1637
A dump/restore is not required for those running 8.3.X. However, if you
1638
are upgrading from a version earlier than 8.3.8, see the release notes
1640
__________________________________________________________________
1644
* Enforce restrictions in plperl using an opmask applied to the whole
1645
interpreter, instead of using "Safe.pm" (Tim Bunce, Andrew Dunstan)
1646
Recent developments have convinced us that "Safe.pm" is too
1647
insecure to rely on for making plperl trustable. This change
1648
removes use of "Safe.pm" altogether, in favor of using a separate
1649
interpreter with an opcode mask that is always applied. Pleasant
1650
side effects of the change include that it is now possible to use
1651
Perl's strict pragma in a natural way in plperl, and that Perl's $a
1652
and $b variables work as expected in sort routines, and that
1653
function compilation is significantly faster. (CVE-2010-1169)
1654
* Prevent PL/Tcl from executing untrustworthy code from pltcl_modules
1656
PL/Tcl's feature for autoloading Tcl code from a database table
1657
could be exploited for trojan-horse attacks, because there was no
1658
restriction on who could create or insert into that table. This
1659
change disables the feature unless pltcl_modules is owned by a
1660
superuser. (However, the permissions on the table are not checked,
1661
so installations that really need a less-than-secure modules table
1662
can still grant suitable privileges to trusted non-superusers.)
1663
Also, prevent loading code into the unrestricted "normal" Tcl
1664
interpreter unless we are really going to execute a pltclu
1665
function. (CVE-2010-1170)
1666
* Fix possible crash if a cache reset message is received during
1667
rebuild of a relcache entry (Heikki)
1668
This error was introduced in 8.3.10 while fixing a related failure.
1669
* Apply per-function GUC settings while running the language
1670
validator for the function (Itagaki Takahiro)
1671
This avoids failures if the function's code is invalid without the
1672
setting; an example is that SQL functions may not parse if the
1673
search_path is not correct.
1674
* Do not allow an unprivileged user to reset superuser-only parameter
1676
Previously, if an unprivileged user ran ALTER USER ... RESET ALL
1677
for himself, or ALTER DATABASE ... RESET ALL for a database he
1678
owns, this would remove all special parameter settings for the user
1679
or database, even ones that are only supposed to be changeable by a
1680
superuser. Now, the "ALTER" will only remove the parameters that
1681
the user has permission to change.
1682
* Avoid possible crash during backend shutdown if shutdown occurs
1683
when a CONTEXT addition would be made to log entries (Tom)
1684
In some cases the context-printing function would fail because the
1685
current transaction had already been rolled back when it came time
1686
to print a log message.
1687
* Ensure the archiver process responds to changes in archive_command
1688
as soon as possible (Tom)
1689
* Update pl/perl's "ppport.h" for modern Perl versions (Andrew)
1690
* Fix assorted memory leaks in pl/python (Andreas Freund, Tom)
1691
* Prevent infinite recursion in psql when expanding a variable that
1692
refers to itself (Tom)
1693
* Fix psql's \copy to not add spaces around a dot within \copy
1695
Addition of spaces around the decimal point in a numeric literal
1696
would result in a syntax error.
1697
* Fix unnecessary "GIN indexes do not support whole-index scans"
1698
errors for unsatisfiable queries using "contrib/intarray" operators
1700
* Ensure that "contrib/pgstattuple" functions respond to cancel
1701
interrupts promptly (Tatsuhito Kasahara)
1702
* Make server startup deal properly with the case that shmget()
1703
returns EINVAL for an existing shared memory segment (Tom)
1704
This behavior has been observed on BSD-derived kernels including OS
1705
X. It resulted in an entirely-misleading startup failure
1706
complaining that the shared memory request size was too large.
1707
* Avoid possible crashes in syslogger process on Windows (Heikki)
1708
* Deal more robustly with incomplete time zone information in the
1709
Windows registry (Magnus)
1710
* Update the set of known Windows time zone names (Magnus)
1711
* Update time zone data files to tzdata release 2010j for DST law
1712
changes in Argentina, Australian Antarctic, Bangladesh, Mexico,
1713
Morocco, Pakistan, Palestine, Russia, Syria, Tunisia; also
1714
historical corrections for Taiwan.
1715
Also, add PKST (Pakistan Summer Time) to the default set of
1716
timezone abbreviations.
1717
__________________________________________________________________
1515
1721
Release date: 2010-03-15
3373
3579
The new XML support in core PostgreSQL supersedes this module.
3374
3580
__________________________________________________________________
3584
Release date: 2010-05-17
3586
This release contains a variety of fixes from 8.2.16. For information
3587
about new features in the 8.2 major release, see the Section called
3589
__________________________________________________________________
3591
Migration to Version 8.2.17
3593
A dump/restore is not required for those running 8.2.X. However, if you
3594
are upgrading from a version earlier than 8.2.14, see the release notes
3596
__________________________________________________________________
3600
* Enforce restrictions in plperl using an opmask applied to the whole
3601
interpreter, instead of using "Safe.pm" (Tim Bunce, Andrew Dunstan)
3602
Recent developments have convinced us that "Safe.pm" is too
3603
insecure to rely on for making plperl trustable. This change
3604
removes use of "Safe.pm" altogether, in favor of using a separate
3605
interpreter with an opcode mask that is always applied. Pleasant
3606
side effects of the change include that it is now possible to use
3607
Perl's strict pragma in a natural way in plperl, and that Perl's $a
3608
and $b variables work as expected in sort routines, and that
3609
function compilation is significantly faster. (CVE-2010-1169)
3610
* Prevent PL/Tcl from executing untrustworthy code from pltcl_modules
3612
PL/Tcl's feature for autoloading Tcl code from a database table
3613
could be exploited for trojan-horse attacks, because there was no
3614
restriction on who could create or insert into that table. This
3615
change disables the feature unless pltcl_modules is owned by a
3616
superuser. (However, the permissions on the table are not checked,
3617
so installations that really need a less-than-secure modules table
3618
can still grant suitable privileges to trusted non-superusers.)
3619
Also, prevent loading code into the unrestricted "normal" Tcl
3620
interpreter unless we are really going to execute a pltclu
3621
function. (CVE-2010-1170)
3622
* Fix possible crash if a cache reset message is received during
3623
rebuild of a relcache entry (Heikki)
3624
This error was introduced in 8.2.16 while fixing a related failure.
3625
* Do not allow an unprivileged user to reset superuser-only parameter
3627
Previously, if an unprivileged user ran ALTER USER ... RESET ALL
3628
for himself, or ALTER DATABASE ... RESET ALL for a database he
3629
owns, this would remove all special parameter settings for the user
3630
or database, even ones that are only supposed to be changeable by a
3631
superuser. Now, the "ALTER" will only remove the parameters that
3632
the user has permission to change.
3633
* Avoid possible crash during backend shutdown if shutdown occurs
3634
when a CONTEXT addition would be made to log entries (Tom)
3635
In some cases the context-printing function would fail because the
3636
current transaction had already been rolled back when it came time
3637
to print a log message.
3638
* Update pl/perl's "ppport.h" for modern Perl versions (Andrew)
3639
* Fix assorted memory leaks in pl/python (Andreas Freund, Tom)
3640
* Prevent infinite recursion in psql when expanding a variable that
3641
refers to itself (Tom)
3642
* Fix psql's \copy to not add spaces around a dot within \copy
3644
Addition of spaces around the decimal point in a numeric literal
3645
would result in a syntax error.
3646
* Ensure that "contrib/pgstattuple" functions respond to cancel
3647
interrupts promptly (Tatsuhito Kasahara)
3648
* Make server startup deal properly with the case that shmget()
3649
returns EINVAL for an existing shared memory segment (Tom)
3650
This behavior has been observed on BSD-derived kernels including OS
3651
X. It resulted in an entirely-misleading startup failure
3652
complaining that the shared memory request size was too large.
3653
* Avoid possible crashes in syslogger process on Windows (Heikki)
3654
* Deal more robustly with incomplete time zone information in the
3655
Windows registry (Magnus)
3656
* Update the set of known Windows time zone names (Magnus)
3657
* Update time zone data files to tzdata release 2010j for DST law
3658
changes in Argentina, Australian Antarctic, Bangladesh, Mexico,
3659
Morocco, Pakistan, Palestine, Russia, Syria, Tunisia; also
3660
historical corrections for Taiwan.
3661
Also, add PKST (Pakistan Summer Time) to the default set of
3662
timezone abbreviations.
3663
__________________________________________________________________
3378
3667
Release date: 2010-03-15
5196
5485
scripts (David, Josh Drake)
5197
5486
__________________________________________________________________
5490
Release date: 2010-05-17
5492
This release contains a variety of fixes from 8.1.20. For information
5493
about new features in the 8.1 major release, see the Section called
5495
__________________________________________________________________
5497
Migration to Version 8.1.21
5499
A dump/restore is not required for those running 8.1.X. However, if you
5500
are upgrading from a version earlier than 8.1.18, see the release notes
5502
__________________________________________________________________
5506
* Enforce restrictions in plperl using an opmask applied to the whole
5507
interpreter, instead of using "Safe.pm" (Tim Bunce, Andrew Dunstan)
5508
Recent developments have convinced us that "Safe.pm" is too
5509
insecure to rely on for making plperl trustable. This change
5510
removes use of "Safe.pm" altogether, in favor of using a separate
5511
interpreter with an opcode mask that is always applied. Pleasant
5512
side effects of the change include that it is now possible to use
5513
Perl's strict pragma in a natural way in plperl, and that Perl's $a
5514
and $b variables work as expected in sort routines, and that
5515
function compilation is significantly faster. (CVE-2010-1169)
5516
* Prevent PL/Tcl from executing untrustworthy code from pltcl_modules
5518
PL/Tcl's feature for autoloading Tcl code from a database table
5519
could be exploited for trojan-horse attacks, because there was no
5520
restriction on who could create or insert into that table. This
5521
change disables the feature unless pltcl_modules is owned by a
5522
superuser. (However, the permissions on the table are not checked,
5523
so installations that really need a less-than-secure modules table
5524
can still grant suitable privileges to trusted non-superusers.)
5525
Also, prevent loading code into the unrestricted "normal" Tcl
5526
interpreter unless we are really going to execute a pltclu
5527
function. (CVE-2010-1170)
5528
* Do not allow an unprivileged user to reset superuser-only parameter
5530
Previously, if an unprivileged user ran ALTER USER ... RESET ALL
5531
for himself, or ALTER DATABASE ... RESET ALL for a database he
5532
owns, this would remove all special parameter settings for the user
5533
or database, even ones that are only supposed to be changeable by a
5534
superuser. Now, the "ALTER" will only remove the parameters that
5535
the user has permission to change.
5536
* Avoid possible crash during backend shutdown if shutdown occurs
5537
when a CONTEXT addition would be made to log entries (Tom)
5538
In some cases the context-printing function would fail because the
5539
current transaction had already been rolled back when it came time
5540
to print a log message.
5541
* Update pl/perl's "ppport.h" for modern Perl versions (Andrew)
5542
* Fix assorted memory leaks in pl/python (Andreas Freund, Tom)
5543
* Prevent infinite recursion in psql when expanding a variable that
5544
refers to itself (Tom)
5545
* Ensure that "contrib/pgstattuple" functions respond to cancel
5546
interrupts promptly (Tatsuhito Kasahara)
5547
* Make server startup deal properly with the case that shmget()
5548
returns EINVAL for an existing shared memory segment (Tom)
5549
This behavior has been observed on BSD-derived kernels including OS
5550
X. It resulted in an entirely-misleading startup failure
5551
complaining that the shared memory request size was too large.
5552
* Update time zone data files to tzdata release 2010j for DST law
5553
changes in Argentina, Australian Antarctic, Bangladesh, Mexico,
5554
Morocco, Pakistan, Palestine, Russia, Syria, Tunisia; also
5555
historical corrections for Taiwan.
5556
__________________________________________________________________
5201
5560
Release date: 2010-03-15
7150
7509
+ Remove support for "libmhash" and "libmcrypt"
7151
7510
__________________________________________________________________
7514
Release date: 2010-05-17
7516
This release contains a variety of fixes from 8.0.24. For information
7517
about new features in the 8.0 major release, see the Section called
7520
The PostgreSQL community will stop releasing updates for the 8.0.X
7521
release series in July 2010. Users are encouraged to update to a newer
7522
release branch soon.
7523
__________________________________________________________________
7525
Migration to Version 8.0.25
7527
A dump/restore is not required for those running 8.0.X. However, if you
7528
are upgrading from a version earlier than 8.0.22, see the release notes
7530
__________________________________________________________________
7534
* Enforce restrictions in plperl using an opmask applied to the whole
7535
interpreter, instead of using "Safe.pm" (Tim Bunce, Andrew Dunstan)
7536
Recent developments have convinced us that "Safe.pm" is too
7537
insecure to rely on for making plperl trustable. This change
7538
removes use of "Safe.pm" altogether, in favor of using a separate
7539
interpreter with an opcode mask that is always applied. Pleasant
7540
side effects of the change include that it is now possible to use
7541
Perl's strict pragma in a natural way in plperl, and that Perl's $a
7542
and $b variables work as expected in sort routines, and that
7543
function compilation is significantly faster. (CVE-2010-1169)
7544
* Prevent PL/Tcl from executing untrustworthy code from pltcl_modules
7546
PL/Tcl's feature for autoloading Tcl code from a database table
7547
could be exploited for trojan-horse attacks, because there was no
7548
restriction on who could create or insert into that table. This
7549
change disables the feature unless pltcl_modules is owned by a
7550
superuser. (However, the permissions on the table are not checked,
7551
so installations that really need a less-than-secure modules table
7552
can still grant suitable privileges to trusted non-superusers.)
7553
Also, prevent loading code into the unrestricted "normal" Tcl
7554
interpreter unless we are really going to execute a pltclu
7555
function. (CVE-2010-1170)
7556
* Do not allow an unprivileged user to reset superuser-only parameter
7558
Previously, if an unprivileged user ran ALTER USER ... RESET ALL
7559
for himself, or ALTER DATABASE ... RESET ALL for a database he
7560
owns, this would remove all special parameter settings for the user
7561
or database, even ones that are only supposed to be changeable by a
7562
superuser. Now, the "ALTER" will only remove the parameters that
7563
the user has permission to change.
7564
* Avoid possible crash during backend shutdown if shutdown occurs
7565
when a CONTEXT addition would be made to log entries (Tom)
7566
In some cases the context-printing function would fail because the
7567
current transaction had already been rolled back when it came time
7568
to print a log message.
7569
* Update pl/perl's "ppport.h" for modern Perl versions (Andrew)
7570
* Fix assorted memory leaks in pl/python (Andreas Freund, Tom)
7571
* Prevent infinite recursion in psql when expanding a variable that
7572
refers to itself (Tom)
7573
* Ensure that "contrib/pgstattuple" functions respond to cancel
7574
interrupts promptly (Tatsuhito Kasahara)
7575
* Make server startup deal properly with the case that shmget()
7576
returns EINVAL for an existing shared memory segment (Tom)
7577
This behavior has been observed on BSD-derived kernels including OS
7578
X. It resulted in an entirely-misleading startup failure
7579
complaining that the shared memory request size was too large.
7580
* Update time zone data files to tzdata release 2010j for DST law
7581
changes in Argentina, Australian Antarctic, Bangladesh, Mexico,
7582
Morocco, Pakistan, Palestine, Russia, Syria, Tunisia; also
7583
historical corrections for Taiwan.
7584
__________________________________________________________________
7155
7588
Release date: 2010-03-15
9272
9705
* Removed "contrib/rserv": obsoleted by various separate projects
9273
9706
__________________________________________________________________
9710
Release date: 2010-05-17
9712
This release contains a variety of fixes from 7.4.28. For information
9713
about new features in the 7.4 major release, see the Section called
9716
The PostgreSQL community will stop releasing updates for the 7.4.X
9717
release series in July 2010. Users are encouraged to update to a newer
9718
release branch soon.
9719
__________________________________________________________________
9721
Migration to Version 7.4.29
9723
A dump/restore is not required for those running 7.4.X. However, if you
9724
are upgrading from a version earlier than 7.4.26, see the release notes
9726
__________________________________________________________________
9730
* Enforce restrictions in plperl using an opmask applied to the whole
9731
interpreter, instead of using "Safe.pm" (Tim Bunce, Andrew Dunstan)
9732
Recent developments have convinced us that "Safe.pm" is too
9733
insecure to rely on for making plperl trustable. This change
9734
removes use of "Safe.pm" altogether, in favor of using a separate
9735
interpreter with an opcode mask that is always applied. Pleasant
9736
side effects of the change include that it is now possible to use
9737
Perl's strict pragma in a natural way in plperl, and that Perl's $a
9738
and $b variables work as expected in sort routines, and that
9739
function compilation is significantly faster. (CVE-2010-1169)
9740
* Prevent PL/Tcl from executing untrustworthy code from pltcl_modules
9742
PL/Tcl's feature for autoloading Tcl code from a database table
9743
could be exploited for trojan-horse attacks, because there was no
9744
restriction on who could create or insert into that table. This
9745
change disables the feature unless pltcl_modules is owned by a
9746
superuser. (However, the permissions on the table are not checked,
9747
so installations that really need a less-than-secure modules table
9748
can still grant suitable privileges to trusted non-superusers.)
9749
Also, prevent loading code into the unrestricted "normal" Tcl
9750
interpreter unless we are really going to execute a pltclu
9751
function. (CVE-2010-1170)
9752
* Do not allow an unprivileged user to reset superuser-only parameter
9754
Previously, if an unprivileged user ran ALTER USER ... RESET ALL
9755
for himself, or ALTER DATABASE ... RESET ALL for a database he
9756
owns, this would remove all special parameter settings for the user
9757
or database, even ones that are only supposed to be changeable by a
9758
superuser. Now, the "ALTER" will only remove the parameters that
9759
the user has permission to change.
9760
* Avoid possible crash during backend shutdown if shutdown occurs
9761
when a CONTEXT addition would be made to log entries (Tom)
9762
In some cases the context-printing function would fail because the
9763
current transaction had already been rolled back when it came time
9764
to print a log message.
9765
* Update pl/perl's "ppport.h" for modern Perl versions (Andrew)
9766
* Fix assorted memory leaks in pl/python (Andreas Freund, Tom)
9767
* Ensure that "contrib/pgstattuple" functions respond to cancel
9768
interrupts promptly (Tatsuhito Kasahara)
9769
* Make server startup deal properly with the case that shmget()
9770
returns EINVAL for an existing shared memory segment (Tom)
9771
This behavior has been observed on BSD-derived kernels including OS
9772
X. It resulted in an entirely-misleading startup failure
9773
complaining that the shared memory request size was too large.
9774
__________________________________________________________________
9277
9778
Release date: 2010-03-15