1
<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.01 Transitional//EN" "http://www.w3.org/TR/html4/loose.dtd">
8
CONTENT="Modular DocBook HTML Stylesheet Version 1.79"><LINK
10
HREF="mailto:pgsql-docs@postgresql.org"><LINK
12
TITLE="PostgreSQL 9.1beta1 Documentation"
13
HREF="index.html"><LINK
16
HREF="release.html"><LINK
18
TITLE="Release 7.4.30"
19
HREF="release-7-4-30.html"><LINK
21
TITLE="Release 7.4.28"
22
HREF="release-7-4-28.html"><LINK
25
HREF="stylesheet.css"><META
26
HTTP-EQUIV="Content-Type"
27
CONTENT="text/html; charset=ISO-8859-1"><META
29
CONTENT="2011-04-27T21:20:33"></HEAD
35
SUMMARY="Header navigation table"
47
>PostgreSQL 9.1beta1 Documentation</A
56
TITLE="Release 7.4.30"
57
HREF="release-7-4-30.html"
74
>Appendix E. Release Notes</TD
89
TITLE="Release 7.4.28"
90
HREF="release-7-4-28.html"
104
NAME="RELEASE-7-4-29"
105
>E.106. Release 7.4.29</A
118
> This release contains a variety of fixes from 7.4.28.
119
For information about new features in the 7.4 major release, see
121
HREF="release-7-4.html"
129
> community will stop releasing updates
130
for the 7.4.X release series in July 2010.
131
Users are encouraged to update to a newer release branch soon.
139
>E.106.1. Migration to Version 7.4.29</A
142
> A dump/restore is not required for those running 7.4.X.
143
However, if you are upgrading from a version earlier than 7.4.26,
144
see the release notes for 7.4.26.
160
> Enforce restrictions in <TT
163
> using an opmask applied to
164
the whole interpreter, instead of using <TT
168
(Tim Bunce, Andrew Dunstan)
171
> Recent developments have convinced us that <TT
175
insecure to rely on for making <TT
179
change removes use of <TT
182
> altogether, in favor of using
183
a separate interpreter with an opcode mask that is always applied.
184
Pleasant side effects of the change include that it is now possible to
188
> pragma in a natural way in
192
>, and that Perl's <TT
199
variables work as expected in sort routines, and that function
200
compilation is significantly faster. (CVE-2010-1169)
205
> Prevent PL/Tcl from executing untrustworthy code from
212
> PL/Tcl's feature for autoloading Tcl code from a database table
213
could be exploited for trojan-horse attacks, because there was no
214
restriction on who could create or insert into that table. This change
215
disables the feature unless <TT
219
superuser. (However, the permissions on the table are not checked, so
220
installations that really need a less-than-secure modules table can
221
still grant suitable privileges to trusted non-superusers.) Also,
222
prevent loading code into the unrestricted <SPAN
226
interpreter unless we are really going to execute a <TT
230
function. (CVE-2010-1170)
235
> Do not allow an unprivileged user to reset superuser-only parameter
239
> Previously, if an unprivileged user ran <TT
241
>ALTER USER ... RESET
243
> for himself, or <TT
245
>ALTER DATABASE ... RESET ALL</TT
247
a database he owns, this would remove all special parameter settings
248
for the user or database, even ones that are only supposed to be
249
changeable by a superuser. Now, the <TT
253
remove the parameters that the user has permission to change.
258
> Avoid possible crash during backend shutdown if shutdown occurs
262
> addition would be made to log entries (Tom)
265
> In some cases the context-printing function would fail because the
266
current transaction had already been rolled back when it came time
267
to print a log message.
272
> Update pl/perl's <TT
275
> for modern Perl versions
281
> Fix assorted memory leaks in pl/python (Andreas Freund, Tom)
288
>contrib/pgstattuple</TT
289
> functions respond to cancel
290
interrupts promptly (Tatsuhito Kasahara)
295
> Make server startup deal properly with the case that
303
shared memory segment (Tom)
306
> This behavior has been observed on BSD-derived kernels including OS X.
307
It resulted in an entirely-misleading startup failure complaining that
308
the shared memory request size was too large.
319
SUMMARY="Footer navigation table"
330
HREF="release-7-4-30.html"
348
HREF="release-7-4-28.html"
b'\\ No newline at end of file'