1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
133
134
135
136
137
138
139
140
141
142
143
144
145
146
147
148
149
150
151
152
153
154
155
156
157
158
159
160
161
162
163
164
165
166
167
168
169
170
171
172
173
174
175
176
177
178
179
180
181
182
183
184
185
186
187
188
189
190
191
192
193
194
195
196
197
198
199
200
201
202
203
204
205
206
207
208
209
210
211
212
213
214
215
216
217
218
219
220
221
222
223
224
225
226
227
228
229
230
231
232
233
234
235
236
237
238
239
240
241
242
243
244
245
246
247
248
249
250
251
252
253
254
255
256
257
258
259
260
261
262
263
264
265
266
267
268
269
270
271
272
273
274
275
276
277
278
279
280
281
282
283
284
285
286
287
288
289
290
291
292
293
294
295
296
297
298
299
300
301
302
303
304
305
306
307
308
309
310
311
312
313
314
315
316
317
318
319
320
321
322
323
324
325
326
327
328
329
330
331
332
333
334
335
336
337
338
339
340
341
342
343
344
345
346
347
348
349
350
351
352
353
354
355
356
357
358
359
360
361
362
363
364
365
366
367
368
369
370
371
372
373
374
375
376
377
378
379
380
381
382
383
384
385
386
387
388
389
390
391
392
393
394
395
396
397
398
399
400
401
402
403
404
405
406
407
408
409
410
411
412
413
414
415
416
417
418
419
420
421
422
423
424
425
426
427
428
429
430
431
432
433
434
435
436
437
438
439
440
441
442
443
444
445
446
447
448
449
450
451
452
453
454
455
456
457
458
459
460
461
462
463
464
465
466
467
468
469
470
471
472
473
474
475
476
477
478
479
480
481
482
483
484
485
486
487
488
489
490
491
492
493
494
495
496
497
498
499
500
501
502
503
504
505
506
507
508
509
510
511
512
513
514
515
516
517
518
519
520
521
522
523
524
525
526
527
528
529
530
531
532
533
534
535
536
537
538
539
540
541
542
543
544
545
546
547
548
549
550
551
552
553
554
555
556
557
558
559
560
561
562
563
564
565
566
567
568
569
570
571
572
573
|
<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.01 Transitional//EN" "http://www.w3.org/TR/html4/loose.dtd">
<HTML
><HEAD
><TITLE
>Release 8.2.6</TITLE
><META
NAME="GENERATOR"
CONTENT="Modular DocBook HTML Stylesheet Version 1.79"><LINK
REV="MADE"
HREF="mailto:pgsql-docs@postgresql.org"><LINK
REL="HOME"
TITLE="PostgreSQL 9.1.8 Documentation"
HREF="index.html"><LINK
REL="UP"
TITLE="Release Notes"
HREF="release.html"><LINK
REL="PREVIOUS"
TITLE="Release 8.2.7"
HREF="release-8-2-7.html"><LINK
REL="NEXT"
TITLE="Release 8.2.5"
HREF="release-8-2-5.html"><LINK
REL="STYLESHEET"
TYPE="text/css"
HREF="stylesheet.css"><META
HTTP-EQUIV="Content-Type"
CONTENT="text/html; charset=ISO-8859-1"><META
NAME="creation"
CONTENT="2013-02-04T21:38:53"></HEAD
><BODY
CLASS="SECT1"
><DIV
CLASS="NAVHEADER"
><TABLE
SUMMARY="Header navigation table"
WIDTH="100%"
BORDER="0"
CELLPADDING="0"
CELLSPACING="0"
><TR
><TH
COLSPAN="5"
ALIGN="center"
VALIGN="bottom"
><A
HREF="index.html"
>PostgreSQL 9.1.8 Documentation</A
></TH
></TR
><TR
><TD
WIDTH="10%"
ALIGN="left"
VALIGN="top"
><A
TITLE="Release 8.2.7"
HREF="release-8-2-7.html"
ACCESSKEY="P"
>Prev</A
></TD
><TD
WIDTH="10%"
ALIGN="left"
VALIGN="top"
><A
HREF="release.html"
ACCESSKEY="U"
>Up</A
></TD
><TD
WIDTH="60%"
ALIGN="center"
VALIGN="bottom"
>Appendix E. Release Notes</TD
><TD
WIDTH="20%"
ALIGN="right"
VALIGN="top"
><A
TITLE="Release 8.2.5"
HREF="release-8-2-5.html"
ACCESSKEY="N"
>Next</A
></TD
></TR
></TABLE
><HR
ALIGN="LEFT"
WIDTH="100%"></DIV
><DIV
CLASS="SECT1"
><H1
CLASS="SECT1"
><A
NAME="RELEASE-8-2-6"
>E.81. Release 8.2.6</A
></H1
><DIV
CLASS="NOTE"
><BLOCKQUOTE
CLASS="NOTE"
><P
><B
>Release Date: </B
>2008-01-07</P
></BLOCKQUOTE
></DIV
><P
> This release contains a variety of fixes from 8.2.5,
including fixes for significant security issues.
For information about new features in the 8.2 major release, see
<A
HREF="release-8-2.html"
>Section E.87</A
>.
</P
><DIV
CLASS="SECT2"
><H2
CLASS="SECT2"
><A
NAME="AEN120538"
>E.81.1. Migration to Version 8.2.6</A
></H2
><P
> A dump/restore is not required for those running 8.2.X.
</P
></DIV
><DIV
CLASS="SECT2"
><H2
CLASS="SECT2"
><A
NAME="AEN120541"
>E.81.2. Changes</A
></H2
><P
></P
><UL
><LI
><P
> Prevent functions in indexes from executing with the privileges of
the user running <TT
CLASS="COMMAND"
>VACUUM</TT
>, <TT
CLASS="COMMAND"
>ANALYZE</TT
>, etc (Tom)
</P
><P
> Functions used in index expressions and partial-index
predicates are evaluated whenever a new table entry is made. It has
long been understood that this poses a risk of trojan-horse code
execution if one modifies a table owned by an untrustworthy user.
(Note that triggers, defaults, check constraints, etc. pose the
same type of risk.) But functions in indexes pose extra danger
because they will be executed by routine maintenance operations
such as <TT
CLASS="COMMAND"
>VACUUM FULL</TT
>, which are commonly performed
automatically under a superuser account. For example, a nefarious user
can execute code with superuser privileges by setting up a
trojan-horse index definition and waiting for the next routine vacuum.
The fix arranges for standard maintenance operations
(including <TT
CLASS="COMMAND"
>VACUUM</TT
>, <TT
CLASS="COMMAND"
>ANALYZE</TT
>, <TT
CLASS="COMMAND"
>REINDEX</TT
>,
and <TT
CLASS="COMMAND"
>CLUSTER</TT
>) to execute as the table owner rather than
the calling user, using the same privilege-switching mechanism already
used for <TT
CLASS="LITERAL"
>SECURITY DEFINER</TT
> functions. To prevent bypassing
this security measure, execution of <TT
CLASS="COMMAND"
>SET SESSION
AUTHORIZATION</TT
> and <TT
CLASS="COMMAND"
>SET ROLE</TT
> is now forbidden within a
<TT
CLASS="LITERAL"
>SECURITY DEFINER</TT
> context. (CVE-2007-6600)
</P
></LI
><LI
><P
> Repair assorted bugs in the regular-expression package (Tom, Will Drewry)
</P
><P
> Suitably crafted regular-expression patterns could cause crashes,
infinite or near-infinite looping, and/or massive memory consumption,
all of which pose denial-of-service hazards for applications that
accept regex search patterns from untrustworthy sources.
(CVE-2007-4769, CVE-2007-4772, CVE-2007-6067)
</P
></LI
><LI
><P
> Require non-superusers who use <TT
CLASS="FILENAME"
>/contrib/dblink</TT
> to use only
password authentication, as a security measure (Joe)
</P
><P
> The fix that appeared for this in 8.2.5 was incomplete, as it plugged
the hole for only some <TT
CLASS="FILENAME"
>dblink</TT
> functions. (CVE-2007-6601,
CVE-2007-3278)
</P
></LI
><LI
><P
> Fix bugs in WAL replay for GIN indexes (Teodor)
</P
></LI
><LI
><P
> Fix GIN index build to work properly when
<TT
CLASS="VARNAME"
>maintenance_work_mem</TT
> is 4GB or more (Tom)
</P
></LI
><LI
><P
> Update time zone data files to <SPAN
CLASS="APPLICATION"
>tzdata</SPAN
> release 2007k
(in particular, recent Argentina changes) (Tom)
</P
></LI
><LI
><P
> Improve planner's handling of LIKE/regex estimation in non-C locales
(Tom)
</P
></LI
><LI
><P
> Fix planning-speed problem for deep outer-join nests, as well as
possible poor choice of join order (Tom)
</P
></LI
><LI
><P
> Fix planner failure in some cases of <TT
CLASS="LITERAL"
>WHERE false AND var IN
(SELECT ...)</TT
> (Tom)
</P
></LI
><LI
><P
> Make <TT
CLASS="COMMAND"
>CREATE TABLE ... SERIAL</TT
> and
<TT
CLASS="COMMAND"
>ALTER SEQUENCE ... OWNED BY</TT
> not change the
<CODE
CLASS="FUNCTION"
>currval()</CODE
> state of the sequence (Tom)
</P
></LI
><LI
><P
> Preserve the tablespace and storage parameters of indexes that are
rebuilt by <TT
CLASS="COMMAND"
>ALTER TABLE ... ALTER COLUMN TYPE</TT
> (Tom)
</P
></LI
><LI
><P
> Make archive recovery always start a new WAL timeline, rather than only
when a recovery stop time was used (Simon)
</P
><P
> This avoids a corner-case risk of trying to overwrite an existing
archived copy of the last WAL segment, and seems simpler and cleaner
than the original definition.
</P
></LI
><LI
><P
> Make <TT
CLASS="COMMAND"
>VACUUM</TT
> not use all of <TT
CLASS="VARNAME"
>maintenance_work_mem</TT
>
when the table is too small for it to be useful (Alvaro)
</P
></LI
><LI
><P
> Fix potential crash in <CODE
CLASS="FUNCTION"
>translate()</CODE
> when using a multibyte
database encoding (Tom)
</P
></LI
><LI
><P
> Make <CODE
CLASS="FUNCTION"
>corr()</CODE
> return the correct result for negative
correlation values (Neil)
</P
></LI
><LI
><P
> Fix overflow in <TT
CLASS="LITERAL"
>extract(epoch from interval)</TT
> for intervals
exceeding 68 years (Tom)
</P
></LI
><LI
><P
> Fix PL/Perl to not fail when a UTF-8 regular expression is used
in a trusted function (Andrew)
</P
></LI
><LI
><P
> Fix PL/Perl to cope when platform's Perl defines type <TT
CLASS="LITERAL"
>bool</TT
>
as <TT
CLASS="LITERAL"
>int</TT
> rather than <TT
CLASS="LITERAL"
>char</TT
> (Tom)
</P
><P
> While this could theoretically happen anywhere, no standard build of
Perl did things this way ... until <SPAN
CLASS="PRODUCTNAME"
>Mac OS X</SPAN
> 10.5.
</P
></LI
><LI
><P
> Fix PL/Python to work correctly with Python 2.5 on 64-bit machines
(Marko Kreen)
</P
></LI
><LI
><P
> Fix PL/Python to not crash on long exception messages (Alvaro)
</P
></LI
><LI
><P
> Fix <SPAN
CLASS="APPLICATION"
>pg_dump</SPAN
> to correctly handle inheritance child tables
that have default expressions different from their parent's (Tom)
</P
></LI
><LI
><P
> Fix <SPAN
CLASS="APPLICATION"
>libpq</SPAN
> crash when <TT
CLASS="VARNAME"
>PGPASSFILE</TT
> refers
to a file that is not a plain file (Martin Pitt)
</P
></LI
><LI
><P
> <SPAN
CLASS="APPLICATION"
>ecpg</SPAN
> parser fixes (Michael)
</P
></LI
><LI
><P
> Make <TT
CLASS="FILENAME"
>contrib/pgcrypto</TT
> defend against
<SPAN
CLASS="APPLICATION"
>OpenSSL</SPAN
> libraries that fail on keys longer than 128
bits; which is the case at least on some Solaris versions (Marko Kreen)
</P
></LI
><LI
><P
> Make <TT
CLASS="FILENAME"
>contrib/tablefunc</TT
>'s <CODE
CLASS="FUNCTION"
>crosstab()</CODE
> handle
NULL rowid as a category in its own right, rather than crashing (Joe)
</P
></LI
><LI
><P
> Fix <TT
CLASS="TYPE"
>tsvector</TT
> and <TT
CLASS="TYPE"
>tsquery</TT
> output routines to
escape backslashes correctly (Teodor, Bruce)
</P
></LI
><LI
><P
> Fix crash of <CODE
CLASS="FUNCTION"
>to_tsvector()</CODE
> on huge input strings (Teodor)
</P
></LI
><LI
><P
> Require a specific version of <SPAN
CLASS="PRODUCTNAME"
>Autoconf</SPAN
> to be used
when re-generating the <TT
CLASS="COMMAND"
>configure</TT
> script (Peter)
</P
><P
> This affects developers and packagers only. The change was made
to prevent accidental use of untested combinations of
<SPAN
CLASS="PRODUCTNAME"
>Autoconf</SPAN
> and <SPAN
CLASS="PRODUCTNAME"
>PostgreSQL</SPAN
> versions.
You can remove the version check if you really want to use a
different <SPAN
CLASS="PRODUCTNAME"
>Autoconf</SPAN
> version, but it's
your responsibility whether the result works or not.
</P
></LI
><LI
><P
> Update <CODE
CLASS="FUNCTION"
>gettimeofday</CODE
> configuration check so that
<SPAN
CLASS="PRODUCTNAME"
>PostgreSQL</SPAN
> can be built on newer versions of
<SPAN
CLASS="PRODUCTNAME"
>MinGW</SPAN
> (Magnus)
</P
></LI
></UL
></DIV
></DIV
><DIV
CLASS="NAVFOOTER"
><HR
ALIGN="LEFT"
WIDTH="100%"><TABLE
SUMMARY="Footer navigation table"
WIDTH="100%"
BORDER="0"
CELLPADDING="0"
CELLSPACING="0"
><TR
><TD
WIDTH="33%"
ALIGN="left"
VALIGN="top"
><A
HREF="release-8-2-7.html"
ACCESSKEY="P"
>Prev</A
></TD
><TD
WIDTH="34%"
ALIGN="center"
VALIGN="top"
><A
HREF="index.html"
ACCESSKEY="H"
>Home</A
></TD
><TD
WIDTH="33%"
ALIGN="right"
VALIGN="top"
><A
HREF="release-8-2-5.html"
ACCESSKEY="N"
>Next</A
></TD
></TR
><TR
><TD
WIDTH="33%"
ALIGN="left"
VALIGN="top"
>Release 8.2.7</TD
><TD
WIDTH="34%"
ALIGN="center"
VALIGN="top"
><A
HREF="release.html"
ACCESSKEY="U"
>Up</A
></TD
><TD
WIDTH="33%"
ALIGN="right"
VALIGN="top"
>Release 8.2.5</TD
></TR
></TABLE
></DIV
></BODY
></HTML
>
|