1
<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.01 Transitional//EN" "http://www.w3.org/TR/html4/loose.dtd">
8
CONTENT="Modular DocBook HTML Stylesheet Version 1.79"><LINK
10
HREF="mailto:pgsql-docs@postgresql.org"><LINK
12
TITLE="PostgreSQL 9.1.3 Documentation"
13
HREF="index.html"><LINK
16
HREF="release.html"><LINK
19
HREF="release-9-0.html"><LINK
21
TITLE="Release 8.4.10"
22
HREF="release-8-4-10.html"><LINK
25
HREF="stylesheet.css"><META
26
HTTP-EQUIV="Content-Type"
27
CONTENT="text/html; charset=ISO-8859-1"><META
29
CONTENT="2012-02-23T23:09:00"></HEAD
35
SUMMARY="Header navigation table"
47
>PostgreSQL 9.1.3 Documentation</A
57
HREF="release-9-0.html"
74
>Appendix E. Release Notes</TD
80
TITLE="Release 8.4.10"
81
HREF="release-8-4-10.html"
96
>E.13. Release 8.4.11</A
109
> This release contains a variety of fixes from 8.4.10.
110
For information about new features in the 8.4 major release, see
112
HREF="release-8-4.html"
122
>E.13.1. Migration to Version 8.4.11</A
125
> A dump/restore is not required for those running 8.4.X.
128
> However, if you are upgrading from a version earlier than 8.4.10,
129
see the release notes for 8.4.10.
145
> Require execute permission on the trigger function for
152
> This missing check could allow another user to execute a trigger
153
function with forged input data, by installing it on a table he owns.
154
This is only of significance for trigger functions marked
157
>SECURITY DEFINER</TT
158
>, since otherwise trigger functions run
159
as the table owner anyway. (CVE-2012-0866)
164
> Remove arbitrary limitation on length of common name in SSL
165
certificates (Heikki Linnakangas)
171
> and the server truncated the common name
172
extracted from an SSL certificate at 32 bytes. Normally this would
173
cause nothing worse than an unexpected verification failure, but there
174
are some rather-implausible scenarios in which it might allow one
175
certificate holder to impersonate another. The victim would have to
176
have a common name exactly 32 bytes long, and the attacker would have
177
to persuade a trusted CA to issue a certificate in which the common
178
name has that string as a prefix. Impersonating a server would also
179
require some additional exploit to redirect client connections.
185
> Convert newlines to spaces in names written in <SPAN
189
comments (Robert Haas)
195
> was incautious about sanitizing object names
196
that are emitted within SQL comments in its output script. A name
197
containing a newline would at least render the script syntactically
198
incorrect. Maliciously crafted object names could present a SQL
199
injection risk when the script is reloaded. (CVE-2012-0868)
204
> Fix btree index corruption from insertions concurrent with vacuuming
208
> An index page split caused by an insertion could sometimes cause a
209
concurrently-running <TT
212
> to miss removing index entries
213
that it should remove. After the corresponding table rows are removed,
214
the dangling index entries would cause errors (such as <SPAN
217
read block N in file ..."</SPAN
218
>) or worse, silently wrong query results
219
after unrelated rows are re-inserted at the now-free table locations.
220
This bug has been present since release 8.2, but occurs so infrequently
221
that it was not diagnosed until now. If you have reason to suspect
222
that it has happened in your database, reindexing the affected index
228
> Update per-column permissions, not only per-table permissions, when
229
changing table owner (Tom Lane)
232
> Failure to do this meant that any previously granted column permissions
233
were still shown as having been granted by the old owner. This meant
234
that neither the new owner nor a superuser could revoke the
235
now-untraceable-to-table-owner permissions.
240
> Allow non-existent values for some settings in <TT
243
USER/DATABASE SET</TT
244
> (Heikki Linnakangas)
249
>default_text_search_config</TT
253
>default_tablespace</TT
256
>temp_tablespaces</TT
258
set to names that are not known. This is because they might be known
259
in another database where the setting is intended to be used, or for the
260
tablespace cases because the tablespace might not be created yet. The
261
same issue was previously recognized for <TT
265
these settings now act like that one.
270
> Avoid crashing when we have problems deleting table files post-commit
274
> Dropping a table should lead to deleting the underlying disk files only
275
after the transaction commits. In event of failure then (for instance,
276
because of wrong file permissions) the code is supposed to just emit a
277
warning message and go on, since it's too late to abort the
278
transaction. This logic got broken as of release 8.4, causing such
279
situations to result in a PANIC and an unrestartable database.
284
> Track the OID counter correctly during WAL replay, even when it wraps
288
> Previously the OID counter would remain stuck at a high value until the
289
system exited replay mode. The practical consequences of that are
290
usually nil, but there are scenarios wherein a standby server that's
291
been promoted to master might take a long time to advance the OID
292
counter to a reasonable value once values are needed.
297
> Fix regular expression back-references with <TT
304
> Rather than enforcing an exact string match, the code would effectively
305
accept any string that satisfies the pattern sub-expression referenced
306
by the back-reference symbol.
309
> A similar problem still afflicts back-references that are embedded in a
310
larger quantified expression, rather than being the immediate subject
311
of the quantifier. This will be addressed in a future
320
> Fix recently-introduced memory leak in processing of
327
> values (Heikki Linnakangas)
330
> A patch in the December 2011 releases of <SPAN
334
caused memory leakage in these operations, which could be significant
335
in scenarios such as building a btree index on such a column.
340
> Fix dangling pointer after <TT
347
> in a SQL-language function (Tom Lane)
350
> In most cases this only led to an assertion failure in assert-enabled
351
builds, but worse consequences seem possible.
356
> Avoid double close of file handle in syslogger on Windows (MauMau)
359
> Ordinarily this error was invisible, but it would cause an exception
360
when running on a debug version of Windows.
365
> Fix I/O-conversion-related memory leaks in plpgsql
366
(Andres Freund, Jan Urbanski, Tom Lane)
369
> Certain operations would leak memory until the end of the current
378
>'s handling of inherited table columns
385
> mishandled situations where a child column has
386
a different default expression than its parent column. If the default
387
is textually identical to the parent's default, but not actually the
388
same (for instance, because of schema search path differences) it would
389
not be recognized as different, so that after dump and restore the
390
child would be allowed to inherit the parent's default. Child columns
394
> where their parent is not could also be
395
restored subtly incorrectly.
403
>'s direct-to-database mode for
404
INSERT-style table data (Tom Lane)
407
> Direct-to-database restores from archive files made with
413
>--column-inserts</TT
418
> from a release dated September or
419
December 2011, as a result of an oversight in a fix for another
420
problem. The archive file itself is not at fault, and text-mode
436
> statements (Michael Meskes)
439
> The infrastructure to support this has been there for awhile, but
440
through an oversight there was still an error check rejecting the case.
447
>contrib/intarray</TT
452
> operator (Guillaume Lelarge)
455
> If the smallest integer the two input arrays have in common is 1,
456
and there are smaller values in either array, then 1 would be
457
incorrectly omitted from the result.
462
> Fix error detection in <TT
464
>contrib/pgcrypto</TT
476
> These functions failed to report certain types of invalid-input errors,
477
and would instead return random garbage values for incorrect input.
482
> Fix one-byte buffer overrun in <TT
484
>contrib/test_parser</TT
489
> The code would try to read one more byte than it should, which would
490
crash in corner cases.
493
>contrib/test_parser</TT
494
> is only example code, this is
495
not a security issue in itself, but bad example code is still bad.
502
>__sync_lock_test_and_set()</CODE
503
> for spinlocks on ARM, if
504
available (Martin Pitt)
507
> This function replaces our previous use of the <TT
511
instruction, which is deprecated and not available on ARMv6 and later.
512
Reports suggest that the old code doesn't fail in an obvious way on
513
recent ARM boards, but simply doesn't interlock concurrent accesses,
514
leading to bizarre failures in multiprocess operation.
521
>-fexcess-precision=standard</TT
522
> option when building with
523
gcc versions that accept it (Andrew Dunstan)
526
> This prevents assorted scenarios wherein recent versions of gcc will
527
produce creative results.
532
> Allow use of threaded Python on FreeBSD (Chris Rees)
535
> Our configure script previously believed that this combination wouldn't
536
work; but FreeBSD fixed the problem, so remove that error check.
547
SUMMARY="Footer navigation table"
558
HREF="release-9-0.html"
576
HREF="release-8-4-10.html"
b'\\ No newline at end of file'