1
<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.01 Transitional//EN" "http://www.w3.org/TR/html4/loose.dtd">
8
CONTENT="Modular DocBook HTML Stylesheet Version 1.79"><LINK
10
HREF="mailto:pgsql-docs@postgresql.org"><LINK
12
TITLE="PostgreSQL 9.4.1 Documentation"
13
HREF="index.html"><LINK
16
HREF="release.html"><LINK
19
HREF="release.html"><LINK
22
HREF="release-9-4.html"><LINK
25
HREF="stylesheet.css"><META
26
HTTP-EQUIV="Content-Type"
27
CONTENT="text/html; charset=ISO-8859-1"><META
29
CONTENT="2015-02-02T20:51:01"></HEAD
35
SUMMARY="Header navigation table"
47
>PostgreSQL 9.4.1 Documentation</A
74
>Appendix E. Release Notes</TD
81
HREF="release-9-4.html"
96
>E.1. Release 9.4.1</A
109
> This release contains a variety of fixes from 9.4.0.
110
For information about new features in the 9.4 major release, see
112
HREF="release-9-4.html"
122
>E.1.1. Migration to Version 9.4.1</A
125
> A dump/restore is not required for those running 9.4.X.
128
> However, if you are a Windows user and are using the <SPAN
131
(Bokmål)"</SPAN
132
> locale, manual action is needed after the upgrade to
135
>"Norwegian (Bokmål)_Norway"</SPAN
139
>"norwegian-bokmal"</SPAN
140
> locale names stored
144
> system catalogs with the plain-ASCII
147
>"Norwegian_Norway"</SPAN
150
HREF="http://wiki.postgresql.org/wiki/Changes_To_Norwegian_Locale"
152
>http://wiki.postgresql.org/wiki/Changes_To_Norwegian_Locale</A
169
> Fix buffer overruns in <CODE
179
> processes a numeric formatting template
180
calling for a large number of digits, <SPAN
184
would read past the end of a buffer. When processing a crafted
185
timestamp formatting template, <SPAN
189
past the end of a buffer. Either case could crash the server.
190
We have not ruled out the possibility of attacks that lead to
191
privilege escalation, though they seem unlikely.
197
> Fix buffer overrun in replacement <CODE
207
> includes a replacement implementation
211
> and related functions. This code will overrun
212
a stack buffer when formatting a floating point number (conversion
232
>) with requested precision greater than
233
about 500. This will crash the server, and we have not ruled out the
234
possibility of attacks that lead to privilege escalation.
235
A database user can trigger such a buffer overrun through
239
> SQL function. While that is the only
243
> functionality, extension
244
modules that use printf-family functions may be at risk as well.
247
> This issue primarily affects <SPAN
254
> uses the system implementation of these
255
functions where adequate, which it is on other modern platforms.
261
> Fix buffer overruns in <TT
263
>contrib/pgcrypto</TT
265
(Marko Tiikkaja, Noah Misch)
268
> Errors in memory size tracking within the <TT
272
module permitted stack buffer overruns and improper dependence on the
273
contents of uninitialized memory. The buffer overrun cases can
274
crash the server, and we have not ruled out the possibility of
275
attacks that lead to privilege escalation.
281
> Fix possible loss of frontend/backend protocol synchronization after
286
> If any error occurred while the server was in the middle of reading a
287
protocol message from the client, it could lose synchronization and
288
incorrectly try to interpret part of the message's data as a new
289
protocol message. An attacker able to submit crafted binary data
290
within a command parameter might succeed in injecting his own SQL
291
commands this way. Statement timeout and query cancellation are the
292
most likely sources of errors triggering this scenario. Particularly
293
vulnerable are applications that use a timeout and also submit
294
arbitrary user-crafted data as binary query parameters. Disabling
295
statement timeout will reduce, but not eliminate, the risk of
296
exploit. Our thanks to Emil Lenngren for reporting this issue.
302
> Fix information leak via constraint-violation error messages
306
> Some server error messages show the values of columns that violate
307
a constraint, such as a unique constraint. If the user does not have
311
> privilege on all columns of the table, this could
312
mean exposing values that the user should not be able to see. Adjust
313
the code so that values are displayed only when they came from the SQL
314
command or could be selected by the user.
320
> Lock down regression testing's temporary installations on Windows
324
> Use SSPI authentication to allow connections only from the OS user
325
who launched the test suite. This closes on Windows the same
326
vulnerability previously closed on other platforms, namely that other
327
users might be able to connect to the test postmaster.
333
> Cope with the Windows locale named <SPAN
335
>"Norwegian (Bokmål)"</SPAN
340
> Non-ASCII locale names are problematic since it's not clear what
341
encoding they should be represented in. Map the troublesome locale
342
name to a plain-ASCII alias, <SPAN
344
>"Norwegian_Norway"</SPAN
348
> 9.4.0 mapped the troublesome name to <SPAN
350
>"norwegian-bokmal"</SPAN
352
but that turns out not to work on all Windows configurations.
355
>"Norwegian_Norway"</SPAN
356
> is now recommended instead.
361
> Fix use-of-already-freed-memory problem in EvalPlanQual processing
368
> mode, queries that lock or update
369
recently-updated rows could crash as a result of this bug.
374
> Avoid possible deadlock while trying to acquire tuple locks
375
in EvalPlanQual processing (Álvaro Herrera, Mark Kirkwood)
380
> Fix failure to wait when a transaction tries to acquire a <TT
384
> tuple lock, while multiple other transactions
388
> locks (Álvaro Herrera)
393
> Improve performance of <TT
396
> with large range tables
405
> Unicode escape processing, and in consequence
412
> Previously, the JSON Unicode escape <TT
416
and was stored as those six characters; but that is indistinguishable
417
from what is stored for the input <TT
421
ambiguity. Moreover, in cases where de-escaped textual output is
422
expected, such as the <TT
425
> operator, the sequence was
429
>, which does not meet the expectation
430
that JSON escaping would be removed. (Consistent behavior would
431
require emitting a zero byte, but <SPAN
435
support zero bytes embedded in text strings.) 9.4.0 included an
436
ill-advised attempt to improve this situation by adjusting JSON output
437
conversion rules; but of course that could not fix the fundamental
438
ambiguity, and it turned out to break other usages of Unicode escape
439
sequences. Revert that, and to avoid the core problem,
452
> column contains a <TT
456
with 9.4.0, it will henceforth read out as though it
460
>, which is the other valid interpretation of
461
the data stored by 9.4.0 for this case.
467
> type did not have the storage-ambiguity problem, but
468
it did have the problem of inconsistent de-escaped textual output.
472
> will now also be rejected
476
> values when conversion to de-escaped form is
477
required. This change does not break the ability to
484
> columns so long as no
485
processing is done on the values. This is exactly parallel to the
486
cases in which non-ASCII Unicode escapes are allowed when the database
487
encoding is not UTF8.
492
> Fix namespace handling in <CODE
498
> Previously, the <TT
501
> value resulting from
505
> call would not have namespace declarations if
506
the namespace declarations were attached to an ancestor element in the
510
> value, rather than to the specific element being
511
returned. Propagate the ancestral declaration so that the result is
512
correct when considered in isolation.
517
> Fix assorted oversights in range-operator selectivity estimation
521
> This patch fixes corner-case <SPAN
523
>"unexpected operator NNNN"</SPAN
525
errors, and improves the selectivity estimates for some other cases.
530
> Revert unintended reduction in maximum size of a GIN index item
534
> 9.4.0 could fail with <SPAN
536
>"index row size exceeds maximum"</SPAN
538
for data that previous versions would accept.
543
> Fix query-duration memory leak during repeated GIN index rescans
549
> Fix possible crash when using
552
>gin_fuzzy_search_limit</TT
553
> (Heikki Linnakangas)
558
> Assorted fixes for logical decoding (Andres Freund)
563
> Fix incorrect replay of WAL parameter change records that report
567
> setting (Petr Jalinek)
574
>"pgstat wait timeout"</SPAN
575
> warning message to be LOG level,
576
and rephrase it to be more understandable (Tom Lane)
579
> This message was originally thought to be essentially a can't-happen
580
case, but it occurs often enough on our slower buildfarm members to be
581
a nuisance. Reduce it to LOG level, and expend a bit more effort on
582
the wording: it now reads <SPAN
584
>"using stale statistics instead of
585
current ones because stats collector is not responding"</SPAN
591
> Warn if OS X's <CODE
594
> starts an unwanted extra
595
thread inside the postmaster (Noah Misch)
603
>'s behavior when <TT
607
isn't readable (Tom Lane)
612
>PQsetdbLogin()</CODE
617
attempts to ascertain the user's operating system name, which on most
618
Unix platforms involves reading <TT
622
failure to do that was treated as a hard error. Restore the previous
623
behavior, which was to fail only if the application does not provide a
624
database role name to connect as. This supports operation in chroot
625
environments that lack an <TT
633
> Improve consistency of parsing of <SPAN
640
> Allow variant spellings of <TT
659
>ON_ERROR_ROLLBACK</TT
660
>. Report a warning for unrecognized
663
>COMP_KEYWORD_CASE</TT
677
>ON_ERROR_ROLLBACK</TT
682
all values for all these variables case-insensitively; previously
683
there was a mishmash of case-sensitive and case-insensitive behaviors.
691
> to handle comments on event triggers
692
without failing (Tom Lane)
697
> Allow parallel <SPAN
703
>--serializable-deferrable</TT
709
> Prevent WAL files created by <TT
711
>pg_basebackup -x/-X</TT
713
being archived again when the standby is promoted (Andres Freund)
718
> Handle unexpected query results, especially NULLs, safely in
721
>contrib/tablefunc</TT
732
> previously crashed if it encountered a NULL
733
key value. It now prints that row but doesn't recurse further.
738
> Numerous cleanups of warnings from Coverity static code analyzer
739
(Andres Freund, Tatsuo Ishii, Marko Kreen, Tom Lane, Michael Paquier)
742
> These changes are mostly cosmetic but in some cases fix corner-case
743
bugs, for example a crash rather than a proper error report after an
744
out-of-memory failure. None are believed to represent security
757
to override automatically-supplied <TT
766
> would add any switches that it
767
chose of its own accord to the end of the
771
> string. Since most compilers
772
process switches left-to-right, this meant that configure's choices
773
would override the user-specified flags in case of conflicts. That
774
should work the other way around, so adjust the logic to put the
775
user's string at the end not the beginning.
783
> remove any temporary installation it
784
created upon successful exit (Tom Lane)
787
> This results in a very substantial reduction in disk space usage
790
>make check-world</TT
791
>, since that sequence involves
792
creation of numerous temporary installations.
797
> Add CST (China Standard Time) to our lists of timezone abbreviations
803
> Update time zone data files to <SPAN
807
for DST law changes in Chile and Mexico, plus historical changes in
819
SUMMARY="Footer navigation table"
848
HREF="release-9-4.html"
b'\\ No newline at end of file'