From: Tom Lane Date: Tue, 5 Feb 2019 00:18:49 +0000 (-0500) Subject: Doc: in each release branch, keep only that branch's own release notes. X-Git-Url: http://git.postgresql.org/gitweb/irc:/static/gitweb.js?a=commitdiff_plain;h=527b5ed1ad469e19af458a3cbcc060899d1eab71;p=users%2Fbernd%2Fpostgres.git Doc: in each release branch, keep only that branch's own release notes. Historically we've had each release branch include all prior branches' notes, including minor-release changes, back to the beginning of the project. That's basically an O(N^2) proposition, and it was starting to catch up with us: as of HEAD the back-branch release notes alone accounted for nearly 30% of the documentation. While there's certainly some value in easy access to back-branch notes, this is getting out of hand. Hence, switch over to the rule that each branch contains only its own release notes. So as to not make older notes too hard to find, each branch will provide URLs for the immediately preceding branches' release notes on the project website. There might be value in providing aggregated notes across all branches somewhere on the website, but that's a task for another day. Discussion: https://postgr.es/m/cbd4aeb5-2d9c-8b84-e968-9e09393d4c83@postgresql.org --- diff --git a/doc/src/sgml/filelist.sgml b/doc/src/sgml/filelist.sgml index 5dfdf54815..a03ea1427b 100644 --- a/doc/src/sgml/filelist.sgml +++ b/doc/src/sgml/filelist.sgml @@ -166,22 +166,6 @@ - - - - - - - - - - - - - - - - diff --git a/doc/src/sgml/release-10.sgml b/doc/src/sgml/release-10.sgml deleted file mode 100644 index c72b4c931e..0000000000 --- a/doc/src/sgml/release-10.sgml +++ /dev/null @@ -1,9330 +0,0 @@ - - - - - Release 10.6 - - - Release date: - 2018-11-08 - - - - This release contains a variety of fixes from 10.5. - For information about new features in major release 10, see - . - - - - Migration to Version 10.6 - - - A dump/restore is not required for those running 10.X. - - - - However, if you use the pg_stat_statements extension, - see the changelog entry below about that. - - - - Also, if you are upgrading from a version earlier than 10.4, - see . - - - - - Changes - - - - - - Ensure proper quoting of transition table names - when pg_dump emits CREATE TRIGGER - ... REFERENCING commands (Tom Lane) - - - - This oversight could be exploited by an unprivileged user to gain - superuser privileges during the next dump/reload - or pg_upgrade run. (CVE-2018-16850) - - - - - - - Fix corner-case failures - in has_foo_privilege() - family of functions (Tom Lane) - - - - Return NULL rather than throwing an error when an invalid object OID - is provided. Some of these functions got that right already, but not - all. has_column_privilege() was additionally - capable of crashing on some platforms. - - - - - - - Fix pg_get_partition_constraintdef() to return - NULL rather than fail when passed an invalid relation OID (Tom Lane) - - - - - - - Avoid O(N^2) slowdown in regular expression match/split functions on - long strings (Andrew Gierth) - - - - - - - Fix parsing of standard multi-character operators that are immediately - followed by a comment or + or - - (Andrew Gierth) - - - - This oversight could lead to parse errors, or to incorrect assignment - of precedence. - - - - - - - Avoid O(N^3) slowdown in lexer for long strings - of + or - characters - (Andrew Gierth) - - - - - - - Fix mis-execution of SubPlans when the outer query is being scanned - backwards (Andrew Gierth) - - - - - - - Fix failure of UPDATE/DELETE ... WHERE CURRENT OF ... - after rewinding the referenced cursor (Tom Lane) - - - - A cursor that scans multiple relations (particularly an inheritance - tree) could produce wrong behavior if rewound to an earlier relation. - - - - - - - Fix EvalPlanQual to handle conditionally-executed - InitPlans properly (Andrew Gierth, Tom Lane) - - - - This resulted in hard-to-reproduce crashes or wrong answers in - concurrent updates, if they contained code such as an uncorrelated - sub-SELECT inside a CASE - construct. - - - - - - Prevent creation of a partition in a trigger attached to its parent - table (Amit Langote) - - - - Ideally we'd allow that, but for the moment it has to be blocked to - avoid crashes. - - - - - - Fix problems with applying ON COMMIT DELETE ROWS to - a partitioned temporary table (Amit Langote) - - - - - - Fix character-class checks to not fail on Windows for Unicode - characters above U+FFFF (Tom Lane, Kenji Uno) - - - - This bug affected full-text-search operations, as well - as contrib/ltree - and contrib/pg_trgm. - - - - - - - Disallow pushing sub-SELECTs containing window - functions, LIMIT, or OFFSET to - parallel workers (Amit Kapila) - - - - Such cases could result in inconsistent behavior due to different - workers getting different answers, as a result of indeterminacy - due to row-ordering variations. - - - - - - - Ensure that sequences owned by a foreign table are processed - by ALTER OWNER on the table (Peter Eisentraut) - - - - The ownership change should propagate to such sequences as well, but - this was missed for foreign tables. - - - - - - Ensure that the server will process - already-received NOTIFY - and SIGTERM interrupts before waiting for client - input (Jeff Janes, Tom Lane) - - - - - - - Fix over-allocation of space for array_out()'s - result string (Keiichi Hirobe) - - - - - - - Avoid query-lifetime memory leak in XMLTABLE - (Andrew Gierth) - - - - - - Fix memory leak in repeated SP-GiST index scans (Tom Lane) - - - - This is only known to amount to anything significant in cases where - an exclusion constraint using SP-GiST receives many new index entries - in a single command. - - - - - - - Ensure that ApplyLogicalMappingFile() closes the - mapping file when done with it (Tomas Vondra) - - - - Previously, the file descriptor was leaked, eventually resulting in - failures during logical decoding. - - - - - - - Fix logical decoding to handle cases where a mapped catalog table is - repeatedly rewritten, e.g. by VACUUM FULL - (Andres Freund) - - - - - - Prevent starting the server with wal_level set - to too low a value to support an existing replication slot (Andres - Freund) - - - - - - - Avoid crash if a utility command causes infinite recursion (Tom Lane) - - - - - - - When initializing a hot standby, cope with duplicate XIDs caused by - two-phase transactions on the master - (Michael Paquier, Konstantin Knizhnik) - - - - - - - Fix event triggers to handle nested ALTER TABLE - commands (Michael Paquier, Álvaro Herrera) - - - - - - - Propagate parent process's transaction and statement start timestamps - to parallel workers (Konstantin Knizhnik) - - - - This prevents misbehavior of functions such - as transaction_timestamp() when executed in a - worker. - - - - - - - Fix transfer of expanded datums to parallel workers so that alignment - is preserved, preventing crashes on alignment-picky platforms - (Tom Lane, Amit Kapila) - - - - - - - Fix WAL file recycling logic to work correctly on standby servers - (Michael Paquier) - - - - Depending on the setting of archive_mode, a standby - might fail to remove some WAL files that could be removed. - - - - - - - Fix handling of commit-timestamp tracking during recovery - (Masahiko Sawada, Michael Paquier) - - - - If commit timestamp tracking has been turned on or off, recovery might - fail due to trying to fetch the commit timestamp for a transaction - that did not record it. - - - - - - - Randomize the random() seed in bootstrap and - standalone backends, and in initdb - (Noah Misch) - - - - The main practical effect of this change is that it avoids a scenario - where initdb might mistakenly conclude that - POSIX shared memory is not available, due to name collisions caused by - always using the same random seed. - - - - - - - Fix possible shared-memory corruption in DSA logic (Thomas Munro) - - - - - - - Allow DSM allocation to be interrupted (Chris Travers) - - - - - - - Avoid failure in a parallel worker when loading an extension that - tries to access system caches within its init function (Thomas Munro) - - - - We don't consider that to be good extension coding practice, but it - mostly worked before parallel query, so continue to support it for - now. - - - - - - - Properly handle turning full_page_writes on - dynamically (Kyotaro Horiguchi) - - - - - - - Fix possible crash due to double free() during - SP-GiST rescan (Andrew Gierth) - - - - - - - Prevent mis-linking of src/port and src/common functions on ELF-based - BSD platforms, as well as HP-UX and Solaris (Andrew Gierth, Tom Lane) - - - - Shared libraries loaded into a backend's address space could use the - backend's versions of these functions, rather than their own copies as - intended. Since the behavior of the two sets of functions isn't - quite the same, this led to failures. - - - - - - - Avoid possible buffer overrun when replaying GIN page recompression - from WAL (Alexander Korotkov, Sivasubramanian Ramasubramanian) - - - - - - - Avoid overrun of a hash index's metapage - when BLCKSZ is smaller than default (Dilip Kumar) - - - - - - - Fix missed page checksum updates in hash indexes (Amit Kapila) - - - - - - - Fix missed fsync of a replication slot's directory (Konstantin - Knizhnik, Michael Paquier) - - - - - - - Fix unexpected timeouts when - using wal_sender_timeout on a slow server - (Noah Misch) - - - - - - - Ensure that hot standby processes use the correct WAL consistency - point (Alexander Kukushkin, Michael Paquier) - - - - This prevents possible misbehavior just after a standby server has - reached a consistent database state during WAL replay. - - - - - - - Ensure background workers are stopped properly when the postmaster - receives a fast-shutdown request before completing database startup - (Alexander Kukushkin) - - - - - - - Update the free space map during WAL replay of page all-visible/frozen - flag changes (Álvaro Herrera) - - - - Previously we were not careful about this, reasoning that the FSM is - not critical data anyway. However, if it's sufficiently out of date, - that can result in significant performance degradation after a standby - has been promoted to primary. The FSM will eventually be healed by - updates, but we'd like it to be good sooner, so work harder at - maintaining it during WAL replay. - - - - - - - Avoid premature release of parallel-query resources when query end or - tuple count limit is reached (Amit Kapila) - - - - It's only okay to shut down the executor at this point if the caller - cannot demand backwards scan afterwards. - - - - - - - Don't run atexit callbacks when servicing SIGQUIT - (Heikki Linnakangas) - - - - - - - Don't record foreign-server user mappings as members of extensions - (Tom Lane) - - - - If CREATE USER MAPPING is executed in an extension - script, an extension dependency was created for the user mapping, - which is unexpected. Roles can't be extension members, so user - mappings shouldn't be either. - - - - - - - Make syslogger more robust against failures in opening CSV log files - (Tom Lane) - - - - - - - When libpq is given multiple target host - names, do the DNS lookups one at a time, not all at once (Tom Lane) - - - - This prevents unnecessary failures or slow connections when a - connection is successfully made to one of the earlier servers in the - list. - - - - - - - Fix libpq's handling of connection timeouts - so that they are properly applied per host name or IP address (Tom Lane) - - - - Previously, some code paths failed to restart the timer when switching - to a new target host, possibly resulting in premature timeout. - - - - - - Fix psql, as well as documentation - examples, to call PQconsumeInput() before - each PQnotifies() call (Tom Lane) - - - - This fixes cases in which psql would not - report receipt of a NOTIFY message until after the - next command. - - - - - - - Fix pg_dump's - option to also ignore publication - tables (Gilles Darold) - - - - - - - In pg_dump, exclude identity sequences when - their parent table is excluded from the dump (David Rowley) - - - - - - - Fix possible inconsistency in pg_dump's - sorting of dissimilar object names (Jacob Champion) - - - - - - - Ensure that pg_restore will schema-qualify - the table name when - emitting DISABLE/ENABLE TRIGGER - commands (Tom Lane) - - - - This avoids failures due to the new policy of running restores with - restrictive search path. - - - - - - - Fix pg_upgrade to handle event triggers in - extensions correctly (Haribabu Kommi) - - - - pg_upgrade failed to preserve an event - trigger's extension-membership status. - - - - - - - Fix pg_upgrade's cluster state check to - work correctly on a standby server (Bruce Momjian) - - - - - - - Enforce type cube's dimension limit in - all contrib/cube functions (Andrey Borodin) - - - - Previously, some cube-related functions could construct values that - would be rejected by cube_in(), leading to - dump/reload failures. - - - - - - In contrib/pg_stat_statements, disallow - the pg_read_all_stats role from - executing pg_stat_statements_reset() - (Haribabu Kommi) - - - - pg_read_all_stats is only meant to grant permission - to read statistics, not to change them, so this grant was incorrect. - - - - To cause this change to take effect, run ALTER EXTENSION - pg_stat_statements UPDATE in each database - where pg_stat_statements has been installed. - - - - - - - In contrib/postgres_fdw, don't try to ship a - variable-free ORDER BY clause to the remote server - (Andrew Gierth) - - - - - - - Fix contrib/unaccent's - unaccent() function to use - the unaccent text search dictionary that is in the - same schema as the function (Tom Lane) - - - - Previously it tried to look up the dictionary using the search path, - which could fail if the search path has a restrictive value. - - - - - - Fix build problems on macOS 10.14 (Mojave) (Tom Lane) - - - - Adjust configure to add - an switch to CPPFLAGS; - without this, PL/Perl and PL/Tcl fail to configure or build on macOS - 10.14. The specific sysroot used can be overridden at configure time - or build time by setting the PG_SYSROOT variable in - the arguments of configure - or make. - - - - It is now recommended that Perl-related extensions - write $(perl_includespec) rather - than -I$(perl_archlibexp)/CORE in their compiler - flags. The latter continues to work on most platforms, but not recent - macOS. - - - - Also, it should no longer be necessary to - specify manually to get PL/Tcl to - build on recent macOS releases. - - - - - - Fix MSVC build and regression-test scripts to work on recent Perl - versions (Andrew Dunstan) - - - - Perl no longer includes the current directory in its search path - by default; work around that. - - - - - - On Windows, allow the regression tests to be run by an Administrator - account (Andrew Dunstan) - - - - To do this safely, pg_regress now gives up - any such privileges at startup. - - - - - - - Allow btree comparison functions to return INT_MIN - (Tom Lane) - - - - Up to now, we've forbidden datatype-specific comparison functions from - returning INT_MIN, which allows callers to invert - the sort order just by negating the comparison result. However, this - was never safe for comparison functions that directly return the - result of memcmp(), strcmp(), - etc, as POSIX doesn't place any such restriction on those functions. - At least some recent versions of memcmp() can - return INT_MIN, causing incorrect sort ordering. - Hence, we've removed this restriction. Callers must now use - the INVERT_COMPARE_RESULT() macro if they wish to - invert the sort order. - - - - - - - Fix recursion hazard in shared-invalidation message processing - (Tom Lane) - - - - This error could, for example, result in failure to access a system - catalog or index that had just been processed by VACUUM - FULL. - - - - This change adds a new result code - for LockAcquire, which might possibly affect - external callers of that function, though only very unusual usage - patterns would have an issue with it. The API - of LockAcquireExtended is also changed. - - - - - - - Save and restore SPI's global variables - during SPI_connect() - and SPI_finish() (Chapman Flack, Tom Lane) - - - - This prevents possible interference when one SPI-using function calls - another. - - - - - - - Avoid using potentially-under-aligned page buffers (Tom Lane) - - - - Invent new union types PGAlignedBlock - and PGAlignedXLogBlock, and use these in place of plain - char arrays, ensuring that the compiler can't place the buffer at a - misaligned start address. This fixes potential core dumps on - alignment-picky platforms, and may improve performance even on - platforms that allow misalignment. - - - - - - - Make src/port/snprintf.c follow the C99 - standard's definition of snprintf()'s result - value (Tom Lane) - - - - On platforms where this code is used (mostly Windows), its pre-C99 - behavior could lead to failure to detect buffer overrun, if the - calling code assumed C99 semantics. - - - - - - - When building on i386 with the clang - compiler, require to be used (Andres Freund) - - - - This avoids problems with missed floating point overflow checks. - - - - - - - Fix configure's detection of the result - type of strerror_r() (Tom Lane) - - - - The previous coding got the wrong answer when building - with icc on Linux (and perhaps in other - cases), leading to libpq not returning - useful error messages for system-reported errors. - - - - - - Update time zone data files to tzdata - release 2018g for DST law changes in Chile, Fiji, Morocco, and Russia - (Volgograd), plus historical corrections for China, Hawaii, Japan, - Macau, and North Korea. - - - - - - - - - - Release 10.5 - - - Release date: - 2018-08-09 - - - - This release contains a variety of fixes from 10.4. - For information about new features in major release 10, see - . - - - - Migration to Version 10.5 - - - A dump/restore is not required for those running 10.X. - - - - However, if you are upgrading from a version earlier than 10.4, - see . - - - - - Changes - - - - - - - Fix failure to reset libpq's state fully - between connection attempts (Tom Lane) - - - - An unprivileged user of dblink - or postgres_fdw could bypass the checks intended - to prevent use of server-side credentials, such as - a ~/.pgpass file owned by the operating-system - user running the server. Servers allowing peer authentication on - local connections are particularly vulnerable. Other attacks such - as SQL injection into a postgres_fdw session - are also possible. - Attacking postgres_fdw in this way requires the - ability to create a foreign server object with selected connection - parameters, but any user with access to dblink - could exploit the problem. - In general, an attacker with the ability to select the connection - parameters for a libpq-using application - could cause mischief, though other plausible attack scenarios are - harder to think of. - Our thanks to Andrew Krasichkov for reporting this issue. - (CVE-2018-10915) - - - - - - - Fix INSERT ... ON CONFLICT UPDATE through a view - that isn't just SELECT * FROM ... - (Dean Rasheed, Amit Langote) - - - - Erroneous expansion of an updatable view could lead to crashes - or attribute ... has the wrong type errors, if the - view's SELECT list doesn't match one-to-one with - the underlying table's columns. - Furthermore, this bug could be leveraged to allow updates of columns - that an attacking user lacks UPDATE privilege for, - if that user has INSERT and UPDATE - privileges for some other column(s) of the table. - Any user could also use it for disclosure of server memory. - (CVE-2018-10925) - - - - - - - Ensure that updates to the relfrozenxid - and relminmxid values - for nailed system catalogs are processed in a timely - fashion (Andres Freund) - - - - Overoptimistic caching rules could prevent these updates from being - seen by other sessions, leading to spurious errors and/or data - corruption. The problem was significantly worse for shared catalogs, - such as pg_authid, because the stale cache - data could persist into new sessions as well as existing ones. - - - - - - - Fix case where a freshly-promoted standby crashes before having - completed its first post-recovery checkpoint (Michael Paquier, Kyotaro - Horiguchi, Pavan Deolasee, Álvaro Herrera) - - - - This led to a situation where the server did not think it had reached - a consistent database state during subsequent WAL replay, preventing - restart. - - - - - - - Avoid emitting a bogus WAL record when recycling an all-zero btree - page (Amit Kapila) - - - - This mistake has been seen to cause assertion failures, and - potentially it could result in unnecessary query cancellations on hot - standby servers. - - - - - - - During WAL replay, guard against corrupted record lengths exceeding - 1GB (Michael Paquier) - - - - Treat such a case as corrupt data. Previously, the code would try to - allocate space and get a hard error, making recovery impossible. - - - - - - - When ending recovery, delay writing the timeline history file as long - as possible (Heikki Linnakangas) - - - - This avoids some situations where a failure during recovery cleanup - (such as a problem with a two-phase state file) led to inconsistent - timeline state on-disk. - - - - - - - Improve performance of WAL replay for transactions that drop many - relations (Fujii Masao) - - - - This change reduces the number of times that shared buffers are - scanned, so that it is of most benefit when that setting is large. - - - - - - - Improve performance of lock releasing in standby server WAL replay - (Thomas Munro) - - - - - - - Make logical WAL senders report streaming state correctly (Simon - Riggs, Sawada Masahiko) - - - - The code previously mis-detected whether or not it had caught up with - the upstream server. - - - - - - - Ensure that a snapshot is provided when executing data type input - functions in logical replication subscribers (Minh-Quan Tran, - Álvaro Herrera) - - - - This omission led to failures in some cases, such as domains with - constraints using SQL-language functions. - - - - - - - Fix bugs in snapshot handling during logical decoding, allowing wrong - decoding results in rare cases (Arseny Sher, Álvaro Herrera) - - - - - - - Add subtransaction handling in logical-replication table - synchronization workers (Amit Khandekar, Robert Haas) - - - - Previously, table synchronization could misbehave if any - subtransactions were aborted after modifying a table being - synchronized. - - - - - - - Ensure a table's cached index list is correctly rebuilt after an index - creation fails partway through (Peter Geoghegan) - - - - Previously, the failed index's OID could remain in the list, causing - problems later in the same session. - - - - - - - Fix mishandling of empty uncompressed posting list pages in GIN - indexes (Sivasubramanian Ramasubramanian, Alexander Korotkov) - - - - This could result in an assertion failure after pg_upgrade of a - pre-9.4 GIN index (9.4 and later will not create such pages). - - - - - - - Pad arrays of unnamed POSIX semaphores to reduce cache line sharing - (Thomas Munro) - - - - This reduces contention on many-CPU systems, fixing a performance - regression (compared to previous releases) on Linux and FreeBSD. - - - - - - - Ensure that a process doing a parallel index scan will respond to - signals (Amit Kapila) - - - - Previously, parallel workers could get stuck waiting for a lock on an - index page, and not notice requests to abort the query. - - - - - - - Ensure that VACUUM will respond to signals - within btree page deletion loops (Andres Freund) - - - - Corrupted btree indexes could result in an infinite loop here, and - that previously wasn't interruptible without forcing a crash. - - - - - - - Fix hash-join costing mistake introduced with inner_unique - optimization (David Rowley) - - - - This could lead to bad plan choices in situations where that - optimization was applicable. - - - - - - - Fix misoptimization of equivalence classes involving composite-type - columns (Tom Lane) - - - - This resulted in failure to recognize that an index on a composite - column could provide the sort order needed for a mergejoin on that - column. - - - - - - - Fix planner to avoid ORDER/GROUP BY expression not found in - targetlist errors in some queries with set-returning functions - (Tom Lane) - - - - - - - Fix handling of partition keys whose data type uses a polymorphic - btree operator class, such as arrays (Amit Langote, Álvaro - Herrera) - - - - - - - Fix SQL-standard FETCH FIRST syntax to allow - parameters ($n), as the - standard expects (Andrew Gierth) - - - - - - - Remove undocumented restriction against duplicate partition key - columns (Yugo Nagata) - - - - - - - Disallow temporary tables from being partitions of non-temporary - tables (Amit Langote, Michael Paquier) - - - - While previously allowed, this case didn't work reliably. - - - - - - - Fix EXPLAIN's accounting for resource usage, - particularly buffer accesses, in parallel workers - (Amit Kapila, Robert Haas) - - - - - - - Fix SHOW ALL to show all settings to roles that are - members of pg_read_all_settings, and also allow - such roles to see source filename and line number in - the pg_settings view (Laurenz Albe, - Álvaro Herrera) - - - - - - - Fix failure to schema-qualify some object names - in getObjectDescription - and getObjectIdentity output - (Kyotaro Horiguchi, Tom Lane) - - - - Names of collations, conversions, text search objects, publication - relations, and extended statistics objects were not schema-qualified - when they should be. - - - - - - - Fix CREATE AGGREGATE type checking so that - parallelism support functions can be attached to variadic aggregates - (Alexey Bashtanov) - - - - - - - Widen COPY FROM's current-line-number counter - from 32 to 64 bits (David Rowley) - - - - This avoids two problems with input exceeding 4G lines: COPY - FROM WITH HEADER would drop a line every 4G lines, not only - the first line, and error reports could show a wrong line number. - - - - - - - Allow replication slots to be dropped in single-user mode - (Álvaro Herrera) - - - - This use-case was accidentally broken in release 10.0. - - - - - - - Fix incorrect results from variance(int4) and - related aggregates when run in parallel aggregation mode - (David Rowley) - - - - - - - Process TEXT and CDATA nodes - correctly in xmltable() column expressions - (Markus Winand) - - - - - - - Cope with possible failure of OpenSSL's - RAND_bytes() function - (Dean Rasheed, Michael Paquier) - - - - Under rare circumstances, this oversight could result in could - not generate random cancel key failures that could only be - resolved by restarting the postmaster. - - - - - - - Fix libpq's handling of some cases - where hostaddr is specified - (Hari Babu, Tom Lane, Robert Haas) - - - - PQhost() gave misleading or incorrect results - in some cases. Now, it uniformly returns the host name if specified, - or the host address if only that is specified, or the default host - name (typically /tmp - or localhost) if both parameters are omitted. - - - - Also, the wrong value might be compared to the server name when - verifying an SSL certificate. - - - - Also, the wrong value might be compared to the host name field in - ~/.pgpass. Now, that field is compared to the - host name if specified, or the host address if only that is specified, - or localhost if both parameters are omitted. - - - - Also, an incorrect error message was reported for an unparseable - hostaddr value. - - - - Also, when the host, hostaddr, - or port parameters contain comma-separated - lists, libpq is now more careful to treat - empty elements of a list as selecting the default behavior. - - - - - - - Add a string freeing function - to ecpg's pgtypes - library, so that cross-module memory management problems can be - avoided on Windows (Takayuki Tsunakawa) - - - - On Windows, crashes can ensue if the free call - for a given chunk of memory is not made from the same DLL - that malloc'ed the memory. - The pgtypes library sometimes returns strings - that it expects the caller to free, making it impossible to follow - this rule. Add a PGTYPESchar_free() function - that just wraps free, allowing applications - to follow this rule. - - - - - - - Fix ecpg's support for long - long variables on Windows, as well as other platforms that - declare strtoll/strtoull - nonstandardly or not at all (Dang Minh Huong, Tom Lane) - - - - - - - Fix misidentification of SQL statement type in PL/pgSQL, when a rule - change causes a change in the semantics of a statement intra-session - (Tom Lane) - - - - This error led to assertion failures, or in rare cases, failure to - enforce the INTO STRICT option as expected. - - - - - - - Fix password prompting in client programs so that echo is properly - disabled on Windows when stdin is not the - terminal (Matthew Stickney) - - - - - - - Further fix mis-quoting of values for list-valued GUC variables in - dumps (Tom Lane) - - - - The previous fix for quoting of search_path and - other list-valued variables in pg_dump - output turned out to misbehave for empty-string list elements, and it - risked truncation of long file paths. - - - - - - - Fix pg_dump's failure to - dump REPLICA IDENTITY properties for constraint - indexes (Tom Lane) - - - - Manually created unique indexes were properly marked, but not those - created by declaring UNIQUE or PRIMARY - KEY constraints. - - - - - - - Make pg_upgrade check that the old server - was shut down cleanly (Bruce Momjian) - - - - The previous check could be fooled by an immediate-mode shutdown. - - - - - - - Fix contrib/hstore_plperl to look through Perl - scalar references, and to not crash if it doesn't find a hash - reference where it expects one (Tom Lane) - - - - - - - Fix crash in contrib/ltree's - lca() function when the input array is empty - (Pierre Ducroquet) - - - - - - - Fix various error-handling code paths in which an incorrect error code - might be reported (Michael Paquier, Tom Lane, Magnus Hagander) - - - - - - - Rearrange makefiles to ensure that programs link to freshly-built - libraries (such as libpq.so) rather than ones - that might exist in the system library directories (Tom Lane) - - - - This avoids problems when building on platforms that supply old copies - of PostgreSQL libraries. - - - - - - - Update time zone data files to tzdata - release 2018e for DST law changes in North Korea, plus historical - corrections for Czechoslovakia. - - - - This update includes a redefinition of daylight savings - in Ireland, as well as for some past years in Namibia and - Czechoslovakia. In those jurisdictions, legally standard time is - observed in summer, and daylight savings time in winter, so that the - daylight savings offset is one hour behind standard time not one hour - ahead. This does not affect either the actual UTC offset or the - timezone abbreviations in use; the only known effect is that - the is_dst column in - the pg_timezone_names view will now be true - in winter and false in summer in these cases. - - - - - - - - - - Release 10.4 - - - Release date: - 2018-05-10 - - - - This release contains a variety of fixes from 10.3. - For information about new features in major release 10, see - . - - - - Migration to Version 10.4 - - - A dump/restore is not required for those running 10.X. - - - - However, if you use the adminpack extension, - you should update it as per the first changelog entry below. - - - - Also, if the function marking mistakes mentioned in the second and - third changelog entries below affect you, you will want to take steps - to correct your database catalogs. - - - - Also, if you are upgrading from a version earlier than 10.3, - see . - - - - - Changes - - - - - - - Remove public execute privilege - from contrib/adminpack's - pg_logfile_rotate() function (Stephen Frost) - - - - pg_logfile_rotate() is a deprecated wrapper - for the core function pg_rotate_logfile(). - When that function was changed to rely on SQL privileges for access - control rather than a hard-coded superuser - check, pg_logfile_rotate() should have been - updated as well, but the need for this was missed. Hence, - if adminpack is installed, any user could - request a logfile rotation, creating a minor security issue. - - - - After installing this update, administrators should - update adminpack by performing - ALTER EXTENSION adminpack UPDATE in each - database in which adminpack is installed. - (CVE-2018-1115) - - - - - - - Fix incorrect volatility markings on a few built-in functions - (Thomas Munro, Tom Lane) - - - - The functions - query_to_xml, - cursor_to_xml, - cursor_to_xmlschema, - query_to_xmlschema, and - query_to_xml_and_xmlschema - should be marked volatile because they execute user-supplied queries - that might contain volatile operations. They were not, leading to a - risk of incorrect query optimization. This has been repaired for new - installations by correcting the initial catalog data, but existing - installations will continue to contain the incorrect markings. - Practical use of these functions seems to pose little hazard, but in - case of trouble, it can be fixed by manually updating these - functions' pg_proc entries, for example - ALTER FUNCTION pg_catalog.query_to_xml(text, boolean, - boolean, text) VOLATILE. (Note that that will need to be - done in each database of the installation.) Another option is - to pg_upgrade the database to a version - containing the corrected initial data. - - - - - - - Fix incorrect parallel-safety markings on a few built-in functions - (Thomas Munro, Tom Lane) - - - - The functions - brin_summarize_new_values, - brin_summarize_range, - brin_desummarize_range, - gin_clean_pending_list, - cursor_to_xml, - cursor_to_xmlschema, - ts_rewrite, - ts_stat, - binary_upgrade_create_empty_extension, and - pg_import_system_collations - should be marked parallel-unsafe; some because they perform database - modifications directly, and others because they execute user-supplied - queries that might do so. They were marked parallel-restricted - instead, leading to a risk of unexpected query errors. This has been - repaired for new installations by correcting the initial catalog - data, but existing installations will continue to contain the - incorrect markings. Practical use of these functions seems to pose - little hazard unless force_parallel_mode is turned - on. In case of trouble, it can be fixed by manually updating these - functions' pg_proc entries, for example - ALTER FUNCTION pg_catalog.brin_summarize_new_values(regclass) - PARALLEL UNSAFE. (Note that that will need to be done in - each database of the installation.) Another option is - to pg_upgrade the database to a version - containing the corrected initial data. - - - - - - - Avoid re-using TOAST value OIDs that match dead-but-not-yet-vacuumed - TOAST entries (Pavan Deolasee) - - - - Once the OID counter has wrapped around, it's possible to assign a - TOAST value whose OID matches a previously deleted entry in the same - TOAST table. If that entry were not yet vacuumed away, this resulted - in unexpected chunk number 0 (expected 1) for toast - value nnnnn errors, which would - persist until the dead entry was removed - by VACUUM. Fix by not selecting such OIDs when - creating a new TOAST entry. - - - - - - - Correctly enforce any CHECK constraints on - individual partitions during COPY to a partitioned - table (Etsuro Fujita) - - - - Previously, only constraints declared for the partitioned table as a - whole were checked. - - - - - - - Accept TRUE and FALSE as - partition bound values (Amit Langote) - - - - Previously, only string-literal values were accepted for a boolean - partitioning column. But then pg_dump - would print such values as TRUE - or FALSE, leading to dump/reload failures. - - - - - - - Fix memory management for partition key comparison functions - (Álvaro Herrera, Amit Langote) - - - - This error could lead to crashes when using user-defined operator - classes for partition keys. - - - - - - - Fix possible crash when a query inserts tuples in several partitions - of a partitioned table, and those partitions don't have identical row - types (Etsuro Fujita, Amit Langote) - - - - - - - Change ANALYZE's algorithm for updating - pg_class.reltuples - (David Gould) - - - - Previously, pages not actually scanned by ANALYZE - were assumed to retain their old tuple density. In a large table - where ANALYZE samples only a small fraction of the - pages, this meant that the overall tuple density estimate could not - change very much, so that reltuples would - change nearly proportionally to changes in the table's physical size - (relpages) regardless of what was actually - happening in the table. This has been observed to result - in reltuples becoming so much larger than - reality as to effectively shut off autovacuuming. To fix, assume - that ANALYZE's sample is a statistically unbiased - sample of the table (as it should be), and just extrapolate the - density observed within those pages to the whole table. - - - - - - - Include extended-statistics objects in the set of table properties - duplicated by CREATE TABLE ... LIKE ... INCLUDING - ALL (David Rowley) - - - - Also add an INCLUDING STATISTICS option, to allow - finer-grained control over whether this happens. - - - - - - - Fix CREATE TABLE ... LIKE with bigint - identity columns (Peter Eisentraut) - - - - On platforms where long is 32 bits (which includes - 64-bit Windows as well as most 32-bit machines), copied sequence - parameters would be truncated to 32 bits. - - - - - - - Avoid deadlocks in concurrent CREATE INDEX - CONCURRENTLY commands that are run - under SERIALIZABLE or REPEATABLE - READ transaction isolation (Tom Lane) - - - - - - - Fix possible slow execution of REFRESH MATERIALIZED VIEW - CONCURRENTLY (Thomas Munro) - - - - - - - Fix UPDATE/DELETE ... WHERE CURRENT OF to not fail - when the referenced cursor uses an index-only-scan plan (Yugo Nagata, - Tom Lane) - - - - - - - Fix incorrect planning of join clauses pushed into parameterized - paths (Andrew Gierth, Tom Lane) - - - - This error could result in misclassifying a condition as - a join filter for an outer join when it should be a - plain filter condition, leading to incorrect join - output. - - - - - - - Fix possibly incorrect generation of an index-only-scan plan when the - same table column appears in multiple index columns, and only some of - those index columns use operator classes that can return the column - value (Kyotaro Horiguchi) - - - - - - - Fix misoptimization of CHECK constraints having - provably-NULL subclauses of - top-level AND/OR conditions - (Tom Lane, Dean Rasheed) - - - - This could, for example, allow constraint exclusion to exclude a - child table that should not be excluded from a query. - - - - - - - Prevent planner crash when a query has multiple GROUPING - SETS, none of which can be implemented by sorting (Andrew - Gierth) - - - - - - - Fix executor crash due to double free in some GROUPING - SETS usages (Peter Geoghegan) - - - - - - - Fix misexecution of self-joins on transition tables (Thomas Munro) - - - - - - - Avoid crash if a table rewrite event trigger is added concurrently - with a command that could call such a trigger (Álvaro Herrera, - Andrew Gierth, Tom Lane) - - - - - - - Avoid failure if a query-cancel or session-termination interrupt - occurs while committing a prepared transaction (Stas Kelvich) - - - - - - - Fix query-lifespan memory leakage in repeatedly executed hash joins - (Tom Lane) - - - - - - - Fix possible leak or double free of visibility map buffer pins - (Amit Kapila) - - - - - - - Avoid spuriously marking pages as all-visible (Dan Wood, - Pavan Deolasee, Álvaro Herrera) - - - - This could happen if some tuples were locked (but not deleted). While - queries would still function correctly, vacuum would normally ignore - such pages, with the long-term effect that the tuples were never - frozen. In recent releases this would eventually result in errors - such as found multixact nnnnn from - before relminmxid nnnnn. - - - - - - - Fix overly strict sanity check - in heap_prepare_freeze_tuple - (Álvaro Herrera) - - - - This could result in incorrect cannot freeze committed - xmax failures in databases that have - been pg_upgrade'd from 9.2 or earlier. - - - - - - - Prevent dangling-pointer dereference when a C-coded before-update row - trigger returns the old tuple (Rushabh Lathia) - - - - - - - Reduce locking during autovacuum worker scheduling (Jeff Janes) - - - - The previous behavior caused drastic loss of potential worker - concurrency in databases with many tables. - - - - - - - Ensure client hostname is copied while copying - pg_stat_activity data to local memory - (Edmund Horner) - - - - Previously the supposedly-local snapshot contained a pointer into - shared memory, allowing the client hostname column to change - unexpectedly if any existing session disconnected. - - - - - - - Handle pg_stat_activity information for - auxiliary processes correctly (Edmund Horner) - - - - The application_name, - client_hostname, - and query fields might show incorrect - data for such processes. - - - - - - - Fix incorrect processing of multiple compound affixes - in ispell dictionaries (Arthur Zakirov) - - - - - - - Fix collation-aware searches (that is, indexscans using inequality - operators) in SP-GiST indexes on text columns (Tom Lane) - - - - Such searches would return the wrong set of rows in most non-C - locales. - - - - - - - Prevent query-lifespan memory leakage with SP-GiST operator classes - that use traversal values (Anton Dignös) - - - - - - - Count the number of index tuples correctly during initial build of an - SP-GiST index (Tomas Vondra) - - - - Previously, the tuple count was reported to be the same as that of - the underlying table, which is wrong if the index is partial. - - - - - - - Count the number of index tuples correctly during vacuuming of a - GiST index (Andrey Borodin) - - - - Previously it reported the estimated number of heap tuples, - which might be inaccurate, and is certainly wrong if the - index is partial. - - - - - - - Fix a corner case where a streaming standby gets stuck at a WAL - continuation record (Kyotaro Horiguchi) - - - - - - - In logical decoding, avoid possible double processing of WAL data - when a walsender restarts (Craig Ringer) - - - - - - - Fix logical replication to not assume that type OIDs match between - the local and remote servers (Masahiko Sawada) - - - - - - - Allow scalarltsel - and scalargtsel to be used on non-core datatypes - (Tomas Vondra) - - - - - - - Reduce libpq's memory consumption when a - server error is reported after a large amount of query output has - been collected (Tom Lane) - - - - Discard the previous output before, not after, processing the error - message. On some platforms, notably Linux, this can make a - difference in the application's subsequent memory footprint. - - - - - - - Fix double-free crashes in ecpg - (Patrick Krecker, Jeevan Ladhe) - - - - - - - Fix ecpg to handle long long - int variables correctly in MSVC builds (Michael Meskes, - Andrew Gierth) - - - - - - - Fix mis-quoting of values for list-valued GUC variables in dumps - (Michael Paquier, Tom Lane) - - - - The local_preload_libraries, - session_preload_libraries, - shared_preload_libraries, - and temp_tablespaces variables were not correctly - quoted in pg_dump output. This would - cause problems if settings for these variables appeared in - CREATE FUNCTION ... SET or ALTER - DATABASE/ROLE ... SET clauses. - - - - - - - Fix pg_recvlogical to not fail against - pre-v10 PostgreSQL servers - (Michael Paquier) - - - - A previous fix caused pg_recvlogical to - issue a command regardless of server version, but it should only be - issued to v10 and later servers. - - - - - - - Ensure that pg_rewind deletes files on the - target server if they are deleted from the source server during the - run (Takayuki Tsunakawa) - - - - Failure to do this could result in data inconsistency on the target, - particularly if the file in question is a WAL segment. - - - - - - - Fix pg_rewind to handle tables in - non-default tablespaces correctly (Takayuki Tsunakawa) - - - - - - - Fix overflow handling in PL/pgSQL - integer FOR loops (Tom Lane) - - - - The previous coding failed to detect overflow of the loop variable - on some non-gcc compilers, leading to an infinite loop. - - - - - - - Adjust PL/Python regression tests to pass - under Python 3.7 (Peter Eisentraut) - - - - - - - Support testing PL/Python and related - modules when building with Python 3 and MSVC (Andrew Dunstan) - - - - - - - Fix errors in initial build of contrib/bloom - indexes (Tomas Vondra, Tom Lane) - - - - Fix possible omission of the table's last tuple from the index. - Count the number of index tuples correctly, in case it is a partial - index. - - - - - - - Rename internal b64_encode - and b64_decode functions to avoid conflict with - Solaris 11.4 built-in functions (Rainer Orth) - - - - - - - Sync our copy of the timezone library with IANA tzcode release 2018e - (Tom Lane) - - - - This fixes the zic timezone data compiler - to cope with negative daylight-savings offsets. While - the PostgreSQL project will not - immediately ship such timezone data, zic - might be used with timezone data obtained directly from IANA, so it - seems prudent to update zic now. - - - - - - - Update time zone data files to tzdata - release 2018d for DST law changes in Palestine and Antarctica (Casey - Station), plus historical corrections for Portugal and its colonies, - as well as Enderbury, Jamaica, Turks & Caicos Islands, and - Uruguay. - - - - - - - - - - Release 10.3 - - - Release date: - 2018-03-01 - - - - This release contains a variety of fixes from 10.2. - For information about new features in major release 10, see - . - - - - Migration to Version 10.3 - - - A dump/restore is not required for those running 10.X. - - - - However, if you run an installation in which not all users are mutually - trusting, or if you maintain an application or extension that is - intended for use in arbitrary situations, it is strongly recommended - that you read the documentation changes described in the first changelog - entry below, and take suitable steps to ensure that your installation or - code is secure. - - - - Also, the changes described in the second changelog entry below may - cause functions used in index expressions or materialized views to fail - during auto-analyze, or when reloading from a dump. After upgrading, - monitor the server logs for such problems, and fix affected functions. - - - - Also, if you are upgrading from a version earlier than 10.2, - see . - - - - - Changes - - - - - - - Document how to configure installations and applications to guard - against search-path-dependent trojan-horse attacks from other users - (Noah Misch) - - - - Using a search_path setting that includes any - schemas writable by a hostile user enables that user to capture - control of queries and then run arbitrary SQL code with the - permissions of the attacked user. While it is possible to write - queries that are proof against such hijacking, it is notationally - tedious, and it's very easy to overlook holes. Therefore, we now - recommend configurations in which no untrusted schemas appear in - one's search path. Relevant documentation appears in - (for database administrators and users), - (for application authors), - (for extension authors), and - (for authors - of SECURITY DEFINER functions). - (CVE-2018-1058) - - - - - - - Avoid use of insecure search_path settings - in pg_dump and other client programs - (Noah Misch, Tom Lane) - - - - pg_dump, - pg_upgrade, - vacuumdb and - other PostgreSQL-provided applications were - themselves vulnerable to the type of hijacking described in the previous - changelog entry; since these applications are commonly run by - superusers, they present particularly attractive targets. To make them - secure whether or not the installation as a whole has been secured, - modify them to include only the pg_catalog - schema in their search_path settings. - Autovacuum worker processes now do the same, as well. - - - - In cases where user-provided functions are indirectly executed by - these programs — for example, user-provided functions in index - expressions — the tighter search_path may - result in errors, which will need to be corrected by adjusting those - user-provided functions to not assume anything about what search path - they are invoked under. That has always been good practice, but now - it will be necessary for correct behavior. - (CVE-2018-1058) - - - - - - - Prevent logical replication from trying to ship changes for - unpublishable relations (Peter Eisentraut) - - - - A publication marked FOR ALL TABLES would - incorrectly ship changes in materialized views - and information_schema tables, which are - supposed to be omitted from the change stream. - - - - - - - Fix misbehavior of concurrent-update rechecks with CTE references - appearing in subplans (Tom Lane) - - - - If a CTE (WITH clause reference) is used in an - InitPlan or SubPlan, and the query requires a recheck due to trying - to update or lock a concurrently-updated row, incorrect results could - be obtained. - - - - - - - Fix planner failures with overlapping mergejoin clauses in an outer - join (Tom Lane) - - - - These mistakes led to left and right pathkeys do not match in - mergejoin or outer pathkeys do not match - mergeclauses planner errors in corner cases. - - - - - - - Repair pg_upgrade's failure to - preserve relfrozenxid for materialized - views (Tom Lane, Andres Freund) - - - - This oversight could lead to data corruption in materialized views - after an upgrade, manifesting as could not access status of - transaction or found xmin from before - relfrozenxid errors. The problem would be more likely to - occur in seldom-refreshed materialized views, or ones that were - maintained only with REFRESH MATERIALIZED VIEW - CONCURRENTLY. - - - - If such corruption is observed, it can be repaired by refreshing the - materialized view (without CONCURRENTLY). - - - - - - - Fix incorrect pg_dump output for some - non-default sequence limit values (Alexey Bashtanov) - - - - - - - Fix pg_dump's mishandling - of STATISTICS objects (Tom Lane) - - - - An extended statistics object's schema was mislabeled in the dump's - table of contents, possibly leading to the wrong results in a - schema-selective restore. Its ownership was not correctly restored, - either. Also, change the logic so that statistics objects are - dumped/restored, or not, as independent objects rather than tying - them to the dump/restore decision for the table they are on. The - original definition could not scale to the planned future extension to - cross-table statistics. - - - - - - - Fix incorrect reporting of PL/Python function names in - error CONTEXT stacks (Tom Lane) - - - - An error occurring within a nested PL/Python function call (that is, - one reached via a SPI query from another PL/Python function) would - result in a stack trace showing the inner function's name twice, - rather than the expected results. Also, an error in a nested - PL/Python DO block could result in a null pointer - dereference crash on some platforms. - - - - - - - Allow contrib/auto_explain's - log_min_duration setting to range up - to INT_MAX, or about 24 days instead of 35 minutes - (Tom Lane) - - - - - - - Mark assorted GUC variables as PGDLLIMPORT, to - ease porting extension modules to Windows (Metin Doslu) - - - - - - - - - - Release 10.2 - - - Release date: - 2018-02-08 - - - - This release contains a variety of fixes from 10.1. - For information about new features in major release 10, see - . - - - - Migration to Version 10.2 - - - A dump/restore is not required for those running 10.X. - - - - However, - if you use contrib/cube's ~> - operator, see the entry below about that. - - - - Also, if you are upgrading from a version earlier than 10.1, - see . - - - - - Changes - - - - - - - Fix processing of partition keys containing multiple expressions - (Álvaro Herrera, David Rowley) - - - - This error led to crashes or, with carefully crafted input, disclosure - of arbitrary backend memory. - (CVE-2018-1052) - - - - - - - Ensure that all temporary files made - by pg_upgrade are non-world-readable - (Tom Lane, Noah Misch) - - - - pg_upgrade normally restricts its - temporary files to be readable and writable only by the calling user. - But the temporary file containing pg_dumpall -g - output would be group- or world-readable, or even writable, if the - user's umask setting allows. In typical usage on - multi-user machines, the umask and/or the working - directory's permissions would be tight enough to prevent problems; - but there may be people using pg_upgrade - in scenarios where this oversight would permit disclosure of database - passwords to unfriendly eyes. - (CVE-2018-1053) - - - - - - - Fix vacuuming of tuples that were updated while key-share locked - (Andres Freund, Álvaro Herrera) - - - - In some cases VACUUM would fail to remove such - tuples even though they are now dead, leading to assorted data - corruption scenarios. - - - - - - - Fix failure to mark a hash index's metapage dirty after - adding a new overflow page, potentially leading to index corruption - (Lixian Zou, Amit Kapila) - - - - - - - Ensure that vacuum will always clean up the pending-insertions list of - a GIN index (Masahiko Sawada) - - - - This is necessary to ensure that dead index entries get removed. - The old code got it backwards, allowing vacuum to skip the cleanup if - some other process were running cleanup concurrently, thus risking - invalid entries being left behind in the index. - - - - - - - Fix inadequate buffer locking in some LSN fetches (Jacob Champion, - Asim Praveen, Ashwin Agrawal) - - - - These errors could result in misbehavior under concurrent load. - The potential consequences have not been characterized fully. - - - - - - - Fix incorrect query results from cases involving flattening of - subqueries whose outputs are used in GROUPING SETS - (Heikki Linnakangas) - - - - - - - Fix handling of list partitioning constraints for partition keys of - boolean or array types (Amit Langote) - - - - - - - Avoid unnecessary failure in a query on an inheritance tree that - occurs concurrently with some child table being removed from the tree - by ALTER TABLE NO INHERIT (Tom Lane) - - - - - - - Fix spurious deadlock failures when multiple sessions are - running CREATE INDEX CONCURRENTLY (Jeff Janes) - - - - - - - During VACUUM FULL, update the table's size fields - in pg_class sooner (Amit Kapila) - - - - This prevents poor behavior when rebuilding hash indexes on the - table, since those use the pg_class - statistics to govern the initial hash size. - - - - - - - Fix - UNION/INTERSECT/EXCEPT - over zero columns (Tom Lane) - - - - - - - Disallow identity columns on typed tables and partitions - (Michael Paquier) - - - - These cases will be treated as unsupported features for now. - - - - - - - Fix assorted failures to apply the correct default value when - inserting into an identity column (Michael Paquier, Peter Eisentraut) - - - - In several contexts, notably COPY - and ALTER TABLE ADD COLUMN, the expected default - value was not applied and instead a null value was inserted. - - - - - - - Fix failures when an inheritance tree contains foreign child tables - (Etsuro Fujita) - - - - A mix of regular and foreign tables in an inheritance tree resulted in - creation of incorrect plans for UPDATE - and DELETE queries. This led to visible failures in - some cases, notably when there are row-level triggers on a foreign - child table. - - - - - - - Repair failure with correlated sub-SELECT - inside VALUES inside a LATERAL - subquery (Tom Lane) - - - - - - - Fix could not devise a query plan for the given query - planner failure for some cases involving nested UNION - ALL inside a lateral subquery (Tom Lane) - - - - - - - Allow functional dependency statistics to be used for boolean columns - (Tom Lane) - - - - Previously, although extended statistics could be declared and - collected on boolean columns, the planner failed to apply them. - - - - - - - Avoid underestimating the number of groups emitted by subqueries - containing set-returning functions in their grouping columns (Tom Lane) - - - - Cases similar to SELECT DISTINCT unnest(foo) got a - lower output rowcount estimate in 10.0 than they did in earlier - releases, possibly resulting in unfavorable plan choices. Restore the - prior estimation behavior. - - - - - - - Fix use of triggers in logical replication workers (Petr Jelinek) - - - - - - - Fix logical decoding to correctly clean up disk files for crashed - transactions (Atsushi Torikoshi) - - - - Logical decoding may spill WAL records to disk for transactions - generating many WAL records. Normally these files are cleaned up - after the transaction's commit or abort record arrives; but if - no such record is ever seen, the removal code misbehaved. - - - - - - - Fix walsender timeout failure and failure to respond to interrupts - when processing a large transaction (Petr Jelinek) - - - - - - - Fix race condition during replication origin drop that could allow the - dropping process to wait indefinitely (Tom Lane) - - - - - - - Allow members of the pg_read_all_stats role to see - walsender statistics in the pg_stat_replication - view (Feike Steenbergen) - - - - - - - Show walsenders that are sending base backups as active in - the pg_stat_activity view (Magnus Hagander) - - - - - - - Fix reporting of scram-sha-256 authentication - method in the pg_hba_file_rules view - (Michael Paquier) - - - - Previously this was printed as scram-sha256, - possibly confusing users as to the correct spelling. - - - - - - - Fix has_sequence_privilege() to - support WITH GRANT OPTION tests, - as other privilege-testing functions do (Joe Conway) - - - - - - - In databases using UTF8 encoding, ignore any XML declaration that - asserts a different encoding (Pavel Stehule, Noah Misch) - - - - We always store XML strings in the database encoding, so allowing - libxml to act on a declaration of another encoding gave wrong results. - In encodings other than UTF8, we don't promise to support non-ASCII - XML data anyway, so retain the previous behavior for bug compatibility. - This change affects only xpath() and related - functions; other XML code paths already acted this way. - - - - - - - Provide for forward compatibility with future minor protocol versions - (Robert Haas, Badrul Chowdhury) - - - - Up to now, PostgreSQL servers simply - rejected requests to use protocol versions newer than 3.0, so that - there was no functional difference between the major and minor parts - of the protocol version number. Allow clients to request versions 3.x - without failing, sending back a message showing that the server only - understands 3.0. This makes no difference at the moment, but - back-patching this change should allow speedier introduction of future - minor protocol upgrades. - - - - - - - Allow a client that supports SCRAM channel binding (such as v11 or - later libpq) to connect to a v10 server - (Michael Paquier) - - - - v10 does not have this feature, and the connection-time negotiation - about whether to use it was done incorrectly. - - - - - - - Avoid live-lock in ConditionVariableBroadcast() - (Tom Lane, Thomas Munro) - - - - Given repeatedly-unlucky timing, a process attempting to awaken all - waiters for a condition variable could loop indefinitely. Due to the - limited usage of condition variables in v10, this affects only - parallel index scans and some operations on replication slots. - - - - - - - Clean up waits for condition variables correctly during subtransaction - abort (Robert Haas) - - - - - - - Ensure that child processes that are waiting for a condition variable - will exit promptly if the postmaster process dies (Tom Lane) - - - - - - - Fix crashes in parallel queries using more than one Gather node - (Thomas Munro) - - - - - - - Fix hang in parallel index scan when processing a deleted or half-dead - index page (Amit Kapila) - - - - - - - Avoid crash if parallel bitmap heap scan is unable to allocate a - shared memory segment (Robert Haas) - - - - - - - Cope with failure to start a parallel worker process - (Amit Kapila, Robert Haas) - - - - Parallel query previously tended to hang indefinitely if a worker - could not be started, as the result of fork() - failure or other low-probability problems. - - - - - - - Avoid unnecessary failure when no parallel workers can be obtained - during parallel query startup (Robert Haas) - - - - - - - Fix collection of EXPLAIN statistics from parallel - workers (Amit Kapila, Thomas Munro) - - - - - - - Ensure that query strings passed to parallel workers are correctly - null-terminated (Thomas Munro) - - - - This prevents emitting garbage in postmaster log output from such - workers. - - - - - - - Avoid unsafe alignment assumptions when working - with __int128 (Tom Lane) - - - - Typically, compilers assume that __int128 variables are - aligned on 16-byte boundaries, but our memory allocation - infrastructure isn't prepared to guarantee that, and increasing the - setting of MAXALIGN seems infeasible for multiple reasons. Adjust the - code to allow use of __int128 only when we can tell the - compiler to assume lesser alignment. The only known symptom of this - problem so far is crashes in some parallel aggregation queries. - - - - - - - Prevent stack-overflow crashes when planning extremely deeply - nested set operations - (UNION/INTERSECT/EXCEPT) - (Tom Lane) - - - - - - - Avoid crash during an EvalPlanQual recheck of an indexscan that is the - inner child of a merge join (Tom Lane) - - - - This could only happen during an update or SELECT FOR - UPDATE of a join, when there is a concurrent update of some - selected row. - - - - - - - Fix crash in autovacuum when extended statistics are defined - for a table but can't be computed (Álvaro Herrera) - - - - - - - Fix null-pointer crashes for some types of LDAP URLs appearing - in pg_hba.conf (Thomas Munro) - - - - - - - Prevent out-of-memory failures due to excessive growth of simple hash - tables (Tomas Vondra, Andres Freund) - - - - - - - Fix sample INSTR() functions in the PL/pgSQL - documentation (Yugo Nagata, Tom Lane) - - - - These functions are stated to - be Oracle compatible, but - they weren't exactly. In particular, there was a discrepancy in the - interpretation of a negative third parameter: Oracle thinks that a - negative value indicates the last place where the target substring can - begin, whereas our functions took it as the last place where the - target can end. Also, Oracle throws an error for a zero or negative - fourth parameter, whereas our functions returned zero. - - - - The sample code has been adjusted to match Oracle's behavior more - precisely. Users who have copied this code into their applications - may wish to update their copies. - - - - - - - Fix pg_dump to make ACL (permissions), - comment, and security label entries reliably identifiable in archive - output formats (Tom Lane) - - - - The tag portion of an ACL archive entry was usually - just the name of the associated object. Make it start with the object - type instead, bringing ACLs into line with the convention already used - for comment and security label archive entries. Also, fix the - comment and security label entries for the whole database, if present, - to make their tags start with DATABASE so that they - also follow this convention. This prevents false matches in code that - tries to identify large-object-related entries by seeing if the tag - starts with LARGE OBJECT. That could have resulted - in misclassifying entries as data rather than schema, with undesirable - results in a schema-only or data-only dump. - - - - Note that this change has user-visible results in the output - of pg_restore --list. - - - - - - - Rename pg_rewind's - copy_file_range function to avoid conflict - with new Linux system call of that name (Andres Freund) - - - - This change prevents build failures with newer glibc versions. - - - - - - - In ecpg, detect indicator arrays that do - not have the correct length and report an error (David Rader) - - - - - - - Change the behavior of contrib/cube's - cube ~> int - operator to make it compatible with KNN search (Alexander Korotkov) - - - - The meaning of the second argument (the dimension selector) has been - changed to make it predictable which value is selected even when - dealing with cubes of varying dimensionalities. - - - - This is an incompatible change, but since the point of the operator - was to be used in KNN searches, it seems rather useless as-is. - After installing this update, any expression indexes or materialized - views using this operator will need to be reindexed/refreshed. - - - - - - - Avoid triggering a libc assertion - in contrib/hstore, due to use - of memcpy() with equal source and destination - pointers (Tomas Vondra) - - - - - - - Fix incorrect display of tuples' null bitmaps - in contrib/pageinspect (Maksim Milyutin) - - - - - - - Fix incorrect output from contrib/pageinspect's - hash_page_items() function (Masahiko Sawada) - - - - - - - In contrib/postgres_fdw, avoid - outer pathkeys do not match mergeclauses - planner error when constructing a plan involving a remote join - (Robert Haas) - - - - - - - In contrib/postgres_fdw, avoid planner failure - when there are duplicate GROUP BY entries - (Jeevan Chalke) - - - - - - - Provide modern examples of how to auto-start Postgres on macOS - (Tom Lane) - - - - The scripts in contrib/start-scripts/osx use - infrastructure that's been deprecated for over a decade, and which no - longer works at all in macOS releases of the last couple of years. - Add a new subdirectory contrib/start-scripts/macos - containing scripts that use the newer launchd - infrastructure. - - - - - - - Fix incorrect selection of configuration-specific libraries for - OpenSSL on Windows (Andrew Dunstan) - - - - - - - Support linking to MinGW-built versions of libperl (Noah Misch) - - - - This allows building PL/Perl with some common Perl distributions for - Windows. - - - - - - - Fix MSVC build to test whether 32-bit libperl - needs -D_USE_32BIT_TIME_T (Noah Misch) - - - - Available Perl distributions are inconsistent about what they expect, - and lack any reliable means of reporting it, so resort to a build-time - test on what the library being used actually does. - - - - - - - On Windows, install the crash dump handler earlier in postmaster - startup (Takayuki Tsunakawa) - - - - This may allow collection of a core dump for some early-startup - failures that did not produce a dump before. - - - - - - - On Windows, avoid encoding-conversion-related crashes when emitting - messages very early in postmaster startup (Takayuki Tsunakawa) - - - - - - - Use our existing Motorola 68K spinlock code on OpenBSD as - well as NetBSD (David Carlier) - - - - - - - Add support for spinlocks on Motorola 88K (David Carlier) - - - - - - - Update time zone data files to tzdata - release 2018c for DST law changes in Brazil, Sao Tome and Principe, - plus historical corrections for Bolivia, Japan, and South Sudan. - The US/Pacific-New zone has been removed (it was - only an alias for America/Los_Angeles anyway). - - - - - - - - - - Release 10.1 - - - Release date: - 2017-11-09 - - - - This release contains a variety of fixes from 10.0. - For information about new features in major release 10, see - . - - - - Migration to Version 10.1 - - - A dump/restore is not required for those running 10.X. - - - - However, if you use BRIN indexes, see the fourth changelog entry below. - - - - - Changes - - - - - - - Ensure that INSERT ... ON CONFLICT DO UPDATE checks - table permissions and RLS policies in all cases (Dean Rasheed) - - - - The update path of INSERT ... ON CONFLICT DO UPDATE - requires SELECT permission on the columns of the - arbiter index, but it failed to check for that in the case of an - arbiter specified by constraint name. - In addition, for a table with row level security enabled, it failed to - check updated rows against the table's SELECT - policies (regardless of how the arbiter index was specified). - (CVE-2017-15099) - - - - - - - Fix crash due to rowtype mismatch - in json{b}_populate_recordset() - (Michael Paquier, Tom Lane) - - - - These functions used the result rowtype specified in the FROM - ... AS clause without checking that it matched the actual - rowtype of the supplied tuple value. If it didn't, that would usually - result in a crash, though disclosure of server memory contents seems - possible as well. - (CVE-2017-15098) - - - - - - - Fix sample server-start scripts to become $PGUSER - before opening $PGLOG (Noah Misch) - - - - Previously, the postmaster log file was opened while still running as - root. The database owner could therefore mount an attack against - another system user by making $PGLOG be a symbolic - link to some other file, which would then become corrupted by appending - log messages. - - - - By default, these scripts are not installed anywhere. Users who have - made use of them will need to manually recopy them, or apply the same - changes to their modified versions. If the - existing $PGLOG file is root-owned, it will need to - be removed or renamed out of the way before restarting the server with - the corrected script. - (CVE-2017-12172) - - - - - - - Fix BRIN index summarization to handle concurrent table extension - correctly (Álvaro Herrera) - - - - Previously, a race condition allowed some table rows to be omitted from - the index. It may be necessary to reindex existing BRIN indexes to - recover from past occurrences of this problem. - - - - - - - Fix possible failures during concurrent updates of a BRIN index - (Tom Lane) - - - - These race conditions could result in errors like invalid index - offnum or inconsistent range map. - - - - - - - Prevent logical replication from setting non-replicated columns to - nulls when replicating an UPDATE (Petr Jelinek) - - - - - - - Fix logical replication to fire BEFORE ROW DELETE - triggers when expected (Masahiko Sawada) - - - - Previously, that failed to happen unless the table also had - a BEFORE ROW UPDATE trigger. - - - - - - - Fix crash when logical decoding is invoked from a SPI-using function, - in particular any function written in a PL language - (Tom Lane) - - - - - - - Ignore CTEs when looking up the target table for - INSERT/UPDATE/DELETE, - and prevent matching schema-qualified target table names to trigger - transition table names (Thomas Munro) - - - - This restores the pre-v10 behavior for CTEs attached to DML commands. - - - - - - - Avoid evaluating an aggregate function's argument expression(s) at rows - where its FILTER test fails (Tom Lane) - - - - This restores the pre-v10 (and SQL-standard) behavior. - - - - - - - Fix incorrect query results when multiple GROUPING - SETS columns contain the same simple variable (Tom Lane) - - - - - - - Fix query-lifespan memory leakage while evaluating a set-returning - function in a SELECT's target list (Tom Lane) - - - - - - - Allow parallel execution of prepared statements with generic plans - (Amit Kapila, Kuntal Ghosh) - - - - - - - Fix incorrect parallelization decisions for nested queries - (Amit Kapila, Kuntal Ghosh) - - - - - - - Fix parallel query handling to not fail when a recently-used role is - dropped (Amit Kapila) - - - - - - - Fix crash in parallel execution of a bitmap scan having a BitmapAnd - plan node below a BitmapOr node (Dilip Kumar) - - - - - - - Fix json_build_array(), - json_build_object(), and their jsonb - equivalents to handle explicit VARIADIC arguments - correctly (Michael Paquier) - - - - - - - Fix autovacuum's work item logic to prevent possible - crashes and silent loss of work items (Álvaro Herrera) - - - - - - - Fix corner-case crashes when columns have been added to the end of a - view (Tom Lane) - - - - - - - Record proper dependencies when a view or rule - contains FieldSelect - or FieldStore expression nodes (Tom Lane) - - - - Lack of these dependencies could allow a column or data - type DROP to go through when it ought to fail, - thereby causing later uses of the view or rule to get errors. - This patch does not do anything to protect existing views/rules, - only ones created in the future. - - - - - - - Correctly detect hashability of range data types (Tom Lane) - - - - The planner mistakenly assumed that any range type could be hashed - for use in hash joins or hash aggregation, but actually it must check - whether the range's subtype has hash support. This does not affect any - of the built-in range types, since they're all hashable anyway. - - - - - - - Correctly ignore RelabelType expression nodes - when examining functional-dependency statistics (David Rowley) - - - - This allows, e.g., extended statistics on varchar columns - to be used properly. - - - - - - - Prevent sharing transition states between ordered-set aggregates - (David Rowley) - - - - This causes a crash with the built-in ordered-set aggregates, and - probably with user-written ones as well. v11 and later will include - provisions for dealing with such cases safely, but in released - branches, just disable the optimization. - - - - - - - Prevent idle_in_transaction_session_timeout from - being ignored when a statement_timeout occurred - earlier (Lukas Fittl) - - - - - - - Fix low-probability loss of NOTIFY messages due to - XID wraparound (Marko Tiikkaja, Tom Lane) - - - - If a session executed no queries, but merely listened for - notifications, for more than 2 billion transactions, it started to miss - some notifications from concurrently-committing transactions. - - - - - - - Reduce the frequency of data flush requests during bulk file copies to - avoid performance problems on macOS, particularly with its new APFS - file system (Tom Lane) - - - - - - - Allow COPY's FREEZE option to - work when the transaction isolation level is REPEATABLE - READ or higher (Noah Misch) - - - - This case was unintentionally broken by a previous bug fix. - - - - - - - Fix AggGetAggref() to return the - correct Aggref nodes to aggregate final - functions whose transition calculations have been merged (Tom Lane) - - - - - - - Fix insufficient schema-qualification in some new queries - in pg_dump - and psql - (Vitaly Burovoy, Tom Lane, Noah Misch) - - - - - - - Avoid use of @> operator - in psql's queries for \d - (Tom Lane) - - - - This prevents problems when the parray_gin - extension is installed, since that defines a conflicting operator. - - - - - - - Fix pg_basebackup's matching of tablespace - paths to canonicalize both paths before comparing (Michael Paquier) - - - - This is particularly helpful on Windows. - - - - - - - Fix libpq to not require user's home - directory to exist (Tom Lane) - - - - In v10, failure to find the home directory while trying to - read ~/.pgpass was treated as a hard error, - but it should just cause that file to not be found. Both v10 and - previous release branches made the same mistake when - reading ~/.pg_service.conf, though this was less - obvious since that file is not sought unless a service name is - specified. - - - - - - - In ecpglib, correctly handle backslashes in string literals depending - on whether standard_conforming_strings is set - (Tsunakawa Takayuki) - - - - - - - Make ecpglib's Informix-compatibility mode ignore fractional digits in - integer input strings, as expected (Gao Zengqi, Michael Meskes) - - - - - - - Fix missing temp-install prerequisites - for check-like Make targets (Noah Misch) - - - - Some non-default test procedures that are meant to work - like make check failed to ensure that the temporary - installation was up to date. - - - - - - - Update time zone data files to tzdata - release 2017c for DST law changes in Fiji, Namibia, Northern Cyprus, - Sudan, Tonga, and Turks & Caicos Islands, plus historical - corrections for Alaska, Apia, Burma, Calcutta, Detroit, Ireland, - Namibia, and Pago Pago. - - - - - - - In the documentation, restore HTML anchors to being upper-case strings - (Peter Eisentraut) - - - - Due to a toolchain change, the 10.0 user manual had lower-case strings - for intrapage anchors, thus breaking some external links into our - website documentation. Return to our previous convention of using - upper-case strings. - - - - - - - - - - Release 10 - - - Release date: - 2017-10-05 - - - - Overview - - - Major enhancements in PostgreSQL 10 include: - - - - - - - Logical replication using publish/subscribe - Declarative table partitioning - Improved query parallelism - Significant general performance improvements - Stronger password authentication based on SCRAM-SHA-256 - Improved monitoring and control - - - - The above items are explained in more detail in the sections below. - - - - - - - Migration to Version 10 - - - A dump/restore using , or use of , is required for those wishing to migrate data - from any previous release. - - - - Version 10 contains a number of changes that may affect compatibility - with previous releases. Observe the following incompatibilities: - - - - - - - - Hash indexes must be rebuilt after pg_upgrade-ing - from any previous major PostgreSQL version (Mithun - Cy, Robert Haas, Amit Kapila) - - - - Major hash index improvements necessitated this requirement. - pg_upgrade will create a script to assist with this. - - - - - - - Rename write-ahead log directory pg_xlog - to pg_wal, and rename transaction - status directory pg_clog to pg_xact - (Michael Paquier) - - - - Users have occasionally thought that these directories contained only - inessential log files, and proceeded to remove write-ahead log files - or transaction status files manually, causing irrecoverable data - loss. These name changes are intended to discourage such errors in - future. - - - - - - - Rename SQL functions, tools, and options that reference - xlog to wal (Robert Haas) - - - - For example, pg_switch_xlog() becomes - pg_switch_wal(), pg_receivexlog - becomes pg_receivewal, and - becomes . This is for consistency with the - change of the pg_xlog directory name; in general, - the xlog terminology is no longer used in any user-facing - places. - - - - - - - Rename WAL-related functions and views to use lsn - instead of location (David Rowley) - - - - There was previously an inconsistent mixture of the two terminologies. - - - - - - - Change the implementation of set-returning functions appearing in - a query's SELECT list (Andres Freund) - - - - Set-returning functions are now evaluated before evaluation of scalar - expressions in the SELECT list, much as though they had - been placed in a LATERAL FROM-clause item. This allows - saner semantics for cases where multiple set-returning functions are - present. If they return different numbers of rows, the shorter results - are extended to match the longest result by adding nulls. Previously - the results were cycled until they all terminated at the same time, - producing a number of rows equal to the least common multiple of the - functions' periods. In addition, set-returning functions are now - disallowed within CASE and COALESCE constructs. - For more information - see . - - - - - - - Use standard row constructor syntax in UPDATE ... SET - (column_list) = row_constructor - (Tom Lane) - - - - The row_constructor can now begin with the - keyword ROW; previously that had to be omitted. - If just one column name appears in - the column_list, then - the row_constructor now must use - the ROW keyword, since otherwise it is not a valid - row constructor but just a parenthesized expression. - Also, an occurrence - of table_name.* within - the row_constructor is now expanded into - multiple columns, as occurs in other uses - of row_constructors. - - - - - - - When ALTER TABLE ... ADD PRIMARY KEY marks - columns NOT NULL, that change now propagates to - inheritance child tables as well (Michael Paquier) - - - - - - - Prevent statement-level triggers from firing more than once per - statement (Tom Lane) - - - - Cases involving writable CTEs updating the same table updated by the - containing statement, or by another writable CTE, fired BEFORE - STATEMENT or AFTER STATEMENT triggers more than once. - Also, if there were statement-level triggers on a table affected by a - foreign key enforcement action (such as ON DELETE CASCADE), - they could fire more than once per outer SQL statement. This is - contrary to the SQL standard, so change it. - - - - - - - Move sequences' metadata fields into a new pg_sequence - system catalog (Peter Eisentraut) - - - - A sequence relation now stores only the fields that can be modified - by nextval(), that - is last_value, log_cnt, - and is_called. Other sequence properties, such as - the starting value and increment, are kept in a corresponding row of - the pg_sequence catalog. - ALTER SEQUENCE updates are now fully transactional, - implying that the sequence is locked until commit. - The nextval() and setval() functions - remain nontransactional. - - - - The main incompatibility introduced by this change is that selecting - from a sequence relation now returns only the three fields named - above. To obtain the sequence's other properties, applications must - look into pg_sequence. The new system - view pg_sequences - can also be used for this purpose; it provides column names that are - more compatible with existing code. - - - - Also, sequences created for SERIAL columns now generate - positive 32-bit wide values, whereas previous versions generated 64-bit - wide values. This has no visible effect if the values are only stored in - a column. - - - - The output of psql's \d command for a - sequence has been redesigned, too. - - - - - - - Make stream the - WAL needed to restore the backup by default (Magnus - Hagander) - - - - This changes pg_basebackup's - / default to stream. - An option value none has been added to reproduce the old - behavior. The pg_basebackup option - has been removed (instead, use -X fetch). - - - - - - - Change how logical replication - uses pg_hba.conf - (Peter Eisentraut) - - - - In previous releases, a logical replication connection required - the replication keyword in the database column. As - of this release, logical replication matches a normal entry with a - database name or keywords such as all. Physical - replication continues to use the replication keyword. - Since built-in logical replication is new in this release, this - change only affects users of third-party logical replication plugins. - - - - - - - Make all actions wait - for completion by default (Peter Eisentraut) - - - - Previously some pg_ctl actions didn't wait for - completion, and required the use of to do so. - - - - - - - Change the default value of the - server parameter from pg_log to log - (Andreas Karlsson) - - - - - - - Add configuration option to - specify file name for custom OpenSSL DH parameters (Heikki Linnakangas) - - - - This replaces the hardcoded, undocumented file - name dh1024.pem. Note that dh1024.pem is - no longer examined by default; you must set this option if you want - to use custom DH parameters. - - - - - - - Increase the size of the default DH parameters used for OpenSSL - ephemeral DH ciphers to 2048 bits (Heikki Linnakangas) - - - - The size of the compiled-in DH parameters has been increased from - 1024 to 2048 bits, making DH key exchange more resistant to - brute-force attacks. However, some old SSL implementations, notably - some revisions of Java Runtime Environment version 6, will not accept - DH parameters longer than 1024 bits, and hence will not be able to - connect over SSL. If it's necessary to support such old clients, you - can use custom 1024-bit DH parameters instead of the compiled-in - defaults. See . - - - - - - - Remove the ability to store unencrypted passwords on the server - (Heikki Linnakangas) - - - - The server parameter - no longer supports off or plain. - The UNENCRYPTED option is no longer supported in - CREATE/ALTER USER ... PASSWORD. Similarly, the - option has been removed - from createuser. Unencrypted passwords migrated from - older versions will be stored encrypted in this release. The default - setting for password_encryption is still - md5. - - - - - - - Add - and server - parameters to control parallel queries (Amit Kapila, Robert Haas) - - - - These replace min_parallel_relation_size, which was - found to be too generic. - - - - - - - Don't downcase unquoted text - within and related - server parameters (QL Zhuo) - - - - These settings are really lists of file names, but they were - previously treated as lists of SQL identifiers, which have different - parsing rules. - - - - - - - Remove sql_inheritance server parameter (Robert Haas) - - - - Changing this setting from the default value caused queries referencing - parent tables to not include child tables. The SQL - standard requires them to be included, however, and this has been the - default since PostgreSQL 7.1. - - - - - - - Allow multi-dimensional arrays to be passed into PL/Python functions, - and returned as nested Python lists (Alexey Grishchenko, Dave Cramer, - Heikki Linnakangas) - - - - This feature requires a backwards-incompatible change to the handling - of arrays of composite types in PL/Python. Previously, you could - return an array of composite values by writing, e.g., [[col1, - col2], [col1, col2]]; but now that is interpreted as a - two-dimensional array. Composite types in arrays must now be written - as Python tuples, not lists, to resolve the ambiguity; that is, - write [(col1, col2), (col1, col2)] instead. - - - - - - - Remove PL/Tcl's module auto-loading facility (Tom Lane) - - - - This functionality has been replaced by new server - parameters - and , which are easier to use - and more similar to features available in other PLs. - - - - - - - Remove pg_dump/pg_dumpall support - for dumping from pre-8.0 servers (Tom Lane) - - - - Users needing to dump from pre-8.0 servers will need to use dump - programs from PostgreSQL 9.6 or earlier. The - resulting output should still load successfully into newer servers. - - - - - - - Remove support for floating-point timestamps and intervals (Tom Lane) - - - - This removes configure's - option. Floating-point timestamps have few advantages and have not - been the default since PostgreSQL 8.3. - - - - - - - Remove server support for client/server protocol version 1.0 (Tom Lane) - - - - This protocol hasn't had client support - since PostgreSQL 6.3. - - - - - - - Remove contrib/tsearch2 module (Robert Haas) - - - - This module provided compatibility with the version of full text - search that shipped in pre-8.3 PostgreSQL releases. - - - - - - - Remove createlang and droplang - command-line applications (Peter Eisentraut) - - - - These had been deprecated since PostgreSQL 9.1. - Instead, use CREATE EXTENSION and DROP - EXTENSION directly. - - - - - - - Remove support for version-0 function calling conventions (Andres - Freund) - - - - Extensions providing C-coded functions must now conform to version 1 - calling conventions. Version 0 has been deprecated since 2001. - - - - - - - - - Changes - - - Below you will find a detailed account of the changes between - PostgreSQL 10 and the previous major - release. - - - - Server - - - Parallel Queries - - - - - - - Support parallel B-tree index scans (Rahila Syed, Amit Kapila, - Robert Haas, Rafia Sabih) - - - - This change allows B-tree index pages to be searched by separate - parallel workers. - - - - - - - Support parallel bitmap heap scans (Dilip Kumar) - - - - This allows a single index scan to dispatch parallel workers to - process different areas of the heap. - - - - - - - Allow merge joins to be performed in parallel (Dilip Kumar) - - - - - - - Allow non-correlated subqueries to be run in parallel (Amit Kapila) - - - - - - - Improve ability of parallel workers to return pre-sorted data - (Rushabh Lathia) - - - - - - - Increase parallel query usage in procedural language functions - (Robert Haas, Rafia Sabih) - - - - - - - Add server parameter - to limit the number of worker processes that can be used for - query parallelism (Julien Rouhaud) - - - - This parameter can be set lower than to reserve worker processes - for purposes other than parallel queries. - - - - - - - Enable parallelism by default by changing the default setting - of to - 2. - - - - - - - - - Indexes - - - - - - - Add write-ahead logging support to hash indexes (Amit Kapila) - - - - This makes hash indexes crash-safe and replicatable. - The former warning message about their use is removed. - - - - - - - Improve hash index performance (Amit Kapila, Mithun Cy, Ashutosh - Sharma) - - - - - - - Add SP-GiST index support for INET and - CIDR data types (Emre Hasegeli) - - - - - - - Add option to allow BRIN index summarization to happen - more aggressively (Álvaro Herrera) - - - - A new CREATE - INDEX option enables auto-summarization of the - previous BRIN page range when a new page - range is created. - - - - - - - Add functions to remove and re-add BRIN - summarization for BRIN index ranges (Álvaro - Herrera) - - - - The new SQL function brin_summarize_range() - updates BRIN index summarization for a specified - range and brin_desummarize_range() removes it. - This is helpful to update summarization of a range that is now - smaller due to UPDATEs and DELETEs. - - - - - - - Improve accuracy in determining if a BRIN index scan - is beneficial (David Rowley, Emre Hasegeli) - - - - - - - Allow faster GiST inserts and updates by reusing - index space more efficiently (Andrey Borodin) - - - - - - - Reduce page locking during vacuuming of GIN indexes - (Andrey Borodin) - - - - - - - - - - Locking - - - - - - - Reduce locking required to change table parameters (Simon Riggs, - Fabrízio Mello) - - - - For example, changing a table's setting can now be done - with a more lightweight lock. - - - - - - - Allow tuning of predicate lock promotion thresholds (Dagfinn - Ilmari Mannsåker) - - - - Lock promotion can now be controlled through two new server - parameters, and - . - - - - - - - - - Optimizer - - - - - - - Add multi-column optimizer statistics to compute the correlation - ratio and number of distinct values (Tomas Vondra, David Rowley, - Álvaro Herrera) - - - - New commands are CREATE STATISTICS, - ALTER STATISTICS, and - DROP STATISTICS. - This feature is helpful in estimating query memory usage and when - combining the statistics from individual columns. - - - - - - - Improve performance of queries affected by row-level security - restrictions (Tom Lane) - - - - The optimizer now has more knowledge about where it can place RLS - filter conditions, allowing better plans to be generated while still - enforcing the RLS conditions safely. - - - - - - - - - General Performance - - - - - - - Speed up aggregate functions that calculate a running sum - using numeric-type arithmetic, including some variants - of SUM(), AVG(), - and STDDEV() (Heikki Linnakangas) - - - - - - - Improve performance of character encoding conversions by - using radix trees (Kyotaro Horiguchi, Heikki Linnakangas) - - - - - - - Reduce expression evaluation overhead during query execution, - as well as plan node calling overhead (Andres Freund) - - - - This is particularly helpful for queries that process many rows. - - - - - - - Allow hashed aggregation to be used with grouping sets (Andrew - Gierth) - - - - - - - Use uniqueness guarantees to optimize certain join types (David - Rowley) - - - - - - - Improve sort performance of the macaddr data type (Brandur Leach) - - - - - - - Reduce statistics tracking overhead in sessions that reference - many thousands of relations (Aleksander Alekseev) - - - - - - - - - Monitoring - - - - - - - Allow explicit control - over EXPLAIN's display - of planning and execution time (Ashutosh Bapat) - - - - By default planning and execution time are displayed by - EXPLAIN ANALYZE and are not displayed in other cases. - The new EXPLAIN option SUMMARY allows - explicit control of this. - - - - - - - Add default monitoring roles (Dave Page) - - - - New roles pg_monitor, pg_read_all_settings, - pg_read_all_stats, and pg_stat_scan_tables - allow simplified permission configuration. - - - - - - - Properly update the statistics collector during REFRESH MATERIALIZED - VIEW (Jim Mlodgenski) - - - - - - - Logging - - - - - - - Change the default value of - to include current timestamp (with milliseconds) and the process ID - in each line of postmaster log output (Christoph Berg) - - - - The previous default was an empty prefix. - - - - - - - Add functions to return the log and WAL directory - contents (Dave Page) - - - - The new functions - are pg_ls_logdir() - and pg_ls_waldir() - and can be executed by non-superusers with the proper - permissions. - - - - - - - Add function pg_current_logfile() - to read logging collector's current stderr and csvlog output file names - (Gilles Darold) - - - - - - - Report the address and port number of each listening socket - in the server log during postmaster startup (Tom Lane) - - - - Also, when logging failure to bind a listening socket, include - the specific address we attempted to bind to. - - - - - - - Reduce log chatter about the starting and stopping of launcher - subprocesses (Tom Lane) - - - - These are now DEBUG1-level messages. - - - - - - - Reduce message verbosity of lower-numbered debug levels - controlled by - (Robert Haas) - - - - This also changes the verbosity of debug levels. - - - - - - - - - <link linkend="pg-stat-activity-view"><structname>pg_stat_activity</structname></link> - - - - - - - Add pg_stat_activity reporting of low-level wait - states (Michael Paquier, Robert Haas, Rushabh Lathia) - - - - This change enables reporting of numerous low-level wait conditions, - including latch waits, file reads/writes/fsyncs, client reads/writes, - and synchronous replication. - - - - - - - Show auxiliary processes, background workers, and walsender - processes in pg_stat_activity (Kuntal Ghosh, - Michael Paquier) - - - - This simplifies monitoring. A new - column backend_type identifies the process type. - - - - - - - Allow pg_stat_activity to show the SQL query - being executed by parallel workers (Rafia Sabih) - - - - - - - Rename - pg_stat_activity.wait_event_type - values LWLockTranche and - LWLockNamed to LWLock (Robert Haas) - - - - This makes the output more consistent. - - - - - - - - - - <acronym>Authentication</acronym> - - - - - - - Add SCRAM-SHA-256 - support for password negotiation and storage (Michael Paquier, - Heikki Linnakangas) - - - - This provides better security than the existing md5 - negotiation and storage method. - - - - - - - Change the server parameter - from boolean to enum (Michael Paquier) - - - - This was necessary to support additional password hashing options. - - - - - - - Add view pg_hba_file_rules - to display the contents of pg_hba.conf (Haribabu - Kommi) - - - - This shows the file contents, not the currently active settings. - - - - - - - Support multiple RADIUS servers (Magnus Hagander) - - - - All the RADIUS related parameters are now plural and - support a comma-separated list of servers. - - - - - - - - - Server Configuration - - - - - - - Allow SSL configuration to be updated during - configuration reload (Andreas Karlsson, Tom Lane) - - - - This allows SSL to be reconfigured without a server - restart, by using pg_ctl reload, SELECT - pg_reload_conf(), or sending a SIGHUP signal. - However, reloading the SSL configuration does not work - if the server's SSL key requires a passphrase, as there - is no way to re-prompt for the passphrase. The original - configuration will apply for the life of the postmaster in that - case. - - - - - - - Make the maximum value of effectively unlimited - (Jim Nasby) - - - - - - - - - Reliability - - - - - - - After creating or unlinking files, perform an fsync on their parent - directory (Michael Paquier) - - - - This reduces the risk of data loss after a power failure. - - - - - - - <link linkend="wal">Write-Ahead Log</link> (<acronym>WAL</acronym>) - - - - - - - Prevent unnecessary checkpoints and WAL archiving on - otherwise-idle systems (Michael Paquier) - - - - - - - Add server parameter - to add details to WAL that can be sanity-checked on - the standby (Kuntal Ghosh, Robert Haas) - - - - Any sanity-check failure generates a fatal error on the standby. - - - - - - - Increase the maximum configurable WAL segment size - to one gigabyte (Beena Emerson) - - - - A larger WAL segment size allows for fewer - invocations and fewer - WAL files to manage. - - - - - - - - - - - - - Replication and Recovery - - - - - - - Add the ability to logically - replicate tables to standby servers (Petr Jelinek) - - - - Logical replication allows more flexibility than physical - replication does, including replication between different major - versions of PostgreSQL and selective - replication. - - - - - - - Allow waiting for commit acknowledgment from standby - servers irrespective of the order they appear in (Masahiko Sawada) - - - - Previously the server always waited for the active standbys that - appeared first in synchronous_standby_names. The new - synchronous_standby_names keyword ANY allows - waiting for any number of standbys irrespective of their ordering. - This is known as quorum commit. - - - - - - - Reduce configuration changes necessary to perform streaming backup - and replication (Magnus Hagander, Dang Minh Huong) - - - - Specifically, the defaults were changed for , , - , and to make them suitable for these usages - out-of-the-box. - - - - - - - Enable replication from localhost connections by default in - pg_hba.conf - (Michael Paquier) - - - - Previously pg_hba.conf's replication connection - lines were commented out by default. This is particularly useful for - . - - - - - - - Add columns to pg_stat_replication - to report replication delay times (Thomas Munro) - - - - The new columns are write_lag, - flush_lag, and replay_lag. - - - - - - - Allow specification of the recovery stopping point by Log Sequence - Number (LSN) in - recovery.conf - (Michael Paquier) - - - - Previously the stopping point could only be selected by timestamp or - XID. - - - - - - - Allow users to disable pg_stop_backup()'s - waiting for all WAL to be archived (David Steele) - - - - An optional second argument to pg_stop_backup() - controls that behavior. - - - - - - - Allow creation of temporary replication slots - (Petr Jelinek) - - - - Temporary slots are automatically removed on session exit or error. - - - - - - - Improve performance of hot standby replay with better tracking of - Access Exclusive locks (Simon Riggs, David Rowley) - - - - - - - Speed up two-phase commit recovery performance (Stas Kelvich, - Nikhil Sontakke, Michael Paquier) - - - - - - - - - Queries - - - - - - - Add XMLTABLE - function that converts XML-formatted data into a row set - (Pavel Stehule, Álvaro Herrera) - - - - - - - Fix regular expressions' character class handling for large character - codes, particularly Unicode characters above U+7FF - (Tom Lane) - - - - Previously, such characters were never recognized as belonging to - locale-dependent character classes such as [[:alpha:]]. - - - - - - - - - Utility Commands - - - - - - - Add table partitioning - syntax that automatically creates partition constraints and - handles routing of tuple insertions and updates (Amit Langote) - - - - The syntax supports range and list partitioning. - - - - - - - Add AFTER trigger - transition tables to record changed rows (Kevin Grittner, Thomas - Munro) - - - - Transition tables are accessible from triggers written in - server-side languages. - - - - - - - Allow restrictive row-level - security policies (Stephen Frost) - - - - Previously all security policies were permissive, meaning that any - matching policy allowed access. A restrictive policy must - match for access to be granted. These policy types can be combined. - - - - - - - When creating a foreign-key constraint, check - for REFERENCES permission on only the referenced table - (Tom Lane) - - - - Previously REFERENCES permission on the referencing - table was also required. This appears to have stemmed from a - misreading of the SQL standard. Since creating a foreign key (or - any other type of) constraint requires ownership privilege on the - constrained table, additionally requiring REFERENCES - permission seems rather pointless. - - - - - - - Allow default - permissions on schemas (Matheus Oliveira) - - - - This is done using the ALTER DEFAULT PRIVILEGES command. - - - - - - - Add CREATE SEQUENCE - AS command to create a sequence matching an integer data type - (Peter Eisentraut) - - - - This simplifies the creation of sequences matching the range of - base columns. - - - - - - - Allow COPY view - FROM source on views with INSTEAD - INSERT triggers (Haribabu Kommi) - - - - The triggers are fed the data rows read by COPY. - - - - - - - Allow the specification of a function name without arguments in - DDL commands, if it is unique (Peter Eisentraut) - - - - For example, allow DROP - FUNCTION on a function name without arguments if there - is only one function with that name. This behavior is required by the - SQL standard. - - - - - - - Allow multiple functions, operators, and aggregates to be dropped - with a single DROP command (Peter Eisentraut) - - - - - - - Support IF NOT EXISTS - in CREATE SERVER, - CREATE USER MAPPING, - and CREATE COLLATION - (Anastasia Lubennikova, Peter Eisentraut) - - - - - - - Make VACUUM VERBOSE report - the number of skipped frozen pages and oldest xmin (Masahiko - Sawada, Simon Riggs) - - - - This information is also included in output. - - - - - - - Improve speed of VACUUM's removal of trailing empty - heap pages (Claudio Freire, Álvaro Herrera) - - - - - - - - - Data Types - - - - - - - Add full text search support for JSON and JSONB - (Dmitry Dolgov) - - - - The functions ts_headline() and - to_tsvector() can now be used on these data types. - - - - - - - Add support for EUI-64 MAC addresses, as a - new data type macaddr8 - (Haribabu Kommi) - - - - This complements the existing support - for EUI-48 MAC addresses - (type macaddr). - - - - - - - Add identity columns for - assigning a numeric value to columns on insert (Peter Eisentraut) - - - - These are similar to SERIAL columns, but are - SQL standard compliant. - - - - - - - Allow ENUM values to be - renamed (Dagfinn Ilmari Mannsåker) - - - - This uses the syntax ALTER - TYPE ... RENAME VALUE. - - - - - - - Properly treat array pseudotypes - (anyarray) as arrays in to_json() - and to_jsonb() (Andrew Dunstan) - - - - Previously columns declared as anyarray (particularly those - in the pg_stats view) were converted to JSON - strings rather than arrays. - - - - - - - Add operators for multiplication and division - of money values - with int8 values (Peter Eisentraut) - - - - Previously such cases would result in converting the int8 - values to float8 and then using - the money-and-float8 operators. The new behavior - avoids possible precision loss. But note that division - of money by int8 now truncates the quotient, like - other integer-division cases, while the previous behavior would have - rounded. - - - - - - - Check for overflow in the money type's input function - (Peter Eisentraut) - - - - - - - - - Functions - - - - - - - Add simplified regexp_match() - function (Emre Hasegeli) - - - - This is similar to regexp_matches(), but it only - returns results from the first match so it does not need to return a - set, making it easier to use for simple cases. - - - - - - - Add a version of jsonb's delete operator that takes - an array of keys to delete (Magnus Hagander) - - - - - - - Make json_populate_record() - and related functions process JSON arrays and objects recursively - (Nikita Glukhov) - - - - With this change, array-type fields in the destination SQL type are - properly converted from JSON arrays, and composite-type fields are - properly converted from JSON objects. Previously, such cases would - fail because the text representation of the JSON value would be fed - to array_in() or record_in(), and its - syntax would not match what those input functions expect. - - - - - - - Add function txid_current_if_assigned() - to return the current transaction ID or NULL if no - transaction ID has been assigned (Craig Ringer) - - - - This is different from txid_current(), - which always returns a transaction ID, assigning one if necessary. - Unlike that function, this function can be run on standby servers. - - - - - - - Add function txid_status() - to check if a transaction was committed (Craig Ringer) - - - - This is useful for checking after an abrupt disconnection whether - your previous transaction committed and you just didn't receive - the acknowledgment. - - - - - - - Allow make_date() - to interpret negative years as BC years (Álvaro - Herrera) - - - - - - - Make to_timestamp() - and to_date() reject - out-of-range input fields (Artur Zakirov) - - - - For example, - previously to_date('2009-06-40','YYYY-MM-DD') was - accepted and returned 2009-07-10. It will now generate - an error. - - - - - - - - - Server-Side Languages - - - - - - - Allow PL/Python's cursor() and execute() - functions to be called as methods of their plan-object arguments - (Peter Eisentraut) - - - - This allows a more object-oriented programming style. - - - - - - - Allow PL/pgSQL's GET DIAGNOSTICS statement to retrieve - values into array elements (Tom Lane) - - - - Previously, a syntactic restriction prevented the target variable - from being an array element. - - - - - - - <link linkend="pltcl">PL/Tcl</link> - - - - - - - Allow PL/Tcl functions to return composite types and sets - (Karl Lehenbauer) - - - - - - - Add a subtransaction command to PL/Tcl (Victor Wagner) - - - - This allows PL/Tcl queries to fail without aborting the entire - function. - - - - - - - Add server parameters - and , to allow initialization - functions to be called on PL/Tcl startup (Tom Lane) - - - - - - - - - - Client Interfaces - - - - - - - Allow specification of multiple - host names or addresses in libpq connection strings and URIs - (Robert Haas, Heikki Linnakangas) - - - - libpq will connect to the first responsive server in the list. - - - - - - - Allow libpq connection strings and URIs to request a read/write host, - that is a master server rather than a standby server - (Victor Wagner, Mithun Cy) - - - - This is useful when multiple host names are - specified. It is controlled by libpq connection parameter - . - - - - - - - Allow the password file name - to be specified as a libpq connection parameter (Julian Markwort) - - - - Previously this could only be specified via an environment variable. - - - - - - - Add function PQencryptPasswordConn() - to allow creation of more types of encrypted passwords on the - client side (Michael Paquier, Heikki Linnakangas) - - - - Previously only MD5-encrypted passwords could be created - using PQencryptPassword(). - This new function can also create SCRAM-SHA-256-encrypted - passwords. - - - - - - - Change ecpg preprocessor version from 4.12 to 10 - (Tom Lane) - - - - Henceforth the ecpg version will match - the PostgreSQL distribution version number. - - - - - - - - - Client Applications - - - <xref linkend="app-psql"/> - - - - - - - Add conditional branch support to psql (Corey - Huinker) - - - - This feature adds psql - meta-commands \if, \elif, \else, - and \endif. This is primarily helpful for scripting. - - - - - - - Add psql \gx meta-command to execute - (\g) a query in expanded mode (\x) - (Christoph Berg) - - - - - - - Expand psql variable references in - backtick-executed strings (Tom Lane) - - - - This is particularly useful in the new psql - conditional branch commands. - - - - - - - Prevent psql's special variables from being set to - invalid values (Daniel Vérité, Tom Lane) - - - - Previously, setting one of psql's special variables - to an invalid value silently resulted in the default behavior. - \set on a special variable now fails if the proposed - new value is invalid. As a special exception, \set - with an empty or omitted new value, on a boolean-valued special - variable, still has the effect of setting the variable - to on; but now it actually acquires that value rather - than an empty string. \unset on a special variable now - explicitly sets the variable to its default value, which is also - the value it acquires at startup. In sum, a control variable now - always has a displayable value that reflects - what psql is actually doing. - - - - - - - Add variables showing server version and psql version - (Fabien Coelho) - - - - - - - Improve psql's \d (display relation) - and \dD (display domain) commands to show collation, - nullable, and default properties in separate columns (Peter - Eisentraut) - - - - Previously they were shown in a single Modifiers column. - - - - - - - Make the various \d commands handle no-matching-object - cases more consistently (Daniel Gustafsson) - - - - They now all print the message about that to stderr, not stdout, - and the message wording is more consistent. - - - - - - - Improve psql's tab completion (Jeff Janes, - Ian Barwick, Andreas Karlsson, Sehrope Sarkuni, Thomas Munro, - Kevin Grittner, Dagfinn Ilmari Mannsåker) - - - - - - - - - <xref linkend="pgbench"/> - - - - - - - Add pgbench option to - control the log file prefix (Masahiko Sawada) - - - - - - - Allow pgbench's meta-commands to span multiple - lines (Fabien Coelho) - - - - A meta-command can now be continued onto the next line by writing - backslash-return. - - - - - - - Remove restriction on placement of option relative to - other command line options (Tom Lane) - - - - - - - - - - - Server Applications - - - - - - - Add pg_receivewal - option / to specify compression - (Michael Paquier) - - - - - - - Add pg_recvlogical option - to specify the ending position (Craig Ringer) - - - - This complements the existing option. - - - - - - - Rename initdb - options and to be spelled - and (Vik Fearing, - Peter Eisentraut) - - - - The old spellings are still supported. - - - - - - - <link linkend="app-pgdump"><application>pg_dump</application></link>, - <link linkend="app-pg-dumpall"><application>pg_dumpall</application></link>, - <link linkend="app-pgrestore"><application>pg_restore</application></link> - - - - - - - Allow pg_restore to exclude schemas (Michael Banck) - - - - This adds a new / option. - - - - - - - Add option to - pg_dump (Guillaume Lelarge) - - - - This suppresses dumping of large objects. - - - - - - - Add pg_dumpall option - to omit role passwords - (Robins Tharakan, Simon Riggs) - - - - This allows use of pg_dumpall by non-superusers; - without this option, it fails due to inability to read passwords. - - - - - - - Support using synchronized snapshots when dumping from a standby - server (Petr Jelinek) - - - - - - - Issue fsync() on the output files generated by - pg_dump and - pg_dumpall (Michael Paquier) - - - - This provides more security that the output is safely stored on - disk before the program exits. This can be disabled with - the new option. - - - - - - - - - - <xref linkend="app-pgbasebackup"/> - - - - - - - Allow pg_basebackup to stream write-ahead log in - tar mode (Magnus Hagander) - - - - The WAL will be stored in a separate tar file from - the base backup. - - - - - - - Make pg_basebackup use temporary replication slots - (Magnus Hagander) - - - - Temporary replication slots will be used by default when - pg_basebackup uses WAL streaming with default - options. - - - - - - - Be more careful about fsync'ing in all required places - in pg_basebackup and - pg_receivewal (Michael Paquier) - - - - - - - Add pg_basebackup option to - disable fsync (Michael Paquier) - - - - - - - Improve pg_basebackup's handling of which - directories to skip (David Steele) - - - - - - - - - <application><xref linkend="app-pg-ctl"/></application> - - - - - - - Add wait option for 's - promote operation (Peter Eisentraut) - - - - - - - Add long options for pg_ctl wait () - and no-wait () (Vik Fearing) - - - - - - - Add long option for pg_ctl server options - () (Peter Eisentraut) - - - - - - - Make pg_ctl start --wait detect server-ready by - watching postmaster.pid, not by attempting connections - (Tom Lane) - - - - The postmaster has been changed to report its ready-for-connections - status in postmaster.pid, and pg_ctl - now examines that file to detect whether startup is complete. - This is more efficient and reliable than the old method, and it - eliminates postmaster log entries about rejected connection - attempts during startup. - - - - - - - Reduce pg_ctl's reaction time when waiting for - postmaster start/stop (Tom Lane) - - - - pg_ctl now probes ten times per second when waiting - for a postmaster state change, rather than once per second. - - - - - - - Ensure that pg_ctl exits with nonzero status if an - operation being waited for does not complete within the timeout - (Peter Eisentraut) - - - - The start and promote operations now return - exit status 1, not 0, in such cases. The stop operation - has always done that. - - - - - - - - - - Source Code - - - - - - - Change to two-part release version numbering (Peter Eisentraut, Tom - Lane) - - - - Release numbers will now have two parts (e.g., 10.1) - rather than three (e.g., 9.6.3). - Major versions will now increase just the first number, and minor - releases will increase just the second number. - Release branches will be referred to by single numbers - (e.g., 10 rather than 9.6). - This change is intended to reduce user confusion about what is a - major or minor release of PostgreSQL. - - - - - - - Improve behavior of pgindent - (Piotr Stefaniak, Tom Lane) - - - - We have switched to a new version of pg_bsd_indent - based on recent improvements made by the FreeBSD project. This - fixes numerous small bugs that led to odd C code formatting - decisions. Most notably, lines within parentheses (such as in a - multi-line function call) are now uniformly indented to match the - opening paren, even if that would result in code extending past the - right margin. - - - - - - - Allow the ICU library to - optionally be used for collation support (Peter Eisentraut) - - - - The ICU library has versioning that allows detection - of collation changes between versions. It is enabled via configure - option . The default still uses the operating - system's native collation library. - - - - - - - Automatically mark all PG_FUNCTION_INFO_V1 functions - as DLLEXPORT-ed on - Windows (Laurenz Albe) - - - - If third-party code is using extern function - declarations, they should also add DLLEXPORT markers - to those declarations. - - - - - - - Remove SPI functions SPI_push(), - SPI_pop(), SPI_push_conditional(), - SPI_pop_conditional(), - and SPI_restore_connection() as unnecessary (Tom Lane) - - - - Their functionality now happens automatically. There are now no-op - macros by these names so that external modules don't need to be - updated immediately, but eventually such calls should be removed. - - - - A side effect of this change is that SPI_palloc() and - allied functions now require an active SPI connection; they do not - degenerate to simple palloc() if there is none. That - previous behavior was not very useful and posed risks of unexpected - memory leaks. - - - - - - - Allow shared memory to be dynamically allocated (Thomas Munro, - Robert Haas) - - - - - - - Add slab-like memory allocator for efficient fixed-size allocations - (Tomas Vondra) - - - - - - - Use POSIX semaphores rather than SysV semaphores - on Linux and FreeBSD (Tom Lane) - - - - This avoids platform-specific limits on SysV semaphore usage. - - - - - - - Improve support for 64-bit atomics (Andres Freund) - - - - - - - Enable 64-bit atomic operations on ARM64 (Roman - Shaposhnik) - - - - - - - Switch to using clock_gettime(), if available, for - duration measurements (Tom Lane) - - - - gettimeofday() is still used - if clock_gettime() is not available. - - - - - - - Add more robust random number generators to be used for - cryptographically secure uses (Magnus Hagander, Michael Paquier, - Heikki Linnakangas) - - - - If no strong random number generator can be - found, configure will fail unless - the option is used. However, with - this option, pgcrypto - functions requiring a strong random number generator will be disabled. - - - - - - - Allow WaitLatchOrSocket() to wait for socket - connection on Windows (Andres Freund) - - - - - - - tupconvert.c functions no longer convert tuples just to - embed a different composite-type OID in them (Ashutosh Bapat, Tom Lane) - - - - The majority of callers don't care about the composite-type OID; - but if the result tuple is to be used as a composite Datum, steps - should be taken to make sure the correct OID is inserted in it. - - - - - - - Remove SCO and Unixware ports (Tom Lane) - - - - - - - Overhaul documentation build - process (Alexander Lakhin) - - - - - - - Use XSLT to build the PostgreSQL - documentation (Peter Eisentraut) - - - - Previously Jade, DSSSL, and - JadeTex were used. - - - - - - - Build HTML documentation using XSLT - stylesheets by default (Peter Eisentraut) - - - - - - - - - Additional Modules - - - - - - - Allow file_fdw to read - from program output as well as files (Corey Huinker, Adam Gomaa) - - - - - - - In postgres_fdw, - push aggregate functions to the remote server, when possible - (Jeevan Chalke, Ashutosh Bapat) - - - - This reduces the amount of data that must be passed from the remote - server, and offloads aggregate computation from the requesting server. - - - - - - - In postgres_fdw, push joins to the remote server in - more cases (David Rowley, Ashutosh Bapat, Etsuro Fujita) - - - - - - - Properly support OID columns in - postgres_fdw tables (Etsuro Fujita) - - - - Previously OID columns always returned zeros. - - - - - - - Allow btree_gist - and btree_gin to - index enum types (Andrew Dunstan) - - - - This allows enums to be used in exclusion constraints. - - - - - - - Add indexing support to btree_gist for the - UUID data type (Paul Jungwirth) - - - - - - - Add amcheck which can - check the validity of B-tree indexes (Peter Geoghegan) - - - - - - - Show ignored constants as $N rather than ? - in - pg_stat_statements - (Lukas Fittl) - - - - - - - Improve cube's handling - of zero-dimensional cubes (Tom Lane) - - - - This also improves handling of infinite and - NaN values. - - - - - - - Allow pg_buffercache to run - with fewer locks (Ivan Kartyshov) - - - - This makes it less disruptive when run on production systems. - - - - - - - Add pgstattuple - function pgstathashindex() to view hash index - statistics (Ashutosh Sharma) - - - - - - - Use GRANT permissions to - control pgstattuple function usage (Stephen Frost) - - - - This allows DBAs to allow non-superusers to run these functions. - - - - - - - Reduce locking when pgstattuple examines hash - indexes (Amit Kapila) - - - - - - - Add pageinspect - function page_checksum() to show a page's checksum - (Tomas Vondra) - - - - - - - Add pageinspect - function bt_page_items() to print page items from a - page image (Tomas Vondra) - - - - - - - Add hash index support to pageinspect (Jesper - Pedersen, Ashutosh Sharma) - - - - - - - - - - - Acknowledgments - - - The following individuals (in alphabetical order) have contributed to this - release as patch authors, committers, reviewers, testers, or reporters of - issues. - - - - Adam Brightwell - Adam Brusselback - Adam Gomaa - Adam Sah - Adrian Klaver - Aidan Van Dyk - Aleksander Alekseev - Alexander Korotkov - Alexander Lakhin - Alexander Sosna - Alexey Bashtanov - Alexey Grishchenko - Alexey Isayko - Álvaro Hernández Tortosa - Álvaro Herrera - Amit Kapila - Amit Khandekar - Amit Langote - Amul Sul - Anastasia Lubennikova - Andreas Joseph Krogh - Andreas Karlsson - Andreas Scherbaum - Andreas Seltenreich - Andres Freund - Andrew Dunstan - Andrew Gierth - Andrew Wheelwright - Andrey Borodin - Andrey Lizenko - Andy Abelisto - Antonin Houska - Ants Aasma - Arjen Nienhuis - Arseny Sher - Artur Zakirov - Ashutosh Bapat - Ashutosh Sharma - Ashwin Agrawal - Atsushi Torikoshi - Ayumi Ishii - Basil Bourque - Beena Emerson - Ben de Graaff - Benedikt Grundmann - Bernd Helmle - Brad DeJong - Brandur Leach - Breen Hagan - Bruce Momjian - Bruno Wolff III - Catalin Iacob - Chapman Flack - Chen Huajun - Choi Doo-Won - Chris Bandy - Chris Richards - Chris Ruprecht - Christian Ullrich - Christoph Berg - Chuanting Wang - Claudio Freire - Clinton Adams - Const Zhang - Constantin Pan - Corey Huinker - Craig Ringer - Cynthia Shang - Dagfinn Ilmari Mannsåker - Daisuke Higuchi - Damian Quiroga - Dan Wood - Dang Minh Huong - Daniel Gustafsson - Daniel Vérité - Daniel Westermann - Daniele Varrazzo - Danylo Hlynskyi - Darko Prelec - Dave Cramer - Dave Page - David Christensen - David Fetter - David Johnston - David Rader - David Rowley - David Steele - Dean Rasheed - Denis Smirnov - Denish Patel - Dennis Björklund - Devrim Gündüz - Dilip Kumar - Dilyan Palauzov - Dima Pavlov - Dimitry Ivanov - Dmitriy Sarafannikov - Dmitry Dolgov - Dmitry Fedin - Don Morrison - Egor Rogov - Eiji Seki - Emil Iggland - Emre Hasegeli - Enrique Meneses - Erik Nordström - Erik Rijkers - Erwin Brandstetter - Etsuro Fujita - Eugen Konkov - Eugene Kazakov - Euler Taveira - Fabien Coelho - Fabrízio de Royes Mello - Feike Steenbergen - Felix Gerzaguet - Filip Jirsák - Fujii Masao - Gabriele Bartolini - Gabrielle Roth - Gao Zengqi - Gerdan Santos - Gianni Ciolli - Gilles Darold - Giuseppe Broccolo - Graham Dutton - Greg Atkins - Greg Burek - Grigory Smolkin - Guillaume Lelarge - Hans Buschmann - Haribabu Kommi - Heikki Linnakangas - Henry Boehlert - Huan Ruan - Ian Barwick - Igor Korot - Ildus Kurbangaliev - Ivan Kartyshov - Jaime Casanova - Jakob Egger - James Parks - Jarred Ward - Jason Li - Jason O'Donnell - Jason Petersen - Jeevan Chalke - Jeevan Ladhe - Jeff Dafoe - Jeff Davis - Jeff Janes - Jelte Fennema - Jeremy Finzel - Jeremy Schneider - Jeroen van der Ham - Jesper Pedersen - Jim Mlodgenski - Jim Nasby - Jinyu Zhang - Joe Conway - Joel Jacobson - John Harvey - Jon Nelson - Jordan Gigov - Josh Berkus - Josh Soref - Julian Markwort - Julien Rouhaud - Junseok Yang - Justin Muise - Justin Pryzby - Kacper Zuk - KaiGai Kohei - Karen Huddleston - Karl Lehenbauer - Karl O. Pinc - Keith Fiske - Kevin Grittner - Kim Rose Carlsen - Konstantin Evteev - Konstantin Knizhnik - Kuntal Ghosh - Kurt Kartaltepe - Kyle Conroy - Kyotaro Horiguchi - Laurenz Albe - Leonardo Cecchi - Ludovic Vaugeois-Pepin - Lukas Fittl - Magnus Hagander - Maksim Milyutin - Maksym Sobolyev - Marc Rassbach - Marc-Olaf Jaschke - Marcos Castedo - Marek Cvoren - Mark Dilger - Mark Kirkwood - Mark Pether - Marko Tiikkaja - Markus Winand - Marllius Ribeiro - Marti Raudsepp - Martín Marqués - Masahiko Sawada - Matheus Oliveira - Mathieu Fenniak - Merlin Moncure - Michael Banck - Michael Day - Michael Meskes - Michael Overmeyer - Michael Paquier - Mike Palmiotto - Milos Urbanek - Mithun Cy - Moshe Jacobson - Murtuza Zabuawala - Naoki Okano - Nathan Bossart - Nathan Wagner - Neha Khatri - Neha Sharma - Neil Anderson - Nicolas Baccelli - Nicolas Guini - Nicolas Thauvin - Nikhil Sontakke - Nikita Glukhov - Nikolaus Thiel - Nikolay Nikitin - Nikolay Shaplov - Noah Misch - Noriyoshi Shinoda - Olaf Gawenda - Oleg Bartunov - Oskari Saarenmaa - Otar Shavadze - Paresh More - Paul Jungwirth - Paul Ramsey - Pavan Deolasee - Pavel Golub - Pavel Hanák - Pavel Raiskup - Pavel Stehule - Peng Sun - Peter Eisentraut - Peter Geoghegan - Petr Jelínek - Philippe Beaudoin - Pierre-Emmanuel André - Piotr Stefaniak - Prabhat Sahu - QL Zhuo - Radek Slupik - Rafa de la Torre - Rafia Sabih - Ragnar Ouchterlony - Rahila Syed - Rajkumar Raghuwanshi - Regina Obe - Richard Pistole - Robert Haas - Robins Tharakan - Rod Taylor - Roman Shaposhnik - Rushabh Lathia - Ryan Murphy - Sandeep Thakkar - Scott Milliken - Sean Farrell - Sebastian Luque - Sehrope Sarkuni - Sergey Burladyan - Sergey Koposov - Shay Rojansky - Shinichi Matsuda - Sho Kato - Simon Riggs - Simone Gotti - Spencer Thomason - Stas Kelvich - Stepan Pesternikov - Stephen Frost - Steve Randall - Steve Singer - Steven Fackler - Steven Winfield - Suraj Kharage - Sveinn Sveinsson - Sven R. Kunze - Tahir Fakhroutdinov - Taiki Kondo - Takayuki Tsunakawa - Takeshi Ideriha - Tatsuo Ishii - Tatsuro Yamada - Teodor Sigaev - Thom Brown - Thomas Kellerer - Thomas Munro - Tim Goodaire - Tobias Bussmann - Tom Dunstan - Tom Lane - Tom van Tilburg - Tomas Vondra - Tomonari Katsumata - Tushar Ahuja - Vaishnavi Prabakaran - Venkata Balaji Nagothi - Vicky Vergara - Victor Wagner - Vik Fearing - Vinayak Pokale - Viren Negi - Vitaly Burovoy - Vladimir Kunshchikov - Vladimir Rusinov - Yi Wen Wong - Yugo Nagata - Zhen Ming Yang - Zhou Digoal - - - - diff --git a/doc/src/sgml/release-11.sgml b/doc/src/sgml/release-11.sgml deleted file mode 100644 index 09b80b8af5..0000000000 --- a/doc/src/sgml/release-11.sgml +++ /dev/null @@ -1,3962 +0,0 @@ - - - - - Release 11.1 - - - Release date: - 2018-11-08 - - - - This release contains a variety of fixes from 11.0. - For information about new features in major release 11, see - . - - - - Migration to Version 11.1 - - - A dump/restore is not required for those running 11.X. - - - - However, if you use the pg_stat_statements extension, - see the changelog entry below about that. - - - - - Changes - - - - - - - Ensure proper quoting of transition table names - when pg_dump emits CREATE TRIGGER - ... REFERENCING commands (Tom Lane) - - - - This oversight could be exploited by an unprivileged user to gain - superuser privileges during the next dump/reload - or pg_upgrade run. (CVE-2018-16850) - - - - - - - Apply the tablespace specified for a partitioned index when creating a - child index (Álvaro Herrera) - - - - Previously, child indexes were always created in the default - tablespace. - - - - - - - Fix NULL handling in parallel hashed multi-batch left joins (Andrew - Gierth, Thomas Munro) - - - - Outer-relation rows with null values of the hash key were omitted from - the join result. - - - - - - - Fix incorrect processing of an array-type coercion expression - appearing within a CASE clause that has a constant - test expression (Tom Lane) - - - - - - - Fix incorrect expansion of tuples lacking recently-added columns - (Andrew Dunstan, Amit Langote) - - - - This is known to lead to crashes in triggers on tables with - recently-added columns, and could have other symptoms as well. - - - - - - - Fix bugs with named or defaulted arguments in CALL - argument lists (Tom Lane, Pavel Stehule) - - - - - - - Fix strictness check for strict aggregates with ORDER - BY columns (Andrew Gierth, Andres Freund) - - - - The strictness logic incorrectly ignored rows for which - the ORDER BY value(s) were null. - - - - - - - Disable recheck_on_update optimization (Tom Lane) - - - - This new-in-v11 feature turns out not to have been ready for prime - time. Disable it until something can be done about it. - - - - - - - Prevent creation of a partition in a trigger attached to its parent - table (Amit Langote) - - - - Ideally we'd allow that, but for the moment it has to be blocked to - avoid crashes. - - - - - - - Fix problems with applying ON COMMIT DELETE ROWS to - a partitioned temporary table (Amit Langote) - - - - - - - Fix character-class checks to not fail on Windows for Unicode - characters above U+FFFF (Tom Lane, Kenji Uno) - - - - This bug affected full-text-search operations, as well - as contrib/ltree - and contrib/pg_trgm. - - - - - - - Ensure that the server will process - already-received NOTIFY - and SIGTERM interrupts before waiting for client - input (Jeff Janes, Tom Lane) - - - - - - - Fix memory leak in repeated SP-GiST index scans (Tom Lane) - - - - This is only known to amount to anything significant in cases where - an exclusion constraint using SP-GiST receives many new index entries - in a single command. - - - - - - - Prevent starting the server with wal_level set - to too low a value to support an existing replication slot (Andres - Freund) - - - - - - - Fix psql, as well as documentation - examples, to call PQconsumeInput() before - each PQnotifies() call (Tom Lane) - - - - This fixes cases in which psql would not - report receipt of a NOTIFY message until after the - next command. - - - - - - - Fix pg_verify_checksums's determination of - which files to check the checksums of (Michael Paquier) - - - - In some cases it complained about files that are not expected to have - checksums. - - - - - - - In contrib/pg_stat_statements, disallow - the pg_read_all_stats role from - executing pg_stat_statements_reset() - (Haribabu Kommi) - - - - pg_read_all_stats is only meant to grant permission - to read statistics, not to change them, so this grant was incorrect. - - - - To cause this change to take effect, run ALTER EXTENSION - pg_stat_statements UPDATE in each database - where pg_stat_statements has been installed. - (A database freshly created in 11.0 should not need this, but a - database upgraded from a previous release probably still contains - the old version of pg_stat_statements. The - UPDATE command is harmless if the module was - already updated.) - - - - - - - Rename red-black tree support functions to use rbt - prefix not rb prefix (Tom Lane) - - - - This avoids name collisions with Ruby functions, which broke - PL/Ruby. It's hoped that there are no other affected extensions. - - - - - - - Fix build problems on macOS 10.14 (Mojave) (Tom Lane) - - - - Adjust configure to add - an switch to CPPFLAGS; - without this, PL/Perl and PL/Tcl fail to configure or build on macOS - 10.14. The specific sysroot used can be overridden at configure time - or build time by setting the PG_SYSROOT variable in - the arguments of configure - or make. - - - - It is now recommended that Perl-related extensions - write $(perl_includespec) rather - than -I$(perl_archlibexp)/CORE in their compiler - flags. The latter continues to work on most platforms, but not recent - macOS. - - - - Also, it should no longer be necessary to - specify manually to get PL/Tcl to - build on recent macOS releases. - - - - - - - Fix MSVC build and regression-test scripts to work on recent Perl - versions (Andrew Dunstan) - - - - Perl no longer includes the current directory in its search path - by default; work around that. - - - - - - - On Windows, allow the regression tests to be run by an Administrator - account (Andrew Dunstan) - - - - To do this safely, pg_regress now gives up - any such privileges at startup. - - - - - - - Update time zone data files to tzdata - release 2018g for DST law changes in Chile, Fiji, Morocco, and Russia - (Volgograd), plus historical corrections for China, Hawaii, Japan, - Macau, and North Korea. - - - - - - - - - - Release 11 - - - Release date: - 2018-10-18 - - - - Overview - - - Major enhancements in PostgreSQL 11 include: - - - - - - - - - Improvements to partitioning functionality, including: - - - - Add support for partitioning by a hash key - - - - - Add support for PRIMARY KEY, FOREIGN - KEY, indexes, and triggers on partitioned tables - - - - - Allow creation of a default partition for storing - data that does not match any of the remaining partitions - - - - - UPDATE statements that change a partition key - column now cause affected rows to be moved to the appropriate - partitions - - - - - Improve SELECT performance through enhanced - partition elimination strategies during query planning and execution - - - - - - - - - Improvements to parallelism, including: - - - - CREATE INDEX can now use parallel processing - while building a B-tree index - - - - - Parallelization is now possible in CREATE TABLE - ... AS, - CREATE MATERIALIZED VIEW, and certain - queries using UNION - - - - - Parallelized hash joins and parallelized sequential scans now - perform better - - - - - - - - - SQL stored procedures that support embedded transactions - - - - - - Optional Just-in-Time (JIT) compilation for some SQL code, speeding - evaluation of expressions - - - - - - Window functions now support all framing options shown in the SQL:2011 - standard, including RANGE distance - PRECEDING/FOLLOWING, GROUPS mode, and - frame exclusion options - - - - - - Covering indexes can now be created, using the - INCLUDE clause of CREATE INDEX - - - - - - Many other useful performance improvements, including the ability to - avoid a table rewrite for ALTER TABLE ... ADD COLUMN - with a non-null column default - - - - - - - The above items are explained in more detail in the sections below. - - - - - - - Migration to Version 11 - - - A dump/restore using , or use of , is required for those wishing to migrate data - from any previous release. - - - - Version 11 contains a number of changes that may affect compatibility - with previous releases. Observe the following incompatibilities: - - - - - - - - - Make pg_dump - dump the properties of a database, not just its contents - (Haribabu Kommi) - - - - Previously, attributes of the database itself, such as database-level - GRANT/REVOKE permissions and - ALTER DATABASE SET variable settings, were only - dumped by pg_dumpall. - Now pg_dump --create and - pg_restore --create will restore these database - properties in addition to the objects within the - database. pg_dumpall -g now only dumps role- - and tablespace-related attributes. - pg_dumpall's complete output (without - ) is unchanged. - - - - pg_dump and - pg_restore, without - , no longer dump/restore database-level - comments and security labels; those are now treated as properties of - the database. - - - - pg_dumpall's output script will now always - create databases with their original locale and encoding, and hence - will fail if the locale or encoding name is unknown to the - destination system. Previously, CREATE DATABASE - would be emitted without these specifications if the database locale - and encoding matched the old cluster's defaults. - - - - pg_dumpall --clean now restores the original - locale and encoding settings of the postgres - and template1 databases, as well as those of - user-created databases. - - - - - - - - Consider syntactic form when disambiguating function versus column - references (Tom Lane) - - - - When x is a table name or composite - column, PostgreSQL has traditionally - considered the syntactic - forms f(x) - and x.f - to be equivalent, allowing tricks such as writing a function and - then using it as though it were a computed-on-demand column. - However, if both interpretations are feasible, the column - interpretation was always chosen, leading to surprising results if - the user intended the function interpretation. Now, if there is - ambiguity, the interpretation that matches the syntactic form is - chosen. - - - - - - - Fully enforce uniqueness of table and domain constraint names - (Tom Lane) - - - - PostgreSQL expects the names of a table's - constraints to be distinct, and likewise for the names of a domain's - constraints. However, there was not rigid enforcement of this, and - previously there were corner cases where duplicate names could be - created. - - - - - - - - Make power(numeric, numeric) - and power(float8, float8) - handle NaN inputs according to the POSIX standard - (Tom Lane, Dang Minh Huong) - - - - POSIX says that NaN ^ 0 = 1 and 1 ^ NaN - = 1, but all other cases with NaN - input(s) should return NaN. - power(numeric, numeric) just - returned NaN in all such cases; now it honors the - two exceptions. power(float8, float8) followed - the standard if the C library does; but on some old Unix platforms - the library doesn't, and there were also problems on some versions - of Windows. - - - - - - - - Prevent to_number() - from consuming characters when the template separator does not - match (Oliver Ford) - - - - Specifically, SELECT to_number('1234', '9,999') - used to return 134. It will now - return 1234. L and - TH now only consume characters that are not - digits, positive/negative signs, decimal points, or commas. - - - - - - - - Fix to_date(), - to_number(), and - to_timestamp() to skip a character for each - template character (Tom Lane) - - - - Previously, they skipped one byte for each byte - of template character, resulting in strange behavior if either string - contained multibyte characters. - - - - - - - - Adjust the handling of backslashes inside double-quotes in - template strings for to_char(), - to_number(), and - to_timestamp(). - - - - Such a backslash now escapes the character after it, particularly - a double-quote or another backslash. - - - - - - - - Correctly handle relative path expressions - in xmltable(), xpath(), - and other XML-handling functions (Markus Winand) - - - - Per the SQL standard, relative paths start from the document node of - the XML input document, not the root node as these functions - previously did. - - - - - - - - In the extended query - protocol, - make statement_timeout - apply to each Execute message separately, not to all commands before - Sync (Tatsuo Ishii, Andres Freund) - - - - - - - - Remove the relhaspkey column from system - catalog pg_class (Peter Eisentraut) - - - - Applications needing to check for a primary key should consult - pg_index. - - - - - - - - Replace system catalog pg_proc's - proisagg and - proiswindow columns with - prokind (Peter Eisentraut) - - - - This new column more clearly distinguishes functions, procedures, - aggregates, and window functions. - - - - - - - - Correct information schema column tables.table_type - to return FOREIGN instead of FOREIGN - TABLE (Peter Eisentraut) - - - - This new output matches the SQL standard. - - - - - - - - Change the ps process display - labels for background workers to match the pg_stat_activity.backend_type - labels (Peter Eisentraut) - - - - - - - - Cause large object permission checks - to happen during large object open, lo_open(), not - when a read or write is attempted (Tom Lane, Michael Paquier) - - - - If write access is requested and not available, an error will now be - thrown even if the large object is never written to. - - - - - - - Prevent non-superusers from reindexing shared catalogs - (Michael Paquier, Robert Haas) - - - - Previously, database owners were also allowed to do this, but - now it is considered outside the bounds of their privileges. - - - - - - - - Remove deprecated adminpack functions - pg_file_read(), - pg_file_length(), and - pg_logfile_rotate() (Stephen Frost) - - - - Equivalent functionality is now present in the core backend. - Existing adminpack installs will continue to have - access to these functions until they are updated via ALTER - EXTENSION ... UPDATE. - - - - - - - - Honor the capitalization of double-quoted command options - (Daniel Gustafsson) - - - - Previously, option names in certain SQL commands were forcibly - lower-cased even if entered with double quotes; thus for example - "FillFactor" would be accepted as an index storage - option, though properly its name is lower-case. Such cases will now - generate an error. - - - - - - - - Remove server parameter replacement_sort_tuples - (Peter Geoghegan) - - - - Replacement sorts were determined to be no longer useful. - - - - - - - - - Remove WITH clause in CREATE - FUNCTION (Michael Paquier) - - - - PostgreSQL has long supported a more - standard-compliant syntax for this capability. - - - - - - - - In PL/pgSQL trigger functions, the OLD - and NEW variables now read as NULL when not - assigned (Tom Lane) - - - - Previously, references to these variables could be parsed but not - executed. - - - - - - - - - Changes - - - Below you will find a detailed account of the changes between - PostgreSQL 11 and the previous major - release. - - - - Server - - - Partitioning - - - - - - - - Allow the creation of partitions based on hashing a key column - (Amul Sul) - - - - - - - - Support indexes on partitioned tables (Álvaro Herrera, - Amit Langote) - - - - An index on a partitioned table is not a physical - index across the whole partitioned table, but rather a template for - automatically creating similar indexes on each partition of the - table. - - - - If the partition key is part of the index's column set, a - partitioned index may be declared UNIQUE. - It will represent a valid uniqueness constraint across the whole - partitioned table, even though each physical index only enforces - uniqueness within its own partition. - - - - The new command ALTER - INDEX ATTACH PARTITION causes an existing index on - a partition to be associated with a matching index template for its - partitioned table. This provides flexibility in setting up a new - partitioned index for an existing partitioned table. - - - - - - - - Allow foreign keys on partitioned tables (Álvaro Herrera) - - - - - - - - Allow FOR EACH ROW triggers on partitioned - tables (Álvaro Herrera) - - - - Creation of a trigger on a partitioned table automatically creates - triggers on all existing and future partitions. - This also allows deferred unique constraints on partitioned tables. - - - - - - - - Allow partitioned tables to have a default partition (Jeevan Ladhe, - Beena Emerson, Ashutosh Bapat, Rahila Syed, Robert Haas) - - - - The default partition will store rows that don't match any of the - other defined partitions, and is searched accordingly. - - - - - - - - UPDATE statements that change a partition key - column now cause affected rows to be moved to the appropriate - partitions (Amit Khandekar) - - - - - - - - Allow INSERT, UPDATE, and - COPY on partitioned tables to properly route - rows to foreign partitions (Etsuro Fujita, Amit Langote) - - - - This is supported by postgres_fdw - foreign tables. - - - - - - - - Allow faster partition elimination during query processing (Amit - Langote, David Rowley, Dilip Kumar) - - - - This speeds access to partitioned tables with many partitions. - - - - - - - - Allow partition elimination during query execution (David Rowley, - Beena Emerson) - - - - Previously, partition elimination only happened at planning - time, meaning many joins and prepared queries could not use - partition elimination. - - - - - - - - In an equality join between partitioned tables, allow matching - partitions to be joined directly (Ashutosh Bapat) - - - - This feature is disabled by default - but can be enabled by changing enable_partitionwise_join. - - - - - - - - Allow aggregate functions on partitioned tables to be evaluated - separately for each partition, subsequently merging the results - (Jeevan Chalke, Ashutosh Bapat, Robert Haas) - - - - This feature is disabled by default - but can be enabled by changing enable_partitionwise_aggregate. - - - - - - - - Allow postgres_fdw - to push down aggregates to foreign tables that are partitions - (Jeevan Chalke) - - - - - - - - - - Parallel Queries - - - - - - - - Allow parallel building of a btree index (Peter Geoghegan, - Rushabh Lathia, Heikki Linnakangas) - - - - - - - - Allow hash joins to be performed in parallel using a shared hash - table (Thomas Munro) - - - - - - - - Allow UNION to run each - SELECT in parallel if the individual - SELECTs cannot be parallelized (Amit Khandekar, - Robert Haas, Amul Sul) - - - - - - - - Allow partition scans to more efficiently use parallel workers - (Amit Khandekar, Robert Haas, Amul Sul) - - - - - - - - Allow LIMIT to be passed to parallel workers - (Robert Haas, Tom Lane) - - - - This allows workers to reduce returned results and use targeted - index scans. - - - - - - - - Allow single-evaluation queries, e.g. WHERE - clause aggregate queries, and functions in the target list to be - parallelized (Amit Kapila, Robert Haas) - - - - - - - - Add server parameter parallel_leader_participation - to control whether the leader also executes subplans (Thomas Munro) - - - - The default is enabled, meaning the leader will execute subplans. - - - - - - - - Allow parallelization of commands CREATE TABLE - ... AS, SELECT INTO, and - CREATE MATERIALIZED VIEW (Haribabu Kommi) - - - - - - - - Improve performance of sequential scans with many parallel workers - (David Rowley) - - - - - - - - Add reporting of parallel workers' sort activity in - EXPLAIN (Robert Haas, Tom Lane) - - - - - - - - - - Indexes - - - - - - - - Allow B-tree indexes to include columns that are not part of the - search key or unique constraint, but are available to be read by - index-only scans (Anastasia Lubennikova, Alexander Korotkov, Teodor - Sigaev) - - - - This is enabled by the new INCLUDE clause of CREATE INDEX. - It facilitates building covering indexes that optimize - specific types of queries. Columns can be included even if their - data types don't have B-tree support. - - - - - - - - Improve performance of monotonically increasing index additions - (Pavan Deolasee, Peter Geoghegan) - - - - - - - - Improve performance of hash index scans (Ashutosh Sharma) - - - - - - - - Add predicate locking for hash, GiST and GIN indexes (Shubham - Barai) - - - - This reduces the likelihood of serialization conflicts in - serializable-mode transactions. - - - - - - - <link linkend="spgist">SP-Gist</link> - - - - - - - - Add prefix-match - operator text ^@ text, - which is supported by SP-GiST (Ildus Kurbangaliev) - - - - This is similar to using var LIKE - 'word%' with a btree index, but it is more efficient. - - - - - - - - Allow polygons to be indexed with SP-GiST (Nikita Glukhov, - Alexander Korotkov) - - - - - - - - Allow SP-GiST to use lossy representation of leaf keys (Teodor Sigaev, - Heikki Linnakangas, Alexander Korotkov, Nikita Glukhov) - - - - - - - - - - - - Optimizer - - - - - - - - Improve selection of the most common values for statistics - (Jeff Janes, Dean Rasheed) - - - - Previously, the most common values (MCVs) were - identified based on their frequency compared to all column - values. Now, MCVs are chosen based on their - frequency compared to the non-MCV values. - This improves the robustness of the algorithm for both uniform and - non-uniform distributions. - - - - - - - - Improve selectivity estimates for >= - and <= (Tom Lane) - - - - Previously, such cases used the same selectivity estimates - as > and <, respectively, - unless the comparison constants are MCVs. - This change is particularly helpful for queries - involving BETWEEN with small ranges. - - - - - - - - Reduce var = - var - to var IS NOT NULL - where equivalent (Tom Lane) - - - - This leads to better selectivity estimates. - - - - - - - - Improve optimizer's row count estimates for EXISTS - and NOT EXISTS queries (Tom Lane) - - - - - - - - Make the optimizer account for evaluation costs and selectivity - of HAVING clauses (Tom Lane) - - - - - - - - - - General Performance - - - - - - - - Add Just-in-Time - (JIT) compilation of some parts of query plans - to improve execution speed (Andres Freund) - - - - This feature requires LLVM to be - available. It is not currently enabled by default, even in - builds that support it. - - - - - - - - Allow bitmap scans to perform index-only scans when possible - (Alexander Kuzmenkov) - - - - - - - - Update the free space map during VACUUM - (Claudio Freire) - - - - This allows free space to be reused more quickly. - - - - - - - - Allow VACUUM to avoid unnecessary index scans - (Masahiko Sawada, Alexander Korotkov) - - - - - - - - Improve performance of committing multiple concurrent transactions - (Amit Kapila) - - - - - - - - Reduce memory usage for queries using set-returning functions in - their target lists (Andres Freund) - - - - - - - - Improve the speed of aggregate computations (Andres Freund) - - - - - - - - Allow postgres_fdw - to push UPDATEs and DELETEs - using joins to foreign servers (Etsuro Fujita) - - - - Previously, only non-join UPDATEs and - DELETEs were pushed. - - - - - - - - - Add support for large pages on Windows - (Takayuki Tsunakawa, Thomas Munro) - - - - This is controlled by the huge_pages configuration - parameter. - - - - - - - - - Monitoring - - - - - - - - Show memory usage in output from log_statement_stats, - log_parser_stats, - log_planner_stats, and - log_executor_stats (Justin Pryzby, Peter - Eisentraut) - - - - - - - - Add column pg_stat_activity.backend_type - to show the type of a background worker (Peter Eisentraut) - - - - The type is also visible in ps output. - - - - - - - - Make log_autovacuum_min_duration - log skipped tables that are concurrently being dropped (Nathan - Bossart) - - - - - - - - <link linkend="infoschema-tables">Information Schema</link> - - - - - - - - Add information_schema columns related to table - constraints and triggers (Peter Eisentraut) - - - - Specifically, - triggers.action_order, - triggers.action_reference_old_table, - and - triggers.action_reference_new_table - are now populated, where before they were always null. Also, - table_constraints.enforced - now exists but is not yet usefully populated. - - - - - - - - - - - <acronym>Authentication</acronym> - - - - - - - - Allow the server to specify more complex LDAP specifications - in search+bind mode (Thomas Munro) - - - - Specifically, ldapsearchfilter allows pattern matching using - combinations of LDAP attributes. - - - - - - - - Allow LDAP authentication to use - encrypted LDAP (Thomas Munro) - - - - We already supported LDAP over - TLS by using ldaptls=1. - This new TLS LDAP method for - encrypted LDAP is enabled - with ldapscheme=ldaps - or ldapurl=ldaps://. - - - - - - - - Improve logging of LDAP errors (Thomas Munro) - - - - - - - - - - Permissions - - - - - - - - Add default roles that - enable file system access (Stephen Frost) - - - - Specifically, the new roles are: - pg_read_server_files, - pg_write_server_files, and - pg_execute_server_program. These roles now also - control who can use server-side COPY and the file_fdw extension. - Previously, only superusers could use these functions, and that - is still the default behavior. - - - - - - - - Allow access to file system functions to be controlled by - GRANT/REVOKE permissions, - rather than superuser checks (Stephen Frost) - - - - Specifically, these functions were modified: pg_ls_dir(), - pg_read_file(), - pg_read_binary_file(), - pg_stat_file(). - - - - - - - - Use GRANT/REVOKE - to control access to lo_import() - and lo_export() (Michael Paquier, Tom Lane) - - - - Previously, only superusers were granted access to these functions. - - - - The compile-time option ALLOW_DANGEROUS_LO_FUNCTIONS - has been removed. - - - - - - - - Use view owner not session owner when - preventing non-password access to postgres_fdw - tables (Robert Haas) - - - - PostgreSQL only allows superusers to - access postgres_fdw tables without - passwords, e.g. via peer. Previously, the - session owner had to be a superuser to allow such access; now - the view owner is checked instead. - - - - - - - - Fix invalid locking permission check in SELECT FOR - UPDATE on views (Tom Lane) - - - - - - - - - - Server Configuration - - - - - - - - Add server setting ssl_passphrase_command - to allow supplying of the passphrase for SSL - key files (Peter Eisentraut) - - - - Also add ssl_passphrase_command_supports_reload - to specify whether the SSL configuration - should be reloaded and ssl_passphrase_command - called during a server configuration reload. - - - - - - - - Add storage parameter toast_tuple_target - to control the minimum tuple length before TOAST - storage will be considered (Simon Riggs) - - - - The default TOAST threshold has not been - changed. - - - - - - - - Allow server options related to memory and file sizes to be - specified in units of bytes (Beena Emerson) - - - - The new unit suffix is B. This is in addition to the - existing units kB, MB, GB - and TB. - - - - - - - - - - <link linkend="wal">Write-Ahead Log</link> (<acronym>WAL</acronym>) - - - - - - - - Allow the WAL file size to be set - during initdb (Beena Emerson) - - - - Previously, the 16MB default could only be changed at compile time. - - - - - - - - Retain WAL data for only a single checkpoint - (Simon Riggs) - - - - Previously, WAL was retained for two checkpoints. - - - - - - - - Fill the unused portion of force-switched WAL - segment files with zeros for improved compressibility (Chapman - Flack) - - - - - - - - - - - - Base Backup and Streaming Replication - - - - - - - - Replicate TRUNCATE activity when using logical - replication (Simon Riggs, Marco Nenciarini, Peter Eisentraut) - - - - - - - - Pass prepared transaction information to logical replication - subscribers (Nikhil Sontakke, Stas Kelvich) - - - - - - - - Exclude unlogged tables, temporary tables, and - pg_internal.init files from streaming base - backups (David Steele) - - - - There is no need to copy such files. - - - - - - - - Allow checksums of heap pages to be verified during streaming base - backup (Michael Banck) - - - - - - - - Allow replication slots to be advanced programmatically, rather - than be consumed by subscribers (Petr Jelinek) - - - - This allows efficient advancement of replication slots when the - contents do not need to be consumed. This is performed by - pg_replication_slot_advance(). - - - - - - - - Add timeline information to the backup_label - file (Michael Paquier) - - - - Also add a check that the WAL timeline matches - the backup_label file's timeline. - - - - - - - - Add host and port connection information to the - pg_stat_wal_receiver system view - (Haribabu Kommi) - - - - - - - - - Utility Commands - - - - - - - - Allow ALTER TABLE to add a column with - a non-null default without doing a table rewrite (Andrew Dunstan, - Serge Rielau) - - - - This is enabled when the default value is a constant. - - - - - - - - Allow views to be locked by locking the underlying tables - (Yugo Nagata) - - - - - - - - Allow ALTER INDEX to set statistics-gathering - targets for expression indexes (Alexander Korotkov, Adrien Nayrat) - - - - In psql, \d+ now shows - the statistics target for indexes. - - - - - - - - Allow multiple tables to be specified in one - VACUUM or ANALYZE command - (Nathan Bossart) - - - - Also, if any table mentioned in VACUUM uses - a column list, then the ANALYZE keyword must be - supplied; previously, ANALYZE was implied in - such cases. - - - - - - - - Add parenthesized options syntax to ANALYZE - (Nathan Bossart) - - - - This is similar to the syntax supported by - VACUUM. - - - - - - - - Add CREATE AGGREGATE option to specify the - behavior of the aggregate's finalization function (Tom Lane) - - - - This is helpful for allowing user-defined aggregate functions to be - optimized and to work as window functions. - - - - - - - - - - Data Types - - - - - - - - Allow the creation of arrays of domains (Tom Lane) - - - - This also allows array_agg() to be used - on domains. - - - - - - - - Support domains over composite types (Tom Lane) - - - - Also allow PL/Perl, PL/Python, and PL/Tcl to handle - composite-domain function arguments and results. Also improve - PL/Python domain handling. - - - - - - - - Add casts from JSONB scalars to numeric and boolean data - types (Anastasia Lubennikova) - - - - - - - - - - Functions - - - - - - - - Add all window function framing - options specified by SQL:2011 (Oliver Ford, Tom Lane) - - - - Specifically, allow RANGE mode to use - PRECEDING and FOLLOWING to - select rows having grouping values within plus or minus the - specified offset. Add GROUPS mode to include plus - or minus the number of peer groups. Frame exclusion syntax was also - added. - - - - - - - - - Add SHA-2 family of hash functions (Peter - Eisentraut) - - - - Specifically, sha224(), - sha256(), sha384(), - sha512() were added. - - - - - - - - Add support for 64-bit non-cryptographic hash functions (Robert - Haas, Amul Sul) - - - - - - - - Allow to_char() and - to_timestamp() to specify the time zone's - offset from UTC in hours and minutes - (Nikita Glukhov, Andrew Dunstan) - - - - This is done with format specifications TZH - and TZM. - - - - - - - - Add text search function websearch_to_tsquery() - that supports a query syntax similar to that used by web search - engines (Victor Drobny, Dmitry Ivanov) - - - - - - - - Add functions json(b)_to_tsvector() - to create a text search query for matching - JSON/JSONB values (Dmitry Dolgov) - - - - - - - - - - Server-Side Languages - - - - - - - - Add SQL-level procedures, which can start and commit their own - transactions (Peter Eisentraut) - - - - They are created with the new CREATE - PROCEDURE command and invoked via CALL. - - - - The new ALTER/DROP ROUTINE - commands allow altering/dropping of all routine-like objects, - including procedures, functions, and aggregates. - - - - Also, writing FUNCTION is now preferred - over writing PROCEDURE in CREATE - OPERATOR and CREATE TRIGGER, because the - referenced object must be a function not a procedure. However, the - old syntax is still accepted for compatibility. - - - - - - - - Add transaction control to PL/pgSQL, PL/Perl, PL/Python, PL/Tcl, - and SPI server-side languages (Peter Eisentraut) - - - - Transaction control is only available within top-transaction-level - procedures and nested DO and - CALL blocks that only contain other - DO and CALL blocks. - - - - - - - - Add the ability to define PL/pgSQL composite-type variables as not - null, constant, or with initial values (Tom Lane) - - - - - - - - Allow PL/pgSQL to handle changes to composite types (e.g. record, - row) that happen between the first and later function executions - in the same session (Tom Lane) - - - - Previously, such circumstances generated errors. - - - - - - - - Add extension jsonb_plpython to - transform JSONB to/from PL/Python types (Anthony - Bykov) - - - - - - - - Add extension jsonb_plperl to transform - JSONB to/from PL/Perl types (Anthony Bykov) - - - - - - - - - - Client Interfaces - - - - - - - - Change libpq to disable compression by default (Peter Eisentraut) - - - - Compression is already disabled in modern OpenSSL versions, so that - the libpq setting had no effect with such libraries. - - - - - - - - Add DO CONTINUE option - to ecpg's WHENEVER - statement (Vinayak Pokale) - - - - This generates a C continue statement, causing a - return to the top of the contained loop when the specified condition - occurs. - - - - - - - - Add an ecpg mode to enable Oracle - Pro*C-style handling of char arrays. - - - - This mode is enabled with . - - - - - - - - - - Client Applications - - - <xref linkend="app-psql"/> - - - - - - - - Add psql command \gdesc - to display the names and types of the columns in a query result - (Pavel Stehule) - - - - - - - - Add psql variables to report query - activity and errors (Fabien Coelho) - - - - Specifically, the new variables are ERROR, - SQLSTATE, ROW_COUNT, - LAST_ERROR_MESSAGE, and - LAST_ERROR_SQLSTATE. - - - - - - - - Allow psql to test for the existence - of a variable (Fabien Coelho) - - - - Specifically, the syntax :{?variable_name} allows - a variable's existence to be tested in an \if - statement. - - - - - - - - Allow environment variable PSQL_PAGER to control - psql's pager (Pavel Stehule) - - - - This allows psql's default pager to - be specified as a separate environment variable from the pager - for other applications. PAGER is still honored - if PSQL_PAGER is not set. - - - - - - - - Make psql's \d+ command always show the table's - partitioning information (Amit Langote, Ashutosh Bapat) - - - - Previously, partition information would not be displayed for a - partitioned table if it had no partitions. Also indicate which - partitions are themselves partitioned. - - - - - - - - Ensure that psql reports the proper user - name when prompting for a password (Tom Lane) - - - - Previously, combinations of and a user name - embedded in a URI caused incorrect reporting. - Also suppress the user name before the password prompt when - is specified. - - - - - - - - Allow quit and exit to - exit psql when given with no prior input - (Bruce Momjian) - - - - Also print hints about how to exit when quit and - exit are used alone on a line while the input - buffer is not empty. Add a similar hint for help. - - - - - - - - Make psql hint at using control-D - when \q is entered alone on a line but ignored - (Bruce Momjian) - - - - For example, \q does not exit when supplied - in character strings. - - - - - - - - Improve tab completion for ALTER INDEX - RESET/SET (Masahiko Sawada) - - - - - - - - Add infrastructure to allow psql - to adapt its tab completion queries based on the server version - (Tom Lane) - - - - Previously, tab completion queries could fail against older servers. - - - - - - - - - - <link linkend="pgbench"><application>pgbench</application></link> - - - - - - - - Add pgbench expression support for - NULLs, booleans, and some functions and operators (Fabien Coelho) - - - - - - - - Add \if conditional support to - pgbench (Fabien Coelho) - - - - - - - - Allow the use of non-ASCII characters in - pgbench variable names (Fabien Coelho) - - - - - - - - Add pgbench option - to control the initialization steps - performed (Masahiko Sawada) - - - - - - - - Add an approximately Zipfian-distributed random generator to - pgbench (Alik Khilazhev) - - - - - - - - Allow the random seed to be set in - pgbench (Fabien Coelho) - - - - - - - - Allow pgbench to do exponentiation - with pow() and power() - (Raúl Marín Rodríguez) - - - - - - - - Add hashing functions to pgbench - (Ildar Musin) - - - - - - - - Make pgbench statistics more - accurate when using and - (Fabien Coelho) - - - - - - - - - - - - Server Applications - - - - - - - - Add an option to pg_basebackup - that creates a named replication slot (Michael Banck) - - - - The option creates - the named replication slot () - when the WAL streaming method - () is used. - - - - - - - - Allow initdb - to set group read access to the data directory (David Steele) - - - - This is accomplished with the new initdb option - . Administrators - can also set group permissions on the empty data - directory before running initdb. Server variable data_directory_mode - allows reading of data directory group permissions. - - - - - - - - Add pg_verify_checksums - tool to verify database checksums while offline (Magnus Hagander) - - - - - - - - Allow pg_resetwal - to change the WAL segment size via - (Nathan Bossart) - - - - - - - - Add long options to pg_resetwal - and pg_controldata (Nathan Bossart, - Peter Eisentraut) - - - - - - - - Add pg_receivewal - option to prevent synchronous - WAL writes, for testing (Michael Paquier) - - - - - - - - Add pg_receivewal option - to specify when WAL - receiving should stop (Michael Paquier) - - - - - - - - Allow pg_ctl - to send the SIGKILL signal to processes - (Andres Freund) - - - - This was previously unsupported due to concerns over possible misuse. - - - - - - - - Reduce the number of files copied by pg_rewind - (Michael Paquier) - - - - - - - - Prevent pg_rewind from running as - root (Michael Paquier) - - - - - - - - <link linkend="app-pgdump"><application>pg_dump</application></link>, - <link linkend="app-pg-dumpall"><application>pg_dumpall</application></link>, - <link linkend="app-pgrestore"><application>pg_restore</application></link> - - - - - - - - Add pg_dumpall option - to control output encoding - (Michael Paquier) - - - - pg_dump already had this option. - - - - - - - - Add pg_dump option - to force loading of - data into the partition's root table, rather than the original - partition (Rushabh Lathia) - - - - This is useful if the system to be loaded to has different collation - definitions or endianness, possibly requiring rows to be stored in - different partitions than previously. - - - - - - - - Add an option to suppress dumping and restoring database object - comments (Robins Tharakan) - - - - The new pg_dump, - pg_dumpall, and - pg_restore option is - . - - - - - - - - - - - - Source Code - - - - - - - Add PGXS support for installing include - files (Andrew Gierth) - - - - This supports creating extension modules that depend on other - modules. Formerly there was no easy way for the dependent module to - find the referenced one's include files. Several - existing contrib modules that define data types - have been adjusted to install relevant files. Also, PL/Perl and - PL/Python now install their include files, to support creation of - transform modules for those languages. - - - - - - - - Install errcodes.txt to allow extensions to access - the list of error codes known to PostgreSQL - (Thomas Munro) - - - - - - - - Convert documentation to DocBook XML (Peter - Eisentraut, Alexander Lakhin, Jürgen Purtz) - - - - The file names still use an sgml extension - for compatibility with back branches. - - - - - - - - Use stdbool.h to define type bool - on platforms where it's suitable, which is most (Peter Eisentraut) - - - - This eliminates a coding hazard for extension modules that need - to include stdbool.h. - - - - - - - - Overhaul the way that initial system catalog contents are defined - (John Naylor) - - - - The initial data is now represented in Perl data structures, making - it much easier to manipulate mechanically. - - - - - - - - Prevent extensions from creating custom server parameters that - take a quoted list of values (Tom Lane) - - - - This cannot be supported at present because knowledge of the - parameter's property would be required even before the extension is - loaded. - - - - - - - - Add ability to use channel binding when using SCRAM - authentication (Michael Paquier) - - - - Channel binding is intended to prevent man-in-the-middle attacks, but - SCRAM cannot prevent them unless it can be forced - to be active. Unfortunately, there is no way to do that in libpq. - Support for it is expected in future versions of libpq and in - interfaces not built using libpq, e.g. JDBC. - - - - - - - - Allow background workers to attach to databases that normally - disallow connections (Magnus Hagander) - - - - - - - - Add support for hardware CRC calculations - on ARMv8 (Yuqi Gu, Heikki Linnakangas, - Thomas Munro) - - - - - - - - Speed up lookups of built-in functions by OID (Andres Freund) - - - - The previous binary search has been replaced by a lookup array. - - - - - - - - Speed up construction of query results (Andres Freund) - - - - - - - - Improve speed of access to system caches (Andres Freund) - - - - - - - - Add a generational memory allocator which is optimized for serial - allocation/deallocation (Tomas Vondra) - - - - This reduces memory usage for logical decoding. - - - - - - - - Make the computation of - pg_class.reltuples - by VACUUM consistent with its computation - by ANALYZE (Tomas Vondra) - - - - - - - - Update to use perltidy version - 20170521 (Tom Lane, Peter Eisentraut) - - - - - - - - - Additional Modules - - - - - - - - Allow extension pg_prewarm - to restore the previous shared buffer contents on startup (Mithun - Cy, Robert Haas) - - - - This is accomplished by having pg_prewarm store - the shared buffers' relation and block number data to disk - occasionally during server operation, and at shutdown. - - - - - - - - Add pg_trgm - function strict_word_similarity() to compute - the similarity of whole words (Alexander Korotkov) - - - - The function word_similarity() already - existed for this purpose, but it was designed to find similar - parts of words, while strict_word_similarity() - computes the similarity to whole words. - - - - - - - - Allow creation of indexes that can be used by LIKE - comparisons - on citext columns - (Alexey Chernyshov) - - - - To do this, the index must be created using the - citext_pattern_ops operator class. - - - - - - - - Allow btree_gin - to index bool, bpchar, name - and uuid data types (Matheus Oliveira) - - - - - - - - Allow cube - and seg - extensions to perform index-only scans using GiST indexes - (Andrey Borodin) - - - - - - - - Allow retrieval of negative cube coordinates using - the ~> operator (Alexander Korotkov) - - - - This is useful for KNN-GiST searches when looking for coordinates in - descending order. - - - - - - - - Add Vietnamese letter handling to the unaccent - extension (Dang Minh Huong, Michael Paquier) - - - - - - - - Enhance amcheck - to check that each heap tuple has an index entry (Peter Geoghegan) - - - - - - - - Have adminpack - use the new default file system access roles (Stephen Frost) - - - - Previously, only superusers could call adminpack - functions; now role permissions are checked. - - - - - - - - Widen pg_stat_statement's query ID - to 64 bits (Robert Haas) - - - - This greatly reduces the chance of query ID hash collisions. - The query ID can now potentially display as a negative value. - - - - - - - - Remove the contrib/start-scripts/osx scripts - since they are no longer recommended - (use contrib/start-scripts/macos instead) - (Tom Lane) - - - - - - - - Remove the chkpass extension (Peter Eisentraut) - - - - This extension is no longer considered to be a usable security tool - or example of how to write an extension. - - - - - - - - - - - - Acknowledgments - - - The following individuals (in alphabetical order) have contributed to this - release as patch authors, committers, reviewers, testers, or reporters of - issues. - - - - Abhijit Menon-Sen - Adam Bielanski - Adam Brightwell - Adam Brusselback - Aditya Toshniwal - Adrián Escoms - Adrien Nayrat - Akos Vandra - Aleksander Alekseev - Aleksandr Parfenov - Alexander Korotkov - Alexander Kukushkin - Alexander Kuzmenkov - Alexander Lakhin - Alexandre Garcia - Alexey Bashtanov - Alexey Chernyshov - Alexey Kryuchkov - Alik Khilazhev - Álvaro Herrera - Amit Kapila - Amit Khandekar - Amit Langote - Amul Sul - Anastasia Lubennikova - Andreas Joseph Krogh - Andreas Karlsson - Andreas Seltenreich - André Hänsel - Andrei Gorita - Andres Freund - Andrew Dunstan - Andrew Fletcher - Andrew Gierth - Andrew Grossman - Andrew Krasichkov - Andrey Borodin - Andrey Lizenko - Andy Abelisto - Anthony Bykov - Antoine Scemama - Anton Dignös - Antonin Houska - Arseniy Sharoglazov - Arseny Sher - Arthur Zakirov - Ashutosh Bapat - Ashutosh Sharma - Ashwin Agrawal - Asim Praveen - Atsushi Torikoshi - Badrul Chowdhury - Balazs Szilfai - Basil Bourque - Beena Emerson - Ben Chobot - Benjamin Coutu - Bernd Helmle - Blaz Merela - Brad DeJong - Brent Dearth - Brian Cloutier - Bruce Momjian - Catalin Iacob - Chad Trabant - Chapman Flack - Christian Duta - Christian Ullrich - Christoph Berg - Christoph Dreis - Christophe Courtois - Christopher Jones - Claudio Freire - Clayton Salem - Craig Ringer - Dagfinn Ilmari MannsÃ¥ker - Dan Vianello - Dan Watson - Dang Minh Huong - Daniel Gustafsson - Daniel Vérité - Daniel Westermann - Daniel Wood - Darafei Praliaskouski - Dave Cramer - Dave Page - David Binderman - David Carlier - David Fetter - David G. Johnston - David Gould - David Hinkle - David Pereiro Lagares - David Rader - David Rowley - David Steele - Davy Machado - Dean Rasheed - Dian Fay - Dilip Kumar - Dmitriy Sarafannikov - Dmitry Dolgov - Dmitry Ivanov - Dmitry Shalashov - Don Seiler - Doug Doole - Doug Rady - Edmund Horner - Eiji Seki - Elvis Pranskevichus - Emre Hasegeli - Erik Rijkers - Erwin Brandstetter - Etsuro Fujita - Euler Taveira - Everaldo Canuto - Fabien Coelho - Fabrízio de Royes Mello - Feike Steenbergen - Frits Jalvingh - Fujii Masao - Gao Zengqi - Gianni Ciolli - Greg Stark - Gunnlaugur Thor Briem - Guo Xiang Tan - Hadi Moshayedi - Hailong Li - Haribabu Kommi - Heath Lord - Heikki Linnakangas - Hugo Mercier - Igor Korot - Igor Neyman - Ildar Musin - Ildus Kurbangaliev - Ioseph Kim - Jacob Champion - Jaime Casanova - Jakob Egger - Jean-Pierre Pelletier - Jeevan Chalke - Jeevan Ladhe - Jeff Davis - Jeff Janes - Jeremy Evans - Jeremy Finzel - Jeremy Schneider - Jesper Pedersen - Jim Nasby - Jimmy Yih - Jing Wang - Jobin Augustine - Joe Conway - John Gorman - John Naylor - Jon Nelson - Jon Wolski - Jonathan Allen - Jonathan S. Katz - Julien Rouhaud - Jürgen Purtz - Justin Pryzby - KaiGai Kohei - Kaiting Chen - Karl Lehenbauer - Keith Fiske - Kevin Bloch - Kha Nguyen - Kim Rose Carlsen - Konstantin Knizhnik - Kuntal Ghosh - Kyle Samson - Kyotaro Horiguchi - Lætitia Avrot - Lars Kanis - Laurenz Albe - Leonardo Cecchi - Liudmila Mantrova - Lixian Zou - Lloyd Albin - Luca Ferrari - Lucas Fairchild - Lukas Eder - Lukas Fittl - Magnus Hagander - Mai Peng - Maksim Milyutin - Maksym Boguk - Mansur Galiev - Marc Dilger - Marco Nenciarini - Marina Polyakova - Mario de Frutos Dieguez - Mark Cave-Ayland - Mark Dilger - Mark Wood - Marko Tiikkaja - Markus Winand - Martín Marqués - Masahiko Sawada - Matheus Oliveira - Matthew Stickney - Metin Doslu - Michael Banck - Michael Meskes - Michael Paquier - Michail Nikolaev - Mike Blackwell - Minh-Quan Tran - Mithun Cy - Morgan Owens - Nathan Bossart - Nathan Wagner - Neil Conway - Nick Barnes - Nicolas Thauvin - Nikhil Sontakke - Nikita Glukhov - Nikolay Shaplov - Noah Misch - Noriyoshi Shinoda - Oleg Bartunov - Oleg Samoilov - Oliver Ford - Pan Bian - Pascal Legrand - Patrick Hemmer - Patrick Krecker - Paul Bonaud - Paul Guo - Paul Ramsey - Pavan Deolasee - Pavan Maddamsetti - Pavel Golub - Pavel Stehule - Peter Eisentraut - Peter Geoghegan - Petr Jelínek - Petru-Florin Mihancea - Phil Florent - Philippe Beaudoin - Pierre Ducroquet - Piotr Stefaniak - Prabhat Sahu - Pu Qun - QL Zhuo - Rafia Sabih - Rahila Syed - Rainer Orth - Rajkumar Raghuwanshi - Raúl Marín Rodríguez - Regina Obe - Richard Yen - Robert Haas - Robins Tharakan - Rod Taylor - Rushabh Lathia - Ryan Murphy - Sahap Asci - Samuel Horwitz - Scott Ure - Sean Johnston - Shao Bret - Shay Rojansky - Shubham Barai - Simon Riggs - Simone Gotti - Sivasubramanian Ramasubramanian - Stas Kelvich - Stefan Kaltenbrunner - Stephen Froehlich - Stephen Frost - Steve Singer - Steven Winfield - Sven Kunze - Taiki Kondo - Takayuki Tsunakawa - Takeshi Ideriha - Tatsuo Ishii - Tatsuro Yamada - Teodor Sigaev - Thom Brown - Thomas Kellerer - Thomas Munro - Thomas Reiss - Tobias Bussmann - Todd A. Cook - Tom Kazimiers - Tom Lane - Tomas Vondra - Tomonari Katsumata - Torsten Grust - Tushar Ahuja - Vaishnavi Prabakaran - Vasundhar Boddapati - Victor Drobny - Victor Wagner - Victor Yegorov - Vik Fearing - Vinayak Pokale - Vincent Lachenal - Vitaliy Garnashevich - Vitaly Burovoy - Vladimir Baranoff - Xin Zhang - Yi Wen Wong - Yorick Peterse - Yugo Nagata - Yuqi Gu - Yura Sokolov - Yves Goergen - Zhou Digoal - - - - diff --git a/doc/src/sgml/release-12.sgml b/doc/src/sgml/release-12.sgml index b06fef287d..348f0f5825 100644 --- a/doc/src/sgml/release-12.sgml +++ b/doc/src/sgml/release-12.sgml @@ -4,8 +4,14 @@ Release 12 - JIT is enabled by default in this release. It was disabled by - default in PG 11, so we document is enablement here. + + This is just a placeholder for now. Actual notes will appear + after feature freeze. + + + + JIT is enabled by default in this release. It was disabled by + default in PG 11, so we should document its enablement here. diff --git a/doc/src/sgml/release-7.4.sgml b/doc/src/sgml/release-7.4.sgml deleted file mode 100644 index a67945a42b..0000000000 --- a/doc/src/sgml/release-7.4.sgml +++ /dev/null @@ -1,4622 +0,0 @@ - - - - - Release 7.4.30 - - - Release date: - 2010-10-04 - - - - This release contains a variety of fixes from 7.4.29. - For information about new features in the 7.4 major release, see - . - - - - This is expected to be the last PostgreSQL release - in the 7.4.X series. Users are encouraged to update to a newer - release branch soon. - - - - Migration to Version 7.4.30 - - - A dump/restore is not required for those running 7.4.X. - However, if you are upgrading from a version earlier than 7.4.26, - see . - - - - - - Changes - - - - - - Use a separate interpreter for each calling SQL userid in PL/Perl and - PL/Tcl (Tom Lane) - - - - This change prevents security problems that can be caused by subverting - Perl or Tcl code that will be executed later in the same session under - another SQL user identity (for example, within a SECURITY - DEFINER function). Most scripting languages offer numerous ways that - that might be done, such as redefining standard functions or operators - called by the target function. Without this change, any SQL user with - Perl or Tcl language usage rights can do essentially anything with the - SQL privileges of the target function's owner. - - - - The cost of this change is that intentional communication among Perl - and Tcl functions becomes more difficult. To provide an escape hatch, - PL/PerlU and PL/TclU functions continue to use only one interpreter - per session. This is not considered a security issue since all such - functions execute at the trust level of a database superuser already. - - - - It is likely that third-party procedural languages that claim to offer - trusted execution have similar security issues. We advise contacting - the authors of any PL you are depending on for security-critical - purposes. - - - - Our thanks to Tim Bunce for pointing out this issue (CVE-2010-3433). - - - - - - Prevent possible crashes in pg_get_expr() by disallowing - it from being called with an argument that is not one of the system - catalog columns it's intended to be used with - (Heikki Linnakangas, Tom Lane) - - - - - - Fix cannot handle unplanned sub-select error (Tom Lane) - - - - This occurred when a sub-select contains a join alias reference that - expands into an expression containing another sub-select. - - - - - - Take care to fsync the contents of lockfiles (both - postmaster.pid and the socket lockfile) while writing them - (Tom Lane) - - - - This omission could result in corrupted lockfile contents if the - machine crashes shortly after postmaster start. That could in turn - prevent subsequent attempts to start the postmaster from succeeding, - until the lockfile is manually removed. - - - - - - Improve contrib/dblink's handling of tables containing - dropped columns (Tom Lane) - - - - - - Fix connection leak after duplicate connection name - errors in contrib/dblink (Itagaki Takahiro) - - - - - - Update build infrastructure and documentation to reflect the source code - repository's move from CVS to Git (Magnus Hagander and others) - - - - - - - - - - Release 7.4.29 - - - Release date: - 2010-05-17 - - - - This release contains a variety of fixes from 7.4.28. - For information about new features in the 7.4 major release, see - . - - - - The PostgreSQL community will stop releasing updates - for the 7.4.X release series in July 2010. - Users are encouraged to update to a newer release branch soon. - - - - Migration to Version 7.4.29 - - - A dump/restore is not required for those running 7.4.X. - However, if you are upgrading from a version earlier than 7.4.26, - see . - - - - - - Changes - - - - - - Enforce restrictions in plperl using an opmask applied to - the whole interpreter, instead of using Safe.pm - (Tim Bunce, Andrew Dunstan) - - - - Recent developments have convinced us that Safe.pm is too - insecure to rely on for making plperl trustable. This - change removes use of Safe.pm altogether, in favor of using - a separate interpreter with an opcode mask that is always applied. - Pleasant side effects of the change include that it is now possible to - use Perl's strict pragma in a natural way in - plperl, and that Perl's $a and $b - variables work as expected in sort routines, and that function - compilation is significantly faster. (CVE-2010-1169) - - - - - - Prevent PL/Tcl from executing untrustworthy code from - pltcl_modules (Tom) - - - - PL/Tcl's feature for autoloading Tcl code from a database table - could be exploited for trojan-horse attacks, because there was no - restriction on who could create or insert into that table. This change - disables the feature unless pltcl_modules is owned by a - superuser. (However, the permissions on the table are not checked, so - installations that really need a less-than-secure modules table can - still grant suitable privileges to trusted non-superusers.) Also, - prevent loading code into the unrestricted normal Tcl - interpreter unless we are really going to execute a pltclu - function. (CVE-2010-1170) - - - - - - Do not allow an unprivileged user to reset superuser-only parameter - settings (Alvaro) - - - - Previously, if an unprivileged user ran ALTER USER ... RESET - ALL for himself, or ALTER DATABASE ... RESET ALL for - a database he owns, this would remove all special parameter settings - for the user or database, even ones that are only supposed to be - changeable by a superuser. Now, the ALTER will only - remove the parameters that the user has permission to change. - - - - - - Avoid possible crash during backend shutdown if shutdown occurs - when a CONTEXT addition would be made to log entries (Tom) - - - - In some cases the context-printing function would fail because the - current transaction had already been rolled back when it came time - to print a log message. - - - - - - Update PL/Perl's ppport.h for modern Perl versions - (Andrew) - - - - - - Fix assorted memory leaks in PL/Python (Andreas Freund, Tom) - - - - - - Ensure that contrib/pgstattuple functions respond to cancel - interrupts promptly (Tatsuhito Kasahara) - - - - - - Make server startup deal properly with the case that - shmget() returns EINVAL for an existing - shared memory segment (Tom) - - - - This behavior has been observed on BSD-derived kernels including macOS. - It resulted in an entirely-misleading startup failure complaining that - the shared memory request size was too large. - - - - - - - - - - Release 7.4.28 - - - Release date: - 2010-03-15 - - - - This release contains a variety of fixes from 7.4.27. - For information about new features in the 7.4 major release, see - . - - - - The PostgreSQL community will stop releasing updates - for the 7.4.X release series in July 2010. - Users are encouraged to update to a newer release branch soon. - - - - Migration to Version 7.4.28 - - - A dump/restore is not required for those running 7.4.X. - However, if you are upgrading from a version earlier than 7.4.26, - see . - - - - - - Changes - - - - - - Add new configuration parameter ssl_renegotiation_limit to - control how often we do session key renegotiation for an SSL connection - (Magnus) - - - - This can be set to zero to disable renegotiation completely, which may - be required if a broken SSL library is used. In particular, some - vendors are shipping stopgap patches for CVE-2009-3555 that cause - renegotiation attempts to fail. - - - - - - Make substring() for bit types treat any negative - length as meaning all the rest of the string (Tom) - - - - The previous coding treated only -1 that way, and would produce an - invalid result value for other negative values, possibly leading to - a crash (CVE-2010-0442). - - - - - - Fix some cases of pathologically slow regular expression matching (Tom) - - - - - - When reading pg_hba.conf and related files, do not treat - @something as a file inclusion request if the @ - appears inside quote marks; also, never treat @ by itself - as a file inclusion request (Tom) - - - - This prevents erratic behavior if a role or database name starts with - @. If you need to include a file whose path name - contains spaces, you can still do so, but you must write - @"/path to/file" rather than putting the quotes around - the whole construct. - - - - - - Prevent infinite loop on some platforms if a directory is named as - an inclusion target in pg_hba.conf and related files - (Tom) - - - - - - Ensure PL/Tcl initializes the Tcl interpreter fully (Tom) - - - - The only known symptom of this oversight is that the Tcl - clock command misbehaves if using Tcl 8.5 or later. - - - - - - Prevent crash in contrib/dblink when too many key - columns are specified to a dblink_build_sql_* function - (Rushabh Lathia, Joe Conway) - - - - - - - - - - Release 7.4.27 - - - Release date: - 2009-12-14 - - - - This release contains a variety of fixes from 7.4.26. - For information about new features in the 7.4 major release, see - . - - - - Migration to Version 7.4.27 - - - A dump/restore is not required for those running 7.4.X. - However, if you are upgrading from a version earlier than 7.4.26, - see . - - - - - - Changes - - - - - - Protect against indirect security threats caused by index functions - changing session-local state (Gurjeet Singh, Tom) - - - - This change prevents allegedly-immutable index functions from possibly - subverting a superuser's session (CVE-2009-4136). - - - - - - Reject SSL certificates containing an embedded null byte in the common - name (CN) field (Magnus) - - - - This prevents unintended matching of a certificate to a server or client - name during SSL validation (CVE-2009-4034). - - - - - - Fix possible crash during backend-startup-time cache initialization (Tom) - - - - - - Prevent signals from interrupting VACUUM at unsafe times - (Alvaro) - - - - This fix prevents a PANIC if a VACUUM FULL is canceled - after it's already committed its tuple movements, as well as transient - errors if a plain VACUUM is interrupted after having - truncated the table. - - - - - - Fix possible crash due to integer overflow in hash table size - calculation (Tom) - - - - This could occur with extremely large planner estimates for the size of - a hashjoin's result. - - - - - - Fix very rare crash in inet/cidr comparisons (Chris - Mikkelson) - - - - - - Fix PAM password processing to be more robust (Tom) - - - - The previous code is known to fail with the combination of the Linux - pam_krb5 PAM module with Microsoft Active Directory as the - domain controller. It might have problems elsewhere too, since it was - making unjustified assumptions about what arguments the PAM stack would - pass to it. - - - - - - Make the postmaster ignore any application_name parameter in - connection request packets, to improve compatibility with future libpq - versions (Tom) - - - - - - - - - - Release 7.4.26 - - - Release date: - 2009-09-09 - - - - This release contains a variety of fixes from 7.4.25. - For information about new features in the 7.4 major release, see - . - - - - Migration to Version 7.4.26 - - - A dump/restore is not required for those running 7.4.X. - However, if you have any hash indexes on interval columns, - you must REINDEX them after updating to 7.4.26. - Also, if you are upgrading from a version earlier than 7.4.11, - see . - - - - - - Changes - - - - - - Disallow RESET ROLE and RESET SESSION - AUTHORIZATION inside security-definer functions (Tom, Heikki) - - - - This covers a case that was missed in the previous patch that - disallowed SET ROLE and SET SESSION - AUTHORIZATION inside security-definer functions. - (See CVE-2007-6600) - - - - - - Fix handling of sub-SELECTs appearing in the arguments of - an outer-level aggregate function (Tom) - - - - - - Fix hash calculation for data type interval (Tom) - - - - This corrects wrong results for hash joins on interval values. - It also changes the contents of hash indexes on interval columns. - If you have any such indexes, you must REINDEX them - after updating. - - - - - - Fix overflow for INTERVAL 'x ms' - when x is more than 2 million and integer - datetimes are in use (Alex Hunsaker) - - - - - - Fix calculation of distance between a point and a line segment (Tom) - - - - This led to incorrect results from a number of geometric operators. - - - - - - Fix money data type to work in locales where currency - amounts have no fractional digits, e.g. Japan (Itagaki Takahiro) - - - - - - Properly round datetime input like - 00:12:57.9999999999999999999999999999 (Tom) - - - - - - Fix poor choice of page split point in GiST R-tree operator classes - (Teodor) - - - - - - Fix portability issues in plperl initialization (Andrew Dunstan) - - - - - - Improve robustness of libpq's code to recover - from errors during COPY FROM STDIN (Tom) - - - - - - Avoid including conflicting readline and editline header files - when both libraries are installed (Zdenek Kotala) - - - - - - - - - - Release 7.4.25 - - - Release date: - 2009-03-16 - - - - This release contains a variety of fixes from 7.4.24. - For information about new features in the 7.4 major release, see - . - - - - Migration to Version 7.4.25 - - - A dump/restore is not required for those running 7.4.X. - However, if you are upgrading from a version earlier than 7.4.11, - see . - - - - - - Changes - - - - - - Prevent error recursion crashes when encoding conversion fails (Tom) - - - - This change extends fixes made in the last two minor releases for - related failure scenarios. The previous fixes were narrowly tailored - for the original problem reports, but we have now recognized that - any error thrown by an encoding conversion function could - potentially lead to infinite recursion while trying to report the - error. The solution therefore is to disable translation and encoding - conversion and report the plain-ASCII form of any error message, - if we find we have gotten into a recursive error reporting situation. - (CVE-2009-0922) - - - - - - Disallow CREATE CONVERSION with the wrong encodings - for the specified conversion function (Heikki) - - - - This prevents one possible scenario for encoding conversion failure. - The previous change is a backstop to guard against other kinds of - failures in the same area. - - - - - - Fix core dump when to_char() is given format codes that - are inappropriate for the type of the data argument (Tom) - - - - - - Add MUST (Mauritius Island Summer Time) to the default list - of known timezone abbreviations (Xavier Bugaud) - - - - - - - - - - Release 7.4.24 - - - Release date: - 2009-02-02 - - - - This release contains a variety of fixes from 7.4.23. - For information about new features in the 7.4 major release, see - . - - - - Migration to Version 7.4.24 - - - A dump/restore is not required for those running 7.4.X. - However, if you are upgrading from a version earlier than 7.4.11, - see . - - - - - - Changes - - - - - - Improve handling of URLs in headline() function (Teodor) - - - - - - Improve handling of overlength headlines in headline() - function (Teodor) - - - - - - Prevent possible Assert failure or misconversion if an encoding - conversion is created with the wrong conversion function for the - specified pair of encodings (Tom, Heikki) - - - - - - Avoid unnecessary locking of small tables in VACUUM - (Heikki) - - - - - - Fix uninitialized variables in contrib/tsearch2's - get_covers() function (Teodor) - - - - - - Fix bug in to_char()'s handling of TH - format codes (Andreas Scherbaum) - - - - - - Make all documentation reference pgsql-bugs and/or - pgsql-hackers as appropriate, instead of the - now-decommissioned pgsql-ports and pgsql-patches - mailing lists (Tom) - - - - - - - - - - Release 7.4.23 - - - Release date: - 2008-11-03 - - - - This release contains a variety of fixes from 7.4.22. - For information about new features in the 7.4 major release, see - . - - - - Migration to Version 7.4.23 - - - A dump/restore is not required for those running 7.4.X. - However, if you are upgrading from a version earlier than 7.4.11, - see . - - - - - - Changes - - - - - - Fix backend crash when the client encoding cannot represent a localized - error message (Tom) - - - - We have addressed similar issues before, but it would still fail if - the character has no equivalent message itself couldn't - be converted. The fix is to disable localization and send the plain - ASCII error message when we detect such a situation. - - - - - - Fix incorrect tsearch2 headline generation when single query - item matches first word of text (Sushant Sinha) - - - - - - Fix improper display of fractional seconds in interval values when - using a non-ISO datestyle in an - build (Ron Mayer) - - - - - - Ensure SPI_getvalue and SPI_getbinval - behave correctly when the passed tuple and tuple descriptor have - different numbers of columns (Tom) - - - - This situation is normal when a table has had columns added or removed, - but these two functions didn't handle it properly. - The only likely consequence is an incorrect error indication. - - - - - - Fix ecpg's parsing of CREATE USER (Michael) - - - - - - - - - - Release 7.4.22 - - - Release date: - 2008-09-22 - - - - This release contains a variety of fixes from 7.4.21. - For information about new features in the 7.4 major release, see - . - - - - Migration to Version 7.4.22 - - - A dump/restore is not required for those running 7.4.X. - However, if you are upgrading from a version earlier than 7.4.11, - see . - - - - - - Changes - - - - - - Fix datetime input functions to correctly detect integer overflow when - running on a 64-bit platform (Tom) - - - - - - Improve performance of writing very long log messages to syslog (Tom) - - - - - - Fix bug in backwards scanning of a cursor on a SELECT DISTINCT - ON query (Tom) - - - - - - Fix planner to estimate that GROUP BY expressions yielding - boolean results always result in two groups, regardless of the - expressions' contents (Tom) - - - - This is very substantially more accurate than the regular GROUP - BY estimate for certain boolean tests like col - IS NULL. - - - - - - Improve pg_dump and pg_restore's - error reporting after failure to send a SQL command (Tom) - - - - - - - - - - Release 7.4.21 - - - Release date: - 2008-06-12 - - - - This release contains one serious bug fix over 7.4.20. - For information about new features in the 7.4 major release, see - . - - - - Migration to Version 7.4.21 - - - A dump/restore is not required for those running 7.4.X. - However, if you are upgrading from a version earlier than 7.4.11, - see . - - - - - - Changes - - - - - - Make pg_get_ruledef() parenthesize negative constants (Tom) - - - - Before this fix, a negative constant in a view or rule might be dumped - as, say, -42::integer, which is subtly incorrect: it should - be (-42)::integer due to operator precedence rules. - Usually this would make little difference, but it could interact with - another recent patch to cause - PostgreSQL to reject what had been a valid - SELECT DISTINCT view query. Since this could result in - pg_dump output failing to reload, it is being treated - as a high-priority fix. The only released versions in which dump - output is actually incorrect are 8.3.1 and 8.2.7. - - - - - - - - - - Release 7.4.20 - - - Release date: - never released - - - - This release contains a variety of fixes from 7.4.19. - For information about new features in the 7.4 major release, see - . - - - - Migration to Version 7.4.20 - - - A dump/restore is not required for those running 7.4.X. - However, if you are upgrading from a version earlier than 7.4.11, - see . - - - - - - Changes - - - - - - Fix conversions between ISO-8859-5 and other encodings to handle - Cyrillic Yo characters (e and E with - two dots) (Sergey Burladyan) - - - - - - Fix a few datatype input functions - that were allowing unused bytes in their results to contain - uninitialized, unpredictable values (Tom) - - - - This could lead to failures in which two apparently identical literal - values were not seen as equal, resulting in the parser complaining - about unmatched ORDER BY and DISTINCT - expressions. - - - - - - Fix a corner case in regular-expression substring matching - (substring(string from - pattern)) (Tom) - - - - The problem occurs when there is a match to the pattern overall but - the user has specified a parenthesized subexpression and that - subexpression hasn't got a match. An example is - substring('foo' from 'foo(bar)?'). - This should return NULL, since (bar) isn't matched, but - it was mistakenly returning the whole-pattern match instead (ie, - foo). - - - - - - Fix incorrect result from ecpg's - PGTYPEStimestamp_sub() function (Michael) - - - - - - Fix DatumGetBool macro to not fail with gcc - 4.3 (Tom) - - - - This problem affects old style (V0) C functions that - return boolean. The fix is already in 8.3, but the need to - back-patch it was not realized at the time. - - - - - - Fix longstanding LISTEN/NOTIFY - race condition (Tom) - - - - In rare cases a session that had just executed a - LISTEN might not get a notification, even though - one would be expected because the concurrent transaction executing - NOTIFY was observed to commit later. - - - - A side effect of the fix is that a transaction that has executed - a not-yet-committed LISTEN command will not see any - row in pg_listener for the LISTEN, - should it choose to look; formerly it would have. This behavior - was never documented one way or the other, but it is possible that - some applications depend on the old behavior. - - - - - - Fix display of constant expressions in ORDER BY - and GROUP BY (Tom) - - - - An explicitly casted constant would be shown incorrectly. This could - for example lead to corruption of a view definition during - dump and reload. - - - - - - Fix libpq to handle NOTICE messages correctly - during COPY OUT (Tom) - - - - This failure has only been observed to occur when a user-defined - datatype's output routine issues a NOTICE, but there is no - guarantee it couldn't happen due to other causes. - - - - - - - - - - Release 7.4.19 - - - Release date: - 2008-01-07 - - - - This release contains a variety of fixes from 7.4.18, - including fixes for significant security issues. - For information about new features in the 7.4 major release, see - . - - - - Migration to Version 7.4.19 - - - A dump/restore is not required for those running 7.4.X. However, - if you are upgrading from a version earlier than 7.4.11, - see . - - - - - - Changes - - - - - - Prevent functions in indexes from executing with the privileges of - the user running VACUUM, ANALYZE, etc (Tom) - - - - Functions used in index expressions and partial-index - predicates are evaluated whenever a new table entry is made. It has - long been understood that this poses a risk of trojan-horse code - execution if one modifies a table owned by an untrustworthy user. - (Note that triggers, defaults, check constraints, etc. pose the - same type of risk.) But functions in indexes pose extra danger - because they will be executed by routine maintenance operations - such as VACUUM FULL, which are commonly performed - automatically under a superuser account. For example, a nefarious user - can execute code with superuser privileges by setting up a - trojan-horse index definition and waiting for the next routine vacuum. - The fix arranges for standard maintenance operations - (including VACUUM, ANALYZE, REINDEX, - and CLUSTER) to execute as the table owner rather than - the calling user, using the same privilege-switching mechanism already - used for SECURITY DEFINER functions. To prevent bypassing - this security measure, execution of SET SESSION - AUTHORIZATION and SET ROLE is now forbidden within a - SECURITY DEFINER context. (CVE-2007-6600) - - - - - - Repair assorted bugs in the regular-expression package (Tom, Will Drewry) - - - - Suitably crafted regular-expression patterns could cause crashes, - infinite or near-infinite looping, and/or massive memory consumption, - all of which pose denial-of-service hazards for applications that - accept regex search patterns from untrustworthy sources. - (CVE-2007-4769, CVE-2007-4772, CVE-2007-6067) - - - - - - Require non-superusers who use /contrib/dblink to use only - password authentication, as a security measure (Joe) - - - - The fix that appeared for this in 7.4.18 was incomplete, as it plugged - the hole for only some dblink functions. (CVE-2007-6601, - CVE-2007-3278) - - - - - - Fix planner failure in some cases of WHERE false AND var IN - (SELECT ...) (Tom) - - - - - - Fix potential crash in translate() when using a multibyte - database encoding (Tom) - - - - - - Fix PL/Python to not crash on long exception messages (Alvaro) - - - - - - ecpg parser fixes (Michael) - - - - - - Make contrib/tablefunc's crosstab() handle - NULL rowid as a category in its own right, rather than crashing (Joe) - - - - - - Fix tsvector and tsquery output routines to - escape backslashes correctly (Teodor, Bruce) - - - - - - Fix crash of to_tsvector() on huge input strings (Teodor) - - - - - - Require a specific version of Autoconf to be used - when re-generating the configure script (Peter) - - - - This affects developers and packagers only. The change was made - to prevent accidental use of untested combinations of - Autoconf and PostgreSQL versions. - You can remove the version check if you really want to use a - different Autoconf version, but it's - your responsibility whether the result works or not. - - - - - - - - - - Release 7.4.18 - - - Release date: - 2007-09-17 - - - - This release contains fixes from 7.4.17. - For information about new features in the 7.4 major release, see - . - - - - Migration to Version 7.4.18 - - - A dump/restore is not required for those running 7.4.X. However, - if you are upgrading from a version earlier than 7.4.11, - see . - - - - - - Changes - - - - - - Prevent index corruption when a transaction inserts rows and - then aborts close to the end of a concurrent VACUUM - on the same table (Tom) - - - - - - Make CREATE DOMAIN ... DEFAULT NULL work properly (Tom) - - - - - - Fix excessive logging of SSL error messages (Tom) - - - - - - Fix crash when log_min_error_statement logging runs out - of memory (Tom) - - - - - - Prevent CLUSTER from failing - due to attempting to process temporary tables of other sessions (Alvaro) - - - - - - Require non-superusers who use /contrib/dblink to use only - password authentication, as a security measure (Joe) - - - - - - - - - - Release 7.4.17 - - - Release date: - 2007-04-23 - - - - This release contains fixes from 7.4.16, - including a security fix. - For information about new features in the 7.4 major release, see - . - - - - Migration to Version 7.4.17 - - - A dump/restore is not required for those running 7.4.X. However, - if you are upgrading from a version earlier than 7.4.11, - see . - - - - - - Changes - - - - - - Support explicit placement of the temporary-table schema within - search_path, and disable searching it for functions - and operators (Tom) - - - This is needed to allow a security-definer function to set a - truly secure value of search_path. Without it, - an unprivileged SQL user can use temporary objects to execute code - with the privileges of the security-definer function (CVE-2007-2138). - See CREATE FUNCTION for more information. - - - - - - /contrib/tsearch2 crash fixes (Teodor) - - - - - - Fix potential-data-corruption bug in how VACUUM FULL handles - UPDATE chains (Tom, Pavan Deolasee) - - - - - - Fix PANIC during enlargement of a hash index (bug introduced in 7.4.15) - (Tom) - - - - - - - - - - Release 7.4.16 - - - Release date: - 2007-02-05 - - - - This release contains a variety of fixes from 7.4.15, including - a security fix. - For information about new features in the 7.4 major release, see - . - - - - Migration to Version 7.4.16 - - - A dump/restore is not required for those running 7.4.X. However, - if you are upgrading from a version earlier than 7.4.11, - see . - - - - - - Changes - - - - - - Remove security vulnerability that allowed connected users - to read backend memory (Tom) - - - The vulnerability involves suppressing the normal check that a SQL - function returns the data type it's declared to, or changing the - data type of a table column used in a SQL function (CVE-2007-0555). - This error can easily be exploited to cause a backend crash, and in - principle might be used to read database content that the user - should not be able to access. - - - - - - Fix rare bug wherein btree index page splits could fail - due to choosing an infeasible split point (Heikki Linnakangas) - - - - - - Fix for rare Assert() crash triggered by UNION (Tom) - - - - - - Tighten security of multi-byte character processing for UTF8 sequences - over three bytes long (Tom) - - - - - - - - - - Release 7.4.15 - - - Release date: - 2007-01-08 - - - - This release contains a variety of fixes from 7.4.14. - For information about new features in the 7.4 major release, see - . - - - - Migration to Version 7.4.15 - - - A dump/restore is not required for those running 7.4.X. However, - if you are upgrading from a version earlier than 7.4.11, - see . - - - - - - Changes - - - - - - Improve handling of getaddrinfo() on AIX (Tom) - - - - This fixes a problem with starting the statistics collector, - among other things. - - - - - - Fix failed to re-find parent key errors in - VACUUM (Tom) - - - - - - Fix bugs affecting multi-gigabyte hash indexes (Tom) - - - - - - Fix error when constructing an ARRAY[] made up of multiple - empty elements (Tom) - - - - - - to_number() and to_char(numeric) - are now STABLE, not IMMUTABLE, for - new initdb installs (Tom) - - - - This is because lc_numeric can potentially - change the output of these functions. - - - - - - Improve index usage of regular expressions that use parentheses (Tom) - - - - This improves psql \d performance also. - - - - - - - - - - Release 7.4.14 - - - Release date: - 2006-10-16 - - - - This release contains a variety of fixes from 7.4.13. - For information about new features in the 7.4 major release, see - . - - - - Migration to Version 7.4.14 - - - A dump/restore is not required for those running 7.4.X. However, - if you are upgrading from a version earlier than 7.4.11, - see . - - - - - - Changes - - -Fix core dump when an untyped literal is taken as -ANYARRAY -Fix string_to_array() to handle overlapping - matches for the separator string -For example, string_to_array('123xx456xxx789', 'xx'). - -Fix corner cases in pattern matching for - psql's \d commands -Fix index-corrupting bugs in /contrib/ltree - (Teodor) -Fix backslash escaping in /contrib/dbmirror -Adjust regression tests for recent changes in US DST laws - - - - - - - - Release 7.4.13 - - - Release date: - 2006-05-23 - - - - This release contains a variety of fixes from 7.4.12, - including patches for extremely serious security issues. - For information about new features in the 7.4 major release, see - . - - - - Migration to Version 7.4.13 - - - A dump/restore is not required for those running 7.4.X. However, - if you are upgrading from a version earlier than 7.4.11, - see . - - - - Full security against the SQL-injection attacks described in - CVE-2006-2313 and CVE-2006-2314 might require changes in application - code. If you have applications that embed untrustworthy strings - into SQL commands, you should examine them as soon as possible to - ensure that they are using recommended escaping techniques. In - most cases, applications should be using subroutines provided by - libraries or drivers (such as libpq's - PQescapeStringConn()) to perform string escaping, - rather than relying on ad hoc code to do it. - - - - - Changes - - -Change the server to reject invalidly-encoded multibyte -characters in all cases (Tatsuo, Tom) -While PostgreSQL has been moving in this direction for -some time, the checks are now applied uniformly to all encodings and all -textual input, and are now always errors not merely warnings. This change -defends against SQL-injection attacks of the type described in CVE-2006-2313. - - -Reject unsafe uses of \' in string literals -As a server-side defense against SQL-injection attacks of the type -described in CVE-2006-2314, the server now only accepts '' and not -\' as a representation of ASCII single quote in SQL string -literals. By default, \' is rejected only when -client_encoding is set to a client-only encoding (SJIS, BIG5, GBK, -GB18030, or UHC), which is the scenario in which SQL injection is possible. -A new configuration parameter backslash_quote is available to -adjust this behavior when needed. Note that full security against -CVE-2006-2314 might require client-side changes; the purpose of -backslash_quote is in part to make it obvious that insecure -clients are insecure. - - -Modify libpq's string-escaping routines to be -aware of encoding considerations and -standard_conforming_strings -This fixes libpq-using applications for the security -issues described in CVE-2006-2313 and CVE-2006-2314, and also future-proofs -them against the planned changeover to SQL-standard string literal syntax. -Applications that use multiple PostgreSQL connections -concurrently should migrate to PQescapeStringConn() and -PQescapeByteaConn() to ensure that escaping is done correctly -for the settings in use in each database connection. Applications that -do string escaping by hand should be modified to rely on library -routines instead. - - -Fix some incorrect encoding conversion functions -win1251_to_iso, alt_to_iso, -euc_tw_to_big5, euc_tw_to_mic, -mic_to_euc_tw were all broken to varying -extents. - - -Clean up stray remaining uses of \' in strings -(Bruce, Jan) - -Fix bug that sometimes caused OR'd index scans to -miss rows they should have returned - -Fix WAL replay for case where a btree index has been -truncated - -Fix SIMILAR TO for patterns involving -| (Tom) - -Fix server to use custom DH SSL parameters correctly (Michael -Fuhr) - -Fix for Bonjour on Intel Macs (Ashley Clark) - -Fix various minor memory leaks - - - - - - - Release 7.4.12 - - - Release date: - 2006-02-14 - - - - This release contains a variety of fixes from 7.4.11. - For information about new features in the 7.4 major release, see - . - - - - Migration to Version 7.4.12 - - - A dump/restore is not required for those running 7.4.X. However, - if you are upgrading from a version earlier than 7.4.11, - see . - - - - - Changes - - - -Fix potential crash in SET -SESSION AUTHORIZATION (CVE-2006-0553) -An unprivileged user could crash the server process, resulting in -momentary denial of service to other users, if the server has been compiled -with Asserts enabled (which is not the default). -Thanks to Akio Ishida for reporting this problem. - - -Fix bug with row visibility logic in self-inserted -rows (Tom) -Under rare circumstances a row inserted by the current command -could be seen as already valid, when it should not be. Repairs bug -created in 7.4.9 and 7.3.11 releases. - - -Fix race condition that could lead to file already -exists errors during pg_clog file creation -(Tom) - -Properly check DOMAIN constraints for -UNKNOWN parameters in prepared statements -(Neil) - -Fix to allow restoring dumps that have cross-schema -references to custom operators (Tom) - -Portability fix for testing presence of finite -and isinf during configure (Tom) - - - - - - - - Release 7.4.11 - - - Release date: - 2006-01-09 - - - - This release contains a variety of fixes from 7.4.10. - For information about new features in the 7.4 major release, see - . - - - - Migration to Version 7.4.11 - - - A dump/restore is not required for those running 7.4.X. However, - if you are upgrading from a version earlier than 7.4.8, - see . - Also, you might need to REINDEX indexes on textual - columns after updating, if you are affected by the locale or - plperl issues described below. - - - - - Changes - - - -Fix for protocol-level Describe messages issued -outside a transaction or in a failed transaction (Tom) - -Fix character string comparison for locales that consider -different character combinations as equal, such as Hungarian (Tom) -This might require REINDEX to fix existing indexes on -textual columns. - -Set locale environment variables during postmaster startup -to ensure that plperl won't change the locale later -This fixes a problem that occurred if the postmaster was -started with environment variables specifying a different locale than what -initdb had been told. Under these conditions, any use of -plperl was likely to lead to corrupt indexes. You might need -REINDEX to fix existing indexes on -textual columns if this has happened to you. - -Fix longstanding bug in strpos() and regular expression -handling in certain rarely used Asian multi-byte character sets (Tatsuo) - - -Fix bug in /contrib/pgcrypto gen_salt, -which caused it not to use all available salt space for MD5 and -XDES algorithms (Marko Kreen, Solar Designer) -Salts for Blowfish and standard DES are unaffected. - -Fix /contrib/dblink to throw an error, -rather than crashing, when the number of columns specified is different from -what's actually returned by the query (Joe) - - - - - - - - Release 7.4.10 - - - Release date: - 2005-12-12 - - - - This release contains a variety of fixes from 7.4.9. - For information about new features in the 7.4 major release, see - . - - - - Migration to Version 7.4.10 - - - A dump/restore is not required for those running 7.4.X. However, - if you are upgrading from a version earlier than 7.4.8, - see . - - - - - Changes - - - -Fix race condition in transaction log management -There was a narrow window in which an I/O operation could be initiated -for the wrong page, leading to an Assert failure or data -corruption. - - -Prevent failure if client sends Bind protocol message -when current transaction is already aborted - -/contrib/ltree fixes (Teodor) - -AIX and HPUX compile fixes (Tom) - -Fix longstanding planning error for outer joins -This bug sometimes caused a bogus error RIGHT JOIN is -only supported with merge-joinable join conditions. - -Prevent core dump in pg_autovacuum when a -table has been dropped - - - - - - - Release 7.4.9 - - - Release date: - 2005-10-04 - - - - This release contains a variety of fixes from 7.4.8. - For information about new features in the 7.4 major release, see - . - - - - Migration to Version 7.4.9 - - - A dump/restore is not required for those running 7.4.X. However, - if you are upgrading from a version earlier than 7.4.8, - see . - - - - - Changes - - -Fix error that allowed VACUUM to remove -ctid chains too soon, and add more checking in code that follows -ctid links -This fixes a long-standing problem that could cause crashes in very rare -circumstances. -Fix CHAR() to properly pad spaces to the specified -length when using a multiple-byte character set (Yoshiyuki Asaba) -In prior releases, the padding of CHAR() was incorrect -because it only padded to the specified number of bytes without -considering how many characters were stored. -Fix the sense of the test for read-only transaction -in COPY -The code formerly prohibited COPY TO, where it should -prohibit COPY FROM. - -Fix planning problem with outer-join ON clauses that reference -only the inner-side relation -Further fixes for x FULL JOIN y ON true corner -cases -Make array_in and array_recv more -paranoid about validating their OID parameter -Fix missing rows in queries like UPDATE a=... WHERE -a... with GiST index on column a -Improve robustness of datetime parsing -Improve checking for partially-written WAL -pages -Improve robustness of signal handling when SSL is -enabled -Don't try to open more than max_files_per_process -files during postmaster startup -Various memory leakage fixes -Various portability improvements -Fix PL/pgSQL to handle var := var correctly when -the variable is of pass-by-reference type -Update contrib/tsearch2 to use current Snowball -code - - - - - - - Release 7.4.8 - - - Release date: - 2005-05-09 - - - - This release contains a variety of fixes from 7.4.7, including several - security-related issues. - For information about new features in the 7.4 major release, see - . - - - - Migration to Version 7.4.8 - - - A dump/restore is not required for those running 7.4.X. However, - it is one possible way of handling two significant security problems - that have been found in the initial contents of 7.4.X system - catalogs. A dump/initdb/reload sequence using 7.4.8's initdb will - automatically correct these problems. - - - - The larger security problem is that the built-in character set encoding - conversion functions can be invoked from SQL commands by unprivileged - users, but the functions were not designed for such use and are not - secure against malicious choices of arguments. The fix involves changing - the declared parameter list of these functions so that they can no longer - be invoked from SQL commands. (This does not affect their normal use - by the encoding conversion machinery.) - - - - The lesser problem is that the contrib/tsearch2 module - creates several functions that are misdeclared to return - internal when they do not accept internal arguments. - This breaks type safety for all functions using internal - arguments. - - - - It is strongly recommended that all installations repair these errors, - either by initdb or by following the manual repair procedures given - below. The errors at least allow unprivileged database users to crash - their server process, and might allow unprivileged users to gain the - privileges of a database superuser. - - - - If you wish not to do an initdb, perform the following procedures instead. - As the database superuser, do: - - -BEGIN; -UPDATE pg_proc SET proargtypes[3] = 'internal'::regtype -WHERE pronamespace = 11 AND pronargs = 5 - AND proargtypes[2] = 'cstring'::regtype; --- The command should report having updated 90 rows; --- if not, rollback and investigate instead of committing! -COMMIT; - - - Next, if you have installed contrib/tsearch2, do: - - -BEGIN; -UPDATE pg_proc SET proargtypes[0] = 'internal'::regtype -WHERE oid IN ( - 'dex_init(text)'::regprocedure, - 'snb_en_init(text)'::regprocedure, - 'snb_ru_init(text)'::regprocedure, - 'spell_init(text)'::regprocedure, - 'syn_init(text)'::regprocedure -); --- The command should report having updated 5 rows; --- if not, rollback and investigate instead of committing! -COMMIT; - - - If this command fails with a message like function - "dex_init(text)" does not exist, then either tsearch2 - is not installed in this database, or you already did the update. - - - - The above procedures must be carried out in each database - of an installation, including template1, and ideally - including template0 as well. If you do not fix the - template databases then any subsequently created databases will contain - the same errors. template1 can be fixed in the same way - as any other database, but fixing template0 requires - additional steps. First, from any database issue: - -UPDATE pg_database SET datallowconn = true WHERE datname = 'template0'; - - Next connect to template0 and perform the above repair - procedures. Finally, do: - --- re-freeze template0: -VACUUM FREEZE; --- and protect it against future alterations: -UPDATE pg_database SET datallowconn = false WHERE datname = 'template0'; - - - - - - Changes - - -Change encoding function signature to prevent -misuse -Change contrib/tsearch2 to avoid unsafe use of -INTERNAL function results -Repair ancient race condition that allowed a transaction to be -seen as committed for some purposes (eg SELECT FOR UPDATE) slightly sooner -than for other purposes -This is an extremely serious bug since it could lead to apparent -data inconsistencies being briefly visible to applications. -Repair race condition between relation extension and -VACUUM -This could theoretically have caused loss of a page's worth of -freshly-inserted data, although the scenario seems of very low probability. -There are no known cases of it having caused more than an Assert failure. - -Fix comparisons of TIME WITH TIME ZONE values - -The comparison code was wrong in the case where the ---enable-integer-datetimes configuration switch had been used. -NOTE: if you have an index on a TIME WITH TIME ZONE column, -it will need to be REINDEXed after installing this update, because -the fix corrects the sort order of column values. - -Fix EXTRACT(EPOCH) for -TIME WITH TIME ZONE values -Fix mis-display of negative fractional seconds in -INTERVAL values - -This error only occurred when the ---enable-integer-datetimes configuration switch had been used. - -Ensure operations done during backend shutdown are counted by -statistics collector - -This is expected to resolve reports of pg_autovacuum -not vacuuming the system catalogs often enough — it was not being -told about catalog deletions caused by temporary table removal during -backend exit. - -Additional buffer overrun checks in plpgsql -(Neil) -Fix pg_dump to dump trigger names containing % -correctly (Neil) -Fix contrib/pgcrypto for newer OpenSSL builds -(Marko Kreen) -Still more 64-bit fixes for -contrib/intagg -Prevent incorrect optimization of functions returning -RECORD -Prevent to_char(interval) from dumping core for -month-related formats -Prevent crash on COALESCE(NULL,NULL) -Fix array_map to call PL functions correctly -Fix permission checking in ALTER DATABASE RENAME -Fix ALTER LANGUAGE RENAME -Make RemoveFromWaitQueue clean up after itself - -This fixes a lock management error that would only be visible if a transaction -was kicked out of a wait for a lock (typically by query cancel) and then the -holder of the lock released it within a very narrow window. - -Fix problem with untyped parameter appearing in -INSERT ... SELECT -Fix CLUSTER failure after -ALTER TABLE SET WITHOUT OIDS - - - - - - - Release 7.4.7 - - - Release date: - 2005-01-31 - - - - This release contains a variety of fixes from 7.4.6, including several - security-related issues. - For information about new features in the 7.4 major release, see - . - - - - Migration to Version 7.4.7 - - - A dump/restore is not required for those running 7.4.X. - - - - - Changes - - -Disallow LOAD to non-superusers - -On platforms that will automatically execute initialization functions of a -shared library (this includes at least Windows and ELF-based Unixen), -LOAD can be used to make the server execute arbitrary code. -Thanks to NGS Software for reporting this. -Check that creator of an aggregate function has the right to -execute the specified transition functions - -This oversight made it possible to bypass denial of EXECUTE -permission on a function. -Fix security and 64-bit issues in -contrib/intagg -Add needed STRICT marking to some contrib functions (Kris -Jurka) -Avoid buffer overrun when plpgsql cursor declaration has too -many parameters (Neil) -Fix planning error for FULL and RIGHT outer joins - -The result of the join was mistakenly supposed to be sorted the same as the -left input. This could not only deliver mis-sorted output to the user, but -in case of nested merge joins could give outright wrong answers. - -Fix plperl for quote marks in tuple fields -Fix display of negative intervals in SQL and GERMAN -datestyles -Make age(timestamptz) do calculation in local timezone not -GMT - - - - - - - Release 7.4.6 - - - Release date: - 2004-10-22 - - - - This release contains a variety of fixes from 7.4.5. - For information about new features in the 7.4 major release, see - . - - - - - Migration to Version 7.4.6 - - - A dump/restore is not required for those running 7.4.X. - - - - - Changes - - -Repair possible failure to update hint bits on disk - -Under rare circumstances this oversight could lead to -could not access transaction status failures, which qualifies -it as a potential-data-loss bug. - -Ensure that hashed outer join does not miss tuples - -Very large left joins using a hash join plan could fail to output unmatched -left-side rows given just the right data distribution. - -Disallow running pg_ctl as root - -This is to guard against any possible security issues. - -Avoid using temp files in /tmp in make_oidjoins_check - -This has been reported as a security issue, though it's hardly worthy of -concern since there is no reason for non-developers to use this script anyway. - -Prevent forced backend shutdown from re-emitting prior command -result - -In rare cases, a client might think that its last command had succeeded when -it really had been aborted by forced database shutdown. - -Repair bug in pg_stat_get_backend_idset - -This could lead to misbehavior in some of the system-statistics views. - -Fix small memory leak in postmaster -Fix expected both swapped tables to have TOAST -tables bug - -This could arise in cases such as CLUSTER after ALTER TABLE DROP COLUMN. - -Prevent pg_ctl restart from adding -D multiple times -Fix problem with NULL values in GiST indexes -:: is no longer interpreted as a variable in an -ECPG prepare statement - - - - - - - Release 7.4.5 - - - Release date: - 2004-08-18 - - - - This release contains one serious bug fix over 7.4.4. - For information about new features in the 7.4 major release, see - . - - - - - Migration to Version 7.4.5 - - - A dump/restore is not required for those running 7.4.X. - - - - - Changes - - -Repair possible crash during concurrent B-tree index insertions - -This patch fixes a rare case in which concurrent insertions into a B-tree index -could result in a server panic. No permanent damage would result, but it's -still worth a re-release. The bug does not exist in pre-7.4 releases. - - - - - - - - Release 7.4.4 - - - Release date: - 2004-08-16 - - - - This release contains a variety of fixes from 7.4.3. - For information about new features in the 7.4 major release, see - . - - - - - Migration to Version 7.4.4 - - - A dump/restore is not required for those running 7.4.X. - - - - - Changes - - -Prevent possible loss of committed transactions during crash - -Due to insufficient interlocking between transaction commit and checkpointing, -it was possible for transactions committed just before the most recent -checkpoint to be lost, in whole or in part, following a database crash and -restart. This is a serious bug that has existed -since PostgreSQL 7.1. - -Check HAVING restriction before evaluating result list of an -aggregate plan -Avoid crash when session's current user ID is deleted -Fix hashed crosstab for zero-rows case (Joe) -Force cache update after renaming a column in a foreign key -Pretty-print UNION queries correctly -Make psql handle \r\n newlines properly in COPY IN -pg_dump handled ACLs with grant options incorrectly -Fix thread support for macOS and Solaris -Updated JDBC driver (build 215) with various fixes -ECPG fixes -Translation updates (various contributors) - - - - - - - Release 7.4.3 - - - Release date: - 2004-06-14 - - - - This release contains a variety of fixes from 7.4.2. - For information about new features in the 7.4 major release, see - . - - - - - Migration to Version 7.4.3 - - - A dump/restore is not required for those running 7.4.X. - - - - - Changes - - -Fix temporary memory leak when using non-hashed aggregates (Tom) -ECPG fixes, including some for Informix compatibility (Michael) -Fixes for compiling with thread-safety, particularly Solaris (Bruce) -Fix error in COPY IN termination when using the old network protocol (ljb) -Several important fixes in pg_autovacuum, including fixes for -large tables, unsigned oids, stability, temp tables, and debug mode -(Matthew T. O'Connor) -Fix problem with reading tar-format dumps on NetBSD and BSD/OS (Bruce) -Several JDBC fixes -Fix ALTER SEQUENCE RESTART where last_value equals the restart value (Tom) -Repair failure to recalculate nested sub-selects (Tom) -Fix problems with non-constant expressions in LIMIT/OFFSET -Support FULL JOIN with no join clause, such as X FULL JOIN Y ON TRUE (Tom) -Fix another zero-column table bug (Tom) -Improve handling of non-qualified identifiers in GROUP BY clauses in sub-selects (Tom) - -Select-list aliases within the sub-select will now take precedence over -names from outer query levels. - -Do not generate NATURAL CROSS JOIN when decompiling rules (Tom) -Add checks for invalid field length in binary COPY (Tom) - - This fixes a difficult-to-exploit security hole. - -Avoid locking conflict between ANALYZE and LISTEN/NOTIFY -Numerous translation updates (various contributors) - - - - - - - Release 7.4.2 - - - Release date: - 2004-03-08 - - - - This release contains a variety of fixes from 7.4.1. - For information about new features in the 7.4 major release, see - . - - - - - Migration to Version 7.4.2 - - - A dump/restore is not required for those running 7.4.X. However, - it might be advisable as the easiest method of incorporating fixes for - two errors that have been found in the initial contents of 7.4.X system - catalogs. A dump/initdb/reload sequence using 7.4.2's initdb will - automatically correct these problems. - - - - The more severe of the two errors is that data type anyarray - has the wrong alignment label; this is a problem because the - pg_statistic system catalog uses anyarray - columns. The mislabeling can cause planner misestimations and even - crashes when planning queries that involve WHERE clauses on - double-aligned columns (such as float8 and timestamp). - It is strongly recommended that all installations repair this error, - either by initdb or by following the manual repair procedure given - below. - - - - The lesser error is that the system view pg_settings - ought to be marked as having public update access, to allow - UPDATE pg_settings to be used as a substitute for - SET. This can also be fixed either by initdb or manually, - but it is not necessary to fix unless you want to use UPDATE - pg_settings. - - - - If you wish not to do an initdb, the following procedure will work - for fixing pg_statistic. As the database superuser, - do: - - --- clear out old data in pg_statistic: -DELETE FROM pg_statistic; -VACUUM pg_statistic; --- this should update 1 row: -UPDATE pg_type SET typalign = 'd' WHERE oid = 2277; --- this should update 6 rows: -UPDATE pg_attribute SET attalign = 'd' WHERE atttypid = 2277; --- --- At this point you MUST start a fresh backend to avoid a crash! --- --- repopulate pg_statistic: -ANALYZE; - - - This can be done in a live database, but beware that all backends - running in the altered database must be restarted before it is safe to - repopulate pg_statistic. - - - - To repair the pg_settings error, simply do: - -GRANT SELECT, UPDATE ON pg_settings TO PUBLIC; - - - - - The above procedures must be carried out in each database - of an installation, including template1, and ideally - including template0 as well. If you do not fix the - template databases then any subsequently created databases will contain - the same errors. template1 can be fixed in the same way - as any other database, but fixing template0 requires - additional steps. First, from any database issue: - -UPDATE pg_database SET datallowconn = true WHERE datname = 'template0'; - - Next connect to template0 and perform the above repair - procedures. Finally, do: - --- re-freeze template0: -VACUUM FREEZE; --- and protect it against future alterations: -UPDATE pg_database SET datallowconn = false WHERE datname = 'template0'; - - - - - - Changes - - - Release 7.4.2 incorporates all the fixes included in release 7.3.6, - plus the following fixes: - - - -Fix pg_statistic alignment bug that could crash optimizer -See above for details about this problem. -Allow non-super users to update pg_settings -Fix several optimizer bugs, most of which led to -variable not found in subplan target lists errors -Avoid out-of-memory failure during startup of large multiple -index scan -Fix multibyte problem that could lead to out of -memory error during COPY IN -Fix problems with SELECT INTO / CREATE -TABLE AS from tables without OIDs -Fix problems with alter_table regression test -during parallel testing -Fix problems with hitting open file limit, especially on macOS (Tom) -Partial fix for Turkish-locale issues -initdb will succeed now in Turkish locale, but there are still some -inconveniences associated with the i/I problem. -Make pg_dump set client encoding on restore -Other minor pg_dump fixes -Allow ecpg to again use C keywords as column names (Michael) -Added ecpg WHENEVER NOT_FOUND to -SELECT/INSERT/UPDATE/DELETE (Michael) -Fix ecpg crash for queries calling set-returning functions (Michael) -Various other ecpg fixes (Michael) -Fixes for Borland compiler -Thread build improvements (Bruce) -Various other build fixes -Various JDBC fixes - - - - - - - Release 7.4.1 - - - Release date: - 2003-12-22 - - - - This release contains a variety of fixes from 7.4. - For information about new features in the 7.4 major release, see - . - - - - - Migration to Version 7.4.1 - - - A dump/restore is not required for those - running 7.4. - - - - If you want to install the fixes in the information schema - you need to reload it into the database. - This is either accomplished by initializing a new cluster - by running initdb, or by running the following - sequence of SQL commands in each database (ideally including - template1) as a superuser in - psql, after installing the new release: - -DROP SCHEMA information_schema CASCADE; -\i /usr/local/pgsql/share/information_schema.sql - - Substitute your installation path in the second command. - - - - - - Changes - - -Fixed bug in CREATE SCHEMA parsing in ECPG (Michael) -Fix compile error when and are used together (Peter) -Fix for subqueries that used hash joins (Tom) - - Certain subqueries that used hash joins would crash because of - improperly shared structures. - -Fix free space map compaction bug (Tom) - - This fixes a bug where compaction of the free space map could lead - to a database server shutdown. - - -Fix for Borland compiler build of libpq (Bruce) -Fix netmask() and hostmask() to return the maximum-length masklen (Tom) - - Fix these functions to return values consistent with pre-7.4 - releases. - - -Several contrib/pg_autovacuum fixes - - Fixes include improper variable initialization, missing vacuum after - TRUNCATE, and duration computation overflow for long vacuums. - - -Allow compile of contrib/cube under Cygwin (Jason Tishler) -Fix Solaris use of password file when no passwords are defined (Tom) - - Fix crash on Solaris caused by use of any type of password - authentication when no passwords were defined. - - -JDBC fix for thread problems, other fixes -Fix for bytea index lookups (Joe) -Fix information schema for bit data types (Peter) -Force zero_damaged_pages to be on during recovery from WAL -Prevent some obscure cases of variable not in subplan target lists -Make PQescapeBytea and byteaout consistent with each other (Joe) -Escape bytea output for bytes > 0x7e(Joe) - - If different client encodings are used for bytea output and input, it - is possible for bytea values to be corrupted by the differing - encodings. This fix escapes all bytes that might be affected. - - -Added missing SPI_finish() calls to dblink's get_tuple_of_interest() (Joe) -New Czech FAQ -Fix information schema view constraint_column_usage for foreign keys (Peter) -ECPG fixes (Michael) -Fix bug with multiple IN subqueries and joins in the subqueries (Tom) -Allow COUNT('x') to work (Tom) -Install ECPG include files for Informix compatibility into separate directory (Peter) - - Some names of ECPG include files for Informix compatibility conflicted with operating system include files. - By installing them in their own directory, name conflicts have been reduced. - - -Fix SSL memory leak (Neil) - - This release fixes a bug in 7.4 where SSL didn't free all memory it allocated. - - -Prevent pg_service.conf from using service name as default dbname (Bruce) -Fix local ident authentication on FreeBSD (Tom) - - - - - - - Release 7.4 - - - Release date: - 2003-11-17 - - - - Overview - - - Major changes in this release: - - - - - - IN / NOT IN subqueries are - now much more efficient - - - - - In previous releases, IN/NOT - IN subqueries were joined to the upper query by - sequentially scanning the subquery looking for a match. The - 7.4 code uses the same sophisticated techniques used by - ordinary joins and so is much faster. An - IN will now usually be as fast as or faster - than an equivalent EXISTS subquery; this - reverses the conventional wisdom that applied to previous - releases. - - - - - - - Improved GROUP BY processing by using hash buckets - - - - - In previous releases, rows to be grouped had to be sorted - first. The 7.4 code can do GROUP BY - without sorting, by accumulating results into a hash table - with one entry per group. It will still use the sort - technique, however, if the hash table is estimated to be too - large to fit in sort_mem. - - - - - - - New multikey hash join capability - - - - - In previous releases, hash joins could only occur on single - keys. This release allows multicolumn hash joins. - - - - - - - Queries using the explicit JOIN syntax are - now better optimized - - - - - Prior releases evaluated queries using the explicit - JOIN syntax only in the order implied by - the syntax. 7.4 allows full optimization of these queries, - meaning the optimizer considers all possible join orderings - and chooses the most efficient. Outer joins, however, must - still follow the declared ordering. - - - - - - - Faster and more powerful regular expression code - - - - - The entire regular expression module has been replaced with a - new version by Henry Spencer, originally written for Tcl. The - code greatly improves performance and supports several flavors - of regular expressions. - - - - - - - Function-inlining for simple SQL functions - - - - - Simple SQL functions can now be inlined by including their SQL - in the main query. This improves performance by eliminating - per-call overhead. That means simple SQL functions now - behave like macros. - - - - - - - Full support for IPv6 connections and IPv6 address data types - - - - - Previous releases allowed only IPv4 connections, and the IP - data types only supported IPv4 addresses. This release adds - full IPv6 support in both of these areas. - - - - - - - Major improvements in SSL performance and reliability - - - - - Several people very familiar with the SSL API have overhauled - our SSL code to improve SSL key negotiation and error - recovery. - - - - - - - Make free space map efficiently reuse empty index pages, - and other free space management improvements - - - - - In previous releases, B-tree index pages that were left empty - because of deleted rows could only be reused by rows with - index values similar to the rows originally indexed on that - page. In 7.4, VACUUM records empty index - pages and allows them to be reused for any future index rows. - - - - - - - SQL-standard information schema - - - - - The information schema provides a standardized and stable way - to access information about the schema objects defined in a - database. - - - - - - - Cursors conform more closely to the SQL standard - - - - - The commands FETCH and - MOVE have been overhauled to conform more - closely to the SQL standard. - - - - - - - Cursors can exist outside transactions - - - - - These cursors are also called holdable cursors. - - - - - - - New client-to-server protocol - - - - - The new protocol adds error codes, more status information, - faster startup, better support for binary data transmission, - parameter values separated from SQL commands, prepared - statements available at the protocol level, and cleaner - recovery from COPY failures. The older - protocol is still supported by both server and clients. - - - - - - - libpq and - ECPG applications are now fully - thread-safe - - - - - While previous libpq releases - already supported threads, this release improves thread safety - by fixing some non-thread-safe code that was used during - database connection startup. The configure - option must be used to - enable this feature. - - - - - - - New version of full-text indexing - - - - - A new full-text indexing suite is available in - contrib/tsearch2. - - - - - - - New autovacuum tool - - - - - The new autovacuum tool in - contrib/autovacuum monitors the database - statistics tables for - INSERT/UPDATE/DELETE - activity and automatically vacuums tables when needed. - - - - - - - Array handling has been improved and moved into the server core - - - - - Many array limitations have been removed, and arrays behave - more like fully-supported data types. - - - - - - - - - Migration to Version 7.4 - - - A dump/restore using pg_dump is - required for those wishing to migrate data from any previous - release. - - - - Observe the following incompatibilities: - - - - - - The server-side autocommit setting was removed and - reimplemented in client applications and languages. - Server-side autocommit was causing too many problems with - languages and applications that wanted to control their own - autocommit behavior, so autocommit was removed from the server - and added to individual client APIs as appropriate. - - - - - - Error message wording has changed substantially in this - release. Significant effort was invested to make the messages - more consistent and user-oriented. If your applications try to - detect different error conditions by parsing the error message, - you are strongly encouraged to use the new error code facility instead. - - - - - - Inner joins using the explicit JOIN syntax - might behave differently because they are now better - optimized. - - - - - - A number of server configuration parameters have been renamed - for clarity, primarily those related to - logging. - - - - - - FETCH 0 or MOVE 0 now - does nothing. In prior releases, FETCH 0 - would fetch all remaining rows, and MOVE 0 - would move to the end of the cursor. - - - - - - FETCH and MOVE now return - the actual number of rows fetched/moved, or zero if at the - beginning/end of the cursor. Prior releases would return the - row count passed to the command, not the number of rows - actually fetched or moved. - - - - - - COPY now can process files that use - carriage-return or carriage-return/line-feed end-of-line - sequences. Literal carriage-returns and line-feeds are no - longer accepted in data values; use \r and - \n instead. - - - - - - Trailing spaces are now trimmed when converting from type - char(n) to - varchar(n) or text. - This is what most people always expected to happen anyway. - - - - - - The data type float(p) now - measures p in binary digits, not decimal - digits. The new behavior follows the SQL standard. - - - - - - Ambiguous date values now must match the ordering specified by - the datestyle setting. In prior releases, a - date specification of 10/20/03 was interpreted as a - date in October even if datestyle specified that - the day should be first. 7.4 will throw an error if a date - specification is invalid for the current setting of - datestyle. - - - - - - The functions oidrand, - oidsrand, and - userfntest have been removed. These - functions were determined to be no longer useful. - - - - - - String literals specifying time-varying date/time values, such - as 'now' or 'today' will - no longer work as expected in column default expressions; they - now cause the time of the table creation to be the default, not - the time of the insertion. Functions such as - now(), current_timestamp, or - current_date should be used instead. - - - - In previous releases, there was special code so that strings - such as 'now' were interpreted at - INSERT time and not at table creation time, but - this work around didn't cover all cases. Release 7.4 now - requires that defaults be defined properly using functions such - as now() or current_timestamp. These - will work in all situations. - - - - - - The dollar sign ($) is no longer allowed in - operator names. It can instead be a non-first character in - identifiers. This was done to improve compatibility with other - database systems, and to avoid syntax problems when parameter - placeholders ($n) are written - adjacent to operators. - - - - - - - - Changes - - - Below you will find a detailed account of the changes between - release 7.4 and the previous major release. - - - - Server Operation Changes - - - - - Allow IPv6 server connections (Nigel Kukard, Johan Jordaan, - Bruce, Tom, Kurt Roeckx, Andrew Dunstan) - - - - - - Fix SSL to handle errors cleanly (Nathan Mueller) - - - In prior releases, certain SSL API error reports were not - handled correctly. This release fixes those problems. - - - - - - SSL protocol security and performance improvements (Sean Chittenden) - - - SSL key renegotiation was happening too frequently, causing poor - SSL performance. Also, initial key handling was improved. - - - - - - Print lock information when a deadlock is detected (Tom) - - - This allows easier debugging of deadlock situations. - - - - - - Update /tmp socket modification times - regularly to avoid their removal (Tom) - - - This should help prevent /tmp directory - cleaner administration scripts from removing server socket - files. - - - - Enable PAM for macOS (Aaron Hillegass) - - - Make B-tree indexes fully WAL-safe (Tom) - - In prior releases, under certain rare cases, a server crash - could cause B-tree indexes to become corrupt. This release - removes those last few rare cases. - - - - Allow B-tree index compaction and empty page reuse (Tom) - - - - Fix inconsistent index lookups during split of first root page (Tom) - - - In prior releases, when a single-page index split into two - pages, there was a brief period when another database session - could miss seeing an index entry. This release fixes that rare - failure case. - - - - Improve free space map allocation logic (Tom) - - - Preserve free space information between server restarts (Tom) - - In prior releases, the free space map was not saved when the - postmaster was stopped, so newly started servers had no free - space information. This release saves the free space map, and - reloads it when the server is restarted. - - - - Add start time to pg_stat_activity (Neil) - New code to detect corrupt disk pages; erase with zero_damaged_pages (Tom) - New client/server protocol: faster, no username length limit, allow clean exit from COPY (Tom) - Add transaction status, table ID, column ID to client/server protocol (Tom) - Add binary I/O to client/server protocol (Tom) - Remove autocommit server setting; move to client applications (Tom) - New error message wording, error codes, and three levels of error detail (Tom, Joe, Peter) - - - - - Performance Improvements - - - Add hashing for GROUP BY aggregates (Tom) - Make nested-loop joins be smarter about multicolumn indexes (Tom) - Allow multikey hash joins (Tom) - Improve constant folding (Tom) - Add ability to inline simple SQL functions (Tom) - - - Reduce memory usage for queries using complex functions (Tom) - - In prior releases, functions returning allocated memory would - not free it until the query completed. This release allows the - freeing of function-allocated memory when the function call - completes, reducing the total memory used by functions. - - - - - Improve GEQO optimizer performance (Tom) - - This release fixes several inefficiencies in the way the GEQO optimizer - manages potential query paths. - - - - - - Allow IN/NOT IN to be handled via hash - tables (Tom) - - - - - - Improve NOT IN (subquery) - performance (Tom) - - - - - - Allow most IN subqueries to be processed as - joins (Tom) - - - - - - Pattern matching operations can use indexes regardless of - locale (Peter) - - - There is no way for non-ASCII locales to use the standard - indexes for LIKE comparisons. This release - adds a way to create a special index for - LIKE. - - - - - Allow the postmaster to preload libraries using preload_libraries (Joe) - - For shared libraries that require a long time to load, this - option is available so the library can be preloaded in the - postmaster and inherited by all database sessions. - - - - - - Improve optimizer cost computations, particularly for subqueries (Tom) - - - - - - Avoid sort when subquery ORDER BY matches upper query (Tom) - - - - - - Deduce that WHERE a.x = b.y AND b.y = 42 also - means a.x = 42 (Tom) - - - - - - Allow hash/merge joins on complex joins (Tom) - - - - - - Allow hash joins for more data types (Tom) - - - - - - Allow join optimization of explicit inner joins, disable with - join_collapse_limit (Tom) - - - - - - Add parameter from_collapse_limit to control - conversion of subqueries to joins (Tom) - - - - - - Use faster and more powerful regular expression code from Tcl - (Henry Spencer, Tom) - - - - - - Use bit-mapped relation sets in the optimizer (Tom) - - - - - Improve connection startup time (Tom) - - The new client/server protocol requires fewer network packets to - start a database session. - - - - - - Improve trigger/constraint performance (Stephan) - - - - - - Improve speed of col IN (const, const, const, ...) (Tom) - - - - - - Fix hash indexes which were broken in rare cases (Tom) - - - - Improve hash index concurrency and speed (Tom) - - Prior releases suffered from poor hash index performance, - particularly for high concurrency situations. This release fixes - that, and the development group is interested in reports - comparing B-tree and hash index performance. - - - - - Align shared buffers on 32-byte boundary for copy speed improvement (Manfred Spraul) - - Certain CPU's perform faster data copies when addresses are - 32-byte aligned. - - - - - Data type numeric reimplemented for better performance (Tom) - - numeric used to be stored in base 100. The new code - uses base 10000, for significantly better performance. - - - - - - - Server Configuration Changes - - - - Rename server parameter server_min_messages to log_min_messages (Bruce) - - This was done so most parameters that control the server logs - begin with log_. - - - - Rename show_*_stats to log_*_stats (Bruce) - Rename show_source_port to log_source_port (Bruce) - Rename hostname_lookup to log_hostname (Bruce) - - - Add checkpoint_warning to warn of excessive checkpointing (Bruce) - - In prior releases, it was difficult to determine if checkpoint - was happening too frequently. This feature adds a warning to the - server logs when excessive checkpointing happens. - - - - New read-only server parameters for localization (Tom) - - - - Change debug server log messages to output as DEBUG - rather than LOG (Bruce) - - - - - Prevent server log variables from being turned off by non-superusers (Bruce) - - This is a security feature so non-superusers cannot disable - logging that was enabled by the administrator. - - - - - - log_min_messages/client_min_messages now - controls debug_* output (Bruce) - - - This centralizes client debug information so all debug output - can be sent to either the client or server logs. - - - - - Add macOS Rendezvous server support (Chris Campbell) - - This allows macOS hosts to query the network for available - PostgreSQL servers. - - - - - - Add ability to print only slow statements using - log_min_duration_statement - (Christopher) - - - This is an often requested debugging feature that allows - administrators to see only slow queries in their server logs. - - - - - Allow pg_hba.conf to accept netmasks in CIDR format (Andrew Dunstan) - - This allows administrators to merge the host IP address and - netmask fields into a single CIDR field in pg_hba.conf. - - - - New read-only parameter is_superuser (Tom) - - - New parameter log_error_verbosity to control error detail (Tom) - - This works with the new error reporting feature to supply - additional error information like hints, file names and line - numbers. - - - - - postgres --describe-config now dumps server config variables (Aizaz Ahmed, Peter) - - This option is useful for administration tools that need to know - the configuration variable names and their minimums, maximums, - defaults, and descriptions. - - - - - - Add new columns in pg_settings: - context, type, source, - min_val, max_val (Joe) - - - - - - Make default shared_buffers 1000 and - max_connections 100, if possible (Tom) - - - Prior versions defaulted to 64 shared buffers so PostgreSQL - would start on even very old systems. This release tests the - amount of shared memory allowed by the platform and selects more - reasonable default values if possible. Of course, users are - still encouraged to evaluate their resource load and size - shared_buffers accordingly. - - - - - - New pg_hba.conf record type - hostnossl to prevent SSL connections (Jon - Jensen) - - - In prior releases, there was no way to prevent SSL connections - if both the client and server supported SSL. This option allows - that capability. - - - - - - Remove parameter geqo_random_seed - (Tom) - - - - - - Add server parameter regex_flavor to control regular expression processing (Tom) - - - - - - Make pg_ctl better handle nonstandard ports (Greg) - - - - - - - Query Changes - - - New SQL-standard information schema (Peter) - Add read-only transactions (Peter) - Print key name and value in foreign-key violation messages (Dmitry Tkach) - - - Allow users to see their own queries in pg_stat_activity (Kevin Brown) - - In prior releases, only the superuser could see query strings - using pg_stat_activity. Now ordinary users - can see their own query strings. - - - - - Fix aggregates in subqueries to match SQL standard (Tom) - - The SQL standard says that an aggregate function appearing - within a nested subquery belongs to the outer query if its - argument contains only outer-query variables. Prior - PostgreSQL releases did not handle - this fine point correctly. - - - - - Add option to prevent auto-addition of tables referenced in query (Nigel J. Andrews) - - By default, tables mentioned in the query are automatically - added to the FROM clause if they are not already - there. This is compatible with historic - POSTGRES behavior but is contrary to - the SQL standard. This option allows selecting - standard-compatible behavior. - - - - - Allow UPDATE ... SET col = DEFAULT (Rod) - - This allows UPDATE to set a column to its - declared default value. - - - - - Allow expressions to be used in LIMIT/OFFSET (Tom) - - In prior releases, LIMIT/OFFSET could - only use constants, not expressions. - - - - - Implement CREATE TABLE AS EXECUTE (Neil, Peter) - - - - - - Object Manipulation Changes - - - - Make CREATE SEQUENCE grammar more conforming to SQL:2003 (Neil) - - - - Add statement-level triggers (Neil) - - While this allows a trigger to fire at the end of a statement, - it does not allow the trigger to access all rows modified by the - statement. This capability is planned for a future release. - - - - - Add check constraints for domains (Rod) - - This greatly increases the usefulness of domains by allowing - them to use check constraints. - - - - - Add ALTER DOMAIN (Rod) - - This allows manipulation of existing domains. - - - - - Fix several zero-column table bugs (Tom) - - PostgreSQL supports zero-column tables. This fixes various bugs - that occur when using such tables. - - - - - Have ALTER TABLE ... ADD PRIMARY KEY add not-null constraint (Rod) - - In prior releases, ALTER TABLE ... ADD - PRIMARY would add a unique index, but not a not-null - constraint. That is fixed in this release. - - - - Add ALTER TABLE ... WITHOUT OIDS (Rod) - - This allows control over whether new and updated rows will have - an OID column. This is most useful for saving storage space. - - - - - - Add ALTER SEQUENCE to modify minimum, maximum, - increment, cache, cycle values (Rod) - - - - - Add ALTER TABLE ... CLUSTER ON (Alvaro Herrera) - - This command is used by pg_dump to record the - cluster column for each table previously clustered. This - information is used by database-wide cluster to cluster all - previously clustered tables. - - - - Improve automatic type casting for domains (Rod, Tom) - Allow dollar signs in identifiers, except as first character (Tom) - Disallow dollar signs in operator names, so x=$1 works (Tom) - - - - Allow copying table schema using LIKE - subtable, also SQL:2003 - feature INCLUDING DEFAULTS (Rod) - - - - - - Add WITH GRANT OPTION clause to - GRANT (Peter) - - - This enabled GRANT to give other users the - ability to grant privileges on an object. - - - - - - - Utility Command Changes - - - - Add ON COMMIT clause to CREATE TABLE for temporary tables (Gavin) - - This adds the ability for a table to be dropped or all rows - deleted on transaction commit. - - - - - Allow cursors outside transactions using WITH HOLD (Neil) - - In previous releases, cursors were removed at the end of the - transaction that created them. Cursors can now be created with - the WITH HOLD option, which allows them to - continue to be accessed after the creating transaction has - committed. - - - - - FETCH 0 and MOVE 0 now do nothing (Bruce) - - In previous releases, FETCH 0 fetched all - remaining rows, and MOVE 0 moved to the end - of the cursor. - - - - - - Cause FETCH and MOVE to - return the number of rows fetched/moved, or zero if at the - beginning/end of cursor, per SQL standard (Bruce) - - - In prior releases, the row count returned by - FETCH and MOVE did not - accurately reflect the number of rows processed. - - - - - Properly handle SCROLL with cursors, or - report an error (Neil) - - Allowing random access (both forward and backward scrolling) to - some kinds of queries cannot be done without some additional - work. If SCROLL is specified when the cursor - is created, this additional work will be performed. Furthermore, - if the cursor has been created with NO SCROLL, - no random access is allowed. - - - - - - Implement SQL-compatible options FIRST, - LAST, ABSOLUTE n, - RELATIVE n for - FETCH and MOVE (Tom) - - - - - Allow EXPLAIN on DECLARE CURSOR (Tom) - - - - Allow CLUSTER to use index marked as pre-clustered by default (Alvaro Herrera) - - - - Allow CLUSTER to cluster all tables (Alvaro Herrera) - - This allows all previously clustered tables in a database to be - reclustered with a single command. - - - - Prevent CLUSTER on partial indexes (Tom) - - Allow DOS and Mac line-endings in COPY files (Bruce) - - - - Disallow literal carriage return as a data value, - backslash-carriage-return and \r are still allowed - (Bruce) - - - - - COPY changes (binary, \.) (Tom) - - - - Recover from COPY failure cleanly (Tom) - - - - Prevent possible memory leaks in COPY (Tom) - - - - Make TRUNCATE transaction-safe (Rod) - - TRUNCATE can now be used inside a - transaction. If the transaction aborts, the changes made by the - TRUNCATE are automatically rolled back. - - - - - - Allow prepare/bind of utility commands like - FETCH and EXPLAIN (Tom) - - - - - Add EXPLAIN EXECUTE (Neil) - - - - Improve VACUUM performance on indexes by reducing WAL traffic (Tom) - - - - Functional indexes have been generalized into indexes on expressions (Tom) - - In prior releases, functional indexes only supported a simple - function applied to one or more column names. This release - allows any type of scalar expression. - - - - - - Have SHOW TRANSACTION ISOLATION match input - to SET TRANSACTION ISOLATION - (Tom) - - - - - - Have COMMENT ON DATABASE on nonlocal - database generate a warning, rather than an error (Rod) - - - - Database comments are stored in database-local tables so - comments on a database have to be stored in each database. - - - - - - Improve reliability of LISTEN/NOTIFY (Tom) - - - - - Allow REINDEX to reliably reindex nonshared system catalog indexes (Tom) - - This allows system tables to be reindexed without the - requirement of a standalone session, which was necessary in - previous releases. The only tables that now require a standalone - session for reindexing are the global system tables - pg_database, pg_shadow, and - pg_group. - - - - - - - Data Type and Function Changes - - - - - New server parameter extra_float_digits to - control precision display of floating-point numbers (Pedro - Ferreira, Tom) - - - This controls output precision which was causing regression - testing problems. - - - - Allow +1300 as a numeric time-zone specifier, for FJST (Tom) - - - - Remove rarely used functions oidrand, - oidsrand, and userfntest functions - (Neil) - - - - - Add md5() function to main server, already in contrib/pgcrypto (Joe) - - An MD5 function was frequently requested. For more complex - encryption capabilities, use - contrib/pgcrypto. - - - - Increase date range of timestamp (John Cochran) - - - - Change EXTRACT(EPOCH FROM timestamp) so - timestamp without time zone is assumed to be in - local time, not GMT (Tom) - - - - Trap division by zero in case the operating system doesn't prevent it (Tom) - Change the numeric data type internally to base 10000 (Tom) - New hostmask() function (Greg Wickham) - Fixes for to_char() and to_timestamp() (Karel) - - - - Allow functions that can take any argument data type and return - any data type, using anyelement and - anyarray (Joe) - - - This allows the creation of functions that can work with any - data type. - - - - - - Arrays can now be specified as ARRAY[1,2,3], - ARRAY[['a','b'],['c','d']], or - ARRAY[ARRAY[ARRAY[2]]] (Joe) - - - - - - Allow proper comparisons for arrays, including ORDER - BY and DISTINCT support - (Joe) - - - - Allow indexes on array columns (Joe) - Allow array concatenation with || (Joe) - - - - Allow WHERE qualification - expr op ANY/SOME/ALL - (array_expr) (Joe) - - - This allows arrays to behave like a list of values, for purposes - like SELECT * FROM tab WHERE col IN - (array_val). - - - - - - New array functions array_append, - array_cat, array_lower, - array_prepend, array_to_string, - array_upper, string_to_array (Joe) - - - - Allow user defined aggregates to use polymorphic functions (Joe) - Allow assignments to empty arrays (Joe) - - - - Allow 60 in seconds fields of time, - timestamp, and interval input values - (Tom) - - - Sixty-second values are needed for leap seconds. - - - - Allow cidr data type to be cast to text (Tom) - - Disallow invalid time zone names in SET TIMEZONE - - - - Trim trailing spaces when char is cast to - varchar or text (Tom) - - - - - - Make float(p) measure the precision - p in binary digits, not decimal digits - (Tom) - - - - - Add IPv6 support to the inet and cidr data types (Michael Graff) - - - - Add family() function to report whether address is IPv4 or IPv6 (Michael Graff) - - - - - Have SHOW datestyle generate output similar - to that used by SET datestyle (Tom) - - - - - - Make EXTRACT(TIMEZONE) and SET/SHOW - TIME ZONE follow the SQL convention for the sign of - time zone offsets, i.e., positive is east from UTC (Tom) - - - - - Fix date_trunc('quarter', ...) (Böjthe Zoltán) - - Prior releases returned an incorrect value for this function call. - - - - - Make initcap() more compatible with Oracle (Mike Nolan) - - initcap() now uppercases a letter appearing - after any non-alphanumeric character, rather than only after - whitespace. - - - - - Allow only datestyle field order for date values not in ISO-8601 format (Greg) - - - - - Add new datestyle values MDY, - DMY, and YMD to set input field order; - honor US and European for backward - compatibility (Tom) - - - - - - String literals like 'now' or - 'today' will no longer work as a column - default. Use functions such as now(), - current_timestamp instead. (change - required for prepared statements) (Tom) - - - - - Treat NaN as larger than any other value in min()/max() (Tom) - - NaN was already sorted after ordinary numeric values for most - purposes, but min() and max() didn't - get this right. - - - - - Prevent interval from suppressing :00 - seconds display - - - - - New functions pg_get_triggerdef(prettyprint) - and pg_conversion_is_visible() (Christopher) - - - - - Allow time to be specified as 040506 or 0405 (Tom) - - - - - Input date order must now be YYYY-MM-DD (with 4-digit year) or - match datestyle - - - - - - Make pg_get_constraintdef support - unique, primary-key, and check constraints (Christopher) - - - - - - - Server-Side Language Changes - - - - - Prevent PL/pgSQL crash when RETURN NEXT is - used on a zero-row record variable (Tom) - - - - - - Make PL/Python's spi_execute interface - handle null values properly (Andrew Bosma) - - - - - Allow PL/pgSQL to declare variables of composite types without %ROWTYPE (Tom) - - - - Fix PL/Python's _quote() function to handle big integers - - - - Make PL/Python an untrusted language, now called plpythonu (Kevin Jacobs, Tom) - - The Python language no longer supports a restricted execution - environment, so the trusted version of PL/Python was removed. If - this situation changes, a version of PL/Python that can be used - by non-superusers will be readded. - - - - - Allow polymorphic PL/pgSQL functions (Joe, Tom) - - - - Allow polymorphic SQL functions (Joe) - - - - - Improved compiled function caching mechanism in PL/pgSQL with - full support for polymorphism (Joe) - - - - - - Add new parameter $0 in PL/pgSQL representing the - function's actual return type (Joe) - - - - - - Allow PL/Tcl and PL/Python to use the same trigger on multiple tables (Tom) - - - - - - Fixed PL/Tcl's spi_prepare to accept fully - qualified type names in the parameter type list - (Jan) - - - - - - - psql Changes - - - - Add \pset pager always to always use pager (Greg) - - This forces the pager to be used even if the number of rows is - less than the screen height. This is valuable for rows that - wrap across several screen rows. - - - - Improve tab completion (Rod, Ross Reedstrom, Ian Barwick) - Reorder \? help into groupings (Harald Armin Massa, Bruce) - Add backslash commands for listing schemas, casts, and conversions (Christopher) - - - - \encoding now changes based on the server parameter - client_encoding (Tom) - - - In previous versions, \encoding was not aware - of encoding changes made using SET - client_encoding. - - - - - Save editor buffer into readline history (Ross) - - When \e is used to edit a query, the result is saved - in the readline history for retrieval using the up arrow. - - - - Improve \d display (Christopher) - Enhance HTML mode to be more standards-conforming (Greg) - - - New \set AUTOCOMMIT off capability (Tom) - - This takes the place of the removed server parameter autocommit. - - - - - New \set VERBOSITY to control error detail (Tom) - - This controls the new error reporting details. - - - - New prompt escape sequence %x to show transaction status (Tom) - Long options for psql are now available on all platforms - - - - - pg_dump Changes - - - Multiple pg_dump fixes, including tar format and large objects - Allow pg_dump to dump specific schemas (Neil) - - - Make pg_dump preserve column storage characteristics (Christopher) - - This preserves ALTER TABLE ... SET STORAGE information. - - - - Make pg_dump preserve CLUSTER characteristics (Christopher) - - - - Have pg_dumpall use GRANT/REVOKE to dump database-level privileges (Tom) - - - - - - Allow pg_dumpall to support the options , - , of pg_dump (Tom) - - - - Prevent pg_dump from lowercasing identifiers specified on the command line (Tom) - - - - pg_dump options - and now do nothing, all dumps - use SET SESSION AUTHORIZATION - - - pg_dump no longer reconnects to switch users, but instead always - uses SET SESSION AUTHORIZATION. This will - reduce password prompting during restores. - - - - - Long options for pg_dump are now available on all platforms - - PostgreSQL now includes its own - long-option processing routines. - - - - - - - libpq Changes - - - - - Add function PQfreemem for freeing memory on - Windows, suggested for NOTIFY (Bruce) - - - Windows requires that memory allocated in a library be freed by - a function in the same library, hence - free() doesn't work for freeing memory - allocated by libpq. PQfreemem is the proper - way to free libpq memory, especially on Windows, and is - recommended for other platforms as well. - - - - - Document service capability, and add sample file (Bruce) - - This allows clients to look up connection information in a - central file on the client machine. - - - - - - Make PQsetdbLogin have the same defaults as - PQconnectdb (Tom) - - - - Allow libpq to cleanly fail when result sets are too large (Tom) - - - - Improve performance of function PQunescapeBytea (Ben Lamb) - - - - - - Allow thread-safe libpq with configure - option (Lee Kindness, - Philip Yarra) - - - - - - Allow function pqInternalNotice to accept a - format string and arguments instead of just a preformatted - message (Tom, Sean Chittenden) - - - - - - Control SSL negotiation with sslmode values - disable, allow, - prefer, and require (Jon - Jensen) - - - - - Allow new error codes and levels of text (Tom) - - - - Allow access to the underlying table and column of a query result (Tom) - - This is helpful for query-builder applications that want to know - the underlying table and column names associated with a specific - result set. - - - - Allow access to the current transaction status (Tom) - Add ability to pass binary data directly to the server (Tom) - - - - Add function PQexecPrepared and - PQsendQueryPrepared functions which perform - bind/execute of previously prepared statements (Tom) - - - - - - - JDBC Changes - - - Allow setNull on updateable result sets - Allow executeBatch on a prepared statement (Barry) - Support SSL connections (Barry) - Handle schema names in result sets (Paul Sorenson) - Add refcursor support (Nic Ferrier) - - - - - Miscellaneous Interface Changes - - - - Prevent possible memory leak or core dump during libpgtcl shutdown (Tom) - - - Add Informix compatibility to ECPG (Michael) - - This allows ECPG to process embedded C programs that were - written using certain Informix extensions. - - - - - Add type decimal to ECPG that is fixed length, for Informix (Michael) - - - - - Allow thread-safe embedded SQL programs with - configure option - (Lee Kindness, Bruce) - - - This allows multiple threads to access the database at the same - time. - - - - - Moved Python client PyGreSQL to (Marc) - - - - - - Source Code Changes - - - Prevent need for separate platform geometry regression result files (Tom) - Improved PPC locking primitive (Reinhard Max) - New function palloc0 to allocate and clear memory (Bruce) - Fix locking code for s390x CPU (64-bit) (Tom) - Allow OpenBSD to use local ident credentials (William Ahern) - Make query plan trees read-only to executor (Tom) - Add macOS startup scripts (David Wheeler) - Allow libpq to compile with Borland C++ compiler (Lester Godwin, Karl Waclawek) - Use our own version of getopt_long() if needed (Peter) - Convert administration scripts to C (Peter) - Bison >= 1.85 is now required to build the PostgreSQL grammar, if building from CVS - Merge documentation into one book (Peter) - Add Windows compatibility functions (Bruce) - Allow client interfaces to compile under MinGW (Bruce) - New ereport() function for error reporting (Tom) - Support Intel compiler on Linux (Peter) - Improve Linux startup scripts (Slawomir Sudnik, Darko Prenosil) - Add support for AMD Opteron and Itanium (Jeffrey W. Baker, Bruce) - - Remove option from configure - - This was no longer needed now that we have CREATE CONVERSION. - - - - Generate a compile error if spinlock code is not found (Bruce) - - Platforms without spinlock code will now fail to compile, rather - than silently using semaphores. This failure can be disabled - with a new configure option. - - - - - - - Contrib Changes - - - Change dbmirror license to BSD - Improve earthdistance (Bruno Wolff III) - Portability improvements to pgcrypto (Marko Kreen) - Prevent crash in xml (John Gray, Michael Richards) - Update oracle - Update mysql - Update cube (Bruno Wolff III) - Update earthdistance to use cube (Bruno Wolff III) - Update btree_gist (Oleg) - New tsearch2 full-text search module (Oleg, Teodor) - Add hash-based crosstab function to tablefuncs (Joe) - Add serial column to order connectby() siblings in tablefuncs (Nabil Sayegh,Joe) - Add named persistent connections to dblink (Shridhar Daithanka) - New pg_autovacuum allows automatic VACUUM (Matthew T. O'Connor) - Make pgbench honor environment variables PGHOST, PGPORT, PGUSER (Tatsuo) - Improve intarray (Teodor Sigaev) - Improve pgstattuple (Rod) - Fix bug in metaphone() in fuzzystrmatch - Improve adddepend (Rod) - Update spi/timetravel (Böjthe Zoltán) - Fix dbase option and improve non-ASCII handling (Thomas Behr, Márcio Smiderle) - Remove array module because features now included by default (Joe) - - - - diff --git a/doc/src/sgml/release-8.0.sgml b/doc/src/sgml/release-8.0.sgml deleted file mode 100644 index 6171e0d1ee..0000000000 --- a/doc/src/sgml/release-8.0.sgml +++ /dev/null @@ -1,5421 +0,0 @@ - - - - - Release 8.0.26 - - - Release date: - 2010-10-04 - - - - This release contains a variety of fixes from 8.0.25. - For information about new features in the 8.0 major release, see - . - - - - This is expected to be the last PostgreSQL release - in the 8.0.X series. Users are encouraged to update to a newer - release branch soon. - - - - Migration to Version 8.0.26 - - - A dump/restore is not required for those running 8.0.X. - However, if you are upgrading from a version earlier than 8.0.22, - see . - - - - - - Changes - - - - - - Use a separate interpreter for each calling SQL userid in PL/Perl and - PL/Tcl (Tom Lane) - - - - This change prevents security problems that can be caused by subverting - Perl or Tcl code that will be executed later in the same session under - another SQL user identity (for example, within a SECURITY - DEFINER function). Most scripting languages offer numerous ways that - that might be done, such as redefining standard functions or operators - called by the target function. Without this change, any SQL user with - Perl or Tcl language usage rights can do essentially anything with the - SQL privileges of the target function's owner. - - - - The cost of this change is that intentional communication among Perl - and Tcl functions becomes more difficult. To provide an escape hatch, - PL/PerlU and PL/TclU functions continue to use only one interpreter - per session. This is not considered a security issue since all such - functions execute at the trust level of a database superuser already. - - - - It is likely that third-party procedural languages that claim to offer - trusted execution have similar security issues. We advise contacting - the authors of any PL you are depending on for security-critical - purposes. - - - - Our thanks to Tim Bunce for pointing out this issue (CVE-2010-3433). - - - - - - Prevent possible crashes in pg_get_expr() by disallowing - it from being called with an argument that is not one of the system - catalog columns it's intended to be used with - (Heikki Linnakangas, Tom Lane) - - - - - - Fix cannot handle unplanned sub-select error (Tom Lane) - - - - This occurred when a sub-select contains a join alias reference that - expands into an expression containing another sub-select. - - - - - - Defend against functions returning setof record where not all the - returned rows are actually of the same rowtype (Tom Lane) - - - - - - Take care to fsync the contents of lockfiles (both - postmaster.pid and the socket lockfile) while writing them - (Tom Lane) - - - - This omission could result in corrupted lockfile contents if the - machine crashes shortly after postmaster start. That could in turn - prevent subsequent attempts to start the postmaster from succeeding, - until the lockfile is manually removed. - - - - - - Avoid recursion while assigning XIDs to heavily-nested - subtransactions (Andres Freund, Robert Haas) - - - - The original coding could result in a crash if there was limited - stack space. - - - - - - Fix log_line_prefix's %i escape, - which could produce junk early in backend startup (Tom Lane) - - - - - - Fix possible data corruption in ALTER TABLE ... SET - TABLESPACE when archiving is enabled (Jeff Davis) - - - - - - Allow CREATE DATABASE and ALTER DATABASE ... SET - TABLESPACE to be interrupted by query-cancel (Guillaume Lelarge) - - - - - - In PL/Python, defend against null pointer results from - PyCObject_AsVoidPtr and PyCObject_FromVoidPtr - (Peter Eisentraut) - - - - - - Improve contrib/dblink's handling of tables containing - dropped columns (Tom Lane) - - - - - - Fix connection leak after duplicate connection name - errors in contrib/dblink (Itagaki Takahiro) - - - - - - Fix contrib/dblink to handle connection names longer than - 62 bytes correctly (Itagaki Takahiro) - - - - - - Update build infrastructure and documentation to reflect the source code - repository's move from CVS to Git (Magnus Hagander and others) - - - - - - Update time zone data files to tzdata release 2010l - for DST law changes in Egypt and Palestine; also historical corrections - for Finland. - - - - This change also adds new names for two Micronesian timezones: - Pacific/Chuuk is now preferred over Pacific/Truk (and the preferred - abbreviation is CHUT not TRUT) and Pacific/Pohnpei is preferred over - Pacific/Ponape. - - - - - - - - - - Release 8.0.25 - - - Release date: - 2010-05-17 - - - - This release contains a variety of fixes from 8.0.24. - For information about new features in the 8.0 major release, see - . - - - - The PostgreSQL community will stop releasing updates - for the 8.0.X release series in July 2010. - Users are encouraged to update to a newer release branch soon. - - - - Migration to Version 8.0.25 - - - A dump/restore is not required for those running 8.0.X. - However, if you are upgrading from a version earlier than 8.0.22, - see . - - - - - - Changes - - - - - - Enforce restrictions in plperl using an opmask applied to - the whole interpreter, instead of using Safe.pm - (Tim Bunce, Andrew Dunstan) - - - - Recent developments have convinced us that Safe.pm is too - insecure to rely on for making plperl trustable. This - change removes use of Safe.pm altogether, in favor of using - a separate interpreter with an opcode mask that is always applied. - Pleasant side effects of the change include that it is now possible to - use Perl's strict pragma in a natural way in - plperl, and that Perl's $a and $b - variables work as expected in sort routines, and that function - compilation is significantly faster. (CVE-2010-1169) - - - - - - Prevent PL/Tcl from executing untrustworthy code from - pltcl_modules (Tom) - - - - PL/Tcl's feature for autoloading Tcl code from a database table - could be exploited for trojan-horse attacks, because there was no - restriction on who could create or insert into that table. This change - disables the feature unless pltcl_modules is owned by a - superuser. (However, the permissions on the table are not checked, so - installations that really need a less-than-secure modules table can - still grant suitable privileges to trusted non-superusers.) Also, - prevent loading code into the unrestricted normal Tcl - interpreter unless we are really going to execute a pltclu - function. (CVE-2010-1170) - - - - - - Do not allow an unprivileged user to reset superuser-only parameter - settings (Alvaro) - - - - Previously, if an unprivileged user ran ALTER USER ... RESET - ALL for himself, or ALTER DATABASE ... RESET ALL for - a database he owns, this would remove all special parameter settings - for the user or database, even ones that are only supposed to be - changeable by a superuser. Now, the ALTER will only - remove the parameters that the user has permission to change. - - - - - - Avoid possible crash during backend shutdown if shutdown occurs - when a CONTEXT addition would be made to log entries (Tom) - - - - In some cases the context-printing function would fail because the - current transaction had already been rolled back when it came time - to print a log message. - - - - - - Update PL/Perl's ppport.h for modern Perl versions - (Andrew) - - - - - - Fix assorted memory leaks in PL/Python (Andreas Freund, Tom) - - - - - - Prevent infinite recursion in psql when expanding - a variable that refers to itself (Tom) - - - - - - Ensure that contrib/pgstattuple functions respond to cancel - interrupts promptly (Tatsuhito Kasahara) - - - - - - Make server startup deal properly with the case that - shmget() returns EINVAL for an existing - shared memory segment (Tom) - - - - This behavior has been observed on BSD-derived kernels including macOS. - It resulted in an entirely-misleading startup failure complaining that - the shared memory request size was too large. - - - - - - Update time zone data files to tzdata release 2010j - for DST law changes in Argentina, Australian Antarctic, Bangladesh, - Mexico, Morocco, Pakistan, Palestine, Russia, Syria, Tunisia; - also historical corrections for Taiwan. - - - - - - - - - - Release 8.0.24 - - - Release date: - 2010-03-15 - - - - This release contains a variety of fixes from 8.0.23. - For information about new features in the 8.0 major release, see - . - - - - The PostgreSQL community will stop releasing updates - for the 8.0.X release series in July 2010. - Users are encouraged to update to a newer release branch soon. - - - - Migration to Version 8.0.24 - - - A dump/restore is not required for those running 8.0.X. - However, if you are upgrading from a version earlier than 8.0.22, - see . - - - - - - Changes - - - - - - Add new configuration parameter ssl_renegotiation_limit to - control how often we do session key renegotiation for an SSL connection - (Magnus) - - - - This can be set to zero to disable renegotiation completely, which may - be required if a broken SSL library is used. In particular, some - vendors are shipping stopgap patches for CVE-2009-3555 that cause - renegotiation attempts to fail. - - - - - - Fix possible crashes when trying to recover from a failure in - subtransaction start (Tom) - - - - - - Fix server memory leak associated with use of savepoints and a client - encoding different from server's encoding (Tom) - - - - - - Make substring() for bit types treat any negative - length as meaning all the rest of the string (Tom) - - - - The previous coding treated only -1 that way, and would produce an - invalid result value for other negative values, possibly leading to - a crash (CVE-2010-0442). - - - - - - Fix integer-to-bit-string conversions to handle the first fractional - byte correctly when the output bit width is wider than the given - integer by something other than a multiple of 8 bits (Tom) - - - - - - Fix some cases of pathologically slow regular expression matching (Tom) - - - - - - Fix the STOP WAL LOCATION entry in backup history files to - report the next WAL segment's name when the end location is exactly at a - segment boundary (Itagaki Takahiro) - - - - - - When reading pg_hba.conf and related files, do not treat - @something as a file inclusion request if the @ - appears inside quote marks; also, never treat @ by itself - as a file inclusion request (Tom) - - - - This prevents erratic behavior if a role or database name starts with - @. If you need to include a file whose path name - contains spaces, you can still do so, but you must write - @"/path to/file" rather than putting the quotes around - the whole construct. - - - - - - Prevent infinite loop on some platforms if a directory is named as - an inclusion target in pg_hba.conf and related files - (Tom) - - - - - - Fix plpgsql failure in one case where a composite column is set to NULL - (Tom) - - - - - - Add volatile markings in PL/Python to avoid possible - compiler-specific misbehavior (Zdenek Kotala) - - - - - - Ensure PL/Tcl initializes the Tcl interpreter fully (Tom) - - - - The only known symptom of this oversight is that the Tcl - clock command misbehaves if using Tcl 8.5 or later. - - - - - - Prevent crash in contrib/dblink when too many key - columns are specified to a dblink_build_sql_* function - (Rushabh Lathia, Joe Conway) - - - - - - Fix assorted crashes in contrib/xml2 caused by sloppy - memory management (Tom) - - - - - - Update time zone data files to tzdata release 2010e - for DST law changes in Bangladesh, Chile, Fiji, Mexico, Paraguay, Samoa. - - - - - - - - - - Release 8.0.23 - - - Release date: - 2009-12-14 - - - - This release contains a variety of fixes from 8.0.22. - For information about new features in the 8.0 major release, see - . - - - - Migration to Version 8.0.23 - - - A dump/restore is not required for those running 8.0.X. - However, if you are upgrading from a version earlier than 8.0.22, - see . - - - - - - Changes - - - - - - Protect against indirect security threats caused by index functions - changing session-local state (Gurjeet Singh, Tom) - - - - This change prevents allegedly-immutable index functions from possibly - subverting a superuser's session (CVE-2009-4136). - - - - - - Reject SSL certificates containing an embedded null byte in the common - name (CN) field (Magnus) - - - - This prevents unintended matching of a certificate to a server or client - name during SSL validation (CVE-2009-4034). - - - - - - Fix possible crash during backend-startup-time cache initialization (Tom) - - - - - - Prevent signals from interrupting VACUUM at unsafe times - (Alvaro) - - - - This fix prevents a PANIC if a VACUUM FULL is canceled - after it's already committed its tuple movements, as well as transient - errors if a plain VACUUM is interrupted after having - truncated the table. - - - - - - Fix possible crash due to integer overflow in hash table size - calculation (Tom) - - - - This could occur with extremely large planner estimates for the size of - a hashjoin's result. - - - - - - Fix very rare crash in inet/cidr comparisons (Chris - Mikkelson) - - - - - - Fix premature drop of temporary files used for a cursor that is accessed - within a subtransaction (Heikki) - - - - - - Fix PAM password processing to be more robust (Tom) - - - - The previous code is known to fail with the combination of the Linux - pam_krb5 PAM module with Microsoft Active Directory as the - domain controller. It might have problems elsewhere too, since it was - making unjustified assumptions about what arguments the PAM stack would - pass to it. - - - - - - Fix rare crash in exception processing in PL/Python (Peter) - - - - - - Ensure psql's flex module is compiled with the correct - system header definitions (Tom) - - - - This fixes build failures on platforms where - --enable-largefile causes incompatible changes in the - generated code. - - - - - - Make the postmaster ignore any application_name parameter in - connection request packets, to improve compatibility with future libpq - versions (Tom) - - - - - - Update time zone data files to tzdata release 2009s - for DST law changes in Antarctica, Argentina, Bangladesh, Fiji, - Novokuznetsk, Pakistan, Palestine, Samoa, Syria; also historical - corrections for Hong Kong. - - - - - - - - - - Release 8.0.22 - - - Release date: - 2009-09-09 - - - - This release contains a variety of fixes from 8.0.21. - For information about new features in the 8.0 major release, see - . - - - - Migration to Version 8.0.22 - - - A dump/restore is not required for those running 8.0.X. - However, if you have any hash indexes on interval columns, - you must REINDEX them after updating to 8.0.22. - Also, if you are upgrading from a version earlier than 8.0.6, - see . - - - - - - Changes - - - - - - Disallow RESET ROLE and RESET SESSION - AUTHORIZATION inside security-definer functions (Tom, Heikki) - - - - This covers a case that was missed in the previous patch that - disallowed SET ROLE and SET SESSION - AUTHORIZATION inside security-definer functions. - (See CVE-2007-6600) - - - - - - Fix handling of sub-SELECTs appearing in the arguments of - an outer-level aggregate function (Tom) - - - - - - Fix hash calculation for data type interval (Tom) - - - - This corrects wrong results for hash joins on interval values. - It also changes the contents of hash indexes on interval columns. - If you have any such indexes, you must REINDEX them - after updating. - - - - - - Treat to_char(..., 'TH') as an uppercase ordinal - suffix with 'HH'/'HH12' (Heikki) - - - - It was previously handled as 'th' (lowercase). - - - - - - Fix overflow for INTERVAL 'x ms' - when x is more than 2 million and integer - datetimes are in use (Alex Hunsaker) - - - - - - Fix calculation of distance between a point and a line segment (Tom) - - - - This led to incorrect results from a number of geometric operators. - - - - - - Fix money data type to work in locales where currency - amounts have no fractional digits, e.g. Japan (Itagaki Takahiro) - - - - - - Properly round datetime input like - 00:12:57.9999999999999999999999999999 (Tom) - - - - - - Fix poor choice of page split point in GiST R-tree operator classes - (Teodor) - - - - - - Fix portability issues in plperl initialization (Andrew Dunstan) - - - - - - Fix pg_ctl to not go into an infinite loop if - postgresql.conf is empty (Jeff Davis) - - - - - - Fix contrib/xml2's xslt_process() to - properly handle the maximum number of parameters (twenty) (Tom) - - - - - - Improve robustness of libpq's code to recover - from errors during COPY FROM STDIN (Tom) - - - - - - Avoid including conflicting readline and editline header files - when both libraries are installed (Zdenek Kotala) - - - - - - Update time zone data files to tzdata release 2009l - for DST law changes in Bangladesh, Egypt, Jordan, Pakistan, - Argentina/San_Luis, Cuba, Jordan (historical correction only), - Mauritius, Morocco, Palestine, Syria, Tunisia. - - - - - - - - - - Release 8.0.21 - - - Release date: - 2009-03-16 - - - - This release contains a variety of fixes from 8.0.20. - For information about new features in the 8.0 major release, see - . - - - - Migration to Version 8.0.21 - - - A dump/restore is not required for those running 8.0.X. - However, if you are upgrading from a version earlier than 8.0.6, - see . - - - - - - Changes - - - - - - Prevent error recursion crashes when encoding conversion fails (Tom) - - - - This change extends fixes made in the last two minor releases for - related failure scenarios. The previous fixes were narrowly tailored - for the original problem reports, but we have now recognized that - any error thrown by an encoding conversion function could - potentially lead to infinite recursion while trying to report the - error. The solution therefore is to disable translation and encoding - conversion and report the plain-ASCII form of any error message, - if we find we have gotten into a recursive error reporting situation. - (CVE-2009-0922) - - - - - - Disallow CREATE CONVERSION with the wrong encodings - for the specified conversion function (Heikki) - - - - This prevents one possible scenario for encoding conversion failure. - The previous change is a backstop to guard against other kinds of - failures in the same area. - - - - - - Fix core dump when to_char() is given format codes that - are inappropriate for the type of the data argument (Tom) - - - - - - Add MUST (Mauritius Island Summer Time) to the default list - of known timezone abbreviations (Xavier Bugaud) - - - - - - - - - - Release 8.0.20 - - - Release date: - 2009-02-02 - - - - This release contains a variety of fixes from 8.0.19. - For information about new features in the 8.0 major release, see - . - - - - Migration to Version 8.0.20 - - - A dump/restore is not required for those running 8.0.X. - However, if you are upgrading from a version earlier than 8.0.6, - see . - - - - - - Changes - - - - - - Improve handling of URLs in headline() function (Teodor) - - - - - - Improve handling of overlength headlines in headline() - function (Teodor) - - - - - - Prevent possible Assert failure or misconversion if an encoding - conversion is created with the wrong conversion function for the - specified pair of encodings (Tom, Heikki) - - - - - - Avoid unnecessary locking of small tables in VACUUM - (Heikki) - - - - - - Fix uninitialized variables in contrib/tsearch2's - get_covers() function (Teodor) - - - - - - Make all documentation reference pgsql-bugs and/or - pgsql-hackers as appropriate, instead of the - now-decommissioned pgsql-ports and pgsql-patches - mailing lists (Tom) - - - - - - Update time zone data files to tzdata release 2009a (for - Kathmandu and historical DST corrections in Switzerland, Cuba) - - - - - - - - - - Release 8.0.19 - - - Release date: - 2008-11-03 - - - - This release contains a variety of fixes from 8.0.18. - For information about new features in the 8.0 major release, see - . - - - - Migration to Version 8.0.19 - - - A dump/restore is not required for those running 8.0.X. - However, if you are upgrading from a version earlier than 8.0.6, - see . - - - - - - Changes - - - - - - Fix backend crash when the client encoding cannot represent a localized - error message (Tom) - - - - We have addressed similar issues before, but it would still fail if - the character has no equivalent message itself couldn't - be converted. The fix is to disable localization and send the plain - ASCII error message when we detect such a situation. - - - - - - Fix possible crash when deeply nested functions are invoked from - a trigger (Tom) - - - - - - Ensure an error is reported when a newly-defined PL/pgSQL trigger - function is invoked as a normal function (Tom) - - - - - - Fix incorrect tsearch2 headline generation when single query - item matches first word of text (Sushant Sinha) - - - - - - Fix improper display of fractional seconds in interval values when - using a non-ISO datestyle in an - build (Ron Mayer) - - - - - - Ensure SPI_getvalue and SPI_getbinval - behave correctly when the passed tuple and tuple descriptor have - different numbers of columns (Tom) - - - - This situation is normal when a table has had columns added or removed, - but these two functions didn't handle it properly. - The only likely consequence is an incorrect error indication. - - - - - - Fix ecpg's parsing of CREATE USER (Michael) - - - - - - Fix recent breakage of pg_ctl restart (Tom) - - - - - - Update time zone data files to tzdata release 2008i (for - DST law changes in Argentina, Brazil, Mauritius, Syria) - - - - - - - - - - Release 8.0.18 - - - Release date: - 2008-09-22 - - - - This release contains a variety of fixes from 8.0.17. - For information about new features in the 8.0 major release, see - . - - - - Migration to Version 8.0.18 - - - A dump/restore is not required for those running 8.0.X. - However, if you are upgrading from a version earlier than 8.0.6, - see . - - - - - - Changes - - - - - - Widen local lock counters from 32 to 64 bits (Tom) - - - - This responds to reports that the counters could overflow in - sufficiently long transactions, leading to unexpected lock is - already held errors. - - - - - - Add checks in executor startup to ensure that the tuples produced by an - INSERT or UPDATE will match the target table's - current rowtype (Tom) - - - - ALTER COLUMN TYPE, followed by re-use of a previously - cached plan, could produce this type of situation. The check protects - against data corruption and/or crashes that could ensue. - - - - - - Fix datetime input functions to correctly detect integer overflow when - running on a 64-bit platform (Tom) - - - - - - Improve performance of writing very long log messages to syslog (Tom) - - - - - - Fix bug in backwards scanning of a cursor on a SELECT DISTINCT - ON query (Tom) - - - - - - Fix planner to estimate that GROUP BY expressions yielding - boolean results always result in two groups, regardless of the - expressions' contents (Tom) - - - - This is very substantially more accurate than the regular GROUP - BY estimate for certain boolean tests like col - IS NULL. - - - - - - Fix PL/Tcl to behave correctly with Tcl 8.5, and to be more careful - about the encoding of data sent to or from Tcl (Tom) - - - - - - Fix PL/Python to work with Python 2.5 - - - - This is a back-port of fixes made during the 8.2 development cycle. - - - - - - Improve pg_dump and pg_restore's - error reporting after failure to send a SQL command (Tom) - - - - - - Fix pg_ctl to properly preserve postmaster - command-line arguments across a restart (Bruce) - - - - - - Update time zone data files to tzdata release 2008f (for - DST law changes in Argentina, Bahamas, Brazil, Mauritius, Morocco, - Pakistan, Palestine, and Paraguay) - - - - - - - - - - Release 8.0.17 - - - Release date: - 2008-06-12 - - - - This release contains one serious bug fix over 8.0.16. - For information about new features in the 8.0 major release, see - . - - - - Migration to Version 8.0.17 - - - A dump/restore is not required for those running 8.0.X. - However, if you are upgrading from a version earlier than 8.0.6, - see . - - - - - - Changes - - - - - - Make pg_get_ruledef() parenthesize negative constants (Tom) - - - - Before this fix, a negative constant in a view or rule might be dumped - as, say, -42::integer, which is subtly incorrect: it should - be (-42)::integer due to operator precedence rules. - Usually this would make little difference, but it could interact with - another recent patch to cause - PostgreSQL to reject what had been a valid - SELECT DISTINCT view query. Since this could result in - pg_dump output failing to reload, it is being treated - as a high-priority fix. The only released versions in which dump - output is actually incorrect are 8.3.1 and 8.2.7. - - - - - - - - - - Release 8.0.16 - - - Release date: - never released - - - - This release contains a variety of fixes from 8.0.15. - For information about new features in the 8.0 major release, see - . - - - - Migration to Version 8.0.16 - - - A dump/restore is not required for those running 8.0.X. - However, if you are upgrading from a version earlier than 8.0.6, - see . - - - - - - Changes - - - - - - Fix ALTER TABLE ADD COLUMN ... PRIMARY KEY so that the new - column is correctly checked to see if it's been initialized to all - non-nulls (Brendan Jurd) - - - - Previous versions neglected to check this requirement at all. - - - - - - Fix possible CREATE TABLE failure when inheriting the - same constraint from multiple parent relations that - inherited that constraint from a common ancestor (Tom) - - - - - - Fix conversions between ISO-8859-5 and other encodings to handle - Cyrillic Yo characters (e and E with - two dots) (Sergey Burladyan) - - - - - - Fix a few datatype input functions - that were allowing unused bytes in their results to contain - uninitialized, unpredictable values (Tom) - - - - This could lead to failures in which two apparently identical literal - values were not seen as equal, resulting in the parser complaining - about unmatched ORDER BY and DISTINCT - expressions. - - - - - - Fix a corner case in regular-expression substring matching - (substring(string from - pattern)) (Tom) - - - - The problem occurs when there is a match to the pattern overall but - the user has specified a parenthesized subexpression and that - subexpression hasn't got a match. An example is - substring('foo' from 'foo(bar)?'). - This should return NULL, since (bar) isn't matched, but - it was mistakenly returning the whole-pattern match instead (ie, - foo). - - - - - - Update time zone data files to tzdata release 2008c (for - DST law changes in Morocco, Iraq, Choibalsan, Pakistan, Syria, Cuba, - Argentina/San_Luis, and Chile) - - - - - - Fix incorrect result from ecpg's - PGTYPEStimestamp_sub() function (Michael) - - - - - - Fix core dump in contrib/xml2's - xpath_table() function when the input query returns a - NULL value (Tom) - - - - - - Fix contrib/xml2's makefile to not override - CFLAGS (Tom) - - - - - - Fix DatumGetBool macro to not fail with gcc - 4.3 (Tom) - - - - This problem affects old style (V0) C functions that - return boolean. The fix is already in 8.3, but the need to - back-patch it was not realized at the time. - - - - - - Fix longstanding LISTEN/NOTIFY - race condition (Tom) - - - - In rare cases a session that had just executed a - LISTEN might not get a notification, even though - one would be expected because the concurrent transaction executing - NOTIFY was observed to commit later. - - - - A side effect of the fix is that a transaction that has executed - a not-yet-committed LISTEN command will not see any - row in pg_listener for the LISTEN, - should it choose to look; formerly it would have. This behavior - was never documented one way or the other, but it is possible that - some applications depend on the old behavior. - - - - - - Fix rare crash when an error occurs during a query using a hash index - (Heikki) - - - - - - Fix input of datetime values for February 29 in years BC (Tom) - - - - The former coding was mistaken about which years were leap years. - - - - - - Fix unrecognized node type error in some variants of - ALTER OWNER (Tom) - - - - - - Fix pg_ctl to correctly extract the postmaster's port - number from command-line options (Itagaki Takahiro, Tom) - - - - Previously, pg_ctl start -w could try to contact the - postmaster on the wrong port, leading to bogus reports of startup - failure. - - - - - - Use to defend against possible misoptimization - in recent gcc versions (Tom) - - - - This is known to be necessary when building PostgreSQL - with gcc 4.3 or later. - - - - - - Fix display of constant expressions in ORDER BY - and GROUP BY (Tom) - - - - An explicitly casted constant would be shown incorrectly. This could - for example lead to corruption of a view definition during - dump and reload. - - - - - - Fix libpq to handle NOTICE messages correctly - during COPY OUT (Tom) - - - - This failure has only been observed to occur when a user-defined - datatype's output routine issues a NOTICE, but there is no - guarantee it couldn't happen due to other causes. - - - - - - - - - - Release 8.0.15 - - - Release date: - 2008-01-07 - - - - This release contains a variety of fixes from 8.0.14, - including fixes for significant security issues. - For information about new features in the 8.0 major release, see - . - - - - This is the last 8.0.X release for which the PostgreSQL - community will produce binary packages for Windows. - Windows users are encouraged to move to 8.2.X or later, - since there are Windows-specific fixes in 8.2.X that - are impractical to back-port. 8.0.X will continue to - be supported on other platforms. - - - - Migration to Version 8.0.15 - - - A dump/restore is not required for those running 8.0.X. However, - if you are upgrading from a version earlier than 8.0.6, - see . - - - - - - Changes - - - - - - Prevent functions in indexes from executing with the privileges of - the user running VACUUM, ANALYZE, etc (Tom) - - - - Functions used in index expressions and partial-index - predicates are evaluated whenever a new table entry is made. It has - long been understood that this poses a risk of trojan-horse code - execution if one modifies a table owned by an untrustworthy user. - (Note that triggers, defaults, check constraints, etc. pose the - same type of risk.) But functions in indexes pose extra danger - because they will be executed by routine maintenance operations - such as VACUUM FULL, which are commonly performed - automatically under a superuser account. For example, a nefarious user - can execute code with superuser privileges by setting up a - trojan-horse index definition and waiting for the next routine vacuum. - The fix arranges for standard maintenance operations - (including VACUUM, ANALYZE, REINDEX, - and CLUSTER) to execute as the table owner rather than - the calling user, using the same privilege-switching mechanism already - used for SECURITY DEFINER functions. To prevent bypassing - this security measure, execution of SET SESSION - AUTHORIZATION and SET ROLE is now forbidden within a - SECURITY DEFINER context. (CVE-2007-6600) - - - - - - Repair assorted bugs in the regular-expression package (Tom, Will Drewry) - - - - Suitably crafted regular-expression patterns could cause crashes, - infinite or near-infinite looping, and/or massive memory consumption, - all of which pose denial-of-service hazards for applications that - accept regex search patterns from untrustworthy sources. - (CVE-2007-4769, CVE-2007-4772, CVE-2007-6067) - - - - - - Require non-superusers who use /contrib/dblink to use only - password authentication, as a security measure (Joe) - - - - The fix that appeared for this in 8.0.14 was incomplete, as it plugged - the hole for only some dblink functions. (CVE-2007-6601, - CVE-2007-3278) - - - - - - Update time zone data files to tzdata release 2007k - (in particular, recent Argentina changes) (Tom) - - - - - - Fix planner failure in some cases of WHERE false AND var IN - (SELECT ...) (Tom) - - - - - - Preserve the tablespace of indexes that are - rebuilt by ALTER TABLE ... ALTER COLUMN TYPE (Tom) - - - - - - Make archive recovery always start a new WAL timeline, rather than only - when a recovery stop time was used (Simon) - - - - This avoids a corner-case risk of trying to overwrite an existing - archived copy of the last WAL segment, and seems simpler and cleaner - than the original definition. - - - - - - Make VACUUM not use all of maintenance_work_mem - when the table is too small for it to be useful (Alvaro) - - - - - - Fix potential crash in translate() when using a multibyte - database encoding (Tom) - - - - - - Fix PL/Perl to cope when platform's Perl defines type bool - as int rather than char (Tom) - - - - While this could theoretically happen anywhere, no standard build of - Perl did things this way ... until macOS 10.5. - - - - - - Fix PL/Python to not crash on long exception messages (Alvaro) - - - - - - Fix pg_dump to correctly handle inheritance child tables - that have default expressions different from their parent's (Tom) - - - - - - ecpg parser fixes (Michael) - - - - - - Make contrib/tablefunc's crosstab() handle - NULL rowid as a category in its own right, rather than crashing (Joe) - - - - - - Fix tsvector and tsquery output routines to - escape backslashes correctly (Teodor, Bruce) - - - - - - Fix crash of to_tsvector() on huge input strings (Teodor) - - - - - - Require a specific version of Autoconf to be used - when re-generating the configure script (Peter) - - - - This affects developers and packagers only. The change was made - to prevent accidental use of untested combinations of - Autoconf and PostgreSQL versions. - You can remove the version check if you really want to use a - different Autoconf version, but it's - your responsibility whether the result works or not. - - - - - - - - - - Release 8.0.14 - - - Release date: - 2007-09-17 - - - - This release contains a variety of fixes from 8.0.13. - For information about new features in the 8.0 major release, see - . - - - - Migration to Version 8.0.14 - - - A dump/restore is not required for those running 8.0.X. However, - if you are upgrading from a version earlier than 8.0.6, - see . - - - - - - Changes - - - - - - Prevent index corruption when a transaction inserts rows and - then aborts close to the end of a concurrent VACUUM - on the same table (Tom) - - - - - - Make CREATE DOMAIN ... DEFAULT NULL work properly (Tom) - - - - - - Fix excessive logging of SSL error messages (Tom) - - - - - - Fix logging so that log messages are never interleaved when using - the syslogger process (Andrew) - - - - - - Fix crash when log_min_error_statement logging runs out - of memory (Tom) - - - - - - Fix incorrect handling of some foreign-key corner cases (Tom) - - - - - - Prevent CLUSTER from failing - due to attempting to process temporary tables of other sessions (Alvaro) - - - - - - Update the time zone database rules, particularly New Zealand's upcoming changes (Tom) - - - - - - Windows socket improvements (Magnus) - - - - - - Suppress timezone name (%Z) in log timestamps on Windows - because of possible encoding mismatches (Tom) - - - - - - Require non-superusers who use /contrib/dblink to use only - password authentication, as a security measure (Joe) - - - - - - - - - - Release 8.0.13 - - - Release date: - 2007-04-23 - - - - This release contains a variety of fixes from 8.0.12, - including a security fix. - For information about new features in the 8.0 major release, see - . - - - - Migration to Version 8.0.13 - - - A dump/restore is not required for those running 8.0.X. However, - if you are upgrading from a version earlier than 8.0.6, - see . - - - - - - Changes - - - - - - Support explicit placement of the temporary-table schema within - search_path, and disable searching it for functions - and operators (Tom) - - - This is needed to allow a security-definer function to set a - truly secure value of search_path. Without it, - an unprivileged SQL user can use temporary objects to execute code - with the privileges of the security-definer function (CVE-2007-2138). - See CREATE FUNCTION for more information. - - - - - - /contrib/tsearch2 crash fixes (Teodor) - - - - - - Fix potential-data-corruption bug in how VACUUM FULL handles - UPDATE chains (Tom, Pavan Deolasee) - - - - - - Fix PANIC during enlargement of a hash index (bug introduced in 8.0.10) - (Tom) - - - - - - Fix POSIX-style timezone specs to follow new USA DST rules (Tom) - - - - - - - - - - Release 8.0.12 - - - Release date: - 2007-02-07 - - - - This release contains one fix from 8.0.11. - For information about new features in the 8.0 major release, see - . - - - - Migration to Version 8.0.12 - - - A dump/restore is not required for those running 8.0.X. However, - if you are upgrading from a version earlier than 8.0.6, - see . - - - - - - Changes - - - - - - Remove overly-restrictive check for type length in constraints and - functional indexes(Tom) - - - - - - - - - - Release 8.0.11 - - - Release date: - 2007-02-05 - - - - This release contains a variety of fixes from 8.0.10, including - a security fix. - For information about new features in the 8.0 major release, see - . - - - - Migration to Version 8.0.11 - - - A dump/restore is not required for those running 8.0.X. However, - if you are upgrading from a version earlier than 8.0.6, - see . - - - - - - Changes - - - - - - Remove security vulnerabilities that allowed connected users - to read backend memory (Tom) - - - The vulnerabilities involve suppressing the normal check that a SQL - function returns the data type it's declared to, and changing the - data type of a table column (CVE-2007-0555, CVE-2007-0556). These - errors can easily be exploited to cause a backend crash, and in - principle might be used to read database content that the user - should not be able to access. - - - - - - Fix rare bug wherein btree index page splits could fail - due to choosing an infeasible split point (Heikki Linnakangas) - - - - - - Fix for rare Assert() crash triggered by UNION (Tom) - - - - - - Tighten security of multi-byte character processing for UTF8 sequences - over three bytes long (Tom) - - - - - - - - - - Release 8.0.10 - - - Release date: - 2007-01-08 - - - - This release contains a variety of fixes from 8.0.9. - For information about new features in the 8.0 major release, see - . - - - - Migration to Version 8.0.10 - - - A dump/restore is not required for those running 8.0.X. However, - if you are upgrading from a version earlier than 8.0.6, - see . - - - - - - Changes - - - - - - Improve handling of getaddrinfo() on AIX (Tom) - - - - This fixes a problem with starting the statistics collector, - among other things. - - - - - - Fix failed to re-find parent key errors in - VACUUM (Tom) - - - - - - Fix race condition for truncation of a large relation across a - gigabyte boundary by VACUUM (Tom) - - - - - - Fix bugs affecting multi-gigabyte hash indexes (Tom) - - - - - - Fix possible deadlock in Windows signal handling (Teodor) - - - - - - Fix error when constructing an ARRAY[] made up of multiple - empty elements (Tom) - - - - - - Fix ecpg memory leak during connection (Michael) - - - - - - to_number() and to_char(numeric) - are now STABLE, not IMMUTABLE, for - new initdb installs (Tom) - - - - This is because lc_numeric can potentially - change the output of these functions. - - - - - - Improve index usage of regular expressions that use parentheses (Tom) - - - - This improves psql \d performance also. - - - - - - Update timezone database - - - - This affects Australian and Canadian daylight-savings rules in - particular. - - - - - - - - - - Release 8.0.9 - - - Release date: - 2006-10-16 - - - - This release contains a variety of fixes from 8.0.8. - For information about new features in the 8.0 major release, see - . - - - - Migration to Version 8.0.9 - - - A dump/restore is not required for those running 8.0.X. However, - if you are upgrading from a version earlier than 8.0.6, - see . - - - - - - Changes - - -Fix crash when referencing NEW row -values in rule WHERE expressions (Tom) -Fix core dump when an untyped literal is taken as -ANYARRAY -Fix mishandling of AFTER triggers when query contains a SQL -function returning multiple rows (Tom) -Fix ALTER TABLE ... TYPE to recheck -NOT NULL for USING clause (Tom) -Fix string_to_array() to handle overlapping - matches for the separator string -For example, string_to_array('123xx456xxx789', 'xx'). - -Fix corner cases in pattern matching for - psql's \d commands -Fix index-corrupting bugs in /contrib/ltree - (Teodor) -Numerous robustness fixes in ecpg (Joachim -Wieland) -Fix backslash escaping in /contrib/dbmirror -Fix instability of statistics collection on Win32 (Tom, Andrew) -Fixes for AIX and -Intel compilers (Tom) - - - - - - - Release 8.0.8 - - - Release date: - 2006-05-23 - - - - This release contains a variety of fixes from 8.0.7, - including patches for extremely serious security issues. - For information about new features in the 8.0 major release, see - . - - - - Migration to Version 8.0.8 - - - A dump/restore is not required for those running 8.0.X. However, - if you are upgrading from a version earlier than 8.0.6, - see . - - - - Full security against the SQL-injection attacks described in - CVE-2006-2313 and CVE-2006-2314 might require changes in application - code. If you have applications that embed untrustworthy strings - into SQL commands, you should examine them as soon as possible to - ensure that they are using recommended escaping techniques. In - most cases, applications should be using subroutines provided by - libraries or drivers (such as libpq's - PQescapeStringConn()) to perform string escaping, - rather than relying on ad hoc code to do it. - - - - - Changes - - -Change the server to reject invalidly-encoded multibyte -characters in all cases (Tatsuo, Tom) -While PostgreSQL has been moving in this direction for -some time, the checks are now applied uniformly to all encodings and all -textual input, and are now always errors not merely warnings. This change -defends against SQL-injection attacks of the type described in CVE-2006-2313. - - -Reject unsafe uses of \' in string literals -As a server-side defense against SQL-injection attacks of the type -described in CVE-2006-2314, the server now only accepts '' and not -\' as a representation of ASCII single quote in SQL string -literals. By default, \' is rejected only when -client_encoding is set to a client-only encoding (SJIS, BIG5, GBK, -GB18030, or UHC), which is the scenario in which SQL injection is possible. -A new configuration parameter backslash_quote is available to -adjust this behavior when needed. Note that full security against -CVE-2006-2314 might require client-side changes; the purpose of -backslash_quote is in part to make it obvious that insecure -clients are insecure. - - -Modify libpq's string-escaping routines to be -aware of encoding considerations and -standard_conforming_strings -This fixes libpq-using applications for the security -issues described in CVE-2006-2313 and CVE-2006-2314, and also future-proofs -them against the planned changeover to SQL-standard string literal syntax. -Applications that use multiple PostgreSQL connections -concurrently should migrate to PQescapeStringConn() and -PQescapeByteaConn() to ensure that escaping is done correctly -for the settings in use in each database connection. Applications that -do string escaping by hand should be modified to rely on library -routines instead. - - -Fix some incorrect encoding conversion functions -win1251_to_iso, alt_to_iso, -euc_tw_to_big5, euc_tw_to_mic, -mic_to_euc_tw were all broken to varying -extents. - - -Clean up stray remaining uses of \' in strings -(Bruce, Jan) - -Fix bug that sometimes caused OR'd index scans to -miss rows they should have returned - -Fix WAL replay for case where a btree index has been -truncated - -Fix SIMILAR TO for patterns involving -| (Tom) - -Fix SELECT INTO and CREATE TABLE AS to -create tables in the default tablespace, not the base directory (Kris -Jurka) - -Fix server to use custom DH SSL parameters correctly (Michael -Fuhr) - -Fix for Bonjour on Intel Macs (Ashley Clark) - -Fix various minor memory leaks - -Fix problem with password prompting on some Win32 systems -(Robert Kinberg) - - - - - - - Release 8.0.7 - - - Release date: - 2006-02-14 - - - - This release contains a variety of fixes from 8.0.6. - For information about new features in the 8.0 major release, see - . - - - - Migration to Version 8.0.7 - - - A dump/restore is not required for those running 8.0.X. However, - if you are upgrading from a version earlier than 8.0.6, - see . - - - - - Changes - - - -Fix potential crash in SET -SESSION AUTHORIZATION (CVE-2006-0553) -An unprivileged user could crash the server process, resulting in -momentary denial of service to other users, if the server has been compiled -with Asserts enabled (which is not the default). -Thanks to Akio Ishida for reporting this problem. - - -Fix bug with row visibility logic in self-inserted -rows (Tom) -Under rare circumstances a row inserted by the current command -could be seen as already valid, when it should not be. Repairs bug -created in 8.0.4, 7.4.9, and 7.3.11 releases. - - -Fix race condition that could lead to file already -exists errors during pg_clog and pg_subtrans file creation -(Tom) - -Fix cases that could lead to crashes if a cache-invalidation -message arrives at just the wrong time (Tom) - -Properly check DOMAIN constraints for -UNKNOWN parameters in prepared statements -(Neil) - -Ensure ALTER COLUMN TYPE will process -FOREIGN KEY, UNIQUE, and PRIMARY KEY -constraints in the proper order (Nakano Yoshihisa) - -Fixes to allow restoring dumps that have cross-schema -references to custom operators or operator classes (Tom) - -Allow pg_restore to continue properly after a -COPY failure; formerly it tried to treat the remaining -COPY data as SQL commands (Stephen Frost) - -Fix pg_ctl unregister crash -when the data directory is not specified (Magnus) - -Fix ecpg crash on AMD64 and PPC -(Neil) - -Recover properly if error occurs during argument passing -in PL/Python (Neil) - -Fix PL/Perl's handling of locales on -Win32 to match the backend (Andrew) - -Fix crash when log_min_messages is set to -DEBUG3 or above in postgresql.conf on Win32 -(Bruce) - -Fix pgxs -L library path -specification for Win32, Cygwin, macOS, AIX (Bruce) - -Check that SID is enabled while checking for Win32 admin -privileges (Magnus) - -Properly reject out-of-range date inputs (Kris -Jurka) - -Portability fix for testing presence of finite -and isinf during configure (Tom) - - - - - - - - Release 8.0.6 - - - Release date: - 2006-01-09 - - - - This release contains a variety of fixes from 8.0.5. - For information about new features in the 8.0 major release, see - . - - - - Migration to Version 8.0.6 - - - A dump/restore is not required for those running 8.0.X. However, - if you are upgrading from a version earlier than 8.0.3, - see . - Also, you might need to REINDEX indexes on textual - columns after updating, if you are affected by the locale or - plperl issues described below. - - - - - Changes - - - -Fix Windows code so that postmaster will continue rather -than exit if there is no more room in ShmemBackendArray (Magnus) -The previous behavior could lead to a denial-of-service situation if too -many connection requests arrive close together. This applies -only to the Windows port. - -Fix bug introduced in 8.0 that could allow ReadBuffer -to return an already-used page as new, potentially causing loss of -recently-committed data (Tom) - -Fix for protocol-level Describe messages issued -outside a transaction or in a failed transaction (Tom) - -Fix character string comparison for locales that consider -different character combinations as equal, such as Hungarian (Tom) -This might require REINDEX to fix existing indexes on -textual columns. - -Set locale environment variables during postmaster startup -to ensure that plperl won't change the locale later -This fixes a problem that occurred if the postmaster was -started with environment variables specifying a different locale than what -initdb had been told. Under these conditions, any use of -plperl was likely to lead to corrupt indexes. You might need -REINDEX to fix existing indexes on -textual columns if this has happened to you. - -Allow more flexible relocation of installation -directories (Tom) -Previous releases supported relocation only if all installation -directory paths were the same except for the last component. - -Fix longstanding bug in strpos() and regular expression -handling in certain rarely used Asian multi-byte character sets (Tatsuo) - - -Various fixes for functions returning RECORDs -(Tom) - -Fix bug in /contrib/pgcrypto gen_salt, -which caused it not to use all available salt space for MD5 and -XDES algorithms (Marko Kreen, Solar Designer) -Salts for Blowfish and standard DES are unaffected. - -Fix /contrib/dblink to throw an error, -rather than crashing, when the number of columns specified is different from -what's actually returned by the query (Joe) - - - - - - - - Release 8.0.5 - - - Release date: - 2005-12-12 - - - - This release contains a variety of fixes from 8.0.4. - For information about new features in the 8.0 major release, see - . - - - - Migration to Version 8.0.5 - - - A dump/restore is not required for those running 8.0.X. However, - if you are upgrading from a version earlier than 8.0.3, - see . - - - - - Changes - - - -Fix race condition in transaction log management -There was a narrow window in which an I/O operation could be initiated -for the wrong page, leading to an Assert failure or data -corruption. - - -Fix bgwriter problems after recovering from errors -(Tom) - -The background writer was found to leak buffer pins after write errors. -While not fatal in itself, this might lead to mysterious blockages of -later VACUUM commands. - - - -Prevent failure if client sends Bind protocol message -when current transaction is already aborted - -/contrib/ltree fixes (Teodor) - -AIX and HPUX compile fixes (Tom) - -Retry file reads and writes after Windows -NO_SYSTEM_RESOURCES error (Qingqing Zhou) - -Fix intermittent failure when log_line_prefix -includes %i - -Fix psql performance issue with long scripts -on Windows (Merlin Moncure) - -Fix missing updates of pg_group flat -file - -Fix longstanding planning error for outer joins -This bug sometimes caused a bogus error RIGHT JOIN is -only supported with merge-joinable join conditions. - -Postpone timezone initialization until after -postmaster.pid is created -This avoids confusing startup scripts that expect the pid file to appear -quickly. - -Prevent core dump in pg_autovacuum when a -table has been dropped - -Fix problems with whole-row references (foo.*) -to subquery results - - - - - - - Release 8.0.4 - - - Release date: - 2005-10-04 - - - - This release contains a variety of fixes from 8.0.3. - For information about new features in the 8.0 major release, see - . - - - - Migration to Version 8.0.4 - - - A dump/restore is not required for those running 8.0.X. However, - if you are upgrading from a version earlier than 8.0.3, - see . - - - - - Changes - - -Fix error that allowed VACUUM to remove -ctid chains too soon, and add more checking in code that follows -ctid links -This fixes a long-standing problem that could cause crashes in very rare -circumstances. -Fix CHAR() to properly pad spaces to the specified -length when using a multiple-byte character set (Yoshiyuki Asaba) -In prior releases, the padding of CHAR() was incorrect -because it only padded to the specified number of bytes without -considering how many characters were stored. -Force a checkpoint before committing CREATE -DATABASE -This should fix recent reports of index is not a btree -failures when a crash occurs shortly after CREATE -DATABASE. -Fix the sense of the test for read-only transaction -in COPY -The code formerly prohibited COPY TO, where it should -prohibit COPY FROM. - -Handle consecutive embedded newlines in COPY -CSV-mode input -Fix date_trunc(week) for dates near year -end -Fix planning problem with outer-join ON clauses that reference -only the inner-side relation -Further fixes for x FULL JOIN y ON true corner -cases -Fix overenthusiastic optimization of x IN (SELECT -DISTINCT ...) and related cases -Fix mis-planning of queries with small LIMIT -values due to poorly thought out fuzzy cost -comparison -Make array_in and array_recv more -paranoid about validating their OID parameter -Fix missing rows in queries like UPDATE a=... WHERE -a... with GiST index on column a -Improve robustness of datetime parsing -Improve checking for partially-written WAL -pages -Improve robustness of signal handling when SSL is -enabled -Improve MIPS and M68K spinlock code -Don't try to open more than max_files_per_process -files during postmaster startup -Various memory leakage fixes -Various portability improvements -Update timezone data files -Improve handling of DLL load failures on Windows -Improve random-number generation on Windows -Make psql -f filename return a nonzero exit code -when opening the file fails -Change pg_dump to handle inherited check -constraints more reliably -Fix password prompting in pg_restore on -Windows -Fix PL/pgSQL to handle var := var correctly when -the variable is of pass-by-reference type -Fix PL/Perl %_SHARED so it's actually -shared -Fix contrib/pg_autovacuum to allow sleep -intervals over 2000 sec -Update contrib/tsearch2 to use current Snowball -code - - - - - - - Release 8.0.3 - - - Release date: - 2005-05-09 - - - - This release contains a variety of fixes from 8.0.2, including several - security-related issues. - For information about new features in the 8.0 major release, see - . - - - - Migration to Version 8.0.3 - - - A dump/restore is not required for those running 8.0.X. However, - it is one possible way of handling two significant security problems - that have been found in the initial contents of 8.0.X system - catalogs. A dump/initdb/reload sequence using 8.0.3's initdb will - automatically correct these problems. - - - - The larger security problem is that the built-in character set encoding - conversion functions can be invoked from SQL commands by unprivileged - users, but the functions were not designed for such use and are not - secure against malicious choices of arguments. The fix involves changing - the declared parameter list of these functions so that they can no longer - be invoked from SQL commands. (This does not affect their normal use - by the encoding conversion machinery.) - - - - The lesser problem is that the contrib/tsearch2 module - creates several functions that are improperly declared to return - internal when they do not accept internal arguments. - This breaks type safety for all functions using internal - arguments. - - - - It is strongly recommended that all installations repair these errors, - either by initdb or by following the manual repair procedure given - below. The errors at least allow unprivileged database users to crash - their server process, and might allow unprivileged users to gain the - privileges of a database superuser. - - - - If you wish not to do an initdb, perform the same manual repair - procedures shown in the 7.4.8 release - notes. - - - - - Changes - - -Change encoding function signature to prevent -misuse -Change contrib/tsearch2 to avoid unsafe use of -INTERNAL function results -Guard against incorrect second parameter to -record_out -Repair ancient race condition that allowed a transaction to be -seen as committed for some purposes (eg SELECT FOR UPDATE) slightly sooner -than for other purposes -This is an extremely serious bug since it could lead to apparent -data inconsistencies being briefly visible to applications. -Repair race condition between relation extension and -VACUUM -This could theoretically have caused loss of a page's worth of -freshly-inserted data, although the scenario seems of very low probability. -There are no known cases of it having caused more than an Assert failure. - -Fix comparisons of TIME WITH TIME ZONE values - -The comparison code was wrong in the case where the ---enable-integer-datetimes configuration switch had been used. -NOTE: if you have an index on a TIME WITH TIME ZONE column, -it will need to be REINDEXed after installing this update, because -the fix corrects the sort order of column values. - -Fix EXTRACT(EPOCH) for -TIME WITH TIME ZONE values -Fix mis-display of negative fractional seconds in -INTERVAL values - -This error only occurred when the ---enable-integer-datetimes configuration switch had been used. - -Fix pg_dump to dump trigger names containing % -correctly (Neil) -Still more 64-bit fixes for -contrib/intagg -Prevent incorrect optimization of functions returning -RECORD -Prevent crash on COALESCE(NULL,NULL) -Fix Borland makefile for libpq -Fix contrib/btree_gist for timetz type -(Teodor) -Make pg_ctl check the PID found in -postmaster.pid to see if it is still a live -process -Fix pg_dump/pg_restore problems caused -by addition of dump timestamps -Fix interaction between materializing holdable cursors and -firing deferred triggers during transaction commit -Fix memory leak in SQL functions returning pass-by-reference -data types - - - - - - - Release 8.0.2 - - - Release date: - 2005-04-07 - - - - This release contains a variety of fixes from 8.0.1. - For information about new features in the 8.0 major release, see - . - - - - Migration to Version 8.0.2 - - - A dump/restore is not required for those running 8.0.*. - This release updates the major version number of the - PostgreSQL libraries, so it might be - necessary to re-link some user applications if they cannot - find the properly-numbered shared library. - - - - - Changes - - -Increment the major version number of all interface -libraries (Bruce) - -This should have been done in 8.0.0. It is required so 7.4.X versions -of PostgreSQL client applications, like psql, -can be used on the same machine as 8.0.X applications. This might require -re-linking user applications that use these libraries. - -Add Windows-only wal_sync_method setting of - (Magnus, Bruce) - -This setting causes PostgreSQL to write through -any disk-drive write cache when writing to WAL. -This behavior was formerly called , but was -renamed because it acts quite differently from on other -platforms. - - -Enable the wal_sync_method setting of - on Windows, and make it the default for that - platform (Magnus, Bruce) - -Because the default is no longer , -data loss is possible during a power failure if the disk drive has -write caching enabled. To turn off the write cache on Windows, -from the Device Manager, choose the drive properties, -then Policies. - - -New cache management algorithm 2Q replaces -ARC (Tom) - -This was done to avoid a pending US patent on ARC. The -2Q code might be a few percentage points slower than -ARC for some work loads. A better cache management algorithm -will appear in 8.1. - -Planner adjustments to improve behavior on freshly-created -tables (Tom) -Allow plpgsql to assign to an element of an array that is -initially NULL (Tom) - -Formerly the array would remain NULL, but now it becomes a -single-element array. The main SQL engine was changed to handle -UPDATE of a null array value this way in 8.0, but the similar -case in plpgsql was overlooked. - - -Convert \r\n and \r to \n -in plpython function bodies (Michael Fuhr) - - This prevents syntax errors when plpython code is written on a Windows or - Mac client. - - -Allow SPI cursors to handle utility commands that return rows, -such as EXPLAIN (Tom) -Fix CLUSTER failure after ALTER TABLE -SET WITHOUT OIDS (Tom) -Reduce memory usage of ALTER TABLE ADD COLUMN -(Neil) -Fix ALTER LANGUAGE RENAME (Tom) -Document the Windows-only register and -unregister options of pg_ctl (Magnus) -Ensure operations done during backend shutdown are counted by -statistics collector - -This is expected to resolve reports of pg_autovacuum -not vacuuming the system catalogs often enough — it was not being -told about catalog deletions caused by temporary table removal during -backend exit. - -Change the Windows default for configuration parameter -log_destination to (Magnus) - -By default, a server running on Windows will now send log output to the -Windows event logger rather than standard error. - -Make Kerberos authentication work on Windows (Magnus) -Allow ALTER DATABASE RENAME by superusers -who aren't flagged as having CREATEDB privilege (Tom) -Modify WAL log entries for CREATE and -DROP DATABASE to not specify absolute paths (Tom) -This allows point-in-time recovery on a different machine with possibly -different database location. Note that CREATE TABLESPACE still -poses a hazard in such situations. - -Fix crash from a backend exiting with an open transaction -that created a table and opened a cursor on it (Tom) -Fix array_map() so it can call PL functions -(Tom) -Several contrib/tsearch2 and -contrib/btree_gist fixes (Teodor) - -Fix crash of some contrib/pgcrypto -functions on some platforms (Marko Kreen) -Fix contrib/intagg for 64-bit platforms -(Tom) -Fix ecpg bugs in parsing of CREATE statement -(Michael) -Work around gcc bug on powerpc and amd64 causing problems in -ecpg (Christof Petig) -Do not use locale-aware versions of upper(), -lower(), and initcap() when the locale is -C (Bruce) - - This allows these functions to work on platforms that generate errors - for non-7-bit data when the locale is C. - -Fix quote_ident() to quote names that match keywords (Tom) -Fix to_date() to behave reasonably when -CC and YY fields are both used (Karel) -Prevent to_char(interval) from failing -when given a zero-month interval (Tom) -Fix wrong week returned by date_trunc('week') -(Bruce) - -date_trunc('week') -returned the wrong year for the first few days of January in some years. - -Use the correct default mask length for class D -addresses in INET data types (Tom) - - - - - - - Release 8.0.1 - - - Release date: - 2005-01-31 - - - - This release contains a variety of fixes from 8.0.0, including several - security-related issues. - For information about new features in the 8.0 major release, see - . - - - - Migration to Version 8.0.1 - - - A dump/restore is not required for those running 8.0.0. - - - - - Changes - - -Disallow LOAD to non-superusers - -On platforms that will automatically execute initialization functions of a -shared library (this includes at least Windows and ELF-based Unixen), -LOAD can be used to make the server execute arbitrary code. -Thanks to NGS Software for reporting this. -Check that creator of an aggregate function has the right to -execute the specified transition functions - -This oversight made it possible to bypass denial of EXECUTE -permission on a function. -Fix security and 64-bit issues in -contrib/intagg -Add needed STRICT marking to some contrib functions (Kris -Jurka) -Avoid buffer overrun when plpgsql cursor declaration has too -many parameters (Neil) -Make ALTER TABLE ADD COLUMN enforce domain -constraints in all cases -Fix planning error for FULL and RIGHT outer joins - -The result of the join was mistakenly supposed to be sorted the same as the -left input. This could not only deliver mis-sorted output to the user, but -in case of nested merge joins could give outright wrong answers. - -Improve planning of grouped aggregate queries -ROLLBACK TO savepoint -closes cursors created since the savepoint -Fix inadequate backend stack size on Windows -Avoid SHGetSpecialFolderPath() on Windows -(Magnus) -Fix some problems in running pg_autovacuum as a Windows -service (Dave Page) -Multiple minor bug fixes in -pg_dump/pg_restore -Fix ecpg segfault with named structs used in -typedefs (Michael) - - - - - - - Release 8.0 - - - Release date: - 2005-01-19 - - - - Overview - - - Major changes in this release: - - - - - - Microsoft Windows Native Server - - - - - This is the first PostgreSQL release - to run natively on Microsoft Windows as - a server. It can run as a Windows service. This - release supports NT-based Windows releases like - Windows 2000 SP4, Windows XP, and - Windows 2003. Older releases like - Windows 95, Windows 98, and - Windows ME are not supported because these operating - systems do not have the infrastructure to support - PostgreSQL. A separate installer - project has been created to ease installation on - Windows — see . - - - - Although tested throughout our release cycle, the Windows port - does not have the benefit of years of use in production - environments that PostgreSQL has on - Unix platforms. Therefore it should be treated with the same - level of caution as you would a new product. - - - - Previous releases required the Unix emulation toolkit - Cygwin in order to run the server on Windows - operating systems. PostgreSQL has - supported native clients on Windows for many years. - - - - - - - Savepoints - - - - - Savepoints allow specific parts of a transaction to be aborted - without affecting the remainder of the transaction. Prior - releases had no such capability; there was no way to recover - from a statement failure within a transaction except by - aborting the whole transaction. This feature is valuable for - application writers who require error recovery within a - complex transaction. - - - - - - - Point-In-Time Recovery - - - - - In previous releases there was no way to recover from disk - drive failure except to restore from a previous backup or use - a standby replication server. Point-in-time recovery allows - continuous backup of the server. You can recover either to - the point of failure or to some transaction in the past. - - - - - - - Tablespaces - - - - - Tablespaces allow administrators to select different file systems - for storage of individual tables, indexes, and databases. - This improves performance and control over disk space - usage. Prior releases used initlocation and - manual symlink management for such tasks. - - - - - - - Improved Buffer Management, CHECKPOINT, - VACUUM - - - - - This release has a more intelligent buffer replacement strategy, - which will make better use of available shared buffers and - improve performance. The performance impact of vacuum and - checkpoints is also lessened. - - - - - - - Change Column Types - - - - - A column's data type can now be changed with ALTER - TABLE. - - - - - - - New Perl Server-Side Language - - - - - A new version of the plperl server-side language now - supports a persistent shared storage area, triggers, returning records - and arrays of records, and SPI calls to access the database. - - - - - - - Comma-separated-value (CSV) support in COPY - - - - - COPY can now read and write - comma-separated-value files. It has the flexibility to - interpret nonstandard quoting and separation characters too. - - - - - - - - - Migration to Version 8.0 - - - A dump/restore using pg_dump is - required for those wishing to migrate data from any previous - release. - - - - Observe the following incompatibilities: - - - - - - - In serialization mode, volatile functions - now see the results of concurrent transactions committed up to the - beginning of each statement within the function, rather than up to the - beginning of the interactive command that called the function. - - - - - - Functions declared or always - use the snapshot of the calling query, and therefore do not see the - effects of actions taken after the calling query starts, whether in - their own transaction or other transactions. Such a function must be - read-only, too, meaning that it cannot use any SQL commands other than - SELECT. - - - - - - Nondeferred triggers are now fired immediately - after completion of the triggering query, rather than upon - finishing the current interactive command. This makes a - difference when the triggering query occurred within a function: - the trigger is invoked before the function proceeds to its next - operation. - - - - - - Server configuration parameters virtual_host and - tcpip_socket have been replaced with a more general - parameter listen_addresses. Also, the server now listens on - localhost by default, which eliminates the need for the - -i postmaster switch in many scenarios. - - - - - - Server configuration parameters SortMem and - VacuumMem have been renamed to work_mem - and maintenance_work_mem to better reflect their - use. The original names are still supported in - SET and SHOW. - - - - - - Server configuration parameters log_pid, - log_timestamp, and log_source_port have been - replaced with a more general parameter log_line_prefix. - - - - - - Server configuration parameter syslog has been - replaced with a more logical log_destination variable to - control the log output destination. - - - - - - Server configuration parameter log_statement has been - changed so it can selectively log just database modification or - data definition statements. Server configuration parameter - log_duration now prints only when log_statement - prints the query. - - - - - - Server configuration parameter max_expr_depth parameter has - been replaced with max_stack_depth which measures the - physical stack size rather than the expression nesting depth. This - helps prevent session termination due to stack overflow caused by - recursive functions. - - - - - - The length() function no longer counts trailing spaces in - CHAR(n) values. - - - - - - Casting an integer to BIT(N) selects the rightmost N bits of the - integer, not the leftmost N bits as before. - - - - - - Updating an element or slice of a NULL array value now produces - a nonnull array result, namely an array containing - just the assigned-to positions. - - - - - - Syntax checking of array input values has been tightened up - considerably. Junk that was previously allowed in odd places with - odd results now causes an error. Empty-string element values - must now be written as "", rather than writing nothing. - Also changed behavior with respect to whitespace surrounding - array elements: trailing whitespace is now ignored, for symmetry - with leading whitespace (which has always been ignored). - - - - - - Overflow in integer arithmetic operations is now detected and - reported as an error. - - - - - - The arithmetic operators associated with the single-byte - "char" data type have been removed. - - - - - - The extract() function (also called - date_part) now returns the proper year for BC dates. - It previously returned one less than the correct year. The - function now also returns the proper values for millennium and - century. - - - - - - CIDR values now must have their nonmasked bits be zero. - For example, we no longer allow - 204.248.199.1/31 as a CIDR value. Such - values should never have been accepted by - PostgreSQL and will now be rejected. - - - - - - EXECUTE now returns a completion tag that - matches the executed statement. - - - - - - psql's \copy command now reads or - writes to the query's stdin/stdout, rather than - psql's stdin/stdout. The previous - behavior can be accessed via new - / parameters. - - - - - - The JDBC client interface has been removed from the core - distribution, and is now hosted at . - - - - - - The Tcl client interface has also been removed. There are several - Tcl interfaces now hosted at . - - - - - - The server now uses its own time zone database, rather than the - one supplied by the operating system. This will provide consistent - behavior across all platforms. In most cases, there should be - little noticeable difference in time zone behavior, except that - the time zone names used by SET/SHOW - TimeZone might be different from what your platform provides. - - - - - - Configure's threading option no longer requires - users to run tests or edit configuration files; threading options - are now detected automatically. - - - - - - Now that tablespaces have been implemented, - initlocation has been removed. - - - - - - The API for user-defined GiST indexes has been changed. The - Union and PickSplit methods are now passed a pointer to a - special GistEntryVector structure, - rather than a bytea. - - - - - - - - Deprecated Features - - - Some aspects of PostgreSQL's behavior - have been determined to be suboptimal. For the sake of backward - compatibility these have not been removed in 8.0, but they are - considered deprecated and will be removed in the next major - release. - - - - - - The 8.1 release will remove the to_char() function - for intervals. - - - - - - The server now warns of empty strings passed to - oid/float4/float8 data - types, but continues to interpret them as zeroes as before. - In the next major release, empty strings will be considered - invalid input for these data types. - - - - - - By default, tables in PostgreSQL 8.0 - and earlier are created with OIDs. In the next release, - this will not be the case: to create a table - that contains OIDs, the clause must - be specified or the default_with_oids - configuration parameter must be set. Users are encouraged to - explicitly specify if their tables - require OIDs for compatibility with future releases of - PostgreSQL. - - - - - - - - Changes - - - Below you will find a detailed account of the changes between - release 8.0 and the previous major release. - - - - Performance Improvements - - - - - Support cross-data-type index usage (Tom) - - - Before this change, many queries would not use an index if the data - types did not match exactly. This improvement makes index usage more - intuitive and consistent. - - - - - - New buffer replacement strategy that improves caching (Jan) - - - Prior releases used a least-recently-used (LRU) cache to keep - recently referenced pages in memory. The LRU algorithm - did not consider the number of times a specific cache entry was - accessed, so large table scans could force out useful cache pages. - The new cache algorithm uses four separate lists to track most - recently used and most frequently used cache pages and dynamically - optimize their replacement based on the work load. This should - lead to much more efficient use of the shared buffer cache. - Administrators who have tested shared buffer sizes in the past - should retest with this new cache replacement policy. - - - - - - Add subprocess to write dirty buffers periodically to reduce - checkpoint writes (Jan) - - - In previous releases, the checkpoint process, which runs every few - minutes, would write all dirty buffers to the operating system's - buffer cache then flush all dirty operating system buffers to - disk. This resulted in a periodic spike in disk usage that often - hurt performance. The new code uses a background writer to trickle - disk writes at a steady pace so checkpoints have far fewer dirty - pages to write to disk. Also, the new code does not issue a global - sync() call, but instead fsync()s just - the files written since the last checkpoint. This should improve - performance and minimize degradation during checkpoints. - - - - - - Add ability to prolong vacuum to reduce performance impact (Jan) - - - On busy systems, VACUUM performs many I/O - requests which can hurt performance for other users. This - release allows you to slow down VACUUM to - reduce its impact on other users, though this increases the - total duration of VACUUM. - - - - - - Improve B-tree index performance for duplicate keys (Dmitry Tkach, Tom) - - - This improves the way indexes are scanned when many duplicate - values exist in the index. - - - - - - Use dynamically-generated table size estimates while planning (Tom) - - - Formerly the planner estimated table sizes using the values seen - by the last VACUUM or ANALYZE, - both as to physical table size (number of pages) and number of rows. - Now, the current physical table size is obtained from the kernel, - and the number of rows is estimated by multiplying the table size - by the row density (rows per page) seen by the last - VACUUM or ANALYZE. This should - produce more reliable estimates in cases where the table size has - changed significantly since the last housekeeping command. - - - - - - Improved index usage with OR clauses (Tom) - - - This allows the optimizer to use indexes in statements with many OR - clauses that would not have been indexed in the past. It can also use - multi-column indexes where the first column is specified and the second - column is part of an OR clause. - - - - - - Improve matching of partial index clauses (Tom) - - - The server is now smarter about using partial indexes in queries - involving complex clauses. - - - - - - Improve performance of the GEQO optimizer (Tom) - - - The GEQO optimizer is used to plan queries involving many tables (by - default, twelve or more). This release speeds up the way queries are - analyzed to decrease time spent in optimization. - - - - - - Miscellaneous optimizer improvements - - - There is not room here to list all the minor improvements made, but - numerous special cases work better than in prior releases. - - - - - - Improve lookup speed for C functions (Tom) - - - This release uses a hash table to lookup information for dynamically - loaded C functions. This improves their speed so they perform nearly as - quickly as functions that are built into the server executable. - - - - - - Add type-specific ANALYZE statistics - capability (Mark Cave-Ayland) - - - This feature allows more flexibility in generating statistics - for nonstandard data types. - - - - - - ANALYZE now collects statistics for - expression indexes (Tom) - - - Expression indexes (also called functional indexes) allow users to - index not just columns but the results of expressions and function - calls. With this release, the optimizer can gather and use statistics - about the contents of expression indexes. This will greatly improve - the quality of planning for queries in which an expression index is - relevant. - - - - - - New two-stage sampling method for ANALYZE - (Manfred Koizar) - - - This gives better statistics when the density of valid rows is very - different in different regions of a table. - - - - - - Speed up TRUNCATE (Tom) - - - This buys back some of the performance loss observed in 7.4, while still - keeping TRUNCATE transaction-safe. - - - - - - - - - Server Changes - - - - - Add WAL file archiving and point-in-time recovery (Simon Riggs) - - - - - - Add tablespaces so admins can control disk layout (Gavin) - - - - - - Add a built-in log rotation program (Andreas Pflug) - - - It is now possible to log server messages conveniently without - relying on either syslog or an external log - rotation program. - - - - - - Add new read-only server configuration parameters to show server - compile-time settings: block_size, - integer_datetimes, max_function_args, - max_identifier_length, max_index_keys (Joe) - - - - - - Make quoting of sameuser, samegroup, and - all remove special meaning of these terms in - pg_hba.conf (Andrew) - - - - - - Use clearer IPv6 name ::1/128 for - localhost in default pg_hba.conf (Andrew) - - - - - - Use CIDR format in pg_hba.conf examples (Andrew) - - - - - - Rename server configuration parameters SortMem and - VacuumMem to work_mem and - maintenance_work_mem (Old names still supported) (Tom) - - - This change was made to clarify that bulk operations such as index and - foreign key creation use maintenance_work_mem, while - work_mem is for workspaces used during query execution. - - - - - - Allow logging of session disconnections using server configuration - log_disconnections (Andrew) - - - - - - Add new server configuration parameter log_line_prefix to - allow control of information emitted in each log line (Andrew) - - - Available information includes user name, database name, remote IP - address, and session start time. - - - - - - Remove server configuration parameters log_pid, - log_timestamp, log_source_port; functionality - superseded by log_line_prefix (Andrew) - - - - - - Replace the virtual_host and tcpip_socket - parameters with a unified listen_addresses parameter - (Andrew, Tom) - - - virtual_host could only specify a single IP address to - listen on. listen_addresses allows multiple addresses - to be specified. - - - - - - Listen on localhost by default, which eliminates the need for the - postmaster switch in many scenarios (Andrew) - - - Listening on localhost (127.0.0.1) opens no new - security holes but allows configurations like Windows and JDBC, - which do not support local sockets, to work without special - adjustments. - - - - - - Remove syslog server configuration parameter, and add more - logical log_destination variable to control log output - location (Magnus) - - - - - - Change server configuration parameter log_statement to take - values all, mod, ddl, or - none to select which queries are logged (Bruce) - - - This allows administrators to log only data definition changes or - only data modification statements. - - - - - - Some logging-related configuration parameters could formerly be adjusted - by ordinary users, but only in the more verbose direction. - They are now treated more strictly: only superusers can set them. - However, a superuser can use ALTER USER to provide per-user - settings of these values for non-superusers. Also, it is now possible - for superusers to set values of superuser-only configuration parameters - via PGOPTIONS. - - - - - - Allow configuration files to be placed outside the data directory (mlw) - - - By default, configuration files are kept in the cluster's top directory. - With this addition, configuration files can be placed outside the - data directory, easing administration. - - - - - - Plan prepared queries only when first executed so constants can be - used for statistics (Oliver Jowett) - - - Prepared statements plan queries once and execute them many - times. While prepared queries avoid the overhead of re-planning - on each use, the quality of the plan suffers from not knowing the exact - parameters to be used in the query. In this release, planning of - unnamed prepared statements is delayed until the first execution, - and the actual parameter values of that execution are used as - optimization hints. This allows use of out-of-line parameter passing - without incurring a performance penalty. - - - - - - Allow DECLARE CURSOR to take parameters - (Oliver Jowett) - - - It is now useful to issue DECLARE CURSOR in a - Parse message with parameters. The parameter values - sent at Bind time will be substituted into the - execution of the cursor's query. - - - - - - Fix hash joins and aggregates of inet and - cidr data types (Tom) - - - Release 7.4 handled hashing of mixed inet and - cidr values incorrectly. (This bug did not exist - in prior releases because they wouldn't try to hash either - data type.) - - - - - - Make log_duration print only when log_statement - prints the query (Ed L.) - - - - - - - - - Query Changes - - - - - Add savepoints (nested transactions) (Alvaro) - - - - - - Unsupported isolation levels are now accepted and promoted to the - nearest supported level (Peter) - - - The SQL specification states that if a database doesn't support a - specific isolation level, it should use the next more restrictive level. - This change complies with that recommendation. - - - - - - Allow BEGIN WORK to specify transaction - isolation levels like START TRANSACTION does - (Bruce) - - - - - - Fix table permission checking for cases in which rules generate - a query type different from the originally submitted query (Tom) - - - - - - Implement dollar quoting to simplify single-quote usage (Andrew, Tom, - David Fetter) - - - In previous releases, because single quotes had to be used to - quote a function's body, the use of single quotes inside the - function text required use of two single quotes or other error-prone - notations. With this release we add the ability to use "dollar - quoting" to quote a block of text. The ability to use different - quoting delimiters at different nesting levels greatly simplifies - the task of quoting correctly, especially in complex functions. - Dollar quoting can be used anywhere quoted text is needed. - - - - - - Make CASE val WHEN compval1 THEN ... evaluate val only once (Tom) - - - no longer evaluates the tested expression multiple - times. This has benefits when the expression is complex or is - volatile. - - - - - - Test before computing target list of an - aggregate query (Tom) - - - Fixes improper failure of cases such as SELECT SUM(win)/SUM(lose) - ... GROUP BY ... HAVING SUM(lose) > 0. This should work but formerly - could fail with divide-by-zero. - - - - - - Replace max_expr_depth parameter with - max_stack_depth parameter, measured in kilobytes of stack - size (Tom) - - - This gives us a fairly bulletproof defense against crashing due to - runaway recursive functions. Instead of measuring the depth of expression - nesting, we now directly measure the size of the execution stack. - - - - - - Allow arbitrary row expressions (Tom) - - - This release allows SQL expressions to contain arbitrary composite - types, that is, row values. It also allows functions to more easily - take rows as arguments and return row values. - - - - - - Allow / to be used as the operator - in row and subselect comparisons (Fabien Coelho) - - - - - - Avoid locale-specific case conversion of basic ASCII letters in - identifiers and keywords (Tom) - - - This solves the Turkish problem with mangling of words - containing I and i. Folding of characters - outside the 7-bit-ASCII set is still locale-aware. - - - - - - Improve syntax error reporting (Fabien, Tom) - - - Syntax error reports are more useful than before. - - - - - - Change EXECUTE to return a completion tag - matching the executed statement (Kris Jurka) - - - Previous releases return an EXECUTE tag for - any EXECUTE call. In this release, the tag - returned will reflect the command executed. - - - - - - Avoid emitting in rule listings (Tom) - - - Such a clause makes no logical sense, but in some cases the rule - decompiler formerly produced this syntax. - - - - - - - - - Object Manipulation Changes - - - - - Add COMMENT ON for casts, conversions, languages, - operator classes, and large objects (Christopher) - - - - - - Add new server configuration parameter default_with_oids to - control whether tables are created with OIDs by default (Neil) - - - This allows administrators to control whether CREATE - TABLE commands create tables with or without OID - columns by default. (Note: the current factory default setting for - default_with_oids is TRUE, but the default - will become FALSE in future releases.) - - - - - - Add / clause to - CREATE TABLE AS (Neil) - - - - - - Allow ALTER TABLE DROP COLUMN to drop an OID - column (ALTER TABLE SET WITHOUT OIDS still works) - (Tom) - - - - - - Allow composite types as table columns (Tom) - - - - - - Allow ALTER ... ADD COLUMN with defaults and - constraints; works per SQL spec (Rod) - - - It is now possible for to create a column - that is not initially filled with NULLs, but with a specified - default value. - - - - - - Add ALTER COLUMN TYPE to change column's type (Rod) - - - It is now possible to alter a column's data type without dropping - and re-adding the column. - - - - - - Allow multiple ALTER actions in a single ALTER - TABLE command (Rod) - - - This is particularly useful for ALTER commands that - rewrite the table (which include and - with a default). By grouping - ALTER commands together, the table need be rewritten - only once. - - - - - - Allow ALTER TABLE to add SERIAL - columns (Tom) - - - This falls out from the new capability of specifying defaults for new - columns. - - - - - - Allow changing the owners of aggregates, conversions, databases, - functions, operators, operator classes, schemas, types, and tablespaces - (Christopher, Euler Taveira de Oliveira) - - - Previously this required modifying the system tables directly. - - - - - - Allow temporary object creation to be limited to functions (Sean Chittenden) - - - - - - Add (Christopher) - - - Prior to this release, there was no way to clear an auto-cluster - specification except to modify the system tables. - - - - - - Constraint/Index/SERIAL names are now - table_column_type - with numbers appended to guarantee uniqueness within the schema - (Tom) - - - The SQL specification states that such names should be unique - within a schema. - - - - - - Add pg_get_serial_sequence() to return a - SERIAL column's sequence name (Christopher) - - - This allows automated scripts to reliably find the SERIAL - sequence name. - - - - - - Warn when primary/foreign key data type mismatch requires costly lookup - - - - - - New ALTER INDEX command to allow moving of indexes - between tablespaces (Gavin) - - - - - - Make ALTER TABLE OWNER change dependent sequence - ownership too (Alvaro) - - - - - - - - - - Utility Command Changes - - - - - Allow CREATE SCHEMA to create triggers, - indexes, and sequences (Neil) - - - - - - Add keyword to CREATE RULE (Fabien - Coelho) - - - This allows to be added to rule creation to contrast it with - rules. - - - - - - Add option to LOCK (Tatsuo) - - - This allows the LOCK command to fail if it - would have to wait for the requested lock. - - - - - - Allow COPY to read and write - comma-separated-value (CSV) files (Andrew, Bruce) - - - - - - Generate error if the COPY delimiter and NULL - string conflict (Bruce) - - - - - - GRANT/REVOKE behavior - follows the SQL spec more closely - - - - - - Avoid locking conflict between CREATE INDEX - and CHECKPOINT (Tom) - - - In 7.3 and 7.4, a long-running B-tree index build could block concurrent - CHECKPOINTs from completing, thereby causing WAL bloat because the - WAL log could not be recycled. - - - - - - Database-wide ANALYZE does not hold locks - across tables (Tom) - - - This reduces the potential for deadlocks against other backends - that want exclusive locks on tables. To get the benefit of this - change, do not execute database-wide ANALYZE - inside a transaction block (BEGIN block); it - must be able to commit and start a new transaction for each - table. - - - - - - REINDEX does not exclusively lock the index's - parent table anymore - - - The index itself is still exclusively locked, but readers of the - table can continue if they are not using the particular index - being rebuilt. - - - - - - Erase MD5 user passwords when a user is renamed (Bruce) - - - PostgreSQL uses the user name as salt - when encrypting passwords via MD5. When a user's name is changed, - the salt will no longer match the stored MD5 password, so the - stored password becomes useless. In this release a notice is - generated and the password is cleared. A new password must then - be assigned if the user is to be able to log in with a password. - - - - - - New pg_ctl option for Windows (Andrew) - - - Windows does not have a kill command to send signals to - backends so this capability was added to pg_ctl. - - - - - - Information schema improvements - - - - - - Add option to - initdb so the initial password can be - set by GUI tools (Magnus) - - - - - - Detect locale/encoding mismatch in - initdb (Peter) - - - - - - Add command to pg_ctl to - register Windows operating system service (Dave Page) - - - - - - - - - Data Type and Function Changes - - - - - More complete support for composite types (row types) (Tom) - - - Composite values can be used in many places where only scalar values - worked before. - - - - - - Reject nonrectangular array values as erroneous (Joe) - - - Formerly, array_in would silently build a - surprising result. - - - - - - Overflow in integer arithmetic operations is now detected (Tom) - - - - - - The arithmetic operators associated with the single-byte - "char" data type have been removed. - - - Formerly, the parser would select these operators in many situations - where an unable to select an operator error would be more - appropriate, such as null * null. If you actually want - to do arithmetic on a "char" column, you can cast it to - integer explicitly. - - - - - - Syntax checking of array input values considerably tightened up (Joe) - - - Junk that was previously allowed in odd places with odd results - now causes an ERROR, for example, non-whitespace - after the closing right brace. - - - - - - Empty-string array element values must now be written as - "", rather than writing nothing (Joe) - - - Formerly, both ways of writing an empty-string element value were - allowed, but now a quoted empty string is required. The case where - nothing at all appears will probably be considered to be a NULL - element value in some future release. - - - - - - Array element trailing whitespace is now ignored (Joe) - - - Formerly leading whitespace was ignored, but trailing whitespace - between an element value and the delimiter or right brace was - significant. Now trailing whitespace is also ignored. - - - - - - Emit array values with explicit array bounds when lower bound is not one - (Joe) - - - - - - Accept YYYY-monthname-DD as a date string (Tom) - - - - - - Make netmask and hostmask functions - return maximum-length mask length (Tom) - - - - - - Change factorial function to return numeric (Gavin) - - - Returning numeric allows the factorial function to - work for a wider range of input values. - - - - - - to_char/to_date() date conversion - improvements (Kurt Roeckx, Fabien Coelho) - - - - - - Make length() disregard trailing spaces in - CHAR(n) (Gavin) - - - This change was made to improve consistency: trailing spaces are - semantically insignificant in CHAR(n) data, so they - should not be counted by length(). - - - - - - Warn about empty string being passed to - OID/float4/float8 data types (Neil) - - - 8.1 will throw an error instead. - - - - - - Allow leading or trailing whitespace in - int2/int4/int8/float4/float8 - input routines - (Neil) - - - - - - Better support for IEEE Infinity and NaN - values in float4/float8 (Neil) - - - These should now work on all platforms that support IEEE-compliant - floating point arithmetic. - - - - - - Add option to date_trunc() (Robert Creager) - - - - - - Fix to_char for 1 BC - (previously it returned 1 AD) (Bruce) - - - - - - Fix date_part(year) for BC dates (previously it - returned one less than the correct year) (Bruce) - - - - - - Fix date_part() to return the proper millennium and - century (Fabien Coelho) - - - In previous versions, the century and millennium results had a wrong - number and started in the wrong year, as compared to standard - reckoning of such things. - - - - - - Add ceiling() as an alias for ceil(), - and power() as an alias for pow() for - standards compliance (Neil) - - - - - - Change ln(), log(), - power(), and sqrt() to emit the correct - SQLSTATE error codes for certain error conditions, as - specified by SQL:2003 (Neil) - - - - - - Add width_bucket() function as defined by SQL:2003 (Neil) - - - - - - Add generate_series() functions to simplify working - with numeric sets (Joe) - - - - - - Fix upper/lower/initcap() functions to work with - multibyte encodings (Tom) - - - - - - Add boolean and bitwise integer / - aggregates (Fabien Coelho) - - - - - - New session information functions to return network addresses for client - and server (Sean Chittenden) - - - - - - Add function to determine the area of a closed path (Sean Chittenden) - - - - - - Add function to send cancel request to other backends (Magnus) - - - - - - Add interval plus datetime operators (Tom) - - - The reverse ordering, datetime plus interval, - was already supported, but both are required by the SQL standard. - - - - - - Casting an integer to BIT(N) selects the rightmost N bits - of the integer - (Tom) - - - In prior releases, the leftmost N bits were selected, but this was - deemed unhelpful, not to mention inconsistent with casting from bit - to int. - - - - - - Require CIDR values to have all nonmasked bits be zero - (Kevin Brintnall) - - - - - - - - - Server-Side Language Changes - - - - - In READ COMMITTED serialization mode, volatile functions - now see the results of concurrent transactions committed up to the - beginning of each statement within the function, rather than up to the - beginning of the interactive command that called the function. - - - - - - Functions declared STABLE or IMMUTABLE always - use the snapshot of the calling query, and therefore do not see the - effects of actions taken after the calling query starts, whether in - their own transaction or other transactions. Such a function must be - read-only, too, meaning that it cannot use any SQL commands other than - SELECT. There is a considerable performance gain from - declaring a function STABLE or IMMUTABLE - rather than VOLATILE. - - - - - - Nondeferred triggers are now fired immediately - after completion of the triggering query, rather than upon - finishing the current interactive command. This makes a difference - when the triggering query occurred within a function: the trigger - is invoked before the function proceeds to its next operation. For - example, if a function inserts a new row into a table, any - nondeferred foreign key checks occur before proceeding with the - function. - - - - - - Allow function parameters to be declared with names (Dennis Björklund) - - - This allows better documentation of functions. Whether the names - actually do anything depends on the specific function language - being used. - - - - - - Allow PL/pgSQL parameter names to be referenced in the function (Dennis Björklund) - - - This basically creates an automatic alias for each named parameter. - - - - - - Do minimal syntax checking of PL/pgSQL functions at creation time (Tom) - - - This allows us to catch simple syntax errors sooner. - - - - - - More support for composite types (row and record variables) in PL/pgSQL - - - For example, it now works to pass a rowtype variable to another function - as a single variable. - - - - - - Default values for PL/pgSQL variables can now reference previously - declared variables - - - - - - Improve parsing of PL/pgSQL FOR loops (Tom) - - - Parsing is now driven by presence of ".." rather than - data type of variable. This makes no difference for - correct functions, but should result in more understandable error - messages when a mistake is made. - - - - - - Major overhaul of PL/Perl server-side language (Command Prompt, Andrew Dunstan) - - - - - - In PL/Tcl, SPI commands are now run in subtransactions. If an error - occurs, the subtransaction is cleaned up and the error is reported - as an ordinary Tcl error, which can be trapped with catch. - Formerly, it was not possible to catch such errors. - - - - - - Accept ELSEIF in PL/pgSQL (Neil) - - - Previously PL/pgSQL only allowed ELSIF, but many people - are accustomed to spelling this keyword ELSEIF. - - - - - - - - - <application>psql</application> Changes - - - - - Improve psql information display about database - objects (Christopher) - - - - - - Allow psql to display group membership in - \du and \dg (Markus Bertheau) - - - - - - Prevent psql \dn from showing - temporary schemas (Bruce) - - - - - - Allow psql to handle tilde user expansion for file - names (Zach Irmen) - - - - - - Allow psql to display fancy prompts, including - color, via readline (Reece Hart, Chet Ramey) - - - - - - Make psql \copy match COPY command syntax - fully (Tom) - - - - - - Show the location of syntax errors (Fabien Coelho, Tom) - - - - - - Add CLUSTER information to psql - \d display - (Bruce) - - - - - - Change psql \copy stdin/stdout to read - from command input/output (Bruce) - - - - - - Add / to read from - psql's stdin/stdout (Mark - Feit) - - - - - - Add global psql configuration file, psqlrc.sample - (Bruce) - - - This allows a central file where global psql startup commands can - be stored. - - - - - - Have psql \d+ indicate if the table - has an OID column (Neil) - - - - - - On Windows, use binary mode in psql when reading files so control-Z - is not seen as end-of-file - - - - - - Have \dn+ show permissions and description for schemas (Dennis - Björklund) - - - - - - Improve tab completion support (Stefan Kaltenbrunn, Greg Sabino Mullane) - - - - - - Allow boolean settings to be set using upper or lower case (Michael Paesold) - - - - - - - - - <application>pg_dump</application> Changes - - - - - Use dependency information to improve the reliability of - pg_dump (Tom) - - - This should solve the longstanding problems with related objects - sometimes being dumped in the wrong order. - - - - - - Have pg_dump output objects in alphabetical order if possible (Tom) - - - This should make it easier to identify changes between - dump files. - - - - - - Allow pg_restore to ignore some SQL errors (Fabien Coelho) - - - This makes pg_restore's behavior similar to the - results of feeding a pg_dump output script to - psql. In most cases, ignoring errors and plowing - ahead is the most useful thing to do. Also added was a pg_restore - option to give the old behavior of exiting on an error. - - - - - - pg_restore display now includes - objects' schema names - - - - - - New begin/end markers in pg_dump text output (Bruce) - - - - - - Add start/stop times for - pg_dump/pg_dumpall in verbose mode - (Bruce) - - - - - - Allow most pg_dump options in - pg_dumpall (Christopher) - - - - - - Have pg_dump use ALTER OWNER rather - than SET SESSION AUTHORIZATION by default - (Christopher) - - - - - - - - - libpq Changes - - - - - Make libpq's handling thread-safe (Bruce) - - - - - - Add PQmbdsplen() which returns the display length - of a character (Tatsuo) - - - - - - Add thread locking to SSL and - Kerberos connections (Manfred Spraul) - - - - - - Allow PQoidValue(), PQcmdTuples(), and - PQoidStatus() to work on EXECUTE - commands (Neil) - - - - - - Add PQserverVersion() to provide more convenient - access to the server version number (Greg Sabino Mullane) - - - - - - Add PQprepare/PQsendPrepared() functions to support - preparing statements without necessarily specifying the data types - of their parameters (Abhijit Menon-Sen) - - - - - - Many ECPG improvements, including SET DESCRIPTOR (Michael) - - - - - - - - - Source Code Changes - - - - - Allow the database server to run natively on Windows (Claudio, Magnus, Andrew) - - - - - - Shell script commands converted to C versions for Windows support (Andrew) - - - - - - Create an extension makefile framework (Fabien Coelho, Peter) - - - This simplifies the task of building extensions outside the original - source tree. - - - - - - Support relocatable installations (Bruce) - - - Directory paths for installed files (such as the - /share directory) are now computed relative to the - actual location of the executables, so that an installation tree - can be moved to another place without reconfiguring and - rebuilding. - - - - - - Use to choose installation location of documentation; also - allow (Peter) - - - - - - Add to prevent installation of documentation (Peter) - - - - - - Upgrade to DocBook V4.2 SGML (Peter) - - - - - - New PostgreSQL CVS tag (Marc) - - - This was done to make it easier for organizations to manage their - own copies of the PostgreSQL - CVS repository. File version stamps from the master - repository will not get munged by checking into or out of a copied - repository. - - - - - - Clarify locking code (Manfred Koizar) - - - - - - Buffer manager cleanup (Neil) - - - - - - Decouple platform tests from CPU spinlock code (Bruce, Tom) - - - - - - Add inlined test-and-set code on PA-RISC for gcc - (ViSolve, Tom) - - - - - - Improve i386 spinlock code (Manfred Spraul) - - - - - - Clean up spinlock assembly code to avoid warnings from newer - gcc releases (Tom) - - - - - - Remove JDBC from source tree; now a separate project - - - - - - Remove the libpgtcl client interface; now a separate project - - - - - - More accurately estimate memory and file descriptor usage (Tom) - - - - - - Improvements to the macOS startup scripts (Ray A.) - - - - - - New fsync() test program (Bruce) - - - - - - Major documentation improvements (Neil, Peter) - - - - - - Remove pg_encoding; not needed - anymore - - - - - - Remove pg_id; not needed anymore - - - - - - Remove initlocation; not needed - anymore - - - - - - Auto-detect thread flags (no more manual testing) (Bruce) - - - - - - Use Olson's public domain timezone library (Magnus) - - - - - - With threading enabled, use thread flags on Unixware for - backend executables too (Bruce) - - - Unixware cannot mix threaded and nonthreaded object files in the - same executable, so everything must be compiled as threaded. - - - - - - psql now uses a flex-generated - lexical analyzer to process command strings - - - - - - Reimplement the linked list data structure used throughout the - backend (Neil) - - - This improves performance by allowing list append and length - operations to be more efficient. - - - - - - Allow dynamically loaded modules to create their own server configuration - parameters (Thomas Hallgren) - - - - - - New Brazilian version of FAQ (Euler Taveira de Oliveira) - - - - - - Add French FAQ (Guillaume Lelarge) - - - - - - New pgevent for Windows logging - - - - - - Make libpq and ECPG build as proper shared libraries on macOS (Tom) - - - - - - - - - Contrib Changes - - - - - Overhaul of contrib/dblink (Joe) - - - - - - contrib/dbmirror improvements (Steven Singer) - - - - - - New contrib/xml2 (John Gray, Torchbox) - - - - - - Updated contrib/mysql - - - - - - New version of contrib/btree_gist (Teodor) - - - - - - New contrib/trgm, trigram matching for - PostgreSQL (Teodor) - - - - - - Many contrib/tsearch2 improvements (Teodor) - - - - - - Add double metaphone to contrib/fuzzystrmatch (Andrew) - - - - - - Allow contrib/pg_autovacuum to run as a Windows service (Dave Page) - - - - - - Add functions to contrib/dbsize (Andreas Pflug) - - - - - - Removed contrib/pg_logger: obsoleted by integrated logging - subprocess - - - - - - Removed contrib/rserv: obsoleted by various separate projects - - - - - - - - diff --git a/doc/src/sgml/release-8.1.sgml b/doc/src/sgml/release-8.1.sgml deleted file mode 100644 index 44a30892fd..0000000000 --- a/doc/src/sgml/release-8.1.sgml +++ /dev/null @@ -1,5444 +0,0 @@ - - - - - Release 8.1.23 - - - Release date: - 2010-12-16 - - - - This release contains a variety of fixes from 8.1.22. - For information about new features in the 8.1 major release, see - . - - - - This is expected to be the last PostgreSQL release - in the 8.1.X series. Users are encouraged to update to a newer - release branch soon. - - - - Migration to Version 8.1.23 - - - A dump/restore is not required for those running 8.1.X. - However, if you are upgrading from a version earlier than 8.1.18, - see . - - - - - - Changes - - - - - - Force the default - wal_sync_method - to be fdatasync on Linux (Tom Lane, Marti Raudsepp) - - - - The default on Linux has actually been fdatasync for many - years, but recent kernel changes caused PostgreSQL to - choose open_datasync instead. This choice did not result - in any performance improvement, and caused outright failures on - certain filesystems, notably ext4 with the - data=journal mount option. - - - - - - Fix recovery from base backup when the starting checkpoint WAL record - is not in the same WAL segment as its redo point (Jeff Davis) - - - - - - Add support for detecting register-stack overrun on IA64 - (Tom Lane) - - - - The IA64 architecture has two hardware stacks. Full - prevention of stack-overrun failures requires checking both. - - - - - - Add a check for stack overflow in copyObject() (Tom Lane) - - - - Certain code paths could crash due to stack overflow given a - sufficiently complex query. - - - - - - Fix detection of page splits in temporary GiST indexes (Heikki - Linnakangas) - - - - It is possible to have a concurrent page split in a - temporary index, if for example there is an open cursor scanning the - index when an insertion is done. GiST failed to detect this case and - hence could deliver wrong results when execution of the cursor - continued. - - - - - - Avoid memory leakage while ANALYZE'ing complex index - expressions (Tom Lane) - - - - - - Ensure an index that uses a whole-row Var still depends on its table - (Tom Lane) - - - - An index declared like create index i on t (foo(t.*)) - would not automatically get dropped when its table was dropped. - - - - - - Do not inline a SQL function with multiple OUT - parameters (Tom Lane) - - - - This avoids a possible crash due to loss of information about the - expected result rowtype. - - - - - - Fix constant-folding of COALESCE() expressions (Tom Lane) - - - - The planner would sometimes attempt to evaluate sub-expressions that - in fact could never be reached, possibly leading to unexpected errors. - - - - - - Add print functionality for InhRelation nodes (Tom Lane) - - - - This avoids a failure when debug_print_parse is enabled - and certain types of query are executed. - - - - - - Fix incorrect calculation of distance from a point to a horizontal - line segment (Tom Lane) - - - - This bug affected several different geometric distance-measurement - operators. - - - - - - Fix PL/pgSQL's handling of simple - expressions to not fail in recursion or error-recovery cases (Tom Lane) - - - - - - Fix bug in contrib/cube's GiST picksplit algorithm - (Alexander Korotkov) - - - - This could result in considerable inefficiency, though not actually - incorrect answers, in a GiST index on a cube column. - If you have such an index, consider REINDEXing it after - installing this update. - - - - - - Don't emit identifier will be truncated notices in - contrib/dblink except when creating new connections - (Itagaki Takahiro) - - - - - - Fix potential coredump on missing public key in - contrib/pgcrypto (Marti Raudsepp) - - - - - - Fix memory leak in contrib/xml2's XPath query functions - (Tom Lane) - - - - - - Update time zone data files to tzdata release 2010o - for DST law changes in Fiji and Samoa; - also historical corrections for Hong Kong. - - - - - - - - - - Release 8.1.22 - - - Release date: - 2010-10-04 - - - - This release contains a variety of fixes from 8.1.21. - For information about new features in the 8.1 major release, see - . - - - - The PostgreSQL community will stop releasing updates - for the 8.1.X release series in November 2010. - Users are encouraged to update to a newer release branch soon. - - - - Migration to Version 8.1.22 - - - A dump/restore is not required for those running 8.1.X. - However, if you are upgrading from a version earlier than 8.1.18, - see . - - - - - - Changes - - - - - - Use a separate interpreter for each calling SQL userid in PL/Perl and - PL/Tcl (Tom Lane) - - - - This change prevents security problems that can be caused by subverting - Perl or Tcl code that will be executed later in the same session under - another SQL user identity (for example, within a SECURITY - DEFINER function). Most scripting languages offer numerous ways that - that might be done, such as redefining standard functions or operators - called by the target function. Without this change, any SQL user with - Perl or Tcl language usage rights can do essentially anything with the - SQL privileges of the target function's owner. - - - - The cost of this change is that intentional communication among Perl - and Tcl functions becomes more difficult. To provide an escape hatch, - PL/PerlU and PL/TclU functions continue to use only one interpreter - per session. This is not considered a security issue since all such - functions execute at the trust level of a database superuser already. - - - - It is likely that third-party procedural languages that claim to offer - trusted execution have similar security issues. We advise contacting - the authors of any PL you are depending on for security-critical - purposes. - - - - Our thanks to Tim Bunce for pointing out this issue (CVE-2010-3433). - - - - - - Prevent possible crashes in pg_get_expr() by disallowing - it from being called with an argument that is not one of the system - catalog columns it's intended to be used with - (Heikki Linnakangas, Tom Lane) - - - - - - Fix cannot handle unplanned sub-select error (Tom Lane) - - - - This occurred when a sub-select contains a join alias reference that - expands into an expression containing another sub-select. - - - - - - Prevent show_session_authorization() from crashing within autovacuum - processes (Tom Lane) - - - - - - Defend against functions returning setof record where not all the - returned rows are actually of the same rowtype (Tom Lane) - - - - - - Fix possible failure when hashing a pass-by-reference function result - (Tao Ma, Tom Lane) - - - - - - Take care to fsync the contents of lockfiles (both - postmaster.pid and the socket lockfile) while writing them - (Tom Lane) - - - - This omission could result in corrupted lockfile contents if the - machine crashes shortly after postmaster start. That could in turn - prevent subsequent attempts to start the postmaster from succeeding, - until the lockfile is manually removed. - - - - - - Avoid recursion while assigning XIDs to heavily-nested - subtransactions (Andres Freund, Robert Haas) - - - - The original coding could result in a crash if there was limited - stack space. - - - - - - Fix log_line_prefix's %i escape, - which could produce junk early in backend startup (Tom Lane) - - - - - - Fix possible data corruption in ALTER TABLE ... SET - TABLESPACE when archiving is enabled (Jeff Davis) - - - - - - Allow CREATE DATABASE and ALTER DATABASE ... SET - TABLESPACE to be interrupted by query-cancel (Guillaume Lelarge) - - - - - - In PL/Python, defend against null pointer results from - PyCObject_AsVoidPtr and PyCObject_FromVoidPtr - (Peter Eisentraut) - - - - - - Improve contrib/dblink's handling of tables containing - dropped columns (Tom Lane) - - - - - - Fix connection leak after duplicate connection name - errors in contrib/dblink (Itagaki Takahiro) - - - - - - Fix contrib/dblink to handle connection names longer than - 62 bytes correctly (Itagaki Takahiro) - - - - - - Update build infrastructure and documentation to reflect the source code - repository's move from CVS to Git (Magnus Hagander and others) - - - - - - Update time zone data files to tzdata release 2010l - for DST law changes in Egypt and Palestine; also historical corrections - for Finland. - - - - This change also adds new names for two Micronesian timezones: - Pacific/Chuuk is now preferred over Pacific/Truk (and the preferred - abbreviation is CHUT not TRUT) and Pacific/Pohnpei is preferred over - Pacific/Ponape. - - - - - - - - - - Release 8.1.21 - - - Release date: - 2010-05-17 - - - - This release contains a variety of fixes from 8.1.20. - For information about new features in the 8.1 major release, see - . - - - - Migration to Version 8.1.21 - - - A dump/restore is not required for those running 8.1.X. - However, if you are upgrading from a version earlier than 8.1.18, - see . - - - - - - Changes - - - - - - Enforce restrictions in plperl using an opmask applied to - the whole interpreter, instead of using Safe.pm - (Tim Bunce, Andrew Dunstan) - - - - Recent developments have convinced us that Safe.pm is too - insecure to rely on for making plperl trustable. This - change removes use of Safe.pm altogether, in favor of using - a separate interpreter with an opcode mask that is always applied. - Pleasant side effects of the change include that it is now possible to - use Perl's strict pragma in a natural way in - plperl, and that Perl's $a and $b - variables work as expected in sort routines, and that function - compilation is significantly faster. (CVE-2010-1169) - - - - - - Prevent PL/Tcl from executing untrustworthy code from - pltcl_modules (Tom) - - - - PL/Tcl's feature for autoloading Tcl code from a database table - could be exploited for trojan-horse attacks, because there was no - restriction on who could create or insert into that table. This change - disables the feature unless pltcl_modules is owned by a - superuser. (However, the permissions on the table are not checked, so - installations that really need a less-than-secure modules table can - still grant suitable privileges to trusted non-superusers.) Also, - prevent loading code into the unrestricted normal Tcl - interpreter unless we are really going to execute a pltclu - function. (CVE-2010-1170) - - - - - - Do not allow an unprivileged user to reset superuser-only parameter - settings (Alvaro) - - - - Previously, if an unprivileged user ran ALTER USER ... RESET - ALL for himself, or ALTER DATABASE ... RESET ALL for - a database he owns, this would remove all special parameter settings - for the user or database, even ones that are only supposed to be - changeable by a superuser. Now, the ALTER will only - remove the parameters that the user has permission to change. - - - - - - Avoid possible crash during backend shutdown if shutdown occurs - when a CONTEXT addition would be made to log entries (Tom) - - - - In some cases the context-printing function would fail because the - current transaction had already been rolled back when it came time - to print a log message. - - - - - - Update PL/Perl's ppport.h for modern Perl versions - (Andrew) - - - - - - Fix assorted memory leaks in PL/Python (Andreas Freund, Tom) - - - - - - Prevent infinite recursion in psql when expanding - a variable that refers to itself (Tom) - - - - - - Ensure that contrib/pgstattuple functions respond to cancel - interrupts promptly (Tatsuhito Kasahara) - - - - - - Make server startup deal properly with the case that - shmget() returns EINVAL for an existing - shared memory segment (Tom) - - - - This behavior has been observed on BSD-derived kernels including macOS. - It resulted in an entirely-misleading startup failure complaining that - the shared memory request size was too large. - - - - - - Update time zone data files to tzdata release 2010j - for DST law changes in Argentina, Australian Antarctic, Bangladesh, - Mexico, Morocco, Pakistan, Palestine, Russia, Syria, Tunisia; - also historical corrections for Taiwan. - - - - - - - - - - Release 8.1.20 - - - Release date: - 2010-03-15 - - - - This release contains a variety of fixes from 8.1.19. - For information about new features in the 8.1 major release, see - . - - - - Migration to Version 8.1.20 - - - A dump/restore is not required for those running 8.1.X. - However, if you are upgrading from a version earlier than 8.1.18, - see . - - - - - - Changes - - - - - - Add new configuration parameter ssl_renegotiation_limit to - control how often we do session key renegotiation for an SSL connection - (Magnus) - - - - This can be set to zero to disable renegotiation completely, which may - be required if a broken SSL library is used. In particular, some - vendors are shipping stopgap patches for CVE-2009-3555 that cause - renegotiation attempts to fail. - - - - - - Fix possible crashes when trying to recover from a failure in - subtransaction start (Tom) - - - - - - Fix server memory leak associated with use of savepoints and a client - encoding different from server's encoding (Tom) - - - - - - Make substring() for bit types treat any negative - length as meaning all the rest of the string (Tom) - - - - The previous coding treated only -1 that way, and would produce an - invalid result value for other negative values, possibly leading to - a crash (CVE-2010-0442). - - - - - - Fix integer-to-bit-string conversions to handle the first fractional - byte correctly when the output bit width is wider than the given - integer by something other than a multiple of 8 bits (Tom) - - - - - - Fix some cases of pathologically slow regular expression matching (Tom) - - - - - - Fix the STOP WAL LOCATION entry in backup history files to - report the next WAL segment's name when the end location is exactly at a - segment boundary (Itagaki Takahiro) - - - - - - Fix some more cases of temporary-file leakage (Heikki) - - - - This corrects a problem introduced in the previous minor release. - One case that failed is when a plpgsql function returning set is - called within another function's exception handler. - - - - - - When reading pg_hba.conf and related files, do not treat - @something as a file inclusion request if the @ - appears inside quote marks; also, never treat @ by itself - as a file inclusion request (Tom) - - - - This prevents erratic behavior if a role or database name starts with - @. If you need to include a file whose path name - contains spaces, you can still do so, but you must write - @"/path to/file" rather than putting the quotes around - the whole construct. - - - - - - Prevent infinite loop on some platforms if a directory is named as - an inclusion target in pg_hba.conf and related files - (Tom) - - - - - - Fix psql's numericlocale option to not - format strings it shouldn't in latex and troff output formats (Heikki) - - - - - - Fix plpgsql failure in one case where a composite column is set to NULL - (Tom) - - - - - - Add volatile markings in PL/Python to avoid possible - compiler-specific misbehavior (Zdenek Kotala) - - - - - - Ensure PL/Tcl initializes the Tcl interpreter fully (Tom) - - - - The only known symptom of this oversight is that the Tcl - clock command misbehaves if using Tcl 8.5 or later. - - - - - - Prevent crash in contrib/dblink when too many key - columns are specified to a dblink_build_sql_* function - (Rushabh Lathia, Joe Conway) - - - - - - Fix assorted crashes in contrib/xml2 caused by sloppy - memory management (Tom) - - - - - - Update time zone data files to tzdata release 2010e - for DST law changes in Bangladesh, Chile, Fiji, Mexico, Paraguay, Samoa. - - - - - - - - - - Release 8.1.19 - - - Release date: - 2009-12-14 - - - - This release contains a variety of fixes from 8.1.18. - For information about new features in the 8.1 major release, see - . - - - - Migration to Version 8.1.19 - - - A dump/restore is not required for those running 8.1.X. - However, if you are upgrading from a version earlier than 8.1.18, - see . - - - - - - Changes - - - - - - Protect against indirect security threats caused by index functions - changing session-local state (Gurjeet Singh, Tom) - - - - This change prevents allegedly-immutable index functions from possibly - subverting a superuser's session (CVE-2009-4136). - - - - - - Reject SSL certificates containing an embedded null byte in the common - name (CN) field (Magnus) - - - - This prevents unintended matching of a certificate to a server or client - name during SSL validation (CVE-2009-4034). - - - - - - Fix possible crash during backend-startup-time cache initialization (Tom) - - - - - - Prevent signals from interrupting VACUUM at unsafe times - (Alvaro) - - - - This fix prevents a PANIC if a VACUUM FULL is canceled - after it's already committed its tuple movements, as well as transient - errors if a plain VACUUM is interrupted after having - truncated the table. - - - - - - Fix possible crash due to integer overflow in hash table size - calculation (Tom) - - - - This could occur with extremely large planner estimates for the size of - a hashjoin's result. - - - - - - Fix very rare crash in inet/cidr comparisons (Chris - Mikkelson) - - - - - - Ensure that shared tuple-level locks held by prepared transactions are - not ignored (Heikki) - - - - - - Fix premature drop of temporary files used for a cursor that is accessed - within a subtransaction (Heikki) - - - - - - Fix PAM password processing to be more robust (Tom) - - - - The previous code is known to fail with the combination of the Linux - pam_krb5 PAM module with Microsoft Active Directory as the - domain controller. It might have problems elsewhere too, since it was - making unjustified assumptions about what arguments the PAM stack would - pass to it. - - - - - - Fix processing of ownership dependencies during CREATE OR - REPLACE FUNCTION (Tom) - - - - - - Ensure that Perl arrays are properly converted to - PostgreSQL arrays when returned by a set-returning - PL/Perl function (Andrew Dunstan, Abhijit Menon-Sen) - - - - This worked correctly already for non-set-returning functions. - - - - - - Fix rare crash in exception processing in PL/Python (Peter) - - - - - - Ensure psql's flex module is compiled with the correct - system header definitions (Tom) - - - - This fixes build failures on platforms where - --enable-largefile causes incompatible changes in the - generated code. - - - - - - Make the postmaster ignore any application_name parameter in - connection request packets, to improve compatibility with future libpq - versions (Tom) - - - - - - Update time zone data files to tzdata release 2009s - for DST law changes in Antarctica, Argentina, Bangladesh, Fiji, - Novokuznetsk, Pakistan, Palestine, Samoa, Syria; also historical - corrections for Hong Kong. - - - - - - - - - - Release 8.1.18 - - - Release date: - 2009-09-09 - - - - This release contains a variety of fixes from 8.1.17. - For information about new features in the 8.1 major release, see - . - - - - Migration to Version 8.1.18 - - - A dump/restore is not required for those running 8.1.X. - However, if you have any hash indexes on interval columns, - you must REINDEX them after updating to 8.1.18. - Also, if you are upgrading from a version earlier than 8.1.15, - see . - - - - - - Changes - - - - - - Disallow RESET ROLE and RESET SESSION - AUTHORIZATION inside security-definer functions (Tom, Heikki) - - - - This covers a case that was missed in the previous patch that - disallowed SET ROLE and SET SESSION - AUTHORIZATION inside security-definer functions. - (See CVE-2007-6600) - - - - - - Fix handling of sub-SELECTs appearing in the arguments of - an outer-level aggregate function (Tom) - - - - - - Fix hash calculation for data type interval (Tom) - - - - This corrects wrong results for hash joins on interval values. - It also changes the contents of hash indexes on interval columns. - If you have any such indexes, you must REINDEX them - after updating. - - - - - - Treat to_char(..., 'TH') as an uppercase ordinal - suffix with 'HH'/'HH12' (Heikki) - - - - It was previously handled as 'th' (lowercase). - - - - - - Fix overflow for INTERVAL 'x ms' - when x is more than 2 million and integer - datetimes are in use (Alex Hunsaker) - - - - - - Fix calculation of distance between a point and a line segment (Tom) - - - - This led to incorrect results from a number of geometric operators. - - - - - - Fix money data type to work in locales where currency - amounts have no fractional digits, e.g. Japan (Itagaki Takahiro) - - - - - - Properly round datetime input like - 00:12:57.9999999999999999999999999999 (Tom) - - - - - - Fix poor choice of page split point in GiST R-tree operator classes - (Teodor) - - - - - - Fix portability issues in plperl initialization (Andrew Dunstan) - - - - - - Fix pg_ctl to not go into an infinite loop if - postgresql.conf is empty (Jeff Davis) - - - - - - Fix contrib/xml2's xslt_process() to - properly handle the maximum number of parameters (twenty) (Tom) - - - - - - Improve robustness of libpq's code to recover - from errors during COPY FROM STDIN (Tom) - - - - - - Avoid including conflicting readline and editline header files - when both libraries are installed (Zdenek Kotala) - - - - - - Update time zone data files to tzdata release 2009l - for DST law changes in Bangladesh, Egypt, Jordan, Pakistan, - Argentina/San_Luis, Cuba, Jordan (historical correction only), - Mauritius, Morocco, Palestine, Syria, Tunisia. - - - - - - - - - - Release 8.1.17 - - - Release date: - 2009-03-16 - - - - This release contains a variety of fixes from 8.1.16. - For information about new features in the 8.1 major release, see - . - - - - Migration to Version 8.1.17 - - - A dump/restore is not required for those running 8.1.X. - However, if you are upgrading from a version earlier than 8.1.15, - see . - - - - - - Changes - - - - - - Prevent error recursion crashes when encoding conversion fails (Tom) - - - - This change extends fixes made in the last two minor releases for - related failure scenarios. The previous fixes were narrowly tailored - for the original problem reports, but we have now recognized that - any error thrown by an encoding conversion function could - potentially lead to infinite recursion while trying to report the - error. The solution therefore is to disable translation and encoding - conversion and report the plain-ASCII form of any error message, - if we find we have gotten into a recursive error reporting situation. - (CVE-2009-0922) - - - - - - Disallow CREATE CONVERSION with the wrong encodings - for the specified conversion function (Heikki) - - - - This prevents one possible scenario for encoding conversion failure. - The previous change is a backstop to guard against other kinds of - failures in the same area. - - - - - - Fix core dump when to_char() is given format codes that - are inappropriate for the type of the data argument (Tom) - - - - - - Fix decompilation of CASE WHEN with an implicit coercion - (Tom) - - - - This mistake could lead to Assert failures in an Assert-enabled build, - or an unexpected CASE WHEN clause error message in other - cases, when trying to examine or dump a view. - - - - - - Fix possible misassignment of the owner of a TOAST table's rowtype (Tom) - - - - If CLUSTER or a rewriting variant of ALTER TABLE - were executed by someone other than the table owner, the - pg_type entry for the table's TOAST table would end up - marked as owned by that someone. This caused no immediate problems, - since the permissions on the TOAST rowtype aren't examined by any - ordinary database operation. However, it could lead to unexpected - failures if one later tried to drop the role that issued the command - (in 8.1 or 8.2), or owner of data type appears to be invalid - warnings from pg_dump after having done so (in 8.3). - - - - - - Clean up PL/pgSQL error status variables fully at block exit - (Ashesh Vashi and Dave Page) - - - - This is not a problem for PL/pgSQL itself, but the omission could cause - the PL/pgSQL Debugger to crash while examining the state of a function. - - - - - - Add MUST (Mauritius Island Summer Time) to the default list - of known timezone abbreviations (Xavier Bugaud) - - - - - - - - - - Release 8.1.16 - - - Release date: - 2009-02-02 - - - - This release contains a variety of fixes from 8.1.15. - For information about new features in the 8.1 major release, see - . - - - - Migration to Version 8.1.16 - - - A dump/restore is not required for those running 8.1.X. - However, if you are upgrading from a version earlier than 8.1.15, - see . - - - - - - Changes - - - - - - Fix crash in autovacuum (Alvaro) - - - - The crash occurs only after vacuuming a whole database for - anti-transaction-wraparound purposes, which means that it occurs - infrequently and is hard to track down. - - - - - - Improve handling of URLs in headline() function (Teodor) - - - - - - Improve handling of overlength headlines in headline() - function (Teodor) - - - - - - Prevent possible Assert failure or misconversion if an encoding - conversion is created with the wrong conversion function for the - specified pair of encodings (Tom, Heikki) - - - - - - Avoid unnecessary locking of small tables in VACUUM - (Heikki) - - - - - - Ensure that the contents of a holdable cursor don't depend on the - contents of TOAST tables (Tom) - - - - Previously, large field values in a cursor result might be represented - as TOAST pointers, which would fail if the referenced table got dropped - before the cursor is read, or if the large value is deleted and then - vacuumed away. This cannot happen with an ordinary cursor, - but it could with a cursor that is held past its creating transaction. - - - - - - Fix uninitialized variables in contrib/tsearch2's - get_covers() function (Teodor) - - - - - - Fix configure script to properly report failure when - unable to obtain linkage information for PL/Perl (Andrew) - - - - - - Make all documentation reference pgsql-bugs and/or - pgsql-hackers as appropriate, instead of the - now-decommissioned pgsql-ports and pgsql-patches - mailing lists (Tom) - - - - - - Update time zone data files to tzdata release 2009a (for - Kathmandu and historical DST corrections in Switzerland, Cuba) - - - - - - - - - - Release 8.1.15 - - - Release date: - 2008-11-03 - - - - This release contains a variety of fixes from 8.1.14. - For information about new features in the 8.1 major release, see - . - - - - Migration to Version 8.1.15 - - - A dump/restore is not required for those running 8.1.X. - However, if you are upgrading from a version earlier than 8.1.2, - see . Also, if you were running a previous - 8.1.X release, it is recommended to REINDEX all GiST - indexes after the upgrade. - - - - - - Changes - - - - - - Fix GiST index corruption due to marking the wrong index entry - dead after a deletion (Teodor) - - - - This would result in index searches failing to find rows they - should have found. Corrupted indexes can be fixed with - REINDEX. - - - - - - Fix backend crash when the client encoding cannot represent a localized - error message (Tom) - - - - We have addressed similar issues before, but it would still fail if - the character has no equivalent message itself couldn't - be converted. The fix is to disable localization and send the plain - ASCII error message when we detect such a situation. - - - - - - Fix possible crash when deeply nested functions are invoked from - a trigger (Tom) - - - - - - Fix mis-expansion of rule queries when a sub-SELECT appears - in a function call in FROM, a multi-row VALUES - list, or a RETURNING list (Tom) - - - - The usual symptom of this problem is an unrecognized node type - error. - - - - - - Ensure an error is reported when a newly-defined PL/pgSQL trigger - function is invoked as a normal function (Tom) - - - - - - Prevent possible collision of relfilenode numbers - when moving a table to another tablespace with ALTER SET - TABLESPACE (Heikki) - - - - The command tried to re-use the existing filename, instead of - picking one that is known unused in the destination directory. - - - - - - Fix incorrect tsearch2 headline generation when single query - item matches first word of text (Sushant Sinha) - - - - - - Fix improper display of fractional seconds in interval values when - using a non-ISO datestyle in an - build (Ron Mayer) - - - - - - Ensure SPI_getvalue and SPI_getbinval - behave correctly when the passed tuple and tuple descriptor have - different numbers of columns (Tom) - - - - This situation is normal when a table has had columns added or removed, - but these two functions didn't handle it properly. - The only likely consequence is an incorrect error indication. - - - - - - Fix ecpg's parsing of CREATE ROLE (Michael) - - - - - - Fix recent breakage of pg_ctl restart (Tom) - - - - - - Update time zone data files to tzdata release 2008i (for - DST law changes in Argentina, Brazil, Mauritius, Syria) - - - - - - - - - - Release 8.1.14 - - - Release date: - 2008-09-22 - - - - This release contains a variety of fixes from 8.1.13. - For information about new features in the 8.1 major release, see - . - - - - Migration to Version 8.1.14 - - - A dump/restore is not required for those running 8.1.X. - However, if you are upgrading from a version earlier than 8.1.2, - see . - - - - - - Changes - - - - - - Widen local lock counters from 32 to 64 bits (Tom) - - - - This responds to reports that the counters could overflow in - sufficiently long transactions, leading to unexpected lock is - already held errors. - - - - - - Fix possible duplicate output of tuples during a GiST index scan (Teodor) - - - - - - Add checks in executor startup to ensure that the tuples produced by an - INSERT or UPDATE will match the target table's - current rowtype (Tom) - - - - ALTER COLUMN TYPE, followed by re-use of a previously - cached plan, could produce this type of situation. The check protects - against data corruption and/or crashes that could ensue. - - - - - - Fix AT TIME ZONE to first try to interpret its timezone - argument as a timezone abbreviation, and only try it as a full timezone - name if that fails, rather than the other way around as formerly (Tom) - - - - The timestamp input functions have always resolved ambiguous zone names - in this order. Making AT TIME ZONE do so as well improves - consistency, and fixes a compatibility bug introduced in 8.1: - in ambiguous cases we now behave the same as 8.0 and before did, - since in the older versions AT TIME ZONE accepted - only abbreviations. - - - - - - Fix datetime input functions to correctly detect integer overflow when - running on a 64-bit platform (Tom) - - - - - - Improve performance of writing very long log messages to syslog (Tom) - - - - - - Fix bug in backwards scanning of a cursor on a SELECT DISTINCT - ON query (Tom) - - - - - - Fix planner bug with nested sub-select expressions (Tom) - - - - If the outer sub-select has no direct dependency on the parent query, - but the inner one does, the outer value might not get recalculated - for new parent query rows. - - - - - - Fix planner to estimate that GROUP BY expressions yielding - boolean results always result in two groups, regardless of the - expressions' contents (Tom) - - - - This is very substantially more accurate than the regular GROUP - BY estimate for certain boolean tests like col - IS NULL. - - - - - - Fix PL/pgSQL to not fail when a FOR loop's target variable - is a record containing composite-type fields (Tom) - - - - - - Fix PL/Tcl to behave correctly with Tcl 8.5, and to be more careful - about the encoding of data sent to or from Tcl (Tom) - - - - - - Fix PL/Python to work with Python 2.5 - - - - This is a back-port of fixes made during the 8.2 development cycle. - - - - - - Improve pg_dump and pg_restore's - error reporting after failure to send a SQL command (Tom) - - - - - - Fix pg_ctl to properly preserve postmaster - command-line arguments across a restart (Bruce) - - - - - - Update time zone data files to tzdata release 2008f (for - DST law changes in Argentina, Bahamas, Brazil, Mauritius, Morocco, - Pakistan, Palestine, and Paraguay) - - - - - - - - - - Release 8.1.13 - - - Release date: - 2008-06-12 - - - - This release contains one serious and one minor bug fix over 8.1.12. - For information about new features in the 8.1 major release, see - . - - - - Migration to Version 8.1.13 - - - A dump/restore is not required for those running 8.1.X. - However, if you are upgrading from a version earlier than 8.1.2, - see . - - - - - - Changes - - - - - - Make pg_get_ruledef() parenthesize negative constants (Tom) - - - - Before this fix, a negative constant in a view or rule might be dumped - as, say, -42::integer, which is subtly incorrect: it should - be (-42)::integer due to operator precedence rules. - Usually this would make little difference, but it could interact with - another recent patch to cause - PostgreSQL to reject what had been a valid - SELECT DISTINCT view query. Since this could result in - pg_dump output failing to reload, it is being treated - as a high-priority fix. The only released versions in which dump - output is actually incorrect are 8.3.1 and 8.2.7. - - - - - - Make ALTER AGGREGATE ... OWNER TO update - pg_shdepend (Tom) - - - - This oversight could lead to problems if the aggregate was later - involved in a DROP OWNED or REASSIGN OWNED - operation. - - - - - - - - - - Release 8.1.12 - - - Release date: - never released - - - - This release contains a variety of fixes from 8.1.11. - For information about new features in the 8.1 major release, see - . - - - - Migration to Version 8.1.12 - - - A dump/restore is not required for those running 8.1.X. - However, if you are upgrading from a version earlier than 8.1.2, - see . - - - - - - Changes - - - - - - Fix ALTER TABLE ADD COLUMN ... PRIMARY KEY so that the new - column is correctly checked to see if it's been initialized to all - non-nulls (Brendan Jurd) - - - - Previous versions neglected to check this requirement at all. - - - - - - Fix possible CREATE TABLE failure when inheriting the - same constraint from multiple parent relations that - inherited that constraint from a common ancestor (Tom) - - - - - - Fix conversions between ISO-8859-5 and other encodings to handle - Cyrillic Yo characters (e and E with - two dots) (Sergey Burladyan) - - - - - - Fix a few datatype input functions - that were allowing unused bytes in their results to contain - uninitialized, unpredictable values (Tom) - - - - This could lead to failures in which two apparently identical literal - values were not seen as equal, resulting in the parser complaining - about unmatched ORDER BY and DISTINCT - expressions. - - - - - - Fix a corner case in regular-expression substring matching - (substring(string from - pattern)) (Tom) - - - - The problem occurs when there is a match to the pattern overall but - the user has specified a parenthesized subexpression and that - subexpression hasn't got a match. An example is - substring('foo' from 'foo(bar)?'). - This should return NULL, since (bar) isn't matched, but - it was mistakenly returning the whole-pattern match instead (ie, - foo). - - - - - - Update time zone data files to tzdata release 2008c (for - DST law changes in Morocco, Iraq, Choibalsan, Pakistan, Syria, Cuba, - Argentina/San_Luis, and Chile) - - - - - - Fix incorrect result from ecpg's - PGTYPEStimestamp_sub() function (Michael) - - - - - - Fix core dump in contrib/xml2's - xpath_table() function when the input query returns a - NULL value (Tom) - - - - - - Fix contrib/xml2's makefile to not override - CFLAGS (Tom) - - - - - - Fix DatumGetBool macro to not fail with gcc - 4.3 (Tom) - - - - This problem affects old style (V0) C functions that - return boolean. The fix is already in 8.3, but the need to - back-patch it was not realized at the time. - - - - - - Fix longstanding LISTEN/NOTIFY - race condition (Tom) - - - - In rare cases a session that had just executed a - LISTEN might not get a notification, even though - one would be expected because the concurrent transaction executing - NOTIFY was observed to commit later. - - - - A side effect of the fix is that a transaction that has executed - a not-yet-committed LISTEN command will not see any - row in pg_listener for the LISTEN, - should it choose to look; formerly it would have. This behavior - was never documented one way or the other, but it is possible that - some applications depend on the old behavior. - - - - - - Disallow LISTEN and UNLISTEN within a - prepared transaction (Tom) - - - - This was formerly allowed but trying to do it had various unpleasant - consequences, notably that the originating backend could not exit - as long as an UNLISTEN remained uncommitted. - - - - - - Fix rare crash when an error occurs during a query using a hash index - (Heikki) - - - - - - Fix input of datetime values for February 29 in years BC (Tom) - - - - The former coding was mistaken about which years were leap years. - - - - - - Fix unrecognized node type error in some variants of - ALTER OWNER (Tom) - - - - - - Fix pg_ctl to correctly extract the postmaster's port - number from command-line options (Itagaki Takahiro, Tom) - - - - Previously, pg_ctl start -w could try to contact the - postmaster on the wrong port, leading to bogus reports of startup - failure. - - - - - - Use to defend against possible misoptimization - in recent gcc versions (Tom) - - - - This is known to be necessary when building PostgreSQL - with gcc 4.3 or later. - - - - - - Fix display of constant expressions in ORDER BY - and GROUP BY (Tom) - - - - An explicitly casted constant would be shown incorrectly. This could - for example lead to corruption of a view definition during - dump and reload. - - - - - - Fix libpq to handle NOTICE messages correctly - during COPY OUT (Tom) - - - - This failure has only been observed to occur when a user-defined - datatype's output routine issues a NOTICE, but there is no - guarantee it couldn't happen due to other causes. - - - - - - - - - - Release 8.1.11 - - - Release date: - 2008-01-07 - - - - This release contains a variety of fixes from 8.1.10, - including fixes for significant security issues. - For information about new features in the 8.1 major release, see - . - - - - This is the last 8.1.X release for which the PostgreSQL - community will produce binary packages for Windows. - Windows users are encouraged to move to 8.2.X or later, - since there are Windows-specific fixes in 8.2.X that - are impractical to back-port. 8.1.X will continue to - be supported on other platforms. - - - - Migration to Version 8.1.11 - - - A dump/restore is not required for those running 8.1.X. - However, if you are upgrading from a version earlier than 8.1.2, - see . - - - - - - Changes - - - - - - Prevent functions in indexes from executing with the privileges of - the user running VACUUM, ANALYZE, etc (Tom) - - - - Functions used in index expressions and partial-index - predicates are evaluated whenever a new table entry is made. It has - long been understood that this poses a risk of trojan-horse code - execution if one modifies a table owned by an untrustworthy user. - (Note that triggers, defaults, check constraints, etc. pose the - same type of risk.) But functions in indexes pose extra danger - because they will be executed by routine maintenance operations - such as VACUUM FULL, which are commonly performed - automatically under a superuser account. For example, a nefarious user - can execute code with superuser privileges by setting up a - trojan-horse index definition and waiting for the next routine vacuum. - The fix arranges for standard maintenance operations - (including VACUUM, ANALYZE, REINDEX, - and CLUSTER) to execute as the table owner rather than - the calling user, using the same privilege-switching mechanism already - used for SECURITY DEFINER functions. To prevent bypassing - this security measure, execution of SET SESSION - AUTHORIZATION and SET ROLE is now forbidden within a - SECURITY DEFINER context. (CVE-2007-6600) - - - - - - Repair assorted bugs in the regular-expression package (Tom, Will Drewry) - - - - Suitably crafted regular-expression patterns could cause crashes, - infinite or near-infinite looping, and/or massive memory consumption, - all of which pose denial-of-service hazards for applications that - accept regex search patterns from untrustworthy sources. - (CVE-2007-4769, CVE-2007-4772, CVE-2007-6067) - - - - - - Require non-superusers who use /contrib/dblink to use only - password authentication, as a security measure (Joe) - - - - The fix that appeared for this in 8.1.10 was incomplete, as it plugged - the hole for only some dblink functions. (CVE-2007-6601, - CVE-2007-3278) - - - - - - Update time zone data files to tzdata release 2007k - (in particular, recent Argentina changes) (Tom) - - - - - - Improve planner's handling of LIKE/regex estimation in non-C locales - (Tom) - - - - - - Fix planner failure in some cases of WHERE false AND var IN - (SELECT ...) (Tom) - - - - - - Preserve the tablespace of indexes that are - rebuilt by ALTER TABLE ... ALTER COLUMN TYPE (Tom) - - - - - - Make archive recovery always start a new WAL timeline, rather than only - when a recovery stop time was used (Simon) - - - - This avoids a corner-case risk of trying to overwrite an existing - archived copy of the last WAL segment, and seems simpler and cleaner - than the original definition. - - - - - - Make VACUUM not use all of maintenance_work_mem - when the table is too small for it to be useful (Alvaro) - - - - - - Fix potential crash in translate() when using a multibyte - database encoding (Tom) - - - - - - Fix overflow in extract(epoch from interval) for intervals - exceeding 68 years (Tom) - - - - - - Fix PL/Perl to not fail when a UTF-8 regular expression is used - in a trusted function (Andrew) - - - - - - Fix PL/Perl to cope when platform's Perl defines type bool - as int rather than char (Tom) - - - - While this could theoretically happen anywhere, no standard build of - Perl did things this way ... until macOS 10.5. - - - - - - Fix PL/Python to not crash on long exception messages (Alvaro) - - - - - - Fix pg_dump to correctly handle inheritance child tables - that have default expressions different from their parent's (Tom) - - - - - - Fix libpq crash when PGPASSFILE refers - to a file that is not a plain file (Martin Pitt) - - - - - - ecpg parser fixes (Michael) - - - - - - Make contrib/pgcrypto defend against - OpenSSL libraries that fail on keys longer than 128 - bits; which is the case at least on some Solaris versions (Marko Kreen) - - - - - - Make contrib/tablefunc's crosstab() handle - NULL rowid as a category in its own right, rather than crashing (Joe) - - - - - - Fix tsvector and tsquery output routines to - escape backslashes correctly (Teodor, Bruce) - - - - - - Fix crash of to_tsvector() on huge input strings (Teodor) - - - - - - Require a specific version of Autoconf to be used - when re-generating the configure script (Peter) - - - - This affects developers and packagers only. The change was made - to prevent accidental use of untested combinations of - Autoconf and PostgreSQL versions. - You can remove the version check if you really want to use a - different Autoconf version, but it's - your responsibility whether the result works or not. - - - - - - - - - - Release 8.1.10 - - - Release date: - 2007-09-17 - - - - This release contains a variety of fixes from 8.1.9. - For information about new features in the 8.1 major release, see - . - - - - Migration to Version 8.1.10 - - - A dump/restore is not required for those running 8.1.X. - However, if you are upgrading from a version earlier than 8.1.2, - see . - - - - - - Changes - - - - - - Prevent index corruption when a transaction inserts rows and - then aborts close to the end of a concurrent VACUUM - on the same table (Tom) - - - - - - Make CREATE DOMAIN ... DEFAULT NULL work properly (Tom) - - - - - - Allow the interval data type to accept input consisting only of - milliseconds or microseconds (Neil) - - - - - - Speed up rtree index insertion (Teodor) - - - - - - Fix excessive logging of SSL error messages (Tom) - - - - - - Fix logging so that log messages are never interleaved when using - the syslogger process (Andrew) - - - - - - Fix crash when log_min_error_statement logging runs out - of memory (Tom) - - - - - - Fix incorrect handling of some foreign-key corner cases (Tom) - - - - - - Prevent REINDEX and CLUSTER from failing - due to attempting to process temporary tables of other sessions (Alvaro) - - - - - - Update the time zone database rules, particularly New Zealand's upcoming changes (Tom) - - - - - - Windows socket improvements (Magnus) - - - - - - Suppress timezone name (%Z) in log timestamps on Windows - because of possible encoding mismatches (Tom) - - - - - - Require non-superusers who use /contrib/dblink to use only - password authentication, as a security measure (Joe) - - - - - - - - - - Release 8.1.9 - - - Release date: - 2007-04-23 - - - - This release contains a variety of fixes from 8.1.8, - including a security fix. - For information about new features in the 8.1 major release, see - . - - - - Migration to Version 8.1.9 - - - A dump/restore is not required for those running 8.1.X. - However, if you are upgrading from a version earlier than 8.1.2, - see . - - - - - - Changes - - - - - - Support explicit placement of the temporary-table schema within - search_path, and disable searching it for functions - and operators (Tom) - - - This is needed to allow a security-definer function to set a - truly secure value of search_path. Without it, - an unprivileged SQL user can use temporary objects to execute code - with the privileges of the security-definer function (CVE-2007-2138). - See CREATE FUNCTION for more information. - - - - - - /contrib/tsearch2 crash fixes (Teodor) - - - - - - Require COMMIT PREPARED to be executed in the same - database as the transaction was prepared in (Heikki) - - - - - - Fix potential-data-corruption bug in how VACUUM FULL handles - UPDATE chains (Tom, Pavan Deolasee) - - - - - - Planner fixes, including improving outer join and bitmap scan - selection logic (Tom) - - - - - - Fix PANIC during enlargement of a hash index (bug introduced in 8.1.6) - (Tom) - - - - - - Fix POSIX-style timezone specs to follow new USA DST rules (Tom) - - - - - - - - - - Release 8.1.8 - - - Release date: - 2007-02-07 - - - - This release contains one fix from 8.1.7. - For information about new features in the 8.1 major release, see - . - - - - Migration to Version 8.1.8 - - - A dump/restore is not required for those running 8.1.X. - However, if you are upgrading from a version earlier than 8.1.2, - see . - - - - - - Changes - - - - - - Remove overly-restrictive check for type length in constraints and - functional indexes(Tom) - - - - - - - - - - Release 8.1.7 - - - Release date: - 2007-02-05 - - - - This release contains a variety of fixes from 8.1.6, including - a security fix. - For information about new features in the 8.1 major release, see - . - - - - Migration to Version 8.1.7 - - - A dump/restore is not required for those running 8.1.X. - However, if you are upgrading from a version earlier than 8.1.2, - see . - - - - - - Changes - - - - - - Remove security vulnerabilities that allowed connected users - to read backend memory (Tom) - - - The vulnerabilities involve suppressing the normal check that a SQL - function returns the data type it's declared to, and changing the - data type of a table column (CVE-2007-0555, CVE-2007-0556). These - errors can easily be exploited to cause a backend crash, and in - principle might be used to read database content that the user - should not be able to access. - - - - - - Fix rare bug wherein btree index page splits could fail - due to choosing an infeasible split point (Heikki Linnakangas) - - - - - - Improve VACUUM performance for databases with many tables (Tom) - - - - - - Fix autovacuum to avoid leaving non-permanent transaction IDs in - non-connectable databases (Alvaro) - - - - This bug affects the 8.1 branch only. - - - - - - Fix for rare Assert() crash triggered by UNION (Tom) - - - - - - Tighten security of multi-byte character processing for UTF8 sequences - over three bytes long (Tom) - - - - - - Fix bogus permission denied failures occurring on Windows - due to attempts to fsync already-deleted files (Magnus, Tom) - - - - - - Fix possible crashes when an already-in-use PL/pgSQL function is - updated (Tom) - - - - - - - - - - Release 8.1.6 - - - Release date: - 2007-01-08 - - - - This release contains a variety of fixes from 8.1.5. - For information about new features in the 8.1 major release, see - . - - - - Migration to Version 8.1.6 - - - A dump/restore is not required for those running 8.1.X. - However, if you are upgrading from a version earlier than 8.1.2, - see . - - - - - - Changes - - - - - - Improve handling of getaddrinfo() on AIX (Tom) - - - - This fixes a problem with starting the statistics collector, - among other things. - - - - - - Fix pg_restore to handle a tar-format backup - that contains large objects (blobs) with comments (Tom) - - - - - - Fix failed to re-find parent key errors in - VACUUM (Tom) - - - - - - Clean out pg_internal.init cache files during server - restart (Simon) - - - - This avoids a hazard that the cache files might contain stale - data after PITR recovery. - - - - - - Fix race condition for truncation of a large relation across a - gigabyte boundary by VACUUM (Tom) - - - - - - Fix bug causing needless deadlock errors on row-level locks (Tom) - - - - - - Fix bugs affecting multi-gigabyte hash indexes (Tom) - - - - - - Fix possible deadlock in Windows signal handling (Teodor) - - - - - - Fix error when constructing an ARRAY[] made up of multiple - empty elements (Tom) - - - - - - Fix ecpg memory leak during connection (Michael) - - - - - - Fix for macOS (Darwin) compilation (Tom) - - - - - - to_number() and to_char(numeric) - are now STABLE, not IMMUTABLE, for - new initdb installs (Tom) - - - - This is because lc_numeric can potentially - change the output of these functions. - - - - - - Improve index usage of regular expressions that use parentheses (Tom) - - - - This improves psql \d performance also. - - - - - - Update timezone database - - - - This affects Australian and Canadian daylight-savings rules in - particular. - - - - - - - - - - Release 8.1.5 - - - Release date: - 2006-10-16 - - - - This release contains a variety of fixes from 8.1.4. - For information about new features in the 8.1 major release, see - . - - - - Migration to Version 8.1.5 - - - A dump/restore is not required for those running 8.1.X. - However, if you are upgrading from a version earlier than 8.1.2, - see . - - - - - - Changes - - -Disallow aggregate functions in UPDATE -commands, except within sub-SELECTs (Tom) -The behavior of such an aggregate was unpredictable, and in 8.1.X -could cause a crash, so it has been disabled. The SQL standard does not allow -this either. -Fix core dump when an untyped literal is taken as -ANYARRAY -Fix core dump in duration logging for extended query protocol -when a COMMIT or ROLLBACK is -executed -Fix mishandling of AFTER triggers when query contains a SQL -function returning multiple rows (Tom) -Fix ALTER TABLE ... TYPE to recheck -NOT NULL for USING clause (Tom) -Fix string_to_array() to handle overlapping - matches for the separator string -For example, string_to_array('123xx456xxx789', 'xx'). - -Fix to_timestamp() for -AM/PM formats (Bruce) -Fix autovacuum's calculation that decides whether - ANALYZE is needed (Alvaro) -Fix corner cases in pattern matching for - psql's \d commands -Fix index-corrupting bugs in /contrib/ltree - (Teodor) -Numerous robustness fixes in ecpg (Joachim -Wieland) -Fix backslash escaping in /contrib/dbmirror -Minor fixes in /contrib/dblink and /contrib/tsearch2 - -Efficiency improvements in hash tables and bitmap index scans -(Tom) -Fix instability of statistics collection on Windows (Tom, Andrew) -Fix statement_timeout to use the proper -units on Win32 (Bruce) -In previous Win32 8.1.X versions, the delay was off by a factor of -100. -Fixes for MSVC and Borland C++ -compilers (Hiroshi Saito) -Fixes for AIX and -Intel compilers (Tom) -Fix rare bug in continuous archiving (Tom) - - - - - - - Release 8.1.4 - - - Release date: - 2006-05-23 - - - - This release contains a variety of fixes from 8.1.3, - including patches for extremely serious security issues. - For information about new features in the 8.1 major release, see - . - - - - Migration to Version 8.1.4 - - - A dump/restore is not required for those running 8.1.X. - However, if you are upgrading from a version earlier than 8.1.2, - see . - - - - Full security against the SQL-injection attacks described in - CVE-2006-2313 and CVE-2006-2314 might require changes in application - code. If you have applications that embed untrustworthy strings - into SQL commands, you should examine them as soon as possible to - ensure that they are using recommended escaping techniques. In - most cases, applications should be using subroutines provided by - libraries or drivers (such as libpq's - PQescapeStringConn()) to perform string escaping, - rather than relying on ad hoc code to do it. - - - - - Changes - - -Change the server to reject invalidly-encoded multibyte -characters in all cases (Tatsuo, Tom) -While PostgreSQL has been moving in this direction for -some time, the checks are now applied uniformly to all encodings and all -textual input, and are now always errors not merely warnings. This change -defends against SQL-injection attacks of the type described in CVE-2006-2313. - - -Reject unsafe uses of \' in string literals -As a server-side defense against SQL-injection attacks of the type -described in CVE-2006-2314, the server now only accepts '' and not -\' as a representation of ASCII single quote in SQL string -literals. By default, \' is rejected only when -client_encoding is set to a client-only encoding (SJIS, BIG5, GBK, -GB18030, or UHC), which is the scenario in which SQL injection is possible. -A new configuration parameter backslash_quote is available to -adjust this behavior when needed. Note that full security against -CVE-2006-2314 might require client-side changes; the purpose of -backslash_quote is in part to make it obvious that insecure -clients are insecure. - - -Modify libpq's string-escaping routines to be -aware of encoding considerations and -standard_conforming_strings -This fixes libpq-using applications for the security -issues described in CVE-2006-2313 and CVE-2006-2314, and also future-proofs -them against the planned changeover to SQL-standard string literal syntax. -Applications that use multiple PostgreSQL connections -concurrently should migrate to PQescapeStringConn() and -PQescapeByteaConn() to ensure that escaping is done correctly -for the settings in use in each database connection. Applications that -do string escaping by hand should be modified to rely on library -routines instead. - - -Fix weak key selection in pgcrypto (Marko Kreen) -Errors in fortuna PRNG reseeding logic could cause a predictable -session key to be selected by pgp_sym_encrypt() in some cases. -This only affects non-OpenSSL-using builds. - - -Fix some incorrect encoding conversion functions -win1251_to_iso, win866_to_iso, -euc_tw_to_big5, euc_tw_to_mic, -mic_to_euc_tw were all broken to varying -extents. - - -Clean up stray remaining uses of \' in strings -(Bruce, Jan) - -Make autovacuum visible in pg_stat_activity -(Alvaro) - -Disable full_page_writes (Tom) -In certain cases, having full_page_writes off would cause -crash recovery to fail. A proper fix will appear in 8.2; for now it's just -disabled. - - -Various planner fixes, particularly for bitmap index scans and -MIN/MAX optimization (Tom) - -Fix incorrect optimization in merge join (Tom) -Outer joins could sometimes emit multiple copies of unmatched rows. - - -Fix crash from using and modifying a plpgsql function in the -same transaction - -Fix WAL replay for case where a B-Tree index has been -truncated - -Fix SIMILAR TO for patterns involving -| (Tom) - -Fix SELECT INTO and CREATE TABLE AS to -create tables in the default tablespace, not the base directory (Kris -Jurka) - -Fix server to use custom DH SSL parameters correctly (Michael -Fuhr) - -Improve qsort performance (Dann Corbit) -Currently this code is only used on Solaris. - - -Fix for OS/X Bonjour on x86 systems (Ashley Clark) - -Fix various minor memory leaks - -Fix problem with password prompting on some Win32 systems -(Robert Kinberg) - -Improve pg_dump's handling of default values -for domains - -Fix pg_dumpall to handle identically-named -users and groups reasonably (only possible when dumping from a pre-8.1 server) -(Tom) -The user and group will be merged into a single role with -LOGIN permission. Formerly the merged role wouldn't have -LOGIN permission, making it unusable as a user. - - -Fix pg_restore -n to work as -documented (Tom) - - - - - - - Release 8.1.3 - - - Release date: - 2006-02-14 - - - - This release contains a variety of fixes from 8.1.2, - including one very serious security issue. - For information about new features in the 8.1 major release, see - . - - - - Migration to Version 8.1.3 - - - A dump/restore is not required for those running 8.1.X. - However, if you are upgrading from a version earlier than 8.1.2, - see . - - - - - Changes - - - -Fix bug that allowed any logged-in user to SET -ROLE to any other database user id (CVE-2006-0553) -Due to inadequate validity checking, a user could exploit the special -case that SET ROLE normally uses to restore the previous role -setting after an error. This allowed ordinary users to acquire superuser -status, for example. -The escalation-of-privilege risk exists only in 8.1.0-8.1.2. -However, in all releases back to 7.3 there is a related bug in SET -SESSION AUTHORIZATION that allows unprivileged users to crash the server, -if it has been compiled with Asserts enabled (which is not the default). -Thanks to Akio Ishida for reporting this problem. - - -Fix bug with row visibility logic in self-inserted -rows (Tom) -Under rare circumstances a row inserted by the current command -could be seen as already valid, when it should not be. Repairs bug -created in 8.0.4, 7.4.9, and 7.3.11 releases. - - -Fix race condition that could lead to file already -exists errors during pg_clog and pg_subtrans file creation -(Tom) - -Fix cases that could lead to crashes if a cache-invalidation -message arrives at just the wrong time (Tom) - -Properly check DOMAIN constraints for -UNKNOWN parameters in prepared statements -(Neil) - -Ensure ALTER COLUMN TYPE will process -FOREIGN KEY, UNIQUE, and PRIMARY KEY -constraints in the proper order (Nakano Yoshihisa) - -Fixes to allow restoring dumps that have cross-schema -references to custom operators or operator classes (Tom) - -Allow pg_restore to continue properly after a -COPY failure; formerly it tried to treat the remaining -COPY data as SQL commands (Stephen Frost) - -Fix pg_ctl unregister crash -when the data directory is not specified (Magnus) - -Fix libpq PQprint HTML tags -(Christoph Zwerschke) - -Fix ecpg crash on AMD64 and PPC -(Neil) - -Allow SETOF and %TYPE to be used -together in function result type declarations - -Recover properly if error occurs during argument passing -in PL/Python (Neil) - -Fix memory leak in plperl_return_next -(Neil) - -Fix PL/Perl's handling of locales on -Win32 to match the backend (Andrew) - -Various optimizer fixes (Tom) - -Fix crash when log_min_messages is set to -DEBUG3 or above in postgresql.conf on Win32 -(Bruce) - -Fix pgxs -L library path -specification for Win32, Cygwin, macOS, AIX (Bruce) - -Check that SID is enabled while checking for Win32 admin -privileges (Magnus) - -Properly reject out-of-range date inputs (Kris -Jurka) - -Portability fix for testing presence of finite -and isinf during configure (Tom) - -Improve speed of COPY IN via libpq, by -avoiding a kernel call per data line (Alon Goldshuv) - -Improve speed of /contrib/tsearch2 index -creation (Tom) - - - - - - - - Release 8.1.2 - - - Release date: - 2006-01-09 - - - - This release contains a variety of fixes from 8.1.1. - For information about new features in the 8.1 major release, see - . - - - - Migration to Version 8.1.2 - - - A dump/restore is not required for those running 8.1.X. - However, you might need to REINDEX indexes on textual - columns after updating, if you are affected by the locale or - plperl issues described below. - - - - - Changes - - - -Fix Windows code so that postmaster will continue rather -than exit if there is no more room in ShmemBackendArray (Magnus) -The previous behavior could lead to a denial-of-service situation if too -many connection requests arrive close together. This applies -only to the Windows port. - -Fix bug introduced in 8.0 that could allow ReadBuffer -to return an already-used page as new, potentially causing loss of -recently-committed data (Tom) - -Fix for protocol-level Describe messages issued -outside a transaction or in a failed transaction (Tom) - -Fix character string comparison for locales that consider -different character combinations as equal, such as Hungarian (Tom) -This might require REINDEX to fix existing indexes on -textual columns. - -Set locale environment variables during postmaster startup -to ensure that plperl won't change the locale later -This fixes a problem that occurred if the postmaster was -started with environment variables specifying a different locale than what -initdb had been told. Under these conditions, any use of -plperl was likely to lead to corrupt indexes. You might need -REINDEX to fix existing indexes on -textual columns if this has happened to you. - -Allow more flexible relocation of installation -directories (Tom) -Previous releases supported relocation only if all installation -directory paths were the same except for the last component. - -Prevent crashes caused by the use of -ISO-8859-5 and ISO-8859-9 encodings -(Tatsuo) - -Fix longstanding bug in strpos() and regular expression -handling in certain rarely used Asian multi-byte character sets (Tatsuo) - - -Fix bug where COPY CSV mode considered any -\. to terminate the copy data The new code -requires \. to appear alone on a line, as per -documentation. - -Make COPY CSV mode quote a literal data value of -\. to ensure it cannot be interpreted as the -end-of-data marker (Bruce) - -Various fixes for functions returning RECORDs -(Tom) - -Fix processing of postgresql.conf so a -final line with no newline is processed properly (Tom) - - -Fix bug in /contrib/pgcrypto gen_salt, -which caused it not to use all available salt space for MD5 and -XDES algorithms (Marko Kreen, Solar Designer) -Salts for Blowfish and standard DES are unaffected. - -Fix autovacuum crash when processing expression indexes - - -Fix /contrib/dblink to throw an error, -rather than crashing, when the number of columns specified is different from -what's actually returned by the query (Joe) - - - - - - - - Release 8.1.1 - - - Release date: - 2005-12-12 - - - - This release contains a variety of fixes from 8.1.0. - For information about new features in the 8.1 major release, see - . - - - - Migration to Version 8.1.1 - - - A dump/restore is not required for those running 8.1.X. - - - - - Changes - - -Fix incorrect optimizations of outer-join conditions -(Tom) - -Fix problems with wrong reported column names in cases -involving sub-selects flattened by the optimizer (Tom) - -Fix update failures in scenarios involving CHECK constraints, -toasted columns, and indexes (Tom) - -Fix bgwriter problems after recovering from errors -(Tom) - -The background writer was found to leak buffer pins after write errors. -While not fatal in itself, this might lead to mysterious blockages of -later VACUUM commands. - - - -Prevent failure if client sends Bind protocol message -when current transaction is already aborted - -/contrib/tsearch2 and /contrib/ltree -fixes (Teodor) - -Fix problems with translated error messages in -languages that require word reordering, such as Turkish; also problems with -unexpected truncation of output strings and wrong display of the smallest -possible bigint value (Andrew, Tom) - -These problems only appeared on platforms that were using our -port/snprintf.c code, which includes BSD variants if ---enable-nls was given, and perhaps others. In addition, -a different form of the translated-error-message problem could appear -on Windows depending on which version of libintl was used. - - -Re-allow AM/PM, HH, -HH12, and D format specifiers for -to_char(time) and to_char(interval). -(to_char(interval) should probably use -HH24.) (Bruce) - -AIX, HPUX, and MSVC compile fixes (Tom, Hiroshi -Saito) - -Optimizer improvements (Tom) - -Retry file reads and writes after Windows -NO_SYSTEM_RESOURCES error (Qingqing Zhou) - -Prevent autovacuum from crashing during -ANALYZE of expression index (Alvaro) - -Fix problems with ON COMMIT DELETE ROWS temp -tables - -Fix problems when a trigger alters the output of a SELECT -DISTINCT query - -Add 8.1.0 release note item on how to migrate invalid -UTF-8 byte sequences (Paul Lindner) - - - - - - - Release 8.1 - - - Release date: - 2005-11-08 - - - - Overview - - - Major changes in this release: - - - - - - - Improve concurrent access to the shared buffer cache (Tom) - - - - - Access to the shared buffer cache was identified as a - significant scalability problem, particularly on multi-CPU - systems. In this release, the way that locking is done in the - buffer manager has been overhauled to reduce lock contention - and improve scalability. The buffer manager has also been - changed to use a clock sweep replacement - policy. - - - - - - - Allow index scans to use an intermediate in-memory bitmap (Tom) - - - - - In previous releases, only a single index could be used to do - lookups on a table. With this feature, if a query has - WHERE tab.col1 = 4 and tab.col2 = 9, and there is - no multicolumn index on col1 and col2, - but there is an index on col1 and another on - col2, it is possible to search both indexes and - combine the results in memory, then do heap fetches for only - the rows matching both the col1 and - col2 restrictions. This is very useful in - environments that have a lot of unstructured queries where it - is impossible to create indexes that match all possible access - conditions. Bitmap scans are useful even with a single index, - as they reduce the amount of random access needed; a bitmap - index scan is efficient for retrieving fairly large fractions - of the complete table, whereas plain index scans are not. - - - - - - - Add two-phase commit (Heikki Linnakangas, Alvaro, Tom) - - - - - Two-phase commit allows transactions to be "prepared" on several - computers, and once all computers have successfully prepared - their transactions (none failed), all transactions can be - committed. Even if a machine crashes after a prepare, the - prepared transaction can be committed after the machine is - restarted. New syntax includes PREPARE TRANSACTION and - COMMIT/ROLLBACK PREPARED. A new system view - pg_prepared_xacts has also been added. - - - - - - - Create a new role system that replaces users and groups - (Stephen Frost) - - - - - Roles are a combination of users and groups. Like users, they - can have login capability, and like groups, a role can have - other roles as members. Roles basically remove the distinction - between users and groups. For example, a role can: - - - - - - - Have login capability (optionally) - - - - - - Own objects - - - - - - Hold access permissions for database objects - - - - - - Inherit permissions from other roles it is a member of - - - - - - Once a user logs into a role, she obtains capabilities of - the login role plus any inherited roles, and can use - SET ROLE to switch to other roles she is a member of. - This feature is a generalization of the SQL standard's concept of - roles. - This change also replaces pg_shadow and - pg_group by new role-capable catalogs - pg_authid and pg_auth_members. The old - tables are redefined as read-only views on the new role tables. - - - - - - - Automatically use indexes for MIN() and - MAX() (Tom) - - - - - In previous releases, the only way to use an index for - MIN() or MAX() was to rewrite the - query as SELECT col FROM tab ORDER BY col LIMIT 1. - Index usage now happens automatically. - - - - - - - Move /contrib/pg_autovacuum into the main server - (Alvaro) - - - - - Integrating autovacuum into the server allows it to be - automatically started and stopped in sync with the database - server, and allows autovacuum to be configured from - postgresql.conf. - - - - - - - Add shared row level locks using SELECT ... FOR SHARE - (Alvaro) - - - - - While PostgreSQL's MVCC locking - allows SELECT to never be blocked by writers and - therefore does not need shared row locks for typical operations, - shared locks are useful for applications that require shared row - locking. In particular this reduces the locking requirements - imposed by referential integrity checks. - - - - - - - Add dependencies on shared objects, specifically roles - (Alvaro) - - - - - This extension of the dependency mechanism prevents roles from - being dropped while there are still database objects they own. - Formerly it was possible to accidentally orphan objects by - deleting their owner. While this could be recovered from, it - was messy and unpleasant. - - - - - - - Improve performance for partitioned tables (Simon) - - - - - The new constraint_exclusion configuration - parameter avoids lookups on child tables where constraints indicate - that no matching rows exist in the child table. - - - This allows for a basic type of table partitioning. If child tables - store separate key ranges and this is enforced using appropriate - CHECK constraints, the optimizer will skip child - table accesses when the constraint guarantees no matching rows - exist in the child table. - - - - - - - - - Migration to Version 8.1 - - - A dump/restore using pg_dump is required - for those wishing to migrate data from any previous release. - - - - The 8.0 release announced that the to_char() function - for intervals would be removed in 8.1. However, since no better API - has been suggested, to_char(interval) has been enhanced in - 8.1 and will remain in the server. - - - - Observe the following incompatibilities: - - - - - - - add_missing_from is now false by default (Neil) - - - By default, we now generate an error if a table is used in a query - without a FROM reference. The old behavior is still - available, but the parameter must be set to 'true' to obtain it. - - - - It might be necessary to set add_missing_from to true - in order to load an existing dump file, if the dump contains any - views or rules created using the implicit-FROM syntax. - This should be a one-time annoyance, because - PostgreSQL 8.1 will convert - such views and rules to standard explicit-FROM syntax. - Subsequent dumps will therefore not have the problem. - - - - - - Cause input of a zero-length string ('') for - float4/float8/oid - to throw an error, rather than treating it as a zero (Neil) - - - This change is consistent with the current handling of - zero-length strings for integers. The schedule for this change - was announced in 8.0. - - - - - - default_with_oids is now false by default (Neil) - - - With this option set to false, user-created tables no longer - have an OID column unless WITH OIDS is specified in - CREATE TABLE. Though OIDs have existed in all - releases of PostgreSQL, their use is limited - because they are only four bytes long and the counter is shared - across all installed databases. The preferred way of uniquely - identifying rows is via sequences and the SERIAL type, - which have been supported since PostgreSQL 6.4. - - - - - - Add E'' syntax so eventually ordinary strings can - treat backslashes literally (Bruce) - - - Currently PostgreSQL processes a - backslash in a string literal as introducing a special escape sequence, - e.g. \n or \010. - While this allows easy entry of special values, it is - nonstandard and makes porting of applications from other - databases more difficult. For this reason, the - PostgreSQL project is planning to - remove the special meaning of backslashes in strings. For - backward compatibility and for users who want special backslash - processing, a new string syntax has been created. This new string - syntax is formed by writing an E immediately preceding the - single quote that starts the string, e.g. E'hi\n'. While - this release does not change the handling of backslashes in strings, it - does add new configuration parameters to help users migrate applications - for future releases: - - - - - - standard_conforming_strings — does this release - treat backslashes literally in ordinary strings? - - - - - - escape_string_warning — warn about backslashes in - ordinary (non-E) strings - - - - - - - The standard_conforming_strings value is read-only. - Applications can retrieve the value to know how backslashes are - processed. (Presence of the parameter can also be taken as an - indication that E'' string syntax is supported.) - In a future release, standard_conforming_strings - will be true, meaning backslashes will be treated literally in - non-E strings. To prepare for this change, use E'' - strings in places that need special backslash processing, and - turn on escape_string_warning to find additional - strings that need to be converted to use E''. - Also, use two single-quotes ('') to embed a literal - single-quote in a string, rather than the - PostgreSQL-supported syntax of - backslash single-quote (\'). The former is - standards-conforming and does not require the use of the - E'' string syntax. You can also use the - $$ string syntax, which does not treat backslashes - specially. - - - - - - Make REINDEX DATABASE reindex all indexes in the - database (Tom) - - - Formerly, REINDEX DATABASE reindexed only - system tables. This new behavior seems more intuitive. A new - command REINDEX SYSTEM provides the old functionality - of reindexing just the system tables. - - - - - - Read-only large object descriptors now obey MVCC snapshot semantics - - - When a large object is opened with INV_READ (and not - INV_WRITE), the data read from the descriptor will now - reflect a snapshot of the large object's state at the - time of the transaction snapshot in use by the query that called - lo_open(). To obtain the old behavior of always - returning the latest committed data, include INV_WRITE - in the mode flags for lo_open(). - - - - - - Add proper dependencies for arguments of sequence functions (Tom) - - - In previous releases, sequence names passed to nextval(), - currval(), and setval() were stored as - simple text strings, meaning that renaming or dropping a - sequence used in a DEFAULT clause made the clause - invalid. This release stores all newly-created sequence function - arguments as internal OIDs, allowing them to track sequence - renaming, and adding dependency information that prevents - improper sequence removal. It also makes such DEFAULT - clauses immune to schema renaming and search path changes. - - - Some applications might rely on the old behavior of - run-time lookup for sequence names. This can still be done by - explicitly casting the argument to text, for example - nextval('myseq'::text). - - - Pre-8.1 database dumps loaded into 8.1 will use the old text-based - representation and therefore will not have the features of - OID-stored arguments. However, it is possible to update a - database containing text-based DEFAULT clauses. - First, save this query into a file, such as fixseq.sql: - -SELECT 'ALTER TABLE ' || - pg_catalog.quote_ident(n.nspname) || '.' || - pg_catalog.quote_ident(c.relname) || - ' ALTER COLUMN ' || pg_catalog.quote_ident(a.attname) || - ' SET DEFAULT ' || - regexp_replace(d.adsrc, - $$val\(\(('[^']*')::text\)::regclass$$, - $$val(\1$$, - 'g') || - ';' -FROM pg_namespace n, pg_class c, pg_attribute a, pg_attrdef d -WHERE n.oid = c.relnamespace AND - c.oid = a.attrelid AND - a.attrelid = d.adrelid AND - a.attnum = d.adnum AND - d.adsrc ~ $$val\(\('[^']*'::text\)::regclass$$; - - Next, run the query against a database to find what - adjustments are required, like this for database db1: - -psql -t -f fixseq.sql db1 - - This will show the ALTER TABLE commands needed to - convert the database to the newer OID-based representation. - If the commands look reasonable, run this to update the database: - -psql -t -f fixseq.sql db1 | psql -e db1 - - This process must be repeated in each database to be updated. - - - - - - In psql, treat unquoted - \{digit}+ sequences as octal (Bruce) - - - In previous releases, \{digit}+ sequences were - treated as decimal, and only \0{digit}+ were treated - as octal. This change was made for consistency. - - - - - - Remove grammar productions for prefix and postfix % - and ^ operators - (Tom) - - - These have never been documented and complicated the use of the - modulus operator (%) with negative numbers. - - - - - - Make &< and &> for polygons - consistent with the box "over" operators (Tom) - - - - - - CREATE LANGUAGE can ignore the provided arguments - in favor of information from pg_pltemplate - (Tom) - - - A new system catalog pg_pltemplate has been defined - to carry information about the preferred definitions of procedural - languages (such as whether they have validator functions). When - an entry exists in this catalog for the language being created, - CREATE LANGUAGE will ignore all its parameters except the - language name and instead use the catalog information. This measure - was taken because of increasing problems with obsolete language - definitions being loaded by old dump files. As of 8.1, - pg_dump will dump procedural language definitions as - just CREATE LANGUAGE name, relying - on a template entry to exist at load time. We expect this will be a - more future-proof representation. - - - - - - Make pg_cancel_backend(int) return a - boolean rather than an integer (Neil) - - - - - - Some users are having problems loading UTF-8 data into 8.1.X. - This is because previous versions allowed invalid UTF-8 byte - sequences to be entered into the database, and this release - properly accepts only valid UTF-8 sequences. One way to correct a - dumpfile is to run the command iconv -c -f UTF-8 -t - UTF-8 -o cleanfile.sql dumpfile.sql. The -c option - removes invalid character sequences. A diff of the two files will - show the sequences that are invalid. iconv reads the - entire input file into memory so it might be necessary to use - split to break up the dump into multiple smaller - files for processing. - - - - - - - - Additional Changes - - - Below you will find a detailed account of the additional changes - between PostgreSQL 8.1 and the - previous major release. - - - - Performance Improvements - - - - - Improve GiST and R-tree index performance (Neil) - - - - - - Improve the optimizer, including auto-resizing of hash joins - (Tom) - - - - - - Overhaul internal API in several areas - - - - - - Change WAL record CRCs from 64-bit to 32-bit (Tom) - - - We determined that the extra cost of computing 64-bit CRCs was - significant, and the gain in reliability too marginal to justify it. - - - - - - Prevent writing large empty gaps in WAL pages (Tom) - - - - - - Improve spinlock behavior on SMP machines, particularly Opterons (Tom) - - - - - - Allow nonconsecutive index columns to be used in a multicolumn - index (Tom) - - - For example, this allows an index on columns a,b,c to be used in - a query with WHERE a = 4 and c = 10. - - - - - - Skip WAL logging for CREATE TABLE AS / - SELECT INTO (Simon) - - - Since a crash during CREATE TABLE AS would cause the - table to be dropped during recovery, there is no reason to WAL - log as the table is loaded. (Logging still happens if WAL - archiving is enabled, however.) - - - - - - Allow concurrent GiST index access (Teodor, Oleg) - - - - - - Add configuration parameter full_page_writes to - control writing full pages to WAL (Bruce) - - - To prevent partial disk writes from corrupting the database, - PostgreSQL writes a complete copy of - each database disk page to WAL the first time it is modified - after a checkpoint. This option turns off that functionality for more - speed. This is safe to use with battery-backed disk caches where - partial page writes cannot happen. - - - - - - Use O_DIRECT if available when using - O_SYNC for wal_sync_method - (Itagaki Takahiro) - - - O_DIRECT causes disk writes to bypass the kernel - cache, and for WAL writes, this improves performance. - - - - - - Improve COPY FROM performance (Alon Goldshuv) - - - This was accomplished by reading COPY input in - larger chunks, rather than character by character. - - - - - - Improve the performance of COUNT(), - SUM, AVG(), - STDDEV(), and - VARIANCE() (Neil, Tom) - - - - - - - Server Changes - - - - - Prevent problems due to transaction ID (XID) wraparound (Tom) - - - The server will now warn when the transaction counter approaches - the wraparound point. If the counter becomes too close to wraparound, - the server will stop accepting queries. This ensures that data is - not lost before needed vacuuming is performed. - - - - - - Fix problems with object IDs (OIDs) conflicting with existing system - objects after the OID counter has wrapped around (Tom) - - - - - - Add warning about the need to increase - max_fsm_relations and max_fsm_pages - during VACUUM (Ron Mayer) - - - - - - Add temp_buffers configuration parameter to allow - users to determine the size of the local buffer area for - temporary table access (Tom) - - - - - - Add session start time and client IP address to - pg_stat_activity (Magnus) - - - - - - Adjust pg_stat views for bitmap scans (Tom) - - - The meanings of some of the fields have changed slightly. - - - - - - Enhance pg_locks view (Tom) - - - - - - Log queries for client-side PREPARE and - EXECUTE (Simon) - - - - - - Allow Kerberos name and user name case sensitivity to be - specified in postgresql.conf (Magnus) - - - - - - Add configuration parameter krb_server_hostname so - that the server host name can be specified as part of service - principal (Todd Kover) - - - If not set, any service principal matching an entry in the - keytab can be used. This is new Kerberos matching behavior in - this release. - - - - - - Add log_line_prefix options for millisecond - timestamps (%m) and remote host (%h) (Ed - L.) - - - - - - Add WAL logging for GiST indexes (Teodor, Oleg) - - - GiST indexes are now safe for crash and point-in-time recovery. - - - - - - Remove old *.backup files when we do - pg_stop_backup() (Bruce) - - - This prevents a large number of *.backup files from - existing in pg_xlog/. - - - - - - Add configuration parameters to control TCP/IP keep-alive - times for idle, interval, and count (Oliver Jowett) - - - - These values can be changed to allow more rapid detection of - lost client connections. - - - - - - Add per-user and per-database connection limits (Petr Jelinek) - - - Using ALTER USER and ALTER DATABASE, - limits can now be enforced on the maximum number of sessions that - can concurrently connect as a specific user or to a specific database. - Setting the limit to zero disables user or database connections. - - - - - - Allow more than two gigabytes of shared memory and per-backend - work memory on 64-bit machines (Koichi Suzuki) - - - - - - New system catalog pg_pltemplate allows overriding - obsolete procedural-language definitions in dump files (Tom) - - - - - - - - - Query Changes - - - - - Add temporary views (Koju Iijima, Neil) - - - - - - Fix HAVING without any aggregate functions or - GROUP BY so that the query returns a single group (Tom) - - - Previously, such a case would treat the HAVING - clause the same as a WHERE clause. This was not per spec. - - - - - - Add USING clause to allow additional tables to be - specified to DELETE (Euler Taveira de Oliveira, Neil) - - - In prior releases, there was no clear method for specifying - additional tables to be used for joins in a DELETE - statement. UPDATE already has a FROM - clause for this purpose. - - - - - - Add support for \x hex escapes in backend and ecpg - strings (Bruce) - - - This is just like the standard C \x escape syntax. - Octal escapes were already supported. - - - - - - Add BETWEEN SYMMETRIC query syntax (Pavel Stehule) - - - This feature allows BETWEEN comparisons without - requiring the first value to be less than the second. For - example, 2 BETWEEN [ASYMMETRIC] 3 AND 1 returns - false, while 2 BETWEEN SYMMETRIC 3 AND 1 returns - true. BETWEEN ASYMMETRIC was already supported. - - - - - - Add NOWAIT option to SELECT ... FOR - UPDATE/SHARE (Hans-Juergen Schoenig) - - - While the statement_timeout configuration - parameter allows a query taking more than a certain amount of - time to be canceled, the NOWAIT option allows a - query to be canceled as soon as a SELECT ... FOR - UPDATE/SHARE command cannot immediately acquire a row lock. - - - - - - - - Object Manipulation Changes - - - - - Track dependencies of shared objects (Alvaro) - - - PostgreSQL allows global tables - (users, databases, tablespaces) to reference information in - multiple databases. This addition adds dependency information - for global tables, so, for example, user ownership can be - tracked across databases, so a user who owns something in any - database can no longer be removed. Dependency tracking already - existed for database-local objects. - - - - - - Allow limited ALTER OWNER commands to be performed - by the object owner (Stephen Frost) - - - Prior releases allowed only superusers to change object owners. - Now, ownership can be transferred if the user executing the command - owns the object and would be able to create it as the new owner - (that is, the user is a member of the new owning role and that role - has the CREATE permission that would be needed to create the object - afresh). - - - - - - Add ALTER object SET SCHEMA capability - for some object types (tables, functions, types) (Bernd Helmle) - - - This allows objects to be moved to different schemas. - - - - - - Add ALTER TABLE ENABLE/DISABLE TRIGGER to - disable triggers (Satoshi Nagayasu) - - - - - - - - - Utility Command Changes - - - - - Allow TRUNCATE to truncate multiple tables in a - single command (Alvaro) - - - Because of referential integrity checks, it is not allowed to - truncate a table that is part of a referential integrity - constraint. Using this new functionality, TRUNCATE - can be used to truncate such tables, if both tables involved in - a referential integrity constraint are truncated in a single - TRUNCATE command. - - - - - - Properly process carriage returns and line feeds in - COPY CSV mode (Andrew) - - - In release 8.0, carriage returns and line feeds in CSV - COPY TO were processed in an inconsistent manner. (This was - documented on the TODO list.) - - - - - - Add COPY WITH CSV HEADER to allow a header line as - the first line in COPY (Andrew) - - - This allows handling of the common CSV usage of - placing the column names on the first line of the data file. For - COPY TO, the first line contains the column names, - and for COPY FROM, the first line is ignored. - - - - - - On Windows, display better sub-second precision in - EXPLAIN ANALYZE (Magnus) - - - - - - Add trigger duration display to EXPLAIN ANALYZE - (Tom) - - - Prior releases included trigger execution time as part of the - total execution time, but did not show it separately. It is now - possible to see how much time is spent in each trigger. - - - - - - Add support for \x hex escapes in COPY - (Sergey Ten) - - - Previous releases only supported octal escapes. - - - - - - Make SHOW ALL include variable descriptions - (Matthias Schmidt) - - - SHOW varname still only displays the variable's - value and does not include the description. - - - - - - Make initdb create a new standard - database called postgres, and convert utilities to - use postgres rather than template1 for - standard lookups (Dave) - - - In prior releases, template1 was used both as a - default connection for utilities like - createuser, and as a template for - new databases. This caused CREATE DATABASE to - sometimes fail, because a new database cannot be created if - anyone else is in the template database. With this change, the - default connection database is now postgres, - meaning it is much less likely someone will be using - template1 during CREATE DATABASE. - - - - - - Create new reindexdb command-line - utility by moving /contrib/reindexdb into the - server (Euler Taveira de Oliveira) - - - - - - - - - Data Type and Function Changes - - - - - Add MAX() and MIN() aggregates for - array types (Koju Iijima) - - - - - - Fix to_date() and to_timestamp() to - behave reasonably when CC and YY fields - are both used (Karel Zak) - - - If the format specification contains CC and a year - specification is YYY or longer, ignore the - CC. If the year specification is YY or - shorter, interpret CC as the previous century. - - - - - - Add md5(bytea) (Abhijit Menon-Sen) - - - md5(text) already existed. - - - - - - Add support for numeric ^ numeric based on - power(numeric, numeric) - - - The function already existed, but there was no operator assigned - to it. - - - - - - Fix NUMERIC modulus by properly truncating the quotient - during computation (Bruce) - - - In previous releases, modulus for large values sometimes - returned negative results due to rounding of the quotient. - - - - - - Add a function lastval() (Dennis Björklund) - - - lastval() is a simplified version of - currval(). It automatically determines the proper - sequence name based on the most recent nextval() or - setval() call performed by the current session. - - - - - - Add to_timestamp(DOUBLE PRECISION) (Michael Glaesemann) - - - Converts Unix seconds since 1970 to a TIMESTAMP WITH - TIMEZONE. - - - - - - Add pg_postmaster_start_time() function (Euler - Taveira de Oliveira, Matthias Schmidt) - - - - - - Allow the full use of time zone names in AT TIME - ZONE, not just the short list previously available (Magnus) - - - Previously, only a predefined list of time zone names were - supported by AT TIME ZONE. Now any supported time - zone name can be used, e.g.: - -SELECT CURRENT_TIMESTAMP AT TIME ZONE 'Europe/London'; - - In the above query, the time zone used is adjusted based on the - daylight saving time rules that were in effect on the supplied - date. - - - - - - Add GREATEST() and LEAST() variadic - functions (Pavel Stehule) - - - These functions take a variable number of arguments and return - the greatest or least value among the arguments. - - - - - - Add pg_column_size() (Mark Kirkwood) - - - This returns storage size of a column, which might be compressed. - - - - - - Add regexp_replace() (Atsushi Ogawa) - - - This allows regular expression replacement, like sed. An optional - flag argument allows selection of global (replace all) and - case-insensitive modes. - - - - - - Fix interval division and multiplication (Bruce) - - - Previous versions sometimes returned unjustified results, like - '4 months'::interval / 5 returning '1 mon - -6 days'. - - - - - - Fix roundoff behavior in timestamp, time, and interval output (Tom) - - - This fixes some cases in which the seconds field would be shown as - 60 instead of incrementing the higher-order fields. - - - - - - Add a separate day field to type interval so a one day - interval can be distinguished from a 24 hour interval (Michael - Glaesemann) - - - Days that contain a daylight saving time adjustment are not 24 - hours long, but typically 23 or 25 hours. This change creates a - conceptual distinction between intervals of so many days - and intervals of so many hours. Adding - 1 day to a timestamp now gives the same local time on - the next day even if a daylight saving time adjustment occurs - between, whereas adding 24 hours will give a different - local time when this happens. For example, under US DST rules: - -'2005-04-03 00:00:00-05' + '1 day' = '2005-04-04 00:00:00-04' -'2005-04-03 00:00:00-05' + '24 hours' = '2005-04-04 01:00:00-04' - - - - - - - Add justify_days() and justify_hours() - (Michael Glaesemann) - - - These functions, respectively, adjust days to an appropriate - number of full months and days, and adjust hours to an - appropriate number of full days and hours. - - - - - - Move /contrib/dbsize into the backend, and rename - some of the functions (Dave Page, Andreas Pflug) - - - - - - - pg_tablespace_size() - - - - - - pg_database_size() - - - - - - pg_relation_size() - - - - - - pg_total_relation_size() - - - - - - pg_size_pretty() - - - - - - - pg_total_relation_size() includes indexes and TOAST - tables. - - - - - - Add functions for read-only file access to the cluster directory - (Dave Page, Andreas Pflug) - - - - - - - pg_stat_file() - - - - - - pg_read_file() - - - - - - pg_ls_dir() - - - - - - - - - - Add pg_reload_conf() to force reloading of the - configuration files (Dave Page, Andreas Pflug) - - - - - - Add pg_rotate_logfile() to force rotation of the - server log file (Dave Page, Andreas Pflug) - - - - - - Change pg_stat_* views to include TOAST tables (Tom) - - - - - - - - - Encoding and Locale Changes - - - - - Rename some encodings to be more consistent and to follow - international standards (Bruce) - - - - - - - UNICODE is now UTF8 - - - - - - ALT is now WIN866 - - - - - - WIN is now WIN1251 - - - - - - TCVN is now WIN1258 - - - - - - - - The original names still work. - - - - - - Add support for WIN1252 encoding (Roland Volkmann) - - - - - - Add support for four-byte UTF8 characters (John - Hansen) - - - Previously only one, two, and three-byte UTF8 characters - were supported. This is particularly important for support for - some Chinese character sets. - - - - - - Allow direct conversion between EUC_JP and - SJIS to improve performance (Atsushi Ogawa) - - - - - - Allow the UTF8 encoding to work on Windows (Magnus) - - - This is done by mapping UTF8 to the Windows-native UTF16 - implementation. - - - - - - - - - General Server-Side Language Changes - - - - - Fix ALTER LANGUAGE RENAME (Sergey Yatskevich) - - - - - - Allow function characteristics, like strictness and volatility, - to be modified via ALTER FUNCTION (Neil) - - - - - - Increase the maximum number of function arguments to 100 (Tom) - - - - - - Allow SQL and PL/pgSQL functions to use OUT and - INOUT parameters (Tom) - - - OUT is an alternate way for a function to return - values. Instead of using RETURN, values can be - returned by assigning to parameters declared as OUT or - INOUT. This is notationally simpler in some cases, - particularly so when multiple values need to be returned. - While returning multiple values from a function - was possible in previous releases, this greatly simplifies the - process. (The feature will be extended to other server-side - languages in future releases.) - - - - - - Move language handler functions into the pg_catalog schema - - - This makes it easier to drop the public schema if desired. - - - - - - Add SPI_getnspname() to SPI (Neil) - - - - - - - - PL/pgSQL Server-Side Language Changes - - - - - Overhaul the memory management of PL/pgSQL functions (Neil) - - - The parsetree of each function is now stored in a separate - memory context. This allows this memory to be easily reclaimed - when it is no longer needed. - - - - - - Check function syntax at CREATE FUNCTION time, - rather than at runtime (Neil) - - - Previously, most syntax errors were reported only when the - function was executed. - - - - - - Allow OPEN to open non-SELECT queries - like EXPLAIN and SHOW (Tom) - - - - - - No longer require functions to issue a RETURN - statement (Tom) - - - This is a byproduct of the newly added OUT and - INOUT functionality. RETURN can - be omitted when it is not needed to provide the function's - return value. - - - - - - Add support for an optional INTO clause to - PL/pgSQL's EXECUTE statement (Pavel Stehule, Neil) - - - - - - Make CREATE TABLE AS set ROW_COUNT (Tom) - - - - - - Define SQLSTATE and SQLERRM to return - the SQLSTATE and error message of the current - exception (Pavel Stehule, Neil) - - - These variables are only defined inside exception blocks. - - - - - - Allow the parameters to the RAISE statement to be - expressions (Pavel Stehule, Neil) - - - - - - Add a loop CONTINUE statement (Pavel Stehule, Neil) - - - - - - Allow block and loop labels (Pavel Stehule) - - - - - - - - - PL/Perl Server-Side Language Changes - - - - - Allow large result sets to be returned efficiently (Abhijit - Menon-Sen) - - - This allows functions to use return_next() to avoid - building the entire result set in memory. - - - - - - Allow one-row-at-a-time retrieval of query results (Abhijit Menon-Sen) - - - This allows functions to use spi_query() and - spi_fetchrow() to avoid accumulating the entire - result set in memory. - - - - - - Force PL/Perl to handle strings as UTF8 if the - server encoding is UTF8 (David Kamholz) - - - - - - Add a validator function for PL/Perl (Andrew) - - - This allows syntax errors to be reported at definition time, - rather than execution time. - - - - - - Allow PL/Perl to return a Perl array when the function returns - an array type (Andrew) - - - This basically maps PostgreSQL arrays - to Perl arrays. - - - - - - Allow Perl nonfatal warnings to generate NOTICE - messages (Andrew) - - - - - - Allow Perl's strict mode to be enabled (Andrew) - - - - - - - - - <application>psql</application> Changes - - - - - Add \set ON_ERROR_ROLLBACK to allow statements in - a transaction to error without affecting the rest of the - transaction (Greg Sabino Mullane) - - - This is basically implemented by wrapping every statement in a - sub-transaction. - - - - - - Add support for \x hex strings in - psql variables (Bruce) - - - Octal escapes were already supported. - - - - - - Add support for troff -ms output format (Roger - Leigh) - - - - - - Allow the history file location to be controlled by - HISTFILE (Andreas Seltenreich) - - - This allows configuration of per-database history storage. - - - - - - Prevent \x (expanded mode) from affecting - the output of \d tablename (Neil) - - - - - - Add option to psql to - log sessions (Lorne Sunley) - - - This option was added because some operating systems do not have - simple command-line activity logging functionality. - - - - - - Make \d show the tablespaces of indexes (Qingqing - Zhou) - - - - - - Allow psql help (\h) to - make a best guess on the proper help information (Greg Sabino - Mullane) - - - This allows the user to just add \h to the front of - the syntax error query and get help on the supported syntax. - Previously any additional query text beyond the command name - had to be removed to use \h. - - - - - - Add \pset numericlocale to allow numbers to be - output in a locale-aware format (Eugen Nedelcu) - - - For example, using C locale 100000 would - be output as 100,000.0 while a European locale might - output this value as 100.000,0. - - - - - - Make startup banner show both server version number and - psql's version number, when they are different (Bruce) - - - Also, a warning will be shown if the server and psql - are from different major releases. - - - - - - - - - <application>pg_dump</application> Changes - - - - - Add / switch to - pg_restore (Richard van den Berg) - - - This allows just the objects in a specified schema to be restored. - - - - - - Allow pg_dump to dump large objects even in - text mode (Tom) - - - With this change, large objects are now always dumped; the former - switch is a no-op. - - - - - - Allow pg_dump to dump a consistent snapshot of - large objects (Tom) - - - - - - Dump comments for large objects (Tom) - - - - - - Add to pg_dump - (Magnus Hagander) - - - This allows a database to be dumped in an encoding that is - different from the server's encoding. This is valuable when - transferring the dump to a machine with a different encoding. - - - - - - Rely on pg_pltemplate for procedural languages (Tom) - - - If the call handler for a procedural language is in the - pg_catalog schema, pg_dump does not - dump the handler. Instead, it dumps the language using just - CREATE LANGUAGE name, - relying on the pg_pltemplate catalog to provide - the language's creation parameters at load time. - - - - - - - - - <application>libpq</application> Changes - - - - - Add a PGPASSFILE environment variable to specify the - password file's filename (Andrew) - - - - - - Add lo_create(), that is similar to - lo_creat() but allows the OID of the large object - to be specified (Tom) - - - - - - Make libpq consistently return an error - to the client application on malloc() - failure (Neil) - - - - - - - - Source Code Changes - - - - - Fix pgxs to support building against a relocated - installation - - - - - - Add spinlock support for the Itanium processor using Intel - compiler (Vikram Kalsi) - - - - - - Add Kerberos 5 support for Windows (Magnus) - - - - - - Add Chinese FAQ (laser@pgsqldb.com) - - - - - - Rename Rendezvous to Bonjour to match OS/X feature renaming - (Bruce) - - - - - - Add support for fsync_writethrough on - macOS (Chris Campbell) - - - - - - Streamline the passing of information within the server, the - optimizer, and the lock system (Tom) - - - - - - Allow pg_config to be compiled using MSVC (Andrew) - - - This is required to build DBD::Pg using MSVC. - - - - - - Remove support for Kerberos V4 (Magnus) - - - Kerberos 4 had security vulnerabilities and is no longer - maintained. - - - - - - Code cleanups (Coverity static analysis performed by - EnterpriseDB) - - - - - - Modify postgresql.conf to use documentation defaults - on/off rather than - true/false (Bruce) - - - - - - Enhance pg_config to be able to report more - build-time values (Tom) - - - - - - Allow libpq to be built thread-safe - on Windows (Dave Page) - - - - - - Allow IPv6 connections to be used on Windows (Andrew) - - - - - - Add Server Administration documentation about I/O subsystem - reliability (Bruce) - - - - - - Move private declarations from gist.h to - gist_private.h (Neil) - - - - In previous releases, gist.h contained both the - public GiST API (intended for use by authors of GiST index - implementations) as well as some private declarations used by - the implementation of GiST itself. The latter have been moved - to a separate file, gist_private.h. Most GiST - index implementations should be unaffected. - - - - - - Overhaul GiST memory management (Neil) - - - - GiST methods are now always invoked in a short-lived memory - context. Therefore, memory allocated via palloc() - will be reclaimed automatically, so GiST index implementations - do not need to manually release allocated memory via - pfree(). - - - - - - - - Contrib Changes - - - - - Add /contrib/pg_buffercache contrib module (Mark - Kirkwood) - - - This displays the contents of the buffer cache, for debugging and - performance tuning purposes. - - - - - - Remove /contrib/array because it is obsolete (Tom) - - - - - - Clean up the /contrib/lo module (Tom) - - - - - - Move /contrib/findoidjoins to - /src/tools (Tom) - - - - - - Remove the <<, >>, - &<, and &> operators from - /contrib/cube - - - These operators were not useful. - - - - - - Improve /contrib/btree_gist (Janko Richter) - - - - - - Improve /contrib/pgbench (Tomoaki Sato, Tatsuo) - - - There is now a facility for testing with SQL command scripts given - by the user, instead of only a hard-wired command sequence. - - - - - - Improve /contrib/pgcrypto (Marko Kreen) - - - - - - - Implementation of OpenPGP symmetric-key and public-key encryption - - - Both RSA and Elgamal public-key algorithms are supported. - - - - - - Stand alone build: include SHA256/384/512 hashes, Fortuna PRNG - - - - - - OpenSSL build: support 3DES, use internal AES with OpenSSL < 0.9.7 - - - - - - Take build parameters (OpenSSL, zlib) from configure result - - - There is no need to edit the Makefile anymore. - - - - - - Remove support for libmhash and libmcrypt - - - - - - - - - - - diff --git a/doc/src/sgml/release-8.2.sgml b/doc/src/sgml/release-8.2.sgml deleted file mode 100644 index d87c5bbd46..0000000000 --- a/doc/src/sgml/release-8.2.sgml +++ /dev/null @@ -1,7077 +0,0 @@ - - - - - Release 8.2.23 - - - Release date: - 2011-12-05 - - - - This release contains a variety of fixes from 8.2.22. - For information about new features in the 8.2 major release, see - . - - - - This is expected to be the last PostgreSQL release - in the 8.2.X series. Users are encouraged to update to a newer - release branch soon. - - - - Migration to Version 8.2.23 - - - A dump/restore is not required for those running 8.2.X. - - - - However, a longstanding error was discovered in the definition of the - information_schema.referential_constraints view. If you - rely on correct results from that view, you should replace its - definition as explained in the first changelog item below. - - - - Also, if you are upgrading from a version earlier than 8.2.14, - see . - - - - - - Changes - - - - - - Fix bugs in information_schema.referential_constraints view - (Tom Lane) - - - - This view was being insufficiently careful about matching the - foreign-key constraint to the depended-on primary or unique key - constraint. That could result in failure to show a foreign key - constraint at all, or showing it multiple times, or claiming that it - depends on a different constraint than the one it really does. - - - - Since the view definition is installed by initdb, - merely upgrading will not fix the problem. If you need to fix this - in an existing installation, you can (as a superuser) drop the - information_schema schema then re-create it by sourcing - SHAREDIR/information_schema.sql. - (Run pg_config --sharedir if you're uncertain where - SHAREDIR is.) This must be repeated in each database - to be fixed. - - - - - - Fix TOAST-related data corruption during CREATE TABLE dest AS - SELECT * FROM src or INSERT INTO dest SELECT * FROM src - (Tom Lane) - - - - If a table has been modified by ALTER TABLE ADD COLUMN, - attempts to copy its data verbatim to another table could produce - corrupt results in certain corner cases. - The problem can only manifest in this precise form in 8.4 and later, - but we patched earlier versions as well in case there are other code - paths that could trigger the same bug. - - - - - - Fix race condition during toast table access from stale syscache entries - (Tom Lane) - - - - The typical symptom was transient errors like missing chunk - number 0 for toast value NNNNN in pg_toast_2619, where the cited - toast table would always belong to a system catalog. - - - - - - Improve locale support in money type's input and output - (Tom Lane) - - - - Aside from not supporting all standard - lc_monetary - formatting options, the input and output functions were inconsistent, - meaning there were locales in which dumped money values could - not be re-read. - - - - - - Don't let transform_null_equals - affect CASE foo WHEN NULL ... constructs - (Heikki Linnakangas) - - - - transform_null_equals is only supposed to affect - foo = NULL expressions written directly by the user, not - equality checks generated internally by this form of CASE. - - - - - - Change foreign-key trigger creation order to better support - self-referential foreign keys (Tom Lane) - - - - For a cascading foreign key that references its own table, a row update - will fire both the ON UPDATE trigger and the - CHECK trigger as one event. The ON UPDATE - trigger must execute first, else the CHECK will check a - non-final state of the row and possibly throw an inappropriate error. - However, the firing order of these triggers is determined by their - names, which generally sort in creation order since the triggers have - auto-generated names following the convention - RI_ConstraintTrigger_NNNN. A proper fix would require - modifying that convention, which we will do in 9.2, but it seems risky - to change it in existing releases. So this patch just changes the - creation order of the triggers. Users encountering this type of error - should drop and re-create the foreign key constraint to get its - triggers into the right order. - - - - - - Preserve blank lines within commands in psql's command - history (Robert Haas) - - - - The former behavior could cause problems if an empty line was removed - from within a string literal, for example. - - - - - - Use the preferred version of xsubpp to build PL/Perl, - not necessarily the operating system's main copy - (David Wheeler and Alex Hunsaker) - - - - - - Honor query cancel interrupts promptly in pgstatindex() - (Robert Haas) - - - - - - Ensure VPATH builds properly install all server header files - (Peter Eisentraut) - - - - - - Shorten file names reported in verbose error messages (Peter Eisentraut) - - - - Regular builds have always reported just the name of the C file - containing the error message call, but VPATH builds formerly - reported an absolute path name. - - - - - - Fix interpretation of Windows timezone names for Central America - (Tom Lane) - - - - Map Central America Standard Time to CST6, not - CST6CDT, because DST is generally not observed anywhere in - Central America. - - - - - - Update time zone data files to tzdata release 2011n - for DST law changes in Brazil, Cuba, Fiji, Palestine, Russia, and Samoa; - also historical corrections for Alaska and British East Africa. - - - - - - - - - - Release 8.2.22 - - - Release date: - 2011-09-26 - - - - This release contains a variety of fixes from 8.2.21. - For information about new features in the 8.2 major release, see - . - - - - The PostgreSQL community will stop releasing updates - for the 8.2.X release series in December 2011. - Users are encouraged to update to a newer release branch soon. - - - - Migration to Version 8.2.22 - - - A dump/restore is not required for those running 8.2.X. - However, if you are upgrading from a version earlier than 8.2.14, - see . - - - - - - Changes - - - - - - Fix multiple bugs in GiST index page split processing (Heikki - Linnakangas) - - - - The probability of occurrence was low, but these could lead to index - corruption. - - - - - - Avoid possibly accessing off the end of memory in ANALYZE - (Noah Misch) - - - - This fixes a very-low-probability server crash scenario. - - - - - - Fix race condition in relcache init file invalidation (Tom Lane) - - - - There was a window wherein a new backend process could read a stale init - file but miss the inval messages that would tell it the data is stale. - The result would be bizarre failures in catalog accesses, typically - could not read block 0 in file ... later during startup. - - - - - - Fix memory leak at end of a GiST index scan (Tom Lane) - - - - Commands that perform many separate GiST index scans, such as - verification of a new GiST-based exclusion constraint on a table - already containing many rows, could transiently require large amounts of - memory due to this leak. - - - - - - Fix performance problem when constructing a large, lossy bitmap - (Tom Lane) - - - - - - Fix array- and path-creating functions to ensure padding bytes are - zeroes (Tom Lane) - - - - This avoids some situations where the planner will think that - semantically-equal constants are not equal, resulting in poor - optimization. - - - - - - Work around gcc 4.6.0 bug that breaks WAL replay (Tom Lane) - - - - This could lead to loss of committed transactions after a server crash. - - - - - - Fix dump bug for VALUES in a view (Tom Lane) - - - - - - Disallow SELECT FOR UPDATE/SHARE on sequences (Tom Lane) - - - - This operation doesn't work as expected and can lead to failures. - - - - - - Defend against integer overflow when computing size of a hash table (Tom - Lane) - - - - - - Fix portability bugs in use of credentials control messages for - peer authentication (Tom Lane) - - - - - - Fix typo in pg_srand48 seed initialization (Andres Freund) - - - - This led to failure to use all bits of the provided seed. This function - is not used on most platforms (only those without srandom), - and the potential security exposure from a less-random-than-expected - seed seems minimal in any case. - - - - - - Avoid integer overflow when the sum of LIMIT and - OFFSET values exceeds 2^63 (Heikki Linnakangas) - - - - - - Add overflow checks to int4 and int8 versions of - generate_series() (Robert Haas) - - - - - - Fix trailing-zero removal in to_char() (Marti Raudsepp) - - - - In a format with FM and no digit positions - after the decimal point, zeroes to the left of the decimal point could - be removed incorrectly. - - - - - - Fix pg_size_pretty() to avoid overflow for inputs close to - 2^63 (Tom Lane) - - - - - - Fix psql's counting of script file line numbers during - COPY from a different file (Tom Lane) - - - - - - Fix pg_restore's direct-to-database mode for - standard_conforming_strings (Tom Lane) - - - - pg_restore could emit incorrect commands when restoring - directly to a database server from an archive file that had been made - with standard_conforming_strings set to on. - - - - - - Fix write-past-buffer-end and memory leak in libpq's - LDAP service lookup code (Albe Laurenz) - - - - - - In libpq, avoid failures when using nonblocking I/O - and an SSL connection (Martin Pihlak, Tom Lane) - - - - - - Improve libpq's handling of failures during connection startup - (Tom Lane) - - - - In particular, the response to a server report of fork() - failure during SSL connection startup is now saner. - - - - - - Make ecpglib write double values with 15 digits - precision (Akira Kurosawa) - - - - - - Apply upstream fix for blowfish signed-character bug (CVE-2011-2483) - (Tom Lane) - - - - contrib/pg_crypto's blowfish encryption code could give - wrong results on platforms where char is signed (which is most), - leading to encrypted passwords being weaker than they should be. - - - - - - Fix memory leak in contrib/seg (Heikki Linnakangas) - - - - - - Fix pgstatindex() to give consistent results for empty - indexes (Tom Lane) - - - - - - Allow building with perl 5.14 (Alex Hunsaker) - - - - - - Update configure script's method for probing existence of system - functions (Tom Lane) - - - - The version of autoconf we used in 8.3 and 8.2 could be fooled by - compilers that perform link-time optimization. - - - - - - Fix assorted issues with build and install file paths containing spaces - (Tom Lane) - - - - - - Update time zone data files to tzdata release 2011i - for DST law changes in Canada, Egypt, Russia, Samoa, and South Sudan. - - - - - - - - - - Release 8.2.21 - - - Release date: - 2011-04-18 - - - - This release contains a variety of fixes from 8.2.20. - For information about new features in the 8.2 major release, see - . - - - - Migration to Version 8.2.21 - - - A dump/restore is not required for those running 8.2.X. - However, if you are upgrading from a version earlier than 8.2.14, - see . - - - - - - Changes - - - - - - Avoid potential deadlock during catalog cache initialization - (Nikhil Sontakke) - - - - In some cases the cache loading code would acquire share lock on a - system index before locking the index's catalog. This could deadlock - against processes trying to acquire exclusive locks in the other, - more standard order. - - - - - - Fix dangling-pointer problem in BEFORE ROW UPDATE trigger - handling when there was a concurrent update to the target tuple - (Tom Lane) - - - - This bug has been observed to result in intermittent cannot - extract system attribute from virtual tuple failures while trying to - do UPDATE RETURNING ctid. There is a very small probability - of more serious errors, such as generating incorrect index entries for - the updated tuple. - - - - - - Disallow DROP TABLE when there are pending deferred trigger - events for the table (Tom Lane) - - - - Formerly the DROP would go through, leading to - could not open relation with OID nnn errors when the - triggers were eventually fired. - - - - - - Fix PL/Python memory leak involving array slices (Daniel Popowich) - - - - - - Fix pg_restore to cope with long lines (over 1KB) in - TOC files (Tom Lane) - - - - - - Put in more safeguards against crashing due to division-by-zero - with overly enthusiastic compiler optimization (Aurelien Jarno) - - - - - - Support use of dlopen() in FreeBSD and OpenBSD on MIPS (Tom Lane) - - - - There was a hard-wired assumption that this system function was not - available on MIPS hardware on these systems. Use a compile-time test - instead, since more recent versions have it. - - - - - - Fix compilation failures on HP-UX (Heikki Linnakangas) - - - - - - Fix path separator used by pg_regress on Cygwin - (Andrew Dunstan) - - - - - - Update time zone data files to tzdata release 2011f - for DST law changes in Chile, Cuba, Falkland Islands, Morocco, Samoa, - and Turkey; also historical corrections for South Australia, Alaska, - and Hawaii. - - - - - - - - - - Release 8.2.20 - - - Release date: - 2011-01-31 - - - - This release contains a variety of fixes from 8.2.19. - For information about new features in the 8.2 major release, see - . - - - - Migration to Version 8.2.20 - - - A dump/restore is not required for those running 8.2.X. - However, if you are upgrading from a version earlier than 8.2.14, - see . - - - - - - Changes - - - - - - Avoid failures when EXPLAIN tries to display a simple-form - CASE expression (Tom Lane) - - - - If the CASE's test expression was a constant, the planner - could simplify the CASE into a form that confused the - expression-display code, resulting in unexpected CASE WHEN - clause errors. - - - - - - Fix assignment to an array slice that is before the existing range - of subscripts (Tom Lane) - - - - If there was a gap between the newly added subscripts and the first - pre-existing subscript, the code miscalculated how many entries needed - to be copied from the old array's null bitmap, potentially leading to - data corruption or crash. - - - - - - Avoid unexpected conversion overflow in planner for very distant date - values (Tom Lane) - - - - The date type supports a wider range of dates than can be - represented by the timestamp types, but the planner assumed it - could always convert a date to timestamp with impunity. - - - - - - Fix pg_restore's text output for large objects (BLOBs) - when standard_conforming_strings is on (Tom Lane) - - - - Although restoring directly to a database worked correctly, string - escaping was incorrect if pg_restore was asked for - SQL text output and standard_conforming_strings had been - enabled in the source database. - - - - - - Fix erroneous parsing of tsquery values containing - ... & !(subexpression) | ... (Tom Lane) - - - - Queries containing this combination of operators were not executed - correctly. The same error existed in contrib/intarray's - query_int type and contrib/ltree's - ltxtquery type. - - - - - - Fix buffer overrun in contrib/intarray's input function - for the query_int type (Apple) - - - - This bug is a security risk since the function's return address could - be overwritten. Thanks to Apple Inc's security team for reporting this - issue and supplying the fix. (CVE-2010-4015) - - - - - - Fix bug in contrib/seg's GiST picksplit algorithm - (Alexander Korotkov) - - - - This could result in considerable inefficiency, though not actually - incorrect answers, in a GiST index on a seg column. - If you have such an index, consider REINDEXing it after - installing this update. (This is identical to the bug that was fixed in - contrib/cube in the previous update.) - - - - - - - - - - Release 8.2.19 - - - Release date: - 2010-12-16 - - - - This release contains a variety of fixes from 8.2.18. - For information about new features in the 8.2 major release, see - . - - - - Migration to Version 8.2.19 - - - A dump/restore is not required for those running 8.2.X. - However, if you are upgrading from a version earlier than 8.2.14, - see . - - - - - - Changes - - - - - - Force the default - wal_sync_method - to be fdatasync on Linux (Tom Lane, Marti Raudsepp) - - - - The default on Linux has actually been fdatasync for many - years, but recent kernel changes caused PostgreSQL to - choose open_datasync instead. This choice did not result - in any performance improvement, and caused outright failures on - certain filesystems, notably ext4 with the - data=journal mount option. - - - - - - Fix assorted bugs in WAL replay logic for GIN indexes (Tom Lane) - - - - This could result in bad buffer id: 0 failures or - corruption of index contents during replication. - - - - - - Fix recovery from base backup when the starting checkpoint WAL record - is not in the same WAL segment as its redo point (Jeff Davis) - - - - - - Add support for detecting register-stack overrun on IA64 - (Tom Lane) - - - - The IA64 architecture has two hardware stacks. Full - prevention of stack-overrun failures requires checking both. - - - - - - Add a check for stack overflow in copyObject() (Tom Lane) - - - - Certain code paths could crash due to stack overflow given a - sufficiently complex query. - - - - - - Fix detection of page splits in temporary GiST indexes (Heikki - Linnakangas) - - - - It is possible to have a concurrent page split in a - temporary index, if for example there is an open cursor scanning the - index when an insertion is done. GiST failed to detect this case and - hence could deliver wrong results when execution of the cursor - continued. - - - - - - Avoid memory leakage while ANALYZE'ing complex index - expressions (Tom Lane) - - - - - - Ensure an index that uses a whole-row Var still depends on its table - (Tom Lane) - - - - An index declared like create index i on t (foo(t.*)) - would not automatically get dropped when its table was dropped. - - - - - - Do not inline a SQL function with multiple OUT - parameters (Tom Lane) - - - - This avoids a possible crash due to loss of information about the - expected result rowtype. - - - - - - Behave correctly if ORDER BY, LIMIT, - FOR UPDATE, or WITH is attached to the - VALUES part of INSERT ... VALUES (Tom Lane) - - - - - - Fix constant-folding of COALESCE() expressions (Tom Lane) - - - - The planner would sometimes attempt to evaluate sub-expressions that - in fact could never be reached, possibly leading to unexpected errors. - - - - - - Add print functionality for InhRelation nodes (Tom Lane) - - - - This avoids a failure when debug_print_parse is enabled - and certain types of query are executed. - - - - - - Fix incorrect calculation of distance from a point to a horizontal - line segment (Tom Lane) - - - - This bug affected several different geometric distance-measurement - operators. - - - - - - Fix PL/pgSQL's handling of simple - expressions to not fail in recursion or error-recovery cases (Tom Lane) - - - - - - Fix PL/Python's handling of set-returning functions - (Jan Urbanski) - - - - Attempts to call SPI functions within the iterator generating a set - result would fail. - - - - - - Fix bug in contrib/cube's GiST picksplit algorithm - (Alexander Korotkov) - - - - This could result in considerable inefficiency, though not actually - incorrect answers, in a GiST index on a cube column. - If you have such an index, consider REINDEXing it after - installing this update. - - - - - - Don't emit identifier will be truncated notices in - contrib/dblink except when creating new connections - (Itagaki Takahiro) - - - - - - Fix potential coredump on missing public key in - contrib/pgcrypto (Marti Raudsepp) - - - - - - Fix memory leak in contrib/xml2's XPath query functions - (Tom Lane) - - - - - - Update time zone data files to tzdata release 2010o - for DST law changes in Fiji and Samoa; - also historical corrections for Hong Kong. - - - - - - - - - - Release 8.2.18 - - - Release date: - 2010-10-04 - - - - This release contains a variety of fixes from 8.2.17. - For information about new features in the 8.2 major release, see - . - - - - Migration to Version 8.2.18 - - - A dump/restore is not required for those running 8.2.X. - However, if you are upgrading from a version earlier than 8.2.14, - see . - - - - - - Changes - - - - - - Use a separate interpreter for each calling SQL userid in PL/Perl and - PL/Tcl (Tom Lane) - - - - This change prevents security problems that can be caused by subverting - Perl or Tcl code that will be executed later in the same session under - another SQL user identity (for example, within a SECURITY - DEFINER function). Most scripting languages offer numerous ways that - that might be done, such as redefining standard functions or operators - called by the target function. Without this change, any SQL user with - Perl or Tcl language usage rights can do essentially anything with the - SQL privileges of the target function's owner. - - - - The cost of this change is that intentional communication among Perl - and Tcl functions becomes more difficult. To provide an escape hatch, - PL/PerlU and PL/TclU functions continue to use only one interpreter - per session. This is not considered a security issue since all such - functions execute at the trust level of a database superuser already. - - - - It is likely that third-party procedural languages that claim to offer - trusted execution have similar security issues. We advise contacting - the authors of any PL you are depending on for security-critical - purposes. - - - - Our thanks to Tim Bunce for pointing out this issue (CVE-2010-3433). - - - - - - Prevent possible crashes in pg_get_expr() by disallowing - it from being called with an argument that is not one of the system - catalog columns it's intended to be used with - (Heikki Linnakangas, Tom Lane) - - - - - - Fix Windows shared-memory allocation code - (Tsutomu Yamada, Magnus Hagander) - - - - This bug led to the often-reported could not reattach to shared - memory error message. This is a back-patch of a fix that was - applied to newer branches some time ago. - - - - - - Treat exit code 128 (ERROR_WAIT_NO_CHILDREN) as non-fatal on - Windows (Magnus Hagander) - - - - Under high load, Windows processes will sometimes fail at startup with - this error code. Formerly the postmaster treated this as a panic - condition and restarted the whole database, but that seems to be - an overreaction. - - - - - - Fix possible duplicate scans of UNION ALL member relations - (Tom Lane) - - - - - - Fix cannot handle unplanned sub-select error (Tom Lane) - - - - This occurred when a sub-select contains a join alias reference that - expands into an expression containing another sub-select. - - - - - - Reduce PANIC to ERROR in some occasionally-reported btree failure cases, - and provide additional detail in the resulting error messages - (Tom Lane) - - - - This should improve the system's robustness with corrupted indexes. - - - - - - Prevent show_session_authorization() from crashing within autovacuum - processes (Tom Lane) - - - - - - Defend against functions returning setof record where not all the - returned rows are actually of the same rowtype (Tom Lane) - - - - - - Fix possible failure when hashing a pass-by-reference function result - (Tao Ma, Tom Lane) - - - - - - Take care to fsync the contents of lockfiles (both - postmaster.pid and the socket lockfile) while writing them - (Tom Lane) - - - - This omission could result in corrupted lockfile contents if the - machine crashes shortly after postmaster start. That could in turn - prevent subsequent attempts to start the postmaster from succeeding, - until the lockfile is manually removed. - - - - - - Avoid recursion while assigning XIDs to heavily-nested - subtransactions (Andres Freund, Robert Haas) - - - - The original coding could result in a crash if there was limited - stack space. - - - - - - Fix log_line_prefix's %i escape, - which could produce junk early in backend startup (Tom Lane) - - - - - - Fix possible data corruption in ALTER TABLE ... SET - TABLESPACE when archiving is enabled (Jeff Davis) - - - - - - Allow CREATE DATABASE and ALTER DATABASE ... SET - TABLESPACE to be interrupted by query-cancel (Guillaume Lelarge) - - - - - - In PL/Python, defend against null pointer results from - PyCObject_AsVoidPtr and PyCObject_FromVoidPtr - (Peter Eisentraut) - - - - - - Improve contrib/dblink's handling of tables containing - dropped columns (Tom Lane) - - - - - - Fix connection leak after duplicate connection name - errors in contrib/dblink (Itagaki Takahiro) - - - - - - Fix contrib/dblink to handle connection names longer than - 62 bytes correctly (Itagaki Takahiro) - - - - - - Add hstore(text, text) - function to contrib/hstore (Robert Haas) - - - - This function is the recommended substitute for the now-deprecated - => operator. It was back-patched so that future-proofed - code can be used with older server versions. Note that the patch will - be effective only after contrib/hstore is installed or - reinstalled in a particular database. Users might prefer to execute - the CREATE FUNCTION command by hand, instead. - - - - - - Update build infrastructure and documentation to reflect the source code - repository's move from CVS to Git (Magnus Hagander and others) - - - - - - Update time zone data files to tzdata release 2010l - for DST law changes in Egypt and Palestine; also historical corrections - for Finland. - - - - This change also adds new names for two Micronesian timezones: - Pacific/Chuuk is now preferred over Pacific/Truk (and the preferred - abbreviation is CHUT not TRUT) and Pacific/Pohnpei is preferred over - Pacific/Ponape. - - - - - - Make Windows' N. Central Asia Standard Time timezone map to - Asia/Novosibirsk, not Asia/Almaty (Magnus Hagander) - - - - Microsoft changed the DST behavior of this zone in the timezone update - from KB976098. Asia/Novosibirsk is a better match to its new behavior. - - - - - - - - - - Release 8.2.17 - - - Release date: - 2010-05-17 - - - - This release contains a variety of fixes from 8.2.16. - For information about new features in the 8.2 major release, see - . - - - - Migration to Version 8.2.17 - - - A dump/restore is not required for those running 8.2.X. - However, if you are upgrading from a version earlier than 8.2.14, - see . - - - - - - Changes - - - - - - Enforce restrictions in plperl using an opmask applied to - the whole interpreter, instead of using Safe.pm - (Tim Bunce, Andrew Dunstan) - - - - Recent developments have convinced us that Safe.pm is too - insecure to rely on for making plperl trustable. This - change removes use of Safe.pm altogether, in favor of using - a separate interpreter with an opcode mask that is always applied. - Pleasant side effects of the change include that it is now possible to - use Perl's strict pragma in a natural way in - plperl, and that Perl's $a and $b - variables work as expected in sort routines, and that function - compilation is significantly faster. (CVE-2010-1169) - - - - - - Prevent PL/Tcl from executing untrustworthy code from - pltcl_modules (Tom) - - - - PL/Tcl's feature for autoloading Tcl code from a database table - could be exploited for trojan-horse attacks, because there was no - restriction on who could create or insert into that table. This change - disables the feature unless pltcl_modules is owned by a - superuser. (However, the permissions on the table are not checked, so - installations that really need a less-than-secure modules table can - still grant suitable privileges to trusted non-superusers.) Also, - prevent loading code into the unrestricted normal Tcl - interpreter unless we are really going to execute a pltclu - function. (CVE-2010-1170) - - - - - - Fix possible crash if a cache reset message is received during - rebuild of a relcache entry (Heikki) - - - - This error was introduced in 8.2.16 while fixing a related failure. - - - - - - Do not allow an unprivileged user to reset superuser-only parameter - settings (Alvaro) - - - - Previously, if an unprivileged user ran ALTER USER ... RESET - ALL for himself, or ALTER DATABASE ... RESET ALL for - a database he owns, this would remove all special parameter settings - for the user or database, even ones that are only supposed to be - changeable by a superuser. Now, the ALTER will only - remove the parameters that the user has permission to change. - - - - - - Avoid possible crash during backend shutdown if shutdown occurs - when a CONTEXT addition would be made to log entries (Tom) - - - - In some cases the context-printing function would fail because the - current transaction had already been rolled back when it came time - to print a log message. - - - - - - Update PL/Perl's ppport.h for modern Perl versions - (Andrew) - - - - - - Fix assorted memory leaks in PL/Python (Andreas Freund, Tom) - - - - - - Prevent infinite recursion in psql when expanding - a variable that refers to itself (Tom) - - - - - - Fix psql's \copy to not add spaces around - a dot within \copy (select ...) (Tom) - - - - Addition of spaces around the decimal point in a numeric literal would - result in a syntax error. - - - - - - Ensure that contrib/pgstattuple functions respond to cancel - interrupts promptly (Tatsuhito Kasahara) - - - - - - Make server startup deal properly with the case that - shmget() returns EINVAL for an existing - shared memory segment (Tom) - - - - This behavior has been observed on BSD-derived kernels including macOS. - It resulted in an entirely-misleading startup failure complaining that - the shared memory request size was too large. - - - - - - Avoid possible crashes in syslogger process on Windows (Heikki) - - - - - - Deal more robustly with incomplete time zone information in the - Windows registry (Magnus) - - - - - - Update the set of known Windows time zone names (Magnus) - - - - - - Update time zone data files to tzdata release 2010j - for DST law changes in Argentina, Australian Antarctic, Bangladesh, - Mexico, Morocco, Pakistan, Palestine, Russia, Syria, Tunisia; - also historical corrections for Taiwan. - - - - Also, add PKST (Pakistan Summer Time) to the default set of - timezone abbreviations. - - - - - - - - - - Release 8.2.16 - - - Release date: - 2010-03-15 - - - - This release contains a variety of fixes from 8.2.15. - For information about new features in the 8.2 major release, see - . - - - - Migration to Version 8.2.16 - - - A dump/restore is not required for those running 8.2.X. - However, if you are upgrading from a version earlier than 8.2.14, - see . - - - - - - Changes - - - - - - Add new configuration parameter ssl_renegotiation_limit to - control how often we do session key renegotiation for an SSL connection - (Magnus) - - - - This can be set to zero to disable renegotiation completely, which may - be required if a broken SSL library is used. In particular, some - vendors are shipping stopgap patches for CVE-2009-3555 that cause - renegotiation attempts to fail. - - - - - - Fix possible deadlock during backend startup (Tom) - - - - - - Fix possible crashes due to not handling errors during relcache reload - cleanly (Tom) - - - - - - Fix possible crashes when trying to recover from a failure in - subtransaction start (Tom) - - - - - - Fix server memory leak associated with use of savepoints and a client - encoding different from server's encoding (Tom) - - - - - - Fix incorrect WAL data emitted during end-of-recovery cleanup of a GIST - index page split (Yoichi Hirai) - - - - This would result in index corruption, or even more likely an error - during WAL replay, if we were unlucky enough to crash during - end-of-recovery cleanup after having completed an incomplete GIST - insertion. - - - - - - Make substring() for bit types treat any negative - length as meaning all the rest of the string (Tom) - - - - The previous coding treated only -1 that way, and would produce an - invalid result value for other negative values, possibly leading to - a crash (CVE-2010-0442). - - - - - - Fix integer-to-bit-string conversions to handle the first fractional - byte correctly when the output bit width is wider than the given - integer by something other than a multiple of 8 bits (Tom) - - - - - - Fix some cases of pathologically slow regular expression matching (Tom) - - - - - - Fix the STOP WAL LOCATION entry in backup history files to - report the next WAL segment's name when the end location is exactly at a - segment boundary (Itagaki Takahiro) - - - - - - Fix some more cases of temporary-file leakage (Heikki) - - - - This corrects a problem introduced in the previous minor release. - One case that failed is when a plpgsql function returning set is - called within another function's exception handler. - - - - - - Improve constraint exclusion processing of boolean-variable cases, - in particular make it possible to exclude a partition that has a - bool_column = false constraint (Tom) - - - - - - When reading pg_hba.conf and related files, do not treat - @something as a file inclusion request if the @ - appears inside quote marks; also, never treat @ by itself - as a file inclusion request (Tom) - - - - This prevents erratic behavior if a role or database name starts with - @. If you need to include a file whose path name - contains spaces, you can still do so, but you must write - @"/path to/file" rather than putting the quotes around - the whole construct. - - - - - - Prevent infinite loop on some platforms if a directory is named as - an inclusion target in pg_hba.conf and related files - (Tom) - - - - - - Fix possible infinite loop if SSL_read or - SSL_write fails without setting errno (Tom) - - - - This is reportedly possible with some Windows versions of - OpenSSL. - - - - - - Fix psql's numericlocale option to not - format strings it shouldn't in latex and troff output formats (Heikki) - - - - - - Make psql return the correct exit status (3) when - ON_ERROR_STOP and --single-transaction are - both specified and an error occurs during the implied COMMIT - (Bruce) - - - - - - Fix plpgsql failure in one case where a composite column is set to NULL - (Tom) - - - - - - Fix possible failure when calling PL/Perl functions from PL/PerlU - or vice versa (Tim Bunce) - - - - - - Add volatile markings in PL/Python to avoid possible - compiler-specific misbehavior (Zdenek Kotala) - - - - - - Ensure PL/Tcl initializes the Tcl interpreter fully (Tom) - - - - The only known symptom of this oversight is that the Tcl - clock command misbehaves if using Tcl 8.5 or later. - - - - - - Prevent crash in contrib/dblink when too many key - columns are specified to a dblink_build_sql_* function - (Rushabh Lathia, Joe Conway) - - - - - - Fix assorted crashes in contrib/xml2 caused by sloppy - memory management (Tom) - - - - - - Make building of contrib/xml2 more robust on Windows - (Andrew) - - - - - - Fix race condition in Windows signal handling (Radu Ilie) - - - - One known symptom of this bug is that rows in pg_listener - could be dropped under heavy load. - - - - - - Update time zone data files to tzdata release 2010e - for DST law changes in Bangladesh, Chile, Fiji, Mexico, Paraguay, Samoa. - - - - - - - - - - Release 8.2.15 - - - Release date: - 2009-12-14 - - - - This release contains a variety of fixes from 8.2.14. - For information about new features in the 8.2 major release, see - . - - - - Migration to Version 8.2.15 - - - A dump/restore is not required for those running 8.2.X. - However, if you are upgrading from a version earlier than 8.2.14, - see . - - - - - - Changes - - - - - - Protect against indirect security threats caused by index functions - changing session-local state (Gurjeet Singh, Tom) - - - - This change prevents allegedly-immutable index functions from possibly - subverting a superuser's session (CVE-2009-4136). - - - - - - Reject SSL certificates containing an embedded null byte in the common - name (CN) field (Magnus) - - - - This prevents unintended matching of a certificate to a server or client - name during SSL validation (CVE-2009-4034). - - - - - - Fix possible crash during backend-startup-time cache initialization (Tom) - - - - - - Prevent signals from interrupting VACUUM at unsafe times - (Alvaro) - - - - This fix prevents a PANIC if a VACUUM FULL is canceled - after it's already committed its tuple movements, as well as transient - errors if a plain VACUUM is interrupted after having - truncated the table. - - - - - - Fix possible crash due to integer overflow in hash table size - calculation (Tom) - - - - This could occur with extremely large planner estimates for the size of - a hashjoin's result. - - - - - - Fix very rare crash in inet/cidr comparisons (Chris - Mikkelson) - - - - - - Ensure that shared tuple-level locks held by prepared transactions are - not ignored (Heikki) - - - - - - Fix premature drop of temporary files used for a cursor that is accessed - within a subtransaction (Heikki) - - - - - - Fix incorrect logic for GiST index page splits, when the split depends - on a non-first column of the index (Paul Ramsey) - - - - - - Don't error out if recycling or removing an old WAL file fails at the - end of checkpoint (Heikki) - - - - It's better to treat the problem as non-fatal and allow the checkpoint - to complete. Future checkpoints will retry the removal. Such problems - are not expected in normal operation, but have been seen to be - caused by misdesigned Windows anti-virus and backup software. - - - - - - Ensure WAL files aren't repeatedly archived on Windows (Heikki) - - - - This is another symptom that could happen if some other process - interfered with deletion of a no-longer-needed file. - - - - - - Fix PAM password processing to be more robust (Tom) - - - - The previous code is known to fail with the combination of the Linux - pam_krb5 PAM module with Microsoft Active Directory as the - domain controller. It might have problems elsewhere too, since it was - making unjustified assumptions about what arguments the PAM stack would - pass to it. - - - - - - Fix processing of ownership dependencies during CREATE OR - REPLACE FUNCTION (Tom) - - - - - - Fix bug with calling plperl from plperlu or vice - versa (Tom) - - - - An error exit from the inner function could result in crashes due to - failure to re-select the correct Perl interpreter for the outer function. - - - - - - Fix session-lifespan memory leak when a PL/Perl function is redefined - (Tom) - - - - - - Ensure that Perl arrays are properly converted to - PostgreSQL arrays when returned by a set-returning - PL/Perl function (Andrew Dunstan, Abhijit Menon-Sen) - - - - This worked correctly already for non-set-returning functions. - - - - - - Fix rare crash in exception processing in PL/Python (Peter) - - - - - - Ensure psql's flex module is compiled with the correct - system header definitions (Tom) - - - - This fixes build failures on platforms where - --enable-largefile causes incompatible changes in the - generated code. - - - - - - Make the postmaster ignore any application_name parameter in - connection request packets, to improve compatibility with future libpq - versions (Tom) - - - - - - Update the timezone abbreviation files to match current reality (Joachim - Wieland) - - - - This includes adding IDT and SGT to the default - timezone abbreviation set. - - - - - - Update time zone data files to tzdata release 2009s - for DST law changes in Antarctica, Argentina, Bangladesh, Fiji, - Novokuznetsk, Pakistan, Palestine, Samoa, Syria; also historical - corrections for Hong Kong. - - - - - - - - - - Release 8.2.14 - - - Release date: - 2009-09-09 - - - - This release contains a variety of fixes from 8.2.13. - For information about new features in the 8.2 major release, see - . - - - - Migration to Version 8.2.14 - - - A dump/restore is not required for those running 8.2.X. - However, if you have any hash indexes on interval columns, - you must REINDEX them after updating to 8.2.14. - Also, if you are upgrading from a version earlier than 8.2.11, - see . - - - - - - Changes - - - - - - Force WAL segment switch during pg_start_backup() - (Heikki) - - - - This avoids corner cases that could render a base backup unusable. - - - - - - Disallow RESET ROLE and RESET SESSION - AUTHORIZATION inside security-definer functions (Tom, Heikki) - - - - This covers a case that was missed in the previous patch that - disallowed SET ROLE and SET SESSION - AUTHORIZATION inside security-definer functions. - (See CVE-2007-6600) - - - - - - Make LOAD of an already-loaded loadable module - into a no-op (Tom) - - - - Formerly, LOAD would attempt to unload and re-load the - module, but this is unsafe and not all that useful. - - - - - - Disallow empty passwords during LDAP authentication (Magnus) - - - - - - Fix handling of sub-SELECTs appearing in the arguments of - an outer-level aggregate function (Tom) - - - - - - Fix bugs associated with fetching a whole-row value from the - output of a Sort or Materialize plan node (Tom) - - - - - - Revert planner change that disabled partial-index and constraint - exclusion optimizations when there were more than 100 clauses in - an AND or OR list (Tom) - - - - - - Fix hash calculation for data type interval (Tom) - - - - This corrects wrong results for hash joins on interval values. - It also changes the contents of hash indexes on interval columns. - If you have any such indexes, you must REINDEX them - after updating. - - - - - - Treat to_char(..., 'TH') as an uppercase ordinal - suffix with 'HH'/'HH12' (Heikki) - - - - It was previously handled as 'th' (lowercase). - - - - - - Fix overflow for INTERVAL 'x ms' - when x is more than 2 million and integer - datetimes are in use (Alex Hunsaker) - - - - - - Fix calculation of distance between a point and a line segment (Tom) - - - - This led to incorrect results from a number of geometric operators. - - - - - - Fix money data type to work in locales where currency - amounts have no fractional digits, e.g. Japan (Itagaki Takahiro) - - - - - - Properly round datetime input like - 00:12:57.9999999999999999999999999999 (Tom) - - - - - - Fix poor choice of page split point in GiST R-tree operator classes - (Teodor) - - - - - - Avoid performance degradation in bulk inserts into GIN indexes - when the input values are (nearly) in sorted order (Tom) - - - - - - Correctly enforce NOT NULL domain constraints in some contexts in - PL/pgSQL (Tom) - - - - - - Fix portability issues in plperl initialization (Andrew Dunstan) - - - - - - Fix pg_ctl to not go into an infinite loop if - postgresql.conf is empty (Jeff Davis) - - - - - - Make contrib/hstore throw an error when a key or - value is too long to fit in its data structure, rather than - silently truncating it (Andrew Gierth) - - - - - - Fix contrib/xml2's xslt_process() to - properly handle the maximum number of parameters (twenty) (Tom) - - - - - - Improve robustness of libpq's code to recover - from errors during COPY FROM STDIN (Tom) - - - - - - Avoid including conflicting readline and editline header files - when both libraries are installed (Zdenek Kotala) - - - - - - Update time zone data files to tzdata release 2009l - for DST law changes in Bangladesh, Egypt, Jordan, Pakistan, - Argentina/San_Luis, Cuba, Jordan (historical correction only), - Mauritius, Morocco, Palestine, Syria, Tunisia. - - - - - - - - - - Release 8.2.13 - - - Release date: - 2009-03-16 - - - - This release contains a variety of fixes from 8.2.12. - For information about new features in the 8.2 major release, see - . - - - - Migration to Version 8.2.13 - - - A dump/restore is not required for those running 8.2.X. - However, if you are upgrading from a version earlier than 8.2.11, - see . - - - - - - Changes - - - - - - Prevent error recursion crashes when encoding conversion fails (Tom) - - - - This change extends fixes made in the last two minor releases for - related failure scenarios. The previous fixes were narrowly tailored - for the original problem reports, but we have now recognized that - any error thrown by an encoding conversion function could - potentially lead to infinite recursion while trying to report the - error. The solution therefore is to disable translation and encoding - conversion and report the plain-ASCII form of any error message, - if we find we have gotten into a recursive error reporting situation. - (CVE-2009-0922) - - - - - - Disallow CREATE CONVERSION with the wrong encodings - for the specified conversion function (Heikki) - - - - This prevents one possible scenario for encoding conversion failure. - The previous change is a backstop to guard against other kinds of - failures in the same area. - - - - - - Fix core dump when to_char() is given format codes that - are inappropriate for the type of the data argument (Tom) - - - - - - Fix possible failure in contrib/tsearch2 when C locale is - used with a multi-byte encoding (Teodor) - - - - Crashes were possible on platforms where wchar_t is narrower - than int; Windows in particular. - - - - - - Fix extreme inefficiency in contrib/tsearch2 parser's - handling of an email-like string containing multiple @ - characters (Heikki) - - - - - - Fix decompilation of CASE WHEN with an implicit coercion - (Tom) - - - - This mistake could lead to Assert failures in an Assert-enabled build, - or an unexpected CASE WHEN clause error message in other - cases, when trying to examine or dump a view. - - - - - - Fix possible misassignment of the owner of a TOAST table's rowtype (Tom) - - - - If CLUSTER or a rewriting variant of ALTER TABLE - were executed by someone other than the table owner, the - pg_type entry for the table's TOAST table would end up - marked as owned by that someone. This caused no immediate problems, - since the permissions on the TOAST rowtype aren't examined by any - ordinary database operation. However, it could lead to unexpected - failures if one later tried to drop the role that issued the command - (in 8.1 or 8.2), or owner of data type appears to be invalid - warnings from pg_dump after having done so (in 8.3). - - - - - - Fix PL/pgSQL to not treat INTO after INSERT as - an INTO-variables clause anywhere in the string, not only at the start; - in particular, don't fail for INSERT INTO within - CREATE RULE (Tom) - - - - - - Clean up PL/pgSQL error status variables fully at block exit - (Ashesh Vashi and Dave Page) - - - - This is not a problem for PL/pgSQL itself, but the omission could cause - the PL/pgSQL Debugger to crash while examining the state of a function. - - - - - - Retry failed calls to CallNamedPipe() on Windows - (Steve Marshall, Magnus) - - - - It appears that this function can sometimes fail transiently; - we previously treated any failure as a hard error, which could - confuse LISTEN/NOTIFY as well as other - operations. - - - - - - Add MUST (Mauritius Island Summer Time) to the default list - of known timezone abbreviations (Xavier Bugaud) - - - - - - - - - - Release 8.2.12 - - - Release date: - 2009-02-02 - - - - This release contains a variety of fixes from 8.2.11. - For information about new features in the 8.2 major release, see - . - - - - Migration to Version 8.2.12 - - - A dump/restore is not required for those running 8.2.X. - However, if you are upgrading from a version earlier than 8.2.11, - see . - - - - - - Changes - - - - - - Improve handling of URLs in headline() function (Teodor) - - - - - - Improve handling of overlength headlines in headline() - function (Teodor) - - - - - - Prevent possible Assert failure or misconversion if an encoding - conversion is created with the wrong conversion function for the - specified pair of encodings (Tom, Heikki) - - - - - - Fix possible Assert failure if a statement executed in PL/pgSQL is - rewritten into another kind of statement, for example if an - INSERT is rewritten into an UPDATE (Heikki) - - - - - - Ensure that a snapshot is available to datatype input functions (Tom) - - - - This primarily affects domains that are declared with CHECK - constraints involving user-defined stable or immutable functions. Such - functions typically fail if no snapshot has been set. - - - - - - Make it safer for SPI-using functions to be used within datatype I/O; - in particular, to be used in domain check constraints (Tom) - - - - - - Avoid unnecessary locking of small tables in VACUUM - (Heikki) - - - - - - Fix a problem that made UPDATE RETURNING tableoid - return zero instead of the correct OID (Tom) - - - - - - Fix planner misestimation of selectivity when transitive equality - is applied to an outer-join clause (Tom) - - - - This could result in bad plans for queries like - ... from a left join b on a.a1 = b.b1 where a.a1 = 42 ... - - - - - - Improve optimizer's handling of long IN lists (Tom) - - - - This change avoids wasting large amounts of time on such lists - when constraint exclusion is enabled. - - - - - - Ensure that the contents of a holdable cursor don't depend on the - contents of TOAST tables (Tom) - - - - Previously, large field values in a cursor result might be represented - as TOAST pointers, which would fail if the referenced table got dropped - before the cursor is read, or if the large value is deleted and then - vacuumed away. This cannot happen with an ordinary cursor, - but it could with a cursor that is held past its creating transaction. - - - - - - Fix memory leak when a set-returning function is terminated without - reading its whole result (Tom) - - - - - - Fix contrib/dblink's - dblink_get_result(text,bool) function (Joe) - - - - - - Fix possible garbage output from contrib/sslinfo functions - (Tom) - - - - - - Fix configure script to properly report failure when - unable to obtain linkage information for PL/Perl (Andrew) - - - - - - Make all documentation reference pgsql-bugs and/or - pgsql-hackers as appropriate, instead of the - now-decommissioned pgsql-ports and pgsql-patches - mailing lists (Tom) - - - - - - Update time zone data files to tzdata release 2009a (for - Kathmandu and historical DST corrections in Switzerland, Cuba) - - - - - - - - - - Release 8.2.11 - - - Release date: - 2008-11-03 - - - - This release contains a variety of fixes from 8.2.10. - For information about new features in the 8.2 major release, see - . - - - - Migration to Version 8.2.11 - - - A dump/restore is not required for those running 8.2.X. - However, if you are upgrading from a version earlier than 8.2.7, - see . Also, if you were running a previous - 8.2.X release, it is recommended to REINDEX all GiST - indexes after the upgrade. - - - - - - Changes - - - - - - Fix GiST index corruption due to marking the wrong index entry - dead after a deletion (Teodor) - - - - This would result in index searches failing to find rows they - should have found. Corrupted indexes can be fixed with - REINDEX. - - - - - - Fix backend crash when the client encoding cannot represent a localized - error message (Tom) - - - - We have addressed similar issues before, but it would still fail if - the character has no equivalent message itself couldn't - be converted. The fix is to disable localization and send the plain - ASCII error message when we detect such a situation. - - - - - - Fix possible crash when deeply nested functions are invoked from - a trigger (Tom) - - - - - - Improve optimization of expression IN - (expression-list) queries (Tom, per an idea from Robert - Haas) - - - - Cases in which there are query variables on the right-hand side had been - handled less efficiently in 8.2.x and 8.3.x than in prior versions. - The fix restores 8.1 behavior for such cases. - - - - - - Fix mis-expansion of rule queries when a sub-SELECT appears - in a function call in FROM, a multi-row VALUES - list, or a RETURNING list (Tom) - - - - The usual symptom of this problem is an unrecognized node type - error. - - - - - - Fix memory leak during rescan of a hashed aggregation plan (Neil) - - - - - - Ensure an error is reported when a newly-defined PL/pgSQL trigger - function is invoked as a normal function (Tom) - - - - - - Prevent possible collision of relfilenode numbers - when moving a table to another tablespace with ALTER SET - TABLESPACE (Heikki) - - - - The command tried to re-use the existing filename, instead of - picking one that is known unused in the destination directory. - - - - - - Fix incorrect tsearch2 headline generation when single query - item matches first word of text (Sushant Sinha) - - - - - - Fix improper display of fractional seconds in interval values when - using a non-ISO datestyle in an - build (Ron Mayer) - - - - - - Ensure SPI_getvalue and SPI_getbinval - behave correctly when the passed tuple and tuple descriptor have - different numbers of columns (Tom) - - - - This situation is normal when a table has had columns added or removed, - but these two functions didn't handle it properly. - The only likely consequence is an incorrect error indication. - - - - - - Fix ecpg's parsing of CREATE ROLE (Michael) - - - - - - Fix recent breakage of pg_ctl restart (Tom) - - - - - - Ensure pg_control is opened in binary mode - (Itagaki Takahiro) - - - - pg_controldata and pg_resetxlog - did this incorrectly, and so could fail on Windows. - - - - - - Update time zone data files to tzdata release 2008i (for - DST law changes in Argentina, Brazil, Mauritius, Syria) - - - - - - - - - - Release 8.2.10 - - - Release date: - 2008-09-22 - - - - This release contains a variety of fixes from 8.2.9. - For information about new features in the 8.2 major release, see - . - - - - Migration to Version 8.2.10 - - - A dump/restore is not required for those running 8.2.X. - However, if you are upgrading from a version earlier than 8.2.7, - see . - - - - - - Changes - - - - - - Fix bug in btree WAL recovery code (Heikki) - - - - Recovery failed if the WAL ended partway through a page split operation. - - - - - - Fix potential miscalculation of datfrozenxid (Alvaro) - - - - This error may explain some recent reports of failure to remove old - pg_clog data. - - - - - - Widen local lock counters from 32 to 64 bits (Tom) - - - - This responds to reports that the counters could overflow in - sufficiently long transactions, leading to unexpected lock is - already held errors. - - - - - - Fix possible duplicate output of tuples during a GiST index scan (Teodor) - - - - - - Fix missed permissions checks when a view contains a simple - UNION ALL construct (Heikki) - - - - Permissions for the referenced tables were checked properly, but not - permissions for the view itself. - - - - - - Add checks in executor startup to ensure that the tuples produced by an - INSERT or UPDATE will match the target table's - current rowtype (Tom) - - - - ALTER COLUMN TYPE, followed by re-use of a previously - cached plan, could produce this type of situation. The check protects - against data corruption and/or crashes that could ensue. - - - - - - Fix possible repeated drops during DROP OWNED (Tom) - - - - This would typically result in strange errors such as cache - lookup failed for relation NNN. - - - - - - Fix AT TIME ZONE to first try to interpret its timezone - argument as a timezone abbreviation, and only try it as a full timezone - name if that fails, rather than the other way around as formerly (Tom) - - - - The timestamp input functions have always resolved ambiguous zone names - in this order. Making AT TIME ZONE do so as well improves - consistency, and fixes a compatibility bug introduced in 8.1: - in ambiguous cases we now behave the same as 8.0 and before did, - since in the older versions AT TIME ZONE accepted - only abbreviations. - - - - - - Fix datetime input functions to correctly detect integer overflow when - running on a 64-bit platform (Tom) - - - - - - Prevent integer overflows during units conversion when displaying a - configuration parameter that has units (Tom) - - - - - - Improve performance of writing very long log messages to syslog (Tom) - - - - - - Allow spaces in the suffix part of an LDAP URL in - pg_hba.conf (Tom) - - - - - - Fix bug in backwards scanning of a cursor on a SELECT DISTINCT - ON query (Tom) - - - - - - Fix planner bug with nested sub-select expressions (Tom) - - - - If the outer sub-select has no direct dependency on the parent query, - but the inner one does, the outer value might not get recalculated - for new parent query rows. - - - - - - Fix planner to estimate that GROUP BY expressions yielding - boolean results always result in two groups, regardless of the - expressions' contents (Tom) - - - - This is very substantially more accurate than the regular GROUP - BY estimate for certain boolean tests like col - IS NULL. - - - - - - Fix PL/pgSQL to not fail when a FOR loop's target variable - is a record containing composite-type fields (Tom) - - - - - - Fix PL/Tcl to behave correctly with Tcl 8.5, and to be more careful - about the encoding of data sent to or from Tcl (Tom) - - - - - - On Windows, work around a Microsoft bug by preventing - libpq from trying to send more than 64kB per system call - (Magnus) - - - - - - Improve pg_dump and pg_restore's - error reporting after failure to send a SQL command (Tom) - - - - - - Fix pg_ctl to properly preserve postmaster - command-line arguments across a restart (Bruce) - - - - - - Update time zone data files to tzdata release 2008f (for - DST law changes in Argentina, Bahamas, Brazil, Mauritius, Morocco, - Pakistan, Palestine, and Paraguay) - - - - - - - - - - Release 8.2.9 - - - Release date: - 2008-06-12 - - - - This release contains one serious and one minor bug fix over 8.2.8. - For information about new features in the 8.2 major release, see - . - - - - Migration to Version 8.2.9 - - - A dump/restore is not required for those running 8.2.X. - However, if you are upgrading from a version earlier than 8.2.7, - see . - - - - - - Changes - - - - - - Make pg_get_ruledef() parenthesize negative constants (Tom) - - - - Before this fix, a negative constant in a view or rule might be dumped - as, say, -42::integer, which is subtly incorrect: it should - be (-42)::integer due to operator precedence rules. - Usually this would make little difference, but it could interact with - another recent patch to cause - PostgreSQL to reject what had been a valid - SELECT DISTINCT view query. Since this could result in - pg_dump output failing to reload, it is being treated - as a high-priority fix. The only released versions in which dump - output is actually incorrect are 8.3.1 and 8.2.7. - - - - - - Make ALTER AGGREGATE ... OWNER TO update - pg_shdepend (Tom) - - - - This oversight could lead to problems if the aggregate was later - involved in a DROP OWNED or REASSIGN OWNED - operation. - - - - - - - - - - Release 8.2.8 - - - Release date: - never released - - - - This release contains a variety of fixes from 8.2.7. - For information about new features in the 8.2 major release, see - . - - - - Migration to Version 8.2.8 - - - A dump/restore is not required for those running 8.2.X. - However, if you are upgrading from a version earlier than 8.2.7, - see . - - - - - - Changes - - - - - - Fix ERRORDATA_STACK_SIZE exceeded crash that - occurred on Windows when using UTF-8 database encoding and a different - client encoding (Tom) - - - - - - Fix ALTER TABLE ADD COLUMN ... PRIMARY KEY so that the new - column is correctly checked to see if it's been initialized to all - non-nulls (Brendan Jurd) - - - - Previous versions neglected to check this requirement at all. - - - - - - Fix possible CREATE TABLE failure when inheriting the - same constraint from multiple parent relations that - inherited that constraint from a common ancestor (Tom) - - - - - - Fix pg_get_ruledef() to show the alias, if any, attached - to the target table of an UPDATE or DELETE - (Tom) - - - - - - Fix GIN bug that could result in a too many LWLocks - taken failure (Teodor) - - - - - - Avoid possible crash when decompressing corrupted data - (Zdenek Kotala) - - - - - - Repair two places where SIGTERM exit of a backend could leave corrupted - state in shared memory (Tom) - - - - Neither case is very important if SIGTERM is used to shut down the - whole database cluster together, but there was a problem if someone - tried to SIGTERM individual backends. - - - - - - Fix conversions between ISO-8859-5 and other encodings to handle - Cyrillic Yo characters (e and E with - two dots) (Sergey Burladyan) - - - - - - Fix several datatype input functions, notably array_in(), - that were allowing unused bytes in their results to contain - uninitialized, unpredictable values (Tom) - - - - This could lead to failures in which two apparently identical literal - values were not seen as equal, resulting in the parser complaining - about unmatched ORDER BY and DISTINCT - expressions. - - - - - - Fix a corner case in regular-expression substring matching - (substring(string from - pattern)) (Tom) - - - - The problem occurs when there is a match to the pattern overall but - the user has specified a parenthesized subexpression and that - subexpression hasn't got a match. An example is - substring('foo' from 'foo(bar)?'). - This should return NULL, since (bar) isn't matched, but - it was mistakenly returning the whole-pattern match instead (ie, - foo). - - - - - - Update time zone data files to tzdata release 2008c (for - DST law changes in Morocco, Iraq, Choibalsan, Pakistan, Syria, Cuba, and - Argentina/San_Luis) - - - - - - Fix incorrect result from ecpg's - PGTYPEStimestamp_sub() function (Michael) - - - - - - Fix broken GiST comparison function for contrib/tsearch2's - tsquery type (Teodor) - - - - - - Fix possible crashes in contrib/cube functions (Tom) - - - - - - Fix core dump in contrib/xml2's - xpath_table() function when the input query returns a - NULL value (Tom) - - - - - - Fix contrib/xml2's makefile to not override - CFLAGS (Tom) - - - - - - Fix DatumGetBool macro to not fail with gcc - 4.3 (Tom) - - - - This problem affects old style (V0) C functions that - return boolean. The fix is already in 8.3, but the need to - back-patch it was not realized at the time. - - - - - - - - - - Release 8.2.7 - - - Release date: - 2008-03-17 - - - - This release contains a variety of fixes from 8.2.6. - For information about new features in the 8.2 major release, see - . - - - - Migration to Version 8.2.7 - - - A dump/restore is not required for those running 8.2.X. - However, you might need to REINDEX indexes on textual - columns after updating, if you are affected by the Windows locale - issue described below. - - - - - - Changes - - - - - - Fix character string comparison for Windows locales that consider - different character combinations as equal (Tom) - - - - This fix applies only on Windows and only when using UTF-8 - database encoding. The same fix was made for all other cases - over two years ago, but Windows with UTF-8 uses a separate code - path that was not updated. If you are using a locale that - considers some non-identical strings as equal, you may need to - REINDEX to fix existing indexes on textual columns. - - - - - - Repair potential deadlock between concurrent VACUUM FULL - operations on different system catalogs (Tom) - - - - - - Fix longstanding LISTEN/NOTIFY - race condition (Tom) - - - - In rare cases a session that had just executed a - LISTEN might not get a notification, even though - one would be expected because the concurrent transaction executing - NOTIFY was observed to commit later. - - - - A side effect of the fix is that a transaction that has executed - a not-yet-committed LISTEN command will not see any - row in pg_listener for the LISTEN, - should it choose to look; formerly it would have. This behavior - was never documented one way or the other, but it is possible that - some applications depend on the old behavior. - - - - - - Disallow LISTEN and UNLISTEN within a - prepared transaction (Tom) - - - - This was formerly allowed but trying to do it had various unpleasant - consequences, notably that the originating backend could not exit - as long as an UNLISTEN remained uncommitted. - - - - - - Disallow dropping a temporary table within a - prepared transaction (Heikki) - - - - This was correctly disallowed by 8.1, but the check was inadvertently - broken in 8.2. - - - - - - Fix rare crash when an error occurs during a query using a hash index - (Heikki) - - - - - - Fix memory leaks in certain usages of set-returning functions (Neil) - - - - - - Fix input of datetime values for February 29 in years BC (Tom) - - - - The former coding was mistaken about which years were leap years. - - - - - - Fix unrecognized node type error in some variants of - ALTER OWNER (Tom) - - - - - - Ensure pg_stat_activity.waiting flag - is cleared when a lock wait is aborted (Tom) - - - - - - Fix handling of process permissions on Windows Vista (Dave, Magnus) - - - - In particular, this fix allows starting the server as the Administrator - user. - - - - - - Update time zone data files to tzdata release 2008a - (in particular, recent Chile changes); adjust timezone abbreviation - VET (Venezuela) to mean UTC-4:30, not UTC-4:00 (Tom) - - - - - - Fix pg_ctl to correctly extract the postmaster's port - number from command-line options (Itagaki Takahiro, Tom) - - - - Previously, pg_ctl start -w could try to contact the - postmaster on the wrong port, leading to bogus reports of startup - failure. - - - - - - Use to defend against possible misoptimization - in recent gcc versions (Tom) - - - - This is known to be necessary when building PostgreSQL - with gcc 4.3 or later. - - - - - - - Correctly enforce statement_timeout values longer - than INT_MAX microseconds (about 35 minutes) (Tom) - - - - This bug affects only builds with . - - - - - - Fix unexpected PARAM_SUBLINK ID planner error when - constant-folding simplifies a sub-select (Tom) - - - - - - Fix logical errors in constraint-exclusion handling of IS - NULL and NOT expressions (Tom) - - - - The planner would sometimes exclude partitions that should not - have been excluded because of the possibility of NULL results. - - - - - - Fix another cause of failed to build any N-way joins - planner errors (Tom) - - - - This could happen in cases where a clauseless join needed to be - forced before a join clause could be exploited. - - - - - - Fix incorrect constant propagation in outer-join planning (Tom) - - - - The planner could sometimes incorrectly conclude that a variable - could be constrained to be equal to a constant, leading - to wrong query results. - - - - - - Fix display of constant expressions in ORDER BY - and GROUP BY (Tom) - - - - An explicitly casted constant would be shown incorrectly. This could - for example lead to corruption of a view definition during - dump and reload. - - - - - - Fix libpq to handle NOTICE messages correctly - during COPY OUT (Tom) - - - - This failure has only been observed to occur when a user-defined - datatype's output routine issues a NOTICE, but there is no - guarantee it couldn't happen due to other causes. - - - - - - - - - - Release 8.2.6 - - - Release date: - 2008-01-07 - - - - This release contains a variety of fixes from 8.2.5, - including fixes for significant security issues. - For information about new features in the 8.2 major release, see - . - - - - Migration to Version 8.2.6 - - - A dump/restore is not required for those running 8.2.X. - - - - - - Changes - - - - - - Prevent functions in indexes from executing with the privileges of - the user running VACUUM, ANALYZE, etc (Tom) - - - - Functions used in index expressions and partial-index - predicates are evaluated whenever a new table entry is made. It has - long been understood that this poses a risk of trojan-horse code - execution if one modifies a table owned by an untrustworthy user. - (Note that triggers, defaults, check constraints, etc. pose the - same type of risk.) But functions in indexes pose extra danger - because they will be executed by routine maintenance operations - such as VACUUM FULL, which are commonly performed - automatically under a superuser account. For example, a nefarious user - can execute code with superuser privileges by setting up a - trojan-horse index definition and waiting for the next routine vacuum. - The fix arranges for standard maintenance operations - (including VACUUM, ANALYZE, REINDEX, - and CLUSTER) to execute as the table owner rather than - the calling user, using the same privilege-switching mechanism already - used for SECURITY DEFINER functions. To prevent bypassing - this security measure, execution of SET SESSION - AUTHORIZATION and SET ROLE is now forbidden within a - SECURITY DEFINER context. (CVE-2007-6600) - - - - - - Repair assorted bugs in the regular-expression package (Tom, Will Drewry) - - - - Suitably crafted regular-expression patterns could cause crashes, - infinite or near-infinite looping, and/or massive memory consumption, - all of which pose denial-of-service hazards for applications that - accept regex search patterns from untrustworthy sources. - (CVE-2007-4769, CVE-2007-4772, CVE-2007-6067) - - - - - - Require non-superusers who use /contrib/dblink to use only - password authentication, as a security measure (Joe) - - - - The fix that appeared for this in 8.2.5 was incomplete, as it plugged - the hole for only some dblink functions. (CVE-2007-6601, - CVE-2007-3278) - - - - - - Fix bugs in WAL replay for GIN indexes (Teodor) - - - - - - Fix GIN index build to work properly when - maintenance_work_mem is 4GB or more (Tom) - - - - - - Update time zone data files to tzdata release 2007k - (in particular, recent Argentina changes) (Tom) - - - - - - Improve planner's handling of LIKE/regex estimation in non-C locales - (Tom) - - - - - - Fix planning-speed problem for deep outer-join nests, as well as - possible poor choice of join order (Tom) - - - - - - Fix planner failure in some cases of WHERE false AND var IN - (SELECT ...) (Tom) - - - - - - Make CREATE TABLE ... SERIAL and - ALTER SEQUENCE ... OWNED BY not change the - currval() state of the sequence (Tom) - - - - - - Preserve the tablespace and storage parameters of indexes that are - rebuilt by ALTER TABLE ... ALTER COLUMN TYPE (Tom) - - - - - - Make archive recovery always start a new WAL timeline, rather than only - when a recovery stop time was used (Simon) - - - - This avoids a corner-case risk of trying to overwrite an existing - archived copy of the last WAL segment, and seems simpler and cleaner - than the original definition. - - - - - - Make VACUUM not use all of maintenance_work_mem - when the table is too small for it to be useful (Alvaro) - - - - - - Fix potential crash in translate() when using a multibyte - database encoding (Tom) - - - - - - Make corr() return the correct result for negative - correlation values (Neil) - - - - - - Fix overflow in extract(epoch from interval) for intervals - exceeding 68 years (Tom) - - - - - - Fix PL/Perl to not fail when a UTF-8 regular expression is used - in a trusted function (Andrew) - - - - - - Fix PL/Perl to cope when platform's Perl defines type bool - as int rather than char (Tom) - - - - While this could theoretically happen anywhere, no standard build of - Perl did things this way ... until macOS 10.5. - - - - - - Fix PL/Python to work correctly with Python 2.5 on 64-bit machines - (Marko Kreen) - - - - - - Fix PL/Python to not crash on long exception messages (Alvaro) - - - - - - Fix pg_dump to correctly handle inheritance child tables - that have default expressions different from their parent's (Tom) - - - - - - Fix libpq crash when PGPASSFILE refers - to a file that is not a plain file (Martin Pitt) - - - - - - ecpg parser fixes (Michael) - - - - - - Make contrib/pgcrypto defend against - OpenSSL libraries that fail on keys longer than 128 - bits; which is the case at least on some Solaris versions (Marko Kreen) - - - - - - Make contrib/tablefunc's crosstab() handle - NULL rowid as a category in its own right, rather than crashing (Joe) - - - - - - Fix tsvector and tsquery output routines to - escape backslashes correctly (Teodor, Bruce) - - - - - - Fix crash of to_tsvector() on huge input strings (Teodor) - - - - - - Require a specific version of Autoconf to be used - when re-generating the configure script (Peter) - - - - This affects developers and packagers only. The change was made - to prevent accidental use of untested combinations of - Autoconf and PostgreSQL versions. - You can remove the version check if you really want to use a - different Autoconf version, but it's - your responsibility whether the result works or not. - - - - - - Update gettimeofday configuration check so that - PostgreSQL can be built on newer versions of - MinGW (Magnus) - - - - - - - - - - Release 8.2.5 - - - Release date: - 2007-09-17 - - - - This release contains a variety of fixes from 8.2.4. - For information about new features in the 8.2 major release, see - . - - - - Migration to Version 8.2.5 - - - A dump/restore is not required for those running 8.2.X. - - - - - - Changes - - - - - - Prevent index corruption when a transaction inserts rows and - then aborts close to the end of a concurrent VACUUM - on the same table (Tom) - - - - - - Fix ALTER DOMAIN ADD CONSTRAINT for cases involving - domains over domains (Tom) - - - - - - Make CREATE DOMAIN ... DEFAULT NULL work properly (Tom) - - - - - - Fix some planner problems with outer joins, notably poor - size estimation for t1 LEFT JOIN t2 WHERE t2.col IS NULL - (Tom) - - - - - - Allow the interval data type to accept input consisting only of - milliseconds or microseconds (Neil) - - - - - - Allow timezone name to appear before the year in timestamp input (Tom) - - - - - - Fixes for GIN indexes used by /contrib/tsearch2 (Teodor) - - - - - - Speed up rtree index insertion (Teodor) - - - - - - Fix excessive logging of SSL error messages (Tom) - - - - - - Fix logging so that log messages are never interleaved when using - the syslogger process (Andrew) - - - - - - Fix crash when log_min_error_statement logging runs out - of memory (Tom) - - - - - - Fix incorrect handling of some foreign-key corner cases (Tom) - - - - - - Fix stddev_pop(numeric) and var_pop(numeric) (Tom) - - - - - - Prevent REINDEX and CLUSTER from failing - due to attempting to process temporary tables of other sessions (Alvaro) - - - - - - Update the time zone database rules, particularly New Zealand's upcoming changes (Tom) - - - - - - Windows socket and semaphore improvements (Magnus) - - - - - - Make pg_ctl -w work properly in Windows service mode (Dave Page) - - - - - - Fix memory allocation bug when using MIT Kerberos on Windows (Magnus) - - - - - - Suppress timezone name (%Z) in log timestamps on Windows - because of possible encoding mismatches (Tom) - - - - - - Require non-superusers who use /contrib/dblink to use only - password authentication, as a security measure (Joe) - - - - - - Restrict /contrib/pgstattuple functions to superusers, for security reasons (Tom) - - - - - - Do not let /contrib/intarray try to make its GIN opclass - the default (this caused problems at dump/restore) (Tom) - - - - - - - - - - Release 8.2.4 - - - Release date: - 2007-04-23 - - - - This release contains a variety of fixes from 8.2.3, - including a security fix. - For information about new features in the 8.2 major release, see - . - - - - Migration to Version 8.2.4 - - - A dump/restore is not required for those running 8.2.X. - - - - - - Changes - - - - - - Support explicit placement of the temporary-table schema within - search_path, and disable searching it for functions - and operators (Tom) - - - - This is needed to allow a security-definer function to set a - truly secure value of search_path. Without it, - an unprivileged SQL user can use temporary objects to execute code - with the privileges of the security-definer function (CVE-2007-2138). - See CREATE FUNCTION for more information. - - - - - - Fix shared_preload_libraries for Windows - by forcing reload in each backend (Korry Douglas) - - - - - - Fix to_char() so it properly upper/lower cases localized day or month - names (Pavel Stehule) - - - - - - /contrib/tsearch2 crash fixes (Teodor) - - - - - - Require COMMIT PREPARED to be executed in the same - database as the transaction was prepared in (Heikki) - - - - - - Allow pg_dump to do binary backups larger than two gigabytes - on Windows (Magnus) - - - - - - New traditional (Taiwan) Chinese FAQ (Zhou Daojing) - - - - - - Prevent the statistics collector from writing to disk too frequently (Tom) - - - - - - Fix potential-data-corruption bug in how VACUUM FULL handles - UPDATE chains (Tom, Pavan Deolasee) - - - - - - Fix bug in domains that use array types (Tom) - - - - - - Fix pg_dump so it can dump a serial column's sequence - using when not also dumping the owning table - (Tom) - - - - - - Planner fixes, including improving outer join and bitmap scan - selection logic (Tom) - - - - - - Fix possible wrong answers or crash when a PL/pgSQL function tries - to RETURN from within an EXCEPTION block - (Tom) - - - - - - Fix PANIC during enlargement of a hash index (Tom) - - - - - - Fix POSIX-style timezone specs to follow new USA DST rules (Tom) - - - - - - - - - - Release 8.2.3 - - - Release date: - 2007-02-07 - - - - This release contains two fixes from 8.2.2. - For information about new features in the 8.2 major release, see - . - - - - Migration to Version 8.2.3 - - - A dump/restore is not required for those running 8.2.X. - - - - - - Changes - - - - - - Remove overly-restrictive check for type length in constraints and - functional indexes(Tom) - - - - - - Fix optimization so MIN/MAX in subqueries can again use indexes (Tom) - - - - - - - - - - Release 8.2.2 - - - Release date: - 2007-02-05 - - - - This release contains a variety of fixes from 8.2.1, including - a security fix. - For information about new features in the 8.2 major release, see - . - - - - Migration to Version 8.2.2 - - - A dump/restore is not required for those running 8.2.X. - - - - - - Changes - - - - - - Remove security vulnerabilities that allowed connected users - to read backend memory (Tom) - - - - The vulnerabilities involve suppressing the normal check that a SQL - function returns the data type it's declared to, and changing the - data type of a table column (CVE-2007-0555, CVE-2007-0556). These - errors can easily be exploited to cause a backend crash, and in - principle might be used to read database content that the user - should not be able to access. - - - - - - Fix not-so-rare-anymore bug wherein btree index page splits could fail - due to choosing an infeasible split point (Heikki Linnakangas) - - - - - - Fix Borland C compile scripts (L Bayuk) - - - - - - Properly handle to_char('CC') for years ending in - 00 (Tom) - - - - Year 2000 is in the twentieth century, not the twenty-first. - - - - - - /contrib/tsearch2 localization improvements (Tatsuo, Teodor) - - - - - - Fix incorrect permission check in - information_schema.key_column_usage view (Tom) - - - - The symptom is relation with OID nnnnn does not exist errors. - To get this fix without using initdb, use CREATE OR - REPLACE VIEW to install the corrected definition found in - share/information_schema.sql. Note you will need to do - this in each database. - - - - - - Improve VACUUM performance for databases with many tables (Tom) - - - - - - Fix for rare Assert() crash triggered by UNION (Tom) - - - - - - Fix potentially incorrect results from index searches using - ROW inequality conditions (Tom) - - - - - - Tighten security of multi-byte character processing for UTF8 sequences - over three bytes long (Tom) - - - - - - Fix bogus permission denied failures occurring on Windows - due to attempts to fsync already-deleted files (Magnus, Tom) - - - - - - Fix bug that could cause the statistics collector - to hang on Windows (Magnus) - - - - This would in turn lead to autovacuum not working. - - - - - - Fix possible crashes when an already-in-use PL/pgSQL function is - updated (Tom) - - - - - - Improve PL/pgSQL handling of domain types (Sergiy Vyshnevetskiy, Tom) - - - - - - Fix possible errors in processing PL/pgSQL exception blocks (Tom) - - - - - - - - - - Release 8.2.1 - - - Release date: - 2007-01-08 - - - - This release contains a variety of fixes from 8.2. - For information about new features in the 8.2 major release, see - . - - - - Migration to Version 8.2.1 - - - A dump/restore is not required for those running 8.2. - - - - - - Changes - - - - - - Fix crash with SELECT ... LIMIT ALL (also - LIMIT NULL) (Tom) - - - - - - Several /contrib/tsearch2 fixes (Teodor) - - - - - - On Windows, make log messages coming from the operating system use - ASCII encoding (Hiroshi Saito) - - - - This fixes a conversion problem when there is a mismatch between - the encoding of the operating system and database server. - - - - - - Fix Windows linking of pg_dump using - win32.mak - (Hiroshi Saito) - - - - - - Fix planner mistakes for outer join queries (Tom) - - - - - - Fix several problems in queries involving sub-SELECTs (Tom) - - - - - - Fix potential crash in SPI during subtransaction abort (Tom) - - - - This affects all PL functions since they all use SPI. - - - - - - Improve build speed of PDF documentation (Peter) - - - - - - Re-add JST (Japan) timezone abbreviation (Tom) - - - - - - Improve optimization decisions related to index scans (Tom) - - - - - - Have psql print multi-byte combining characters as - before, rather than output as \u (Tom) - - - - - - Improve index usage of regular expressions that use parentheses (Tom) - - - - This improves psql \d performance also. - - - - - - Make pg_dumpall assume that databases have public - CONNECT privilege, when dumping from a pre-8.2 server (Tom) - - - - This preserves the previous behavior that anyone can connect to a - database if allowed by pg_hba.conf. - - - - - - - - - - Release 8.2 - - - Release date: - 2006-12-05 - - - - Overview - - - This release adds many functionality and performance improvements that - were requested by users, including: - - - - - - Query language enhancements including INSERT/UPDATE/DELETE - RETURNING, multirow VALUES lists, and - optional target-table alias in - UPDATE/DELETE - - - - - - Index creation without blocking concurrent - INSERT/UPDATE/DELETE - operations - - - - - - Many query optimization improvements, including support for - reordering outer joins - - - - - - Improved sorting performance with lower memory usage - - - - - - More efficient locking with better concurrency - - - - - - More efficient vacuuming - - - - - - Easier administration of warm standby servers - - - - - - New FILLFACTOR support for tables and indexes - - - - - - Monitoring, logging, and performance tuning additions - - - - - - More control over creating and dropping objects - - - - - - Table inheritance relationships can be defined - for and removed from pre-existing tables - - - - - - COPY TO can copy the output of an arbitrary - SELECT statement - - - - - - Array improvements, including nulls in arrays - - - - - - Aggregate-function improvements, including multiple-input - aggregates and SQL:2003 statistical functions - - - - - - Many contrib/ improvements - - - - - - - - - - - Migration to Version 8.2 - - - A dump/restore using pg_dump is - required for those wishing to migrate data from any previous - release. - - - - Observe the following incompatibilities: - - - - - - - Set escape_string_warning - to on by default (Bruce) - - - - This issues a warning if backslash escapes are used in - non-escape (non-E'') - strings. - - - - - - Change the row - constructor syntax (ROW(...)) so that - list elements foo.* will be expanded to a list - of their member fields, rather than creating a nested - row type field as formerly (Tom) - - - - The new behavior is substantially more useful since it - allows, for example, triggers to check for data changes - with IF row(new.*) IS DISTINCT FROM row(old.*). - The old behavior is still available by omitting .*. - - - - - - Make row comparisons - follow SQL standard semantics and allow them - to be used in index scans (Tom) - - - - Previously, row = and <> comparisons followed the - standard but < <= > >= did not. A row comparison - can now be used as an index constraint for a multicolumn - index matching the row value. - - - - - - Make row IS NOT NULL - tests follow SQL standard semantics (Tom) - - - - The former behavior conformed to the standard for simple cases - with IS NULL, but IS NOT NULL would return - true if any row field was non-null, whereas the standard says it - should return true only when all fields are non-null. - - - - - - Make SET - CONSTRAINT affect only one constraint (Kris Jurka) - - - - In previous releases, SET CONSTRAINT modified - all constraints with a matching name. In this release, - the schema search path is used to modify only the first - matching constraint. A schema specification is also - supported. This more nearly conforms to the SQL standard. - - - - - - Remove RULE permission for tables, for security reasons - (Tom) - - - - As of this release, only a table's owner can create or modify - rules for the table. For backwards compatibility, - GRANT/REVOKE RULE is still accepted, - but it does nothing. - - - - - - Array comparison improvements (Tom) - - - - Now array dimensions are also compared. - - - - - - Change array concatenation - to match documented behavior (Tom) - - - - This changes the previous behavior where concatenation - would modify the array lower bound. - - - - - - Make command-line options of postmaster - and postgres - identical (Peter) - - - - This allows the postmaster to pass arguments to each backend - without using -o. Note that some options are now - only available as long-form options, because there were conflicting - single-letter options. - - - - - - Deprecate use of postmaster symbolic link (Peter) - - - - postmaster and postgres - commands now act identically, with the behavior determined - by command-line options. The postmaster symbolic link is - kept for compatibility, but is not really needed. - - - - - - Change log_duration - to output even if the query is not output (Tom) - - - - In prior releases, log_duration only printed if - the query appeared earlier in the log. - - - - - - Make to_char(time) - and to_char(interval) - treat HH and HH12 as 12-hour - intervals - - - - Most applications should use HH24 unless they - want a 12-hour display. - - - - - - Zero unmasked bits in conversion from INET to CIDR (Tom) - - - - This ensures that the converted value is actually valid for - CIDR. - - - - - - Remove australian_timezones configuration variable - (Joachim Wieland) - - - - This variable has been superseded by a more general facility - for configuring timezone abbreviations. - - - - - - Improve cost estimation for nested-loop index scans (Tom) - - - - This might eliminate the need to set unrealistically small - values of random_page_cost. - If you have been using a very small random_page_cost, - please recheck your test cases. - - - - - - Change behavior of pg_dump -n and - -t options. (Greg Sabino Mullane) - - - See the pg_dump manual page for details. - - - - - - Change libpq - PQdsplen() to return a useful value (Martijn - van Oosterhout) - - - - - - Declare libpq - PQgetssl() as returning void *, - rather than SSL * (Martijn van Oosterhout) - - - - This allows applications to use the function without including - the OpenSSL headers. - - - - - - C-language loadable modules must now include a - PG_MODULE_MAGIC - macro call for version compatibility checking - (Martijn van Oosterhout) - - - - - - For security's sake, modules used by a PL/PerlU function are no - longer available to PL/Perl functions (Andrew) - - - - This also implies that data can no longer be shared between a PL/Perl - function and a PL/PerlU function. - Some Perl installations have not been compiled with the correct flags - to allow multiple interpreters to exist within a single process. - In this situation PL/Perl and PL/PerlU cannot both be used in a - single backend. The solution is to get a Perl installation which - supports multiple interpreters. - - - - - - - In contrib/xml2/, rename xml_valid() to - xml_is_well_formed() (Tom) - - - - xml_valid() will remain for backward compatibility, - but its behavior will change to do schema checking in a future - release. - - - - - - Remove contrib/ora2pg/, now at - - - - - - Remove contrib modules that have been migrated to PgFoundry: - adddepend, dbase, dbmirror, - fulltextindex, mac, userlock - - - - - - Remove abandoned contrib modules: - mSQL-interface, tips - - - - - - Remove QNX and BEOS ports (Bruce) - - - - These ports no longer had active maintainers. - - - - - - - - Changes - - - Below you will find a detailed account of the - changes between PostgreSQL 8.2 and - the previous major release. - - - - Performance Improvements - - - - - Allow the planner to reorder outer - joins in some circumstances (Tom) - - - - In previous releases, outer joins would always be evaluated in - the order written in the query. This change allows the - query optimizer to consider reordering outer joins, in cases where - it can determine that the join order can be changed without - altering the meaning of the query. This can make a - considerable performance difference for queries involving - multiple outer joins or mixed inner and outer joins. - - - - - - Improve efficiency of IN - (list-of-expressions) clauses (Tom) - - - - - - Improve sorting speed and reduce memory usage (Simon, Tom) - - - - - - Improve subtransaction performance (Alvaro, Itagaki Takahiro, - Tom) - - - - - - Add FILLFACTOR to table and index creation (ITAGAKI - Takahiro) - - - - This leaves extra free space in each table or index page, - allowing improved performance as the database grows. This - is particularly valuable to maintain clustering. - - - - - - Increase default values for shared_buffers - and max_fsm_pages - (Andrew) - - - - - - Improve locking performance by breaking the lock manager tables into - sections - (Tom) - - - - This allows locking to be more fine-grained, reducing - contention. - - - - - - Reduce locking requirements of sequential scans (Qingqing - Zhou) - - - - - - Reduce locking required for database creation and destruction - (Tom) - - - - - - Improve the optimizer's selectivity estimates for LIKE, ILIKE, and - regular expression - operations (Tom) - - - - - - Improve planning of joins to inherited - tables and UNION - ALL views (Tom) - - - - - - Allow constraint - exclusion to be applied to inherited UPDATE and - DELETE queries (Tom) - - - - SELECT already honored constraint exclusion. - - - - - - Improve planning of constant WHERE clauses, such as - a condition that depends only on variables inherited from an - outer query level (Tom) - - - - - - Protocol-level unnamed prepared statements are re-planned - for each set of BIND values (Tom) - - - - This improves performance because the exact parameter values - can be used in the plan. - - - - - - Speed up vacuuming of B-Tree indexes (Heikki Linnakangas, - Tom) - - - - - - Avoid extra scan of tables without indexes during VACUUM (Greg Stark) - - - - - - Improve multicolumn GiST - indexing (Oleg, Teodor) - - - - - - Remove dead index entries before B-Tree page split (Junji - Teramoto) - - - - - - - - - Server Changes - - - - - Allow a forced switch to a new transaction log file (Simon, Tom) - - - - This is valuable for keeping warm standby slave servers - in sync with the master. Transaction log file switching now also happens - automatically during pg_stop_backup(). - This ensures that all - transaction log files needed for recovery can be archived immediately. - - - - - - Add WAL informational functions (Simon) - - - - Add functions for interrogating the current transaction log insertion - point and determining WAL filenames from the - hex WAL locations displayed by pg_stop_backup() - and related functions. - - - - - - Improve recovery from a crash during WAL replay (Simon) - - - - The server now does periodic checkpoints during WAL - recovery, so if there is a crash, future WAL - recovery is shortened. This also eliminates the need for - warm standby servers to replay the entire log since the - base backup if they crash. - - - - - - Improve reliability of long-term WAL replay - (Heikki, Simon, Tom) - - - - Formerly, trying to roll forward through more than 2 billion - transactions would not work due to XID wraparound. This meant - warm standby servers had to be reloaded - from fresh base backups periodically. - - - - - - Add archive_timeout - to force transaction log file switches at a given interval (Simon) - - - - This enforces a maximum replication delay for warm standby servers. - - - - - - Add native LDAP - authentication (Magnus Hagander) - - - - This is particularly useful for platforms that do not - support PAM, such as Windows. - - - - - - Add GRANT - CONNECT ON DATABASE (Gevik Babakhani) - - - - This gives SQL-level control over database access. It works as - an additional filter on top of the existing - pg_hba.conf - controls. - - - - - - Add support for SSL - Certificate Revocation List (CRL) files - (Libor Hohoš) - - - - The server and libpq both recognize CRL - files now. - - - - - - GiST indexes are - now clusterable (Teodor) - - - - - - Remove routine autovacuum server log entries (Bruce) - - - - pg_stat_activity - now shows autovacuum activity. - - - - - - Track maximum XID age within individual tables, instead of whole databases (Alvaro) - - - - This reduces the overhead involved in preventing transaction - ID wraparound, by avoiding unnecessary VACUUMs. - - - - - - Add last vacuum and analyze timestamp columns to the stats - collector (Larry Rosenman) - - - - These values now appear in the pg_stat_*_tables - system views. - - - - - - Improve performance of statistics monitoring, especially - stats_command_string - (Tom, Bruce) - - - - This release enables stats_command_string by - default, now that its overhead is minimal. This means - pg_stat_activity - will now show all active queries by default. - - - - - - Add a waiting column to pg_stat_activity - (Tom) - - - - This allows pg_stat_activity to show all the - information included in the ps display. - - - - - - Add configuration parameter update_process_title - to control whether the ps display is updated - for every command (Bruce) - - - - On platforms where it is expensive to update the ps - display, it might be worthwhile to turn this off and rely solely on - pg_stat_activity for status information. - - - - - - Allow units to be specified in configuration settings - (Peter) - - - - For example, you can now set shared_buffers - to 32MB rather than mentally converting sizes. - - - - - - Add support for include - directives in postgresql.conf (Joachim - Wieland) - - - - - - Improve logging of protocol-level prepare/bind/execute - messages (Bruce, Tom) - - - - Such logging now shows statement names, bind parameter - values, and the text of the query being executed. Also, - the query text is properly included in logged error messages - when enabled by log_min_error_statement. - - - - - - Prevent max_stack_depth - from being set to unsafe values - - - - On platforms where we can determine the actual kernel stack depth - limit (which is most), make sure that the initial default value of - max_stack_depth is safe, and reject attempts to set it - to unsafely large values. - - - - - - Enable highlighting of error location in query in more - cases (Tom) - - - - The server is now able to report a specific error location for - some semantic errors (such as unrecognized column name), rather - than just for basic syntax errors as before. - - - - - - Fix failed to re-find parent key errors in - VACUUM (Tom) - - - - - - Clean out pg_internal.init cache files during server - restart (Simon) - - - - This avoids a hazard that the cache files might contain stale - data after PITR recovery. - - - - - - Fix race condition for truncation of a large relation across a - gigabyte boundary by VACUUM (Tom) - - - - - - Fix bug causing needless deadlock errors on row-level locks (Tom) - - - - - - Fix bugs affecting multi-gigabyte hash indexes (Tom) - - - - - - Each backend process is now its own process group leader (Tom) - - - - This allows query cancel to abort subprocesses invoked from a - backend or archive/recovery process. - - - - - - - - - Query Changes - - - - - Add INSERT/UPDATE/DELETE - RETURNING (Jonah Harris, Tom) - - - - This allows these commands to return values, such as the - computed serial key for a new row. In the UPDATE - case, values from the updated version of the row are returned. - - - - - - Add support for multiple-row VALUES clauses, - per SQL standard (Joe, Tom) - - - - This allows INSERT to insert multiple rows of - constants, or queries to generate result sets using constants. - For example, INSERT ... VALUES (...), (...), - ...., and SELECT * FROM (VALUES (...), (...), - ....) AS alias(f1, ...). - - - - - - Allow UPDATE - and DELETE - to use an alias for the target table (Atsushi Ogawa) - - - - The SQL standard does not permit an alias in these commands, but - many database systems allow one anyway for notational convenience. - - - - - - Allow UPDATE - to set multiple columns with a list of values (Susanne - Ebrecht) - - - - This is basically a short-hand for assigning the columns - and values in pairs. The syntax is UPDATE tab - SET (column, ...) = (val, ...). - - - - - - Make row comparisons work per standard (Tom) - - - - The forms <, <=, >, >= now compare rows lexicographically, - that is, compare the first elements, if equal compare the second - elements, and so on. Formerly they expanded to an AND condition - across all the elements, which was neither standard nor very useful. - - - - - - Add CASCADE - option to TRUNCATE (Joachim Wieland) - - - - This causes TRUNCATE to automatically include all tables - that reference the specified table(s) via foreign keys. While - convenient, this is a dangerous tool — use with caution! - - - - - - Support FOR UPDATE and FOR SHARE - in the same SELECT - command (Tom) - - - - - - Add IS NOT - DISTINCT FROM (Pavel Stehule) - - - - This operator is similar to equality (=), but - evaluates to true when both left and right operands are - NULL, and to false when just one is, rather than - yielding NULL in these cases. - - - - - - Improve the length output used by UNION/INTERSECT/EXCEPT - (Tom) - - - - When all corresponding columns are of the same defined length, that - length is used for the result, rather than a generic length. - - - - - - Allow ILIKE - to work for multi-byte encodings (Tom) - - - - Internally, ILIKE now calls lower() - and then uses LIKE. Locale-specific regular - expression patterns still do not work in these encodings. - - - - - - Enable standard_conforming_strings - to be turned on (Kevin Grittner) - - - - This allows backslash escaping in strings to be disabled, - making PostgreSQL more - standards-compliant. The default is off for backwards - compatibility, but future releases will default this to on. - - - - - - Do not flatten subqueries that contain volatile - functions in their target lists (Jaime Casanova) - - - - This prevents surprising behavior due to multiple evaluation - of a volatile function (such as random() - or nextval()). It might cause performance - degradation in the presence of functions that are unnecessarily - marked as volatile. - - - - - - Add system views pg_prepared_statements - and pg_cursors - to show prepared statements and open cursors (Joachim Wieland, Neil) - - - - These are very useful in pooled connection setups. - - - - - - Support portal parameters in EXPLAIN and EXECUTE (Tom) - - - - This allows, for example, JDBC ? parameters to - work in these commands. - - - - - - If SQL-level PREPARE parameters - are unspecified, infer their types from the content of the - query (Neil) - - - - Protocol-level PREPARE already did this. - - - - - - Allow LIMIT and OFFSET to exceed - two billion (Dhanaraj M) - - - - - - - - - Object Manipulation Changes - - - - - Add TABLESPACE clause to CREATE TABLE AS - (Neil) - - - - This allows a tablespace to be specified for the new table. - - - - - - Add ON COMMIT clause to CREATE TABLE AS - (Neil) - - - - This allows temporary tables to be truncated or dropped on - transaction commit. The default behavior is for the table - to remain until the session ends. - - - - - - Add INCLUDING CONSTRAINTS to CREATE TABLE LIKE - (Greg Stark) - - - - This allows easy copying of CHECK constraints to a new - table. - - - - - - Allow the creation of placeholder (shell) types (Martijn van Oosterhout) - - - - A shell type declaration creates a type name, without specifying - any of the details of the type. Making a shell type is useful - because it allows cleaner declaration of the type's input/output - functions, which must exist before the type can be defined for - real. The syntax is CREATE TYPE typename. - - - - - - Aggregate functions - now support multiple input parameters (Sergey Koposov, Tom) - - - - - - Add new aggregate creation syntax (Tom) - - - - The new syntax is CREATE AGGREGATE - aggname (input_type) - (parameter_list). This more - naturally supports the new multi-parameter aggregate - functionality. The previous syntax is still supported. - - - - - - Add ALTER ROLE PASSWORD NULL - to remove a previously set role password (Peter) - - - - - - Add DROP object IF EXISTS for many - object types (Andrew) - - - - This allows DROP operations on non-existent - objects without generating an error. - - - - - - Add DROP OWNED - to drop all objects owned by a role (Alvaro) - - - - - - Add REASSIGN - OWNED to reassign ownership of all objects owned - by a role (Alvaro) - - - - This, and DROP OWNED above, facilitate dropping - roles. - - - - - - Add GRANT ON SEQUENCE - syntax (Bruce) - - - - This was added for setting sequence-specific permissions. - GRANT ON TABLE for sequences is still supported - for backward compatibility. - - - - - - Add USAGE - permission for sequences that allows only currval() - and nextval(), not setval() - (Bruce) - - - - USAGE permission allows more fine-grained - control over sequence access. Granting USAGE - allows users to increment - a sequence, but prevents them from setting the sequence to - an arbitrary value using setval(). - - - - - - Add ALTER TABLE - [ NO ] INHERIT (Greg Stark) - - - - This allows inheritance to be adjusted dynamically, rather than - just at table creation and destruction. This is very valuable - when using inheritance to implement table partitioning. - - - - - - Allow comments on global - objects to be stored globally (Kris Jurka) - - - - Previously, comments attached to databases were stored in individual - databases, making them ineffective, and there was no provision - at all for comments on roles or tablespaces. This change adds a new - shared catalog pg_shdescription - and stores comments on databases, roles, and tablespaces therein. - - - - - - - - - Utility Command Changes - - - - - Add option to allow indexes to be created without blocking - concurrent writes to the table (Greg Stark, Tom) - - - - The new syntax is CREATE - INDEX CONCURRENTLY. The default behavior is - still to block table modification while an index is being - created. - - - - - - Provide advisory - locking functionality (Abhijit Menon-Sen, Tom) - - - - This is a new locking API designed to replace what used to be - in /contrib/userlock. The userlock code is now on pgfoundry. - - - - - - Allow COPY to - dump a SELECT query (Zoltan Boszormenyi, Karel - Zak) - - - - This allows COPY to dump arbitrary SQL - queries. The syntax is COPY (SELECT ...) TO. - - - - - - Make the COPY - command return a command tag that includes the number of - rows copied (Volkan YAZICI) - - - - - - Allow VACUUM - to expire rows without being affected by other concurrent - VACUUM operations (Hannu Krossing, Alvaro, Tom) - - - - - - Make initdb - detect the operating system locale and set the default - DateStyle accordingly (Peter) - - - - This makes it more likely that the installed - postgresql.conf DateStyle value will - be as desired. - - - - - - Reduce number of progress messages displayed by initdb (Tom) - - - - - - - - - Date/Time Changes - - - - - Allow full timezone names in timestamp input values - (Joachim Wieland) - - - - For example, '2006-05-24 21:11 - America/New_York'::timestamptz. - - - - - - Support configurable timezone abbreviations (Joachim Wieland) - - - - A desired set of timezone abbreviations can be chosen via the - configuration parameter timezone_abbreviations. - - - - - - Add pg_timezone_abbrevs - and pg_timezone_names - views to show supported timezones (Magnus Hagander) - - - - - - Add clock_timestamp(), - statement_timestamp(), - and transaction_timestamp() - (Bruce) - - - - clock_timestamp() is the current wall-clock time, - statement_timestamp() is the time the current - statement arrived at the server, and - transaction_timestamp() is an alias for - now(). - - - - - - Allow to_char() - to print localized month and day names (Euler Taveira de - Oliveira) - - - - - - Allow to_char(time) - and to_char(interval) - to output AM/PM specifications - (Bruce) - - - - Intervals and times are treated as 24-hour periods, e.g. - 25 hours is considered AM. - - - - - - Add new function justify_interval() - to adjust interval units (Mark Dilger) - - - - - - Allow timezone offsets up to 14:59 away from GMT - - - - Kiribati uses GMT+14, so we'd better accept that. - - - - - - Interval computation improvements (Michael Glaesemann, Bruce) - - - - - - - - - Other Data Type and Function Changes - - - - - Allow arrays to contain NULL elements (Tom) - - - - - - Allow assignment to array elements not contiguous with the existing - entries (Tom) - - - - The intervening array positions will be filled with nulls. - This is per SQL standard. - - - - - - New built-in operators - for array-subset comparisons (@>, - <@, &&) (Teodor, Tom) - - - - These operators can be indexed for many data types using - GiST or GIN indexes. - - - - - - Add convenient arithmetic operations on - INET/CIDR values (Stephen R. van den - Berg) - - - - The new operators are & (and), | - (or), ~ (not), inet + int8, - inet - int8, and - inet - inet. - - - - - - Add new aggregate functions - from SQL:2003 (Neil) - - - - The new functions are var_pop(), - var_samp(), stddev_pop(), and - stddev_samp(). var_samp() and - stddev_samp() are merely renamings of the - existing aggregates variance() and - stddev(). The latter names remain available - for backward compatibility. - - - - - - Add SQL:2003 statistical aggregates - (Sergey Koposov) - - - - New functions: regr_intercept(), - regr_slope(), regr_r2(), - corr(), covar_samp(), - covar_pop(), regr_avgx(), - regr_avgy(), regr_sxy(), - regr_sxx(), regr_syy(), - regr_count(). - - - - - - Allow domains to be - based on other domains (Tom) - - - - - - Properly enforce domain CHECK constraints - everywhere (Neil, Tom) - - - - For example, the result of a user-defined function that is - declared to return a domain type is now checked against the - domain's constraints. This closes a significant hole in the domain - implementation. - - - - - - Fix problems with dumping renamed SERIAL columns - (Tom) - - - - The fix is to dump a SERIAL column by explicitly - specifying its DEFAULT and sequence elements, - and reconstructing the SERIAL column on reload - using a new ALTER - SEQUENCE OWNED BY command. This also allows - dropping a SERIAL column specification. - - - - - - Add a server-side sleep function pg_sleep() - (Joachim Wieland) - - - - - - Add all comparison operators for the tid (tuple id) data - type (Mark Kirkwood, Greg Stark, Tom) - - - - - - - - - PL/pgSQL Server-Side Language Changes - - - - - Add TG_table_name and TG_table_schema to - trigger parameters (Andrew) - - - - TG_relname is now deprecated. Comparable - changes have been made in the trigger parameters for the other - PLs as well. - - - - - - Allow FOR statements to return values to scalars - as well as records and row types (Pavel Stehule) - - - - - - Add a BY clause to the FOR loop, - to control the iteration increment (Jaime Casanova) - - - - - - Add STRICT to SELECT - INTO (Matt Miller) - - - - STRICT mode throws an exception if more or less - than one row is returned by the SELECT, for - Oracle PL/SQL compatibility. - - - - - - - - - PL/Perl Server-Side Language Changes - - - - - Add table_name and table_schema to - trigger parameters (Adam Sjøgren) - - - - - - Add prepared queries (Dmitry Karasik) - - - - - - Make $_TD trigger data a global variable (Andrew) - - - - Previously, it was lexical, which caused unexpected sharing - violations. - - - - - - Run PL/Perl and PL/PerlU in separate interpreters, for security - reasons (Andrew) - - - In consequence, they can no longer share data nor loaded modules. - Also, if Perl has not been compiled with the requisite flags to - allow multiple interpreters, only one of these languages can be used - in any given backend process. - - - - - - - - - PL/Python Server-Side Language Changes - - - - - Named parameters are passed as ordinary variables, as well as in the - args[] array (Sven Suursoho) - - - - - - Add table_name and table_schema to - trigger parameters (Andrew) - - - - - - Allow returning of composite types and result sets (Sven Suursoho) - - - - - - Return result-set as list, iterator, - or generator (Sven Suursoho) - - - - - - Allow functions to return void (Neil) - - - - - - Python 2.5 is now supported (Tom) - - - - - - - - - <link linkend="app-psql"><application>psql</application></link> Changes - - - - - Add new command \password for changing role - password with client-side password encryption (Peter) - - - - - - Allow \c to connect to a new host and port - number (David, Volkan YAZICI) - - - - - - Add tablespace display to \l+ (Philip Yarra) - - - - - - Improve \df slash command to include the argument - names and modes (OUT or INOUT) of - the function (David Fetter) - - - - - - Support binary COPY (Andreas Pflug) - - - - - - Add option to run the entire session in a single transaction - (Simon) - - - - Use option -1 or --single-transaction. - - - - - - Support for automatically retrieving SELECT - results in batches using a cursor (Chris Mair) - - - - This is enabled using \set FETCH_COUNT - n. This - feature allows large result sets to be retrieved in - psql without attempting to buffer the entire - result set in memory. - - - - - - Make multi-line values align in the proper column - (Martijn van Oosterhout) - - - - Field values containing newlines are now displayed in a more - readable fashion. - - - - - - Save multi-line statements as a single entry, rather than - one line at a time (Sergey E. Koposov) - - - - This makes up-arrow recall of queries easier. (This is - not available on Windows, because that platform uses the native - command-line editing present in the operating system.) - - - - - - Make the line counter 64-bit so it can handle files with more - than two billion lines (David Fetter) - - - - - - Report both the returned data and the command status tag - for INSERT/UPDATE/DELETE - RETURNING (Tom) - - - - - - - - - <link linkend="app-pgdump"><application>pg_dump</application></link> Changes - - - - - Allow complex selection of objects to be included or excluded - by pg_dump (Greg Sabino Mullane) - - - - pg_dump now supports multiple -n - (schema) and -t (table) options, and adds - -N and -T options to exclude objects. - Also, the arguments of these switches can now be wild-card expressions - rather than single object names, for example - -t 'foo*', and a schema can be part of - a -t or -T switch, for example - -t schema1.table1. - - - - - - Add pg_restore - --no-data-for-failed-tables option to suppress - loading data if table creation failed (i.e., the table already - exists) (Martin Pitt) - - - - - - Add pg_restore - option to run the entire session in a single transaction - (Simon) - - - - Use option -1 or --single-transaction. - - - - - - - - - <link linkend="libpq"><application>libpq</application></link> Changes - - - - - Add PQencryptPassword() - to encrypt passwords (Tom) - - - - This allows passwords to be sent pre-encrypted for commands - like ALTER ROLE ... - PASSWORD. - - - - - - Add function PQisthreadsafe() - (Bruce) - - - - This allows applications to query the thread-safety status - of the library. - - - - - - Add PQdescribePrepared(), - PQdescribePortal(), - and related functions to return information about previously - prepared statements and open cursors (Volkan YAZICI) - - - - - - Allow LDAP lookups - from pg_service.conf - (Laurenz Albe) - - - - - - Allow a hostname in ~/.pgpass - to match the default socket directory (Bruce) - - - - A blank hostname continues to match any Unix-socket connection, - but this addition allows entries that are specific to one of - several postmasters on the machine. - - - - - - - - - <link linkend="ecpg"><application>ecpg</application></link> Changes - - - - - Allow SHOW to - put its result into a variable (Joachim Wieland) - - - - - - Add COPY TO STDOUT - (Joachim Wieland) - - - - - - Add regression tests (Joachim Wieland, Michael) - - - - - - Major source code cleanups (Joachim Wieland, Michael) - - - - - - - - - <application>Windows</application> Port - - - - - Allow MSVC to compile the PostgreSQL - server (Magnus, Hiroshi Saito) - - - - - - Add MSVC support for utility commands and pg_dump (Hiroshi - Saito) - - - - - - Add support for Windows code pages 1253, - 1254, 1255, and 1257 - (Kris Jurka) - - - - - - Drop privileges on startup, so that the server can be started from - an administrative account (Magnus) - - - - - - Stability fixes (Qingqing Zhou, Magnus) - - - - - - Add native semaphore implementation (Qingqing Zhou) - - - - The previous code mimicked SysV semaphores. - - - - - - - - - Source Code Changes - - - - - Add GIN (Generalized - Inverted iNdex) index access method (Teodor, Oleg) - - - - - - Remove R-tree indexing (Tom) - - - - Rtree has been re-implemented using GiST. Among other - differences, this means that rtree indexes now have support - for crash recovery via write-ahead logging (WAL). - - - - - - Reduce libraries needlessly linked into the backend (Martijn - van Oosterhout, Tom) - - - - - - Add a configure flag to allow libedit to be preferred over - GNU readline (Bruce) - - - - Use configure --with-libedit-preferred. - - - - - - Allow installation into directories containing spaces - (Peter) - - - - - - Improve ability to relocate installation directories (Tom) - - - - - - Add support for Solaris x86_64 using the - Solaris compiler (Pierre Girard, Theo - Schlossnagle, Bruce) - - - - - - Add DTrace support (Robert Lor) - - - - - - Add PG_VERSION_NUM for use by third-party - applications wanting to test the backend version in C using > - and < comparisons (Bruce) - - - - - - Add XLOG_BLCKSZ as independent from BLCKSZ - (Mark Wong) - - - - - - Add LWLOCK_STATS define to report locking - activity (Tom) - - - - - - Emit warnings for unknown configure options - (Martijn van Oosterhout) - - - - - - Add server support for plugin libraries - that can be used for add-on tasks such as debugging and performance - measurement (Korry Douglas) - - - - This consists of two features: a table of rendezvous - variables that allows separately-loaded shared libraries to - communicate, and a new configuration parameter local_preload_libraries - that allows libraries to be loaded into specific sessions without - explicit cooperation from the client application. This allows - external add-ons to implement features such as a PL/pgSQL debugger. - - - - - - Rename existing configuration parameter - preload_libraries to shared_preload_libraries - (Tom) - - - - This was done for clarity in comparison to - local_preload_libraries. - - - - - - Add new configuration parameter server_version_num - (Greg Sabino Mullane) - - - - This is like server_version, but is an - integer, e.g. 80200. This allows applications to - make version checks more easily. - - - - - - Add a configuration parameter seq_page_cost - (Tom) - - - - - - Re-implement the regression test script as a C program - (Magnus, Tom) - - - - - - Allow loadable modules to allocate shared memory and - lightweight locks (Marc Munro) - - - - - - Add automatic initialization and finalization of dynamically - loaded libraries (Ralf Engelschall, Tom) - - - - New functions - _PG_init() and _PG_fini() are - called if the library defines such symbols. Hence we no - longer need to specify an initialization function in - shared_preload_libraries; we can assume that - the library used the _PG_init() convention - instead. - - - - - - Add PG_MODULE_MAGIC - header block to all shared object files (Martijn van - Oosterhout) - - - - The magic block prevents version mismatches between loadable object - files and servers. - - - - - - Add shared library support for AIX (Laurenz Albe) - - - - - - New XML - documentation section (Bruce) - - - - - - - - - Contrib Changes - - - - - Major tsearch2 improvements (Oleg, Teodor) - - - - - - - multibyte encoding support, including UTF8 - - - - - query rewriting support - - - - - improved ranking functions - - - - - thesaurus dictionary support - - - - - Ispell dictionaries now recognize MySpell - format, used by OpenOffice - - - - - GIN support - - - - - - - - - - Add adminpack module containing Pgadmin administration - functions (Dave) - - - - These functions provide additional file system access - routines not present in the default PostgreSQL - server. - - - - - - Add sslinfo module (Victor Wagner) - - - - Reports information about the current connection's SSL - certificate. - - - - - - Add pgrowlocks module (Tatsuo) - - - - This shows row locking information for a specified table. - - - - - - Add hstore module (Oleg, Teodor) - - - - - - Add isn module, replacing isbn_issn (Jeremy Kronuz) - - - - This new implementation supports EAN13, UPC, - ISBN (books), ISMN (music), and - ISSN (serials). - - - - - - Add index information functions to pgstattuple (ITAGAKI Takahiro, - Satoshi Nagayasu) - - - - - - Add pg_freespacemap module to display free space map information - (Mark Kirkwood) - - - - - - pgcrypto now has all planned functionality (Marko Kreen) - - - - - Include iMath library in pgcrypto to have the public-key encryption - functions always available. - - - - - Add SHA224 algorithm that was missing in OpenBSD code. - - - - - Activate builtin code for SHA224/256/384/512 hashes on older - OpenSSL to have those algorithms always available. - - - - - New function gen_random_bytes() that returns cryptographically strong - randomness. Useful for generating encryption keys. - - - - - Remove digest_exists(), hmac_exists() and cipher_exists() functions. - - - - - - - - Improvements to cube module (Joshua Reich) - - - - New functions are cube(float[]), - cube(float[], float[]), and - cube_subset(cube, int4[]). - - - - - - Add async query capability to dblink (Kai Londenberg, - Joe Conway) - - - - - - New operators for array-subset comparisons (@>, - <@, &&) (Tom) - - - - Various contrib packages already had these operators for their - datatypes, but the naming wasn't consistent. We have now added - consistently named array-subset comparison operators to the core code - and all the contrib packages that have such functionality. - (The old names remain available, but are deprecated.) - - - - - - Add uninstall scripts for all contrib packages that have install - scripts (David, Josh Drake) - - - - - - - - - diff --git a/doc/src/sgml/release-8.3.sgml b/doc/src/sgml/release-8.3.sgml deleted file mode 100644 index 021922966b..0000000000 --- a/doc/src/sgml/release-8.3.sgml +++ /dev/null @@ -1,8549 +0,0 @@ - - - - - Release 8.3.23 - - - Release date: - 2013-02-07 - - - - This release contains a variety of fixes from 8.3.22. - For information about new features in the 8.3 major release, see - . - - - - This is expected to be the last PostgreSQL release - in the 8.3.X series. Users are encouraged to update to a newer - release branch soon. - - - - Migration to Version 8.3.23 - - - A dump/restore is not required for those running 8.3.X. - - - - However, if you are upgrading from a version earlier than 8.3.17, - see . - - - - - - Changes - - - - - - Prevent execution of enum_recv from SQL (Tom Lane) - - - - The function was misdeclared, allowing a simple SQL command to crash the - server. In principle an attacker might be able to use it to examine the - contents of server memory. Our thanks to Sumit Soni (via Secunia SVCRP) - for reporting this issue. (CVE-2013-0255) - - - - - - Fix SQL grammar to allow subscripting or field selection from a - sub-SELECT result (Tom Lane) - - - - - - Protect against race conditions when scanning - pg_tablespace (Stephen Frost, Tom Lane) - - - - CREATE DATABASE and DROP DATABASE could - misbehave if there were concurrent updates of - pg_tablespace entries. - - - - - - Prevent DROP OWNED from trying to drop whole databases or - tablespaces (Álvaro Herrera) - - - - For safety, ownership of these objects must be reassigned, not dropped. - - - - - - Prevent misbehavior when a RowExpr or XmlExpr - is parse-analyzed twice (Andres Freund, Tom Lane) - - - - This mistake could be user-visible in contexts such as - CREATE TABLE LIKE INCLUDING INDEXES. - - - - - - Improve defenses against integer overflow in hashtable sizing - calculations (Jeff Davis) - - - - - - Ensure that non-ASCII prompt strings are translated to the correct - code page on Windows (Alexander Law, Noah Misch) - - - - This bug affected psql and some other client programs. - - - - - - Fix possible crash in psql's \? command - when not connected to a database (Meng Qingzhong) - - - - - - Fix one-byte buffer overrun in libpq's - PQprintTuples (Xi Wang) - - - - This ancient function is not used anywhere by - PostgreSQL itself, but it might still be used by some - client code. - - - - - - Rearrange configure's tests for supplied functions so it is not - fooled by bogus exports from libedit/libreadline (Christoph Berg) - - - - - - Ensure Windows build number increases over time (Magnus Hagander) - - - - - - Make pgxs build executables with the right - .exe suffix when cross-compiling for Windows - (Zoltan Boszormenyi) - - - - - - Add new timezone abbreviation FET (Tom Lane) - - - - This is now used in some eastern-European time zones. - - - - - - - - - - Release 8.3.22 - - - Release date: - 2012-12-06 - - - - This release contains a variety of fixes from 8.3.21. - For information about new features in the 8.3 major release, see - . - - - - The PostgreSQL community will stop releasing updates - for the 8.3.X release series in February 2013. - Users are encouraged to update to a newer release branch soon. - - - - Migration to Version 8.3.22 - - - A dump/restore is not required for those running 8.3.X. - - - - However, if you are upgrading from a version earlier than 8.3.17, - see . - - - - - - Changes - - - - - - Fix multiple bugs associated with CREATE INDEX - CONCURRENTLY (Andres Freund, Tom Lane) - - - - Fix CREATE INDEX CONCURRENTLY to use - in-place updates when changing the state of an index's - pg_index row. This prevents race conditions that could - cause concurrent sessions to miss updating the target index, thus - resulting in corrupt concurrently-created indexes. - - - - Also, fix various other operations to ensure that they ignore - invalid indexes resulting from a failed CREATE INDEX - CONCURRENTLY command. The most important of these is - VACUUM, because an auto-vacuum could easily be launched - on the table before corrective action can be taken to fix or remove - the invalid index. - - - - - - Avoid corruption of internal hash tables when out of memory - (Hitoshi Harada) - - - - - - Fix planning of non-strict equivalence clauses above outer joins - (Tom Lane) - - - - The planner could derive incorrect constraints from a clause equating - a non-strict construct to something else, for example - WHERE COALESCE(foo, 0) = 0 - when foo is coming from the nullable side of an outer join. - - - - - - Improve planner's ability to prove exclusion constraints from - equivalence classes (Tom Lane) - - - - - - Fix partial-row matching in hashed subplans to handle cross-type cases - correctly (Tom Lane) - - - - This affects multicolumn NOT IN subplans, such as - WHERE (a, b) NOT IN (SELECT x, y FROM ...) - when for instance b and y are int4 - and int8 respectively. This mistake led to wrong answers - or crashes depending on the specific datatypes involved. - - - - - - Acquire buffer lock when re-fetching the old tuple for an - AFTER ROW UPDATE/DELETE trigger (Andres Freund) - - - - In very unusual circumstances, this oversight could result in passing - incorrect data to the precheck logic for a foreign-key enforcement - trigger. That could result in a crash, or in an incorrect decision - about whether to fire the trigger. - - - - - - Fix REASSIGN OWNED to handle grants on tablespaces - (Álvaro Herrera) - - - - - - Ignore incorrect pg_attribute entries for system - columns for views (Tom Lane) - - - - Views do not have any system columns. However, we forgot to - remove such entries when converting a table to a view. That's fixed - properly for 9.3 and later, but in previous branches we need to defend - against existing mis-converted views. - - - - - - Fix rule printing to dump INSERT INTO table - DEFAULT VALUES correctly (Tom Lane) - - - - - - Guard against stack overflow when there are too many - UNION/INTERSECT/EXCEPT clauses - in a query (Tom Lane) - - - - - - Prevent platform-dependent failures when dividing the minimum possible - integer value by -1 (Xi Wang, Tom Lane) - - - - - - Fix possible access past end of string in date parsing - (Hitoshi Harada) - - - - - - Produce an understandable error message if the length of the path name - for a Unix-domain socket exceeds the platform-specific limit - (Tom Lane, Andrew Dunstan) - - - - Formerly, this would result in something quite unhelpful, such as - Non-recoverable failure in name resolution. - - - - - - Fix memory leaks when sending composite column values to the client - (Tom Lane) - - - - - - Make pg_ctl more robust about reading the - postmaster.pid file (Heikki Linnakangas) - - - - Fix race conditions and possible file descriptor leakage. - - - - - - Fix possible crash in psql if incorrectly-encoded data - is presented and the client_encoding setting is a - client-only encoding, such as SJIS (Jiang Guiqing) - - - - - - Fix bugs in the restore.sql script emitted by - pg_dump in tar output format (Tom Lane) - - - - The script would fail outright on tables whose names include - upper-case characters. Also, make the script capable of restoring - data in mode as well as the regular COPY mode. - - - - - - Fix pg_restore to accept POSIX-conformant - tar files (Brian Weaver, Tom Lane) - - - - The original coding of pg_dump's tar - output mode produced files that are not fully conformant with the - POSIX standard. This has been corrected for version 9.3. This - patch updates previous branches so that they will accept both the - incorrect and the corrected formats, in hopes of avoiding - compatibility problems when 9.3 comes out. - - - - - - Fix pg_resetxlog to locate postmaster.pid - correctly when given a relative path to the data directory (Tom Lane) - - - - This mistake could lead to pg_resetxlog not noticing - that there is an active postmaster using the data directory. - - - - - - Fix libpq's lo_import() and - lo_export() functions to report file I/O errors properly - (Tom Lane) - - - - - - Fix ecpg's processing of nested structure pointer - variables (Muhammad Usama) - - - - - - Make contrib/pageinspect's btree page inspection - functions take buffer locks while examining pages (Tom Lane) - - - - - - Fix pgxs support for building loadable modules on AIX - (Tom Lane) - - - - Building modules outside the original source tree didn't work on AIX. - - - - - - Update time zone data files to tzdata release 2012j - for DST law changes in Cuba, Israel, Jordan, Libya, Palestine, Western - Samoa, and portions of Brazil. - - - - - - - - - - Release 8.3.21 - - - Release date: - 2012-09-24 - - - - This release contains a variety of fixes from 8.3.20. - For information about new features in the 8.3 major release, see - . - - - - The PostgreSQL community will stop releasing updates - for the 8.3.X release series in February 2013. - Users are encouraged to update to a newer release branch soon. - - - - Migration to Version 8.3.21 - - - A dump/restore is not required for those running 8.3.X. - - - - However, if you are upgrading from a version earlier than 8.3.17, - see . - - - - - - Changes - - - - - - Improve page-splitting decisions in GiST indexes (Alexander Korotkov, - Robert Haas, Tom Lane) - - - - Multi-column GiST indexes might suffer unexpected bloat due to this - error. - - - - - - Fix cascading privilege revoke to stop if privileges are still held - (Tom Lane) - - - - If we revoke a grant option from some role X, but - X still holds that option via a grant from someone - else, we should not recursively revoke the corresponding privilege - from role(s) Y that X had granted it - to. - - - - - - Fix handling of SIGFPE when PL/Perl is in use (Andres Freund) - - - - Perl resets the process's SIGFPE handler to - SIG_IGN, which could result in crashes later on. Restore - the normal Postgres signal handler after initializing PL/Perl. - - - - - - Prevent PL/Perl from crashing if a recursive PL/Perl function is - redefined while being executed (Tom Lane) - - - - - - Work around possible misoptimization in PL/Perl (Tom Lane) - - - - Some Linux distributions contain an incorrect version of - pthread.h that results in incorrect compiled code in - PL/Perl, leading to crashes if a PL/Perl function calls another one - that throws an error. - - - - - - Update time zone data files to tzdata release 2012f - for DST law changes in Fiji - - - - - - - - - - Release 8.3.20 - - - Release date: - 2012-08-17 - - - - This release contains a variety of fixes from 8.3.19. - For information about new features in the 8.3 major release, see - . - - - - The PostgreSQL community will stop releasing updates - for the 8.3.X release series in February 2013. - Users are encouraged to update to a newer release branch soon. - - - - Migration to Version 8.3.20 - - - A dump/restore is not required for those running 8.3.X. - - - - However, if you are upgrading from a version earlier than 8.3.17, - see . - - - - - - Changes - - - - - - Prevent access to external files/URLs via XML entity references - (Noah Misch, Tom Lane) - - - - xml_parse() would attempt to fetch external files or - URLs as needed to resolve DTD and entity references in an XML value, - thus allowing unprivileged database users to attempt to fetch data - with the privileges of the database server. While the external data - wouldn't get returned directly to the user, portions of it could be - exposed in error messages if the data didn't parse as valid XML; and - in any case the mere ability to check existence of a file might be - useful to an attacker. (CVE-2012-3489) - - - - - - Prevent access to external files/URLs via contrib/xml2's - xslt_process() (Peter Eisentraut) - - - - libxslt offers the ability to read and write both - files and URLs through stylesheet commands, thus allowing - unprivileged database users to both read and write data with the - privileges of the database server. Disable that through proper use - of libxslt's security options. (CVE-2012-3488) - - - - Also, remove xslt_process()'s ability to fetch documents - and stylesheets from external files/URLs. While this was a - documented feature, it was long regarded as a bad idea. - The fix for CVE-2012-3489 broke that capability, and rather than - expend effort on trying to fix it, we're just going to summarily - remove it. - - - - - - Prevent too-early recycling of btree index pages (Noah Misch) - - - - When we allowed read-only transactions to skip assigning XIDs, we - introduced the possibility that a deleted btree page could be - recycled while a read-only transaction was still in flight to it. - This would result in incorrect index search results. The probability - of such an error occurring in the field seems very low because of the - timing requirements, but nonetheless it should be fixed. - - - - - - Fix crash-safety bug with newly-created-or-reset sequences (Tom Lane) - - - - If ALTER SEQUENCE was executed on a freshly created or - reset sequence, and then precisely one nextval() call - was made on it, and then the server crashed, WAL replay would restore - the sequence to a state in which it appeared that no - nextval() had been done, thus allowing the first - sequence value to be returned again by the next - nextval() call. In particular this could manifest for - serial columns, since creation of a serial column's sequence - includes an ALTER SEQUENCE OWNED BY step. - - - - - - Ensure the backup_label file is fsync'd after - pg_start_backup() (Dave Kerr) - - - - - - Back-patch 9.1 improvement to compress the fsync request queue - (Robert Haas) - - - - This improves performance during checkpoints. The 9.1 change - has now seen enough field testing to seem safe to back-patch. - - - - - - Only allow autovacuum to be auto-canceled by a directly blocked - process (Tom Lane) - - - - The original coding could allow inconsistent behavior in some cases; - in particular, an autovacuum could get canceled after less than - deadlock_timeout grace period. - - - - - - Improve logging of autovacuum cancels (Robert Haas) - - - - - - Fix log collector so that log_truncate_on_rotation works - during the very first log rotation after server start (Tom Lane) - - - - - - Ensure that a whole-row reference to a subquery doesn't include any - extra GROUP BY or ORDER BY columns (Tom Lane) - - - - - - Disallow copying whole-row references in CHECK - constraints and index definitions during CREATE TABLE - (Tom Lane) - - - - This situation can arise in CREATE TABLE with - LIKE or INHERITS. The copied whole-row - variable was incorrectly labeled with the row type of the original - table not the new one. Rejecting the case seems reasonable for - LIKE, since the row types might well diverge later. For - INHERITS we should ideally allow it, with an implicit - coercion to the parent table's row type; but that will require more - work than seems safe to back-patch. - - - - - - Fix memory leak in ARRAY(SELECT ...) subqueries (Heikki - Linnakangas, Tom Lane) - - - - - - Fix extraction of common prefixes from regular expressions (Tom Lane) - - - - The code could get confused by quantified parenthesized - subexpressions, such as ^(foo)?bar. This would lead to - incorrect index optimization of searches for such patterns. - - - - - - Report errors properly in contrib/xml2's - xslt_process() (Tom Lane) - - - - - - Update time zone data files to tzdata release 2012e - for DST law changes in Morocco and Tokelau - - - - - - - - - - Release 8.3.19 - - - Release date: - 2012-06-04 - - - - This release contains a variety of fixes from 8.3.18. - For information about new features in the 8.3 major release, see - . - - - - Migration to Version 8.3.19 - - - A dump/restore is not required for those running 8.3.X. - - - - However, if you are upgrading from a version earlier than 8.3.17, - see . - - - - - - Changes - - - - - - Fix incorrect password transformation in - contrib/pgcrypto's DES crypt() function - (Solar Designer) - - - - If a password string contained the byte value 0x80, the - remainder of the password was ignored, causing the password to be much - weaker than it appeared. With this fix, the rest of the string is - properly included in the DES hash. Any stored password values that are - affected by this bug will thus no longer match, so the stored values may - need to be updated. (CVE-2012-2143) - - - - - - Ignore SECURITY DEFINER and SET attributes for - a procedural language's call handler (Tom Lane) - - - - Applying such attributes to a call handler could crash the server. - (CVE-2012-2655) - - - - - - Allow numeric timezone offsets in timestamp input to be up to - 16 hours away from UTC (Tom Lane) - - - - Some historical time zones have offsets larger than 15 hours, the - previous limit. This could result in dumped data values being rejected - during reload. - - - - - - Fix timestamp conversion to cope when the given time is exactly the - last DST transition time for the current timezone (Tom Lane) - - - - This oversight has been there a long time, but was not noticed - previously because most DST-using zones are presumed to have an - indefinite sequence of future DST transitions. - - - - - - Fix text to name and char to name - casts to perform string truncation correctly in multibyte encodings - (Karl Schnaitter) - - - - - - Fix memory copying bug in to_tsquery() (Heikki Linnakangas) - - - - - - Fix slow session startup when pg_attribute is very large - (Tom Lane) - - - - If pg_attribute exceeds one-fourth of - shared_buffers, cache rebuilding code that is sometimes - needed during session start would trigger the synchronized-scan logic, - causing it to take many times longer than normal. The problem was - particularly acute if many new sessions were starting at once. - - - - - - Ensure sequential scans check for query cancel reasonably often (Merlin - Moncure) - - - - A scan encountering many consecutive pages that contain no live tuples - would not respond to interrupts meanwhile. - - - - - - Ensure the Windows implementation of PGSemaphoreLock() - clears ImmediateInterruptOK before returning (Tom Lane) - - - - This oversight meant that a query-cancel interrupt received later - in the same query could be accepted at an unsafe time, with - unpredictable but not good consequences. - - - - - - Show whole-row variables safely when printing views or rules - (Abbas Butt, Tom Lane) - - - - Corner cases involving ambiguous names (that is, the name could be - either a table or column name of the query) were printed in an - ambiguous way, risking that the view or rule would be interpreted - differently after dump and reload. Avoid the ambiguous case by - attaching a no-op cast. - - - - - - Ensure autovacuum worker processes perform stack depth checking - properly (Heikki Linnakangas) - - - - Previously, infinite recursion in a function invoked by - auto-ANALYZE could crash worker processes. - - - - - - Fix logging collector to not lose log coherency under high load (Andrew - Dunstan) - - - - The collector previously could fail to reassemble large messages if it - got too busy. - - - - - - Fix logging collector to ensure it will restart file rotation - after receiving SIGHUP (Tom Lane) - - - - - - Fix PL/pgSQL's GET DIAGNOSTICS command when the target - is the function's first variable (Tom Lane) - - - - - - Fix several performance problems in pg_dump when - the database contains many objects (Jeff Janes, Tom Lane) - - - - pg_dump could get very slow if the database contained - many schemas, or if many objects are in dependency loops, or if there - are many owned sequences. - - - - - - Fix contrib/dblink's dblink_exec() to not leak - temporary database connections upon error (Tom Lane) - - - - - - Update time zone data files to tzdata release 2012c - for DST law changes in Antarctica, Armenia, Chile, Cuba, Falkland - Islands, Gaza, Haiti, Hebron, Morocco, Syria, and Tokelau Islands; - also historical corrections for Canada. - - - - - - - - - - Release 8.3.18 - - - Release date: - 2012-02-27 - - - - This release contains a variety of fixes from 8.3.17. - For information about new features in the 8.3 major release, see - . - - - - Migration to Version 8.3.18 - - - A dump/restore is not required for those running 8.3.X. - - - - However, if you are upgrading from a version earlier than 8.3.17, - see . - - - - - - Changes - - - - - - Require execute permission on the trigger function for - CREATE TRIGGER (Robert Haas) - - - - This missing check could allow another user to execute a trigger - function with forged input data, by installing it on a table he owns. - This is only of significance for trigger functions marked - SECURITY DEFINER, since otherwise trigger functions run - as the table owner anyway. (CVE-2012-0866) - - - - - - Convert newlines to spaces in names written in pg_dump - comments (Robert Haas) - - - - pg_dump was incautious about sanitizing object names - that are emitted within SQL comments in its output script. A name - containing a newline would at least render the script syntactically - incorrect. Maliciously crafted object names could present a SQL - injection risk when the script is reloaded. (CVE-2012-0868) - - - - - - Fix btree index corruption from insertions concurrent with vacuuming - (Tom Lane) - - - - An index page split caused by an insertion could sometimes cause a - concurrently-running VACUUM to miss removing index entries - that it should remove. After the corresponding table rows are removed, - the dangling index entries would cause errors (such as could not - read block N in file ...) or worse, silently wrong query results - after unrelated rows are re-inserted at the now-free table locations. - This bug has been present since release 8.2, but occurs so infrequently - that it was not diagnosed until now. If you have reason to suspect - that it has happened in your database, reindexing the affected index - will fix things. - - - - - - Allow non-existent values for some settings in ALTER - USER/DATABASE SET (Heikki Linnakangas) - - - - Allow default_text_search_config, - default_tablespace, and temp_tablespaces to be - set to names that are not known. This is because they might be known - in another database where the setting is intended to be used, or for the - tablespace cases because the tablespace might not be created yet. The - same issue was previously recognized for search_path, and - these settings now act like that one. - - - - - - Track the OID counter correctly during WAL replay, even when it wraps - around (Tom Lane) - - - - Previously the OID counter would remain stuck at a high value until the - system exited replay mode. The practical consequences of that are - usually nil, but there are scenarios wherein a standby server that's - been promoted to master might take a long time to advance the OID - counter to a reasonable value once values are needed. - - - - - - Fix regular expression back-references with * attached - (Tom Lane) - - - - Rather than enforcing an exact string match, the code would effectively - accept any string that satisfies the pattern sub-expression referenced - by the back-reference symbol. - - - - A similar problem still afflicts back-references that are embedded in a - larger quantified expression, rather than being the immediate subject - of the quantifier. This will be addressed in a future - PostgreSQL release. - - - - - - Fix recently-introduced memory leak in processing of - inet/cidr values (Heikki Linnakangas) - - - - A patch in the December 2011 releases of PostgreSQL - caused memory leakage in these operations, which could be significant - in scenarios such as building a btree index on such a column. - - - - - - Avoid double close of file handle in syslogger on Windows (MauMau) - - - - Ordinarily this error was invisible, but it would cause an exception - when running on a debug version of Windows. - - - - - - Fix I/O-conversion-related memory leaks in plpgsql - (Andres Freund, Jan Urbanski, Tom Lane) - - - - Certain operations would leak memory until the end of the current - function. - - - - - - Improve pg_dump's handling of inherited table columns - (Tom Lane) - - - - pg_dump mishandled situations where a child column has - a different default expression than its parent column. If the default - is textually identical to the parent's default, but not actually the - same (for instance, because of schema search path differences) it would - not be recognized as different, so that after dump and restore the - child would be allowed to inherit the parent's default. Child columns - that are NOT NULL where their parent is not could also be - restored subtly incorrectly. - - - - - - Fix pg_restore's direct-to-database mode for - INSERT-style table data (Tom Lane) - - - - Direct-to-database restores from archive files made with - or options fail when - using pg_restore from a release dated September or - December 2011, as a result of an oversight in a fix for another - problem. The archive file itself is not at fault, and text-mode - output is okay. - - - - - - Fix error in contrib/intarray's int[] & - int[] operator (Guillaume Lelarge) - - - - If the smallest integer the two input arrays have in common is 1, - and there are smaller values in either array, then 1 would be - incorrectly omitted from the result. - - - - - - Fix error detection in contrib/pgcrypto's - encrypt_iv() and decrypt_iv() - (Marko Kreen) - - - - These functions failed to report certain types of invalid-input errors, - and would instead return random garbage values for incorrect input. - - - - - - Fix one-byte buffer overrun in contrib/test_parser - (Paul Guyot) - - - - The code would try to read one more byte than it should, which would - crash in corner cases. - Since contrib/test_parser is only example code, this is - not a security issue in itself, but bad example code is still bad. - - - - - - Use __sync_lock_test_and_set() for spinlocks on ARM, if - available (Martin Pitt) - - - - This function replaces our previous use of the SWPB - instruction, which is deprecated and not available on ARMv6 and later. - Reports suggest that the old code doesn't fail in an obvious way on - recent ARM boards, but simply doesn't interlock concurrent accesses, - leading to bizarre failures in multiprocess operation. - - - - - - Use option when building with - gcc versions that accept it (Andrew Dunstan) - - - - This prevents assorted scenarios wherein recent versions of gcc will - produce creative results. - - - - - - Allow use of threaded Python on FreeBSD (Chris Rees) - - - - Our configure script previously believed that this combination wouldn't - work; but FreeBSD fixed the problem, so remove that error check. - - - - - - - - - - Release 8.3.17 - - - Release date: - 2011-12-05 - - - - This release contains a variety of fixes from 8.3.16. - For information about new features in the 8.3 major release, see - . - - - - Migration to Version 8.3.17 - - - A dump/restore is not required for those running 8.3.X. - - - - However, a longstanding error was discovered in the definition of the - information_schema.referential_constraints view. If you - rely on correct results from that view, you should replace its - definition as explained in the first changelog item below. - - - - Also, if you are upgrading from a version earlier than 8.3.8, - see . - - - - - - Changes - - - - - - Fix bugs in information_schema.referential_constraints view - (Tom Lane) - - - - This view was being insufficiently careful about matching the - foreign-key constraint to the depended-on primary or unique key - constraint. That could result in failure to show a foreign key - constraint at all, or showing it multiple times, or claiming that it - depends on a different constraint than the one it really does. - - - - Since the view definition is installed by initdb, - merely upgrading will not fix the problem. If you need to fix this - in an existing installation, you can (as a superuser) drop the - information_schema schema then re-create it by sourcing - SHAREDIR/information_schema.sql. - (Run pg_config --sharedir if you're uncertain where - SHAREDIR is.) This must be repeated in each database - to be fixed. - - - - - - Fix TOAST-related data corruption during CREATE TABLE dest AS - SELECT * FROM src or INSERT INTO dest SELECT * FROM src - (Tom Lane) - - - - If a table has been modified by ALTER TABLE ADD COLUMN, - attempts to copy its data verbatim to another table could produce - corrupt results in certain corner cases. - The problem can only manifest in this precise form in 8.4 and later, - but we patched earlier versions as well in case there are other code - paths that could trigger the same bug. - - - - - - Fix race condition during toast table access from stale syscache entries - (Tom Lane) - - - - The typical symptom was transient errors like missing chunk - number 0 for toast value NNNNN in pg_toast_2619, where the cited - toast table would always belong to a system catalog. - - - - - - Make DatumGetInetP() unpack inet datums that have a 1-byte - header, and add a new macro, DatumGetInetPP(), that does - not (Heikki Linnakangas) - - - - This change affects no core code, but might prevent crashes in add-on - code that expects DatumGetInetP() to produce an unpacked - datum as per usual convention. - - - - - - Improve locale support in money type's input and output - (Tom Lane) - - - - Aside from not supporting all standard - lc_monetary - formatting options, the input and output functions were inconsistent, - meaning there were locales in which dumped money values could - not be re-read. - - - - - - Don't let transform_null_equals - affect CASE foo WHEN NULL ... constructs - (Heikki Linnakangas) - - - - transform_null_equals is only supposed to affect - foo = NULL expressions written directly by the user, not - equality checks generated internally by this form of CASE. - - - - - - Change foreign-key trigger creation order to better support - self-referential foreign keys (Tom Lane) - - - - For a cascading foreign key that references its own table, a row update - will fire both the ON UPDATE trigger and the - CHECK trigger as one event. The ON UPDATE - trigger must execute first, else the CHECK will check a - non-final state of the row and possibly throw an inappropriate error. - However, the firing order of these triggers is determined by their - names, which generally sort in creation order since the triggers have - auto-generated names following the convention - RI_ConstraintTrigger_NNNN. A proper fix would require - modifying that convention, which we will do in 9.2, but it seems risky - to change it in existing releases. So this patch just changes the - creation order of the triggers. Users encountering this type of error - should drop and re-create the foreign key constraint to get its - triggers into the right order. - - - - - - Avoid floating-point underflow while tracking buffer allocation rate - (Greg Matthews) - - - - While harmless in itself, on certain platforms this would result in - annoying kernel log messages. - - - - - - Preserve blank lines within commands in psql's command - history (Robert Haas) - - - - The former behavior could cause problems if an empty line was removed - from within a string literal, for example. - - - - - - Fix pg_dump to dump user-defined casts between - auto-generated types, such as table rowtypes (Tom Lane) - - - - - - Use the preferred version of xsubpp to build PL/Perl, - not necessarily the operating system's main copy - (David Wheeler and Alex Hunsaker) - - - - - - Fix incorrect coding in contrib/dict_int and - contrib/dict_xsyn (Tom Lane) - - - - Some functions incorrectly assumed that memory returned by - palloc() is guaranteed zeroed. - - - - - - Honor query cancel interrupts promptly in pgstatindex() - (Robert Haas) - - - - - - Ensure VPATH builds properly install all server header files - (Peter Eisentraut) - - - - - - Shorten file names reported in verbose error messages (Peter Eisentraut) - - - - Regular builds have always reported just the name of the C file - containing the error message call, but VPATH builds formerly - reported an absolute path name. - - - - - - Fix interpretation of Windows timezone names for Central America - (Tom Lane) - - - - Map Central America Standard Time to CST6, not - CST6CDT, because DST is generally not observed anywhere in - Central America. - - - - - - Update time zone data files to tzdata release 2011n - for DST law changes in Brazil, Cuba, Fiji, Palestine, Russia, and Samoa; - also historical corrections for Alaska and British East Africa. - - - - - - - - - - Release 8.3.16 - - - Release date: - 2011-09-26 - - - - This release contains a variety of fixes from 8.3.15. - For information about new features in the 8.3 major release, see - . - - - - Migration to Version 8.3.16 - - - A dump/restore is not required for those running 8.3.X. - However, if you are upgrading from a version earlier than 8.3.8, - see . - - - - - - Changes - - - - - - Fix bugs in indexing of in-doubt HOT-updated tuples (Tom Lane) - - - - These bugs could result in index corruption after reindexing a system - catalog. They are not believed to affect user indexes. - - - - - - Fix multiple bugs in GiST index page split processing (Heikki - Linnakangas) - - - - The probability of occurrence was low, but these could lead to index - corruption. - - - - - - Fix possible buffer overrun in tsvector_concat() - (Tom Lane) - - - - The function could underestimate the amount of memory needed for its - result, leading to server crashes. - - - - - - Fix crash in xml_recv when processing a - standalone parameter (Tom Lane) - - - - - - Avoid possibly accessing off the end of memory in ANALYZE - and in SJIS-2004 encoding conversion (Noah Misch) - - - - This fixes some very-low-probability server crash scenarios. - - - - - - Fix race condition in relcache init file invalidation (Tom Lane) - - - - There was a window wherein a new backend process could read a stale init - file but miss the inval messages that would tell it the data is stale. - The result would be bizarre failures in catalog accesses, typically - could not read block 0 in file ... later during startup. - - - - - - Fix memory leak at end of a GiST index scan (Tom Lane) - - - - Commands that perform many separate GiST index scans, such as - verification of a new GiST-based exclusion constraint on a table - already containing many rows, could transiently require large amounts of - memory due to this leak. - - - - - - Fix performance problem when constructing a large, lossy bitmap - (Tom Lane) - - - - - - Fix array- and path-creating functions to ensure padding bytes are - zeroes (Tom Lane) - - - - This avoids some situations where the planner will think that - semantically-equal constants are not equal, resulting in poor - optimization. - - - - - - Work around gcc 4.6.0 bug that breaks WAL replay (Tom Lane) - - - - This could lead to loss of committed transactions after a server crash. - - - - - - Fix dump bug for VALUES in a view (Tom Lane) - - - - - - Disallow SELECT FOR UPDATE/SHARE on sequences (Tom Lane) - - - - This operation doesn't work as expected and can lead to failures. - - - - - - Defend against integer overflow when computing size of a hash table (Tom - Lane) - - - - - - Fix cases where CLUSTER might attempt to access - already-removed TOAST data (Tom Lane) - - - - - - Fix portability bugs in use of credentials control messages for - peer authentication (Tom Lane) - - - - - - Fix SSPI login when multiple roundtrips are required (Ahmed Shinwari, - Magnus Hagander) - - - - The typical symptom of this problem was The function requested is - not supported errors during SSPI login. - - - - - - Fix typo in pg_srand48 seed initialization (Andres Freund) - - - - This led to failure to use all bits of the provided seed. This function - is not used on most platforms (only those without srandom), - and the potential security exposure from a less-random-than-expected - seed seems minimal in any case. - - - - - - Avoid integer overflow when the sum of LIMIT and - OFFSET values exceeds 2^63 (Heikki Linnakangas) - - - - - - Add overflow checks to int4 and int8 versions of - generate_series() (Robert Haas) - - - - - - Fix trailing-zero removal in to_char() (Marti Raudsepp) - - - - In a format with FM and no digit positions - after the decimal point, zeroes to the left of the decimal point could - be removed incorrectly. - - - - - - Fix pg_size_pretty() to avoid overflow for inputs close to - 2^63 (Tom Lane) - - - - - - In pg_ctl, support silent mode for service registrations - on Windows (MauMau) - - - - - - Fix psql's counting of script file line numbers during - COPY from a different file (Tom Lane) - - - - - - Fix pg_restore's direct-to-database mode for - standard_conforming_strings (Tom Lane) - - - - pg_restore could emit incorrect commands when restoring - directly to a database server from an archive file that had been made - with standard_conforming_strings set to on. - - - - - - Fix write-past-buffer-end and memory leak in libpq's - LDAP service lookup code (Albe Laurenz) - - - - - - In libpq, avoid failures when using nonblocking I/O - and an SSL connection (Martin Pihlak, Tom Lane) - - - - - - Improve libpq's handling of failures during connection startup - (Tom Lane) - - - - In particular, the response to a server report of fork() - failure during SSL connection startup is now saner. - - - - - - Improve libpq's error reporting for SSL failures (Tom - Lane) - - - - - - Make ecpglib write double values with 15 digits - precision (Akira Kurosawa) - - - - - - In ecpglib, be sure LC_NUMERIC setting is - restored after an error (Michael Meskes) - - - - - - Apply upstream fix for blowfish signed-character bug (CVE-2011-2483) - (Tom Lane) - - - - contrib/pg_crypto's blowfish encryption code could give - wrong results on platforms where char is signed (which is most), - leading to encrypted passwords being weaker than they should be. - - - - - - Fix memory leak in contrib/seg (Heikki Linnakangas) - - - - - - Fix pgstatindex() to give consistent results for empty - indexes (Tom Lane) - - - - - - Allow building with perl 5.14 (Alex Hunsaker) - - - - - - Update configure script's method for probing existence of system - functions (Tom Lane) - - - - The version of autoconf we used in 8.3 and 8.2 could be fooled by - compilers that perform link-time optimization. - - - - - - Fix assorted issues with build and install file paths containing spaces - (Tom Lane) - - - - - - Update time zone data files to tzdata release 2011i - for DST law changes in Canada, Egypt, Russia, Samoa, and South Sudan. - - - - - - - - - - Release 8.3.15 - - - Release date: - 2011-04-18 - - - - This release contains a variety of fixes from 8.3.14. - For information about new features in the 8.3 major release, see - . - - - - Migration to Version 8.3.15 - - - A dump/restore is not required for those running 8.3.X. - However, if you are upgrading from a version earlier than 8.3.8, - see . - - - - - - Changes - - - - - - Disallow including a composite type in itself (Tom Lane) - - - - This prevents scenarios wherein the server could recurse infinitely - while processing the composite type. While there are some possible - uses for such a structure, they don't seem compelling enough to - justify the effort required to make sure it always works safely. - - - - - - Avoid potential deadlock during catalog cache initialization - (Nikhil Sontakke) - - - - In some cases the cache loading code would acquire share lock on a - system index before locking the index's catalog. This could deadlock - against processes trying to acquire exclusive locks in the other, - more standard order. - - - - - - Fix dangling-pointer problem in BEFORE ROW UPDATE trigger - handling when there was a concurrent update to the target tuple - (Tom Lane) - - - - This bug has been observed to result in intermittent cannot - extract system attribute from virtual tuple failures while trying to - do UPDATE RETURNING ctid. There is a very small probability - of more serious errors, such as generating incorrect index entries for - the updated tuple. - - - - - - Disallow DROP TABLE when there are pending deferred trigger - events for the table (Tom Lane) - - - - Formerly the DROP would go through, leading to - could not open relation with OID nnn errors when the - triggers were eventually fired. - - - - - - Fix PL/Python memory leak involving array slices (Daniel Popowich) - - - - - - Fix pg_restore to cope with long lines (over 1KB) in - TOC files (Tom Lane) - - - - - - Put in more safeguards against crashing due to division-by-zero - with overly enthusiastic compiler optimization (Aurelien Jarno) - - - - - - Support use of dlopen() in FreeBSD and OpenBSD on MIPS (Tom Lane) - - - - There was a hard-wired assumption that this system function was not - available on MIPS hardware on these systems. Use a compile-time test - instead, since more recent versions have it. - - - - - - Fix compilation failures on HP-UX (Heikki Linnakangas) - - - - - - Fix version-incompatibility problem with libintl on - Windows (Hiroshi Inoue) - - - - - - Fix usage of xcopy in Windows build scripts to - work correctly under Windows 7 (Andrew Dunstan) - - - - This affects the build scripts only, not installation or usage. - - - - - - Fix path separator used by pg_regress on Cygwin - (Andrew Dunstan) - - - - - - Update time zone data files to tzdata release 2011f - for DST law changes in Chile, Cuba, Falkland Islands, Morocco, Samoa, - and Turkey; also historical corrections for South Australia, Alaska, - and Hawaii. - - - - - - - - - - Release 8.3.14 - - - Release date: - 2011-01-31 - - - - This release contains a variety of fixes from 8.3.13. - For information about new features in the 8.3 major release, see - . - - - - Migration to Version 8.3.14 - - - A dump/restore is not required for those running 8.3.X. - However, if you are upgrading from a version earlier than 8.3.8, - see . - - - - - - Changes - - - - - - Avoid failures when EXPLAIN tries to display a simple-form - CASE expression (Tom Lane) - - - - If the CASE's test expression was a constant, the planner - could simplify the CASE into a form that confused the - expression-display code, resulting in unexpected CASE WHEN - clause errors. - - - - - - Fix assignment to an array slice that is before the existing range - of subscripts (Tom Lane) - - - - If there was a gap between the newly added subscripts and the first - pre-existing subscript, the code miscalculated how many entries needed - to be copied from the old array's null bitmap, potentially leading to - data corruption or crash. - - - - - - Avoid unexpected conversion overflow in planner for very distant date - values (Tom Lane) - - - - The date type supports a wider range of dates than can be - represented by the timestamp types, but the planner assumed it - could always convert a date to timestamp with impunity. - - - - - - Fix pg_restore's text output for large objects (BLOBs) - when standard_conforming_strings is on (Tom Lane) - - - - Although restoring directly to a database worked correctly, string - escaping was incorrect if pg_restore was asked for - SQL text output and standard_conforming_strings had been - enabled in the source database. - - - - - - Fix erroneous parsing of tsquery values containing - ... & !(subexpression) | ... (Tom Lane) - - - - Queries containing this combination of operators were not executed - correctly. The same error existed in contrib/intarray's - query_int type and contrib/ltree's - ltxtquery type. - - - - - - Fix buffer overrun in contrib/intarray's input function - for the query_int type (Apple) - - - - This bug is a security risk since the function's return address could - be overwritten. Thanks to Apple Inc's security team for reporting this - issue and supplying the fix. (CVE-2010-4015) - - - - - - Fix bug in contrib/seg's GiST picksplit algorithm - (Alexander Korotkov) - - - - This could result in considerable inefficiency, though not actually - incorrect answers, in a GiST index on a seg column. - If you have such an index, consider REINDEXing it after - installing this update. (This is identical to the bug that was fixed in - contrib/cube in the previous update.) - - - - - - - - - - Release 8.3.13 - - - Release date: - 2010-12-16 - - - - This release contains a variety of fixes from 8.3.12. - For information about new features in the 8.3 major release, see - . - - - - Migration to Version 8.3.13 - - - A dump/restore is not required for those running 8.3.X. - However, if you are upgrading from a version earlier than 8.3.8, - see . - - - - - - Changes - - - - - - Force the default - wal_sync_method - to be fdatasync on Linux (Tom Lane, Marti Raudsepp) - - - - The default on Linux has actually been fdatasync for many - years, but recent kernel changes caused PostgreSQL to - choose open_datasync instead. This choice did not result - in any performance improvement, and caused outright failures on - certain filesystems, notably ext4 with the - data=journal mount option. - - - - - - Fix assorted bugs in WAL replay logic for GIN indexes (Tom Lane) - - - - This could result in bad buffer id: 0 failures or - corruption of index contents during replication. - - - - - - Fix recovery from base backup when the starting checkpoint WAL record - is not in the same WAL segment as its redo point (Jeff Davis) - - - - - - Fix persistent slowdown of autovacuum workers when multiple workers - remain active for a long time (Tom Lane) - - - - The effective vacuum_cost_limit for an autovacuum worker - could drop to nearly zero if it processed enough tables, causing it - to run extremely slowly. - - - - - - Add support for detecting register-stack overrun on IA64 - (Tom Lane) - - - - The IA64 architecture has two hardware stacks. Full - prevention of stack-overrun failures requires checking both. - - - - - - Add a check for stack overflow in copyObject() (Tom Lane) - - - - Certain code paths could crash due to stack overflow given a - sufficiently complex query. - - - - - - Fix detection of page splits in temporary GiST indexes (Heikki - Linnakangas) - - - - It is possible to have a concurrent page split in a - temporary index, if for example there is an open cursor scanning the - index when an insertion is done. GiST failed to detect this case and - hence could deliver wrong results when execution of the cursor - continued. - - - - - - Avoid memory leakage while ANALYZE'ing complex index - expressions (Tom Lane) - - - - - - Ensure an index that uses a whole-row Var still depends on its table - (Tom Lane) - - - - An index declared like create index i on t (foo(t.*)) - would not automatically get dropped when its table was dropped. - - - - - - Do not inline a SQL function with multiple OUT - parameters (Tom Lane) - - - - This avoids a possible crash due to loss of information about the - expected result rowtype. - - - - - - Behave correctly if ORDER BY, LIMIT, - FOR UPDATE, or WITH is attached to the - VALUES part of INSERT ... VALUES (Tom Lane) - - - - - - Fix constant-folding of COALESCE() expressions (Tom Lane) - - - - The planner would sometimes attempt to evaluate sub-expressions that - in fact could never be reached, possibly leading to unexpected errors. - - - - - - Fix postmaster crash when connection acceptance - (accept() or one of the calls made immediately after it) - fails, and the postmaster was compiled with GSSAPI support (Alexander - Chernikov) - - - - - - Fix missed unlink of temporary files when log_temp_files - is active (Tom Lane) - - - - If an error occurred while attempting to emit the log message, the - unlink was not done, resulting in accumulation of temp files. - - - - - - Add print functionality for InhRelation nodes (Tom Lane) - - - - This avoids a failure when debug_print_parse is enabled - and certain types of query are executed. - - - - - - Fix incorrect calculation of distance from a point to a horizontal - line segment (Tom Lane) - - - - This bug affected several different geometric distance-measurement - operators. - - - - - - Fix PL/pgSQL's handling of simple - expressions to not fail in recursion or error-recovery cases (Tom Lane) - - - - - - Fix PL/Python's handling of set-returning functions - (Jan Urbanski) - - - - Attempts to call SPI functions within the iterator generating a set - result would fail. - - - - - - Fix bug in contrib/cube's GiST picksplit algorithm - (Alexander Korotkov) - - - - This could result in considerable inefficiency, though not actually - incorrect answers, in a GiST index on a cube column. - If you have such an index, consider REINDEXing it after - installing this update. - - - - - - Don't emit identifier will be truncated notices in - contrib/dblink except when creating new connections - (Itagaki Takahiro) - - - - - - Fix potential coredump on missing public key in - contrib/pgcrypto (Marti Raudsepp) - - - - - - Fix memory leak in contrib/xml2's XPath query functions - (Tom Lane) - - - - - - Update time zone data files to tzdata release 2010o - for DST law changes in Fiji and Samoa; - also historical corrections for Hong Kong. - - - - - - - - - - Release 8.3.12 - - - Release date: - 2010-10-04 - - - - This release contains a variety of fixes from 8.3.11. - For information about new features in the 8.3 major release, see - . - - - - Migration to Version 8.3.12 - - - A dump/restore is not required for those running 8.3.X. - However, if you are upgrading from a version earlier than 8.3.8, - see . - - - - - - Changes - - - - - - Use a separate interpreter for each calling SQL userid in PL/Perl and - PL/Tcl (Tom Lane) - - - - This change prevents security problems that can be caused by subverting - Perl or Tcl code that will be executed later in the same session under - another SQL user identity (for example, within a SECURITY - DEFINER function). Most scripting languages offer numerous ways that - that might be done, such as redefining standard functions or operators - called by the target function. Without this change, any SQL user with - Perl or Tcl language usage rights can do essentially anything with the - SQL privileges of the target function's owner. - - - - The cost of this change is that intentional communication among Perl - and Tcl functions becomes more difficult. To provide an escape hatch, - PL/PerlU and PL/TclU functions continue to use only one interpreter - per session. This is not considered a security issue since all such - functions execute at the trust level of a database superuser already. - - - - It is likely that third-party procedural languages that claim to offer - trusted execution have similar security issues. We advise contacting - the authors of any PL you are depending on for security-critical - purposes. - - - - Our thanks to Tim Bunce for pointing out this issue (CVE-2010-3433). - - - - - - Prevent possible crashes in pg_get_expr() by disallowing - it from being called with an argument that is not one of the system - catalog columns it's intended to be used with - (Heikki Linnakangas, Tom Lane) - - - - - - Treat exit code 128 (ERROR_WAIT_NO_CHILDREN) as non-fatal on - Windows (Magnus Hagander) - - - - Under high load, Windows processes will sometimes fail at startup with - this error code. Formerly the postmaster treated this as a panic - condition and restarted the whole database, but that seems to be - an overreaction. - - - - - - Fix incorrect usage of non-strict OR joinclauses in Append indexscans - (Tom Lane) - - - - This is a back-patch of an 8.4 fix that was missed in the 8.3 branch. - This corrects an error introduced in 8.3.8 that could cause incorrect - results for outer joins when the inner relation is an inheritance tree - or UNION ALL subquery. - - - - - - Fix possible duplicate scans of UNION ALL member relations - (Tom Lane) - - - - - - Fix cannot handle unplanned sub-select error (Tom Lane) - - - - This occurred when a sub-select contains a join alias reference that - expands into an expression containing another sub-select. - - - - - - Fix failure to mark cached plans as transient (Tom Lane) - - - - If a plan is prepared while CREATE INDEX CONCURRENTLY is - in progress for one of the referenced tables, it is supposed to be - re-planned once the index is ready for use. This was not happening - reliably. - - - - - - Reduce PANIC to ERROR in some occasionally-reported btree failure cases, - and provide additional detail in the resulting error messages - (Tom Lane) - - - - This should improve the system's robustness with corrupted indexes. - - - - - - Prevent show_session_authorization() from crashing within autovacuum - processes (Tom Lane) - - - - - - Defend against functions returning setof record where not all the - returned rows are actually of the same rowtype (Tom Lane) - - - - - - Fix possible failure when hashing a pass-by-reference function result - (Tao Ma, Tom Lane) - - - - - - Improve merge join's handling of NULLs in the join columns (Tom Lane) - - - - A merge join can now stop entirely upon reaching the first NULL, - if the sort order is such that NULLs sort high. - - - - - - Take care to fsync the contents of lockfiles (both - postmaster.pid and the socket lockfile) while writing them - (Tom Lane) - - - - This omission could result in corrupted lockfile contents if the - machine crashes shortly after postmaster start. That could in turn - prevent subsequent attempts to start the postmaster from succeeding, - until the lockfile is manually removed. - - - - - - Avoid recursion while assigning XIDs to heavily-nested - subtransactions (Andres Freund, Robert Haas) - - - - The original coding could result in a crash if there was limited - stack space. - - - - - - Avoid holding open old WAL segments in the walwriter process - (Magnus Hagander, Heikki Linnakangas) - - - - The previous coding would prevent removal of no-longer-needed segments. - - - - - - Fix log_line_prefix's %i escape, - which could produce junk early in backend startup (Tom Lane) - - - - - - Fix possible data corruption in ALTER TABLE ... SET - TABLESPACE when archiving is enabled (Jeff Davis) - - - - - - Allow CREATE DATABASE and ALTER DATABASE ... SET - TABLESPACE to be interrupted by query-cancel (Guillaume Lelarge) - - - - - - Fix REASSIGN OWNED to handle operator classes and families - (Asko Tiidumaa) - - - - - - Fix possible core dump when comparing two empty tsquery values - (Tom Lane) - - - - - - Fix LIKE's handling of patterns containing % - followed by _ (Tom Lane) - - - - We've fixed this before, but there were still some incorrectly-handled - cases. - - - - - - In PL/Python, defend against null pointer results from - PyCObject_AsVoidPtr and PyCObject_FromVoidPtr - (Peter Eisentraut) - - - - - - Make psql recognize DISCARD ALL as a command that should - not be encased in a transaction block in autocommit-off mode - (Itagaki Takahiro) - - - - - - Fix ecpg to process data from RETURNING - clauses correctly (Michael Meskes) - - - - - - Improve contrib/dblink's handling of tables containing - dropped columns (Tom Lane) - - - - - - Fix connection leak after duplicate connection name - errors in contrib/dblink (Itagaki Takahiro) - - - - - - Fix contrib/dblink to handle connection names longer than - 62 bytes correctly (Itagaki Takahiro) - - - - - - Add hstore(text, text) - function to contrib/hstore (Robert Haas) - - - - This function is the recommended substitute for the now-deprecated - => operator. It was back-patched so that future-proofed - code can be used with older server versions. Note that the patch will - be effective only after contrib/hstore is installed or - reinstalled in a particular database. Users might prefer to execute - the CREATE FUNCTION command by hand, instead. - - - - - - Update build infrastructure and documentation to reflect the source code - repository's move from CVS to Git (Magnus Hagander and others) - - - - - - Update time zone data files to tzdata release 2010l - for DST law changes in Egypt and Palestine; also historical corrections - for Finland. - - - - This change also adds new names for two Micronesian timezones: - Pacific/Chuuk is now preferred over Pacific/Truk (and the preferred - abbreviation is CHUT not TRUT) and Pacific/Pohnpei is preferred over - Pacific/Ponape. - - - - - - Make Windows' N. Central Asia Standard Time timezone map to - Asia/Novosibirsk, not Asia/Almaty (Magnus Hagander) - - - - Microsoft changed the DST behavior of this zone in the timezone update - from KB976098. Asia/Novosibirsk is a better match to its new behavior. - - - - - - - - - - Release 8.3.11 - - - Release date: - 2010-05-17 - - - - This release contains a variety of fixes from 8.3.10. - For information about new features in the 8.3 major release, see - . - - - - Migration to Version 8.3.11 - - - A dump/restore is not required for those running 8.3.X. - However, if you are upgrading from a version earlier than 8.3.8, - see . - - - - - - Changes - - - - - - Enforce restrictions in plperl using an opmask applied to - the whole interpreter, instead of using Safe.pm - (Tim Bunce, Andrew Dunstan) - - - - Recent developments have convinced us that Safe.pm is too - insecure to rely on for making plperl trustable. This - change removes use of Safe.pm altogether, in favor of using - a separate interpreter with an opcode mask that is always applied. - Pleasant side effects of the change include that it is now possible to - use Perl's strict pragma in a natural way in - plperl, and that Perl's $a and $b - variables work as expected in sort routines, and that function - compilation is significantly faster. (CVE-2010-1169) - - - - - - Prevent PL/Tcl from executing untrustworthy code from - pltcl_modules (Tom) - - - - PL/Tcl's feature for autoloading Tcl code from a database table - could be exploited for trojan-horse attacks, because there was no - restriction on who could create or insert into that table. This change - disables the feature unless pltcl_modules is owned by a - superuser. (However, the permissions on the table are not checked, so - installations that really need a less-than-secure modules table can - still grant suitable privileges to trusted non-superusers.) Also, - prevent loading code into the unrestricted normal Tcl - interpreter unless we are really going to execute a pltclu - function. (CVE-2010-1170) - - - - - - Fix possible crash if a cache reset message is received during - rebuild of a relcache entry (Heikki) - - - - This error was introduced in 8.3.10 while fixing a related failure. - - - - - - Apply per-function GUC settings while running the language validator - for the function (Itagaki Takahiro) - - - - This avoids failures if the function's code is invalid without the - setting; an example is that SQL functions may not parse if the - search_path is not correct. - - - - - - Do not allow an unprivileged user to reset superuser-only parameter - settings (Alvaro) - - - - Previously, if an unprivileged user ran ALTER USER ... RESET - ALL for himself, or ALTER DATABASE ... RESET ALL for - a database he owns, this would remove all special parameter settings - for the user or database, even ones that are only supposed to be - changeable by a superuser. Now, the ALTER will only - remove the parameters that the user has permission to change. - - - - - - Avoid possible crash during backend shutdown if shutdown occurs - when a CONTEXT addition would be made to log entries (Tom) - - - - In some cases the context-printing function would fail because the - current transaction had already been rolled back when it came time - to print a log message. - - - - - - Ensure the archiver process responds to changes in - archive_command as soon as possible (Tom) - - - - - - Update PL/Perl's ppport.h for modern Perl versions - (Andrew) - - - - - - Fix assorted memory leaks in PL/Python (Andreas Freund, Tom) - - - - - - Prevent infinite recursion in psql when expanding - a variable that refers to itself (Tom) - - - - - - Fix psql's \copy to not add spaces around - a dot within \copy (select ...) (Tom) - - - - Addition of spaces around the decimal point in a numeric literal would - result in a syntax error. - - - - - - Fix unnecessary GIN indexes do not support whole-index scans - errors for unsatisfiable queries using contrib/intarray - operators (Tom) - - - - - - Ensure that contrib/pgstattuple functions respond to cancel - interrupts promptly (Tatsuhito Kasahara) - - - - - - Make server startup deal properly with the case that - shmget() returns EINVAL for an existing - shared memory segment (Tom) - - - - This behavior has been observed on BSD-derived kernels including macOS. - It resulted in an entirely-misleading startup failure complaining that - the shared memory request size was too large. - - - - - - Avoid possible crashes in syslogger process on Windows (Heikki) - - - - - - Deal more robustly with incomplete time zone information in the - Windows registry (Magnus) - - - - - - Update the set of known Windows time zone names (Magnus) - - - - - - Update time zone data files to tzdata release 2010j - for DST law changes in Argentina, Australian Antarctic, Bangladesh, - Mexico, Morocco, Pakistan, Palestine, Russia, Syria, Tunisia; - also historical corrections for Taiwan. - - - - Also, add PKST (Pakistan Summer Time) to the default set of - timezone abbreviations. - - - - - - - - - - Release 8.3.10 - - - Release date: - 2010-03-15 - - - - This release contains a variety of fixes from 8.3.9. - For information about new features in the 8.3 major release, see - . - - - - Migration to Version 8.3.10 - - - A dump/restore is not required for those running 8.3.X. - However, if you are upgrading from a version earlier than 8.3.8, - see . - - - - - - Changes - - - - - - Add new configuration parameter ssl_renegotiation_limit to - control how often we do session key renegotiation for an SSL connection - (Magnus) - - - - This can be set to zero to disable renegotiation completely, which may - be required if a broken SSL library is used. In particular, some - vendors are shipping stopgap patches for CVE-2009-3555 that cause - renegotiation attempts to fail. - - - - - - Fix possible deadlock during backend startup (Tom) - - - - - - Fix possible crashes due to not handling errors during relcache reload - cleanly (Tom) - - - - - - Fix possible crash due to use of dangling pointer to a cached plan - (Tatsuo) - - - - - - Fix possible crashes when trying to recover from a failure in - subtransaction start (Tom) - - - - - - Fix server memory leak associated with use of savepoints and a client - encoding different from server's encoding (Tom) - - - - - - Fix incorrect WAL data emitted during end-of-recovery cleanup of a GIST - index page split (Yoichi Hirai) - - - - This would result in index corruption, or even more likely an error - during WAL replay, if we were unlucky enough to crash during - end-of-recovery cleanup after having completed an incomplete GIST - insertion. - - - - - - Make substring() for bit types treat any negative - length as meaning all the rest of the string (Tom) - - - - The previous coding treated only -1 that way, and would produce an - invalid result value for other negative values, possibly leading to - a crash (CVE-2010-0442). - - - - - - Fix integer-to-bit-string conversions to handle the first fractional - byte correctly when the output bit width is wider than the given - integer by something other than a multiple of 8 bits (Tom) - - - - - - Fix some cases of pathologically slow regular expression matching (Tom) - - - - - - Fix assorted crashes in xml processing caused by sloppy - memory management (Tom) - - - - This is a back-patch of changes first applied in 8.4. The 8.3 code - was known buggy, but the new code was sufficiently different to not - want to back-patch it until it had gotten some field testing. - - - - - - Fix bug with trying to update a field of an element of a - composite-type array column (Tom) - - - - - - Fix the STOP WAL LOCATION entry in backup history files to - report the next WAL segment's name when the end location is exactly at a - segment boundary (Itagaki Takahiro) - - - - - - Fix some more cases of temporary-file leakage (Heikki) - - - - This corrects a problem introduced in the previous minor release. - One case that failed is when a plpgsql function returning set is - called within another function's exception handler. - - - - - - Improve constraint exclusion processing of boolean-variable cases, - in particular make it possible to exclude a partition that has a - bool_column = false constraint (Tom) - - - - - - When reading pg_hba.conf and related files, do not treat - @something as a file inclusion request if the @ - appears inside quote marks; also, never treat @ by itself - as a file inclusion request (Tom) - - - - This prevents erratic behavior if a role or database name starts with - @. If you need to include a file whose path name - contains spaces, you can still do so, but you must write - @"/path to/file" rather than putting the quotes around - the whole construct. - - - - - - Prevent infinite loop on some platforms if a directory is named as - an inclusion target in pg_hba.conf and related files - (Tom) - - - - - - Fix possible infinite loop if SSL_read or - SSL_write fails without setting errno (Tom) - - - - This is reportedly possible with some Windows versions of - OpenSSL. - - - - - - Disallow GSSAPI authentication on local connections, - since it requires a hostname to function correctly (Magnus) - - - - - - Make ecpg report the proper SQLSTATE if the connection - disappears (Michael) - - - - - - Fix psql's numericlocale option to not - format strings it shouldn't in latex and troff output formats (Heikki) - - - - - - Make psql return the correct exit status (3) when - ON_ERROR_STOP and --single-transaction are - both specified and an error occurs during the implied COMMIT - (Bruce) - - - - - - Fix plpgsql failure in one case where a composite column is set to NULL - (Tom) - - - - - - Fix possible failure when calling PL/Perl functions from PL/PerlU - or vice versa (Tim Bunce) - - - - - - Add volatile markings in PL/Python to avoid possible - compiler-specific misbehavior (Zdenek Kotala) - - - - - - Ensure PL/Tcl initializes the Tcl interpreter fully (Tom) - - - - The only known symptom of this oversight is that the Tcl - clock command misbehaves if using Tcl 8.5 or later. - - - - - - Prevent crash in contrib/dblink when too many key - columns are specified to a dblink_build_sql_* function - (Rushabh Lathia, Joe Conway) - - - - - - Allow zero-dimensional arrays in contrib/ltree operations - (Tom) - - - - This case was formerly rejected as an error, but it's more convenient to - treat it the same as a zero-element array. In particular this avoids - unnecessary failures when an ltree operation is applied to the - result of ARRAY(SELECT ...) and the sub-select returns no - rows. - - - - - - Fix assorted crashes in contrib/xml2 caused by sloppy - memory management (Tom) - - - - - - Make building of contrib/xml2 more robust on Windows - (Andrew) - - - - - - Fix race condition in Windows signal handling (Radu Ilie) - - - - One known symptom of this bug is that rows in pg_listener - could be dropped under heavy load. - - - - - - Update time zone data files to tzdata release 2010e - for DST law changes in Bangladesh, Chile, Fiji, Mexico, Paraguay, Samoa. - - - - - - - - - - Release 8.3.9 - - - Release date: - 2009-12-14 - - - - This release contains a variety of fixes from 8.3.8. - For information about new features in the 8.3 major release, see - . - - - - Migration to Version 8.3.9 - - - A dump/restore is not required for those running 8.3.X. - However, if you are upgrading from a version earlier than 8.3.8, - see . - - - - - - Changes - - - - - - Protect against indirect security threats caused by index functions - changing session-local state (Gurjeet Singh, Tom) - - - - This change prevents allegedly-immutable index functions from possibly - subverting a superuser's session (CVE-2009-4136). - - - - - - Reject SSL certificates containing an embedded null byte in the common - name (CN) field (Magnus) - - - - This prevents unintended matching of a certificate to a server or client - name during SSL validation (CVE-2009-4034). - - - - - - Fix possible crash during backend-startup-time cache initialization (Tom) - - - - - - Avoid crash on empty thesaurus dictionary (Tom) - - - - - - Prevent signals from interrupting VACUUM at unsafe times - (Alvaro) - - - - This fix prevents a PANIC if a VACUUM FULL is canceled - after it's already committed its tuple movements, as well as transient - errors if a plain VACUUM is interrupted after having - truncated the table. - - - - - - Fix possible crash due to integer overflow in hash table size - calculation (Tom) - - - - This could occur with extremely large planner estimates for the size of - a hashjoin's result. - - - - - - Fix very rare crash in inet/cidr comparisons (Chris - Mikkelson) - - - - - - Ensure that shared tuple-level locks held by prepared transactions are - not ignored (Heikki) - - - - - - Fix premature drop of temporary files used for a cursor that is accessed - within a subtransaction (Heikki) - - - - - - Fix memory leak in syslogger process when rotating to a new CSV logfile - (Tom) - - - - - - Fix Windows permission-downgrade logic (Jesse Morris) - - - - This fixes some cases where the database failed to start on Windows, - often with misleading error messages such as could not locate - matching postgres executable. - - - - - - Fix incorrect logic for GiST index page splits, when the split depends - on a non-first column of the index (Paul Ramsey) - - - - - - Don't error out if recycling or removing an old WAL file fails at the - end of checkpoint (Heikki) - - - - It's better to treat the problem as non-fatal and allow the checkpoint - to complete. Future checkpoints will retry the removal. Such problems - are not expected in normal operation, but have been seen to be - caused by misdesigned Windows anti-virus and backup software. - - - - - - Ensure WAL files aren't repeatedly archived on Windows (Heikki) - - - - This is another symptom that could happen if some other process - interfered with deletion of a no-longer-needed file. - - - - - - Fix PAM password processing to be more robust (Tom) - - - - The previous code is known to fail with the combination of the Linux - pam_krb5 PAM module with Microsoft Active Directory as the - domain controller. It might have problems elsewhere too, since it was - making unjustified assumptions about what arguments the PAM stack would - pass to it. - - - - - - Raise the maximum authentication token (Kerberos ticket) size in GSSAPI - and SSPI authentication methods (Ian Turner) - - - - While the old 2000-byte limit was more than enough for Unix Kerberos - implementations, tickets issued by Windows Domain Controllers can be - much larger. - - - - - - Re-enable collection of access statistics for sequences (Akira Kurosawa) - - - - This used to work but was broken in 8.3. - - - - - - Fix processing of ownership dependencies during CREATE OR - REPLACE FUNCTION (Tom) - - - - - - Fix incorrect handling of WHERE - x=x conditions (Tom) - - - - In some cases these could get ignored as redundant, but they aren't - — they're equivalent to x IS NOT NULL. - - - - - - Make text search parser accept underscores in XML attributes (Peter) - - - - - - Fix encoding handling in xml binary input (Heikki) - - - - If the XML header doesn't specify an encoding, we now assume UTF-8 by - default; the previous handling was inconsistent. - - - - - - Fix bug with calling plperl from plperlu or vice - versa (Tom) - - - - An error exit from the inner function could result in crashes due to - failure to re-select the correct Perl interpreter for the outer function. - - - - - - Fix session-lifespan memory leak when a PL/Perl function is redefined - (Tom) - - - - - - Ensure that Perl arrays are properly converted to - PostgreSQL arrays when returned by a set-returning - PL/Perl function (Andrew Dunstan, Abhijit Menon-Sen) - - - - This worked correctly already for non-set-returning functions. - - - - - - Fix rare crash in exception processing in PL/Python (Peter) - - - - - - In contrib/pg_standby, disable triggering failover with a - signal on Windows (Fujii Masao) - - - - This never did anything useful, because Windows doesn't have Unix-style - signals, but recent changes made it actually crash. - - - - - - Ensure psql's flex module is compiled with the correct - system header definitions (Tom) - - - - This fixes build failures on platforms where - --enable-largefile causes incompatible changes in the - generated code. - - - - - - Make the postmaster ignore any application_name parameter in - connection request packets, to improve compatibility with future libpq - versions (Tom) - - - - - - Update the timezone abbreviation files to match current reality (Joachim - Wieland) - - - - This includes adding IDT and SGT to the default - timezone abbreviation set. - - - - - - Update time zone data files to tzdata release 2009s - for DST law changes in Antarctica, Argentina, Bangladesh, Fiji, - Novokuznetsk, Pakistan, Palestine, Samoa, Syria; also historical - corrections for Hong Kong. - - - - - - - - - - Release 8.3.8 - - - Release date: - 2009-09-09 - - - - This release contains a variety of fixes from 8.3.7. - For information about new features in the 8.3 major release, see - . - - - - Migration to Version 8.3.8 - - - A dump/restore is not required for those running 8.3.X. - However, if you have any hash indexes on interval columns, - you must REINDEX them after updating to 8.3.8. - Also, if you are upgrading from a version earlier than 8.3.5, - see . - - - - - - Changes - - - - - - Fix Windows shared-memory allocation code (Tsutomu Yamada, Magnus) - - - - This bug led to the often-reported could not reattach - to shared memory error message. - - - - - - Force WAL segment switch during pg_start_backup() - (Heikki) - - - - This avoids corner cases that could render a base backup unusable. - - - - - - Disallow RESET ROLE and RESET SESSION - AUTHORIZATION inside security-definer functions (Tom, Heikki) - - - - This covers a case that was missed in the previous patch that - disallowed SET ROLE and SET SESSION - AUTHORIZATION inside security-definer functions. - (See CVE-2007-6600) - - - - - - Make LOAD of an already-loaded loadable module - into a no-op (Tom) - - - - Formerly, LOAD would attempt to unload and re-load the - module, but this is unsafe and not all that useful. - - - - - - Disallow empty passwords during LDAP authentication (Magnus) - - - - - - Fix handling of sub-SELECTs appearing in the arguments of - an outer-level aggregate function (Tom) - - - - - - Fix bugs associated with fetching a whole-row value from the - output of a Sort or Materialize plan node (Tom) - - - - - - Prevent synchronize_seqscans from changing the results of - scrollable and WITH HOLD cursors (Tom) - - - - - - Revert planner change that disabled partial-index and constraint - exclusion optimizations when there were more than 100 clauses in - an AND or OR list (Tom) - - - - - - Fix hash calculation for data type interval (Tom) - - - - This corrects wrong results for hash joins on interval values. - It also changes the contents of hash indexes on interval columns. - If you have any such indexes, you must REINDEX them - after updating. - - - - - - Treat to_char(..., 'TH') as an uppercase ordinal - suffix with 'HH'/'HH12' (Heikki) - - - - It was previously handled as 'th' (lowercase). - - - - - - Fix overflow for INTERVAL 'x ms' - when x is more than 2 million and integer - datetimes are in use (Alex Hunsaker) - - - - - - Fix calculation of distance between a point and a line segment (Tom) - - - - This led to incorrect results from a number of geometric operators. - - - - - - Fix money data type to work in locales where currency - amounts have no fractional digits, e.g. Japan (Itagaki Takahiro) - - - - - - Fix LIKE for case where pattern contains %_ - (Tom) - - - - - - Properly round datetime input like - 00:12:57.9999999999999999999999999999 (Tom) - - - - - - Fix memory leaks in XML operations (Tom) - - - - - - Fix poor choice of page split point in GiST R-tree operator classes - (Teodor) - - - - - - Ensure that a fast shutdown request will forcibly terminate - open sessions, even if a smart shutdown was already in progress - (Fujii Masao) - - - - - - Avoid performance degradation in bulk inserts into GIN indexes - when the input values are (nearly) in sorted order (Tom) - - - - - - Correctly enforce NOT NULL domain constraints in some contexts in - PL/pgSQL (Tom) - - - - - - Fix portability issues in plperl initialization (Andrew Dunstan) - - - - - - Fix pg_ctl to not go into an infinite loop if - postgresql.conf is empty (Jeff Davis) - - - - - - Improve pg_dump's efficiency when there are - many large objects (Tamas Vincze) - - - - - - Use SIGUSR1, not SIGQUIT, as the - failover signal for pg_standby (Heikki) - - - - - - Make pg_standby's maxretries option - behave as documented (Fujii Masao) - - - - - - Make contrib/hstore throw an error when a key or - value is too long to fit in its data structure, rather than - silently truncating it (Andrew Gierth) - - - - - - Fix contrib/xml2's xslt_process() to - properly handle the maximum number of parameters (twenty) (Tom) - - - - - - Improve robustness of libpq's code to recover - from errors during COPY FROM STDIN (Tom) - - - - - - Avoid including conflicting readline and editline header files - when both libraries are installed (Zdenek Kotala) - - - - - - Update time zone data files to tzdata release 2009l - for DST law changes in Bangladesh, Egypt, Jordan, Pakistan, - Argentina/San_Luis, Cuba, Jordan (historical correction only), - Mauritius, Morocco, Palestine, Syria, Tunisia. - - - - - - - - - - Release 8.3.7 - - - Release date: - 2009-03-16 - - - - This release contains a variety of fixes from 8.3.6. - For information about new features in the 8.3 major release, see - . - - - - Migration to Version 8.3.7 - - - A dump/restore is not required for those running 8.3.X. - However, if you are upgrading from a version earlier than 8.3.5, - see . - - - - - - Changes - - - - - - Prevent error recursion crashes when encoding conversion fails (Tom) - - - - This change extends fixes made in the last two minor releases for - related failure scenarios. The previous fixes were narrowly tailored - for the original problem reports, but we have now recognized that - any error thrown by an encoding conversion function could - potentially lead to infinite recursion while trying to report the - error. The solution therefore is to disable translation and encoding - conversion and report the plain-ASCII form of any error message, - if we find we have gotten into a recursive error reporting situation. - (CVE-2009-0922) - - - - - - Disallow CREATE CONVERSION with the wrong encodings - for the specified conversion function (Heikki) - - - - This prevents one possible scenario for encoding conversion failure. - The previous change is a backstop to guard against other kinds of - failures in the same area. - - - - - - Fix xpath() to not modify the path expression unless - necessary, and to make a saner attempt at it when necessary (Andrew) - - - - The SQL standard suggests that xpath should work on data - that is a document fragment, but libxml doesn't support - that, and indeed it's not clear that this is sensible according to the - XPath standard. xpath attempted to work around this - mismatch by modifying both the data and the path expression, but the - modification was buggy and could cause valid searches to fail. Now, - xpath checks whether the data is in fact a well-formed - document, and if so invokes libxml with no change to the - data or path expression. Otherwise, a different modification method - that is somewhat less likely to fail is used. - - - - - The new modification method is still not 100% satisfactory, and it - seems likely that no real solution is possible. This patch should - therefore be viewed as a band-aid to keep from breaking existing - applications unnecessarily. It is likely that - PostgreSQL 8.4 will simply reject use of - xpath on data that is not a well-formed document. - - - - - - - Fix core dump when to_char() is given format codes that - are inappropriate for the type of the data argument (Tom) - - - - - - Fix possible failure in text search when C locale is used with - a multi-byte encoding (Teodor) - - - - Crashes were possible on platforms where wchar_t is narrower - than int; Windows in particular. - - - - - - Fix extreme inefficiency in text search parser's handling of an - email-like string containing multiple @ characters (Heikki) - - - - - - Fix planner problem with sub-SELECT in the output list - of a larger subquery (Tom) - - - - The known symptom of this bug is a failed to locate grouping - columns error that is dependent on the datatype involved; - but there could be other issues as well. - - - - - - Fix decompilation of CASE WHEN with an implicit coercion - (Tom) - - - - This mistake could lead to Assert failures in an Assert-enabled build, - or an unexpected CASE WHEN clause error message in other - cases, when trying to examine or dump a view. - - - - - - Fix possible misassignment of the owner of a TOAST table's rowtype (Tom) - - - - If CLUSTER or a rewriting variant of ALTER TABLE - were executed by someone other than the table owner, the - pg_type entry for the table's TOAST table would end up - marked as owned by that someone. This caused no immediate problems, - since the permissions on the TOAST rowtype aren't examined by any - ordinary database operation. However, it could lead to unexpected - failures if one later tried to drop the role that issued the command - (in 8.1 or 8.2), or owner of data type appears to be invalid - warnings from pg_dump after having done so (in 8.3). - - - - - - Change UNLISTEN to exit quickly if the current session has - never executed any LISTEN command (Tom) - - - - Most of the time this is not a particularly useful optimization, but - since DISCARD ALL invokes UNLISTEN, the previous - coding caused a substantial performance problem for applications that - made heavy use of DISCARD ALL. - - - - - - Fix PL/pgSQL to not treat INTO after INSERT as - an INTO-variables clause anywhere in the string, not only at the start; - in particular, don't fail for INSERT INTO within - CREATE RULE (Tom) - - - - - - Clean up PL/pgSQL error status variables fully at block exit - (Ashesh Vashi and Dave Page) - - - - This is not a problem for PL/pgSQL itself, but the omission could cause - the PL/pgSQL Debugger to crash while examining the state of a function. - - - - - - Retry failed calls to CallNamedPipe() on Windows - (Steve Marshall, Magnus) - - - - It appears that this function can sometimes fail transiently; - we previously treated any failure as a hard error, which could - confuse LISTEN/NOTIFY as well as other - operations. - - - - - - Add MUST (Mauritius Island Summer Time) to the default list - of known timezone abbreviations (Xavier Bugaud) - - - - - - - - - - Release 8.3.6 - - - Release date: - 2009-02-02 - - - - This release contains a variety of fixes from 8.3.5. - For information about new features in the 8.3 major release, see - . - - - - Migration to Version 8.3.6 - - - A dump/restore is not required for those running 8.3.X. - However, if you are upgrading from a version earlier than 8.3.5, - see . - - - - - - Changes - - - - - - Make DISCARD ALL release advisory locks, in addition - to everything it already did (Tom) - - - - This was decided to be the most appropriate behavior. This could - affect existing applications, however. - - - - - - Fix whole-index GiST scans to work correctly (Teodor) - - - - This error could cause rows to be lost if a table is clustered - on a GiST index. - - - - - - Fix crash of xmlconcat(NULL) (Peter) - - - - - - Fix possible crash in ispell dictionary if high-bit-set - characters are used as flags (Teodor) - - - - This is known to be done by one widely available Norwegian dictionary, - and the same condition may exist in others. - - - - - - Fix misordering of pg_dump output for composite types - (Tom) - - - - The most likely problem was for user-defined operator classes to - be dumped after indexes or views that needed them. - - - - - - Improve handling of URLs in headline() function (Teodor) - - - - - - Improve handling of overlength headlines in headline() - function (Teodor) - - - - - - Prevent possible Assert failure or misconversion if an encoding - conversion is created with the wrong conversion function for the - specified pair of encodings (Tom, Heikki) - - - - - - Fix possible Assert failure if a statement executed in PL/pgSQL is - rewritten into another kind of statement, for example if an - INSERT is rewritten into an UPDATE (Heikki) - - - - - - Ensure that a snapshot is available to datatype input functions (Tom) - - - - This primarily affects domains that are declared with CHECK - constraints involving user-defined stable or immutable functions. Such - functions typically fail if no snapshot has been set. - - - - - - Make it safer for SPI-using functions to be used within datatype I/O; - in particular, to be used in domain check constraints (Tom) - - - - - - Avoid unnecessary locking of small tables in VACUUM - (Heikki) - - - - - - Fix a problem that sometimes kept ALTER TABLE ENABLE/DISABLE - RULE from being recognized by active sessions (Tom) - - - - - - Fix a problem that made UPDATE RETURNING tableoid - return zero instead of the correct OID (Tom) - - - - - - Allow functions declared as taking ANYARRAY to work on - the pg_statistic columns of that type (Tom) - - - - This used to work, but was unintentionally broken in 8.3. - - - - - - Fix planner misestimation of selectivity when transitive equality - is applied to an outer-join clause (Tom) - - - - This could result in bad plans for queries like - ... from a left join b on a.a1 = b.b1 where a.a1 = 42 ... - - - - - - Improve optimizer's handling of long IN lists (Tom) - - - - This change avoids wasting large amounts of time on such lists - when constraint exclusion is enabled. - - - - - - Prevent synchronous scan during GIN index build (Tom) - - - - Because GIN is optimized for inserting tuples in increasing TID order, - choosing to use a synchronous scan could slow the build by a factor of - three or more. - - - - - - Ensure that the contents of a holdable cursor don't depend on the - contents of TOAST tables (Tom) - - - - Previously, large field values in a cursor result might be represented - as TOAST pointers, which would fail if the referenced table got dropped - before the cursor is read, or if the large value is deleted and then - vacuumed away. This cannot happen with an ordinary cursor, - but it could with a cursor that is held past its creating transaction. - - - - - - Fix memory leak when a set-returning function is terminated without - reading its whole result (Tom) - - - - - - Fix encoding conversion problems in XML functions when the database - encoding isn't UTF-8 (Tom) - - - - - - Fix contrib/dblink's - dblink_get_result(text,bool) function (Joe) - - - - - - Fix possible garbage output from contrib/sslinfo functions - (Tom) - - - - - - Fix incorrect behavior of contrib/tsearch2 compatibility - trigger when it's fired more than once in a command (Teodor) - - - - - - Fix possible mis-signaling in autovacuum (Heikki) - - - - - - Support running as a service on Windows 7 beta (Dave and Magnus) - - - - - - Fix ecpg's handling of varchar structs (Michael) - - - - - - Fix configure script to properly report failure when - unable to obtain linkage information for PL/Perl (Andrew) - - - - - - Make all documentation reference pgsql-bugs and/or - pgsql-hackers as appropriate, instead of the - now-decommissioned pgsql-ports and pgsql-patches - mailing lists (Tom) - - - - - - Update time zone data files to tzdata release 2009a (for - Kathmandu and historical DST corrections in Switzerland, Cuba) - - - - - - - - - - Release 8.3.5 - - - Release date: - 2008-11-03 - - - - This release contains a variety of fixes from 8.3.4. - For information about new features in the 8.3 major release, see - . - - - - Migration to Version 8.3.5 - - - A dump/restore is not required for those running 8.3.X. - However, if you are upgrading from a version earlier than 8.3.1, - see . Also, if you were running a previous - 8.3.X release, it is recommended to REINDEX all GiST - indexes after the upgrade. - - - - - - Changes - - - - - - Fix GiST index corruption due to marking the wrong index entry - dead after a deletion (Teodor) - - - - This would result in index searches failing to find rows they - should have found. Corrupted indexes can be fixed with - REINDEX. - - - - - - Fix backend crash when the client encoding cannot represent a localized - error message (Tom) - - - - We have addressed similar issues before, but it would still fail if - the character has no equivalent message itself couldn't - be converted. The fix is to disable localization and send the plain - ASCII error message when we detect such a situation. - - - - - - Fix possible crash in bytea-to-XML mapping (Michael McMaster) - - - - - - Fix possible crash when deeply nested functions are invoked from - a trigger (Tom) - - - - - - Improve optimization of expression IN - (expression-list) queries (Tom, per an idea from Robert - Haas) - - - - Cases in which there are query variables on the right-hand side had been - handled less efficiently in 8.2.x and 8.3.x than in prior versions. - The fix restores 8.1 behavior for such cases. - - - - - - Fix mis-expansion of rule queries when a sub-SELECT appears - in a function call in FROM, a multi-row VALUES - list, or a RETURNING list (Tom) - - - - The usual symptom of this problem is an unrecognized node type - error. - - - - - - Fix Assert failure during rescan of an IS NULL - search of a GiST index (Teodor) - - - - - - Fix memory leak during rescan of a hashed aggregation plan (Neil) - - - - - - Ensure an error is reported when a newly-defined PL/pgSQL trigger - function is invoked as a normal function (Tom) - - - - - - Force a checkpoint before CREATE DATABASE starts to copy - files (Heikki) - - - - This prevents a possible failure if files had recently been deleted - in the source database. - - - - - - Prevent possible collision of relfilenode numbers - when moving a table to another tablespace with ALTER SET - TABLESPACE (Heikki) - - - - The command tried to re-use the existing filename, instead of - picking one that is known unused in the destination directory. - - - - - - Fix incorrect text search headline generation when single query - item matches first word of text (Sushant Sinha) - - - - - - Fix improper display of fractional seconds in interval values when - using a non-ISO datestyle in an - build (Ron Mayer) - - - - - - Make ILIKE compare characters case-insensitively - even when they're escaped (Andrew) - - - - - - Ensure DISCARD is handled properly by statement logging (Tom) - - - - - - Fix incorrect logging of last-completed-transaction time during - PITR recovery (Tom) - - - - - - Ensure SPI_getvalue and SPI_getbinval - behave correctly when the passed tuple and tuple descriptor have - different numbers of columns (Tom) - - - - This situation is normal when a table has had columns added or removed, - but these two functions didn't handle it properly. - The only likely consequence is an incorrect error indication. - - - - - - Mark SessionReplicationRole as PGDLLIMPORT - so it can be used by Slony on Windows (Magnus) - - - - - - Fix small memory leak when using libpq's - gsslib parameter (Magnus) - - - - The space used by the parameter string was not freed at connection - close. - - - - - - Ensure libgssapi is linked into libpq - if needed (Markus Schaaf) - - - - - - Fix ecpg's parsing of CREATE ROLE (Michael) - - - - - - Fix recent breakage of pg_ctl restart (Tom) - - - - - - Ensure pg_control is opened in binary mode - (Itagaki Takahiro) - - - - pg_controldata and pg_resetxlog - did this incorrectly, and so could fail on Windows. - - - - - - Update time zone data files to tzdata release 2008i (for - DST law changes in Argentina, Brazil, Mauritius, Syria) - - - - - - - - - - Release 8.3.4 - - - Release date: - 2008-09-22 - - - - This release contains a variety of fixes from 8.3.3. - For information about new features in the 8.3 major release, see - . - - - - Migration to Version 8.3.4 - - - A dump/restore is not required for those running 8.3.X. - However, if you are upgrading from a version earlier than 8.3.1, - see . - - - - - - Changes - - - - - - Fix bug in btree WAL recovery code (Heikki) - - - - Recovery failed if the WAL ended partway through a page split operation. - - - - - - Fix potential use of wrong cutoff XID for HOT page pruning (Alvaro) - - - - This error created a risk of corruption in system - catalogs that are consulted by VACUUM: dead tuple versions - might be removed too soon. The impact of this on actual database - operations would be minimal, since the system doesn't follow MVCC - rules while examining catalogs, but it might result in transiently - wrong output from pg_dump or other client programs. - - - - - - Fix potential miscalculation of datfrozenxid (Alvaro) - - - - This error may explain some recent reports of failure to remove old - pg_clog data. - - - - - - Fix incorrect HOT updates after pg_class is reindexed - (Tom) - - - - Corruption of pg_class could occur if REINDEX - TABLE pg_class was followed in the same session by an ALTER - TABLE RENAME or ALTER TABLE SET SCHEMA command. - - - - - - Fix missed combo cid case (Karl Schnaitter) - - - - This error made rows incorrectly invisible to a transaction in which they - had been deleted by multiple subtransactions that all aborted. - - - - - - Prevent autovacuum from crashing if the table it's currently - checking is deleted at just the wrong time (Alvaro) - - - - - - Widen local lock counters from 32 to 64 bits (Tom) - - - - This responds to reports that the counters could overflow in - sufficiently long transactions, leading to unexpected lock is - already held errors. - - - - - - Fix possible duplicate output of tuples during a GiST index scan (Teodor) - - - - - - Regenerate foreign key checking queries from scratch when either - table is modified (Tom) - - - - Previously, 8.3 would attempt to replan the query, but would work from - previously generated query text. This led to failures if a - table or column was renamed. - - - - - - Fix missed permissions checks when a view contains a simple - UNION ALL construct (Heikki) - - - - Permissions for the referenced tables were checked properly, but not - permissions for the view itself. - - - - - - Add checks in executor startup to ensure that the tuples produced by an - INSERT or UPDATE will match the target table's - current rowtype (Tom) - - - - This situation is believed to be impossible in 8.3, but it can happen in - prior releases, so a check seems prudent. - - - - - - Fix possible repeated drops during DROP OWNED (Tom) - - - - This would typically result in strange errors such as cache - lookup failed for relation NNN. - - - - - - Fix several memory leaks in XML operations (Kris Jurka, Tom) - - - - - - Fix xmlserialize() to raise error properly for - unacceptable target data type (Tom) - - - - - - Fix a couple of places that mis-handled multibyte characters in text - search configuration file parsing (Tom) - - - - Certain characters occurring in configuration files would always cause - invalid byte sequence for encoding failures. - - - - - - Provide file name and line number location for all errors reported - in text search configuration files (Tom) - - - - - - Fix AT TIME ZONE to first try to interpret its timezone - argument as a timezone abbreviation, and only try it as a full timezone - name if that fails, rather than the other way around as formerly (Tom) - - - - The timestamp input functions have always resolved ambiguous zone names - in this order. Making AT TIME ZONE do so as well improves - consistency, and fixes a compatibility bug introduced in 8.1: - in ambiguous cases we now behave the same as 8.0 and before did, - since in the older versions AT TIME ZONE accepted - only abbreviations. - - - - - - Fix datetime input functions to correctly detect integer overflow when - running on a 64-bit platform (Tom) - - - - - - Prevent integer overflows during units conversion when displaying a - configuration parameter that has units (Tom) - - - - - - Improve performance of writing very long log messages to syslog (Tom) - - - - - - Allow spaces in the suffix part of an LDAP URL in - pg_hba.conf (Tom) - - - - - - Fix bug in backwards scanning of a cursor on a SELECT DISTINCT - ON query (Tom) - - - - - - Fix planner bug that could improperly push down IS NULL - tests below an outer join (Tom) - - - - This was triggered by occurrence of IS NULL tests for - the same relation in all arms of an upper OR clause. - - - - - - Fix planner bug with nested sub-select expressions (Tom) - - - - If the outer sub-select has no direct dependency on the parent query, - but the inner one does, the outer value might not get recalculated - for new parent query rows. - - - - - - Fix planner to estimate that GROUP BY expressions yielding - boolean results always result in two groups, regardless of the - expressions' contents (Tom) - - - - This is very substantially more accurate than the regular GROUP - BY estimate for certain boolean tests like col - IS NULL. - - - - - - Fix PL/pgSQL to not fail when a FOR loop's target variable - is a record containing composite-type fields (Tom) - - - - - - Fix PL/Tcl to behave correctly with Tcl 8.5, and to be more careful - about the encoding of data sent to or from Tcl (Tom) - - - - - - Improve performance of PQescapeBytea() (Rudolf Leitgeb) - - - - - - On Windows, work around a Microsoft bug by preventing - libpq from trying to send more than 64kB per system call - (Magnus) - - - - - - Fix ecpg to handle variables properly in SET - commands (Michael) - - - - - - Improve pg_dump and pg_restore's - error reporting after failure to send a SQL command (Tom) - - - - - - Fix pg_ctl to properly preserve postmaster - command-line arguments across a restart (Bruce) - - - - - - Fix erroneous WAL file cutoff point calculation in - pg_standby (Simon) - - - - - - Update time zone data files to tzdata release 2008f (for - DST law changes in Argentina, Bahamas, Brazil, Mauritius, Morocco, - Pakistan, Palestine, and Paraguay) - - - - - - - - - - Release 8.3.3 - - - Release date: - 2008-06-12 - - - - This release contains one serious and one minor bug fix over 8.3.2. - For information about new features in the 8.3 major release, see - . - - - - Migration to Version 8.3.3 - - - A dump/restore is not required for those running 8.3.X. - However, if you are upgrading from a version earlier than 8.3.1, - see . - - - - - - Changes - - - - - - Make pg_get_ruledef() parenthesize negative constants (Tom) - - - - Before this fix, a negative constant in a view or rule might be dumped - as, say, -42::integer, which is subtly incorrect: it should - be (-42)::integer due to operator precedence rules. - Usually this would make little difference, but it could interact with - another recent patch to cause - PostgreSQL to reject what had been a valid - SELECT DISTINCT view query. Since this could result in - pg_dump output failing to reload, it is being treated - as a high-priority fix. The only released versions in which dump - output is actually incorrect are 8.3.1 and 8.2.7. - - - - - - Make ALTER AGGREGATE ... OWNER TO update - pg_shdepend (Tom) - - - - This oversight could lead to problems if the aggregate was later - involved in a DROP OWNED or REASSIGN OWNED - operation. - - - - - - - - - - Release 8.3.2 - - - Release date: - never released - - - - This release contains a variety of fixes from 8.3.1. - For information about new features in the 8.3 major release, see - . - - - - Migration to Version 8.3.2 - - - A dump/restore is not required for those running 8.3.X. - However, if you are upgrading from a version earlier than 8.3.1, - see . - - - - - - Changes - - - - - - Fix ERRORDATA_STACK_SIZE exceeded crash that - occurred on Windows when using UTF-8 database encoding and a different - client encoding (Tom) - - - - - - Fix incorrect archive truncation point calculation for the - %r macro in restore_command parameters - (Simon) - - - - This could lead to data loss if a warm-standby script relied on - %r to decide when to throw away WAL segment files. - - - - - - Fix ALTER TABLE ADD COLUMN ... PRIMARY KEY so that the new - column is correctly checked to see if it's been initialized to all - non-nulls (Brendan Jurd) - - - - Previous versions neglected to check this requirement at all. - - - - - - Fix REASSIGN OWNED so that it works on procedural - languages too (Alvaro) - - - - - - Fix problems with SELECT FOR UPDATE/SHARE occurring as a - subquery in a query with a non-SELECT top-level operation - (Tom) - - - - - - Fix possible CREATE TABLE failure when inheriting the - same constraint from multiple parent relations that - inherited that constraint from a common ancestor (Tom) - - - - - - Fix pg_get_ruledef() to show the alias, if any, attached - to the target table of an UPDATE or DELETE - (Tom) - - - - - - Restore the pre-8.3 behavior that an out-of-range block number in a - TID being used in a TidScan plan results in silently not matching any - rows (Tom) - - - - 8.3.0 and 8.3.1 threw an error instead. - - - - - - Fix GIN bug that could result in a too many LWLocks - taken failure (Teodor) - - - - - - Fix broken GiST comparison function for tsquery (Teodor) - - - - - - Fix tsvector_update_trigger() and ts_stat() - to accept domains over the types they expect to work with (Tom) - - - - - - Fix failure to support enum data types as foreign keys (Tom) - - - - - - Avoid possible crash when decompressing corrupted data - (Zdenek Kotala) - - - - - - Fix race conditions between delayed unlinks and DROP - DATABASE (Heikki) - - - - In the worst case this could result in deleting a newly created table - in a new database that happened to get the same OID as the - recently-dropped one; but of course that is an extremely - low-probability scenario. - - - - - - Repair two places where SIGTERM exit of a backend could leave corrupted - state in shared memory (Tom) - - - - Neither case is very important if SIGTERM is used to shut down the - whole database cluster together, but there was a problem if someone - tried to SIGTERM individual backends. - - - - - - Fix possible crash due to incorrect plan generated for an - x IN (SELECT y - FROM ...) clause when x and y - have different data types; and make sure the behavior is semantically - correct when the conversion from y's type to - x's type is lossy (Tom) - - - - - - Fix oversight that prevented the planner from substituting known Param - values as if they were constants (Tom) - - - - This mistake partially disabled optimization of unnamed - extended-Query statements in 8.3.0 and 8.3.1: in particular the - LIKE-to-indexscan optimization would never be applied if the LIKE - pattern was passed as a parameter, and constraint exclusion - depending on a parameter value didn't work either. - - - - - - Fix planner failure when an indexable MIN or - MAX aggregate is used with DISTINCT or - ORDER BY (Tom) - - - - - - Fix planner to ensure it never uses a physical tlist for a - plan node that is feeding a Sort node (Tom) - - - - This led to the sort having to push around more data than it really - needed to, since unused column values were included in the sorted - data. - - - - - - Avoid unnecessary copying of query strings (Tom) - - - - This fixes a performance problem introduced in 8.3.0 when a very large - number of commands are submitted as a single query string. - - - - - - Make TransactionIdIsCurrentTransactionId() use binary - search instead of linear search when checking child-transaction XIDs - (Heikki) - - - - This fixes some cases in which 8.3.0 was significantly - slower than earlier releases. - - - - - - Fix conversions between ISO-8859-5 and other encodings to handle - Cyrillic Yo characters (e and E with - two dots) (Sergey Burladyan) - - - - - - Fix several datatype input functions, notably array_in(), - that were allowing unused bytes in their results to contain - uninitialized, unpredictable values (Tom) - - - - This could lead to failures in which two apparently identical literal - values were not seen as equal, resulting in the parser complaining - about unmatched ORDER BY and DISTINCT - expressions. - - - - - - Fix a corner case in regular-expression substring matching - (substring(string from - pattern)) (Tom) - - - - The problem occurs when there is a match to the pattern overall but - the user has specified a parenthesized subexpression and that - subexpression hasn't got a match. An example is - substring('foo' from 'foo(bar)?'). - This should return NULL, since (bar) isn't matched, but - it was mistakenly returning the whole-pattern match instead (ie, - foo). - - - - - - Prevent cancellation of an auto-vacuum that was launched to prevent - XID wraparound (Alvaro) - - - - - - Improve ANALYZE's handling of in-doubt tuples (those - inserted or deleted by a not-yet-committed transaction) so that the - counts it reports to the stats collector are more likely to be correct - (Pavan Deolasee) - - - - - - Fix initdb to reject a relative path for its - --xlogdir (-X) option (Tom) - - - - - - Make psql print tab characters as an appropriate - number of spaces, rather than \x09 as was done in - 8.3.0 and 8.3.1 (Bruce) - - - - - - Update time zone data files to tzdata release 2008c (for - DST law changes in Morocco, Iraq, Choibalsan, Pakistan, Syria, Cuba, and - Argentina/San_Luis) - - - - - - Add ECPGget_PGconn() function to - ecpglib (Michael) - - - - - - Fix incorrect result from ecpg's - PGTYPEStimestamp_sub() function (Michael) - - - - - - Fix handling of continuation line markers in ecpg - (Michael) - - - - - - Fix possible crashes in contrib/cube functions (Tom) - - - - - - Fix core dump in contrib/xml2's - xpath_table() function when the input query returns a - NULL value (Tom) - - - - - - Fix contrib/xml2's makefile to not override - CFLAGS, and make it auto-configure properly for - libxslt present or not (Tom) - - - - - - - - - - Release 8.3.1 - - - Release date: - 2008-03-17 - - - - This release contains a variety of fixes from 8.3.0. - For information about new features in the 8.3 major release, see - . - - - - Migration to Version 8.3.1 - - - A dump/restore is not required for those running 8.3.X. - However, you might need to REINDEX indexes on textual - columns after updating, if you are affected by the Windows locale - issue described below. - - - - - - Changes - - - - - - Fix character string comparison for Windows locales that consider - different character combinations as equal (Tom) - - - - This fix applies only on Windows and only when using UTF-8 - database encoding. The same fix was made for all other cases - over two years ago, but Windows with UTF-8 uses a separate code - path that was not updated. If you are using a locale that - considers some non-identical strings as equal, you may need to - REINDEX to fix existing indexes on textual columns. - - - - - - Repair corner-case bugs in VACUUM FULL (Tom) - - - - A potential deadlock between concurrent VACUUM FULL - operations on different system catalogs was introduced in 8.2. - This has now been corrected. 8.3 made this worse because the - deadlock could occur within a critical code section, making it - a PANIC rather than just ERROR condition. - - - - Also, a VACUUM FULL that failed partway through - vacuuming a system catalog could result in cache corruption in - concurrent database sessions. - - - - Another VACUUM FULL bug introduced in 8.3 could - result in a crash or out-of-memory report when dealing with - pages containing no live tuples. - - - - - - Fix misbehavior of foreign key checks involving character - or bit columns (Tom) - - - - If the referencing column were of a different but compatible type - (for instance varchar), the constraint was enforced incorrectly. - - - - - - Avoid needless deadlock failures in no-op foreign-key checks (Stephan - Szabo, Tom) - - - - - - Fix possible core dump when re-planning a prepared query (Tom) - - - - This bug affected only protocol-level prepare operations, not - SQL PREPARE, and so tended to be seen only with - JDBC, DBI, and other client-side drivers that use prepared - statements heavily. - - - - - - Fix possible failure when re-planning a query that calls an SPI-using - function (Tom) - - - - - - Fix failure in row-wise comparisons involving columns of different - datatypes (Tom) - - - - - - Fix longstanding LISTEN/NOTIFY - race condition (Tom) - - - - In rare cases a session that had just executed a - LISTEN might not get a notification, even though - one would be expected because the concurrent transaction executing - NOTIFY was observed to commit later. - - - - A side effect of the fix is that a transaction that has executed - a not-yet-committed LISTEN command will not see any - row in pg_listener for the LISTEN, - should it choose to look; formerly it would have. This behavior - was never documented one way or the other, but it is possible that - some applications depend on the old behavior. - - - - - - Disallow LISTEN and UNLISTEN within a - prepared transaction (Tom) - - - - This was formerly allowed but trying to do it had various unpleasant - consequences, notably that the originating backend could not exit - as long as an UNLISTEN remained uncommitted. - - - - - - Disallow dropping a temporary table within a - prepared transaction (Heikki) - - - - This was correctly disallowed by 8.1, but the check was inadvertently - broken in 8.2 and 8.3. - - - - - - Fix rare crash when an error occurs during a query using a hash index - (Heikki) - - - - - - Fix incorrect comparison of tsquery values (Teodor) - - - - - - Fix incorrect behavior of LIKE with non-ASCII characters - in single-byte encodings (Rolf Jentsch) - - - - - - Disable xmlvalidate (Tom) - - - - This function should have been removed before 8.3 release, but - was inadvertently left in the source code. It poses a small - security risk since unprivileged users could use it to read the - first few characters of any file accessible to the server. - - - - - - Fix memory leaks in certain usages of set-returning functions (Neil) - - - - - - Make encode(bytea, 'escape') convert all - high-bit-set byte values into \nnn octal - escape sequences (Tom) - - - - This is necessary to avoid encoding problems when the database - encoding is multi-byte. This change could pose compatibility issues - for applications that are expecting specific results from - encode. - - - - - - Fix input of datetime values for February 29 in years BC (Tom) - - - - The former coding was mistaken about which years were leap years. - - - - - - Fix unrecognized node type error in some variants of - ALTER OWNER (Tom) - - - - - - Avoid tablespace permissions errors in CREATE TABLE LIKE - INCLUDING INDEXES (Tom) - - - - - - Ensure pg_stat_activity.waiting flag - is cleared when a lock wait is aborted (Tom) - - - - - - Fix handling of process permissions on Windows Vista (Dave, Magnus) - - - - In particular, this fix allows starting the server as the Administrator - user. - - - - - - Update time zone data files to tzdata release 2008a - (in particular, recent Chile changes); adjust timezone abbreviation - VET (Venezuela) to mean UTC-4:30, not UTC-4:00 (Tom) - - - - - - Fix ecpg problems with arrays (Michael) - - - - - - Fix pg_ctl to correctly extract the postmaster's port - number from command-line options (Itagaki Takahiro, Tom) - - - - Previously, pg_ctl start -w could try to contact the - postmaster on the wrong port, leading to bogus reports of startup - failure. - - - - - - Use to defend against possible misoptimization - in recent gcc versions (Tom) - - - - This is known to be necessary when building PostgreSQL - with gcc 4.3 or later. - - - - - - Enable building contrib/uuid-ossp with MSVC (Hiroshi Saito) - - - - - - - - - - Release 8.3 - - - Release date: - 2008-02-04 - - - - Overview - - - With significant new functionality and performance enhancements, - this release represents a major leap forward for - PostgreSQL. This was made possible by a growing - community that has dramatically accelerated the pace of - development. This release adds the following major features: - - - - - - - Full text search is integrated into the core database system - - - - - - Support for the SQL/XML standard, including new operators and an - XML data type - - - - - - Enumerated data types (ENUM) - - - - - - Arrays of composite types - - - - - - Universally Unique Identifier (UUID) data type - - - - - - Add control over whether NULLs sort first or last - - - - - - Updatable cursors - - - - - - Server configuration parameters can now be set on a per-function - basis - - - - - - User-defined types can now have type modifiers - - - - - - Automatically re-plan cached queries when table - definitions change or statistics are updated - - - - - - Numerous improvements in logging and statistics collection - - - - - - Support Security Service Provider Interface (SSPI) for - authentication on Windows - - - - - - Support multiple concurrent autovacuum processes, and other - autovacuum improvements - - - - - - Allow the whole PostgreSQL distribution to be compiled - with Microsoft Visual C++ - - - - - - - Major performance improvements are listed below. Most of - these enhancements are automatic and do not require user changes or - tuning: - - - - - - - Asynchronous commit delays writes to WAL during transaction commit - - - - - - Checkpoint writes can be spread over a longer time period to smooth - the I/O spike during each checkpoint - - - - - - Heap-Only Tuples (HOT) accelerate space reuse for - most UPDATEs and DELETEs - - - - - - Just-in-time background writer strategy improves disk write - efficiency - - - - - - Using non-persistent transaction IDs for read-only transactions - reduces overhead and VACUUM requirements - - - - - - Per-field and per-row storage overhead has been reduced - - - - - - Large sequential scans no longer force out frequently used - cached pages - - - - - - Concurrent large sequential scans can now share disk reads - - - - - - ORDER BY ... LIMIT can be done without sorting - - - - - - - The above items are explained in more detail in the sections below. - - - - - - Migration to Version 8.3 - - - A dump/restore using pg_dump is - required for those wishing to migrate data from any previous - release. - - - - Observe the following incompatibilities: - - - - General - - - - - Non-character data types are no longer automatically cast to - TEXT (Peter, Tom) - - - - Previously, if a non-character value was supplied to an operator or - function that requires text input, it was automatically - cast to text, for most (though not all) built-in data types. - This no longer happens: an explicit cast to text is now - required for all non-character-string types. For example, these - expressions formerly worked: - - -substr(current_date, 1, 4) -23 LIKE '2%' - - - but will now draw function does not exist and operator - does not exist errors respectively. Use an explicit cast instead: - - -substr(current_date::text, 1, 4) -23::text LIKE '2%' - - - (Of course, you can use the more verbose CAST() syntax too.) - The reason for the change is that these automatic casts too often caused - surprising behavior. An example is that in previous releases, this - expression was accepted but did not do what was expected: - - -current_date < 2017-11-17 - - - This is actually comparing a date to an integer, which should be - (and now is) rejected — but in the presence of automatic - casts both sides were cast to text and a textual comparison - was done, because the text < text operator was able - to match the expression when no other < operator could. - - - - Types char(n) and - varchar(n) still cast to text - automatically. Also, automatic casting to text still works for - inputs to the concatenation (||) operator, so long as least - one input is a character-string type. - - - - - - Full text search features from contrib/tsearch2 have - been moved into the core server, with some minor syntax changes - - - - contrib/tsearch2 now contains a compatibility - interface. - - - - - - ARRAY(SELECT ...), where the SELECT - returns no rows, now returns an empty array, rather than NULL - (Tom) - - - - - - The array type name for a base data type is no longer always the base - type's name with an underscore prefix - - - - The old naming convention is still honored when possible, but - application code should no longer depend on it. Instead - use the new pg_type.typarray column to - identify the array data type associated with a given type. - - - - - - ORDER BY ... USING operator must now - use a less-than or greater-than operator that is - defined in a btree operator class - - - - This restriction was added to prevent inconsistent results. - - - - - - SET LOCAL changes now persist until - the end of the outermost transaction, unless rolled back (Tom) - - - - Previously SET LOCAL's effects were lost - after subtransaction commit (RELEASE SAVEPOINT - or exit from a PL/pgSQL exception block). - - - - - - Commands rejected in transaction blocks are now also rejected in - multiple-statement query strings (Tom) - - - - For example, "BEGIN; DROP DATABASE; COMMIT" will now be - rejected even if submitted as a single query message. - - - - - - ROLLBACK outside a transaction block now - issues NOTICE instead of WARNING (Bruce) - - - - - - Prevent NOTIFY/LISTEN/UNLISTEN - from accepting schema-qualified names (Bruce) - - - - Formerly, these commands accepted schema.relation but - ignored the schema part, which was confusing. - - - - - - ALTER SEQUENCE no longer affects the sequence's - currval() state (Tom) - - - - - - Foreign keys now must match indexable conditions for - cross-data-type references (Tom) - - - - This improves semantic consistency and helps avoid - performance problems. - - - - - - Restrict object size functions to users who have reasonable - permissions to view such information (Tom) - - - - For example, pg_database_size() now requires - CONNECT permission, which is granted to everyone by - default. pg_tablespace_size() requires - CREATE permission in the tablespace, or is allowed if - the tablespace is the default tablespace for the database. - - - - - - Remove the undocumented !!= (not in) operator (Tom) - - - - NOT IN (SELECT ...) is the proper way to - perform this operation. - - - - - - Internal hashing functions are now more uniformly-distributed (Tom) - - - - If application code was computing and storing hash values using - internal PostgreSQL hashing functions, the hash - values must be regenerated. - - - - - - C-code conventions for handling variable-length data values - have changed (Greg Stark, Tom) - - - - The new SET_VARSIZE() macro must be used - to set the length of generated varlena values. Also, it - might be necessary to expand (de-TOAST) input values - in more cases. - - - - - - Continuous archiving no longer reports each successful archive - operation to the server logs unless DEBUG level is used - (Simon) - - - - - - - - - Configuration Parameters - - - - - - Numerous changes in administrative server parameters - - - - bgwriter_lru_percent, - bgwriter_all_percent, - bgwriter_all_maxpages, - stats_start_collector, and - stats_reset_on_server_start are removed. - redirect_stderr is renamed to - logging_collector. - stats_command_string is renamed to - track_activities. - stats_block_level and stats_row_level - are merged into track_counts. - A new boolean configuration parameter, archive_mode, - controls archiving. Autovacuum's default settings have changed. - - - - - - Remove stats_start_collector parameter (Tom) - - - - We now always start the collector process, unless UDP - socket creation fails. - - - - - - Remove stats_reset_on_server_start