rdelaage/postgresql
1
0
Fork 0
mirror of https://git.postgresql.org/git/postgresql.git synced 2024-10-03 21:16:50 +02:00
Code Issues Packages Projects Releases Wiki Activity
31,128 Commits 36 Branches 606 Tags 423 MiB
7ccb6dc2d3
Commit Graph

64 Commits

Author SHA1 Message Date
Tom Lane
29d442199a Update release notes for releases 9.0.3, 8.4.7, 8.3.14, and 8.2.20. 2011-01-27 16:09:39 -05:00
Tom Lane
f9224c8ec2 Update release notes for releases 9.0.2, 8.4.6, 8.3.13, 8.2.19, and 8.1.23. 2010-12-13 20:22:52 -05:00
Tom Lane
50595b5fce Use a separate interpreter for each calling SQL userid in plperl and pltcl. 
There are numerous methods by which a Perl or Tcl function can subvert
the behavior of another such function executed later; for example, by
redefining standard functions or operators called by the target function.
If the target function is SECURITY DEFINER, or is called by such a
function, this means that any ordinary SQL user with Perl or Tcl language
usage rights can do essentially anything with the privileges of the target
function's owner.

To close this security hole, create a separate Perl or Tcl interpreter for
each SQL userid under which plperl or pltcl functions are executed within
a session.  However, all plperlu or pltclu functions run within a session
still share a single interpreter, since they all execute at the trust
level of a database superuser anyway.

Note: this change results in a functionality loss when libperl has been
built without the "multiplicity" option: it's no longer possible to call
plperl functions under different userids in one session, since such a
libperl can't support multiple interpreters in one process.  However, such
a libperl already failed to support concurrent use of plperl and plperlu,
so it's likely that few people use such versions with Postgres.

Security: CVE-2010-3433
 2010-09-30 17:18:51 -04:00
Tom Lane
a5683ea042 Update release notes for releases 9.0.1, 8.4.5, 8.3.12, 8.2.18, 8.1.22, 
8.0.26, and 7.4.30.
 2010-09-30 14:27:15 -04:00
Robert Haas
3186560f46 Replace doc references to install-win32 with install-windows. 
Windows is not necessarily 32-bit, any more.

As suggested by Mike Toews.
 2010-09-23 17:45:39 -04:00
Robert Haas
0c8ed2dafb Fix inconsistent capitalization of "PL/pgSQL". 
Josh Kupershmidt
 2010-09-22 21:57:37 -04:00
Magnus Hagander
9f2e211386 Remove cvs keywords from all files. 2010-09-20 22:08:53 +02:00
Tom Lane
f7270a65b3 Stamp 9.0 release notes with expected release date; also some last-minute 
copy-editing.
 2010-09-16 18:15:21 +00:00
Tom Lane
e1089e34eb Add a compatibility note about plpgsql's treatment of SELECT INTO rec.fld 
when fld is of composite type.  Per discussion of bug #5644 from Valentine
Gogichashvili.
 2010-09-15 17:45:57 +00:00
Tom Lane
4ff6856cb1 Improve release notes' description of Teodor's fixes for polygon overlaps 
and contains operators.
 2010-09-01 15:14:42 +00:00
Bruce Momjian
0d812f1966 Update release notes, per comments from Simon Riggs. 2010-08-25 19:41:38 +00:00
Tom Lane
f121c408e2 Update 9.0 release notes for changes since beta4. 
Note: as usual, bug fixes that were also applied in back branches are not
considered material to include in a new major release's notes.
 2010-08-25 00:47:57 +00:00
Tom Lane
7dc04cd204 Further editing of release notes. 2010-08-24 23:45:32 +00:00
Bruce Momjian
f5878cd38f Clarifications for 9.0 release notes 
Josh Berkus
 2010-08-24 14:46:29 +00:00
Tom Lane
005e427a22 Make an editorial pass over the 9.0 release notes. 
This is mostly about grammar, style, and presentation, though I did find
a few small factual errors.
 2010-08-23 02:43:25 +00:00
Peter Eisentraut
5194b9d049 Spell and markup checking 2010-08-17 04:37:21 +00:00
Bruce Momjian
83f5491c63 Fix 9.0 release notes vacuum mention, not -> now 
Peter Fokkinga
 2010-08-07 13:07:06 +00:00
Tom Lane
4672093a8e Let's put that </link> in a sane place ... 2010-08-06 19:13:13 +00:00
Tom Lane
a209b9850f Fix inaccurate description of deferrable unique constraints, per Dean Rasheed. 2010-08-06 18:55:24 +00:00
Robert Haas
7ae6163a4e Rearrange "big features" section of the release notes. 
Josh Berkus
 2010-08-06 17:56:43 +00:00
Tom Lane
478a2c1208 Update release notes for 9.0 beta 4. Back-patch some changes that were made only in HEAD. 2010-07-29 21:18:11 +00:00
Peter Eisentraut
d33cfbd2e0 Spelling fixes 2010-07-27 19:01:16 +00:00
Bruce Momjian
f0fd939655 Restore pl/pgsql default install release note item. 2010-07-12 18:30:36 +00:00
Bruce Momjian
5d4faf07ab 9.0 release note improvements 
Erik Rijkers
 2010-07-12 18:25:21 +00:00
Bruce Momjian
d89e72c475 Spellcheck 9.0 release notes. 2010-07-12 17:47:39 +00:00
Bruce Momjian
c4314e150d Update release notes for 9.0 beta 3. 2010-07-08 22:26:14 +00:00
Bruce Momjian
c37e009678 Update 9.0 release notes so streaming replication and hot standby is not 
assumed to require continuous archiving.

Per report from Fujii Masao
 2010-07-01 02:33:21 +00:00
Andrew Dunstan
71a4d5c642 Correct missing/misspelled surname. 2010-06-30 14:25:24 +00:00
Tom Lane
5dbf489868 Add compatibility note warning that plpgsql is now stricter about the column 
datatypes of composite results, per gripe from Marcel Asio.  Some desultory
copy-editing of plpgsql-related sections of the release notes.
 2010-06-29 21:20:19 +00:00
Robert Haas
dedb500e8a Further 9.0 release notes updates. 
Josh Berkus
 2010-06-24 18:33:05 +00:00
Bruce Momjian
f25e5e5d47 Update doc description for 9.0 release note item: 
Have <command>SELECT</> and <command>CREATE TABLE AS</> return
      row counts to the client
 2010-06-16 18:46:18 +00:00
Bruce Momjian
a7b592722a 9.0 release notes updates. 
Josh Berkus
 2010-06-16 18:31:39 +00:00
Andrew Dunstan
3659c62350 Remove perl symbol table additions for plperl functions, and mention of it 
in the release notes, as it is not apparently providing anything useful.
 2010-06-16 14:50:34 +00:00
Robert Haas
38736e2276 Fix misplaced modifier. 
As suggested by Ian Barwick.
 2010-06-14 02:18:43 +00:00
Robert Haas
dd6c1080d0 Fix typo. 2010-06-14 01:07:41 +00:00
Bruce Momjian
c46f861c0d Update text of 9.0 release notes 
Josh Berkus
 2010-06-10 21:48:28 +00:00
Itagaki Takahiro
3fd839950a Replace "slave" to "standby" in documentation for consistent terminology. 
Almost all of the terms in docs and messages were replaced, but still
remains in a few comments and README files in codes.
 2010-06-07 02:01:09 +00:00
Tom Lane
572ec5a276 Remove link that breaks HISTORY file generation. 2010-06-03 21:23:02 +00:00
Bruce Momjian
58028240bb Fix CREATE TRIGGER release mention, WHERE -> WHEN. 2010-06-03 19:38:39 +00:00
Bruce Momjian
a68055eab6 Update 9.0 release notes to current. 2010-06-03 16:33:36 +00:00
Bruce Momjian
2681c51eca Update C++ release note item wording. 2010-06-01 13:43:39 +00:00
Bruce Momjian
1f152c656b Comment out C++ docs for later user. Tone down C++ compatibility in 9.0 
release notes.
 2010-06-01 03:19:36 +00:00
Andrew Dunstan
99ad9236bc Clarify plperl subroutine name release notes item, remove now redundant Safe.pm item. 2010-05-17 17:46:13 +00:00
Bruce Momjian
092c36ef99 Fix HISTORY.html build using </link>, not </>. 2010-05-13 12:47:50 +00:00
Bruce Momjian
d8c311c379 Update release notes to current. 2010-05-13 01:57:01 +00:00
Bruce Momjian
616a3b2df4 Documentation fix: CREATE TRIGGER 'WHERE' -> 'WHEN' 
Selena Deckelmann
 2010-04-29 22:03:41 +00:00
Bruce Momjian
72e316e4c8 Doc fix -- last major item should not be a bullet. 2010-04-29 21:02:50 +00:00
Bruce Momjian
fbb68396bb Move alpha release notes into a separate file; re-align sgml tags. 2010-04-29 20:54:28 +00:00
Bruce Momjian
ca2c61caac Update 9.0 release notes to current; add major items and introductory 
text.
 2010-04-29 20:43:22 +00:00
Tom Lane
87d5c22925 Clean up description of 9.0's incompatible changes in SIMILAR TO and 
SQL-style substring().
 2010-04-05 02:46:42 +00:00