Release 8.3.23Release Date2013-02-07
This release contains a variety of fixes from 8.3.22.
For information about new features in the 8.3 major release, see
.
This is expected to be the last PostgreSQL> release
in the 8.3.X series. Users are encouraged to update to a newer
release branch soon.
Migration to Version 8.3.23
A dump/restore is not required for those running 8.3.X.
However, if you are upgrading from a version earlier than 8.3.17,
see .
Changes
Prevent execution of enum_recv> from SQL (Tom Lane)
The function was misdeclared, allowing a simple SQL command to crash the
server. In principle an attacker might be able to use it to examine the
contents of server memory. Our thanks to Sumit Soni (via Secunia SVCRP)
for reporting this issue. (CVE-2013-0255)
Fix SQL grammar to allow subscripting or field selection from a
sub-SELECT result (Tom Lane)
Protect against race conditions when scanning
pg_tablespace> (Stephen Frost, Tom Lane)
CREATE DATABASE> and DROP DATABASE> could
misbehave if there were concurrent updates of
pg_tablespace> entries.
Prevent DROP OWNED> from trying to drop whole databases or
tablespaces (Álvaro Herrera)
For safety, ownership of these objects must be reassigned, not dropped.
Prevent misbehavior when a RowExpr> or XmlExpr>
is parse-analyzed twice (Andres Freund, Tom Lane)
This mistake could be user-visible in contexts such as
CREATE TABLE LIKE INCLUDING INDEXES>.
Improve defenses against integer overflow in hashtable sizing
calculations (Jeff Davis)
Ensure that non-ASCII prompt strings are translated to the correct
code page on Windows (Alexander Law, Noah Misch)
This bug affected psql> and some other client programs.
Fix possible crash in psql>'s \?> command
when not connected to a database (Meng Qingzhong)
Fix one-byte buffer overrun in libpq>'s
PQprintTuples> (Xi Wang)
This ancient function is not used anywhere by
PostgreSQL> itself, but it might still be used by some
client code.
Rearrange configure's tests for supplied functions so it is not
fooled by bogus exports from libedit/libreadline (Christoph Berg)
Ensure Windows build number increases over time (Magnus Hagander)
Make pgxs> build executables with the right
.exe> suffix when cross-compiling for Windows
(Zoltan Boszormenyi)
Add new timezone abbreviation FET> (Tom Lane)
This is now used in some eastern-European time zones.
Release 8.3.22Release Date2012-12-06
This release contains a variety of fixes from 8.3.21.
For information about new features in the 8.3 major release, see
.
The PostgreSQL> community will stop releasing updates
for the 8.3.X release series in February 2013.
Users are encouraged to update to a newer release branch soon.
Migration to Version 8.3.22
A dump/restore is not required for those running 8.3.X.
However, if you are upgrading from a version earlier than 8.3.17,
see .
Changes
Fix multiple bugs associated with CREATE INDEX
CONCURRENTLY> (Andres Freund, Tom Lane)
Fix CREATE INDEX CONCURRENTLY> to use
in-place updates when changing the state of an index's
pg_index> row. This prevents race conditions that could
cause concurrent sessions to miss updating the target index, thus
resulting in corrupt concurrently-created indexes.
Also, fix various other operations to ensure that they ignore
invalid indexes resulting from a failed CREATE INDEX
CONCURRENTLY> command. The most important of these is
VACUUM>, because an auto-vacuum could easily be launched
on the table before corrective action can be taken to fix or remove
the invalid index.
Avoid corruption of internal hash tables when out of memory
(Hitoshi Harada)
Fix planning of non-strict equivalence clauses above outer joins
(Tom Lane)
The planner could derive incorrect constraints from a clause equating
a non-strict construct to something else, for example
WHERE COALESCE(foo, 0) = 0>
when foo> is coming from the nullable side of an outer join.
Improve planner's ability to prove exclusion constraints from
equivalence classes (Tom Lane)
Fix partial-row matching in hashed subplans to handle cross-type cases
correctly (Tom Lane)
This affects multicolumn NOT IN> subplans, such as
WHERE (a, b) NOT IN (SELECT x, y FROM ...)>
when for instance b> and y> are int4>
and int8> respectively. This mistake led to wrong answers
or crashes depending on the specific datatypes involved.
Acquire buffer lock when re-fetching the old tuple for an
AFTER ROW UPDATE/DELETE> trigger (Andres Freund)
In very unusual circumstances, this oversight could result in passing
incorrect data to the precheck logic for a foreign-key enforcement
trigger. That could result in a crash, or in an incorrect decision
about whether to fire the trigger.
Fix REASSIGN OWNED> to handle grants on tablespaces
(Álvaro Herrera)
Ignore incorrect pg_attribute> entries for system
columns for views (Tom Lane)
Views do not have any system columns. However, we forgot to
remove such entries when converting a table to a view. That's fixed
properly for 9.3 and later, but in previous branches we need to defend
against existing mis-converted views.
Fix rule printing to dump INSERT INTO table>
DEFAULT VALUES correctly (Tom Lane)
Guard against stack overflow when there are too many
UNION>/INTERSECT>/EXCEPT> clauses
in a query (Tom Lane)
Prevent platform-dependent failures when dividing the minimum possible
integer value by -1 (Xi Wang, Tom Lane)
Fix possible access past end of string in date parsing
(Hitoshi Harada)
Produce an understandable error message if the length of the path name
for a Unix-domain socket exceeds the platform-specific limit
(Tom Lane, Andrew Dunstan)
Formerly, this would result in something quite unhelpful, such as
Non-recoverable failure in name resolution>.
Fix memory leaks when sending composite column values to the client
(Tom Lane)
Make pg_ctl> more robust about reading the
postmaster.pid> file (Heikki Linnakangas)
Fix race conditions and possible file descriptor leakage.
Fix possible crash in psql> if incorrectly-encoded data
is presented and the client_encoding> setting is a
client-only encoding, such as SJIS (Jiang Guiqing)
Fix bugs in the restore.sql> script emitted by
pg_dump> in tar> output format (Tom Lane)
The script would fail outright on tables whose names include
upper-case characters. Also, make the script capable of restoring
data in
Fix pg_restore> to accept POSIX-conformant
tar> files (Brian Weaver, Tom Lane)
The original coding of pg_dump>'s tar>
output mode produced files that are not fully conformant with the
POSIX standard. This has been corrected for version 9.3. This
patch updates previous branches so that they will accept both the
incorrect and the corrected formats, in hopes of avoiding
compatibility problems when 9.3 comes out.
Fix pg_resetxlog> to locate postmaster.pid>
correctly when given a relative path to the data directory (Tom Lane)
This mistake could lead to pg_resetxlog> not noticing
that there is an active postmaster using the data directory.
Fix libpq>'s lo_import()> and
lo_export()> functions to report file I/O errors properly
(Tom Lane)
Fix ecpg>'s processing of nested structure pointer
variables (Muhammad Usama)
Make contrib/pageinspect>'s btree page inspection
functions take buffer locks while examining pages (Tom Lane)
Fix pgxs> support for building loadable modules on AIX
(Tom Lane)
Building modules outside the original source tree didn't work on AIX.
Update time zone data files to tzdata> release 2012j
for DST law changes in Cuba, Israel, Jordan, Libya, Palestine, Western
Samoa, and portions of Brazil.
Release 8.3.21Release Date2012-09-24
This release contains a variety of fixes from 8.3.20.
For information about new features in the 8.3 major release, see
.
The PostgreSQL> community will stop releasing updates
for the 8.3.X release series in February 2013.
Users are encouraged to update to a newer release branch soon.
Migration to Version 8.3.21
A dump/restore is not required for those running 8.3.X.
However, if you are upgrading from a version earlier than 8.3.17,
see .
Changes
Improve page-splitting decisions in GiST indexes (Alexander Korotkov,
Robert Haas, Tom Lane)
Multi-column GiST indexes might suffer unexpected bloat due to this
error.
Fix cascading privilege revoke to stop if privileges are still held
(Tom Lane)
If we revoke a grant option from some role X>, but
X> still holds that option via a grant from someone
else, we should not recursively revoke the corresponding privilege
from role(s) Y> that X> had granted it
to.
Fix handling of SIGFPE> when PL/Perl is in use (Andres Freund)
Perl resets the process's SIGFPE> handler to
SIG_IGN>, which could result in crashes later on. Restore
the normal Postgres signal handler after initializing PL/Perl.
Prevent PL/Perl from crashing if a recursive PL/Perl function is
redefined while being executed (Tom Lane)
Work around possible misoptimization in PL/Perl (Tom Lane)
Some Linux distributions contain an incorrect version of
pthread.h> that results in incorrect compiled code in
PL/Perl, leading to crashes if a PL/Perl function calls another one
that throws an error.
Update time zone data files to tzdata> release 2012f
for DST law changes in Fiji
Release 8.3.20Release Date2012-08-17
This release contains a variety of fixes from 8.3.19.
For information about new features in the 8.3 major release, see
.
The PostgreSQL> community will stop releasing updates
for the 8.3.X release series in February 2013.
Users are encouraged to update to a newer release branch soon.
Migration to Version 8.3.20
A dump/restore is not required for those running 8.3.X.
However, if you are upgrading from a version earlier than 8.3.17,
see .
Changes
Prevent access to external files/URLs via XML entity references
(Noah Misch, Tom Lane)
xml_parse()> would attempt to fetch external files or
URLs as needed to resolve DTD and entity references in an XML value,
thus allowing unprivileged database users to attempt to fetch data
with the privileges of the database server. While the external data
wouldn't get returned directly to the user, portions of it could be
exposed in error messages if the data didn't parse as valid XML; and
in any case the mere ability to check existence of a file might be
useful to an attacker. (CVE-2012-3489)
Prevent access to external files/URLs via contrib/xml2>'s
xslt_process()> (Peter Eisentraut)
libxslt> offers the ability to read and write both
files and URLs through stylesheet commands, thus allowing
unprivileged database users to both read and write data with the
privileges of the database server. Disable that through proper use
of libxslt>'s security options. (CVE-2012-3488)
Also, remove xslt_process()>'s ability to fetch documents
and stylesheets from external files/URLs. While this was a
documented feature>, it was long regarded as a bad idea.
The fix for CVE-2012-3489 broke that capability, and rather than
expend effort on trying to fix it, we're just going to summarily
remove it.
Prevent too-early recycling of btree index pages (Noah Misch)
When we allowed read-only transactions to skip assigning XIDs, we
introduced the possibility that a deleted btree page could be
recycled while a read-only transaction was still in flight to it.
This would result in incorrect index search results. The probability
of such an error occurring in the field seems very low because of the
timing requirements, but nonetheless it should be fixed.
Fix crash-safety bug with newly-created-or-reset sequences (Tom Lane)
If ALTER SEQUENCE> was executed on a freshly created or
reset sequence, and then precisely one nextval()> call
was made on it, and then the server crashed, WAL replay would restore
the sequence to a state in which it appeared that no
nextval()> had been done, thus allowing the first
sequence value to be returned again by the next
nextval()> call. In particular this could manifest for
serial> columns, since creation of a serial column's sequence
includes an ALTER SEQUENCE OWNED BY> step.
Ensure the backup_label> file is fsync'd after
pg_start_backup()> (Dave Kerr)
Back-patch 9.1 improvement to compress the fsync request queue
(Robert Haas)
This improves performance during checkpoints. The 9.1 change
has now seen enough field testing to seem safe to back-patch.
Only allow autovacuum to be auto-canceled by a directly blocked
process (Tom Lane)
The original coding could allow inconsistent behavior in some cases;
in particular, an autovacuum could get canceled after less than
deadlock_timeout> grace period.
Improve logging of autovacuum cancels (Robert Haas)
Fix log collector so that log_truncate_on_rotation> works
during the very first log rotation after server start (Tom Lane)
Ensure that a whole-row reference to a subquery doesn't include any
extra GROUP BY> or ORDER BY> columns (Tom Lane)
Disallow copying whole-row references in CHECK>
constraints and index definitions during CREATE TABLE>
(Tom Lane)
This situation can arise in CREATE TABLE> with
LIKE> or INHERITS>. The copied whole-row
variable was incorrectly labeled with the row type of the original
table not the new one. Rejecting the case seems reasonable for
LIKE>, since the row types might well diverge later. For
INHERITS> we should ideally allow it, with an implicit
coercion to the parent table's row type; but that will require more
work than seems safe to back-patch.
Fix memory leak in ARRAY(SELECT ...)> subqueries (Heikki
Linnakangas, Tom Lane)
Fix extraction of common prefixes from regular expressions (Tom Lane)
The code could get confused by quantified parenthesized
subexpressions, such as ^(foo)?bar>. This would lead to
incorrect index optimization of searches for such patterns.
Report errors properly in contrib/xml2>'s
xslt_process()> (Tom Lane)
Update time zone data files to tzdata> release 2012e
for DST law changes in Morocco and Tokelau
Release 8.3.19Release Date2012-06-04
This release contains a variety of fixes from 8.3.18.
For information about new features in the 8.3 major release, see
.
Migration to Version 8.3.19
A dump/restore is not required for those running 8.3.X.
However, if you are upgrading from a version earlier than 8.3.17,
see .
Changes
Fix incorrect password transformation in
contrib/pgcrypto>'s DES crypt()> function
(Solar Designer)
If a password string contained the byte value 0x80>, the
remainder of the password was ignored, causing the password to be much
weaker than it appeared. With this fix, the rest of the string is
properly included in the DES hash. Any stored password values that are
affected by this bug will thus no longer match, so the stored values may
need to be updated. (CVE-2012-2143)
Ignore SECURITY DEFINER> and SET> attributes for
a procedural language's call handler (Tom Lane)
Applying such attributes to a call handler could crash the server.
(CVE-2012-2655)
Allow numeric timezone offsets in timestamp> input to be up to
16 hours away from UTC (Tom Lane)
Some historical time zones have offsets larger than 15 hours, the
previous limit. This could result in dumped data values being rejected
during reload.
Fix timestamp conversion to cope when the given time is exactly the
last DST transition time for the current timezone (Tom Lane)
This oversight has been there a long time, but was not noticed
previously because most DST-using zones are presumed to have an
indefinite sequence of future DST transitions.
Fix text> to name> and char> to name>
casts to perform string truncation correctly in multibyte encodings
(Karl Schnaitter)
Fix memory copying bug in to_tsquery()> (Heikki Linnakangas)
Fix slow session startup when pg_attribute> is very large
(Tom Lane)
If pg_attribute> exceeds one-fourth of
shared_buffers>, cache rebuilding code that is sometimes
needed during session start would trigger the synchronized-scan logic,
causing it to take many times longer than normal. The problem was
particularly acute if many new sessions were starting at once.
Ensure sequential scans check for query cancel reasonably often (Merlin
Moncure)
A scan encountering many consecutive pages that contain no live tuples
would not respond to interrupts meanwhile.
Ensure the Windows implementation of PGSemaphoreLock()>
clears ImmediateInterruptOK> before returning (Tom Lane)
This oversight meant that a query-cancel interrupt received later
in the same query could be accepted at an unsafe time, with
unpredictable but not good consequences.
Show whole-row variables safely when printing views or rules
(Abbas Butt, Tom Lane)
Corner cases involving ambiguous names (that is, the name could be
either a table or column name of the query) were printed in an
ambiguous way, risking that the view or rule would be interpreted
differently after dump and reload. Avoid the ambiguous case by
attaching a no-op cast.
Ensure autovacuum worker processes perform stack depth checking
properly (Heikki Linnakangas)
Previously, infinite recursion in a function invoked by
auto-ANALYZE> could crash worker processes.
Fix logging collector to not lose log coherency under high load (Andrew
Dunstan)
The collector previously could fail to reassemble large messages if it
got too busy.
Fix logging collector to ensure it will restart file rotation
after receiving SIGHUP> (Tom Lane)
Fix PL/pgSQL's GET DIAGNOSTICS> command when the target
is the function's first variable (Tom Lane)
Fix several performance problems in pg_dump> when
the database contains many objects (Jeff Janes, Tom Lane)
pg_dump> could get very slow if the database contained
many schemas, or if many objects are in dependency loops, or if there
are many owned sequences.
Fix contrib/dblink>'s dblink_exec()> to not leak
temporary database connections upon error (Tom Lane)
Update time zone data files to tzdata> release 2012c
for DST law changes in Antarctica, Armenia, Chile, Cuba, Falkland
Islands, Gaza, Haiti, Hebron, Morocco, Syria, and Tokelau Islands;
also historical corrections for Canada.
Release 8.3.18Release Date2012-02-27
This release contains a variety of fixes from 8.3.17.
For information about new features in the 8.3 major release, see
.
Migration to Version 8.3.18
A dump/restore is not required for those running 8.3.X.
However, if you are upgrading from a version earlier than 8.3.17,
see .
Changes
Require execute permission on the trigger function for
CREATE TRIGGER> (Robert Haas)
This missing check could allow another user to execute a trigger
function with forged input data, by installing it on a table he owns.
This is only of significance for trigger functions marked
SECURITY DEFINER>, since otherwise trigger functions run
as the table owner anyway. (CVE-2012-0866)
Convert newlines to spaces in names written in pg_dump>
comments (Robert Haas)
pg_dump> was incautious about sanitizing object names
that are emitted within SQL comments in its output script. A name
containing a newline would at least render the script syntactically
incorrect. Maliciously crafted object names could present a SQL
injection risk when the script is reloaded. (CVE-2012-0868)
Fix btree index corruption from insertions concurrent with vacuuming
(Tom Lane)
An index page split caused by an insertion could sometimes cause a
concurrently-running VACUUM> to miss removing index entries
that it should remove. After the corresponding table rows are removed,
the dangling index entries would cause errors (such as could not
read block N in file ...>) or worse, silently wrong query results
after unrelated rows are re-inserted at the now-free table locations.
This bug has been present since release 8.2, but occurs so infrequently
that it was not diagnosed until now. If you have reason to suspect
that it has happened in your database, reindexing the affected index
will fix things.
Allow non-existent values for some settings in ALTER
USER/DATABASE SET> (Heikki Linnakangas)
Allow default_text_search_config>,
default_tablespace>, and temp_tablespaces> to be
set to names that are not known. This is because they might be known
in another database where the setting is intended to be used, or for the
tablespace cases because the tablespace might not be created yet. The
same issue was previously recognized for search_path>, and
these settings now act like that one.
Track the OID counter correctly during WAL replay, even when it wraps
around (Tom Lane)
Previously the OID counter would remain stuck at a high value until the
system exited replay mode. The practical consequences of that are
usually nil, but there are scenarios wherein a standby server that's
been promoted to master might take a long time to advance the OID
counter to a reasonable value once values are needed.
Fix regular expression back-references with *> attached
(Tom Lane)
Rather than enforcing an exact string match, the code would effectively
accept any string that satisfies the pattern sub-expression referenced
by the back-reference symbol.
A similar problem still afflicts back-references that are embedded in a
larger quantified expression, rather than being the immediate subject
of the quantifier. This will be addressed in a future
PostgreSQL> release.
Fix recently-introduced memory leak in processing of
inet>/cidr> values (Heikki Linnakangas)
A patch in the December 2011 releases of PostgreSQL>
caused memory leakage in these operations, which could be significant
in scenarios such as building a btree index on such a column.
Avoid double close of file handle in syslogger on Windows (MauMau)
Ordinarily this error was invisible, but it would cause an exception
when running on a debug version of Windows.
Fix I/O-conversion-related memory leaks in plpgsql
(Andres Freund, Jan Urbanski, Tom Lane)
Certain operations would leak memory until the end of the current
function.
Improve pg_dump>'s handling of inherited table columns
(Tom Lane)
pg_dump> mishandled situations where a child column has
a different default expression than its parent column. If the default
is textually identical to the parent's default, but not actually the
same (for instance, because of schema search path differences) it would
not be recognized as different, so that after dump and restore the
child would be allowed to inherit the parent's default. Child columns
that are NOT NULL> where their parent is not could also be
restored subtly incorrectly.
Fix pg_restore>'s direct-to-database mode for
INSERT-style table data (Tom Lane)
Direct-to-database restores from archive files made with
Fix error in contrib/intarray>'s int[] &
int[]> operator (Guillaume Lelarge)
If the smallest integer the two input arrays have in common is 1,
and there are smaller values in either array, then 1 would be
incorrectly omitted from the result.
Fix error detection in contrib/pgcrypto>'s
encrypt_iv()> and decrypt_iv()>
(Marko Kreen)
These functions failed to report certain types of invalid-input errors,
and would instead return random garbage values for incorrect input.
Fix one-byte buffer overrun in contrib/test_parser>
(Paul Guyot)
The code would try to read one more byte than it should, which would
crash in corner cases.
Since contrib/test_parser> is only example code, this is
not a security issue in itself, but bad example code is still bad.
Use __sync_lock_test_and_set()> for spinlocks on ARM, if
available (Martin Pitt)
This function replaces our previous use of the SWPB>
instruction, which is deprecated and not available on ARMv6 and later.
Reports suggest that the old code doesn't fail in an obvious way on
recent ARM boards, but simply doesn't interlock concurrent accesses,
leading to bizarre failures in multiprocess operation.
Use
This prevents assorted scenarios wherein recent versions of gcc will
produce creative results.
Allow use of threaded Python on FreeBSD (Chris Rees)
Our configure script previously believed that this combination wouldn't
work; but FreeBSD fixed the problem, so remove that error check.
Release 8.3.17Release Date2011-12-05
This release contains a variety of fixes from 8.3.16.
For information about new features in the 8.3 major release, see
.
Migration to Version 8.3.17
A dump/restore is not required for those running 8.3.X.
However, a longstanding error was discovered in the definition of the
information_schema.referential_constraints> view. If you
rely on correct results from that view, you should replace its
definition as explained in the first changelog item below.
Also, if you are upgrading from a version earlier than 8.3.8,
see .
Changes
Fix bugs in information_schema.referential_constraints> view
(Tom Lane)
This view was being insufficiently careful about matching the
foreign-key constraint to the depended-on primary or unique key
constraint. That could result in failure to show a foreign key
constraint at all, or showing it multiple times, or claiming that it
depends on a different constraint than the one it really does.
Since the view definition is installed by initdb>,
merely upgrading will not fix the problem. If you need to fix this
in an existing installation, you can (as a superuser) drop the
information_schema> schema then re-create it by sourcing
SHAREDIR>/information_schema.sql.
(Run pg_config --sharedir> if you're uncertain where
SHAREDIR> is.) This must be repeated in each database
to be fixed.
Fix TOAST-related data corruption during CREATE TABLE dest AS
SELECT * FROM src> or INSERT INTO dest SELECT * FROM src>
(Tom Lane)
If a table has been modified by ALTER TABLE ADD COLUMN>,
attempts to copy its data verbatim to another table could produce
corrupt results in certain corner cases.
The problem can only manifest in this precise form in 8.4 and later,
but we patched earlier versions as well in case there are other code
paths that could trigger the same bug.
Fix race condition during toast table access from stale syscache entries
(Tom Lane)
The typical symptom was transient errors like missing chunk
number 0 for toast value NNNNN in pg_toast_2619>, where the cited
toast table would always belong to a system catalog.
Make DatumGetInetP()> unpack inet datums that have a 1-byte
header, and add a new macro, DatumGetInetPP()>, that does
not (Heikki Linnakangas)
This change affects no core code, but might prevent crashes in add-on
code that expects DatumGetInetP()> to produce an unpacked
datum as per usual convention.
Improve locale support in money> type's input and output
(Tom Lane)
Aside from not supporting all standard
lc_monetary>
formatting options, the input and output functions were inconsistent,
meaning there were locales in which dumped money> values could
not be re-read.
Don't let transform_null_equals>
affect CASE foo WHEN NULL ...> constructs
(Heikki Linnakangas)
transform_null_equals> is only supposed to affect
foo = NULL> expressions written directly by the user, not
equality checks generated internally by this form of CASE>.
Change foreign-key trigger creation order to better support
self-referential foreign keys (Tom Lane)
For a cascading foreign key that references its own table, a row update
will fire both the ON UPDATE> trigger and the
CHECK> trigger as one event. The ON UPDATE>
trigger must execute first, else the CHECK> will check a
non-final state of the row and possibly throw an inappropriate error.
However, the firing order of these triggers is determined by their
names, which generally sort in creation order since the triggers have
auto-generated names following the convention
RI_ConstraintTrigger_NNNN>. A proper fix would require
modifying that convention, which we will do in 9.2, but it seems risky
to change it in existing releases. So this patch just changes the
creation order of the triggers. Users encountering this type of error
should drop and re-create the foreign key constraint to get its
triggers into the right order.
Avoid floating-point underflow while tracking buffer allocation rate
(Greg Matthews)
While harmless in itself, on certain platforms this would result in
annoying kernel log messages.
Preserve blank lines within commands in psql>'s command
history (Robert Haas)
The former behavior could cause problems if an empty line was removed
from within a string literal, for example.
Fix pg_dump> to dump user-defined casts between
auto-generated types, such as table rowtypes (Tom Lane)
Use the preferred version of xsubpp> to build PL/Perl,
not necessarily the operating system's main copy
(David Wheeler and Alex Hunsaker)
Fix incorrect coding in contrib/dict_int> and
contrib/dict_xsyn> (Tom Lane)
Some functions incorrectly assumed that memory returned by
palloc()> is guaranteed zeroed.
Honor query cancel interrupts promptly in pgstatindex()>
(Robert Haas)
Ensure VPATH builds properly install all server header files
(Peter Eisentraut)
Shorten file names reported in verbose error messages (Peter Eisentraut)
Regular builds have always reported just the name of the C file
containing the error message call, but VPATH builds formerly
reported an absolute path name.
Fix interpretation of Windows timezone names for Central America
(Tom Lane)
Map Central America Standard Time> to CST6>, not
CST6CDT>, because DST is generally not observed anywhere in
Central America.
Update time zone data files to tzdata> release 2011n
for DST law changes in Brazil, Cuba, Fiji, Palestine, Russia, and Samoa;
also historical corrections for Alaska and British East Africa.
Release 8.3.16Release Date2011-09-26
This release contains a variety of fixes from 8.3.15.
For information about new features in the 8.3 major release, see
.
Migration to Version 8.3.16
A dump/restore is not required for those running 8.3.X.
However, if you are upgrading from a version earlier than 8.3.8,
see .
Changes
Fix bugs in indexing of in-doubt HOT-updated tuples (Tom Lane)
These bugs could result in index corruption after reindexing a system
catalog. They are not believed to affect user indexes.
Fix multiple bugs in GiST index page split processing (Heikki
Linnakangas)
The probability of occurrence was low, but these could lead to index
corruption.
Fix possible buffer overrun in tsvector_concat()>
(Tom Lane)
The function could underestimate the amount of memory needed for its
result, leading to server crashes.
Fix crash in xml_recv> when processing a
standalone> parameter (Tom Lane)
Avoid possibly accessing off the end of memory in ANALYZE>
and in SJIS-2004 encoding conversion (Noah Misch)
This fixes some very-low-probability server crash scenarios.
Fix race condition in relcache init file invalidation (Tom Lane)
There was a window wherein a new backend process could read a stale init
file but miss the inval messages that would tell it the data is stale.
The result would be bizarre failures in catalog accesses, typically
could not read block 0 in file ...> later during startup.
Fix memory leak at end of a GiST index scan (Tom Lane)
Commands that perform many separate GiST index scans, such as
verification of a new GiST-based exclusion constraint on a table
already containing many rows, could transiently require large amounts of
memory due to this leak.
Fix performance problem when constructing a large, lossy bitmap
(Tom Lane)
Fix array- and path-creating functions to ensure padding bytes are
zeroes (Tom Lane)
This avoids some situations where the planner will think that
semantically-equal constants are not equal, resulting in poor
optimization.
Work around gcc 4.6.0 bug that breaks WAL replay (Tom Lane)
This could lead to loss of committed transactions after a server crash.
Fix dump bug for VALUES> in a view (Tom Lane)
Disallow SELECT FOR UPDATE/SHARE> on sequences (Tom Lane)
This operation doesn't work as expected and can lead to failures.
Defend against integer overflow when computing size of a hash table (Tom
Lane)
Fix cases where CLUSTER> might attempt to access
already-removed TOAST data (Tom Lane)
Fix portability bugs in use of credentials control messages for
peer> authentication (Tom Lane)
Fix SSPI login when multiple roundtrips are required (Ahmed Shinwari,
Magnus Hagander)
The typical symptom of this problem was The function requested is
not supported> errors during SSPI login.
Fix typo in pg_srand48> seed initialization (Andres Freund)
This led to failure to use all bits of the provided seed. This function
is not used on most platforms (only those without srandom>),
and the potential security exposure from a less-random-than-expected
seed seems minimal in any case.
Avoid integer overflow when the sum of LIMIT> and
OFFSET> values exceeds 2^63 (Heikki Linnakangas)
Add overflow checks to int4> and int8> versions of
generate_series()> (Robert Haas)
Fix trailing-zero removal in to_char()> (Marti Raudsepp)
In a format with FM> and no digit positions
after the decimal point, zeroes to the left of the decimal point could
be removed incorrectly.
Fix pg_size_pretty()> to avoid overflow for inputs close to
2^63 (Tom Lane)
In pg_ctl>, support silent mode for service registrations
on Windows (MauMau)
Fix psql>'s counting of script file line numbers during
COPY> from a different file (Tom Lane)
Fix pg_restore>'s direct-to-database mode for
standard_conforming_strings> (Tom Lane)
pg_restore> could emit incorrect commands when restoring
directly to a database server from an archive file that had been made
with standard_conforming_strings> set to on>.
Fix write-past-buffer-end and memory leak in libpq>'s
LDAP service lookup code (Albe Laurenz)
In libpq>, avoid failures when using nonblocking I/O
and an SSL connection (Martin Pihlak, Tom Lane)
Improve libpq's handling of failures during connection startup
(Tom Lane)
In particular, the response to a server report of fork()>
failure during SSL connection startup is now saner.
Improve libpq>'s error reporting for SSL failures (Tom
Lane)
Make ecpglib> write double> values with 15 digits
precision (Akira Kurosawa)
In ecpglib>, be sure LC_NUMERIC> setting is
restored after an error (Michael Meskes)
Apply upstream fix for blowfish signed-character bug (CVE-2011-2483)
(Tom Lane)
contrib/pg_crypto>'s blowfish encryption code could give
wrong results on platforms where char is signed (which is most),
leading to encrypted passwords being weaker than they should be.
Fix memory leak in contrib/seg> (Heikki Linnakangas)
Fix pgstatindex()> to give consistent results for empty
indexes (Tom Lane)
Allow building with perl 5.14 (Alex Hunsaker)
Update configure script's method for probing existence of system
functions (Tom Lane)
The version of autoconf we used in 8.3 and 8.2 could be fooled by
compilers that perform link-time optimization.
Fix assorted issues with build and install file paths containing spaces
(Tom Lane)
Update time zone data files to tzdata> release 2011i
for DST law changes in Canada, Egypt, Russia, Samoa, and South Sudan.
Release 8.3.15Release Date2011-04-18
This release contains a variety of fixes from 8.3.14.
For information about new features in the 8.3 major release, see
.
Migration to Version 8.3.15
A dump/restore is not required for those running 8.3.X.
However, if you are upgrading from a version earlier than 8.3.8,
see .
Changes
Disallow including a composite type in itself (Tom Lane)
This prevents scenarios wherein the server could recurse infinitely
while processing the composite type. While there are some possible
uses for such a structure, they don't seem compelling enough to
justify the effort required to make sure it always works safely.
Avoid potential deadlock during catalog cache initialization
(Nikhil Sontakke)
In some cases the cache loading code would acquire share lock on a
system index before locking the index's catalog. This could deadlock
against processes trying to acquire exclusive locks in the other,
more standard order.
Fix dangling-pointer problem in BEFORE ROW UPDATE> trigger
handling when there was a concurrent update to the target tuple
(Tom Lane)
This bug has been observed to result in intermittent cannot
extract system attribute from virtual tuple> failures while trying to
do UPDATE RETURNING ctid>. There is a very small probability
of more serious errors, such as generating incorrect index entries for
the updated tuple.
Disallow DROP TABLE> when there are pending deferred trigger
events for the table (Tom Lane)
Formerly the DROP> would go through, leading to
could not open relation with OID nnn> errors when the
triggers were eventually fired.
Fix PL/Python memory leak involving array slices (Daniel Popowich)
Fix pg_restore> to cope with long lines (over 1KB) in
TOC files (Tom Lane)
Put in more safeguards against crashing due to division-by-zero
with overly enthusiastic compiler optimization (Aurelien Jarno)
Support use of dlopen() in FreeBSD and OpenBSD on MIPS (Tom Lane)
There was a hard-wired assumption that this system function was not
available on MIPS hardware on these systems. Use a compile-time test
instead, since more recent versions have it.
Fix compilation failures on HP-UX (Heikki Linnakangas)
Fix version-incompatibility problem with libintl> on
Windows (Hiroshi Inoue)
Fix usage of xcopy> in Windows build scripts to
work correctly under Windows 7 (Andrew Dunstan)
This affects the build scripts only, not installation or usage.
Fix path separator used by pg_regress> on Cygwin
(Andrew Dunstan)
Update time zone data files to tzdata> release 2011f
for DST law changes in Chile, Cuba, Falkland Islands, Morocco, Samoa,
and Turkey; also historical corrections for South Australia, Alaska,
and Hawaii.
Release 8.3.14Release Date2011-01-31
This release contains a variety of fixes from 8.3.13.
For information about new features in the 8.3 major release, see
.
Migration to Version 8.3.14
A dump/restore is not required for those running 8.3.X.
However, if you are upgrading from a version earlier than 8.3.8,
see .
Changes
Avoid failures when EXPLAIN> tries to display a simple-form
CASE> expression (Tom Lane)
If the CASE>'s test expression was a constant, the planner
could simplify the CASE> into a form that confused the
expression-display code, resulting in unexpected CASE WHEN
clause> errors.
Fix assignment to an array slice that is before the existing range
of subscripts (Tom Lane)
If there was a gap between the newly added subscripts and the first
pre-existing subscript, the code miscalculated how many entries needed
to be copied from the old array's null bitmap, potentially leading to
data corruption or crash.
Avoid unexpected conversion overflow in planner for very distant date
values (Tom Lane)
The date> type supports a wider range of dates than can be
represented by the timestamp> types, but the planner assumed it
could always convert a date to timestamp with impunity.
Fix pg_restore>'s text output for large objects (BLOBs)
when standard_conforming_strings> is on (Tom Lane)
Although restoring directly to a database worked correctly, string
escaping was incorrect if pg_restore> was asked for
SQL text output and standard_conforming_strings> had been
enabled in the source database.
Fix erroneous parsing of tsquery> values containing
... & !(subexpression) | ... (Tom Lane)
Queries containing this combination of operators were not executed
correctly. The same error existed in contrib/intarray>'s
query_int> type and contrib/ltree>'s
ltxtquery> type.
Fix buffer overrun in contrib/intarray>'s input function
for the query_int> type (Apple)
This bug is a security risk since the function's return address could
be overwritten. Thanks to Apple Inc's security team for reporting this
issue and supplying the fix. (CVE-2010-4015)
Fix bug in contrib/seg>'s GiST picksplit algorithm
(Alexander Korotkov)
This could result in considerable inefficiency, though not actually
incorrect answers, in a GiST index on a seg> column.
If you have such an index, consider REINDEX>ing it after
installing this update. (This is identical to the bug that was fixed in
contrib/cube> in the previous update.)
Release 8.3.13Release Date2010-12-16
This release contains a variety of fixes from 8.3.12.
For information about new features in the 8.3 major release, see
.
Migration to Version 8.3.13
A dump/restore is not required for those running 8.3.X.
However, if you are upgrading from a version earlier than 8.3.8,
see .
Changes
Force the default
wal_sync_method>
to be fdatasync> on Linux (Tom Lane, Marti Raudsepp)
The default on Linux has actually been fdatasync> for many
years, but recent kernel changes caused PostgreSQL> to
choose open_datasync> instead. This choice did not result
in any performance improvement, and caused outright failures on
certain filesystems, notably ext4> with the
data=journal> mount option.
Fix assorted bugs in WAL replay logic for GIN indexes (Tom Lane)
This could result in bad buffer id: 0> failures or
corruption of index contents during replication.
Fix recovery from base backup when the starting checkpoint WAL record
is not in the same WAL segment as its redo point (Jeff Davis)
Fix persistent slowdown of autovacuum workers when multiple workers
remain active for a long time (Tom Lane)
The effective vacuum_cost_limit> for an autovacuum worker
could drop to nearly zero if it processed enough tables, causing it
to run extremely slowly.
Add support for detecting register-stack overrun on IA64>
(Tom Lane)
The IA64> architecture has two hardware stacks. Full
prevention of stack-overrun failures requires checking both.
Add a check for stack overflow in copyObject()> (Tom Lane)
Certain code paths could crash due to stack overflow given a
sufficiently complex query.
Fix detection of page splits in temporary GiST indexes (Heikki
Linnakangas)
It is possible to have a concurrent> page split in a
temporary index, if for example there is an open cursor scanning the
index when an insertion is done. GiST failed to detect this case and
hence could deliver wrong results when execution of the cursor
continued.
Avoid memory leakage while ANALYZE>'ing complex index
expressions (Tom Lane)
Ensure an index that uses a whole-row Var still depends on its table
(Tom Lane)
An index declared like create index i on t (foo(t.*))>
would not automatically get dropped when its table was dropped.
Do not inline> a SQL function with multiple OUT>
parameters (Tom Lane)
This avoids a possible crash due to loss of information about the
expected result rowtype.
Behave correctly if ORDER BY>, LIMIT>,
FOR UPDATE>, or WITH> is attached to the
VALUES> part of INSERT ... VALUES> (Tom Lane)
Fix constant-folding of COALESCE()> expressions (Tom Lane)
The planner would sometimes attempt to evaluate sub-expressions that
in fact could never be reached, possibly leading to unexpected errors.
Fix postmaster crash when connection acceptance
(accept()> or one of the calls made immediately after it)
fails, and the postmaster was compiled with GSSAPI support (Alexander
Chernikov)
Fix missed unlink of temporary files when log_temp_files>
is active (Tom Lane)
If an error occurred while attempting to emit the log message, the
unlink was not done, resulting in accumulation of temp files.
Add print functionality for InhRelation> nodes (Tom Lane)
This avoids a failure when debug_print_parse> is enabled
and certain types of query are executed.
Fix incorrect calculation of distance from a point to a horizontal
line segment (Tom Lane)
This bug affected several different geometric distance-measurement
operators.
Fix PL/pgSQL>'s handling of simple>
expressions to not fail in recursion or error-recovery cases (Tom Lane)
Fix PL/Python>'s handling of set-returning functions
(Jan Urbanski)
Attempts to call SPI functions within the iterator generating a set
result would fail.
Fix bug in contrib/cube>'s GiST picksplit algorithm
(Alexander Korotkov)
This could result in considerable inefficiency, though not actually
incorrect answers, in a GiST index on a cube> column.
If you have such an index, consider REINDEX>ing it after
installing this update.
Don't emit identifier will be truncated> notices in
contrib/dblink> except when creating new connections
(Itagaki Takahiro)
Fix potential coredump on missing public key in
contrib/pgcrypto> (Marti Raudsepp)
Fix memory leak in contrib/xml2>'s XPath query functions
(Tom Lane)
Update time zone data files to tzdata> release 2010o
for DST law changes in Fiji and Samoa;
also historical corrections for Hong Kong.
Release 8.3.12Release Date2010-10-04
This release contains a variety of fixes from 8.3.11.
For information about new features in the 8.3 major release, see
.
Migration to Version 8.3.12
A dump/restore is not required for those running 8.3.X.
However, if you are upgrading from a version earlier than 8.3.8,
see .
Changes
Use a separate interpreter for each calling SQL userid in PL/Perl and
PL/Tcl (Tom Lane)
This change prevents security problems that can be caused by subverting
Perl or Tcl code that will be executed later in the same session under
another SQL user identity (for example, within a SECURITY
DEFINER> function). Most scripting languages offer numerous ways that
that might be done, such as redefining standard functions or operators
called by the target function. Without this change, any SQL user with
Perl or Tcl language usage rights can do essentially anything with the
SQL privileges of the target function's owner.
The cost of this change is that intentional communication among Perl
and Tcl functions becomes more difficult. To provide an escape hatch,
PL/PerlU and PL/TclU functions continue to use only one interpreter
per session. This is not considered a security issue since all such
functions execute at the trust level of a database superuser already.
It is likely that third-party procedural languages that claim to offer
trusted execution have similar security issues. We advise contacting
the authors of any PL you are depending on for security-critical
purposes.
Our thanks to Tim Bunce for pointing out this issue (CVE-2010-3433).
Prevent possible crashes in pg_get_expr()> by disallowing
it from being called with an argument that is not one of the system
catalog columns it's intended to be used with
(Heikki Linnakangas, Tom Lane)
Treat exit code 128 (ERROR_WAIT_NO_CHILDREN>) as non-fatal on
Windows (Magnus Hagander)
Under high load, Windows processes will sometimes fail at startup with
this error code. Formerly the postmaster treated this as a panic
condition and restarted the whole database, but that seems to be
an overreaction.
Fix incorrect usage of non-strict OR joinclauses in Append indexscans
(Tom Lane)
This is a back-patch of an 8.4 fix that was missed in the 8.3 branch.
This corrects an error introduced in 8.3.8 that could cause incorrect
results for outer joins when the inner relation is an inheritance tree
or UNION ALL> subquery.
Fix possible duplicate scans of UNION ALL> member relations
(Tom Lane)
Fix cannot handle unplanned sub-select error (Tom Lane)
This occurred when a sub-select contains a join alias reference that
expands into an expression containing another sub-select.
Fix failure to mark cached plans as transient (Tom Lane)
If a plan is prepared while CREATE INDEX CONCURRENTLY> is
in progress for one of the referenced tables, it is supposed to be
re-planned once the index is ready for use. This was not happening
reliably.
Reduce PANIC to ERROR in some occasionally-reported btree failure cases,
and provide additional detail in the resulting error messages
(Tom Lane)
This should improve the system's robustness with corrupted indexes.
Prevent show_session_authorization() from crashing within autovacuum
processes (Tom Lane)
Defend against functions returning setof record where not all the
returned rows are actually of the same rowtype (Tom Lane)
Fix possible failure when hashing a pass-by-reference function result
(Tao Ma, Tom Lane)
Improve merge join's handling of NULLs in the join columns (Tom Lane)
A merge join can now stop entirely upon reaching the first NULL,
if the sort order is such that NULLs sort high.
Take care to fsync the contents of lockfiles (both
postmaster.pid> and the socket lockfile) while writing them
(Tom Lane)
This omission could result in corrupted lockfile contents if the
machine crashes shortly after postmaster start. That could in turn
prevent subsequent attempts to start the postmaster from succeeding,
until the lockfile is manually removed.
Avoid recursion while assigning XIDs to heavily-nested
subtransactions (Andres Freund, Robert Haas)
The original coding could result in a crash if there was limited
stack space.
Avoid holding open old WAL segments in the walwriter process
(Magnus Hagander, Heikki Linnakangas)
The previous coding would prevent removal of no-longer-needed segments.
Fix log_line_prefix>'s %i> escape,
which could produce junk early in backend startup (Tom Lane)
Fix possible data corruption in ALTER TABLE ... SET
TABLESPACE> when archiving is enabled (Jeff Davis)
Allow CREATE DATABASE> and ALTER DATABASE ... SET
TABLESPACE> to be interrupted by query-cancel (Guillaume Lelarge)
Fix REASSIGN OWNED> to handle operator classes and families
(Asko Tiidumaa)
Fix possible core dump when comparing two empty tsquery> values
(Tom Lane)
Fix LIKE>'s handling of patterns containing %>
followed by _> (Tom Lane)
We've fixed this before, but there were still some incorrectly-handled
cases.
In PL/Python, defend against null pointer results from
PyCObject_AsVoidPtr> and PyCObject_FromVoidPtr>
(Peter Eisentraut)
Make psql recognize DISCARD ALL> as a command that should
not be encased in a transaction block in autocommit-off mode
(Itagaki Takahiro)
Fix ecpg> to process data from RETURNING>
clauses correctly (Michael Meskes)
Improve contrib/dblink>'s handling of tables containing
dropped columns (Tom Lane)
Fix connection leak after duplicate connection name
errors in contrib/dblink> (Itagaki Takahiro)
Fix contrib/dblink> to handle connection names longer than
62 bytes correctly (Itagaki Takahiro)
Add hstore(text, text)>
function to contrib/hstore> (Robert Haas)
This function is the recommended substitute for the now-deprecated
=>> operator. It was back-patched so that future-proofed
code can be used with older server versions. Note that the patch will
be effective only after contrib/hstore> is installed or
reinstalled in a particular database. Users might prefer to execute
the CREATE FUNCTION> command by hand, instead.
Update build infrastructure and documentation to reflect the source code
repository's move from CVS to Git (Magnus Hagander and others)
Update time zone data files to tzdata> release 2010l
for DST law changes in Egypt and Palestine; also historical corrections
for Finland.
This change also adds new names for two Micronesian timezones:
Pacific/Chuuk is now preferred over Pacific/Truk (and the preferred
abbreviation is CHUT not TRUT) and Pacific/Pohnpei is preferred over
Pacific/Ponape.
Make Windows' N. Central Asia Standard Time> timezone map to
Asia/Novosibirsk, not Asia/Almaty (Magnus Hagander)
Microsoft changed the DST behavior of this zone in the timezone update
from KB976098. Asia/Novosibirsk is a better match to its new behavior.
Release 8.3.11Release Date2010-05-17
This release contains a variety of fixes from 8.3.10.
For information about new features in the 8.3 major release, see
.
Migration to Version 8.3.11
A dump/restore is not required for those running 8.3.X.
However, if you are upgrading from a version earlier than 8.3.8,
see .
Changes
Enforce restrictions in plperl> using an opmask applied to
the whole interpreter, instead of using Safe.pm>
(Tim Bunce, Andrew Dunstan)
Recent developments have convinced us that Safe.pm> is too
insecure to rely on for making plperl> trustable. This
change removes use of Safe.pm> altogether, in favor of using
a separate interpreter with an opcode mask that is always applied.
Pleasant side effects of the change include that it is now possible to
use Perl's strict> pragma in a natural way in
plperl>, and that Perl's $a> and $b>
variables work as expected in sort routines, and that function
compilation is significantly faster. (CVE-2010-1169)
Prevent PL/Tcl from executing untrustworthy code from
pltcl_modules> (Tom)
PL/Tcl's feature for autoloading Tcl code from a database table
could be exploited for trojan-horse attacks, because there was no
restriction on who could create or insert into that table. This change
disables the feature unless pltcl_modules> is owned by a
superuser. (However, the permissions on the table are not checked, so
installations that really need a less-than-secure modules table can
still grant suitable privileges to trusted non-superusers.) Also,
prevent loading code into the unrestricted normal> Tcl
interpreter unless we are really going to execute a pltclu>
function. (CVE-2010-1170)
Fix possible crash if a cache reset message is received during
rebuild of a relcache entry (Heikki)
This error was introduced in 8.3.10 while fixing a related failure.
Apply per-function GUC settings while running the language validator
for the function (Itagaki Takahiro)
This avoids failures if the function's code is invalid without the
setting; an example is that SQL functions may not parse if the
search_path> is not correct.
Do not allow an unprivileged user to reset superuser-only parameter
settings (Alvaro)
Previously, if an unprivileged user ran ALTER USER ... RESET
ALL> for himself, or ALTER DATABASE ... RESET ALL> for
a database he owns, this would remove all special parameter settings
for the user or database, even ones that are only supposed to be
changeable by a superuser. Now, the ALTER> will only
remove the parameters that the user has permission to change.
Avoid possible crash during backend shutdown if shutdown occurs
when a CONTEXT> addition would be made to log entries (Tom)
In some cases the context-printing function would fail because the
current transaction had already been rolled back when it came time
to print a log message.
Ensure the archiver process responds to changes in
archive_command> as soon as possible (Tom)
Update pl/perl's ppport.h> for modern Perl versions
(Andrew)
Fix assorted memory leaks in pl/python (Andreas Freund, Tom)
Prevent infinite recursion in psql> when expanding
a variable that refers to itself (Tom)
Fix psql>'s \copy> to not add spaces around
a dot within \copy (select ...)> (Tom)
Addition of spaces around the decimal point in a numeric literal would
result in a syntax error.
Fix unnecessary GIN indexes do not support whole-index scans>
errors for unsatisfiable queries using contrib/intarray>
operators (Tom)
Ensure that contrib/pgstattuple> functions respond to cancel
interrupts promptly (Tatsuhito Kasahara)
Make server startup deal properly with the case that
shmget()> returns EINVAL> for an existing
shared memory segment (Tom)
This behavior has been observed on BSD-derived kernels including OS X.
It resulted in an entirely-misleading startup failure complaining that
the shared memory request size was too large.
Avoid possible crashes in syslogger process on Windows (Heikki)
Deal more robustly with incomplete time zone information in the
Windows registry (Magnus)
Update the set of known Windows time zone names (Magnus)
Update time zone data files to tzdata> release 2010j
for DST law changes in Argentina, Australian Antarctic, Bangladesh,
Mexico, Morocco, Pakistan, Palestine, Russia, Syria, Tunisia;
also historical corrections for Taiwan.
Also, add PKST> (Pakistan Summer Time) to the default set of
timezone abbreviations.
Release 8.3.10Release Date2010-03-15
This release contains a variety of fixes from 8.3.9.
For information about new features in the 8.3 major release, see
.
Migration to Version 8.3.10
A dump/restore is not required for those running 8.3.X.
However, if you are upgrading from a version earlier than 8.3.8,
see .
Changes
Add new configuration parameter ssl_renegotiation_limit> to
control how often we do session key renegotiation for an SSL connection
(Magnus)
This can be set to zero to disable renegotiation completely, which may
be required if a broken SSL library is used. In particular, some
vendors are shipping stopgap patches for CVE-2009-3555 that cause
renegotiation attempts to fail.
Fix possible deadlock during backend startup (Tom)
Fix possible crashes due to not handling errors during relcache reload
cleanly (Tom)
Fix possible crash due to use of dangling pointer to a cached plan
(Tatsuo)
Fix possible crashes when trying to recover from a failure in
subtransaction start (Tom)
Fix server memory leak associated with use of savepoints and a client
encoding different from server's encoding (Tom)
Fix incorrect WAL data emitted during end-of-recovery cleanup of a GIST
index page split (Yoichi Hirai)
This would result in index corruption, or even more likely an error
during WAL replay, if we were unlucky enough to crash during
end-of-recovery cleanup after having completed an incomplete GIST
insertion.
Make substring()> for bit> types treat any negative
length as meaning all the rest of the string> (Tom)
The previous coding treated only -1 that way, and would produce an
invalid result value for other negative values, possibly leading to
a crash (CVE-2010-0442).
Fix integer-to-bit-string conversions to handle the first fractional
byte correctly when the output bit width is wider than the given
integer by something other than a multiple of 8 bits (Tom)
Fix some cases of pathologically slow regular expression matching (Tom)
Fix assorted crashes in xml> processing caused by sloppy
memory management (Tom)
This is a back-patch of changes first applied in 8.4. The 8.3 code
was known buggy, but the new code was sufficiently different to not
want to back-patch it until it had gotten some field testing.
Fix bug with trying to update a field of an element of a
composite-type array column (Tom)
Fix the STOP WAL LOCATION> entry in backup history files to
report the next WAL segment's name when the end location is exactly at a
segment boundary (Itagaki Takahiro)
Fix some more cases of temporary-file leakage (Heikki)
This corrects a problem introduced in the previous minor release.
One case that failed is when a plpgsql function returning set is
called within another function's exception handler.
Improve constraint exclusion processing of boolean-variable cases,
in particular make it possible to exclude a partition that has a
bool_column = false> constraint (Tom)
When reading pg_hba.conf> and related files, do not treat
@something> as a file inclusion request if the @>
appears inside quote marks; also, never treat @> by itself
as a file inclusion request (Tom)
This prevents erratic behavior if a role or database name starts with
@>. If you need to include a file whose path name
contains spaces, you can still do so, but you must write
@"/path to/file"> rather than putting the quotes around
the whole construct.
Prevent infinite loop on some platforms if a directory is named as
an inclusion target in pg_hba.conf> and related files
(Tom)
Fix possible infinite loop if SSL_read> or
SSL_write> fails without setting errno> (Tom)
This is reportedly possible with some Windows versions of
openssl>.
Disallow GSSAPI> authentication on local connections,
since it requires a hostname to function correctly (Magnus)
Make ecpg> report the proper SQLSTATE if the connection
disappears (Michael)
Fix psql>'s numericlocale> option to not
format strings it shouldn't in latex and troff output formats (Heikki)
Make psql> return the correct exit status (3) when
ON_ERROR_STOP> and --single-transaction> are
both specified and an error occurs during the implied COMMIT>
(Bruce)
Fix plpgsql failure in one case where a composite column is set to NULL
(Tom)
Fix possible failure when calling PL/Perl functions from PL/PerlU
or vice versa (Tim Bunce)
Add volatile> markings in PL/Python to avoid possible
compiler-specific misbehavior (Zdenek Kotala)
Ensure PL/Tcl initializes the Tcl interpreter fully (Tom)
The only known symptom of this oversight is that the Tcl
clock> command misbehaves if using Tcl 8.5 or later.
Prevent crash in contrib/dblink> when too many key
columns are specified to a dblink_build_sql_*> function
(Rushabh Lathia, Joe Conway)
Allow zero-dimensional arrays in contrib/ltree> operations
(Tom)
This case was formerly rejected as an error, but it's more convenient to
treat it the same as a zero-element array. In particular this avoids
unnecessary failures when an ltree> operation is applied to the
result of ARRAY(SELECT ...)> and the sub-select returns no
rows.
Fix assorted crashes in contrib/xml2> caused by sloppy
memory management (Tom)
Make building of contrib/xml2> more robust on Windows
(Andrew)
Fix race condition in Windows signal handling (Radu Ilie)
One known symptom of this bug is that rows in pg_listener>
could be dropped under heavy load.
Update time zone data files to tzdata> release 2010e
for DST law changes in Bangladesh, Chile, Fiji, Mexico, Paraguay, Samoa.
Release 8.3.9Release Date2009-12-14
This release contains a variety of fixes from 8.3.8.
For information about new features in the 8.3 major release, see
.
Migration to Version 8.3.9
A dump/restore is not required for those running 8.3.X.
However, if you are upgrading from a version earlier than 8.3.8,
see .
Changes
Protect against indirect security threats caused by index functions
changing session-local state (Gurjeet Singh, Tom)
This change prevents allegedly-immutable index functions from possibly
subverting a superuser's session (CVE-2009-4136).
Reject SSL certificates containing an embedded null byte in the common
name (CN) field (Magnus)
This prevents unintended matching of a certificate to a server or client
name during SSL validation (CVE-2009-4034).
Fix possible crash during backend-startup-time cache initialization (Tom)
Avoid crash on empty thesaurus dictionary (Tom)
Prevent signals from interrupting VACUUM> at unsafe times
(Alvaro)
This fix prevents a PANIC if a VACUUM FULL> is canceled
after it's already committed its tuple movements, as well as transient
errors if a plain VACUUM> is interrupted after having
truncated the table.
Fix possible crash due to integer overflow in hash table size
calculation (Tom)
This could occur with extremely large planner estimates for the size of
a hashjoin's result.
Fix very rare crash in inet>/cidr> comparisons (Chris
Mikkelson)
Ensure that shared tuple-level locks held by prepared transactions are
not ignored (Heikki)
Fix premature drop of temporary files used for a cursor that is accessed
within a subtransaction (Heikki)
Fix memory leak in syslogger process when rotating to a new CSV logfile
(Tom)
Fix Windows permission-downgrade logic (Jesse Morris)
This fixes some cases where the database failed to start on Windows,
often with misleading error messages such as could not locate
matching postgres executable.
Fix incorrect logic for GiST index page splits, when the split depends
on a non-first column of the index (Paul Ramsey)
Don't error out if recycling or removing an old WAL file fails at the
end of checkpoint (Heikki)
It's better to treat the problem as non-fatal and allow the checkpoint
to complete. Future checkpoints will retry the removal. Such problems
are not expected in normal operation, but have been seen to be
caused by misdesigned Windows anti-virus and backup software.
Ensure WAL files aren't repeatedly archived on Windows (Heikki)
This is another symptom that could happen if some other process
interfered with deletion of a no-longer-needed file.
Fix PAM password processing to be more robust (Tom)
The previous code is known to fail with the combination of the Linux
pam_krb5> PAM module with Microsoft Active Directory as the
domain controller. It might have problems elsewhere too, since it was
making unjustified assumptions about what arguments the PAM stack would
pass to it.
Raise the maximum authentication token (Kerberos ticket) size in GSSAPI
and SSPI authentication methods (Ian Turner)
While the old 2000-byte limit was more than enough for Unix Kerberos
implementations, tickets issued by Windows Domain Controllers can be
much larger.
Re-enable collection of access statistics for sequences (Akira Kurosawa)
This used to work but was broken in 8.3.
Fix processing of ownership dependencies during CREATE OR
REPLACE FUNCTION> (Tom)
Fix incorrect handling of WHERE>
x>=x> conditions (Tom)
In some cases these could get ignored as redundant, but they aren't
— they're equivalent to x> IS NOT NULL>.
Make text search parser accept underscores in XML attributes (Peter)
Fix encoding handling in xml> binary input (Heikki)
If the XML header doesn't specify an encoding, we now assume UTF-8 by
default; the previous handling was inconsistent.
Fix bug with calling plperl> from plperlu> or vice
versa (Tom)
An error exit from the inner function could result in crashes due to
failure to re-select the correct Perl interpreter for the outer function.
Fix session-lifespan memory leak when a PL/Perl function is redefined
(Tom)
Ensure that Perl arrays are properly converted to
PostgreSQL> arrays when returned by a set-returning
PL/Perl function (Andrew Dunstan, Abhijit Menon-Sen)
This worked correctly already for non-set-returning functions.
Fix rare crash in exception processing in PL/Python (Peter)
In contrib/pg_standby>, disable triggering failover with a
signal on Windows (Fujii Masao)
This never did anything useful, because Windows doesn't have Unix-style
signals, but recent changes made it actually crash.
Ensure psql>'s flex module is compiled with the correct
system header definitions (Tom)
This fixes build failures on platforms where
--enable-largefile> causes incompatible changes in the
generated code.
Make the postmaster ignore any application_name> parameter in
connection request packets, to improve compatibility with future libpq
versions (Tom)
Update the timezone abbreviation files to match current reality (Joachim
Wieland)
This includes adding IDT> and SGT> to the default
timezone abbreviation set.
Update time zone data files to tzdata> release 2009s
for DST law changes in Antarctica, Argentina, Bangladesh, Fiji,
Novokuznetsk, Pakistan, Palestine, Samoa, Syria; also historical
corrections for Hong Kong.
Release 8.3.8Release Date2009-09-09
This release contains a variety of fixes from 8.3.7.
For information about new features in the 8.3 major release, see
.
Migration to Version 8.3.8
A dump/restore is not required for those running 8.3.X.
However, if you have any hash indexes on interval> columns,
you must REINDEX> them after updating to 8.3.8.
Also, if you are upgrading from a version earlier than 8.3.5,
see .
Changes
Fix Windows shared-memory allocation code (Tsutomu Yamada, Magnus)
This bug led to the often-reported could not reattach
to shared memory> error message.
Force WAL segment switch during pg_start_backup()>
(Heikki)
This avoids corner cases that could render a base backup unusable.
Disallow RESET ROLE> and RESET SESSION
AUTHORIZATION> inside security-definer functions (Tom, Heikki)
This covers a case that was missed in the previous patch that
disallowed SET ROLE> and SET SESSION
AUTHORIZATION> inside security-definer functions.
(See CVE-2007-6600)
Make LOAD> of an already-loaded loadable module
into a no-op (Tom)
Formerly, LOAD> would attempt to unload and re-load the
module, but this is unsafe and not all that useful.
Disallow empty passwords during LDAP authentication (Magnus)
Fix handling of sub-SELECTs appearing in the arguments of
an outer-level aggregate function (Tom)
Fix bugs associated with fetching a whole-row value from the
output of a Sort or Materialize plan node (Tom)
Prevent synchronize_seqscans> from changing the results of
scrollable and WITH HOLD> cursors (Tom)
Revert planner change that disabled partial-index and constraint
exclusion optimizations when there were more than 100 clauses in
an AND or OR list (Tom)
Fix hash calculation for data type interval> (Tom)
This corrects wrong results for hash joins on interval values.
It also changes the contents of hash indexes on interval columns.
If you have any such indexes, you must REINDEX> them
after updating.
Treat to_char(..., 'TH')> as an uppercase ordinal
suffix with 'HH'>/'HH12'> (Heikki)
It was previously handled as 'th'> (lowercase).
Fix overflow for INTERVAL 'x> ms'
when x> is more than 2 million and integer
datetimes are in use (Alex Hunsaker)
Fix calculation of distance between a point and a line segment (Tom)
This led to incorrect results from a number of geometric operators.
Fix money> data type to work in locales where currency
amounts have no fractional digits, e.g. Japan (Itagaki Takahiro)
Fix LIKE> for case where pattern contains %_>
(Tom)
Properly round datetime input like
00:12:57.9999999999999999999999999999> (Tom)
Fix memory leaks in XML operations (Tom)
Fix poor choice of page split point in GiST R-tree operator classes
(Teodor)
Ensure that a fast shutdown> request will forcibly terminate
open sessions, even if a smart shutdown> was already in progress
(Fujii Masao)
Avoid performance degradation in bulk inserts into GIN indexes
when the input values are (nearly) in sorted order (Tom)
Correctly enforce NOT NULL domain constraints in some contexts in
PL/pgSQL (Tom)
Fix portability issues in plperl initialization (Andrew Dunstan)
Fix pg_ctl> to not go into an infinite loop if
postgresql.conf> is empty (Jeff Davis)
Improve pg_dump>'s efficiency when there are
many large objects (Tamas Vincze)
Use SIGUSR1>, not SIGQUIT>, as the
failover signal for pg_standby> (Heikki)
Make pg_standby>'s maxretries> option
behave as documented (Fujii Masao)
Make contrib/hstore> throw an error when a key or
value is too long to fit in its data structure, rather than
silently truncating it (Andrew Gierth)
Fix contrib/xml2>'s xslt_process()> to
properly handle the maximum number of parameters (twenty) (Tom)
Improve robustness of libpq>'s code to recover
from errors during COPY FROM STDIN> (Tom)
Avoid including conflicting readline and editline header files
when both libraries are installed (Zdenek Kotala)
Update time zone data files to tzdata> release 2009l
for DST law changes in Bangladesh, Egypt, Jordan, Pakistan,
Argentina/San_Luis, Cuba, Jordan (historical correction only),
Mauritius, Morocco, Palestine, Syria, Tunisia.
Release 8.3.7Release Date2009-03-16
This release contains a variety of fixes from 8.3.6.
For information about new features in the 8.3 major release, see
.
Migration to Version 8.3.7
A dump/restore is not required for those running 8.3.X.
However, if you are upgrading from a version earlier than 8.3.5,
see .
Changes
Prevent error recursion crashes when encoding conversion fails (Tom)
This change extends fixes made in the last two minor releases for
related failure scenarios. The previous fixes were narrowly tailored
for the original problem reports, but we have now recognized that
any> error thrown by an encoding conversion function could
potentially lead to infinite recursion while trying to report the
error. The solution therefore is to disable translation and encoding
conversion and report the plain-ASCII form of any error message,
if we find we have gotten into a recursive error reporting situation.
(CVE-2009-0922)
Disallow CREATE CONVERSION> with the wrong encodings
for the specified conversion function (Heikki)
This prevents one possible scenario for encoding conversion failure.
The previous change is a backstop to guard against other kinds of
failures in the same area.
Fix xpath()> to not modify the path expression unless
necessary, and to make a saner attempt at it when necessary (Andrew)
The SQL standard suggests that xpath> should work on data
that is a document fragment, but libxml> doesn't support
that, and indeed it's not clear that this is sensible according to the
XPath standard. xpath> attempted to work around this
mismatch by modifying both the data and the path expression, but the
modification was buggy and could cause valid searches to fail. Now,
xpath> checks whether the data is in fact a well-formed
document, and if so invokes libxml> with no change to the
data or path expression. Otherwise, a different modification method
that is somewhat less likely to fail is used.
The new modification method is still not 100% satisfactory, and it
seems likely that no real solution is possible. This patch should
therefore be viewed as a band-aid to keep from breaking existing
applications unnecessarily. It is likely that
PostgreSQL> 8.4 will simply reject use of
xpath> on data that is not a well-formed document.
Fix core dump when to_char()> is given format codes that
are inappropriate for the type of the data argument (Tom)
Fix possible failure in text search when C locale is used with
a multi-byte encoding (Teodor)
Crashes were possible on platforms where wchar_t> is narrower
than int>; Windows in particular.
Fix extreme inefficiency in text search parser's handling of an
email-like string containing multiple @> characters (Heikki)
Fix planner problem with sub-SELECT> in the output list
of a larger subquery (Tom)
The known symptom of this bug is a failed to locate grouping
columns> error that is dependent on the datatype involved;
but there could be other issues as well.
Fix decompilation of CASE WHEN> with an implicit coercion
(Tom)
This mistake could lead to Assert failures in an Assert-enabled build,
or an unexpected CASE WHEN clause> error message in other
cases, when trying to examine or dump a view.
Fix possible misassignment of the owner of a TOAST table's rowtype (Tom)
If CLUSTER> or a rewriting variant of ALTER TABLE>
were executed by someone other than the table owner, the
pg_type> entry for the table's TOAST table would end up
marked as owned by that someone. This caused no immediate problems,
since the permissions on the TOAST rowtype aren't examined by any
ordinary database operation. However, it could lead to unexpected
failures if one later tried to drop the role that issued the command
(in 8.1 or 8.2), or owner of data type appears to be invalid>
warnings from pg_dump> after having done so (in 8.3).
Change UNLISTEN> to exit quickly if the current session has
never executed any LISTEN> command (Tom)
Most of the time this is not a particularly useful optimization, but
since DISCARD ALL> invokes UNLISTEN>, the previous
coding caused a substantial performance problem for applications that
made heavy use of DISCARD ALL>.
Fix PL/pgSQL to not treat INTO> after INSERT> as
an INTO-variables clause anywhere in the string, not only at the start;
in particular, don't fail for INSERT INTO> within
CREATE RULE> (Tom)
Clean up PL/pgSQL error status variables fully at block exit
(Ashesh Vashi and Dave Page)
This is not a problem for PL/pgSQL itself, but the omission could cause
the PL/pgSQL Debugger to crash while examining the state of a function.
Retry failed calls to CallNamedPipe()> on Windows
(Steve Marshall, Magnus)
It appears that this function can sometimes fail transiently;
we previously treated any failure as a hard error, which could
confuse LISTEN>/NOTIFY> as well as other
operations.
Add MUST> (Mauritius Island Summer Time) to the default list
of known timezone abbreviations (Xavier Bugaud)
Release 8.3.6Release Date2009-02-02
This release contains a variety of fixes from 8.3.5.
For information about new features in the 8.3 major release, see
.
Migration to Version 8.3.6
A dump/restore is not required for those running 8.3.X.
However, if you are upgrading from a version earlier than 8.3.5,
see .
Changes
Make DISCARD ALL> release advisory locks, in addition
to everything it already did (Tom)
This was decided to be the most appropriate behavior. This could
affect existing applications, however.
Fix whole-index GiST scans to work correctly (Teodor)
This error could cause rows to be lost if a table is clustered
on a GiST index.
Fix crash of xmlconcat(NULL)> (Peter)
Fix possible crash in ispell> dictionary if high-bit-set
characters are used as flags (Teodor)
This is known to be done by one widely available Norwegian dictionary,
and the same condition may exist in others.
Fix misordering of pg_dump> output for composite types
(Tom)
The most likely problem was for user-defined operator classes to
be dumped after indexes or views that needed them.
Improve handling of URLs in headline()> function (Teodor)
Improve handling of overlength headlines in headline()>
function (Teodor)
Prevent possible Assert failure or misconversion if an encoding
conversion is created with the wrong conversion function for the
specified pair of encodings (Tom, Heikki)
Fix possible Assert failure if a statement executed in PL/pgSQL is
rewritten into another kind of statement, for example if an
INSERT> is rewritten into an UPDATE> (Heikki)
Ensure that a snapshot is available to datatype input functions (Tom)
This primarily affects domains that are declared with CHECK>
constraints involving user-defined stable or immutable functions. Such
functions typically fail if no snapshot has been set.
Make it safer for SPI-using functions to be used within datatype I/O;
in particular, to be used in domain check constraints (Tom)
Avoid unnecessary locking of small tables in VACUUM>
(Heikki)
Fix a problem that sometimes kept ALTER TABLE ENABLE/DISABLE
RULE> from being recognized by active sessions (Tom)
Fix a problem that made UPDATE RETURNING tableoid>
return zero instead of the correct OID (Tom)
Allow functions declared as taking ANYARRAY> to work on
the pg_statistic> columns of that type (Tom)
This used to work, but was unintentionally broken in 8.3.
Fix planner misestimation of selectivity when transitive equality
is applied to an outer-join clause (Tom)
This could result in bad plans for queries like
... from a left join b on a.a1 = b.b1 where a.a1 = 42 ...>
Improve optimizer's handling of long IN> lists (Tom)
This change avoids wasting large amounts of time on such lists
when constraint exclusion is enabled.
Prevent synchronous scan during GIN index build (Tom)
Because GIN is optimized for inserting tuples in increasing TID order,
choosing to use a synchronous scan could slow the build by a factor of
three or more.
Ensure that the contents of a holdable cursor don't depend on the
contents of TOAST tables (Tom)
Previously, large field values in a cursor result might be represented
as TOAST pointers, which would fail if the referenced table got dropped
before the cursor is read, or if the large value is deleted and then
vacuumed away. This cannot happen with an ordinary cursor,
but it could with a cursor that is held past its creating transaction.
Fix memory leak when a set-returning function is terminated without
reading its whole result (Tom)
Fix encoding conversion problems in XML functions when the database
encoding isn't UTF-8 (Tom)
Fix contrib/dblink>'s
dblink_get_result(text,bool)> function (Joe)
Fix possible garbage output from contrib/sslinfo> functions
(Tom)
Fix incorrect behavior of contrib/tsearch2> compatibility
trigger when it's fired more than once in a command (Teodor)
Fix possible mis-signaling in autovacuum (Heikki)
Support running as a service on Windows 7 beta (Dave and Magnus)
Fix ecpg>'s handling of varchar structs (Michael)
Fix configure> script to properly report failure when
unable to obtain linkage information for PL/Perl (Andrew)
Make all documentation reference pgsql-bugs> and/or
pgsql-hackers> as appropriate, instead of the
now-decommissioned pgsql-ports> and pgsql-patches>
mailing lists (Tom)
Update time zone data files to tzdata> release 2009a (for
Kathmandu and historical DST corrections in Switzerland, Cuba)
Release 8.3.5Release Date2008-11-03
This release contains a variety of fixes from 8.3.4.
For information about new features in the 8.3 major release, see
.
Migration to Version 8.3.5
A dump/restore is not required for those running 8.3.X.
However, if you are upgrading from a version earlier than 8.3.1,
see . Also, if you were running a previous
8.3.X release, it is recommended to REINDEX> all GiST
indexes after the upgrade.
Changes
Fix GiST index corruption due to marking the wrong index entry
dead> after a deletion (Teodor)
This would result in index searches failing to find rows they
should have found. Corrupted indexes can be fixed with
REINDEX>.
Fix backend crash when the client encoding cannot represent a localized
error message (Tom)
We have addressed similar issues before, but it would still fail if
the character has no equivalent> message itself couldn't
be converted. The fix is to disable localization and send the plain
ASCII error message when we detect such a situation.
Fix possible crash in bytea>-to-XML mapping (Michael McMaster)
Fix possible crash when deeply nested functions are invoked from
a trigger (Tom)
Improve optimization of expression> IN>
(expression-list>) queries (Tom, per an idea from Robert
Haas)
Cases in which there are query variables on the right-hand side had been
handled less efficiently in 8.2.x and 8.3.x than in prior versions.
The fix restores 8.1 behavior for such cases.
Fix mis-expansion of rule queries when a sub-SELECT> appears
in a function call in FROM>, a multi-row VALUES>
list, or a RETURNING> list (Tom)
The usual symptom of this problem is an unrecognized node type>
error.
Fix Assert failure during rescan of an IS NULL>
search of a GiST index (Teodor)
Fix memory leak during rescan of a hashed aggregation plan (Neil)
Ensure an error is reported when a newly-defined PL/pgSQL trigger
function is invoked as a normal function (Tom)
Force a checkpoint before CREATE DATABASE> starts to copy
files (Heikki)
This prevents a possible failure if files had recently been deleted
in the source database.
Prevent possible collision of relfilenode> numbers
when moving a table to another tablespace with ALTER SET
TABLESPACE> (Heikki)
The command tried to re-use the existing filename, instead of
picking one that is known unused in the destination directory.
Fix incorrect text search headline generation when single query
item matches first word of text (Sushant Sinha)
Fix improper display of fractional seconds in interval values when
using a non-ISO datestyle in an
Make ILIKE> compare characters case-insensitively
even when they're escaped (Andrew)
Ensure DISCARD> is handled properly by statement logging (Tom)
Fix incorrect logging of last-completed-transaction time during
PITR recovery (Tom)
Ensure SPI_getvalue> and SPI_getbinval>
behave correctly when the passed tuple and tuple descriptor have
different numbers of columns (Tom)
This situation is normal when a table has had columns added or removed,
but these two functions didn't handle it properly.
The only likely consequence is an incorrect error indication.
Mark SessionReplicationRole> as PGDLLIMPORT>
so it can be used by Slony> on Windows (Magnus)
Fix small memory leak when using libpq>'s
gsslib> parameter (Magnus)
The space used by the parameter string was not freed at connection
close.
Ensure libgssapi> is linked into libpq>
if needed (Markus Schaaf)
Fix ecpg>'s parsing of CREATE ROLE> (Michael)
Fix recent breakage of pg_ctl restart> (Tom)
Ensure pg_control> is opened in binary mode
(Itagaki Takahiro)
pg_controldata> and pg_resetxlog>
did this incorrectly, and so could fail on Windows.
Update time zone data files to tzdata> release 2008i (for
DST law changes in Argentina, Brazil, Mauritius, Syria)
Release 8.3.4Release Date2008-09-22
This release contains a variety of fixes from 8.3.3.
For information about new features in the 8.3 major release, see
.
Migration to Version 8.3.4
A dump/restore is not required for those running 8.3.X.
However, if you are upgrading from a version earlier than 8.3.1,
see .
Changes
Fix bug in btree WAL recovery code (Heikki)
Recovery failed if the WAL ended partway through a page split operation.
Fix potential use of wrong cutoff XID for HOT page pruning (Alvaro)
This error created a risk of corruption in system
catalogs that are consulted by VACUUM>: dead tuple versions
might be removed too soon. The impact of this on actual database
operations would be minimal, since the system doesn't follow MVCC
rules while examining catalogs, but it might result in transiently
wrong output from pg_dump> or other client programs.
Fix potential miscalculation of datfrozenxid> (Alvaro)
This error may explain some recent reports of failure to remove old
pg_clog> data.
Fix incorrect HOT updates after pg_class> is reindexed
(Tom)
Corruption of pg_class> could occur if REINDEX
TABLE pg_class> was followed in the same session by an ALTER
TABLE RENAME> or ALTER TABLE SET SCHEMA> command.
Fix missed combo cid> case (Karl Schnaitter)
This error made rows incorrectly invisible to a transaction in which they
had been deleted by multiple subtransactions that all aborted.
Prevent autovacuum from crashing if the table it's currently
checking is deleted at just the wrong time (Alvaro)
Widen local lock counters from 32 to 64 bits (Tom)
This responds to reports that the counters could overflow in
sufficiently long transactions, leading to unexpected lock is
already held> errors.
Fix possible duplicate output of tuples during a GiST index scan (Teodor)
Regenerate foreign key checking queries from scratch when either
table is modified (Tom)
Previously, 8.3 would attempt to replan the query, but would work from
previously generated query text. This led to failures if a
table or column was renamed.
Fix missed permissions checks when a view contains a simple
UNION ALL> construct (Heikki)
Permissions for the referenced tables were checked properly, but not
permissions for the view itself.
Add checks in executor startup to ensure that the tuples produced by an
INSERT> or UPDATE> will match the target table's
current rowtype (Tom)
This situation is believed to be impossible in 8.3, but it can happen in
prior releases, so a check seems prudent.
Fix possible repeated drops during DROP OWNED> (Tom)
This would typically result in strange errors such as cache
lookup failed for relation NNN>.
Fix several memory leaks in XML operations (Kris Jurka, Tom)
Fix xmlserialize()> to raise error properly for
unacceptable target data type (Tom)
Fix a couple of places that mis-handled multibyte characters in text
search configuration file parsing (Tom)
Certain characters occurring in configuration files would always cause
invalid byte sequence for encoding> failures.
Provide file name and line number location for all errors reported
in text search configuration files (Tom)
Fix AT TIME ZONE> to first try to interpret its timezone
argument as a timezone abbreviation, and only try it as a full timezone
name if that fails, rather than the other way around as formerly (Tom)
The timestamp input functions have always resolved ambiguous zone names
in this order. Making AT TIME ZONE> do so as well improves
consistency, and fixes a compatibility bug introduced in 8.1:
in ambiguous cases we now behave the same as 8.0 and before did,
since in the older versions AT TIME ZONE> accepted
only> abbreviations.
Fix datetime input functions to correctly detect integer overflow when
running on a 64-bit platform (Tom)
Prevent integer overflows during units conversion when displaying a
configuration parameter that has units (Tom)
Improve performance of writing very long log messages to syslog (Tom)
Allow spaces in the suffix part of an LDAP URL in
pg_hba.conf> (Tom)
Fix bug in backwards scanning of a cursor on a SELECT DISTINCT
ON> query (Tom)
Fix planner bug that could improperly push down IS NULL>
tests below an outer join (Tom)
This was triggered by occurrence of IS NULL> tests for
the same relation in all arms of an upper OR> clause.
Fix planner bug with nested sub-select expressions (Tom)
If the outer sub-select has no direct dependency on the parent query,
but the inner one does, the outer value might not get recalculated
for new parent query rows.
Fix planner to estimate that GROUP BY> expressions yielding
boolean results always result in two groups, regardless of the
expressions' contents (Tom)
This is very substantially more accurate than the regular GROUP
BY> estimate for certain boolean tests like col>
IS NULL>.
Fix PL/pgSQL to not fail when a FOR> loop's target variable
is a record containing composite-type fields (Tom)
Fix PL/Tcl to behave correctly with Tcl 8.5, and to be more careful
about the encoding of data sent to or from Tcl (Tom)
Improve performance of PQescapeBytea()> (Rudolf Leitgeb)
On Windows, work around a Microsoft bug by preventing
libpq> from trying to send more than 64kB per system call
(Magnus)
Fix ecpg> to handle variables properly in SET>
commands (Michael)
Improve pg_dump> and pg_restore>'s
error reporting after failure to send a SQL command (Tom)
Fix pg_ctl> to properly preserve postmaster
command-line arguments across a restart> (Bruce)
Fix erroneous WAL file cutoff point calculation in
pg_standby> (Simon)
Update time zone data files to tzdata> release 2008f (for
DST law changes in Argentina, Bahamas, Brazil, Mauritius, Morocco,
Pakistan, Palestine, and Paraguay)
Release 8.3.3Release Date2008-06-12
This release contains one serious and one minor bug fix over 8.3.2.
For information about new features in the 8.3 major release, see
.
Migration to Version 8.3.3
A dump/restore is not required for those running 8.3.X.
However, if you are upgrading from a version earlier than 8.3.1,
see .
Changes
Make pg_get_ruledef()> parenthesize negative constants (Tom)
Before this fix, a negative constant in a view or rule might be dumped
as, say, -42::integer>, which is subtly incorrect: it should
be (-42)::integer> due to operator precedence rules.
Usually this would make little difference, but it could interact with
another recent patch to cause
PostgreSQL> to reject what had been a valid
SELECT DISTINCT> view query. Since this could result in
pg_dump> output failing to reload, it is being treated
as a high-priority fix. The only released versions in which dump
output is actually incorrect are 8.3.1 and 8.2.7.
Make ALTER AGGREGATE ... OWNER TO> update
pg_shdepend> (Tom)
This oversight could lead to problems if the aggregate was later
involved in a DROP OWNED> or REASSIGN OWNED>
operation.
Release 8.3.2Release Datenever released
This release contains a variety of fixes from 8.3.1.
For information about new features in the 8.3 major release, see
.
Migration to Version 8.3.2
A dump/restore is not required for those running 8.3.X.
However, if you are upgrading from a version earlier than 8.3.1,
see .
Changes
Fix ERRORDATA_STACK_SIZE exceeded crash that
occurred on Windows when using UTF-8 database encoding and a different
client encoding (Tom)
Fix incorrect archive truncation point calculation for the
%r> macro in restore_command> parameters
(Simon)
This could lead to data loss if a warm-standby script relied on
%r> to decide when to throw away WAL segment files.
Fix ALTER TABLE ADD COLUMN ... PRIMARY KEY> so that the new
column is correctly checked to see if it's been initialized to all
non-nulls (Brendan Jurd)
Previous versions neglected to check this requirement at all.
Fix REASSIGN OWNED> so that it works on procedural
languages too (Alvaro)
Fix problems with SELECT FOR UPDATE/SHARE> occurring as a
subquery in a query with a non-SELECT> top-level operation
(Tom)
Fix possible CREATE TABLE> failure when inheriting the
same> constraint from multiple parent relations that
inherited that constraint from a common ancestor (Tom)
Fix pg_get_ruledef()> to show the alias, if any, attached
to the target table of an UPDATE> or DELETE>
(Tom)
Restore the pre-8.3 behavior that an out-of-range block number in a
TID being used in a TidScan plan results in silently not matching any
rows (Tom)
8.3.0 and 8.3.1 threw an error instead.
Fix GIN bug that could result in a too many LWLocks
taken failure (Teodor)
Fix broken GiST comparison function for tsquery> (Teodor)
Fix tsvector_update_trigger()> and ts_stat()>
to accept domains over the types they expect to work with (Tom)
Fix failure to support enum data types as foreign keys (Tom)
Avoid possible crash when decompressing corrupted data
(Zdenek Kotala)
Fix race conditions between delayed unlinks and DROP
DATABASE> (Heikki)
In the worst case this could result in deleting a newly created table
in a new database that happened to get the same OID as the
recently-dropped one; but of course that is an extremely
low-probability scenario.
Repair two places where SIGTERM exit of a backend could leave corrupted
state in shared memory (Tom)
Neither case is very important if SIGTERM is used to shut down the
whole database cluster together, but there was a problem if someone
tried to SIGTERM individual backends.
Fix possible crash due to incorrect plan generated for an
x> IN (SELECT y>
FROM ...) clause when x> and y>
have different data types; and make sure the behavior is semantically
correct when the conversion from y>'s type to
x>'s type is lossy (Tom)
Fix oversight that prevented the planner from substituting known Param
values as if they were constants (Tom)
This mistake partially disabled optimization of unnamed
extended-Query statements in 8.3.0 and 8.3.1: in particular the
LIKE-to-indexscan optimization would never be applied if the LIKE
pattern was passed as a parameter, and constraint exclusion
depending on a parameter value didn't work either.
Fix planner failure when an indexable MIN> or
MAX> aggregate is used with DISTINCT> or
ORDER BY> (Tom)
Fix planner to ensure it never uses a physical tlist> for a
plan node that is feeding a Sort node (Tom)
This led to the sort having to push around more data than it really
needed to, since unused column values were included in the sorted
data.
Avoid unnecessary copying of query strings (Tom)
This fixes a performance problem introduced in 8.3.0 when a very large
number of commands are submitted as a single query string.
Make TransactionIdIsCurrentTransactionId()> use binary
search instead of linear search when checking child-transaction XIDs
(Heikki)
This fixes some cases in which 8.3.0 was significantly
slower than earlier releases.
Fix conversions between ISO-8859-5 and other encodings to handle
Cyrillic Yo> characters (e> and E> with
two dots) (Sergey Burladyan)
Fix several datatype input functions, notably array_in()>,
that were allowing unused bytes in their results to contain
uninitialized, unpredictable values (Tom)
This could lead to failures in which two apparently identical literal
values were not seen as equal, resulting in the parser complaining
about unmatched ORDER BY> and DISTINCT>
expressions.
Fix a corner case in regular-expression substring matching
(substring(string> from
pattern>)) (Tom)
The problem occurs when there is a match to the pattern overall but
the user has specified a parenthesized subexpression and that
subexpression hasn't got a match. An example is
substring('foo' from 'foo(bar)?')>.
This should return NULL, since (bar)> isn't matched, but
it was mistakenly returning the whole-pattern match instead (ie,
foo>).
Prevent cancellation of an auto-vacuum that was launched to prevent
XID wraparound (Alvaro)
Improve ANALYZE>'s handling of in-doubt tuples (those
inserted or deleted by a not-yet-committed transaction) so that the
counts it reports to the stats collector are more likely to be correct
(Pavan Deolasee)
Fix initdb> to reject a relative path for its
--xlogdir> (-X>) option (Tom)
Make psql> print tab characters as an appropriate
number of spaces, rather than \x09 as was done in
8.3.0 and 8.3.1 (Bruce)
Update time zone data files to tzdata> release 2008c (for
DST law changes in Morocco, Iraq, Choibalsan, Pakistan, Syria, Cuba, and
Argentina/San_Luis)
Add ECPGget_PGconn()> function to
ecpglib> (Michael)
Fix incorrect result from ecpg>'s
PGTYPEStimestamp_sub()> function (Michael)
Fix handling of continuation line markers in ecpg>
(Michael)
Fix possible crashes in contrib/cube> functions (Tom)
Fix core dump in contrib/xml2>'s
xpath_table()> function when the input query returns a
NULL value (Tom)
Fix contrib/xml2>'s makefile to not override
CFLAGS>, and make it auto-configure properly for
libxslt> present or not (Tom)
Release 8.3.1Release Date2008-03-17
This release contains a variety of fixes from 8.3.0.
For information about new features in the 8.3 major release, see
.
Migration to Version 8.3.1
A dump/restore is not required for those running 8.3.X.
However, you might need to REINDEX> indexes on textual
columns after updating, if you are affected by the Windows locale
issue described below.
Changes
Fix character string comparison for Windows locales that consider
different character combinations as equal (Tom)
This fix applies only on Windows and only when using UTF-8
database encoding. The same fix was made for all other cases
over two years ago, but Windows with UTF-8 uses a separate code
path that was not updated. If you are using a locale that
considers some non-identical strings as equal, you may need to
REINDEX> to fix existing indexes on textual columns.
Repair corner-case bugs in VACUUM FULL> (Tom)
A potential deadlock between concurrent VACUUM FULL>
operations on different system catalogs was introduced in 8.2.
This has now been corrected. 8.3 made this worse because the
deadlock could occur within a critical code section, making it
a PANIC rather than just ERROR condition.
Also, a VACUUM FULL> that failed partway through
vacuuming a system catalog could result in cache corruption in
concurrent database sessions.
Another VACUUM FULL> bug introduced in 8.3 could
result in a crash or out-of-memory report when dealing with
pages containing no live tuples.
Fix misbehavior of foreign key checks involving character>
or bit> columns (Tom)
If the referencing column were of a different but compatible type
(for instance varchar>), the constraint was enforced incorrectly.
Avoid needless deadlock failures in no-op foreign-key checks (Stephan
Szabo, Tom)
Fix possible core dump when re-planning a prepared query (Tom)
This bug affected only protocol-level prepare operations, not
SQL PREPARE>, and so tended to be seen only with
JDBC, DBI, and other client-side drivers that use prepared
statements heavily.
Fix possible failure when re-planning a query that calls an SPI-using
function (Tom)
Fix failure in row-wise comparisons involving columns of different
datatypes (Tom)
Fix longstanding LISTEN>/NOTIFY>
race condition (Tom)
In rare cases a session that had just executed a
LISTEN> might not get a notification, even though
one would be expected because the concurrent transaction executing
NOTIFY> was observed to commit later.
A side effect of the fix is that a transaction that has executed
a not-yet-committed LISTEN> command will not see any
row in pg_listener> for the LISTEN>,
should it choose to look; formerly it would have. This behavior
was never documented one way or the other, but it is possible that
some applications depend on the old behavior.
Disallow LISTEN> and UNLISTEN> within a
prepared transaction (Tom)
This was formerly allowed but trying to do it had various unpleasant
consequences, notably that the originating backend could not exit
as long as an UNLISTEN> remained uncommitted.
Disallow dropping a temporary table within a
prepared transaction (Heikki)
This was correctly disallowed by 8.1, but the check was inadvertently
broken in 8.2 and 8.3.
Fix rare crash when an error occurs during a query using a hash index
(Heikki)
Fix incorrect comparison of tsquery> values (Teodor)
Fix incorrect behavior of LIKE> with non-ASCII characters
in single-byte encodings (Rolf Jentsch)
Disable xmlvalidate> (Tom)
This function should have been removed before 8.3 release, but
was inadvertently left in the source code. It poses a small
security risk since unprivileged users could use it to read the
first few characters of any file accessible to the server.
Fix memory leaks in certain usages of set-returning functions (Neil)
Make encode(bytea>, 'escape')> convert all
high-bit-set byte values into \>nnn> octal
escape sequences (Tom)
This is necessary to avoid encoding problems when the database
encoding is multi-byte. This change could pose compatibility issues
for applications that are expecting specific results from
encode>.
Fix input of datetime values for February 29 in years BC (Tom)
The former coding was mistaken about which years were leap years.
Fix unrecognized node type> error in some variants of
ALTER OWNER> (Tom)
Avoid tablespace permissions errors in CREATE TABLE LIKE
INCLUDING INDEXES> (Tom)
Ensure pg_stat_activity>.waiting> flag
is cleared when a lock wait is aborted (Tom)
Fix handling of process permissions on Windows Vista (Dave, Magnus)
In particular, this fix allows starting the server as the Administrator
user.
Update time zone data files to tzdata> release 2008a
(in particular, recent Chile changes); adjust timezone abbreviation
VET> (Venezuela) to mean UTC-4:30, not UTC-4:00 (Tom)
Fix ecpg> problems with arrays (Michael)
Fix pg_ctl> to correctly extract the postmaster's port
number from command-line options (Itagaki Takahiro, Tom)
Previously, pg_ctl start -w> could try to contact the
postmaster on the wrong port, leading to bogus reports of startup
failure.
Use
This is known to be necessary when building PostgreSQL>
with gcc> 4.3 or later.
Enable building contrib/uuid-ossp> with MSVC (Hiroshi Saito)
Release 8.3Release Date2008-02-04Overview
With significant new functionality and performance enhancements,
this release represents a major leap forward for
PostgreSQL>. This was made possible by a growing
community that has dramatically accelerated the pace of
development. This release adds the following major features:
Full text search is integrated into the core database system
Support for the SQL/XML standard, including new operators and an
XML data type
Enumerated data types (ENUM)
Arrays of composite types
Universally Unique Identifier (UUID>) data type
Add control over whether NULL>s sort first or last
Updatable cursors
Server configuration parameters can now be set on a per-function
basis
User-defined types can now have type modifiers
Automatically re-plan cached queries when table
definitions change or statistics are updated
Numerous improvements in logging and statistics collection
Support Security Service Provider Interface (SSPI>) for
authentication on Windows
Support multiple concurrent autovacuum processes, and other
autovacuum improvements
Allow the whole PostgreSQL> distribution to be compiled
with Microsoft Visual C++>
Major performance improvements are listed below. Most of
these enhancements are automatic and do not require user changes or
tuning:
Asynchronous commit delays writes to WAL during transaction commit
Checkpoint writes can be spread over a longer time period to smooth
the I/O spike during each checkpoint
Heap-Only Tuples (HOT>) accelerate space reuse for
most UPDATE>s and DELETE>s
Just-in-time background writer strategy improves disk write
efficiency
Using non-persistent transaction IDs for read-only transactions
reduces overhead and VACUUM> requirements
Per-field and per-row storage overhead has been reduced
Large sequential scans no longer force out frequently used
cached pages
Concurrent large sequential scans can now share disk reads
ORDER BY ... LIMIT> can be done without sorting
The above items are explained in more detail in the sections below.
Migration to Version 8.3
A dump/restore using pg_dump is
required for those wishing to migrate data from any previous
release.
Observe the following incompatibilities:
General
Non-character data types are no longer automatically cast to
TEXT> (Peter, Tom)
Previously, if a non-character value was supplied to an operator or
function that requires text> input, it was automatically
cast to text>, for most (though not all) built-in data types.
This no longer happens: an explicit cast to text> is now
required for all non-character-string types. For example, these
expressions formerly worked:
substr(current_date, 1, 4)
23 LIKE '2%'
but will now draw function does not exist> and operator
does not exist> errors respectively. Use an explicit cast instead:
substr(current_date::text, 1, 4)
23::text LIKE '2%'
(Of course, you can use the more verbose CAST()> syntax too.)
The reason for the change is that these automatic casts too often caused
surprising behavior. An example is that in previous releases, this
expression was accepted but did not do what was expected:
current_date < 2017-11-17
This is actually comparing a date to an integer, which should be
(and now is) rejected — but in the presence of automatic
casts both sides were cast to text> and a textual comparison
was done, because the text < text> operator was able
to match the expression when no other <> operator could.
Types char(n>) and
varchar(n>) still cast to text>
automatically. Also, automatic casting to text> still works for
inputs to the concatenation (||>) operator, so long as least
one input is a character-string type.
Full text search features from contrib/tsearch2> have
been moved into the core server, with some minor syntax changes
contrib/tsearch2> now contains a compatibility
interface.
ARRAY(SELECT ...), where the SELECT>
returns no rows, now returns an empty array, rather than NULL
(Tom)
The array type name for a base data type is no longer always the base
type's name with an underscore prefix
The old naming convention is still honored when possible, but
application code should no longer depend on it. Instead
use the new pg_type.typarray column to
identify the array data type associated with a given type.
ORDER BY ... USING> operator> must now
use a less-than or greater-than operator> that is
defined in a btree operator class
This restriction was added to prevent inconsistent results.
SET LOCAL changes now persist until
the end of the outermost transaction, unless rolled back (Tom)
Previously SET LOCAL's effects were lost
after subtransaction commit (RELEASE SAVEPOINT>
or exit from a PL/pgSQL exception block).
Commands rejected in transaction blocks are now also rejected in
multiple-statement query strings (Tom)
For example, "BEGIN; DROP DATABASE; COMMIT"> will now be
rejected even if submitted as a single query message.
ROLLBACK> outside a transaction block now
issues NOTICE> instead of WARNING> (Bruce)
Prevent NOTIFY/LISTEN/UNLISTEN
from accepting schema-qualified names (Bruce)
Formerly, these commands accepted schema.relation> but
ignored the schema part, which was confusing.
ALTER SEQUENCE> no longer affects the sequence's
currval()> state (Tom)
Foreign keys now must match indexable conditions for
cross-data-type references (Tom)
This improves semantic consistency and helps avoid
performance problems.
Restrict object size functions to users who have reasonable
permissions to view such information (Tom)
For example, pg_database_size() now requires
CONNECT> permission, which is granted to everyone by
default. pg_tablespace_size() requires
CREATE> permission in the tablespace, or is allowed if
the tablespace is the default tablespace for the database.
Remove the undocumented !!=> (not in) operator (Tom)
NOT IN (SELECT ...) is the proper way to
perform this operation.
Internal hashing functions are now more uniformly-distributed (Tom)
If application code was computing and storing hash values using
internal PostgreSQL> hashing functions, the hash
values must be regenerated.
C-code conventions for handling variable-length data values
have changed (Greg Stark, Tom)
The new SET_VARSIZE()> macro must> be used
to set the length of generated varlena> values. Also, it
might be necessary to expand (de-TOAST) input values
in more cases.
Continuous archiving no longer reports each successful archive
operation to the server logs unless DEBUG> level is used
(Simon)
Configuration Parameters
Numerous changes in administrative server parameters
bgwriter_lru_percent>,
bgwriter_all_percent>,
bgwriter_all_maxpages>,
stats_start_collector>, and
stats_reset_on_server_start> are removed.
redirect_stderr> is renamed to
logging_collector>.
stats_command_string> is renamed to
track_activities>.
stats_block_level> and stats_row_level>
are merged into track_counts>.
A new boolean configuration parameter, archive_mode>,
controls archiving. Autovacuum's default settings have changed.
Remove stats_start_collector parameter (Tom)
We now always start the collector process, unless UDP>
socket creation fails.
Remove stats_reset_on_server_start parameter (Tom)
This was removed because pg_stat_reset()
can be used for this purpose.
Commenting out a parameter in postgresql.conf> now
causes it to revert to its default value (Joachim Wieland)
Previously, commenting out an entry left the parameter's value unchanged
until the next server restart.
Character Encodings
Add more checks for invalidly-encoded data (Andrew)
This change plugs some holes that existed in literal backslash
escape string processing and COPY escape
processing. Now the de-escaped string is rechecked to see if the
result created an invalid multi-byte character.
Disallow database encodings that are inconsistent with the server's
locale setting (Tom)
On most platforms, C> locale is the only locale that
will work with any database encoding. Other locale settings imply
a specific encoding and will misbehave if the database encoding
is something different. (Typical symptoms include bogus textual
sort order and wrong results from upper()> or
lower()>.) The server now rejects attempts to create
databases that have an incompatible encoding.
Ensure that chr() cannot create
invalidly-encoded values (Andrew)
In UTF8-encoded databases the argument of chr() is
now treated as a Unicode code point. In other multi-byte encodings
chr()'s argument must designate a 7-bit ASCII
character. Zero is no longer accepted.
ascii() has been adjusted to match.
Adjust convert() behavior to ensure encoding
validity (Andrew)
The two argument form of convert() has been
removed. The three argument form now takes a bytea
first argument and returns a bytea. To cover the
loss of functionality, three new functions have been added:
convert_from(bytea, name) returns
text> — converts the first argument from the named
encoding to the database encoding
convert_to(text, name) returns
bytea> — converts the first argument from the
database encoding to the named encoding
length(bytea, name) returns
integer> — gives the length of the first
argument in characters in the named encoding
Remove convert(argument USING conversion_name)
(Andrew)
Its behavior did not match the SQL standard.
Make JOHAB encoding client-only (Tatsuo)
JOHAB is not safe as a server-side encoding.
Changes
Below you will find a detailed account of the
changes between PostgreSQL 8.3 and
the previous major release.
Performance
Asynchronous commit delays writes to WAL during transaction commit
(Simon)
This feature dramatically increases performance for short data-modifying
transactions. The disadvantage is that because disk writes are delayed,
if the database or operating system crashes before data is written to
the disk, committed data will be lost. This feature is useful for
applications that can accept some data loss. Unlike turning off
fsync, using asynchronous commit does not put
database consistency at risk; the worst case is that after a crash the
last few reportedly-committed transactions might not be committed after
all.
This feature is enabled by turning off synchronous_commit>
(which can be done per-session or per-transaction, if some transactions
are critical and others are not).
wal_writer_delay> can be adjusted to control the maximum
delay before transactions actually reach disk.
Checkpoint writes can be spread over a longer time period to smooth
the I/O spike during each checkpoint (Itagaki Takahiro and Heikki
Linnakangas)
Previously all modified buffers were forced to disk as quickly as
possible during a
checkpoint, causing an I/O spike that decreased server performance.
This new approach spreads out disk writes during checkpoints,
reducing peak I/O usage. (User-requested and shutdown checkpoints
are still written as quickly as possible.)
Heap-Only Tuples (HOT>) accelerate space reuse for most
UPDATE>s and DELETE>s (Pavan Deolasee, with
ideas from many others)
UPDATE>s and DELETE>s leave dead tuples
behind, as do failed INSERT>s. Previously only
VACUUM> could reclaim space taken by dead tuples. With
HOT> dead tuple space can be automatically reclaimed at
the time of INSERT> or UPDATE> if no changes
are made to indexed columns. This allows for more consistent
performance. Also, HOT> avoids adding duplicate index
entries.
Just-in-time background writer strategy improves disk write
efficiency (Greg Smith, Itagaki Takahiro)
This greatly reduces the need for manual tuning of the background
writer.
Per-field and per-row storage overhead have been reduced
(Greg Stark, Heikki Linnakangas)
Variable-length data types with data values less than 128 bytes long
will see a storage decrease of 3 to 6 bytes. For example, two adjacent
char(1) fields now use 4 bytes instead of 16. Row headers
are also 4 bytes shorter than before.
Using non-persistent transaction IDs for read-only transactions
reduces overhead and VACUUM> requirements (Florian Pflug)
Non-persistent transaction IDs do not increment the global
transaction counter. Therefore, they reduce the load on
pg_clog> and increase the time between forced
vacuums to prevent transaction ID wraparound.
Other performance
improvements were also made that should improve concurrency.
Avoid incrementing the command counter after a read-only command (Tom)
There was formerly a hard limit of 232>
(4 billion) commands per transaction. Now only commands that
actually changed the database count, so while this limit still
exists, it should be significantly less annoying.
Create a dedicated WAL> writer process to off-load
work from backends (Simon)
Skip unnecessary WAL writes for CLUSTER and
COPY (Simon)
Unless WAL archiving is enabled, the system now avoids WAL writes
for CLUSTER and just fsync()>s the
table at the end of the command. It also does the same for
COPY if the table was created in the same
transaction.
Large sequential scans no longer force out frequently used
cached pages (Simon, Heikki, Tom)
Concurrent large sequential scans can now share disk reads (Jeff Davis)
This is accomplished by starting the new sequential scan in the
middle of the table (where another sequential scan is already
in-progress) and wrapping around to the beginning to finish. This
can affect the order of returned rows in a query that does not
specify ORDER BY>. The synchronize_seqscans>
configuration parameter can be used to disable this if necessary.
ORDER BY ... LIMIT> can be done without sorting
(Greg Stark)
This is done by sequentially scanning the table and tracking just
the top N> candidate rows, rather than performing a
full sort of the entire table. This is useful when there is no
matching index and the LIMIT> is not large.
Put a rate limit on messages sent to the statistics
collector by backends
(Tom)
This reduces overhead for short transactions, but might sometimes
increase the delay before statistics are tallied.
Improve hash join performance for cases with many NULLs (Tom)
Speed up operator lookup for cases with non-exact datatype matches (Tom)
Server
Autovacuum is now enabled by default (Alvaro)
Several changes were made to eliminate disadvantages of having
autovacuum enabled, thereby justifying the change in default.
Several other autovacuum parameter defaults were also modified.
Support multiple concurrent autovacuum processes (Alvaro, Itagaki
Takahiro)
This allows multiple vacuums to run concurrently. This prevents
vacuuming of a large table from delaying vacuuming of smaller tables.
Automatically re-plan cached queries when table
definitions change or statistics are updated (Tom)
Previously PL/pgSQL functions that referenced temporary tables
would fail if the temporary table was dropped and recreated
between function invocations, unless EXECUTE> was
used. This improvement fixes that problem and many related issues.
Add a temp_tablespaces parameter to control
the tablespaces for temporary tables and files (Jaime Casanova,
Albert Cervera, Bernd Helmle)
This parameter defines a list of tablespaces to be used. This
enables spreading the I/O load across multiple tablespaces. A random
tablespace is chosen each time a temporary object is created.
Temporary files are no longer stored in per-database
pgsql_tmp/ directories but in per-tablespace
directories.
Place temporary tables' TOAST tables in special schemas named
pg_toast_temp_nnn> (Tom)
This allows low-level code to recognize these tables as temporary,
which enables various optimizations such as not WAL-logging changes
and using local rather than shared buffers for access. This also
fixes a bug wherein backends unexpectedly held open file references
to temporary TOAST tables.
Fix problem that a constant flow of new connection requests could
indefinitely delay the postmaster from completing a shutdown or
a crash restart (Tom)
Guard against a very-low-probability data loss scenario by preventing
re-use of a deleted table's relfilenode until after the next
checkpoint (Heikki)
Fix CREATE CONSTRAINT TRIGGER>
to convert old-style foreign key trigger definitions into regular
foreign key constraints (Tom)
This will ease porting of foreign key constraints carried forward from
pre-7.3 databases, if they were never converted using
contrib/adddepend>.
Fix DEFAULT NULL> to override inherited defaults (Tom)
DEFAULT NULL> was formerly considered a noise phrase, but it
should (and now does) override non-null defaults that would otherwise
be inherited from a parent table or domain.
Add new encodings EUC_JIS_2004 and SHIFT_JIS_2004 (Tatsuo)
These new encodings can be converted to and from UTF-8.
Change server startup log message from database system is
ready to database system is ready to accept
connections, and adjust its timing
The message now appears only when the postmaster is really ready
to accept connections.
Monitoring
Add log_autovacuum_min_duration parameter to
support configurable logging of autovacuum activity (Simon, Alvaro)
Add log_lock_waits parameter to log lock waiting
(Simon)
Add log_temp_files parameter to log temporary
file usage (Bill Moran)
Add log_checkpoints parameter to improve logging
of checkpoints (Greg Smith, Heikki)
log_line_prefix now supports
%s and %c escapes in all
processes (Andrew)
Previously these escapes worked only for user sessions, not for
background database processes.
Add log_restartpoints to control logging of
point-in-time recovery restart points (Simon)
Last transaction end time is now logged at end of recovery and at
each logged restart point (Simon)
Autovacuum now reports its activity start time in
pg_stat_activity (Tom)
Allow server log output in comma-separated value (CSV) format (Arul
Shaji, Greg Smith, Andrew Dunstan)
CSV-format log files can easily be loaded into a database table for
subsequent analysis.
Use PostgreSQL-supplied timezone support for formatting timestamps
displayed in the server log (Tom)
This avoids Windows-specific problems with localized time zone
names that are in the wrong encoding. There is a new
log_timezone> parameter that controls the timezone
used in log messages, independently of the client-visible
timezone> parameter.
New system view pg_stat_bgwriter displays
statistics about background writer activity (Magnus)
Add new columns for database-wide tuple statistics to
pg_stat_database (Magnus)
Add an xact_start (transaction start time) column to
pg_stat_activity (Neil)
This makes it easier to identify long-running transactions.
Add n_live_tuples> and n_dead_tuples> columns
to pg_stat_all_tables and related views (Glen
Parker)
Merge stats_block_level> and stats_row_level>
parameters into a single parameter track_counts>, which
controls all messages sent to the statistics collector process
(Tom)
Rename stats_command_string parameter to
track_activities (Tom)
Fix statistical counting of live and dead tuples to recognize that
committed and aborted transactions have different effects (Tom)
Authentication
Support Security Service Provider Interface (SSPI>) for
authentication on Windows (Magnus)
Support GSSAPI authentication (Henry Hotz, Magnus)
This should be preferred to native Kerberos authentication because
GSSAPI is an industry standard.
Support a global SSL configuration file (Victor Wagner)
Add ssl_ciphers> parameter to control accepted SSL ciphers
(Victor Wagner)
Add a Kerberos realm parameter, krb_realm> (Magnus)
Write-Ahead Log (WAL>) and Continuous Archiving
Change the timestamps recorded in transaction WAL records from
time_t to TimestampTz representation (Tom)
This provides sub-second resolution in WAL, which can be useful for
point-in-time recovery.
Reduce WAL disk space needed by warm standby servers (Simon)
This change allows a warm standby server to pass the name of the earliest
still-needed WAL file to the recovery script, allowing automatic removal
of no-longer-needed WAL files. This is done using %r> in
the restore_command parameter of
recovery.conf.
New boolean configuration parameter, archive_mode>,
controls archiving (Simon)
Previously setting archive_command> to an empty string
turned off archiving. Now archive_mode> turns archiving
on and off, independently of archive_command>. This is
useful for stopping archiving temporarily.
Queries
Full text search is integrated into the core database
system (Teodor, Oleg)
Text search has been improved, moved into the core code, and is now
installed by default. contrib/tsearch2> now contains
a compatibility interface.
Add control over whether NULL>s sort first or last (Teodor, Tom)
The syntax is ORDER BY ... NULLS FIRST/LAST>.
Allow per-column ascending/descending (ASC>/DESC>)
ordering options for indexes (Teodor, Tom)
Previously a query using ORDER BY> with mixed
ASC>/DESC> specifiers could not fully use
an index. Now an index can be fully used in such cases if the
index was created with matching
ASC>/DESC> specifications.
NULL> sort order within an index can be controlled, too.
Allow col IS NULL> to use an index (Teodor)
Updatable cursors (Arul Shaji, Tom)
This eliminates the need to reference a primary key to
UPDATE> or DELETE> rows returned by a cursor.
The syntax is UPDATE/DELETE WHERE CURRENT OF>.
Allow FOR UPDATE in cursors (Arul Shaji, Tom)
Create a general mechanism that supports casts to and from the
standard string types (TEXT, VARCHAR,
CHAR) for every datatype, by
invoking the datatype's I/O functions (Tom)
Previously, such casts were available only for types that had
specialized function(s) for the purpose.
These new casts are assignment-only in the to-string direction,
explicit-only in the other direction, and therefore should create no
surprising behavior.
Allow UNION> and related constructs to return a domain
type, when all inputs are of that domain type (Tom)
Formerly, the output would be considered to be of the domain's base
type.
Allow limited hashing when using two different data types (Tom)
This allows hash joins, hash indexes, hashed subplans, and hash
aggregation to be used in situations involving cross-data-type
comparisons, if the data types have compatible hash functions.
Currently, cross-data-type hashing support exists for
smallint/integer/bigint,
and for float4/float8.
Improve optimizer logic for detecting when variables are equal
in a WHERE> clause (Tom)
This allows mergejoins to work with descending sort orders, and
improves recognition of redundant sort columns.
Improve performance when planning large inheritance trees in
cases where most tables are excluded by constraints (Tom)
Object Manipulation
Arrays of composite types (David Fetter, Andrew, Tom)
In addition to arrays of explicitly-declared composite types,
arrays of the rowtypes of regular tables and views are now
supported, except for rowtypes of system catalogs, sequences, and TOAST
tables.
Server configuration parameters can now be set on a per-function
basis (Tom)
For example, functions can now set their own
search_path> to prevent unexpected behavior if a
different search_path> exists at run-time. Security
definer functions should set search_path to
avoid security loopholes.
CREATE/ALTER FUNCTION now supports
COST and ROWS options (Tom)
COST allows specification of the cost of a
function call. ROWS allows specification of
the average number or rows returned by a set-returning function.
These values are used by the optimizer in choosing the best plan.
Implement CREATE TABLE LIKE ... INCLUDING
INDEXES (Trevor Hardcastle, Nikhil Sontakke, Neil)
Allow CREATE INDEX CONCURRENTLY to ignore
transactions in other databases (Simon)
Add ALTER VIEW ... RENAME TO and ALTER
SEQUENCE ... RENAME TO (David Fetter, Neil)
Previously this could only be done via ALTER TABLE ...
RENAME TO.
Make CREATE/DROP/RENAME DATABASE> wait briefly for
conflicting backends to exit before failing (Tom)
This increases the likelihood that these commands will succeed.
Allow triggers and rules to be deactivated in groups using a
configuration parameter, for replication purposes (Jan)
This allows replication systems to disable triggers and rewrite
rules as a group without modifying the system catalogs directly.
The behavior is controlled by ALTER TABLE> and a new
parameter session_replication_role.
User-defined types can now have type modifiers (Teodor, Tom)
This allows a user-defined type to take a modifier, like
ssnum(7)>. Previously only built-in
data types could have modifiers.
Utility Commands
Non-superuser database owners now are able to add trusted procedural
languages to their databases by default (Jeremy Drake)
While this is reasonably safe, some administrators might wish to
revoke the privilege. It is controlled by
pg_pltemplate>.tmpldbacreate>.
Allow a session's current parameter setting to be used as the
default for future sessions (Tom)
This is done with SET ... FROM CURRENT in
CREATE/ALTER FUNCTION, ALTER
DATABASE, or ALTER ROLE.
Implement new commands DISCARD ALL,
DISCARD PLANS, DISCARD
TEMPORARY, CLOSE ALL, and
DEALLOCATE ALL (Marko Kreen, Neil)
These commands simplify resetting a database session to its initial
state, and are particularly useful for connection-pooling software.
Make CLUSTER MVCC-safe (Heikki Linnakangas)
Formerly, CLUSTER would discard all tuples
that were committed dead, even if there were still transactions
that should be able to see them under MVCC visibility rules.
Add new CLUSTER syntax: CLUSTER
table> USING index>
(Holger Schurig)
The old CLUSTER syntax is still supported, but
the new form is considered more logical.
Fix EXPLAIN so it can show complex plans
more accurately (Tom)
References to subplan outputs are now always shown correctly,
instead of using ?columnN>?
for complicated cases.
Limit the amount of information reported when a user is dropped
(Alvaro)
Previously, dropping (or attempting to drop) a user who owned many
objects could result in large NOTICE or
ERROR messages listing all these objects; this
caused problems for some client applications. The length of the
message is now limited, although a full list is still sent to the
server log.
Data Types
Support for the SQL/XML standard, including new operators and an
XML data type (Nikolay Samokhvalov, Pavel Stehule, Peter)
Enumerated data types (ENUM) (Tom Dunstan)
This feature provides convenient support for fields that have a
small, fixed set of allowed values. An example of creating an
ENUM> type is
CREATE TYPE mood AS ENUM ('sad', 'ok', 'happy')>.
Universally Unique Identifier (UUID>) data type (Gevik
Babakhani, Neil)
This closely matches RFC> 4122.
Widen the MONEY data type to 64 bits (D'Arcy Cain)
This greatly increases the range of supported MONEY>
values.
Fix float4/float8 to handle
Infinity> and NAN> (Not A Number)
consistently (Bruce)
The code formerly was not consistent about distinguishing
Infinity> from overflow conditions.
Allow leading and trailing whitespace during input of
boolean values (Neil)
Prevent COPY> from using digits and lowercase letters as
delimiters (Tom)
Functions
Add new regular expression functions
regexp_matches(),
regexp_split_to_array(), and
regexp_split_to_table() (Jeremy Drake, Neil)
These functions provide extraction of regular expression
subexpressions and allow splitting a string using a POSIX regular
expression.
Add lo_truncate() for large object truncation
(Kris Jurka)
Implement width_bucket() for the float8>
data type (Neil)
Add pg_stat_clear_snapshot() to discard
statistics snapshots collected during the current transaction
(Tom)
The first request for statistics in a transaction takes a statistics
snapshot that does not change during the transaction. This function
allows the snapshot to be discarded and a new snapshot loaded during
the next statistics query. This is particularly useful for PL/pgSQL
functions, which are confined to a single transaction.
Add isodow> option to EXTRACT()> and
date_part()> (Bruce)
This returns the day of the week, with Sunday as seven.
(dow> returns Sunday as zero.)
Add ID> (ISO day of week) and IDDD> (ISO
day of year) format codes for to_char()>,
to_date()>, and to_timestamp()> (Brendan
Jurd)
Make to_timestamp()> and to_date()>
assume TM (trim) option for potentially
variable-width fields (Bruce)
This matches Oracle>'s behavior.
Fix off-by-one conversion error in
to_date()/to_timestamp()D> (non-ISO day of week) fields (Bruce)
Make setseed() return void, rather than a
useless integer value (Neil)
Add a hash function for NUMERIC (Neil)
This allows hash indexes and hash-based plans to be used with
NUMERIC columns.
Improve efficiency of
LIKE/ILIKE, especially for
multi-byte character sets like UTF-8 (Andrew, Itagaki Takahiro)
Make currtid() functions require
SELECT privileges on the target table (Tom)
Add several txid_*() functions to query
active transaction IDs (Jan)
This is useful for various replication solutions.
PL/pgSQL Server-Side Language
Add scrollable cursor support, including directional control in
FETCH (Pavel Stehule)
Allow IN as an alternative to
FROM in PL/pgSQL's FETCH
statement, for consistency with the backend's
FETCH command (Pavel Stehule)
Add MOVE to PL/pgSQL (Magnus, Pavel Stehule,
Neil)
Implement RETURN QUERY (Pavel Stehule, Neil)
This adds convenient syntax for PL/pgSQL set-returning functions
that want to return the result of a query. RETURN QUERY>
is easier and more efficient than a loop
around RETURN NEXT.
Allow function parameter names to be qualified with the
function's name (Tom)
For example, myfunc.myvar>. This is particularly
useful for specifying variables in a query where the variable
name might match a column name.
Make qualification of variables with block labels work properly (Tom)
Formerly, outer-level block labels could unexpectedly interfere with
recognition of inner-level record or row references.
Tighten requirements for FOR loop
STEP> values (Tom)
Prevent non-positive STEP> values, and handle
loop overflows.
Improve accuracy when reporting syntax error locations (Tom)
Other Server-Side Languages
Allow type-name arguments to PL/Perl
spi_prepare() to be data type aliases in
addition to names found in pg_type (Andrew)
Allow type-name arguments to PL/Python
plpy.prepare() to be data type aliases in
addition to names found in pg_type (Andrew)
Allow type-name arguments to PL/Tcl spi_prepare> to
be data type aliases in addition to names found in
pg_type (Andrew)
Enable PL/PythonU to compile on Python 2.5 (Marko Kreen)
Support a true PL/Python boolean type in compatible Python versions
(Python 2.3 and later) (Marko Kreen)
Fix PL/Tcl problems with thread-enabled libtcl> spawning
multiple threads within the backend (Steve Marshall, Paul Bayer,
Doug Knight)
This caused all sorts of unpleasantness.
psql>
List disabled triggers separately in \d output
(Brendan Jurd)
In \d patterns, always match $
literally (Tom)
Show aggregate return types in \da output
(Greg Sabino Mullane)
Add the function's volatility status to the output of
\df+ (Neil)
Add \prompt capability (Chad Wagner)
Allow \pset, \t, and
\x to specify on> or off>,
rather than just toggling (Chad Wagner)
Add \sleep> capability (Jan)
Enable \timing> output for \copy> (Andrew)
Improve \timing resolution on Windows
(Itagaki Takahiro)
Flush \o> output after each backslash command (Tom)
Correctly detect and report errors while reading a -f>
input file (Peter)
Remove -u> option (this option has long been deprecated)
(Tom)
pg_dump>
Add --tablespaces-only> and --roles-only>
options to pg_dumpall (Dave Page)
Add an output file option to
pg_dumpall (Dave Page)
This is primarily useful on Windows, where output redirection of
child pg_dump processes does not work.
Allow pg_dumpall> to accept an initial-connection
database name rather than the default
template1 (Dave Page)
In -n> and -t> switches, always match
$ literally (Tom)
Improve performance when a database has thousands of objects (Tom)
Remove -u> option (this option has long been deprecated)
(Tom)
Other Client Applications
In initdb>, allow the location of the
pg_xlog directory to be specified
(Euler Taveira de Oliveira)
Enable server core dump generation in pg_regress>
on supported operating systems (Andrew)
Add a -t> (timeout) parameter to pg_ctl>
(Bruce)
This controls how long pg_ctl> will wait when waiting
for server startup or shutdown. Formerly the timeout was hard-wired
as 60 seconds.
Add a pg_ctl> option to control generation
of server core dumps (Andrew)
Allow Control-C to cancel clusterdb>,
reindexdb>, and vacuumdb> (Itagaki
Takahiro, Magnus)
Suppress command tag output for createdb>,
createuser>, dropdb>, and
dropuser> (Peter)
The --quiet> option is ignored and will be removed in 8.4.
Progress messages when acting on all databases now go to stdout
instead of stderr because they are not actually errors.
libpq>
Interpret the dbName> parameter of
PQsetdbLogin()> as a conninfo> string if
it contains an equals sign (Andrew)
This allows use of conninfo> strings in client
programs that still use PQsetdbLogin()>.
Support a global SSL> configuration file (Victor
Wagner)
Add environment variable PGSSLKEY> to control
SSL> hardware keys (Victor Wagner)
Add lo_truncate() for large object
truncation (Kris Jurka)
Add PQconnectionNeedsPassword() that returns
true if the server required a password but none was supplied
(Joe Conway, Tom)
If this returns true after a failed connection attempt, a client
application should prompt the user for a password. In the past
applications have had to check for a specific error message string to
decide whether a password is needed; that approach is now
deprecated.
Add PQconnectionUsedPassword() that returns
true if the supplied password was actually used
(Joe Conway, Tom)
This is useful in some security contexts where it is important
to know whether a user-supplied password is actually valid.
ecpg>
Use V3 frontend/backend protocol (Michael)
This adds support for server-side prepared statements.
Use native threads, instead of pthreads, on Windows (Magnus)
Improve thread-safety of ecpglib (Itagaki Takahiro)
Make the ecpg libraries export only necessary API symbols (Michael)
Windows> Port
Allow the whole PostgreSQL> distribution to be compiled
with Microsoft Visual C++> (Magnus and others)
This allows Windows-based developers to use familiar development
and debugging tools.
Windows executables made with Visual C++ might also have better
stability and performance than those made with other tool sets.
The client-only Visual C++ build scripts have been removed.
Drastically reduce postmaster's memory usage when it has many child
processes (Magnus)
Allow regression tests to be started by an administrative
user (Magnus)
Add native shared memory implementation (Magnus)
Server Programming Interface (SPI>)
Add cursor-related functionality in SPI (Pavel Stehule)
Allow access to the cursor-related planning options, and add
FETCH>/MOVE> routines.
Allow execution of cursor commands through
SPI_execute (Tom)
The macro SPI_ERROR_CURSOR> still exists but will
never be returned.
SPI plan pointers are now declared as SPIPlanPtr> instead of
void *> (Tom)
This does not break application code, but switching is
recommended to help catch simple programming mistakes.
Build Options
Add configure> option --enable-profiling>
to enable code profiling (works only with gcc>)
(Korry Douglas and Nikhil Sontakke)
Add configure> option --with-system-tzdata>
to use the operating system's time zone database (Peter)
Fix PGXS> so extensions can be built against PostgreSQL
installations whose pg_config> program does not
appear first in the PATH> (Tom)
Support gmake draft when building the
SGML> documentation (Bruce)
Unless draft> is used, the documentation build will
now be repeated if necessary to ensure the index is up-to-date.
Source Code
Rename macro DLLIMPORT> to PGDLLIMPORT> to
avoid conflicting with third party includes (like Tcl) that
define DLLIMPORT> (Magnus)
Create operator families to improve planning of
queries involving cross-data-type comparisons (Tom)
Update GIN extractQuery()> API to allow signalling
that nothing can satisfy the query (Teodor)
Move NAMEDATALEN> definition from
postgres_ext.h> to pg_config_manual.h>
(Peter)
Provide strlcpy() and
strlcat() on all platforms, and replace
error-prone uses of strncpy(),
strncat(), etc (Peter)
Create hooks to let an external plugin monitor (or even replace) the
planner and create plans for hypothetical situations (Gurjeet
Singh, Tom)
Create a function variable join_search_hook> to let plugins
override the join search order portion of the planner (Julius
Stroffek)
Add tas()> support for Renesas' M32R processor
(Kazuhiro Inaoka)
quote_identifier() and
pg_dump no longer quote keywords that are
unreserved according to the grammar (Tom)
Change the on-disk representation of the NUMERIC
data type so that the sign_dscale> word comes
before the weight (Tom)
Use SYSV> semaphores rather than POSIX on Darwin
>= 6.0, i.e., OS X 10.2 and up (Chris Marcellino)
Add acronym and NFS documentation
sections (Bruce)
"Postgres" is now documented as an accepted alias for
"PostgreSQL" (Peter)
Add documentation about preventing database server spoofing when
the server is down (Bruce)
Contrib
Move contrib> README> content into the
main PostgreSQL> documentation (Albert Cervera i
Areny)
Add contrib/pageinspect module for low-level
page inspection (Simon, Heikki)
Add contrib/pg_standby module for controlling
warm standby operation (Simon)
Add contrib/uuid-ossp module for generating
UUID> values using the OSSP UUID library (Peter)
Use configure>
--with-ossp-uuid to activate. This takes
advantage of the new UUID builtin type.
Add contrib/dict_int,
contrib/dict_xsyn, and
contrib/test_parser modules to provide
sample add-on text search dictionary templates and parsers
(Sergey Karpov)
Allow contrib/pgbench> to set the fillfactor (Pavan
Deolasee)
Add timestamps to contrib/pgbench> -l>
(Greg Smith)
Add usage count statistics to
contrib/pgbuffercache (Greg Smith)
Add GIN support for contrib/hstore> (Teodor)
Add GIN support for contrib/pg_trgm> (Guillaume Smet, Teodor)
Update OS/X startup scripts in
contrib/start-scripts (Mark Cotner, David
Fetter)
Restrict pgrowlocks() and
dblink_get_pkey() to users who have
SELECT privilege on the target table (Tom)
Restrict contrib/pgstattuple functions to
superusers (Tom)
contrib/xml2 is deprecated and planned for
removal in 8.4 (Peter)
The new XML support in core PostgreSQL supersedes this module.