11092 lines
311 KiB
Plaintext
11092 lines
311 KiB
Plaintext
<!-- doc/src/sgml/release-9.0.sgml -->
|
|
<!-- See header comment in release.sgml about typical markup -->
|
|
|
|
<sect1 id="release-9-0-23">
|
|
<title>Release 9.0.23</title>
|
|
|
|
<note>
|
|
<title>Release Date</title>
|
|
<simpara>2015-10-08</simpara>
|
|
</note>
|
|
|
|
<para>
|
|
This release contains a variety of fixes from 9.0.22.
|
|
For information about new features in the 9.0 major release, see
|
|
<xref linkend="release-9-0">.
|
|
</para>
|
|
|
|
<para>
|
|
This is expected to be the last <productname>PostgreSQL</> release
|
|
in the 9.0.X series. Users are encouraged to update to a newer
|
|
release branch soon.
|
|
</para>
|
|
|
|
<sect2>
|
|
<title>Migration to Version 9.0.23</title>
|
|
|
|
<para>
|
|
A dump/restore is not required for those running 9.0.X.
|
|
</para>
|
|
|
|
<para>
|
|
However, if you are upgrading from a version earlier than 9.0.18,
|
|
see <xref linkend="release-9-0-18">.
|
|
</para>
|
|
|
|
</sect2>
|
|
|
|
<sect2>
|
|
<title>Changes</title>
|
|
|
|
<itemizedlist>
|
|
|
|
<listitem>
|
|
<para>
|
|
Fix <filename>contrib/pgcrypto</> to detect and report
|
|
too-short <function>crypt()</> salts (Josh Kupershmidt)
|
|
</para>
|
|
|
|
<para>
|
|
Certain invalid salt arguments crashed the server or disclosed a few
|
|
bytes of server memory. We have not ruled out the viability of
|
|
attacks that arrange for presence of confidential information in the
|
|
disclosed bytes, but they seem unlikely. (CVE-2015-5288)
|
|
</para>
|
|
</listitem>
|
|
|
|
<listitem>
|
|
<para>
|
|
Fix subtransaction cleanup after a portal (cursor) belonging to an
|
|
outer subtransaction fails (Tom Lane, Michael Paquier)
|
|
</para>
|
|
|
|
<para>
|
|
A function executed in an outer-subtransaction cursor could cause an
|
|
assertion failure or crash by referencing a relation created within an
|
|
inner subtransaction.
|
|
</para>
|
|
</listitem>
|
|
|
|
<listitem>
|
|
<para>
|
|
Fix insertion of relations into the relation cache <quote>init file</>
|
|
(Tom Lane)
|
|
</para>
|
|
|
|
<para>
|
|
An oversight in a patch in the most recent minor releases
|
|
caused <structname>pg_trigger_tgrelid_tgname_index</> to be omitted
|
|
from the init file. Subsequent sessions detected this, then deemed the
|
|
init file to be broken and silently ignored it, resulting in a
|
|
significant degradation in session startup time. In addition to fixing
|
|
the bug, install some guards so that any similar future mistake will be
|
|
more obvious.
|
|
</para>
|
|
</listitem>
|
|
|
|
<listitem>
|
|
<para>
|
|
Avoid O(N^2) behavior when inserting many tuples into a SPI query
|
|
result (Neil Conway)
|
|
</para>
|
|
</listitem>
|
|
|
|
<listitem>
|
|
<para>
|
|
Improve <command>LISTEN</> startup time when there are many unread
|
|
notifications (Matt Newell)
|
|
</para>
|
|
</listitem>
|
|
|
|
<listitem>
|
|
<para>
|
|
Disable SSL renegotiation by default (Michael Paquier, Andres Freund)
|
|
</para>
|
|
|
|
<para>
|
|
While use of SSL renegotiation is a good idea in theory, we have seen
|
|
too many bugs in practice, both in the underlying OpenSSL library and
|
|
in our usage of it. Renegotiation will be removed entirely in 9.5 and
|
|
later. In the older branches, just change the default value
|
|
of <varname>ssl_renegotiation_limit</> to zero (disabled).
|
|
</para>
|
|
</listitem>
|
|
|
|
<listitem>
|
|
<para>
|
|
Lower the minimum values of the <literal>*_freeze_max_age</> parameters
|
|
(Andres Freund)
|
|
</para>
|
|
|
|
<para>
|
|
This is mainly to make tests of related behavior less time-consuming,
|
|
but it may also be of value for installations with limited disk space.
|
|
</para>
|
|
</listitem>
|
|
|
|
<listitem>
|
|
<para>
|
|
Limit the maximum value of <varname>wal_buffers</> to 2GB to avoid
|
|
server crashes (Josh Berkus)
|
|
</para>
|
|
</listitem>
|
|
|
|
<listitem>
|
|
<para>
|
|
Fix rare internal overflow in multiplication of <type>numeric</> values
|
|
(Dean Rasheed)
|
|
</para>
|
|
</listitem>
|
|
|
|
<listitem>
|
|
<para>
|
|
Guard against hard-to-reach stack overflows involving record types,
|
|
range types, <type>json</>, <type>jsonb</>, <type>tsquery</>,
|
|
<type>ltxtquery</> and <type>query_int</> (Noah Misch)
|
|
</para>
|
|
</listitem>
|
|
|
|
<listitem>
|
|
<para>
|
|
Fix handling of <literal>DOW</> and <literal>DOY</> in datetime input
|
|
(Greg Stark)
|
|
</para>
|
|
|
|
<para>
|
|
These tokens aren't meant to be used in datetime values, but previously
|
|
they resulted in opaque internal error messages rather
|
|
than <quote>invalid input syntax</>.
|
|
</para>
|
|
</listitem>
|
|
|
|
<listitem>
|
|
<para>
|
|
Add more query-cancel checks to regular expression matching (Tom Lane)
|
|
</para>
|
|
</listitem>
|
|
|
|
<listitem>
|
|
<para>
|
|
Add recursion depth protections to regular expression, <literal>SIMILAR
|
|
TO</>, and <literal>LIKE</> matching (Tom Lane)
|
|
</para>
|
|
|
|
<para>
|
|
Suitable search patterns and a low stack depth limit could lead to
|
|
stack-overrun crashes.
|
|
</para>
|
|
</listitem>
|
|
|
|
<listitem>
|
|
<para>
|
|
Fix potential infinite loop in regular expression execution (Tom Lane)
|
|
</para>
|
|
|
|
<para>
|
|
A search pattern that can apparently match a zero-length string, but
|
|
actually doesn't match because of a back reference, could lead to an
|
|
infinite loop.
|
|
</para>
|
|
</listitem>
|
|
|
|
<listitem>
|
|
<para>
|
|
Fix low-memory failures in regular expression compilation
|
|
(Andreas Seltenreich)
|
|
</para>
|
|
</listitem>
|
|
|
|
<listitem>
|
|
<para>
|
|
Fix low-probability memory leak during regular expression execution
|
|
(Tom Lane)
|
|
</para>
|
|
</listitem>
|
|
|
|
<listitem>
|
|
<para>
|
|
Fix rare low-memory failure in lock cleanup during transaction abort
|
|
(Tom Lane)
|
|
</para>
|
|
</listitem>
|
|
|
|
<listitem>
|
|
<para>
|
|
Fix <quote>unexpected out-of-memory situation during sort</> errors
|
|
when using tuplestores with small <varname>work_mem</> settings (Tom
|
|
Lane)
|
|
</para>
|
|
</listitem>
|
|
|
|
<listitem>
|
|
<para>
|
|
Fix very-low-probability stack overrun in <function>qsort</> (Tom Lane)
|
|
</para>
|
|
</listitem>
|
|
|
|
<listitem>
|
|
<para>
|
|
Fix <quote>invalid memory alloc request size</> failure in hash joins
|
|
with large <varname>work_mem</> settings (Tomas Vondra, Tom Lane)
|
|
</para>
|
|
</listitem>
|
|
|
|
<listitem>
|
|
<para>
|
|
Fix assorted planner bugs (Tom Lane)
|
|
</para>
|
|
|
|
<para>
|
|
These mistakes could lead to incorrect query plans that would give wrong
|
|
answers, or to assertion failures in assert-enabled builds, or to odd
|
|
planner errors such as <quote>could not devise a query plan for the
|
|
given query</>, <quote>could not find pathkey item to
|
|
sort</>, <quote>plan should not reference subplan's variable</>,
|
|
or <quote>failed to assign all NestLoopParams to plan nodes</>.
|
|
Thanks are due to Andreas Seltenreich and Piotr Stefaniak for fuzz
|
|
testing that exposed these problems.
|
|
</para>
|
|
</listitem>
|
|
|
|
<listitem>
|
|
<para>
|
|
Use fuzzy path cost tiebreaking rule in all supported branches (Tom Lane)
|
|
</para>
|
|
|
|
<para>
|
|
This change is meant to avoid platform-specific behavior when
|
|
alternative plan choices have effectively-identical estimated costs.
|
|
</para>
|
|
</listitem>
|
|
|
|
<listitem>
|
|
<para>
|
|
During postmaster shutdown, ensure that per-socket lock files are
|
|
removed and listen sockets are closed before we remove
|
|
the <filename>postmaster.pid</> file (Tom Lane)
|
|
</para>
|
|
|
|
<para>
|
|
This avoids race-condition failures if an external script attempts to
|
|
start a new postmaster as soon as <literal>pg_ctl stop</> returns.
|
|
</para>
|
|
</listitem>
|
|
|
|
<listitem>
|
|
<para>
|
|
Fix postmaster's handling of a startup-process crash during crash
|
|
recovery (Tom Lane)
|
|
</para>
|
|
|
|
<para>
|
|
If, during a crash recovery cycle, the startup process crashes without
|
|
having restored database consistency, we'd try to launch a new startup
|
|
process, which typically would just crash again, leading to an infinite
|
|
loop.
|
|
</para>
|
|
</listitem>
|
|
|
|
<listitem>
|
|
<para>
|
|
Do not print a <literal>WARNING</> when an autovacuum worker is already
|
|
gone when we attempt to signal it, and reduce log verbosity for such
|
|
signals (Tom Lane)
|
|
</para>
|
|
</listitem>
|
|
|
|
<listitem>
|
|
<para>
|
|
Prevent autovacuum launcher from sleeping unduly long if the server
|
|
clock is moved backwards a large amount (Álvaro Herrera)
|
|
</para>
|
|
</listitem>
|
|
|
|
<listitem>
|
|
<para>
|
|
Ensure that cleanup of a GIN index's pending-insertions list is
|
|
interruptable by cancel requests (Jeff Janes)
|
|
</para>
|
|
</listitem>
|
|
|
|
<listitem>
|
|
<para>
|
|
Allow all-zeroes pages in GIN indexes to be reused (Heikki Linnakangas)
|
|
</para>
|
|
|
|
<para>
|
|
Such a page might be left behind after a crash.
|
|
</para>
|
|
</listitem>
|
|
|
|
<listitem>
|
|
<para>
|
|
Fix off-by-one error that led to otherwise-harmless warnings
|
|
about <quote>apparent wraparound</> in subtrans/multixact truncation
|
|
(Thomas Munro)
|
|
</para>
|
|
</listitem>
|
|
|
|
<listitem>
|
|
<para>
|
|
Fix misreporting of <command>CONTINUE</> and <command>MOVE</> statement
|
|
types in <application>PL/pgSQL</>'s error context messages
|
|
(Pavel Stehule, Tom Lane)
|
|
</para>
|
|
</listitem>
|
|
|
|
<listitem>
|
|
<para>
|
|
Fix some places in <application>PL/Tcl</> that neglected to check for
|
|
failure of <function>malloc()</> calls (Michael Paquier, Álvaro
|
|
Herrera)
|
|
</para>
|
|
</listitem>
|
|
|
|
<listitem>
|
|
<para>
|
|
Improve <application>libpq</>'s handling of out-of-memory conditions
|
|
(Michael Paquier, Heikki Linnakangas)
|
|
</para>
|
|
</listitem>
|
|
|
|
<listitem>
|
|
<para>
|
|
Fix memory leaks and missing out-of-memory checks
|
|
in <application>ecpg</> (Michael Paquier)
|
|
</para>
|
|
</listitem>
|
|
|
|
<listitem>
|
|
<para>
|
|
Fix <application>psql</>'s code for locale-aware formatting of numeric
|
|
output (Tom Lane)
|
|
</para>
|
|
|
|
<para>
|
|
The formatting code invoked by <literal>\pset numericlocale on</>
|
|
did the wrong thing for some uncommon cases such as numbers with an
|
|
exponent but no decimal point. It could also mangle already-localized
|
|
output from the <type>money</> data type.
|
|
</para>
|
|
</listitem>
|
|
|
|
<listitem>
|
|
<para>
|
|
Prevent crash in <application>psql</>'s <command>\c</> command when
|
|
there is no current connection (Noah Misch)
|
|
</para>
|
|
</listitem>
|
|
|
|
<listitem>
|
|
<para>
|
|
Ensure that temporary files created during a <application>pg_dump</>
|
|
run with <acronym>tar</>-format output are not world-readable (Michael
|
|
Paquier)
|
|
</para>
|
|
</listitem>
|
|
|
|
<listitem>
|
|
<para>
|
|
Fix <application>pg_dump</> and <application>pg_upgrade</> to support
|
|
cases where the <literal>postgres</> or <literal>template1</> database
|
|
is in a non-default tablespace (Marti Raudsepp, Bruce Momjian)
|
|
</para>
|
|
</listitem>
|
|
|
|
<listitem>
|
|
<para>
|
|
Fix <application>pg_dump</> to handle object privileges sanely when
|
|
dumping from a server too old to have a particular privilege type
|
|
(Tom Lane)
|
|
</para>
|
|
|
|
<para>
|
|
When dumping functions or procedural languages from pre-7.3
|
|
servers, <application>pg_dump</> would
|
|
produce <command>GRANT</>/<command>REVOKE</> commands that revoked the
|
|
owner's grantable privileges and instead granted all privileges
|
|
to <literal>PUBLIC</>. Since the privileges involved are
|
|
just <literal>USAGE</> and <literal>EXECUTE</>, this isn't a security
|
|
problem, but it's certainly a surprising representation of the older
|
|
systems' behavior. Fix it to leave the default privilege state alone
|
|
in these cases.
|
|
</para>
|
|
</listitem>
|
|
|
|
<listitem>
|
|
<para>
|
|
Fix <application>pg_dump</> to dump shell types (Tom Lane)
|
|
</para>
|
|
|
|
<para>
|
|
Shell types (that is, not-yet-fully-defined types) aren't useful for
|
|
much, but nonetheless <application>pg_dump</> should dump them.
|
|
</para>
|
|
</listitem>
|
|
|
|
<listitem>
|
|
<para>
|
|
Fix spinlock assembly code for PPC hardware to be compatible
|
|
with <acronym>AIX</>'s native assembler (Tom Lane)
|
|
</para>
|
|
|
|
<para>
|
|
Building with <application>gcc</> didn't work if <application>gcc</>
|
|
had been configured to use the native assembler, which is becoming more
|
|
common.
|
|
</para>
|
|
</listitem>
|
|
|
|
<listitem>
|
|
<para>
|
|
On <acronym>AIX</>, test the <literal>-qlonglong</> compiler option
|
|
rather than just assuming it's safe to use (Noah Misch)
|
|
</para>
|
|
</listitem>
|
|
|
|
<listitem>
|
|
<para>
|
|
On <acronym>AIX</>, use <literal>-Wl,-brtllib</> link option to allow
|
|
symbols to be resolved at runtime (Noah Misch)
|
|
</para>
|
|
|
|
<para>
|
|
Perl relies on this ability in 5.8.0 and later.
|
|
</para>
|
|
</listitem>
|
|
|
|
<listitem>
|
|
<para>
|
|
Avoid use of inline functions when compiling with
|
|
32-bit <application>xlc</>, due to compiler bugs (Noah Misch)
|
|
</para>
|
|
</listitem>
|
|
|
|
<listitem>
|
|
<para>
|
|
Use <filename>librt</> for <function>sched_yield()</> when necessary,
|
|
which it is on some Solaris versions (Oskari Saarenmaa)
|
|
</para>
|
|
</listitem>
|
|
|
|
<listitem>
|
|
<para>
|
|
Fix Windows <filename>install.bat</> script to handle target directory
|
|
names that contain spaces (Heikki Linnakangas)
|
|
</para>
|
|
</listitem>
|
|
|
|
<listitem>
|
|
<para>
|
|
Make the numeric form of the <productname>PostgreSQL</> version number
|
|
(e.g., <literal>90405</>) readily available to extension Makefiles,
|
|
as a variable named <varname>VERSION_NUM</> (Michael Paquier)
|
|
</para>
|
|
</listitem>
|
|
|
|
<listitem>
|
|
<para>
|
|
Update time zone data files to <application>tzdata</> release 2015g for
|
|
DST law changes in Cayman Islands, Fiji, Moldova, Morocco, Norfolk
|
|
Island, North Korea, Turkey, and Uruguay. There is a new zone name
|
|
<literal>America/Fort_Nelson</> for the Canadian Northern Rockies.
|
|
</para>
|
|
</listitem>
|
|
|
|
</itemizedlist>
|
|
|
|
</sect2>
|
|
</sect1>
|
|
|
|
<sect1 id="release-9-0-22">
|
|
<title>Release 9.0.22</title>
|
|
|
|
<note>
|
|
<title>Release Date</title>
|
|
<simpara>2015-06-12</simpara>
|
|
</note>
|
|
|
|
<para>
|
|
This release contains a small number of fixes from 9.0.21.
|
|
For information about new features in the 9.0 major release, see
|
|
<xref linkend="release-9-0">.
|
|
</para>
|
|
|
|
<para>
|
|
The <productname>PostgreSQL</> community will stop releasing updates
|
|
for the 9.0.X release series in September 2015.
|
|
Users are encouraged to update to a newer release branch soon.
|
|
</para>
|
|
|
|
<sect2>
|
|
<title>Migration to Version 9.0.22</title>
|
|
|
|
<para>
|
|
A dump/restore is not required for those running 9.0.X.
|
|
</para>
|
|
|
|
<para>
|
|
However, if you are upgrading from a version earlier than 9.0.18,
|
|
see <xref linkend="release-9-0-18">.
|
|
</para>
|
|
|
|
</sect2>
|
|
|
|
<sect2>
|
|
<title>Changes</title>
|
|
|
|
<itemizedlist>
|
|
|
|
<listitem>
|
|
<para>
|
|
Fix rare failure to invalidate relation cache init file (Tom Lane)
|
|
</para>
|
|
|
|
<para>
|
|
With just the wrong timing of concurrent activity, a <command>VACUUM
|
|
FULL</> on a system catalog might fail to update the <quote>init file</>
|
|
that's used to avoid cache-loading work for new sessions. This would
|
|
result in later sessions being unable to access that catalog at all.
|
|
This is a very ancient bug, but it's so hard to trigger that no
|
|
reproducible case had been seen until recently.
|
|
</para>
|
|
</listitem>
|
|
|
|
<listitem>
|
|
<para>
|
|
Avoid deadlock between incoming sessions and <literal>CREATE/DROP
|
|
DATABASE</> (Tom Lane)
|
|
</para>
|
|
|
|
<para>
|
|
A new session starting in a database that is the target of
|
|
a <command>DROP DATABASE</> command, or is the template for
|
|
a <command>CREATE DATABASE</> command, could cause the command to wait
|
|
for five seconds and then fail, even if the new session would have
|
|
exited before that.
|
|
</para>
|
|
</listitem>
|
|
|
|
</itemizedlist>
|
|
|
|
</sect2>
|
|
</sect1>
|
|
|
|
<sect1 id="release-9-0-21">
|
|
<title>Release 9.0.21</title>
|
|
|
|
<note>
|
|
<title>Release Date</title>
|
|
<simpara>2015-06-04</simpara>
|
|
</note>
|
|
|
|
<para>
|
|
This release contains a small number of fixes from 9.0.20.
|
|
For information about new features in the 9.0 major release, see
|
|
<xref linkend="release-9-0">.
|
|
</para>
|
|
|
|
<para>
|
|
The <productname>PostgreSQL</> community will stop releasing updates
|
|
for the 9.0.X release series in September 2015.
|
|
Users are encouraged to update to a newer release branch soon.
|
|
</para>
|
|
|
|
<sect2>
|
|
<title>Migration to Version 9.0.21</title>
|
|
|
|
<para>
|
|
A dump/restore is not required for those running 9.0.X.
|
|
</para>
|
|
|
|
<para>
|
|
However, if you are upgrading from a version earlier than 9.0.18,
|
|
see <xref linkend="release-9-0-18">.
|
|
</para>
|
|
|
|
</sect2>
|
|
|
|
<sect2>
|
|
<title>Changes</title>
|
|
|
|
<itemizedlist>
|
|
|
|
<listitem>
|
|
<para>
|
|
Avoid failures while <function>fsync</>'ing data directory during
|
|
crash restart (Abhijit Menon-Sen, Tom Lane)
|
|
</para>
|
|
|
|
<para>
|
|
In the previous minor releases we added a patch to <function>fsync</>
|
|
everything in the data directory after a crash. Unfortunately its
|
|
response to any error condition was to fail, thereby preventing the
|
|
server from starting up, even when the problem was quite harmless.
|
|
An example is that an unwritable file in the data directory would
|
|
prevent restart on some platforms; but it is common to make SSL
|
|
certificate files unwritable by the server. Revise this behavior so
|
|
that permissions failures are ignored altogether, and other types of
|
|
failures are logged but do not prevent continuing.
|
|
</para>
|
|
</listitem>
|
|
|
|
<listitem>
|
|
<para>
|
|
Remove <application>configure</>'s check prohibiting linking to a
|
|
threaded <application>libpython</>
|
|
on <systemitem class="osname">OpenBSD</> (Tom Lane)
|
|
</para>
|
|
|
|
<para>
|
|
The failure this restriction was meant to prevent seems to not be a
|
|
problem anymore on current <systemitem class="osname">OpenBSD</>
|
|
versions.
|
|
</para>
|
|
</listitem>
|
|
|
|
<listitem>
|
|
<para>
|
|
Allow <application>libpq</> to use TLS protocol versions beyond v1
|
|
(Noah Misch)
|
|
</para>
|
|
|
|
<para>
|
|
For a long time, <application>libpq</> was coded so that the only SSL
|
|
protocol it would allow was TLS v1. Now that newer TLS versions are
|
|
becoming popular, allow it to negotiate the highest commonly-supported
|
|
TLS version with the server. (<productname>PostgreSQL</> servers were
|
|
already capable of such negotiation, so no change is needed on the
|
|
server side.) This is a back-patch of a change already released in
|
|
9.4.0.
|
|
</para>
|
|
</listitem>
|
|
|
|
</itemizedlist>
|
|
|
|
</sect2>
|
|
</sect1>
|
|
|
|
<sect1 id="release-9-0-20">
|
|
<title>Release 9.0.20</title>
|
|
|
|
<note>
|
|
<title>Release Date</title>
|
|
<simpara>2015-05-22</simpara>
|
|
</note>
|
|
|
|
<para>
|
|
This release contains a variety of fixes from 9.0.19.
|
|
For information about new features in the 9.0 major release, see
|
|
<xref linkend="release-9-0">.
|
|
</para>
|
|
|
|
<para>
|
|
The <productname>PostgreSQL</> community will stop releasing updates
|
|
for the 9.0.X release series in September 2015.
|
|
Users are encouraged to update to a newer release branch soon.
|
|
</para>
|
|
|
|
<sect2>
|
|
<title>Migration to Version 9.0.20</title>
|
|
|
|
<para>
|
|
A dump/restore is not required for those running 9.0.X.
|
|
</para>
|
|
|
|
<para>
|
|
However, if you are upgrading from a version earlier than 9.0.18,
|
|
see <xref linkend="release-9-0-18">.
|
|
</para>
|
|
|
|
</sect2>
|
|
|
|
<sect2>
|
|
<title>Changes</title>
|
|
|
|
<itemizedlist>
|
|
|
|
<listitem>
|
|
<para>
|
|
Avoid possible crash when client disconnects just before the
|
|
authentication timeout expires (Benkocs Norbert Attila)
|
|
</para>
|
|
|
|
<para>
|
|
If the timeout interrupt fired partway through the session shutdown
|
|
sequence, SSL-related state would be freed twice, typically causing a
|
|
crash and hence denial of service to other sessions. Experimentation
|
|
shows that an unauthenticated remote attacker could trigger the bug
|
|
somewhat consistently, hence treat as security issue.
|
|
(CVE-2015-3165)
|
|
</para>
|
|
</listitem>
|
|
|
|
<listitem>
|
|
<para>
|
|
Improve detection of system-call failures (Noah Misch)
|
|
</para>
|
|
|
|
<para>
|
|
Our replacement implementation of <function>snprintf()</> failed to
|
|
check for errors reported by the underlying system library calls;
|
|
the main case that might be missed is out-of-memory situations.
|
|
In the worst case this might lead to information exposure, due to our
|
|
code assuming that a buffer had been overwritten when it hadn't been.
|
|
Also, there were a few places in which security-relevant calls of other
|
|
system library functions did not check for failure.
|
|
</para>
|
|
|
|
<para>
|
|
It remains possible that some calls of the <function>*printf()</>
|
|
family of functions are vulnerable to information disclosure if an
|
|
out-of-memory error occurs at just the wrong time. We judge the risk
|
|
to not be large, but will continue analysis in this area.
|
|
(CVE-2015-3166)
|
|
</para>
|
|
</listitem>
|
|
|
|
<listitem>
|
|
<para>
|
|
In <filename>contrib/pgcrypto</>, uniformly report decryption failures
|
|
as <quote>Wrong key or corrupt data</> (Noah Misch)
|
|
</para>
|
|
|
|
<para>
|
|
Previously, some cases of decryption with an incorrect key could report
|
|
other error message texts. It has been shown that such variance in
|
|
error reports can aid attackers in recovering keys from other systems.
|
|
While it's unknown whether <filename>pgcrypto</>'s specific behaviors
|
|
are likewise exploitable, it seems better to avoid the risk by using a
|
|
one-size-fits-all message.
|
|
(CVE-2015-3167)
|
|
</para>
|
|
</listitem>
|
|
|
|
<listitem>
|
|
<para>
|
|
Fix incorrect checking of deferred exclusion constraints after a HOT
|
|
update (Tom Lane)
|
|
</para>
|
|
|
|
<para>
|
|
If a new row that potentially violates a deferred exclusion constraint
|
|
is HOT-updated (that is, no indexed columns change and the row can be
|
|
stored back onto the same table page) later in the same transaction,
|
|
the exclusion constraint would be reported as violated when the check
|
|
finally occurred, even if the row(s) the new row originally conflicted
|
|
with had been deleted.
|
|
</para>
|
|
</listitem>
|
|
|
|
<listitem>
|
|
<para>
|
|
Prevent improper reordering of antijoins (NOT EXISTS joins) versus
|
|
other outer joins (Tom Lane)
|
|
</para>
|
|
|
|
<para>
|
|
This oversight in the planner has been observed to cause <quote>could
|
|
not find RelOptInfo for given relids</> errors, but it seems possible
|
|
that sometimes an incorrect query plan might get past that consistency
|
|
check and result in silently-wrong query output.
|
|
</para>
|
|
</listitem>
|
|
|
|
<listitem>
|
|
<para>
|
|
Fix incorrect matching of subexpressions in outer-join plan nodes
|
|
(Tom Lane)
|
|
</para>
|
|
|
|
<para>
|
|
Previously, if textually identical non-strict subexpressions were used
|
|
both above and below an outer join, the planner might try to re-use
|
|
the value computed below the join, which would be incorrect because the
|
|
executor would force the value to NULL in case of an unmatched outer row.
|
|
</para>
|
|
</listitem>
|
|
|
|
<listitem>
|
|
<para>
|
|
Fix GEQO planner to cope with failure of its join order heuristic
|
|
(Tom Lane)
|
|
</para>
|
|
|
|
<para>
|
|
This oversight has been seen to lead to <quote>failed to join all
|
|
relations together</> errors in queries involving <literal>LATERAL</>,
|
|
and that might happen in other cases as well.
|
|
</para>
|
|
</listitem>
|
|
|
|
<listitem>
|
|
<para>
|
|
Fix possible deadlock at startup
|
|
when <literal>max_prepared_transactions</> is too small
|
|
(Heikki Linnakangas)
|
|
</para>
|
|
</listitem>
|
|
|
|
<listitem>
|
|
<para>
|
|
Don't archive useless preallocated WAL files after a timeline switch
|
|
(Heikki Linnakangas)
|
|
</para>
|
|
</listitem>
|
|
|
|
<listitem>
|
|
<para>
|
|
Avoid <quote>cannot GetMultiXactIdMembers() during recovery</> error
|
|
(Álvaro Herrera)
|
|
</para>
|
|
</listitem>
|
|
|
|
<listitem>
|
|
<para>
|
|
Recursively <function>fsync()</> the data directory after a crash
|
|
(Abhijit Menon-Sen, Robert Haas)
|
|
</para>
|
|
|
|
<para>
|
|
This ensures consistency if another crash occurs shortly later. (The
|
|
second crash would have to be a system-level crash, not just a database
|
|
crash, for there to be a problem.)
|
|
</para>
|
|
</listitem>
|
|
|
|
<listitem>
|
|
<para>
|
|
Fix autovacuum launcher's possible failure to shut down, if an error
|
|
occurs after it receives SIGTERM (Álvaro Herrera)
|
|
</para>
|
|
</listitem>
|
|
|
|
<listitem>
|
|
<para>
|
|
Cope with unexpected signals in <function>LockBufferForCleanup()</>
|
|
(Andres Freund)
|
|
</para>
|
|
|
|
<para>
|
|
This oversight could result in spurious errors about <quote>multiple
|
|
backends attempting to wait for pincount 1</>.
|
|
</para>
|
|
</listitem>
|
|
|
|
<listitem>
|
|
<para>
|
|
Avoid waiting for WAL flush or synchronous replication during commit of
|
|
a transaction that was read-only so far as the user is concerned
|
|
(Andres Freund)
|
|
</para>
|
|
|
|
<para>
|
|
Previously, a delay could occur at commit in transactions that had
|
|
written WAL due to HOT page pruning, leading to undesirable effects
|
|
such as sessions getting stuck at startup if all synchronous replicas
|
|
are down. Sessions have also been observed to get stuck in catchup
|
|
interrupt processing when using synchronous replication; this will fix
|
|
that problem as well.
|
|
</para>
|
|
</listitem>
|
|
|
|
<listitem>
|
|
<para>
|
|
Fix crash when manipulating hash indexes on temporary tables
|
|
(Heikki Linnakangas)
|
|
</para>
|
|
</listitem>
|
|
|
|
<listitem>
|
|
<para>
|
|
Fix possible failure during hash index bucket split, if other processes
|
|
are modifying the index concurrently (Tom Lane)
|
|
</para>
|
|
</listitem>
|
|
|
|
<listitem>
|
|
<para>
|
|
Check for interrupts while analyzing index expressions (Jeff Janes)
|
|
</para>
|
|
|
|
<para>
|
|
<command>ANALYZE</> executes index expressions many times; if there are
|
|
slow functions in such an expression, it's desirable to be able to
|
|
cancel the <command>ANALYZE</> before that loop finishes.
|
|
</para>
|
|
</listitem>
|
|
|
|
<listitem>
|
|
<para>
|
|
Add the name of the target server to object description strings for
|
|
foreign-server user mappings (Álvaro Herrera)
|
|
</para>
|
|
</listitem>
|
|
|
|
<listitem>
|
|
<para>
|
|
Recommend setting <literal>include_realm</> to 1 when using
|
|
Kerberos/GSSAPI/SSPI authentication (Stephen Frost)
|
|
</para>
|
|
|
|
<para>
|
|
Without this, identically-named users from different realms cannot be
|
|
distinguished. For the moment this is only a documentation change, but
|
|
it will become the default setting in <productname>PostgreSQL</> 9.5.
|
|
</para>
|
|
</listitem>
|
|
|
|
<listitem>
|
|
<para>
|
|
Remove code for matching IPv4 <filename>pg_hba.conf</> entries to
|
|
IPv4-in-IPv6 addresses (Tom Lane)
|
|
</para>
|
|
|
|
<para>
|
|
This hack was added in 2003 in response to a report that some Linux
|
|
kernels of the time would report IPv4 connections as having
|
|
IPv4-in-IPv6 addresses. However, the logic was accidentally broken in
|
|
9.0. The lack of any field complaints since then shows that it's not
|
|
needed anymore. Now we have reports that the broken code causes
|
|
crashes on some systems, so let's just remove it rather than fix it.
|
|
(Had we chosen to fix it, that would make for a subtle and potentially
|
|
security-sensitive change in the effective meaning of
|
|
IPv4 <filename>pg_hba.conf</> entries, which does not seem like a good
|
|
thing to do in minor releases.)
|
|
</para>
|
|
</listitem>
|
|
|
|
<listitem>
|
|
<para>
|
|
While shutting down service on Windows, periodically send status
|
|
updates to the Service Control Manager to prevent it from killing the
|
|
service too soon; and ensure that <application>pg_ctl</> will wait for
|
|
shutdown (Krystian Bigaj)
|
|
</para>
|
|
</listitem>
|
|
|
|
<listitem>
|
|
<para>
|
|
Reduce risk of network deadlock when using <application>libpq</>'s
|
|
non-blocking mode (Heikki Linnakangas)
|
|
</para>
|
|
|
|
<para>
|
|
When sending large volumes of data, it's important to drain the input
|
|
buffer every so often, in case the server has sent enough response data
|
|
to cause it to block on output. (A typical scenario is that the server
|
|
is sending a stream of NOTICE messages during <literal>COPY FROM
|
|
STDIN</>.) This worked properly in the normal blocking mode, but not
|
|
so much in non-blocking mode. We've modified <application>libpq</>
|
|
to opportunistically drain input when it can, but a full defense
|
|
against this problem requires application cooperation: the application
|
|
should watch for socket read-ready as well as write-ready conditions,
|
|
and be sure to call <function>PQconsumeInput()</> upon read-ready.
|
|
</para>
|
|
</listitem>
|
|
|
|
<listitem>
|
|
<para>
|
|
Fix array handling in <application>ecpg</> (Michael Meskes)
|
|
</para>
|
|
</listitem>
|
|
|
|
<listitem>
|
|
<para>
|
|
Fix <application>psql</> to sanely handle URIs and conninfo strings as
|
|
the first parameter to <command>\connect</>
|
|
(David Fetter, Andrew Dunstan, Álvaro Herrera)
|
|
</para>
|
|
|
|
<para>
|
|
This syntax has been accepted (but undocumented) for a long time, but
|
|
previously some parameters might be taken from the old connection
|
|
instead of the given string, which was agreed to be undesirable.
|
|
</para>
|
|
</listitem>
|
|
|
|
<listitem>
|
|
<para>
|
|
Suppress incorrect complaints from <application>psql</> on some
|
|
platforms that it failed to write <filename>~/.psql_history</> at exit
|
|
(Tom Lane)
|
|
</para>
|
|
|
|
<para>
|
|
This misbehavior was caused by a workaround for a bug in very old
|
|
(pre-2006) versions of <application>libedit</>. We fixed it by
|
|
removing the workaround, which will cause a similar failure to appear
|
|
for anyone still using such versions of <application>libedit</>.
|
|
Recommendation: upgrade that library, or use <application>libreadline</>.
|
|
</para>
|
|
</listitem>
|
|
|
|
<listitem>
|
|
<para>
|
|
Fix <application>pg_dump</>'s rule for deciding which casts are
|
|
system-provided casts that should not be dumped (Tom Lane)
|
|
</para>
|
|
</listitem>
|
|
|
|
<listitem>
|
|
<para>
|
|
Fix dumping of views that are just <literal>VALUES(...)</> but have
|
|
column aliases (Tom Lane)
|
|
</para>
|
|
</listitem>
|
|
|
|
<listitem>
|
|
<para>
|
|
In <application>pg_upgrade</>, force timeline 1 in the new cluster
|
|
(Bruce Momjian)
|
|
</para>
|
|
|
|
<para>
|
|
This change prevents upgrade failures caused by bogus complaints about
|
|
missing WAL history files.
|
|
</para>
|
|
</listitem>
|
|
|
|
<listitem>
|
|
<para>
|
|
In <application>pg_upgrade</>, check for improperly non-connectable
|
|
databases before proceeding
|
|
(Bruce Momjian)
|
|
</para>
|
|
</listitem>
|
|
|
|
<listitem>
|
|
<para>
|
|
In <application>pg_upgrade</>, quote directory paths
|
|
properly in the generated <literal>delete_old_cluster</> script
|
|
(Bruce Momjian)
|
|
</para>
|
|
</listitem>
|
|
|
|
<listitem>
|
|
<para>
|
|
In <application>pg_upgrade</>, preserve database-level freezing info
|
|
properly
|
|
(Bruce Momjian)
|
|
</para>
|
|
|
|
<para>
|
|
This oversight could cause missing-clog-file errors for tables within
|
|
the <literal>postgres</> and <literal>template1</> databases.
|
|
</para>
|
|
</listitem>
|
|
|
|
<listitem>
|
|
<para>
|
|
Run <application>pg_upgrade</> and <application>pg_resetxlog</> with
|
|
restricted privileges on Windows, so that they don't fail when run by
|
|
an administrator (Muhammad Asif Naeem)
|
|
</para>
|
|
</listitem>
|
|
|
|
<listitem>
|
|
<para>
|
|
Fix slow sorting algorithm in <filename>contrib/intarray</> (Tom Lane)
|
|
</para>
|
|
</listitem>
|
|
|
|
<listitem>
|
|
<para>
|
|
Fix compile failure on Sparc V8 machines (Rob Rowan)
|
|
</para>
|
|
</listitem>
|
|
|
|
<listitem>
|
|
<para>
|
|
Update time zone data files to <application>tzdata</> release 2015d
|
|
for DST law changes in Egypt, Mongolia, and Palestine, plus historical
|
|
changes in Canada and Chile. Also adopt revised zone abbreviations for
|
|
the America/Adak zone (HST/HDT not HAST/HADT).
|
|
</para>
|
|
</listitem>
|
|
|
|
</itemizedlist>
|
|
|
|
</sect2>
|
|
</sect1>
|
|
|
|
<sect1 id="release-9-0-19">
|
|
<title>Release 9.0.19</title>
|
|
|
|
<note>
|
|
<title>Release Date</title>
|
|
<simpara>2015-02-05</simpara>
|
|
</note>
|
|
|
|
<para>
|
|
This release contains a variety of fixes from 9.0.18.
|
|
For information about new features in the 9.0 major release, see
|
|
<xref linkend="release-9-0">.
|
|
</para>
|
|
|
|
<sect2>
|
|
<title>Migration to Version 9.0.19</title>
|
|
|
|
<para>
|
|
A dump/restore is not required for those running 9.0.X.
|
|
</para>
|
|
|
|
<para>
|
|
However, if you are upgrading from a version earlier than 9.0.18,
|
|
see <xref linkend="release-9-0-18">.
|
|
</para>
|
|
|
|
</sect2>
|
|
|
|
<sect2>
|
|
<title>Changes</title>
|
|
|
|
<itemizedlist>
|
|
|
|
<listitem>
|
|
<para>
|
|
Fix buffer overruns in <function>to_char()</>
|
|
(Bruce Momjian)
|
|
</para>
|
|
|
|
<para>
|
|
When <function>to_char()</> processes a numeric formatting template
|
|
calling for a large number of digits, <productname>PostgreSQL</>
|
|
would read past the end of a buffer. When processing a crafted
|
|
timestamp formatting template, <productname>PostgreSQL</> would write
|
|
past the end of a buffer. Either case could crash the server.
|
|
We have not ruled out the possibility of attacks that lead to
|
|
privilege escalation, though they seem unlikely.
|
|
(CVE-2015-0241)
|
|
</para>
|
|
</listitem>
|
|
|
|
<listitem>
|
|
<para>
|
|
Fix buffer overrun in replacement <function>*printf()</> functions
|
|
(Tom Lane)
|
|
</para>
|
|
|
|
<para>
|
|
<productname>PostgreSQL</> includes a replacement implementation
|
|
of <function>printf</> and related functions. This code will overrun
|
|
a stack buffer when formatting a floating point number (conversion
|
|
specifiers <literal>e</>, <literal>E</>, <literal>f</>, <literal>F</>,
|
|
<literal>g</> or <literal>G</>) with requested precision greater than
|
|
about 500. This will crash the server, and we have not ruled out the
|
|
possibility of attacks that lead to privilege escalation.
|
|
A database user can trigger such a buffer overrun through
|
|
the <function>to_char()</> SQL function. While that is the only
|
|
affected core <productname>PostgreSQL</> functionality, extension
|
|
modules that use printf-family functions may be at risk as well.
|
|
</para>
|
|
|
|
<para>
|
|
This issue primarily affects <productname>PostgreSQL</> on Windows.
|
|
<productname>PostgreSQL</> uses the system implementation of these
|
|
functions where adequate, which it is on other modern platforms.
|
|
(CVE-2015-0242)
|
|
</para>
|
|
</listitem>
|
|
|
|
<listitem>
|
|
<para>
|
|
Fix buffer overruns in <filename>contrib/pgcrypto</>
|
|
(Marko Tiikkaja, Noah Misch)
|
|
</para>
|
|
|
|
<para>
|
|
Errors in memory size tracking within the <filename>pgcrypto</>
|
|
module permitted stack buffer overruns and improper dependence on the
|
|
contents of uninitialized memory. The buffer overrun cases can
|
|
crash the server, and we have not ruled out the possibility of
|
|
attacks that lead to privilege escalation.
|
|
(CVE-2015-0243)
|
|
</para>
|
|
</listitem>
|
|
|
|
<listitem>
|
|
<para>
|
|
Fix possible loss of frontend/backend protocol synchronization after
|
|
an error
|
|
(Heikki Linnakangas)
|
|
</para>
|
|
|
|
<para>
|
|
If any error occurred while the server was in the middle of reading a
|
|
protocol message from the client, it could lose synchronization and
|
|
incorrectly try to interpret part of the message's data as a new
|
|
protocol message. An attacker able to submit crafted binary data
|
|
within a command parameter might succeed in injecting his own SQL
|
|
commands this way. Statement timeout and query cancellation are the
|
|
most likely sources of errors triggering this scenario. Particularly
|
|
vulnerable are applications that use a timeout and also submit
|
|
arbitrary user-crafted data as binary query parameters. Disabling
|
|
statement timeout will reduce, but not eliminate, the risk of
|
|
exploit. Our thanks to Emil Lenngren for reporting this issue.
|
|
(CVE-2015-0244)
|
|
</para>
|
|
</listitem>
|
|
|
|
<listitem>
|
|
<para>
|
|
Fix information leak via constraint-violation error messages
|
|
(Stephen Frost)
|
|
</para>
|
|
|
|
<para>
|
|
Some server error messages show the values of columns that violate
|
|
a constraint, such as a unique constraint. If the user does not have
|
|
<literal>SELECT</> privilege on all columns of the table, this could
|
|
mean exposing values that the user should not be able to see. Adjust
|
|
the code so that values are displayed only when they came from the SQL
|
|
command or could be selected by the user.
|
|
(CVE-2014-8161)
|
|
</para>
|
|
</listitem>
|
|
|
|
<listitem>
|
|
<para>
|
|
Lock down regression testing's temporary installations on Windows
|
|
(Noah Misch)
|
|
</para>
|
|
|
|
<para>
|
|
Use SSPI authentication to allow connections only from the OS user
|
|
who launched the test suite. This closes on Windows the same
|
|
vulnerability previously closed on other platforms, namely that other
|
|
users might be able to connect to the test postmaster.
|
|
(CVE-2014-0067)
|
|
</para>
|
|
</listitem>
|
|
|
|
<listitem>
|
|
<para>
|
|
Avoid possible data corruption if <command>ALTER DATABASE SET
|
|
TABLESPACE</> is used to move a database to a new tablespace and then
|
|
shortly later move it back to its original tablespace (Tom Lane)
|
|
</para>
|
|
</listitem>
|
|
|
|
<listitem>
|
|
<para>
|
|
Avoid corrupting tables when <command>ANALYZE</> inside a transaction
|
|
is rolled back (Andres Freund, Tom Lane, Michael Paquier)
|
|
</para>
|
|
|
|
<para>
|
|
If the failing transaction had earlier removed the last index, rule, or
|
|
trigger from the table, the table would be left in a corrupted state
|
|
with the relevant <structname>pg_class</> flags not set though they
|
|
should be.
|
|
</para>
|
|
</listitem>
|
|
|
|
<listitem>
|
|
<para>
|
|
Fix use-of-already-freed-memory problem in EvalPlanQual processing
|
|
(Tom Lane)
|
|
</para>
|
|
|
|
<para>
|
|
In <literal>READ COMMITTED</> mode, queries that lock or update
|
|
recently-updated rows could crash as a result of this bug.
|
|
</para>
|
|
</listitem>
|
|
|
|
<listitem>
|
|
<para>
|
|
Fix planning of <command>SELECT FOR UPDATE</> when using a partial
|
|
index on a child table (Kyotaro Horiguchi)
|
|
</para>
|
|
|
|
<para>
|
|
In <literal>READ COMMITTED</> mode, <command>SELECT FOR UPDATE</> must
|
|
also recheck the partial index's <literal>WHERE</> condition when
|
|
rechecking a recently-updated row to see if it still satisfies the
|
|
query's <literal>WHERE</> condition. This requirement was missed if the
|
|
index belonged to an inheritance child table, so that it was possible
|
|
to incorrectly return rows that no longer satisfy the query condition.
|
|
</para>
|
|
</listitem>
|
|
|
|
<listitem>
|
|
<para>
|
|
Fix corner case wherein <command>SELECT FOR UPDATE</> could return a row
|
|
twice, and possibly miss returning other rows (Tom Lane)
|
|
</para>
|
|
|
|
<para>
|
|
In <literal>READ COMMITTED</> mode, a <command>SELECT FOR UPDATE</>
|
|
that is scanning an inheritance tree could incorrectly return a row
|
|
from a prior child table instead of the one it should return from a
|
|
later child table.
|
|
</para>
|
|
</listitem>
|
|
|
|
<listitem>
|
|
<para>
|
|
Reject duplicate column names in the referenced-columns list of
|
|
a <literal>FOREIGN KEY</> declaration (David Rowley)
|
|
</para>
|
|
|
|
<para>
|
|
This restriction is per SQL standard. Previously we did not reject
|
|
the case explicitly, but later on the code would fail with
|
|
bizarre-looking errors.
|
|
</para>
|
|
</listitem>
|
|
|
|
<listitem>
|
|
<para>
|
|
Fix bugs in raising a <type>numeric</> value to a large integral power
|
|
(Tom Lane)
|
|
</para>
|
|
|
|
<para>
|
|
The previous code could get a wrong answer, or consume excessive
|
|
amounts of time and memory before realizing that the answer must
|
|
overflow.
|
|
</para>
|
|
</listitem>
|
|
|
|
<listitem>
|
|
<para>
|
|
In <function>numeric_recv()</>, truncate away any fractional digits
|
|
that would be hidden according to the value's <literal>dscale</> field
|
|
(Tom Lane)
|
|
</para>
|
|
|
|
<para>
|
|
A <type>numeric</> value's display scale (<literal>dscale</>) should
|
|
never be less than the number of nonzero fractional digits; but
|
|
apparently there's at least one broken client application that
|
|
transmits binary <type>numeric</> values in which that's true.
|
|
This leads to strange behavior since the extra digits are taken into
|
|
account by arithmetic operations even though they aren't printed.
|
|
The least risky fix seems to be to truncate away such <quote>hidden</>
|
|
digits on receipt, so that the value is indeed what it prints as.
|
|
</para>
|
|
</listitem>
|
|
|
|
<listitem>
|
|
<para>
|
|
Reject out-of-range numeric timezone specifications (Tom Lane)
|
|
</para>
|
|
|
|
<para>
|
|
Simple numeric timezone specifications exceeding +/- 168 hours (one
|
|
week) would be accepted, but could then cause null-pointer dereference
|
|
crashes in certain operations. There's no use-case for such large UTC
|
|
offsets, so reject them.
|
|
</para>
|
|
</listitem>
|
|
|
|
<listitem>
|
|
<para>
|
|
Fix bugs in <type>tsquery</> <literal>@></> <type>tsquery</>
|
|
operator (Heikki Linnakangas)
|
|
</para>
|
|
|
|
<para>
|
|
Two different terms would be considered to match if they had the same
|
|
CRC. Also, if the second operand had more terms than the first, it
|
|
would be assumed not to be contained in the first; which is wrong
|
|
since it might contain duplicate terms.
|
|
</para>
|
|
</listitem>
|
|
|
|
<listitem>
|
|
<para>
|
|
Improve ispell dictionary's defenses against bad affix files (Tom Lane)
|
|
</para>
|
|
</listitem>
|
|
|
|
<listitem>
|
|
<para>
|
|
Allow more than 64K phrases in a thesaurus dictionary (David Boutin)
|
|
</para>
|
|
|
|
<para>
|
|
The previous coding could crash on an oversize dictionary, so this was
|
|
deemed a back-patchable bug fix rather than a feature addition.
|
|
</para>
|
|
</listitem>
|
|
|
|
<listitem>
|
|
<para>
|
|
Fix namespace handling in <function>xpath()</> (Ali Akbar)
|
|
</para>
|
|
|
|
<para>
|
|
Previously, the <type>xml</> value resulting from
|
|
an <function>xpath()</> call would not have namespace declarations if
|
|
the namespace declarations were attached to an ancestor element in the
|
|
input <type>xml</> value, rather than to the specific element being
|
|
returned. Propagate the ancestral declaration so that the result is
|
|
correct when considered in isolation.
|
|
</para>
|
|
</listitem>
|
|
|
|
<listitem>
|
|
<para>
|
|
Fix planner problems with nested append relations, such as inherited
|
|
tables within <literal>UNION ALL</> subqueries (Tom Lane)
|
|
</para>
|
|
</listitem>
|
|
|
|
<listitem>
|
|
<para>
|
|
Fail cleanly when a GiST index tuple doesn't fit on a page, rather
|
|
than going into infinite recursion (Andrew Gierth)
|
|
</para>
|
|
</listitem>
|
|
|
|
<listitem>
|
|
<para>
|
|
Exempt tables that have per-table <varname>cost_limit</>
|
|
and/or <varname>cost_delay</> settings from autovacuum's global cost
|
|
balancing rules (Álvaro Herrera)
|
|
</para>
|
|
|
|
<para>
|
|
The previous behavior resulted in basically ignoring these per-table
|
|
settings, which was unintended. Now, a table having such settings
|
|
will be vacuumed using those settings, independently of what is going
|
|
on in other autovacuum workers. This may result in heavier total I/O
|
|
load than before, so such settings should be re-examined for sanity.
|
|
</para>
|
|
</listitem>
|
|
|
|
<listitem>
|
|
<para>
|
|
Avoid wholesale autovacuuming when autovacuum is nominally off
|
|
(Tom Lane)
|
|
</para>
|
|
|
|
<para>
|
|
Even when autovacuum is nominally off, we will still launch autovacuum
|
|
worker processes to vacuum tables that are at risk of XID wraparound.
|
|
However, such a worker process then proceeded to vacuum all tables in
|
|
the target database, if they met the usual thresholds for
|
|
autovacuuming. This is at best pretty unexpected; at worst it delays
|
|
response to the wraparound threat. Fix it so that if autovacuum is
|
|
turned off, workers <emphasis>only</> do anti-wraparound vacuums and
|
|
not any other work.
|
|
</para>
|
|
</listitem>
|
|
|
|
<listitem>
|
|
<para>
|
|
Fix race condition between hot standby queries and replaying a
|
|
full-page image (Heikki Linnakangas)
|
|
</para>
|
|
|
|
<para>
|
|
This mistake could result in transient errors in queries being
|
|
executed in hot standby.
|
|
</para>
|
|
</listitem>
|
|
|
|
<listitem>
|
|
<para>
|
|
Fix several cases where recovery logic improperly ignored WAL records
|
|
for <literal>COMMIT/ABORT PREPARED</> (Heikki Linnakangas)
|
|
</para>
|
|
|
|
<para>
|
|
The most notable oversight was
|
|
that <varname>recovery_target_xid</> could not be used to stop at
|
|
a two-phase commit.
|
|
</para>
|
|
</listitem>
|
|
|
|
<listitem>
|
|
<para>
|
|
Avoid creating unnecessary <filename>.ready</> marker files for
|
|
timeline history files (Fujii Masao)
|
|
</para>
|
|
</listitem>
|
|
|
|
<listitem>
|
|
<para>
|
|
Fix possible null pointer dereference when an empty prepared statement
|
|
is used and the <varname>log_statement</> setting is <literal>mod</>
|
|
or <literal>ddl</> (Fujii Masao)
|
|
</para>
|
|
</listitem>
|
|
|
|
<listitem>
|
|
<para>
|
|
Change <quote>pgstat wait timeout</> warning message to be LOG level,
|
|
and rephrase it to be more understandable (Tom Lane)
|
|
</para>
|
|
|
|
<para>
|
|
This message was originally thought to be essentially a can't-happen
|
|
case, but it occurs often enough on our slower buildfarm members to be
|
|
a nuisance. Reduce it to LOG level, and expend a bit more effort on
|
|
the wording: it now reads <quote>using stale statistics instead of
|
|
current ones because stats collector is not responding</>.
|
|
</para>
|
|
</listitem>
|
|
|
|
<listitem>
|
|
<para>
|
|
Fix SPARC spinlock implementation to ensure correctness if the CPU is
|
|
being run in a non-TSO coherency mode, as some non-Solaris kernels do
|
|
(Andres Freund)
|
|
</para>
|
|
</listitem>
|
|
|
|
<listitem>
|
|
<para>
|
|
Warn if OS X's <function>setlocale()</> starts an unwanted extra
|
|
thread inside the postmaster (Noah Misch)
|
|
</para>
|
|
</listitem>
|
|
|
|
<listitem>
|
|
<para>
|
|
Fix processing of repeated <literal>dbname</> parameters
|
|
in <function>PQconnectdbParams()</> (Alex Shulgin)
|
|
</para>
|
|
|
|
<para>
|
|
Unexpected behavior ensued if the first occurrence
|
|
of <literal>dbname</> contained a connection string or URI to be
|
|
expanded.
|
|
</para>
|
|
</listitem>
|
|
|
|
<listitem>
|
|
<para>
|
|
Ensure that <application>libpq</> reports a suitable error message on
|
|
unexpected socket EOF (Marko Tiikkaja, Tom Lane)
|
|
</para>
|
|
|
|
<para>
|
|
Depending on kernel behavior, <application>libpq</> might return an
|
|
empty error string rather than something useful when the server
|
|
unexpectedly closed the socket.
|
|
</para>
|
|
</listitem>
|
|
|
|
<listitem>
|
|
<para>
|
|
Clear any old error message during <function>PQreset()</>
|
|
(Heikki Linnakangas)
|
|
</para>
|
|
|
|
<para>
|
|
If <function>PQreset()</> is called repeatedly, and the connection
|
|
cannot be re-established, error messages from the failed connection
|
|
attempts kept accumulating in the <structname>PGconn</>'s error
|
|
string.
|
|
</para>
|
|
</listitem>
|
|
|
|
<listitem>
|
|
<para>
|
|
Properly handle out-of-memory conditions while parsing connection
|
|
options in <application>libpq</> (Alex Shulgin, Heikki Linnakangas)
|
|
</para>
|
|
</listitem>
|
|
|
|
<listitem>
|
|
<para>
|
|
Fix array overrun in <application>ecpg</>'s version
|
|
of <function>ParseDateTime()</> (Michael Paquier)
|
|
</para>
|
|
</listitem>
|
|
|
|
<listitem>
|
|
<para>
|
|
In <application>initdb</>, give a clearer error message if a password
|
|
file is specified but is empty (Mats Erik Andersson)
|
|
</para>
|
|
</listitem>
|
|
|
|
<listitem>
|
|
<para>
|
|
Fix <application>psql</>'s <command>\s</> command to work nicely with
|
|
libedit, and add pager support (Stepan Rutz, Tom Lane)
|
|
</para>
|
|
|
|
<para>
|
|
When using libedit rather than readline, <command>\s</> printed the
|
|
command history in a fairly unreadable encoded format, and on recent
|
|
libedit versions might fail altogether. Fix that by printing the
|
|
history ourselves rather than having the library do it. A pleasant
|
|
side-effect is that the pager is used if appropriate.
|
|
</para>
|
|
|
|
<para>
|
|
This patch also fixes a bug that caused newline encoding to be applied
|
|
inconsistently when saving the command history with libedit.
|
|
Multiline history entries written by older <application>psql</>
|
|
versions will be read cleanly with this patch, but perhaps not
|
|
vice versa, depending on the exact libedit versions involved.
|
|
</para>
|
|
</listitem>
|
|
|
|
<listitem>
|
|
<para>
|
|
Improve consistency of parsing of <application>psql</>'s special
|
|
variables (Tom Lane)
|
|
</para>
|
|
|
|
<para>
|
|
Allow variant spellings of <literal>on</> and <literal>off</> (such
|
|
as <literal>1</>/<literal>0</>) for <literal>ECHO_HIDDEN</>
|
|
and <literal>ON_ERROR_ROLLBACK</>. Report a warning for unrecognized
|
|
values for <literal>COMP_KEYWORD_CASE</>, <literal>ECHO</>,
|
|
<literal>ECHO_HIDDEN</>, <literal>HISTCONTROL</>,
|
|
<literal>ON_ERROR_ROLLBACK</>, and <literal>VERBOSITY</>. Recognize
|
|
all values for all these variables case-insensitively; previously
|
|
there was a mishmash of case-sensitive and case-insensitive behaviors.
|
|
</para>
|
|
</listitem>
|
|
|
|
<listitem>
|
|
<para>
|
|
Fix <application>psql</>'s expanded-mode display to work
|
|
consistently when using <literal>border</> = 3
|
|
and <literal>linestyle</> = <literal>ascii</> or <literal>unicode</>
|
|
(Stephen Frost)
|
|
</para>
|
|
</listitem>
|
|
|
|
<listitem>
|
|
<para>
|
|
Fix possible deadlock during parallel restore of a schema-only dump
|
|
(Robert Haas, Tom Lane)
|
|
</para>
|
|
</listitem>
|
|
|
|
<listitem>
|
|
<para>
|
|
Fix core dump in <literal>pg_dump --binary-upgrade</> on zero-column
|
|
composite type (Rushabh Lathia)
|
|
</para>
|
|
</listitem>
|
|
|
|
<listitem>
|
|
<para>
|
|
Fix block number checking
|
|
in <filename>contrib/pageinspect</>'s <function>get_raw_page()</>
|
|
(Tom Lane)
|
|
</para>
|
|
|
|
<para>
|
|
The incorrect checking logic could prevent access to some pages in
|
|
non-main relation forks.
|
|
</para>
|
|
</listitem>
|
|
|
|
<listitem>
|
|
<para>
|
|
Fix <filename>contrib/pgcrypto</>'s <function>pgp_sym_decrypt()</>
|
|
to not fail on messages whose length is 6 less than a power of 2
|
|
(Marko Tiikkaja)
|
|
</para>
|
|
</listitem>
|
|
|
|
<listitem>
|
|
<para>
|
|
Handle unexpected query results, especially NULLs, safely in
|
|
<filename>contrib/tablefunc</>'s <function>connectby()</>
|
|
(Michael Paquier)
|
|
</para>
|
|
|
|
<para>
|
|
<function>connectby()</> previously crashed if it encountered a NULL
|
|
key value. It now prints that row but doesn't recurse further.
|
|
</para>
|
|
</listitem>
|
|
|
|
<listitem>
|
|
<para>
|
|
Avoid a possible crash in <filename>contrib/xml2</>'s
|
|
<function>xslt_process()</> (Mark Simonetti)
|
|
</para>
|
|
|
|
<para>
|
|
<application>libxslt</> seems to have an undocumented dependency on
|
|
the order in which resources are freed; reorder our calls to avoid a
|
|
crash.
|
|
</para>
|
|
</listitem>
|
|
|
|
<listitem>
|
|
<para>
|
|
Numerous cleanups of warnings from Coverity static code analyzer
|
|
(Andres Freund, Tatsuo Ishii, Marko Kreen, Tom Lane, Michael Paquier)
|
|
</para>
|
|
|
|
<para>
|
|
These changes are mostly cosmetic but in some cases fix corner-case
|
|
bugs, for example a crash rather than a proper error report after an
|
|
out-of-memory failure. None are believed to represent security
|
|
issues.
|
|
</para>
|
|
</listitem>
|
|
|
|
<listitem>
|
|
<para>
|
|
Detect incompatible OpenLDAP versions during build (Noah Misch)
|
|
</para>
|
|
|
|
<para>
|
|
With OpenLDAP versions 2.4.24 through 2.4.31,
|
|
inclusive, <productname>PostgreSQL</> backends can crash at exit.
|
|
Raise a warning during <application>configure</> based on the
|
|
compile-time OpenLDAP version number, and test the crashing scenario
|
|
in the <filename>contrib/dblink</> regression test.
|
|
</para>
|
|
</listitem>
|
|
|
|
<listitem>
|
|
<para>
|
|
In non-MSVC Windows builds, ensure <filename>libpq.dll</> is installed
|
|
with execute permissions (Noah Misch)
|
|
</para>
|
|
</listitem>
|
|
|
|
<listitem>
|
|
<para>
|
|
Make <application>pg_regress</> remove any temporary installation it
|
|
created upon successful exit (Tom Lane)
|
|
</para>
|
|
|
|
<para>
|
|
This results in a very substantial reduction in disk space usage
|
|
during <literal>make check-world</>, since that sequence involves
|
|
creation of numerous temporary installations.
|
|
</para>
|
|
</listitem>
|
|
|
|
<listitem>
|
|
<para>
|
|
Support time zone abbreviations that change UTC offset from time to
|
|
time (Tom Lane)
|
|
</para>
|
|
|
|
<para>
|
|
Previously, <productname>PostgreSQL</> assumed that the UTC offset
|
|
associated with a time zone abbreviation (such as <literal>EST</>)
|
|
never changes in the usage of any particular locale. However this
|
|
assumption fails in the real world, so introduce the ability for a
|
|
zone abbreviation to represent a UTC offset that sometimes changes.
|
|
Update the zone abbreviation definition files to make use of this
|
|
feature in timezone locales that have changed the UTC offset of their
|
|
abbreviations since 1970 (according to the IANA timezone database).
|
|
In such timezones, <productname>PostgreSQL</> will now associate the
|
|
correct UTC offset with the abbreviation depending on the given date.
|
|
</para>
|
|
</listitem>
|
|
|
|
<listitem>
|
|
<para>
|
|
Update time zone abbreviations lists (Tom Lane)
|
|
</para>
|
|
|
|
<para>
|
|
Add CST (China Standard Time) to our lists.
|
|
Remove references to ADT as <quote>Arabia Daylight Time</>, an
|
|
abbreviation that's been out of use since 2007; therefore, claiming
|
|
there is a conflict with <quote>Atlantic Daylight Time</> doesn't seem
|
|
especially helpful.
|
|
Fix entirely incorrect GMT offsets for CKT (Cook Islands), FJT, and FJST
|
|
(Fiji); we didn't even have them on the proper side of the date line.
|
|
</para>
|
|
</listitem>
|
|
|
|
<listitem>
|
|
<para>
|
|
Update time zone data files to <application>tzdata</> release 2015a.
|
|
</para>
|
|
|
|
<para>
|
|
The IANA timezone database has adopted abbreviations of the form
|
|
<literal>A<replaceable>x</>ST</literal>/<literal>A<replaceable>x</>DT</literal>
|
|
for all Australian time zones, reflecting what they believe to be
|
|
current majority practice Down Under. These names do not conflict
|
|
with usage elsewhere (other than ACST for Acre Summer Time, which has
|
|
been in disuse since 1994). Accordingly, adopt these names into
|
|
our <quote>Default</> timezone abbreviation set.
|
|
The <quote>Australia</> abbreviation set now contains only CST, EAST,
|
|
EST, SAST, SAT, and WST, all of which are thought to be mostly
|
|
historical usage. Note that SAST has also been changed to be South
|
|
Africa Standard Time in the <quote>Default</> abbreviation set.
|
|
</para>
|
|
|
|
<para>
|
|
Also, add zone abbreviations SRET (Asia/Srednekolymsk) and XJT
|
|
(Asia/Urumqi), and use WSST/WSDT for western Samoa. Also, there were
|
|
DST law changes in Chile, Mexico, the Turks & Caicos Islands
|
|
(America/Grand_Turk), and Fiji. There is a new zone
|
|
Pacific/Bougainville for portions of Papua New Guinea. Also, numerous
|
|
corrections for historical (pre-1970) time zone data.
|
|
</para>
|
|
</listitem>
|
|
|
|
</itemizedlist>
|
|
|
|
</sect2>
|
|
</sect1>
|
|
|
|
<sect1 id="release-9-0-18">
|
|
<title>Release 9.0.18</title>
|
|
|
|
<note>
|
|
<title>Release Date</title>
|
|
<simpara>2014-07-24</simpara>
|
|
</note>
|
|
|
|
<para>
|
|
This release contains a variety of fixes from 9.0.17.
|
|
For information about new features in the 9.0 major release, see
|
|
<xref linkend="release-9-0">.
|
|
</para>
|
|
|
|
<sect2>
|
|
<title>Migration to Version 9.0.18</title>
|
|
|
|
<para>
|
|
A dump/restore is not required for those running 9.0.X.
|
|
</para>
|
|
|
|
<para>
|
|
However, this release corrects an index corruption problem in some GiST
|
|
indexes. See the first changelog entry below to find out whether your
|
|
installation has been affected and what steps you should take if so.
|
|
</para>
|
|
|
|
<para>
|
|
Also, if you are upgrading from a version earlier than 9.0.15,
|
|
see <xref linkend="release-9-0-15">.
|
|
</para>
|
|
|
|
</sect2>
|
|
|
|
<sect2>
|
|
<title>Changes</title>
|
|
|
|
<itemizedlist>
|
|
|
|
<listitem>
|
|
<para>
|
|
Correctly initialize padding bytes in <filename>contrib/btree_gist</>
|
|
indexes on <type>bit</> columns (Heikki Linnakangas)
|
|
</para>
|
|
|
|
<para>
|
|
This error could result in incorrect query results due to values that
|
|
should compare equal not being seen as equal.
|
|
Users with GiST indexes on <type>bit</> or <type>bit varying</>
|
|
columns should <command>REINDEX</> those indexes after installing this
|
|
update.
|
|
</para>
|
|
</listitem>
|
|
|
|
<listitem>
|
|
<para>
|
|
Protect against torn pages when deleting GIN list pages (Heikki
|
|
Linnakangas)
|
|
</para>
|
|
|
|
<para>
|
|
This fix prevents possible index corruption if a system crash occurs
|
|
while the page update is being written to disk.
|
|
</para>
|
|
</listitem>
|
|
|
|
<listitem>
|
|
<para>
|
|
Don't clear the right-link of a GiST index page while replaying
|
|
updates from WAL (Heikki Linnakangas)
|
|
</para>
|
|
|
|
<para>
|
|
This error could lead to transiently wrong answers from GiST index
|
|
scans performed in Hot Standby.
|
|
</para>
|
|
</listitem>
|
|
|
|
<listitem>
|
|
<para>
|
|
Fix possibly-incorrect cache invalidation during nested calls
|
|
to <function>ReceiveSharedInvalidMessages</> (Andres Freund)
|
|
</para>
|
|
</listitem>
|
|
|
|
<listitem>
|
|
<para>
|
|
Don't assume a subquery's output is unique if there's a set-returning
|
|
function in its targetlist (David Rowley)
|
|
</para>
|
|
|
|
<para>
|
|
This oversight could lead to misoptimization of constructs
|
|
like <literal>WHERE x IN (SELECT y, generate_series(1,10) FROM t GROUP
|
|
BY y)</literal>.
|
|
</para>
|
|
</listitem>
|
|
|
|
<listitem>
|
|
<para>
|
|
Fix failure to detoast fields in composite elements of structured
|
|
types (Tom Lane)
|
|
</para>
|
|
|
|
<para>
|
|
This corrects cases where TOAST pointers could be copied into other
|
|
tables without being dereferenced. If the original data is later
|
|
deleted, it would lead to errors like <quote>missing chunk number 0
|
|
for toast value ...</> when the now-dangling pointer is used.
|
|
</para>
|
|
</listitem>
|
|
|
|
<listitem>
|
|
<para>
|
|
Fix <quote>record type has not been registered</> failures with
|
|
whole-row references to the output of Append plan nodes (Tom Lane)
|
|
</para>
|
|
</listitem>
|
|
|
|
<listitem>
|
|
<para>
|
|
Fix possible crash when invoking a user-defined function while
|
|
rewinding a cursor (Tom Lane)
|
|
</para>
|
|
</listitem>
|
|
|
|
<listitem>
|
|
<para>
|
|
Fix query-lifespan memory leak while evaluating the arguments for a
|
|
function in <literal>FROM</> (Tom Lane)
|
|
</para>
|
|
</listitem>
|
|
|
|
<listitem>
|
|
<para>
|
|
Fix session-lifespan memory leaks in regular-expression processing
|
|
(Tom Lane, Arthur O'Dwyer, Greg Stark)
|
|
</para>
|
|
</listitem>
|
|
|
|
<listitem>
|
|
<para>
|
|
Fix data encoding error in <filename>hungarian.stop</> (Tom Lane)
|
|
</para>
|
|
</listitem>
|
|
|
|
<listitem>
|
|
<para>
|
|
Fix liveness checks for rows that were inserted in the current
|
|
transaction and then deleted by a now-rolled-back subtransaction
|
|
(Andres Freund)
|
|
</para>
|
|
|
|
<para>
|
|
This could cause problems (at least spurious warnings, and at worst an
|
|
infinite loop) if <command>CREATE INDEX</> or <command>CLUSTER</> were
|
|
done later in the same transaction.
|
|
</para>
|
|
</listitem>
|
|
|
|
<listitem>
|
|
<para>
|
|
Clear <structname>pg_stat_activity</>.<structfield>xact_start</>
|
|
during <command>PREPARE TRANSACTION</> (Andres Freund)
|
|
</para>
|
|
|
|
<para>
|
|
After the <command>PREPARE</>, the originating session is no longer in
|
|
a transaction, so it should not continue to display a transaction
|
|
start time.
|
|
</para>
|
|
</listitem>
|
|
|
|
<listitem>
|
|
<para>
|
|
Fix <command>REASSIGN OWNED</> to not fail for text search objects
|
|
(Álvaro Herrera)
|
|
</para>
|
|
</listitem>
|
|
|
|
<listitem>
|
|
<para>
|
|
Block signals during postmaster startup (Tom Lane)
|
|
</para>
|
|
|
|
<para>
|
|
This ensures that the postmaster will properly clean up after itself
|
|
if, for example, it receives <systemitem>SIGINT</> while still
|
|
starting up.
|
|
</para>
|
|
</listitem>
|
|
|
|
<listitem>
|
|
<para>
|
|
Secure Unix-domain sockets of temporary postmasters started during
|
|
<literal>make check</> (Noah Misch)
|
|
</para>
|
|
|
|
<para>
|
|
Any local user able to access the socket file could connect as the
|
|
server's bootstrap superuser, then proceed to execute arbitrary code as
|
|
the operating-system user running the test, as we previously noted in
|
|
CVE-2014-0067. This change defends against that risk by placing the
|
|
server's socket in a temporary, mode 0700 subdirectory
|
|
of <filename>/tmp</>. The hazard remains however on platforms where
|
|
Unix sockets are not supported, notably Windows, because then the
|
|
temporary postmaster must accept local TCP connections.
|
|
</para>
|
|
|
|
<para>
|
|
A useful side effect of this change is to simplify
|
|
<literal>make check</> testing in builds that
|
|
override <literal>DEFAULT_PGSOCKET_DIR</>. Popular non-default values
|
|
like <filename>/var/run/postgresql</> are often not writable by the
|
|
build user, requiring workarounds that will no longer be necessary.
|
|
</para>
|
|
</listitem>
|
|
|
|
<listitem>
|
|
<para>
|
|
Fix tablespace creation WAL replay to work on Windows (MauMau)
|
|
</para>
|
|
</listitem>
|
|
|
|
<listitem>
|
|
<para>
|
|
Fix detection of socket creation failures on Windows (Bruce Momjian)
|
|
</para>
|
|
</listitem>
|
|
|
|
<listitem>
|
|
<para>
|
|
On Windows, allow new sessions to absorb values of PGC_BACKEND
|
|
parameters (such as <xref linkend="guc-log-connections">) from the
|
|
configuration file (Amit Kapila)
|
|
</para>
|
|
|
|
<para>
|
|
Previously, if such a parameter were changed in the file post-startup,
|
|
the change would have no effect.
|
|
</para>
|
|
</listitem>
|
|
|
|
<listitem>
|
|
<para>
|
|
Properly quote executable path names on Windows (Nikhil Deshpande)
|
|
</para>
|
|
|
|
<para>
|
|
This oversight could cause <application>initdb</>
|
|
and <application>pg_upgrade</> to fail on Windows, if the installation
|
|
path contained both spaces and <literal>@</> signs.
|
|
</para>
|
|
</listitem>
|
|
|
|
<listitem>
|
|
<para>
|
|
Fix linking of <application>libpython</> on OS X (Tom Lane)
|
|
</para>
|
|
|
|
<para>
|
|
The method we previously used can fail with the Python library
|
|
supplied by Xcode 5.0 and later.
|
|
</para>
|
|
</listitem>
|
|
|
|
<listitem>
|
|
<para>
|
|
Avoid buffer bloat in <application>libpq</> when the server
|
|
consistently sends data faster than the client can absorb it
|
|
(Shin-ichi Morita, Tom Lane)
|
|
</para>
|
|
|
|
<para>
|
|
<application>libpq</> could be coerced into enlarging its input buffer
|
|
until it runs out of memory (which would be reported misleadingly
|
|
as <quote>lost synchronization with server</>). Under ordinary
|
|
circumstances it's quite far-fetched that data could be continuously
|
|
transmitted more quickly than the <function>recv()</> loop can
|
|
absorb it, but this has been observed when the client is artificially
|
|
slowed by scheduler constraints.
|
|
</para>
|
|
</listitem>
|
|
|
|
<listitem>
|
|
<para>
|
|
Ensure that LDAP lookup attempts in <application>libpq</> time out as
|
|
intended (Laurenz Albe)
|
|
</para>
|
|
</listitem>
|
|
|
|
<listitem>
|
|
<para>
|
|
Fix <application>ecpg</> to do the right thing when an array
|
|
of <type>char *</> is the target for a FETCH statement returning more
|
|
than one row, as well as some other array-handling fixes
|
|
(Ashutosh Bapat)
|
|
</para>
|
|
</listitem>
|
|
|
|
<listitem>
|
|
<para>
|
|
Fix <application>pg_restore</>'s processing of old-style large object
|
|
comments (Tom Lane)
|
|
</para>
|
|
|
|
<para>
|
|
A direct-to-database restore from an archive file generated by a
|
|
pre-9.0 version of <application>pg_dump</> would usually fail if the
|
|
archive contained more than a few comments for large objects.
|
|
</para>
|
|
</listitem>
|
|
|
|
<listitem>
|
|
<para>
|
|
In <filename>contrib/pgcrypto</> functions, ensure sensitive
|
|
information is cleared from stack variables before returning
|
|
(Marko Kreen)
|
|
</para>
|
|
</listitem>
|
|
|
|
<listitem>
|
|
<para>
|
|
In <filename>contrib/uuid-ossp</>, cache the state of the OSSP UUID
|
|
library across calls (Tom Lane)
|
|
</para>
|
|
|
|
<para>
|
|
This improves the efficiency of UUID generation and reduces the amount
|
|
of entropy drawn from <filename>/dev/urandom</>, on platforms that
|
|
have that.
|
|
</para>
|
|
</listitem>
|
|
|
|
<listitem>
|
|
<para>
|
|
Update time zone data files to <application>tzdata</> release 2014e
|
|
for DST law changes in Crimea, Egypt, and Morocco.
|
|
</para>
|
|
</listitem>
|
|
|
|
</itemizedlist>
|
|
|
|
</sect2>
|
|
</sect1>
|
|
|
|
<sect1 id="release-9-0-17">
|
|
<title>Release 9.0.17</title>
|
|
|
|
<note>
|
|
<title>Release Date</title>
|
|
<simpara>2014-03-20</simpara>
|
|
</note>
|
|
|
|
<para>
|
|
This release contains a variety of fixes from 9.0.16.
|
|
For information about new features in the 9.0 major release, see
|
|
<xref linkend="release-9-0">.
|
|
</para>
|
|
|
|
<sect2>
|
|
<title>Migration to Version 9.0.17</title>
|
|
|
|
<para>
|
|
A dump/restore is not required for those running 9.0.X.
|
|
</para>
|
|
|
|
<para>
|
|
However, if you are upgrading from a version earlier than 9.0.15,
|
|
see <xref linkend="release-9-0-15">.
|
|
</para>
|
|
|
|
</sect2>
|
|
|
|
<sect2>
|
|
<title>Changes</title>
|
|
|
|
<itemizedlist>
|
|
|
|
<listitem>
|
|
<para>
|
|
Restore GIN metapages unconditionally to avoid torn-page risk
|
|
(Heikki Linnakangas)
|
|
</para>
|
|
|
|
<para>
|
|
Although this oversight could theoretically result in a corrupted
|
|
index, it is unlikely to have caused any problems in practice, since
|
|
the active part of a GIN metapage is smaller than a standard 512-byte
|
|
disk sector.
|
|
</para>
|
|
</listitem>
|
|
|
|
<listitem>
|
|
<para>
|
|
Avoid race condition in checking transaction commit status during
|
|
receipt of a <command>NOTIFY</> message (Marko Tiikkaja)
|
|
</para>
|
|
|
|
<para>
|
|
This prevents a scenario wherein a sufficiently fast client might
|
|
respond to a notification before database updates made by the
|
|
notifier have become visible to the recipient.
|
|
</para>
|
|
</listitem>
|
|
|
|
<listitem>
|
|
<para>
|
|
Allow regular-expression operators to be terminated early by query
|
|
cancel requests (Tom Lane)
|
|
</para>
|
|
|
|
<para>
|
|
This prevents scenarios wherein a pathological regular expression
|
|
could lock up a server process uninterruptably for a long time.
|
|
</para>
|
|
</listitem>
|
|
|
|
<listitem>
|
|
<para>
|
|
Remove incorrect code that tried to allow <literal>OVERLAPS</> with
|
|
single-element row arguments (Joshua Yanovski)
|
|
</para>
|
|
|
|
<para>
|
|
This code never worked correctly, and since the case is neither
|
|
specified by the SQL standard nor documented, it seemed better to
|
|
remove it than fix it.
|
|
</para>
|
|
</listitem>
|
|
|
|
<listitem>
|
|
<para>
|
|
Avoid getting more than <literal>AccessShareLock</> when de-parsing a
|
|
rule or view (Dean Rasheed)
|
|
</para>
|
|
|
|
<para>
|
|
This oversight resulted in <application>pg_dump</> unexpectedly
|
|
acquiring <literal>RowExclusiveLock</> locks on tables mentioned as
|
|
the targets of <literal>INSERT</>/<literal>UPDATE</>/<literal>DELETE</>
|
|
commands in rules. While usually harmless, that could interfere with
|
|
concurrent transactions that tried to acquire, for example,
|
|
<literal>ShareLock</> on those tables.
|
|
</para>
|
|
</listitem>
|
|
|
|
<listitem>
|
|
<para>
|
|
Improve performance of index endpoint probes during planning (Tom Lane)
|
|
</para>
|
|
|
|
<para>
|
|
This change fixes a significant performance problem that occurred
|
|
when there were many not-yet-committed rows at the end of the index,
|
|
which is a common situation for indexes on sequentially-assigned
|
|
values such as timestamps or sequence-generated identifiers.
|
|
</para>
|
|
</listitem>
|
|
|
|
<listitem>
|
|
<para>
|
|
Fix test to see if hot standby connections can be allowed immediately
|
|
after a crash (Heikki Linnakangas)
|
|
</para>
|
|
</listitem>
|
|
|
|
<listitem>
|
|
<para>
|
|
Prevent interrupts while reporting non-<literal>ERROR</> messages
|
|
(Tom Lane)
|
|
</para>
|
|
|
|
<para>
|
|
This guards against rare server-process freezeups due to recursive
|
|
entry to <function>syslog()</>, and perhaps other related problems.
|
|
</para>
|
|
</listitem>
|
|
|
|
<listitem>
|
|
<para>
|
|
Prevent intermittent <quote>could not reserve shared memory region</>
|
|
failures on recent Windows versions (MauMau)
|
|
</para>
|
|
</listitem>
|
|
|
|
<listitem>
|
|
<para>
|
|
Update time zone data files to <application>tzdata</> release 2014a
|
|
for DST law changes in Fiji and Turkey, plus historical changes in
|
|
Israel and Ukraine.
|
|
</para>
|
|
</listitem>
|
|
|
|
</itemizedlist>
|
|
|
|
</sect2>
|
|
</sect1>
|
|
|
|
<sect1 id="release-9-0-16">
|
|
<title>Release 9.0.16</title>
|
|
|
|
<note>
|
|
<title>Release Date</title>
|
|
<simpara>2014-02-20</simpara>
|
|
</note>
|
|
|
|
<para>
|
|
This release contains a variety of fixes from 9.0.15.
|
|
For information about new features in the 9.0 major release, see
|
|
<xref linkend="release-9-0">.
|
|
</para>
|
|
|
|
<sect2>
|
|
<title>Migration to Version 9.0.16</title>
|
|
|
|
<para>
|
|
A dump/restore is not required for those running 9.0.X.
|
|
</para>
|
|
|
|
<para>
|
|
However, if you are upgrading from a version earlier than 9.0.15,
|
|
see <xref linkend="release-9-0-15">.
|
|
</para>
|
|
|
|
</sect2>
|
|
|
|
<sect2>
|
|
<title>Changes</title>
|
|
|
|
<itemizedlist>
|
|
|
|
<listitem>
|
|
<para>
|
|
Shore up <literal>GRANT ... WITH ADMIN OPTION</> restrictions
|
|
(Noah Misch)
|
|
</para>
|
|
|
|
<para>
|
|
Granting a role without <literal>ADMIN OPTION</> is supposed to
|
|
prevent the grantee from adding or removing members from the granted
|
|
role, but this restriction was easily bypassed by doing <literal>SET
|
|
ROLE</> first. The security impact is mostly that a role member can
|
|
revoke the access of others, contrary to the wishes of his grantor.
|
|
Unapproved role member additions are a lesser concern, since an
|
|
uncooperative role member could provide most of his rights to others
|
|
anyway by creating views or <literal>SECURITY DEFINER</> functions.
|
|
(CVE-2014-0060)
|
|
</para>
|
|
</listitem>
|
|
|
|
<listitem>
|
|
<para>
|
|
Prevent privilege escalation via manual calls to PL validator
|
|
functions (Andres Freund)
|
|
</para>
|
|
|
|
<para>
|
|
The primary role of PL validator functions is to be called implicitly
|
|
during <command>CREATE FUNCTION</>, but they are also normal SQL
|
|
functions that a user can call explicitly. Calling a validator on
|
|
a function actually written in some other language was not checked
|
|
for and could be exploited for privilege-escalation purposes.
|
|
The fix involves adding a call to a privilege-checking function in
|
|
each validator function. Non-core procedural languages will also
|
|
need to make this change to their own validator functions, if any.
|
|
(CVE-2014-0061)
|
|
</para>
|
|
</listitem>
|
|
|
|
<listitem>
|
|
<para>
|
|
Avoid multiple name lookups during table and index DDL
|
|
(Robert Haas, Andres Freund)
|
|
</para>
|
|
|
|
<para>
|
|
If the name lookups come to different conclusions due to concurrent
|
|
activity, we might perform some parts of the DDL on a different table
|
|
than other parts. At least in the case of <command>CREATE INDEX</>,
|
|
this can be used to cause the permissions checks to be performed
|
|
against a different table than the index creation, allowing for a
|
|
privilege escalation attack.
|
|
(CVE-2014-0062)
|
|
</para>
|
|
</listitem>
|
|
|
|
<listitem>
|
|
<para>
|
|
Prevent buffer overrun with long datetime strings (Noah Misch)
|
|
</para>
|
|
|
|
<para>
|
|
The <literal>MAXDATELEN</> constant was too small for the longest
|
|
possible value of type <type>interval</>, allowing a buffer overrun
|
|
in <function>interval_out()</>. Although the datetime input
|
|
functions were more careful about avoiding buffer overrun, the limit
|
|
was short enough to cause them to reject some valid inputs, such as
|
|
input containing a very long timezone name. The <application>ecpg</>
|
|
library contained these vulnerabilities along with some of its own.
|
|
(CVE-2014-0063)
|
|
</para>
|
|
</listitem>
|
|
|
|
<listitem>
|
|
<para>
|
|
Prevent buffer overrun due to integer overflow in size calculations
|
|
(Noah Misch, Heikki Linnakangas)
|
|
</para>
|
|
|
|
<para>
|
|
Several functions, mostly type input functions, calculated an
|
|
allocation size without checking for overflow. If overflow did
|
|
occur, a too-small buffer would be allocated and then written past.
|
|
(CVE-2014-0064)
|
|
</para>
|
|
</listitem>
|
|
|
|
<listitem>
|
|
<para>
|
|
Prevent overruns of fixed-size buffers
|
|
(Peter Eisentraut, Jozef Mlich)
|
|
</para>
|
|
|
|
<para>
|
|
Use <function>strlcpy()</> and related functions to provide a clear
|
|
guarantee that fixed-size buffers are not overrun. Unlike the
|
|
preceding items, it is unclear whether these cases really represent
|
|
live issues, since in most cases there appear to be previous
|
|
constraints on the size of the input string. Nonetheless it seems
|
|
prudent to silence all Coverity warnings of this type.
|
|
(CVE-2014-0065)
|
|
</para>
|
|
</listitem>
|
|
|
|
<listitem>
|
|
<para>
|
|
Avoid crashing if <function>crypt()</> returns NULL (Honza Horak,
|
|
Bruce Momjian)
|
|
</para>
|
|
|
|
<para>
|
|
There are relatively few scenarios in which <function>crypt()</>
|
|
could return NULL, but <filename>contrib/chkpass</> would crash
|
|
if it did. One practical case in which this could be an issue is
|
|
if <application>libc</> is configured to refuse to execute unapproved
|
|
hashing algorithms (e.g., <quote>FIPS mode</>).
|
|
(CVE-2014-0066)
|
|
</para>
|
|
</listitem>
|
|
|
|
<listitem>
|
|
<para>
|
|
Document risks of <literal>make check</> in the regression testing
|
|
instructions (Noah Misch, Tom Lane)
|
|
</para>
|
|
|
|
<para>
|
|
Since the temporary server started by <literal>make check</>
|
|
uses <quote>trust</> authentication, another user on the same machine
|
|
could connect to it as database superuser, and then potentially
|
|
exploit the privileges of the operating-system user who started the
|
|
tests. A future release will probably incorporate changes in the
|
|
testing procedure to prevent this risk, but some public discussion is
|
|
needed first. So for the moment, just warn people against using
|
|
<literal>make check</> when there are untrusted users on the
|
|
same machine.
|
|
(CVE-2014-0067)
|
|
</para>
|
|
</listitem>
|
|
|
|
<listitem>
|
|
<para>
|
|
Fix possible mis-replay of WAL records when some segments of a
|
|
relation aren't full size (Greg Stark, Tom Lane)
|
|
</para>
|
|
|
|
<para>
|
|
The WAL update could be applied to the wrong page, potentially many
|
|
pages past where it should have been. Aside from corrupting data,
|
|
this error has been observed to result in significant <quote>bloat</>
|
|
of standby servers compared to their masters, due to updates being
|
|
applied far beyond where the end-of-file should have been. This
|
|
failure mode does not appear to be a significant risk during crash
|
|
recovery, only when initially synchronizing a standby created from a
|
|
base backup taken from a quickly-changing master.
|
|
</para>
|
|
</listitem>
|
|
|
|
<listitem>
|
|
<para>
|
|
Fix bug in determining when recovery has reached consistency
|
|
(Tomonari Katsumata, Heikki Linnakangas)
|
|
</para>
|
|
|
|
<para>
|
|
In some cases WAL replay would mistakenly conclude that the database
|
|
was already consistent at the start of replay, thus possibly allowing
|
|
hot-standby queries before the database was really consistent. Other
|
|
symptoms such as <quote>PANIC: WAL contains references to invalid
|
|
pages</> were also possible.
|
|
</para>
|
|
</listitem>
|
|
|
|
<listitem>
|
|
<para>
|
|
Fix improper locking of btree index pages while replaying
|
|
a <literal>VACUUM</> operation in hot-standby mode (Andres Freund,
|
|
Heikki Linnakangas, Tom Lane)
|
|
</para>
|
|
|
|
<para>
|
|
This error could result in <quote>PANIC: WAL contains references to
|
|
invalid pages</> failures.
|
|
</para>
|
|
</listitem>
|
|
|
|
<listitem>
|
|
<para>
|
|
Ensure that insertions into non-leaf GIN index pages write a full-page
|
|
WAL record when appropriate (Heikki Linnakangas)
|
|
</para>
|
|
|
|
<para>
|
|
The previous coding risked index corruption in the event of a
|
|
partial-page write during a system crash.
|
|
</para>
|
|
</listitem>
|
|
|
|
<listitem>
|
|
<para>
|
|
Fix race conditions during server process exit (Robert Haas)
|
|
</para>
|
|
|
|
<para>
|
|
Ensure that signal handlers don't attempt to use the
|
|
process's <varname>MyProc</> pointer after it's no longer valid.
|
|
</para>
|
|
</listitem>
|
|
|
|
<listitem>
|
|
<para>
|
|
Fix unsafe references to <varname>errno</> within error reporting
|
|
logic (Christian Kruse)
|
|
</para>
|
|
|
|
<para>
|
|
This would typically lead to odd behaviors such as missing or
|
|
inappropriate <literal>HINT</> fields.
|
|
</para>
|
|
</listitem>
|
|
|
|
<listitem>
|
|
<para>
|
|
Fix possible crashes from using <function>ereport()</> too early
|
|
during server startup (Tom Lane)
|
|
</para>
|
|
|
|
<para>
|
|
The principal case we've seen in the field is a crash if the server
|
|
is started in a directory it doesn't have permission to read.
|
|
</para>
|
|
</listitem>
|
|
|
|
<listitem>
|
|
<para>
|
|
Clear retry flags properly in OpenSSL socket write
|
|
function (Alexander Kukushkin)
|
|
</para>
|
|
|
|
<para>
|
|
This omission could result in a server lockup after unexpected loss
|
|
of an SSL-encrypted connection.
|
|
</para>
|
|
</listitem>
|
|
|
|
<listitem>
|
|
<para>
|
|
Fix length checking for Unicode identifiers (<literal>U&"..."</>
|
|
syntax) containing escapes (Tom Lane)
|
|
</para>
|
|
|
|
<para>
|
|
A spurious truncation warning would be printed for such identifiers
|
|
if the escaped form of the identifier was too long, but the
|
|
identifier actually didn't need truncation after de-escaping.
|
|
</para>
|
|
</listitem>
|
|
|
|
<listitem>
|
|
<para>
|
|
Allow keywords that are type names to be used in lists of roles
|
|
(Stephen Frost)
|
|
</para>
|
|
|
|
<para>
|
|
A previous patch allowed such keywords to be used without quoting
|
|
in places such as role identifiers; but it missed cases where a
|
|
list of role identifiers was permitted, such as <literal>DROP ROLE</>.
|
|
</para>
|
|
</listitem>
|
|
|
|
<listitem>
|
|
<para>
|
|
Fix possible crash due to invalid plan for nested sub-selects, such
|
|
as <literal>WHERE (... x IN (SELECT ...) ...) IN (SELECT ...)</>
|
|
(Tom Lane)
|
|
</para>
|
|
</listitem>
|
|
|
|
<listitem>
|
|
<para>
|
|
Ensure that <command>ANALYZE</> creates statistics for a table column
|
|
even when all the values in it are <quote>too wide</> (Tom Lane)
|
|
</para>
|
|
|
|
<para>
|
|
<command>ANALYZE</> intentionally omits very wide values from its
|
|
histogram and most-common-values calculations, but it neglected to do
|
|
something sane in the case that all the sampled entries are too wide.
|
|
</para>
|
|
</listitem>
|
|
|
|
<listitem>
|
|
<para>
|
|
In <literal>ALTER TABLE ... SET TABLESPACE</>, allow the database's
|
|
default tablespace to be used without a permissions check
|
|
(Stephen Frost)
|
|
</para>
|
|
|
|
<para>
|
|
<literal>CREATE TABLE</> has always allowed such usage,
|
|
but <literal>ALTER TABLE</> didn't get the memo.
|
|
</para>
|
|
</listitem>
|
|
|
|
<listitem>
|
|
<para>
|
|
Fix <quote>cannot accept a set</> error when some arms of
|
|
a <literal>CASE</> return a set and others don't (Tom Lane)
|
|
</para>
|
|
</listitem>
|
|
|
|
<listitem>
|
|
<para>
|
|
Fix checks for all-zero client addresses in pgstat functions (Kevin
|
|
Grittner)
|
|
</para>
|
|
</listitem>
|
|
|
|
<listitem>
|
|
<para>
|
|
Fix possible misclassification of multibyte characters by the text
|
|
search parser (Tom Lane)
|
|
</para>
|
|
|
|
<para>
|
|
Non-ASCII characters could be misclassified when using C locale with
|
|
a multibyte encoding. On Cygwin, non-C locales could fail as well.
|
|
</para>
|
|
</listitem>
|
|
|
|
<listitem>
|
|
<para>
|
|
Fix possible misbehavior in <function>plainto_tsquery()</>
|
|
(Heikki Linnakangas)
|
|
</para>
|
|
|
|
<para>
|
|
Use <function>memmove()</> not <function>memcpy()</> for copying
|
|
overlapping memory regions. There have been no field reports of
|
|
this actually causing trouble, but it's certainly risky.
|
|
</para>
|
|
</listitem>
|
|
|
|
<listitem>
|
|
<para>
|
|
Accept <literal>SHIFT_JIS</> as an encoding name for locale checking
|
|
purposes (Tatsuo Ishii)
|
|
</para>
|
|
</listitem>
|
|
|
|
<listitem>
|
|
<para>
|
|
Fix misbehavior of <function>PQhost()</> on Windows (Fujii Masao)
|
|
</para>
|
|
|
|
<para>
|
|
It should return <literal>localhost</> if no host has been specified.
|
|
</para>
|
|
</listitem>
|
|
|
|
<listitem>
|
|
<para>
|
|
Improve error handling in <application>libpq</> and <application>psql</>
|
|
for failures during <literal>COPY TO STDOUT/FROM STDIN</> (Tom Lane)
|
|
</para>
|
|
|
|
<para>
|
|
In particular this fixes an infinite loop that could occur in 9.2 and
|
|
up if the server connection was lost during <literal>COPY FROM
|
|
STDIN</>. Variants of that scenario might be possible in older
|
|
versions, or with other client applications.
|
|
</para>
|
|
</listitem>
|
|
|
|
<listitem>
|
|
<para>
|
|
Fix misaligned descriptors in <application>ecpg</> (MauMau)
|
|
</para>
|
|
</listitem>
|
|
|
|
<listitem>
|
|
<para>
|
|
In <application>ecpg</>, handle lack of a hostname in the connection
|
|
parameters properly (Michael Meskes)
|
|
</para>
|
|
</listitem>
|
|
|
|
<listitem>
|
|
<para>
|
|
Fix performance regression in <filename>contrib/dblink</> connection
|
|
startup (Joe Conway)
|
|
</para>
|
|
|
|
<para>
|
|
Avoid an unnecessary round trip when client and server encodings match.
|
|
</para>
|
|
</listitem>
|
|
|
|
<listitem>
|
|
<para>
|
|
In <filename>contrib/isn</>, fix incorrect calculation of the check
|
|
digit for ISMN values (Fabien Coelho)
|
|
</para>
|
|
</listitem>
|
|
|
|
<listitem>
|
|
<para>
|
|
Ensure client-code-only installation procedure works as documented
|
|
(Peter Eisentraut)
|
|
</para>
|
|
</listitem>
|
|
|
|
<listitem>
|
|
<para>
|
|
In Mingw and Cygwin builds, install the <application>libpq</> DLL
|
|
in the <filename>bin</> directory (Andrew Dunstan)
|
|
</para>
|
|
|
|
<para>
|
|
This duplicates what the MSVC build has long done. It should fix
|
|
problems with programs like <application>psql</> failing to start
|
|
because they can't find the DLL.
|
|
</para>
|
|
</listitem>
|
|
|
|
<listitem>
|
|
<para>
|
|
Avoid using the deprecated <literal>dllwrap</> tool in Cygwin builds
|
|
(Marco Atzeri)
|
|
</para>
|
|
</listitem>
|
|
|
|
<listitem>
|
|
<para>
|
|
Don't generate plain-text <filename>HISTORY</>
|
|
and <filename>src/test/regress/README</> files anymore (Tom Lane)
|
|
</para>
|
|
|
|
<para>
|
|
These text files duplicated the main HTML and PDF documentation
|
|
formats. The trouble involved in maintaining them greatly outweighs
|
|
the likely audience for plain-text format. Distribution tarballs
|
|
will still contain files by these names, but they'll just be stubs
|
|
directing the reader to consult the main documentation.
|
|
The plain-text <filename>INSTALL</> file will still be maintained, as
|
|
there is arguably a use-case for that.
|
|
</para>
|
|
</listitem>
|
|
|
|
<listitem>
|
|
<para>
|
|
Update time zone data files to <application>tzdata</> release 2013i
|
|
for DST law changes in Jordan and historical changes in Cuba.
|
|
</para>
|
|
|
|
<para>
|
|
In addition, the zones <literal>Asia/Riyadh87</>,
|
|
<literal>Asia/Riyadh88</>, and <literal>Asia/Riyadh89</> have been
|
|
removed, as they are no longer maintained by IANA, and never
|
|
represented actual civil timekeeping practice.
|
|
</para>
|
|
</listitem>
|
|
|
|
</itemizedlist>
|
|
|
|
</sect2>
|
|
</sect1>
|
|
|
|
<sect1 id="release-9-0-15">
|
|
<title>Release 9.0.15</title>
|
|
|
|
<note>
|
|
<title>Release Date</title>
|
|
<simpara>2013-12-05</simpara>
|
|
</note>
|
|
|
|
<para>
|
|
This release contains a variety of fixes from 9.0.14.
|
|
For information about new features in the 9.0 major release, see
|
|
<xref linkend="release-9-0">.
|
|
</para>
|
|
|
|
<sect2>
|
|
<title>Migration to Version 9.0.15</title>
|
|
|
|
<para>
|
|
A dump/restore is not required for those running 9.0.X.
|
|
</para>
|
|
|
|
<para>
|
|
However, this release corrects a number of potential data corruption
|
|
issues. See the first two changelog entries below to find out whether
|
|
your installation has been affected and what steps you can take if so.
|
|
</para>
|
|
|
|
<para>
|
|
Also, if you are upgrading from a version earlier than 9.0.13,
|
|
see <xref linkend="release-9-0-13">.
|
|
</para>
|
|
|
|
</sect2>
|
|
|
|
<sect2>
|
|
<title>Changes</title>
|
|
|
|
<itemizedlist>
|
|
|
|
<listitem>
|
|
<para>
|
|
Fix <command>VACUUM</>'s tests to see whether it can
|
|
update <structfield>relfrozenxid</> (Andres Freund)
|
|
</para>
|
|
|
|
<para>
|
|
In some cases <command>VACUUM</> (either manual or autovacuum) could
|
|
incorrectly advance a table's <structfield>relfrozenxid</> value,
|
|
allowing tuples to escape freezing, causing those rows to become
|
|
invisible once 2^31 transactions have elapsed. The probability of
|
|
data loss is fairly low since multiple incorrect advancements would
|
|
need to happen before actual loss occurs, but it's not zero. Users
|
|
upgrading from releases 9.0.4 or 8.4.8 or earlier are not affected, but
|
|
all later versions contain the bug.
|
|
</para>
|
|
|
|
<para>
|
|
The issue can be ameliorated by, after upgrading, vacuuming all tables
|
|
in all databases while having <link
|
|
linkend="guc-vacuum-freeze-table-age"><varname>vacuum_freeze_table_age</></link>
|
|
set to zero. This will fix any latent corruption but will not be able
|
|
to fix all pre-existing data errors. However, an installation can be
|
|
presumed safe after performing this vacuuming if it has executed fewer
|
|
than 2^31 update transactions in its lifetime (check this with
|
|
<literal>SELECT txid_current() < 2^31</>).
|
|
</para>
|
|
</listitem>
|
|
|
|
<listitem>
|
|
<para>
|
|
Fix initialization of <filename>pg_clog</> and <filename>pg_subtrans</>
|
|
during hot standby startup (Andres Freund, Heikki Linnakangas)
|
|
</para>
|
|
|
|
<para>
|
|
This bug can cause data loss on standby servers at the moment they
|
|
start to accept hot-standby queries, by marking committed transactions
|
|
as uncommitted. The likelihood of such corruption is small unless, at
|
|
the time of standby startup, the primary server has executed many
|
|
updating transactions since its last checkpoint. Symptoms include
|
|
missing rows, rows that should have been deleted being still visible,
|
|
and obsolete versions of updated rows being still visible alongside
|
|
their newer versions.
|
|
</para>
|
|
|
|
<para>
|
|
This bug was introduced in versions 9.3.0, 9.2.5, 9.1.10, and 9.0.14.
|
|
Standby servers that have only been running earlier releases are not
|
|
at risk. It's recommended that standby servers that have ever run any
|
|
of the buggy releases be re-cloned from the primary (e.g., with a new
|
|
base backup) after upgrading.
|
|
</para>
|
|
</listitem>
|
|
|
|
<listitem>
|
|
<para>
|
|
Truncate <filename>pg_multixact</> contents during WAL replay
|
|
(Andres Freund)
|
|
</para>
|
|
|
|
<para>
|
|
This avoids ever-increasing disk space consumption in standby servers.
|
|
</para>
|
|
</listitem>
|
|
|
|
<listitem>
|
|
<para>
|
|
Fix race condition in GIN index posting tree page deletion (Heikki
|
|
Linnakangas)
|
|
</para>
|
|
|
|
<para>
|
|
This could lead to transient wrong answers or query failures.
|
|
</para>
|
|
</listitem>
|
|
|
|
<listitem>
|
|
<para>
|
|
Avoid flattening a subquery whose <literal>SELECT</> list contains a
|
|
volatile function wrapped inside a sub-<literal>SELECT</> (Tom Lane)
|
|
</para>
|
|
|
|
<para>
|
|
This avoids unexpected results due to extra evaluations of the
|
|
volatile function.
|
|
</para>
|
|
</listitem>
|
|
|
|
<listitem>
|
|
<para>
|
|
Fix planner's processing of non-simple-variable subquery outputs
|
|
nested within outer joins (Tom Lane)
|
|
</para>
|
|
|
|
<para>
|
|
This error could lead to incorrect plans for queries involving
|
|
multiple levels of subqueries within <literal>JOIN</> syntax.
|
|
</para>
|
|
</listitem>
|
|
|
|
<listitem>
|
|
<para>
|
|
Fix premature deletion of temporary files (Andres Freund)
|
|
</para>
|
|
</listitem>
|
|
|
|
<listitem>
|
|
<para>
|
|
Fix possible read past end of memory in rule printing (Peter Eisentraut)
|
|
</para>
|
|
</listitem>
|
|
|
|
<listitem>
|
|
<para>
|
|
Fix array slicing of <type>int2vector</> and <type>oidvector</> values
|
|
(Tom Lane)
|
|
</para>
|
|
|
|
<para>
|
|
Expressions of this kind are now implicitly promoted to
|
|
regular <type>int2</> or <type>oid</> arrays.
|
|
</para>
|
|
</listitem>
|
|
|
|
<listitem>
|
|
<para>
|
|
Fix incorrect behaviors when using a SQL-standard, simple GMT offset
|
|
timezone (Tom Lane)
|
|
</para>
|
|
|
|
<para>
|
|
In some cases, the system would use the simple GMT offset value when
|
|
it should have used the regular timezone setting that had prevailed
|
|
before the simple offset was selected. This change also causes
|
|
the <function>timeofday</> function to honor the simple GMT offset
|
|
zone.
|
|
</para>
|
|
</listitem>
|
|
|
|
<listitem>
|
|
<para>
|
|
Prevent possible misbehavior when logging translations of Windows
|
|
error codes (Tom Lane)
|
|
</para>
|
|
</listitem>
|
|
|
|
<listitem>
|
|
<para>
|
|
Properly quote generated command lines in <application>pg_ctl</>
|
|
(Naoya Anzai and Tom Lane)
|
|
</para>
|
|
|
|
<para>
|
|
This fix applies only to Windows.
|
|
</para>
|
|
</listitem>
|
|
|
|
<listitem>
|
|
<para>
|
|
Fix <application>pg_dumpall</> to work when a source database
|
|
sets <link
|
|
linkend="guc-default-transaction-read-only"><varname>default_transaction_read_only</></link>
|
|
via <command>ALTER DATABASE SET</> (Kevin Grittner)
|
|
</para>
|
|
|
|
<para>
|
|
Previously, the generated script would fail during restore.
|
|
</para>
|
|
</listitem>
|
|
|
|
<listitem>
|
|
<para>
|
|
Fix <application>ecpg</>'s processing of lists of variables
|
|
declared <type>varchar</> (Zoltán Böszörményi)
|
|
</para>
|
|
</listitem>
|
|
|
|
<listitem>
|
|
<para>
|
|
Make <filename>contrib/lo</> defend against incorrect trigger definitions
|
|
(Marc Cousin)
|
|
</para>
|
|
</listitem>
|
|
|
|
<listitem>
|
|
<para>
|
|
Update time zone data files to <application>tzdata</> release 2013h
|
|
for DST law changes in Argentina, Brazil, Jordan, Libya,
|
|
Liechtenstein, Morocco, and Palestine. Also, new timezone
|
|
abbreviations WIB, WIT, WITA for Indonesia.
|
|
</para>
|
|
</listitem>
|
|
|
|
</itemizedlist>
|
|
|
|
</sect2>
|
|
</sect1>
|
|
|
|
<sect1 id="release-9-0-14">
|
|
<title>Release 9.0.14</title>
|
|
|
|
<note>
|
|
<title>Release Date</title>
|
|
<simpara>2013-10-10</simpara>
|
|
</note>
|
|
|
|
<para>
|
|
This release contains a variety of fixes from 9.0.13.
|
|
For information about new features in the 9.0 major release, see
|
|
<xref linkend="release-9-0">.
|
|
</para>
|
|
|
|
<sect2>
|
|
<title>Migration to Version 9.0.14</title>
|
|
|
|
<para>
|
|
A dump/restore is not required for those running 9.0.X.
|
|
</para>
|
|
|
|
<para>
|
|
However, if you are upgrading from a version earlier than 9.0.13,
|
|
see <xref linkend="release-9-0-13">.
|
|
</para>
|
|
|
|
</sect2>
|
|
|
|
<sect2>
|
|
<title>Changes</title>
|
|
|
|
<itemizedlist>
|
|
|
|
<listitem>
|
|
<para>
|
|
Prevent corruption of multi-byte characters when attempting to
|
|
case-fold identifiers (Andrew Dunstan)
|
|
</para>
|
|
|
|
<para>
|
|
<productname>PostgreSQL</> case-folds non-ASCII characters only
|
|
when using a single-byte server encoding.
|
|
</para>
|
|
</listitem>
|
|
|
|
<listitem>
|
|
<para>
|
|
Fix checkpoint memory leak in background writer when <literal>wal_level =
|
|
hot_standby</> (Naoya Anzai)
|
|
</para>
|
|
</listitem>
|
|
|
|
<listitem>
|
|
<para>
|
|
Fix memory leak caused by <function>lo_open()</function> failure
|
|
(Heikki Linnakangas)
|
|
</para>
|
|
</listitem>
|
|
|
|
<listitem>
|
|
<para>
|
|
Fix memory overcommit bug when <varname>work_mem</> is using more
|
|
than 24GB of memory (Stephen Frost)
|
|
</para>
|
|
</listitem>
|
|
|
|
<listitem>
|
|
<para>
|
|
Fix deadlock bug in libpq when using SSL (Stephen Frost)
|
|
</para>
|
|
</listitem>
|
|
|
|
<listitem>
|
|
<para>
|
|
Fix possible SSL state corruption in threaded libpq applications
|
|
(Nick Phillips, Stephen Frost)
|
|
</para>
|
|
</listitem>
|
|
|
|
<listitem>
|
|
<para>
|
|
Properly compute row estimates for boolean columns containing many NULL
|
|
values (Andrew Gierth)
|
|
</para>
|
|
|
|
<para>
|
|
Previously tests like <literal>col IS NOT TRUE</> and <literal>col IS
|
|
NOT FALSE</> did not properly factor in NULL values when estimating
|
|
plan costs.
|
|
</para>
|
|
</listitem>
|
|
|
|
<listitem>
|
|
<para>
|
|
Prevent pushing down <literal>WHERE</> clauses into unsafe
|
|
<literal>UNION/INTERSECT</> subqueries (Tom Lane)
|
|
</para>
|
|
|
|
<para>
|
|
Subqueries of a <literal>UNION</> or <literal>INTERSECT</> that
|
|
contain set-returning functions or volatile functions in their
|
|
<literal>SELECT</> lists could be improperly optimized, leading to
|
|
run-time errors or incorrect query results.
|
|
</para>
|
|
</listitem>
|
|
|
|
<listitem>
|
|
<para>
|
|
Fix rare case of <quote>failed to locate grouping columns</>
|
|
planner failure (Tom Lane)
|
|
</para>
|
|
</listitem>
|
|
|
|
<listitem>
|
|
<para>
|
|
Improve view dumping code's handling of dropped columns in referenced
|
|
tables (Tom Lane)
|
|
</para>
|
|
</listitem>
|
|
|
|
<listitem>
|
|
<para>
|
|
Properly record index comments created using <literal>UNIQUE</>
|
|
and <literal>PRIMARY KEY</> syntax (Andres Freund)
|
|
</para>
|
|
|
|
<para>
|
|
This fixes a parallel <application>pg_restore</> failure.
|
|
</para>
|
|
</listitem>
|
|
|
|
<listitem>
|
|
<para>
|
|
Fix <command>REINDEX TABLE</> and <command>REINDEX DATABASE</>
|
|
to properly revalidate constraints and mark invalidated indexes as
|
|
valid (Noah Misch)
|
|
</para>
|
|
|
|
<para>
|
|
<command>REINDEX INDEX</> has always worked properly.
|
|
</para>
|
|
</listitem>
|
|
|
|
<listitem>
|
|
<para>
|
|
Fix possible deadlock during concurrent <command>CREATE INDEX
|
|
CONCURRENTLY</> operations (Tom Lane)
|
|
</para>
|
|
</listitem>
|
|
|
|
<listitem>
|
|
<para>
|
|
Fix <function>regexp_matches()</> handling of zero-length matches
|
|
(Jeevan Chalke)
|
|
</para>
|
|
|
|
<para>
|
|
Previously, zero-length matches like '^' could return too many matches.
|
|
</para>
|
|
</listitem>
|
|
|
|
<listitem>
|
|
<para>
|
|
Fix crash for overly-complex regular expressions (Heikki Linnakangas)
|
|
</para>
|
|
</listitem>
|
|
|
|
<listitem>
|
|
<para>
|
|
Fix regular expression match failures for back references combined with
|
|
non-greedy quantifiers (Jeevan Chalke)
|
|
</para>
|
|
</listitem>
|
|
|
|
<listitem>
|
|
<para>
|
|
Prevent <command>CREATE FUNCTION</> from checking <command>SET</>
|
|
variables unless function body checking is enabled (Tom Lane)
|
|
</para>
|
|
</listitem>
|
|
|
|
<listitem>
|
|
<para>
|
|
Allow <command>ALTER DEFAULT PRIVILEGES</> to operate on schemas
|
|
without requiring CREATE permission (Tom Lane)
|
|
</para>
|
|
</listitem>
|
|
|
|
<listitem>
|
|
<para>
|
|
Loosen restriction on keywords used in queries (Tom Lane)
|
|
</para>
|
|
|
|
<para>
|
|
Specifically, lessen keyword restrictions for role names, language
|
|
names, <command>EXPLAIN</> and <command>COPY</> options, and
|
|
<command>SET</> values. This allows <literal>COPY ... (FORMAT
|
|
BINARY)</> to work as expected; previously <literal>BINARY</> needed
|
|
to be quoted.
|
|
</para>
|
|
</listitem>
|
|
|
|
<listitem>
|
|
<para>
|
|
Fix <function>pgp_pub_decrypt()</> so it works for secret keys with
|
|
passwords (Marko Kreen)
|
|
</para>
|
|
</listitem>
|
|
|
|
<listitem>
|
|
<para>
|
|
Remove rare inaccurate warning during vacuum of index-less tables
|
|
(Heikki Linnakangas)
|
|
</para>
|
|
</listitem>
|
|
|
|
<listitem>
|
|
<para>
|
|
Ensure that <command>VACUUM ANALYZE</> still runs the ANALYZE phase
|
|
if its attempt to truncate the file is cancelled due to lock conflicts
|
|
(Kevin Grittner)
|
|
</para>
|
|
</listitem>
|
|
|
|
<listitem>
|
|
<para>
|
|
Avoid possible failure when performing transaction control commands (e.g
|
|
ROLLBACK) in prepared queries (Tom Lane)
|
|
</para>
|
|
</listitem>
|
|
|
|
<listitem>
|
|
<para>
|
|
Ensure that floating-point data input accepts standard spellings
|
|
of <quote>infinity</> on all platforms (Tom Lane)
|
|
</para>
|
|
|
|
<para>
|
|
The C99 standard says that allowable spellings are <literal>inf</>,
|
|
<literal>+inf</>, <literal>-inf</>, <literal>infinity</>,
|
|
<literal>+infinity</>, and <literal>-infinity</>. Make sure we
|
|
recognize these even if the platform's <function>strtod</> function
|
|
doesn't.
|
|
</para>
|
|
</listitem>
|
|
|
|
<listitem>
|
|
<para>
|
|
Expand ability to compare rows to records and arrays (Rafal Rzepecki,
|
|
Tom Lane)
|
|
</para>
|
|
</listitem>
|
|
|
|
<listitem>
|
|
<para>
|
|
Update time zone data files to <application>tzdata</> release 2013d
|
|
for DST law changes in Israel, Morocco, Palestine, and Paraguay.
|
|
Also, historical zone data corrections for Macquarie Island.
|
|
</para>
|
|
</listitem>
|
|
|
|
</itemizedlist>
|
|
|
|
</sect2>
|
|
</sect1>
|
|
|
|
<sect1 id="release-9-0-13">
|
|
<title>Release 9.0.13</title>
|
|
|
|
<note>
|
|
<title>Release Date</title>
|
|
<simpara>2013-04-04</simpara>
|
|
</note>
|
|
|
|
<para>
|
|
This release contains a variety of fixes from 9.0.12.
|
|
For information about new features in the 9.0 major release, see
|
|
<xref linkend="release-9-0">.
|
|
</para>
|
|
|
|
<sect2>
|
|
<title>Migration to Version 9.0.13</title>
|
|
|
|
<para>
|
|
A dump/restore is not required for those running 9.0.X.
|
|
</para>
|
|
|
|
<para>
|
|
However, this release corrects several errors in management of GiST
|
|
indexes. After installing this update, it is advisable to
|
|
<command>REINDEX</> any GiST indexes that meet one or more of the
|
|
conditions described below.
|
|
</para>
|
|
|
|
<para>
|
|
Also, if you are upgrading from a version earlier than 9.0.6,
|
|
see <xref linkend="release-9-0-6">.
|
|
</para>
|
|
|
|
</sect2>
|
|
|
|
<sect2>
|
|
<title>Changes</title>
|
|
|
|
<itemizedlist>
|
|
|
|
<listitem>
|
|
<para>
|
|
Fix insecure parsing of server command-line switches (Mitsumasa
|
|
Kondo, Kyotaro Horiguchi)
|
|
</para>
|
|
|
|
<para>
|
|
A connection request containing a database name that begins with
|
|
<quote><literal>-</></quote> could be crafted to damage or destroy
|
|
files within the server's data directory, even if the request is
|
|
eventually rejected. (CVE-2013-1899)
|
|
</para>
|
|
</listitem>
|
|
|
|
<listitem>
|
|
<para>
|
|
Reset OpenSSL randomness state in each postmaster child process
|
|
(Marko Kreen)
|
|
</para>
|
|
|
|
<para>
|
|
This avoids a scenario wherein random numbers generated by
|
|
<filename>contrib/pgcrypto</> functions might be relatively easy for
|
|
another database user to guess. The risk is only significant when
|
|
the postmaster is configured with <varname>ssl</> = <literal>on</>
|
|
but most connections don't use SSL encryption. (CVE-2013-1900)
|
|
</para>
|
|
</listitem>
|
|
|
|
<listitem>
|
|
<para>
|
|
Fix GiST indexes to not use <quote>fuzzy</> geometric comparisons when
|
|
it's not appropriate to do so (Alexander Korotkov)
|
|
</para>
|
|
|
|
<para>
|
|
The core geometric types perform comparisons using <quote>fuzzy</>
|
|
equality, but <function>gist_box_same</> must do exact comparisons,
|
|
else GiST indexes using it might become inconsistent. After installing
|
|
this update, users should <command>REINDEX</> any GiST indexes on
|
|
<type>box</>, <type>polygon</>, <type>circle</>, or <type>point</>
|
|
columns, since all of these use <function>gist_box_same</>.
|
|
</para>
|
|
</listitem>
|
|
|
|
<listitem>
|
|
<para>
|
|
Fix erroneous range-union and penalty logic in GiST indexes that use
|
|
<filename>contrib/btree_gist</> for variable-width data types, that is
|
|
<type>text</>, <type>bytea</>, <type>bit</>, and <type>numeric</>
|
|
columns (Tom Lane)
|
|
</para>
|
|
|
|
<para>
|
|
These errors could result in inconsistent indexes in which some keys
|
|
that are present would not be found by searches, and also in useless
|
|
index bloat. Users are advised to <command>REINDEX</> such indexes
|
|
after installing this update.
|
|
</para>
|
|
</listitem>
|
|
|
|
<listitem>
|
|
<para>
|
|
Fix bugs in GiST page splitting code for multi-column indexes
|
|
(Tom Lane)
|
|
</para>
|
|
|
|
<para>
|
|
These errors could result in inconsistent indexes in which some keys
|
|
that are present would not be found by searches, and also in indexes
|
|
that are unnecessarily inefficient to search. Users are advised to
|
|
<command>REINDEX</> multi-column GiST indexes after installing this
|
|
update.
|
|
</para>
|
|
</listitem>
|
|
|
|
<listitem>
|
|
<para>
|
|
Fix <function>gist_point_consistent</>
|
|
to handle fuzziness consistently (Alexander Korotkov)
|
|
</para>
|
|
|
|
<para>
|
|
Index scans on GiST indexes on <type>point</> columns would sometimes
|
|
yield results different from a sequential scan, because
|
|
<function>gist_point_consistent</> disagreed with the underlying
|
|
operator code about whether to do comparisons exactly or fuzzily.
|
|
</para>
|
|
</listitem>
|
|
|
|
<listitem>
|
|
<para>
|
|
Fix buffer leak in WAL replay (Heikki Linnakangas)
|
|
</para>
|
|
|
|
<para>
|
|
This bug could result in <quote>incorrect local pin count</> errors
|
|
during replay, making recovery impossible.
|
|
</para>
|
|
</listitem>
|
|
|
|
<listitem>
|
|
<para>
|
|
Fix race condition in <command>DELETE RETURNING</> (Tom Lane)
|
|
</para>
|
|
|
|
<para>
|
|
Under the right circumstances, <command>DELETE RETURNING</> could
|
|
attempt to fetch data from a shared buffer that the current process
|
|
no longer has any pin on. If some other process changed the buffer
|
|
meanwhile, this would lead to garbage <literal>RETURNING</> output, or
|
|
even a crash.
|
|
</para>
|
|
</listitem>
|
|
|
|
<listitem>
|
|
<para>
|
|
Fix infinite-loop risk in regular expression compilation (Tom Lane,
|
|
Don Porter)
|
|
</para>
|
|
</listitem>
|
|
|
|
<listitem>
|
|
<para>
|
|
Fix potential null-pointer dereference in regular expression compilation
|
|
(Tom Lane)
|
|
</para>
|
|
</listitem>
|
|
|
|
<listitem>
|
|
<para>
|
|
Fix <function>to_char()</> to use ASCII-only case-folding rules where
|
|
appropriate (Tom Lane)
|
|
</para>
|
|
|
|
<para>
|
|
This fixes misbehavior of some template patterns that should be
|
|
locale-independent, but mishandled <quote><literal>I</></quote> and
|
|
<quote><literal>i</></quote> in Turkish locales.
|
|
</para>
|
|
</listitem>
|
|
|
|
<listitem>
|
|
<para>
|
|
Fix unwanted rejection of timestamp <literal>1999-12-31 24:00:00</>
|
|
(Tom Lane)
|
|
</para>
|
|
</listitem>
|
|
|
|
<listitem>
|
|
<para>
|
|
Fix logic error when a single transaction does <command>UNLISTEN</>
|
|
then <command>LISTEN</> (Tom Lane)
|
|
</para>
|
|
|
|
<para>
|
|
The session wound up not listening for notify events at all, though it
|
|
surely should listen in this case.
|
|
</para>
|
|
</listitem>
|
|
|
|
<listitem>
|
|
<para>
|
|
Remove useless <quote>picksplit doesn't support secondary split</> log
|
|
messages (Josh Hansen, Tom Lane)
|
|
</para>
|
|
|
|
<para>
|
|
This message seems to have been added in expectation of code that was
|
|
never written, and probably never will be, since GiST's default
|
|
handling of secondary splits is actually pretty good. So stop nagging
|
|
end users about it.
|
|
</para>
|
|
</listitem>
|
|
|
|
<listitem>
|
|
<para>
|
|
Fix possible failure to send a session's last few transaction
|
|
commit/abort counts to the statistics collector (Tom Lane)
|
|
</para>
|
|
</listitem>
|
|
|
|
<listitem>
|
|
<para>
|
|
Eliminate memory leaks in PL/Perl's <function>spi_prepare()</> function
|
|
(Alex Hunsaker, Tom Lane)
|
|
</para>
|
|
</listitem>
|
|
|
|
<listitem>
|
|
<para>
|
|
Fix <application>pg_dumpall</> to handle database names containing
|
|
<quote><literal>=</></quote> correctly (Heikki Linnakangas)
|
|
</para>
|
|
</listitem>
|
|
|
|
<listitem>
|
|
<para>
|
|
Avoid crash in <application>pg_dump</> when an incorrect connection
|
|
string is given (Heikki Linnakangas)
|
|
</para>
|
|
</listitem>
|
|
|
|
<listitem>
|
|
<para>
|
|
Ignore invalid indexes in <application>pg_dump</> and
|
|
<application>pg_upgrade</> (Michael Paquier, Bruce Momjian)
|
|
</para>
|
|
|
|
<para>
|
|
Dumping invalid indexes can cause problems at restore time, for example
|
|
if the reason the index creation failed was because it tried to enforce
|
|
a uniqueness condition not satisfied by the table's data. Also, if the
|
|
index creation is in fact still in progress, it seems reasonable to
|
|
consider it to be an uncommitted DDL change, which
|
|
<application>pg_dump</> wouldn't be expected to dump anyway.
|
|
<application>pg_upgrade</> now also skips invalid indexes rather than
|
|
failing.
|
|
</para>
|
|
</listitem>
|
|
|
|
<listitem>
|
|
<para>
|
|
Fix <filename>contrib/pg_trgm</>'s <function>similarity()</> function
|
|
to return zero for trigram-less strings (Tom Lane)
|
|
</para>
|
|
|
|
<para>
|
|
Previously it returned <literal>NaN</> due to internal division by zero.
|
|
</para>
|
|
</listitem>
|
|
|
|
<listitem>
|
|
<para>
|
|
Update time zone data files to <application>tzdata</> release 2013b
|
|
for DST law changes in Chile, Haiti, Morocco, Paraguay, and some
|
|
Russian areas. Also, historical zone data corrections for numerous
|
|
places.
|
|
</para>
|
|
|
|
<para>
|
|
Also, update the time zone abbreviation files for recent changes in
|
|
Russia and elsewhere: <literal>CHOT</>, <literal>GET</>,
|
|
<literal>IRKT</>, <literal>KGT</>, <literal>KRAT</>, <literal>MAGT</>,
|
|
<literal>MAWT</>, <literal>MSK</>, <literal>NOVT</>, <literal>OMST</>,
|
|
<literal>TKT</>, <literal>VLAT</>, <literal>WST</>, <literal>YAKT</>,
|
|
<literal>YEKT</> now follow their current meanings, and
|
|
<literal>VOLT</> (Europe/Volgograd) and <literal>MIST</>
|
|
(Antarctica/Macquarie) are added to the default abbreviations list.
|
|
</para>
|
|
</listitem>
|
|
|
|
</itemizedlist>
|
|
|
|
</sect2>
|
|
</sect1>
|
|
|
|
<sect1 id="release-9-0-12">
|
|
<title>Release 9.0.12</title>
|
|
|
|
<note>
|
|
<title>Release Date</title>
|
|
<simpara>2013-02-07</simpara>
|
|
</note>
|
|
|
|
<para>
|
|
This release contains a variety of fixes from 9.0.11.
|
|
For information about new features in the 9.0 major release, see
|
|
<xref linkend="release-9-0">.
|
|
</para>
|
|
|
|
<sect2>
|
|
<title>Migration to Version 9.0.12</title>
|
|
|
|
<para>
|
|
A dump/restore is not required for those running 9.0.X.
|
|
</para>
|
|
|
|
<para>
|
|
However, if you are upgrading from a version earlier than 9.0.6,
|
|
see <xref linkend="release-9-0-6">.
|
|
</para>
|
|
|
|
</sect2>
|
|
|
|
<sect2>
|
|
<title>Changes</title>
|
|
|
|
<itemizedlist>
|
|
|
|
<listitem>
|
|
<para>
|
|
Prevent execution of <function>enum_recv</> from SQL (Tom Lane)
|
|
</para>
|
|
|
|
<para>
|
|
The function was misdeclared, allowing a simple SQL command to crash the
|
|
server. In principle an attacker might be able to use it to examine the
|
|
contents of server memory. Our thanks to Sumit Soni (via Secunia SVCRP)
|
|
for reporting this issue. (CVE-2013-0255)
|
|
</para>
|
|
</listitem>
|
|
|
|
<listitem>
|
|
<para>
|
|
Fix multiple problems in detection of when a consistent database
|
|
state has been reached during WAL replay (Fujii Masao, Heikki
|
|
Linnakangas, Simon Riggs, Andres Freund)
|
|
</para>
|
|
</listitem>
|
|
|
|
<listitem>
|
|
<para>
|
|
Update minimum recovery point when truncating a relation file (Heikki
|
|
Linnakangas)
|
|
</para>
|
|
|
|
<para>
|
|
Once data has been discarded, it's no longer safe to stop recovery at
|
|
an earlier point in the timeline.
|
|
</para>
|
|
</listitem>
|
|
|
|
<listitem>
|
|
<para>
|
|
Fix missing cancellations in hot standby mode (Noah Misch, Simon Riggs)
|
|
</para>
|
|
|
|
<para>
|
|
The need to cancel conflicting hot-standby queries would sometimes be
|
|
missed, allowing those queries to see inconsistent data.
|
|
</para>
|
|
</listitem>
|
|
|
|
<listitem>
|
|
<para>
|
|
Fix SQL grammar to allow subscripting or field selection from a
|
|
sub-SELECT result (Tom Lane)
|
|
</para>
|
|
</listitem>
|
|
|
|
<listitem>
|
|
<para>
|
|
Fix performance problems with autovacuum truncation in busy workloads
|
|
(Jan Wieck)
|
|
</para>
|
|
|
|
<para>
|
|
Truncation of empty pages at the end of a table requires exclusive
|
|
lock, but autovacuum was coded to fail (and release the table lock)
|
|
when there are conflicting lock requests. Under load, it is easily
|
|
possible that truncation would never occur, resulting in table bloat.
|
|
Fix by performing a partial truncation, releasing the lock, then
|
|
attempting to re-acquire the lock and continue. This fix also greatly
|
|
reduces the average time before autovacuum releases the lock after a
|
|
conflicting request arrives.
|
|
</para>
|
|
</listitem>
|
|
|
|
<listitem>
|
|
<para>
|
|
Protect against race conditions when scanning
|
|
<structname>pg_tablespace</> (Stephen Frost, Tom Lane)
|
|
</para>
|
|
|
|
<para>
|
|
<command>CREATE DATABASE</> and <command>DROP DATABASE</> could
|
|
misbehave if there were concurrent updates of
|
|
<structname>pg_tablespace</> entries.
|
|
</para>
|
|
</listitem>
|
|
|
|
<listitem>
|
|
<para>
|
|
Prevent <command>DROP OWNED</> from trying to drop whole databases or
|
|
tablespaces (Álvaro Herrera)
|
|
</para>
|
|
|
|
<para>
|
|
For safety, ownership of these objects must be reassigned, not dropped.
|
|
</para>
|
|
</listitem>
|
|
|
|
<listitem>
|
|
<para>
|
|
Fix error in <link
|
|
linkend="guc-vacuum-freeze-table-age"><varname>vacuum_freeze_table_age</></link>
|
|
implementation (Andres Freund)
|
|
</para>
|
|
|
|
<para>
|
|
In installations that have existed for more than <link
|
|
linkend="guc-vacuum-freeze-min-age"><varname>vacuum_freeze_min_age</></link>
|
|
transactions, this mistake prevented autovacuum from using partial-table
|
|
scans, so that a full-table scan would always happen instead.
|
|
</para>
|
|
</listitem>
|
|
|
|
<listitem>
|
|
<para>
|
|
Prevent misbehavior when a <symbol>RowExpr</> or <symbol>XmlExpr</>
|
|
is parse-analyzed twice (Andres Freund, Tom Lane)
|
|
</para>
|
|
|
|
<para>
|
|
This mistake could be user-visible in contexts such as
|
|
<literal>CREATE TABLE LIKE INCLUDING INDEXES</>.
|
|
</para>
|
|
</listitem>
|
|
|
|
<listitem>
|
|
<para>
|
|
Improve defenses against integer overflow in hashtable sizing
|
|
calculations (Jeff Davis)
|
|
</para>
|
|
</listitem>
|
|
|
|
<listitem>
|
|
<para>
|
|
Reject out-of-range dates in <function>to_date()</> (Hitoshi Harada)
|
|
</para>
|
|
</listitem>
|
|
|
|
<listitem>
|
|
<para>
|
|
Ensure that non-ASCII prompt strings are translated to the correct
|
|
code page on Windows (Alexander Law, Noah Misch)
|
|
</para>
|
|
|
|
<para>
|
|
This bug affected <application>psql</> and some other client programs.
|
|
</para>
|
|
</listitem>
|
|
|
|
<listitem>
|
|
<para>
|
|
Fix possible crash in <application>psql</>'s <command>\?</> command
|
|
when not connected to a database (Meng Qingzhong)
|
|
</para>
|
|
</listitem>
|
|
|
|
<listitem>
|
|
<para>
|
|
Fix <application>pg_upgrade</> to deal with invalid indexes safely
|
|
(Bruce Momjian)
|
|
</para>
|
|
</listitem>
|
|
|
|
<listitem>
|
|
<para>
|
|
Fix one-byte buffer overrun in <application>libpq</>'s
|
|
<function>PQprintTuples</> (Xi Wang)
|
|
</para>
|
|
|
|
<para>
|
|
This ancient function is not used anywhere by
|
|
<productname>PostgreSQL</> itself, but it might still be used by some
|
|
client code.
|
|
</para>
|
|
</listitem>
|
|
|
|
<listitem>
|
|
<para>
|
|
Make <application>ecpglib</> use translated messages properly
|
|
(Chen Huajun)
|
|
</para>
|
|
</listitem>
|
|
|
|
<listitem>
|
|
<para>
|
|
Properly install <application>ecpg_compat</> and
|
|
<application>pgtypes</> libraries on MSVC (Jiang Guiqing)
|
|
</para>
|
|
</listitem>
|
|
|
|
<listitem>
|
|
<para>
|
|
Include our version of <function>isinf()</> in
|
|
<application>libecpg</> if it's not provided by the system
|
|
(Jiang Guiqing)
|
|
</para>
|
|
</listitem>
|
|
|
|
<listitem>
|
|
<para>
|
|
Rearrange configure's tests for supplied functions so it is not
|
|
fooled by bogus exports from libedit/libreadline (Christoph Berg)
|
|
</para>
|
|
</listitem>
|
|
|
|
<listitem>
|
|
<para>
|
|
Ensure Windows build number increases over time (Magnus Hagander)
|
|
</para>
|
|
</listitem>
|
|
|
|
<listitem>
|
|
<para>
|
|
Make <application>pgxs</> build executables with the right
|
|
<literal>.exe</> suffix when cross-compiling for Windows
|
|
(Zoltan Boszormenyi)
|
|
</para>
|
|
</listitem>
|
|
|
|
<listitem>
|
|
<para>
|
|
Add new timezone abbreviation <literal>FET</> (Tom Lane)
|
|
</para>
|
|
|
|
<para>
|
|
This is now used in some eastern-European time zones.
|
|
</para>
|
|
</listitem>
|
|
|
|
</itemizedlist>
|
|
|
|
</sect2>
|
|
</sect1>
|
|
|
|
<sect1 id="release-9-0-11">
|
|
<title>Release 9.0.11</title>
|
|
|
|
<note>
|
|
<title>Release Date</title>
|
|
<simpara>2012-12-06</simpara>
|
|
</note>
|
|
|
|
<para>
|
|
This release contains a variety of fixes from 9.0.10.
|
|
For information about new features in the 9.0 major release, see
|
|
<xref linkend="release-9-0">.
|
|
</para>
|
|
|
|
<sect2>
|
|
<title>Migration to Version 9.0.11</title>
|
|
|
|
<para>
|
|
A dump/restore is not required for those running 9.0.X.
|
|
</para>
|
|
|
|
<para>
|
|
However, if you are upgrading from a version earlier than 9.0.6,
|
|
see <xref linkend="release-9-0-6">.
|
|
</para>
|
|
|
|
</sect2>
|
|
|
|
<sect2>
|
|
<title>Changes</title>
|
|
|
|
<itemizedlist>
|
|
|
|
<listitem>
|
|
<para>
|
|
Fix multiple bugs associated with <command>CREATE INDEX
|
|
CONCURRENTLY</> (Andres Freund, Tom Lane)
|
|
</para>
|
|
|
|
<para>
|
|
Fix <command>CREATE INDEX CONCURRENTLY</> to use
|
|
in-place updates when changing the state of an index's
|
|
<structname>pg_index</> row. This prevents race conditions that could
|
|
cause concurrent sessions to miss updating the target index, thus
|
|
resulting in corrupt concurrently-created indexes.
|
|
</para>
|
|
|
|
<para>
|
|
Also, fix various other operations to ensure that they ignore
|
|
invalid indexes resulting from a failed <command>CREATE INDEX
|
|
CONCURRENTLY</> command. The most important of these is
|
|
<command>VACUUM</>, because an auto-vacuum could easily be launched
|
|
on the table before corrective action can be taken to fix or remove
|
|
the invalid index.
|
|
</para>
|
|
</listitem>
|
|
|
|
<listitem>
|
|
<para>
|
|
Fix buffer locking during WAL replay (Tom Lane)
|
|
</para>
|
|
|
|
<para>
|
|
The WAL replay code was insufficiently careful about locking buffers
|
|
when replaying WAL records that affect more than one page. This could
|
|
result in hot standby queries transiently seeing inconsistent states,
|
|
resulting in wrong answers or unexpected failures.
|
|
</para>
|
|
</listitem>
|
|
|
|
<listitem>
|
|
<para>
|
|
Fix an error in WAL generation logic for GIN indexes (Tom Lane)
|
|
</para>
|
|
|
|
<para>
|
|
This could result in index corruption, if a torn-page failure occurred.
|
|
</para>
|
|
</listitem>
|
|
|
|
<listitem>
|
|
<para>
|
|
Properly remove startup process's virtual XID lock when promoting a
|
|
hot standby server to normal running (Simon Riggs)
|
|
</para>
|
|
|
|
<para>
|
|
This oversight could prevent subsequent execution of certain
|
|
operations such as <command>CREATE INDEX CONCURRENTLY</>.
|
|
</para>
|
|
</listitem>
|
|
|
|
<listitem>
|
|
<para>
|
|
Avoid bogus <quote>out-of-sequence timeline ID</> errors in standby
|
|
mode (Heikki Linnakangas)
|
|
</para>
|
|
</listitem>
|
|
|
|
<listitem>
|
|
<para>
|
|
Prevent the postmaster from launching new child processes after it's
|
|
received a shutdown signal (Tom Lane)
|
|
</para>
|
|
|
|
<para>
|
|
This mistake could result in shutdown taking longer than it should, or
|
|
even never completing at all without additional user action.
|
|
</para>
|
|
</listitem>
|
|
|
|
<listitem>
|
|
<para>
|
|
Avoid corruption of internal hash tables when out of memory
|
|
(Hitoshi Harada)
|
|
</para>
|
|
</listitem>
|
|
|
|
<listitem>
|
|
<para>
|
|
Fix planning of non-strict equivalence clauses above outer joins
|
|
(Tom Lane)
|
|
</para>
|
|
|
|
<para>
|
|
The planner could derive incorrect constraints from a clause equating
|
|
a non-strict construct to something else, for example
|
|
<literal>WHERE COALESCE(foo, 0) = 0</>
|
|
when <literal>foo</> is coming from the nullable side of an outer join.
|
|
</para>
|
|
</listitem>
|
|
|
|
<listitem>
|
|
<para>
|
|
Improve planner's ability to prove exclusion constraints from
|
|
equivalence classes (Tom Lane)
|
|
</para>
|
|
</listitem>
|
|
|
|
<listitem>
|
|
<para>
|
|
Fix partial-row matching in hashed subplans to handle cross-type cases
|
|
correctly (Tom Lane)
|
|
</para>
|
|
|
|
<para>
|
|
This affects multicolumn <literal>NOT IN</> subplans, such as
|
|
<literal>WHERE (a, b) NOT IN (SELECT x, y FROM ...)</>
|
|
when for instance <literal>b</> and <literal>y</> are <type>int4</>
|
|
and <type>int8</> respectively. This mistake led to wrong answers
|
|
or crashes depending on the specific datatypes involved.
|
|
</para>
|
|
</listitem>
|
|
|
|
<listitem>
|
|
<para>
|
|
Acquire buffer lock when re-fetching the old tuple for an
|
|
<literal>AFTER ROW UPDATE/DELETE</> trigger (Andres Freund)
|
|
</para>
|
|
|
|
<para>
|
|
In very unusual circumstances, this oversight could result in passing
|
|
incorrect data to the precheck logic for a foreign-key enforcement
|
|
trigger. That could result in a crash, or in an incorrect decision
|
|
about whether to fire the trigger.
|
|
</para>
|
|
</listitem>
|
|
|
|
<listitem>
|
|
<para>
|
|
Fix <command>ALTER COLUMN TYPE</> to handle inherited check
|
|
constraints properly (Pavan Deolasee)
|
|
</para>
|
|
|
|
<para>
|
|
This worked correctly in pre-8.4 releases, and now works correctly
|
|
in 8.4 and later.
|
|
</para>
|
|
</listitem>
|
|
|
|
<listitem>
|
|
<para>
|
|
Fix <command>REASSIGN OWNED</> to handle grants on tablespaces
|
|
(Álvaro Herrera)
|
|
</para>
|
|
</listitem>
|
|
|
|
<listitem>
|
|
<para>
|
|
Ignore incorrect <structname>pg_attribute</> entries for system
|
|
columns for views (Tom Lane)
|
|
</para>
|
|
|
|
<para>
|
|
Views do not have any system columns. However, we forgot to
|
|
remove such entries when converting a table to a view. That's fixed
|
|
properly for 9.3 and later, but in previous branches we need to defend
|
|
against existing mis-converted views.
|
|
</para>
|
|
</listitem>
|
|
|
|
<listitem>
|
|
<para>
|
|
Fix rule printing to dump <literal>INSERT INTO <replaceable>table</>
|
|
DEFAULT VALUES</literal> correctly (Tom Lane)
|
|
</para>
|
|
</listitem>
|
|
|
|
<listitem>
|
|
<para>
|
|
Guard against stack overflow when there are too many
|
|
<literal>UNION</>/<literal>INTERSECT</>/<literal>EXCEPT</> clauses
|
|
in a query (Tom Lane)
|
|
</para>
|
|
</listitem>
|
|
|
|
<listitem>
|
|
<para>
|
|
Prevent platform-dependent failures when dividing the minimum possible
|
|
integer value by -1 (Xi Wang, Tom Lane)
|
|
</para>
|
|
</listitem>
|
|
|
|
<listitem>
|
|
<para>
|
|
Fix possible access past end of string in date parsing
|
|
(Hitoshi Harada)
|
|
</para>
|
|
</listitem>
|
|
|
|
<listitem>
|
|
<para>
|
|
Fix failure to advance XID epoch if XID wraparound happens during a
|
|
checkpoint and <varname>wal_level</> is <literal>hot_standby</>
|
|
(Tom Lane, Andres Freund)
|
|
</para>
|
|
|
|
<para>
|
|
While this mistake had no particular impact on
|
|
<productname>PostgreSQL</productname> itself, it was bad for
|
|
applications that rely on <function>txid_current()</> and related
|
|
functions: the TXID value would appear to go backwards.
|
|
</para>
|
|
</listitem>
|
|
|
|
<listitem>
|
|
<para>
|
|
Produce an understandable error message if the length of the path name
|
|
for a Unix-domain socket exceeds the platform-specific limit
|
|
(Tom Lane, Andrew Dunstan)
|
|
</para>
|
|
|
|
<para>
|
|
Formerly, this would result in something quite unhelpful, such as
|
|
<quote>Non-recoverable failure in name resolution</>.
|
|
</para>
|
|
</listitem>
|
|
|
|
<listitem>
|
|
<para>
|
|
Fix memory leaks when sending composite column values to the client
|
|
(Tom Lane)
|
|
</para>
|
|
</listitem>
|
|
|
|
<listitem>
|
|
<para>
|
|
Make <application>pg_ctl</> more robust about reading the
|
|
<filename>postmaster.pid</> file (Heikki Linnakangas)
|
|
</para>
|
|
|
|
<para>
|
|
Fix race conditions and possible file descriptor leakage.
|
|
</para>
|
|
</listitem>
|
|
|
|
<listitem>
|
|
<para>
|
|
Fix possible crash in <application>psql</> if incorrectly-encoded data
|
|
is presented and the <varname>client_encoding</> setting is a
|
|
client-only encoding, such as SJIS (Jiang Guiqing)
|
|
</para>
|
|
</listitem>
|
|
|
|
<listitem>
|
|
<para>
|
|
Fix bugs in the <filename>restore.sql</> script emitted by
|
|
<application>pg_dump</> in <literal>tar</> output format (Tom Lane)
|
|
</para>
|
|
|
|
<para>
|
|
The script would fail outright on tables whose names include
|
|
upper-case characters. Also, make the script capable of restoring
|
|
data in <option>--inserts</> mode as well as the regular COPY mode.
|
|
</para>
|
|
</listitem>
|
|
|
|
<listitem>
|
|
<para>
|
|
Fix <application>pg_restore</> to accept POSIX-conformant
|
|
<literal>tar</> files (Brian Weaver, Tom Lane)
|
|
</para>
|
|
|
|
<para>
|
|
The original coding of <application>pg_dump</>'s <literal>tar</>
|
|
output mode produced files that are not fully conformant with the
|
|
POSIX standard. This has been corrected for version 9.3. This
|
|
patch updates previous branches so that they will accept both the
|
|
incorrect and the corrected formats, in hopes of avoiding
|
|
compatibility problems when 9.3 comes out.
|
|
</para>
|
|
</listitem>
|
|
|
|
<listitem>
|
|
<para>
|
|
Fix <application>pg_resetxlog</> to locate <filename>postmaster.pid</>
|
|
correctly when given a relative path to the data directory (Tom Lane)
|
|
</para>
|
|
|
|
<para>
|
|
This mistake could lead to <application>pg_resetxlog</> not noticing
|
|
that there is an active postmaster using the data directory.
|
|
</para>
|
|
</listitem>
|
|
|
|
<listitem>
|
|
<para>
|
|
Fix <application>libpq</>'s <function>lo_import()</> and
|
|
<function>lo_export()</> functions to report file I/O errors properly
|
|
(Tom Lane)
|
|
</para>
|
|
</listitem>
|
|
|
|
<listitem>
|
|
<para>
|
|
Fix <application>ecpg</>'s processing of nested structure pointer
|
|
variables (Muhammad Usama)
|
|
</para>
|
|
</listitem>
|
|
|
|
<listitem>
|
|
<para>
|
|
Fix <application>ecpg</>'s <function>ecpg_get_data</> function to
|
|
handle arrays properly (Michael Meskes)
|
|
</para>
|
|
</listitem>
|
|
|
|
<listitem>
|
|
<para>
|
|
Make <filename>contrib/pageinspect</>'s btree page inspection
|
|
functions take buffer locks while examining pages (Tom Lane)
|
|
</para>
|
|
</listitem>
|
|
|
|
<listitem>
|
|
<para>
|
|
Fix <application>pgxs</> support for building loadable modules on AIX
|
|
(Tom Lane)
|
|
</para>
|
|
|
|
<para>
|
|
Building modules outside the original source tree didn't work on AIX.
|
|
</para>
|
|
</listitem>
|
|
|
|
<listitem>
|
|
<para>
|
|
Update time zone data files to <application>tzdata</> release 2012j
|
|
for DST law changes in Cuba, Israel, Jordan, Libya, Palestine, Western
|
|
Samoa, and portions of Brazil.
|
|
</para>
|
|
</listitem>
|
|
|
|
</itemizedlist>
|
|
|
|
</sect2>
|
|
</sect1>
|
|
|
|
<sect1 id="release-9-0-10">
|
|
<title>Release 9.0.10</title>
|
|
|
|
<note>
|
|
<title>Release Date</title>
|
|
<simpara>2012-09-24</simpara>
|
|
</note>
|
|
|
|
<para>
|
|
This release contains a variety of fixes from 9.0.9.
|
|
For information about new features in the 9.0 major release, see
|
|
<xref linkend="release-9-0">.
|
|
</para>
|
|
|
|
<sect2>
|
|
<title>Migration to Version 9.0.10</title>
|
|
|
|
<para>
|
|
A dump/restore is not required for those running 9.0.X.
|
|
</para>
|
|
|
|
<para>
|
|
However, if you are upgrading from a version earlier than 9.0.6,
|
|
see <xref linkend="release-9-0-6">.
|
|
</para>
|
|
|
|
</sect2>
|
|
|
|
<sect2>
|
|
<title>Changes</title>
|
|
|
|
<itemizedlist>
|
|
|
|
<listitem>
|
|
<para>
|
|
Fix planner's assignment of executor parameters, and fix executor's
|
|
rescan logic for CTE plan nodes (Tom Lane)
|
|
</para>
|
|
|
|
<para>
|
|
These errors could result in wrong answers from queries that scan the
|
|
same <literal>WITH</> subquery multiple times.
|
|
</para>
|
|
</listitem>
|
|
|
|
<listitem>
|
|
<para>
|
|
Improve page-splitting decisions in GiST indexes (Alexander Korotkov,
|
|
Robert Haas, Tom Lane)
|
|
</para>
|
|
|
|
<para>
|
|
Multi-column GiST indexes might suffer unexpected bloat due to this
|
|
error.
|
|
</para>
|
|
</listitem>
|
|
|
|
<listitem>
|
|
<para>
|
|
Fix cascading privilege revoke to stop if privileges are still held
|
|
(Tom Lane)
|
|
</para>
|
|
|
|
<para>
|
|
If we revoke a grant option from some role <replaceable>X</>, but
|
|
<replaceable>X</> still holds that option via a grant from someone
|
|
else, we should not recursively revoke the corresponding privilege
|
|
from role(s) <replaceable>Y</> that <replaceable>X</> had granted it
|
|
to.
|
|
</para>
|
|
</listitem>
|
|
|
|
<listitem>
|
|
<para>
|
|
Improve error messages for Hot Standby misconfiguration errors
|
|
(Gurjeet Singh)
|
|
</para>
|
|
</listitem>
|
|
|
|
<listitem>
|
|
<para>
|
|
Fix handling of <literal>SIGFPE</> when PL/Perl is in use (Andres Freund)
|
|
</para>
|
|
|
|
<para>
|
|
Perl resets the process's <literal>SIGFPE</> handler to
|
|
<literal>SIG_IGN</>, which could result in crashes later on. Restore
|
|
the normal Postgres signal handler after initializing PL/Perl.
|
|
</para>
|
|
</listitem>
|
|
|
|
<listitem>
|
|
<para>
|
|
Prevent PL/Perl from crashing if a recursive PL/Perl function is
|
|
redefined while being executed (Tom Lane)
|
|
</para>
|
|
</listitem>
|
|
|
|
<listitem>
|
|
<para>
|
|
Work around possible misoptimization in PL/Perl (Tom Lane)
|
|
</para>
|
|
|
|
<para>
|
|
Some Linux distributions contain an incorrect version of
|
|
<filename>pthread.h</> that results in incorrect compiled code in
|
|
PL/Perl, leading to crashes if a PL/Perl function calls another one
|
|
that throws an error.
|
|
</para>
|
|
</listitem>
|
|
|
|
<listitem>
|
|
<para>
|
|
Fix <application>pg_upgrade</>'s handling of line endings on Windows
|
|
(Andrew Dunstan)
|
|
</para>
|
|
|
|
<para>
|
|
Previously, <application>pg_upgrade</> might add or remove carriage
|
|
returns in places such as function bodies.
|
|
</para>
|
|
</listitem>
|
|
|
|
<listitem>
|
|
<para>
|
|
On Windows, make <application>pg_upgrade</> use backslash path
|
|
separators in the scripts it emits (Andrew Dunstan)
|
|
</para>
|
|
</listitem>
|
|
|
|
<listitem>
|
|
<para>
|
|
Update time zone data files to <application>tzdata</> release 2012f
|
|
for DST law changes in Fiji
|
|
</para>
|
|
</listitem>
|
|
|
|
</itemizedlist>
|
|
|
|
</sect2>
|
|
</sect1>
|
|
|
|
<sect1 id="release-9-0-9">
|
|
<title>Release 9.0.9</title>
|
|
|
|
<note>
|
|
<title>Release Date</title>
|
|
<simpara>2012-08-17</simpara>
|
|
</note>
|
|
|
|
<para>
|
|
This release contains a variety of fixes from 9.0.8.
|
|
For information about new features in the 9.0 major release, see
|
|
<xref linkend="release-9-0">.
|
|
</para>
|
|
|
|
<sect2>
|
|
<title>Migration to Version 9.0.9</title>
|
|
|
|
<para>
|
|
A dump/restore is not required for those running 9.0.X.
|
|
</para>
|
|
|
|
<para>
|
|
However, if you are upgrading from a version earlier than 9.0.6,
|
|
see <xref linkend="release-9-0-6">.
|
|
</para>
|
|
|
|
</sect2>
|
|
|
|
<sect2>
|
|
<title>Changes</title>
|
|
|
|
<itemizedlist>
|
|
|
|
<listitem>
|
|
<para>
|
|
Prevent access to external files/URLs via XML entity references
|
|
(Noah Misch, Tom Lane)
|
|
</para>
|
|
|
|
<para>
|
|
<function>xml_parse()</> would attempt to fetch external files or
|
|
URLs as needed to resolve DTD and entity references in an XML value,
|
|
thus allowing unprivileged database users to attempt to fetch data
|
|
with the privileges of the database server. While the external data
|
|
wouldn't get returned directly to the user, portions of it could be
|
|
exposed in error messages if the data didn't parse as valid XML; and
|
|
in any case the mere ability to check existence of a file might be
|
|
useful to an attacker. (CVE-2012-3489)
|
|
</para>
|
|
</listitem>
|
|
|
|
<listitem>
|
|
<para>
|
|
Prevent access to external files/URLs via <filename>contrib/xml2</>'s
|
|
<function>xslt_process()</> (Peter Eisentraut)
|
|
</para>
|
|
|
|
<para>
|
|
<application>libxslt</> offers the ability to read and write both
|
|
files and URLs through stylesheet commands, thus allowing
|
|
unprivileged database users to both read and write data with the
|
|
privileges of the database server. Disable that through proper use
|
|
of <application>libxslt</>'s security options. (CVE-2012-3488)
|
|
</para>
|
|
|
|
<para>
|
|
Also, remove <function>xslt_process()</>'s ability to fetch documents
|
|
and stylesheets from external files/URLs. While this was a
|
|
documented <quote>feature</>, it was long regarded as a bad idea.
|
|
The fix for CVE-2012-3489 broke that capability, and rather than
|
|
expend effort on trying to fix it, we're just going to summarily
|
|
remove it.
|
|
</para>
|
|
</listitem>
|
|
|
|
<listitem>
|
|
<para>
|
|
Prevent too-early recycling of btree index pages (Noah Misch)
|
|
</para>
|
|
|
|
<para>
|
|
When we allowed read-only transactions to skip assigning XIDs, we
|
|
introduced the possibility that a deleted btree page could be
|
|
recycled while a read-only transaction was still in flight to it.
|
|
This would result in incorrect index search results. The probability
|
|
of such an error occurring in the field seems very low because of the
|
|
timing requirements, but nonetheless it should be fixed.
|
|
</para>
|
|
</listitem>
|
|
|
|
<listitem>
|
|
<para>
|
|
Fix crash-safety bug with newly-created-or-reset sequences (Tom Lane)
|
|
</para>
|
|
|
|
<para>
|
|
If <command>ALTER SEQUENCE</> was executed on a freshly created or
|
|
reset sequence, and then precisely one <function>nextval()</> call
|
|
was made on it, and then the server crashed, WAL replay would restore
|
|
the sequence to a state in which it appeared that no
|
|
<function>nextval()</> had been done, thus allowing the first
|
|
sequence value to be returned again by the next
|
|
<function>nextval()</> call. In particular this could manifest for
|
|
<type>serial</> columns, since creation of a serial column's sequence
|
|
includes an <command>ALTER SEQUENCE OWNED BY</> step.
|
|
</para>
|
|
</listitem>
|
|
|
|
<listitem>
|
|
<para>
|
|
Fix <function>txid_current()</> to report the correct epoch when not
|
|
in hot standby (Heikki Linnakangas)
|
|
</para>
|
|
|
|
<para>
|
|
This fixes a regression introduced in the previous minor release.
|
|
</para>
|
|
</listitem>
|
|
|
|
<listitem>
|
|
<para>
|
|
Fix bug in startup of Hot Standby when a master transaction has many
|
|
subtransactions (Andres Freund)
|
|
</para>
|
|
|
|
<para>
|
|
This mistake led to failures reported as <quote>out-of-order XID
|
|
insertion in KnownAssignedXids</>.
|
|
</para>
|
|
</listitem>
|
|
|
|
<listitem>
|
|
<para>
|
|
Ensure the <filename>backup_label</> file is fsync'd after
|
|
<function>pg_start_backup()</> (Dave Kerr)
|
|
</para>
|
|
</listitem>
|
|
|
|
<listitem>
|
|
<para>
|
|
Fix timeout handling in walsender processes (Tom Lane)
|
|
</para>
|
|
|
|
<para>
|
|
WAL sender background processes neglected to establish a
|
|
<systemitem>SIGALRM</> handler, meaning they would wait forever in
|
|
some corner cases where a timeout ought to happen.
|
|
</para>
|
|
</listitem>
|
|
|
|
<listitem>
|
|
<para>
|
|
Back-patch 9.1 improvement to compress the fsync request queue
|
|
(Robert Haas)
|
|
</para>
|
|
|
|
<para>
|
|
This improves performance during checkpoints. The 9.1 change
|
|
has now seen enough field testing to seem safe to back-patch.
|
|
</para>
|
|
</listitem>
|
|
|
|
<listitem>
|
|
<para>
|
|
Fix <literal>LISTEN</>/<literal>NOTIFY</> to cope better with I/O
|
|
problems, such as out of disk space (Tom Lane)
|
|
</para>
|
|
|
|
<para>
|
|
After a write failure, all subsequent attempts to send more
|
|
<literal>NOTIFY</> messages would fail with messages like
|
|
<quote>Could not read from file "pg_notify/<replaceable>nnnn</>" at
|
|
offset <replaceable>nnnnn</>: Success</quote>.
|
|
</para>
|
|
</listitem>
|
|
|
|
<listitem>
|
|
<para>
|
|
Only allow autovacuum to be auto-canceled by a directly blocked
|
|
process (Tom Lane)
|
|
</para>
|
|
|
|
<para>
|
|
The original coding could allow inconsistent behavior in some cases;
|
|
in particular, an autovacuum could get canceled after less than
|
|
<literal>deadlock_timeout</> grace period.
|
|
</para>
|
|
</listitem>
|
|
|
|
<listitem>
|
|
<para>
|
|
Improve logging of autovacuum cancels (Robert Haas)
|
|
</para>
|
|
</listitem>
|
|
|
|
<listitem>
|
|
<para>
|
|
Fix log collector so that <literal>log_truncate_on_rotation</> works
|
|
during the very first log rotation after server start (Tom Lane)
|
|
</para>
|
|
</listitem>
|
|
|
|
<listitem>
|
|
<para>
|
|
Fix <literal>WITH</> attached to a nested set operation
|
|
(<literal>UNION</>/<literal>INTERSECT</>/<literal>EXCEPT</>)
|
|
(Tom Lane)
|
|
</para>
|
|
</listitem>
|
|
|
|
<listitem>
|
|
<para>
|
|
Ensure that a whole-row reference to a subquery doesn't include any
|
|
extra <literal>GROUP BY</> or <literal>ORDER BY</> columns (Tom Lane)
|
|
</para>
|
|
</listitem>
|
|
|
|
<listitem>
|
|
<para>
|
|
Disallow copying whole-row references in <literal>CHECK</>
|
|
constraints and index definitions during <command>CREATE TABLE</>
|
|
(Tom Lane)
|
|
</para>
|
|
|
|
<para>
|
|
This situation can arise in <command>CREATE TABLE</> with
|
|
<literal>LIKE</> or <literal>INHERITS</>. The copied whole-row
|
|
variable was incorrectly labeled with the row type of the original
|
|
table not the new one. Rejecting the case seems reasonable for
|
|
<literal>LIKE</>, since the row types might well diverge later. For
|
|
<literal>INHERITS</> we should ideally allow it, with an implicit
|
|
coercion to the parent table's row type; but that will require more
|
|
work than seems safe to back-patch.
|
|
</para>
|
|
</listitem>
|
|
|
|
<listitem>
|
|
<para>
|
|
Fix memory leak in <literal>ARRAY(SELECT ...)</> subqueries (Heikki
|
|
Linnakangas, Tom Lane)
|
|
</para>
|
|
</listitem>
|
|
|
|
<listitem>
|
|
<para>
|
|
Fix extraction of common prefixes from regular expressions (Tom Lane)
|
|
</para>
|
|
|
|
<para>
|
|
The code could get confused by quantified parenthesized
|
|
subexpressions, such as <literal>^(foo)?bar</>. This would lead to
|
|
incorrect index optimization of searches for such patterns.
|
|
</para>
|
|
</listitem>
|
|
|
|
<listitem>
|
|
<para>
|
|
Fix bugs with parsing signed
|
|
<replaceable>hh</><literal>:</><replaceable>mm</> and
|
|
<replaceable>hh</><literal>:</><replaceable>mm</><literal>:</><replaceable>ss</>
|
|
fields in <type>interval</> constants (Amit Kapila, Tom Lane)
|
|
</para>
|
|
</listitem>
|
|
|
|
<listitem>
|
|
<para>
|
|
Use Postgres' encoding conversion functions, not Python's, when
|
|
converting a Python Unicode string to the server encoding in
|
|
PL/Python (Jan Urbanski)
|
|
</para>
|
|
|
|
<para>
|
|
This avoids some corner-case problems, notably that Python doesn't
|
|
support all the encodings Postgres does. A notable functional change
|
|
is that if the server encoding is SQL_ASCII, you will get the UTF-8
|
|
representation of the string; formerly, any non-ASCII characters in
|
|
the string would result in an error.
|
|
</para>
|
|
</listitem>
|
|
|
|
<listitem>
|
|
<para>
|
|
Fix mapping of PostgreSQL encodings to Python encodings in PL/Python
|
|
(Jan Urbanski)
|
|
</para>
|
|
</listitem>
|
|
|
|
<listitem>
|
|
<para>
|
|
Report errors properly in <filename>contrib/xml2</>'s
|
|
<function>xslt_process()</> (Tom Lane)
|
|
</para>
|
|
</listitem>
|
|
|
|
<listitem>
|
|
<para>
|
|
Update time zone data files to <application>tzdata</> release 2012e
|
|
for DST law changes in Morocco and Tokelau
|
|
</para>
|
|
</listitem>
|
|
|
|
</itemizedlist>
|
|
|
|
</sect2>
|
|
</sect1>
|
|
|
|
<sect1 id="release-9-0-8">
|
|
<title>Release 9.0.8</title>
|
|
|
|
<note>
|
|
<title>Release Date</title>
|
|
<simpara>2012-06-04</simpara>
|
|
</note>
|
|
|
|
<para>
|
|
This release contains a variety of fixes from 9.0.7.
|
|
For information about new features in the 9.0 major release, see
|
|
<xref linkend="release-9-0">.
|
|
</para>
|
|
|
|
<sect2>
|
|
<title>Migration to Version 9.0.8</title>
|
|
|
|
<para>
|
|
A dump/restore is not required for those running 9.0.X.
|
|
</para>
|
|
|
|
<para>
|
|
However, if you are upgrading from a version earlier than 9.0.6,
|
|
see <xref linkend="release-9-0-6">.
|
|
</para>
|
|
|
|
</sect2>
|
|
|
|
<sect2>
|
|
<title>Changes</title>
|
|
|
|
<itemizedlist>
|
|
|
|
<listitem>
|
|
<para>
|
|
Fix incorrect password transformation in
|
|
<filename>contrib/pgcrypto</>'s DES <function>crypt()</> function
|
|
(Solar Designer)
|
|
</para>
|
|
|
|
<para>
|
|
If a password string contained the byte value <literal>0x80</>, the
|
|
remainder of the password was ignored, causing the password to be much
|
|
weaker than it appeared. With this fix, the rest of the string is
|
|
properly included in the DES hash. Any stored password values that are
|
|
affected by this bug will thus no longer match, so the stored values may
|
|
need to be updated. (CVE-2012-2143)
|
|
</para>
|
|
</listitem>
|
|
|
|
<listitem>
|
|
<para>
|
|
Ignore <literal>SECURITY DEFINER</> and <literal>SET</> attributes for
|
|
a procedural language's call handler (Tom Lane)
|
|
</para>
|
|
|
|
<para>
|
|
Applying such attributes to a call handler could crash the server.
|
|
(CVE-2012-2655)
|
|
</para>
|
|
</listitem>
|
|
|
|
<listitem>
|
|
<para>
|
|
Allow numeric timezone offsets in <type>timestamp</> input to be up to
|
|
16 hours away from UTC (Tom Lane)
|
|
</para>
|
|
|
|
<para>
|
|
Some historical time zones have offsets larger than 15 hours, the
|
|
previous limit. This could result in dumped data values being rejected
|
|
during reload.
|
|
</para>
|
|
</listitem>
|
|
|
|
<listitem>
|
|
<para>
|
|
Fix timestamp conversion to cope when the given time is exactly the
|
|
last DST transition time for the current timezone (Tom Lane)
|
|
</para>
|
|
|
|
<para>
|
|
This oversight has been there a long time, but was not noticed
|
|
previously because most DST-using zones are presumed to have an
|
|
indefinite sequence of future DST transitions.
|
|
</para>
|
|
</listitem>
|
|
|
|
<listitem>
|
|
<para>
|
|
Fix <type>text</> to <type>name</> and <type>char</> to <type>name</>
|
|
casts to perform string truncation correctly in multibyte encodings
|
|
(Karl Schnaitter)
|
|
</para>
|
|
</listitem>
|
|
|
|
<listitem>
|
|
<para>
|
|
Fix memory copying bug in <function>to_tsquery()</> (Heikki Linnakangas)
|
|
</para>
|
|
</listitem>
|
|
|
|
<listitem>
|
|
<para>
|
|
Ensure <function>txid_current()</> reports the correct epoch when
|
|
executed in hot standby (Simon Riggs)
|
|
</para>
|
|
</listitem>
|
|
|
|
<listitem>
|
|
<para>
|
|
Fix planner's handling of outer PlaceHolderVars within subqueries (Tom
|
|
Lane)
|
|
</para>
|
|
|
|
<para>
|
|
This bug concerns sub-SELECTs that reference variables coming from the
|
|
nullable side of an outer join of the surrounding query.
|
|
In 9.1, queries affected by this bug would fail with <quote>ERROR:
|
|
Upper-level PlaceHolderVar found where not expected</>. But in 9.0 and
|
|
8.4, you'd silently get possibly-wrong answers, since the value
|
|
transmitted into the subquery wouldn't go to null when it should.
|
|
</para>
|
|
</listitem>
|
|
|
|
<listitem>
|
|
<para>
|
|
Fix slow session startup when <structname>pg_attribute</> is very large
|
|
(Tom Lane)
|
|
</para>
|
|
|
|
<para>
|
|
If <structname>pg_attribute</> exceeds one-fourth of
|
|
<varname>shared_buffers</>, cache rebuilding code that is sometimes
|
|
needed during session start would trigger the synchronized-scan logic,
|
|
causing it to take many times longer than normal. The problem was
|
|
particularly acute if many new sessions were starting at once.
|
|
</para>
|
|
</listitem>
|
|
|
|
<listitem>
|
|
<para>
|
|
Ensure sequential scans check for query cancel reasonably often (Merlin
|
|
Moncure)
|
|
</para>
|
|
|
|
<para>
|
|
A scan encountering many consecutive pages that contain no live tuples
|
|
would not respond to interrupts meanwhile.
|
|
</para>
|
|
</listitem>
|
|
|
|
<listitem>
|
|
<para>
|
|
Ensure the Windows implementation of <function>PGSemaphoreLock()</>
|
|
clears <varname>ImmediateInterruptOK</> before returning (Tom Lane)
|
|
</para>
|
|
|
|
<para>
|
|
This oversight meant that a query-cancel interrupt received later
|
|
in the same query could be accepted at an unsafe time, with
|
|
unpredictable but not good consequences.
|
|
</para>
|
|
</listitem>
|
|
|
|
<listitem>
|
|
<para>
|
|
Show whole-row variables safely when printing views or rules
|
|
(Abbas Butt, Tom Lane)
|
|
</para>
|
|
|
|
<para>
|
|
Corner cases involving ambiguous names (that is, the name could be
|
|
either a table or column name of the query) were printed in an
|
|
ambiguous way, risking that the view or rule would be interpreted
|
|
differently after dump and reload. Avoid the ambiguous case by
|
|
attaching a no-op cast.
|
|
</para>
|
|
</listitem>
|
|
|
|
<listitem>
|
|
<para>
|
|
Fix <command>COPY FROM</> to properly handle null marker strings that
|
|
correspond to invalid encoding (Tom Lane)
|
|
</para>
|
|
|
|
<para>
|
|
A null marker string such as <literal>E'\\0'</> should work, and did
|
|
work in the past, but the case got broken in 8.4.
|
|
</para>
|
|
</listitem>
|
|
|
|
<listitem>
|
|
<para>
|
|
Ensure autovacuum worker processes perform stack depth checking
|
|
properly (Heikki Linnakangas)
|
|
</para>
|
|
|
|
<para>
|
|
Previously, infinite recursion in a function invoked by
|
|
auto-<command>ANALYZE</> could crash worker processes.
|
|
</para>
|
|
</listitem>
|
|
|
|
<listitem>
|
|
<para>
|
|
Fix logging collector to not lose log coherency under high load (Andrew
|
|
Dunstan)
|
|
</para>
|
|
|
|
<para>
|
|
The collector previously could fail to reassemble large messages if it
|
|
got too busy.
|
|
</para>
|
|
</listitem>
|
|
|
|
<listitem>
|
|
<para>
|
|
Fix logging collector to ensure it will restart file rotation
|
|
after receiving <systemitem>SIGHUP</> (Tom Lane)
|
|
</para>
|
|
</listitem>
|
|
|
|
<listitem>
|
|
<para>
|
|
Fix WAL replay logic for GIN indexes to not fail if the index was
|
|
subsequently dropped (Tom Lane)
|
|
</para>
|
|
</listitem>
|
|
|
|
<listitem>
|
|
<para>
|
|
Fix memory leak in PL/pgSQL's <command>RETURN NEXT</> command (Joe
|
|
Conway)
|
|
</para>
|
|
</listitem>
|
|
|
|
<listitem>
|
|
<para>
|
|
Fix PL/pgSQL's <command>GET DIAGNOSTICS</> command when the target
|
|
is the function's first variable (Tom Lane)
|
|
</para>
|
|
</listitem>
|
|
|
|
<listitem>
|
|
<para>
|
|
Fix potential access off the end of memory in <application>psql</>'s
|
|
expanded display (<command>\x</>) mode (Peter Eisentraut)
|
|
</para>
|
|
</listitem>
|
|
|
|
<listitem>
|
|
<para>
|
|
Fix several performance problems in <application>pg_dump</> when
|
|
the database contains many objects (Jeff Janes, Tom Lane)
|
|
</para>
|
|
|
|
<para>
|
|
<application>pg_dump</> could get very slow if the database contained
|
|
many schemas, or if many objects are in dependency loops, or if there
|
|
are many owned sequences.
|
|
</para>
|
|
</listitem>
|
|
|
|
<listitem>
|
|
<para>
|
|
Fix <application>pg_upgrade</> for the case that a database stored in a
|
|
non-default tablespace contains a table in the cluster's default
|
|
tablespace (Bruce Momjian)
|
|
</para>
|
|
</listitem>
|
|
|
|
<listitem>
|
|
<para>
|
|
In <application>ecpg</>, fix rare memory leaks and possible overwrite
|
|
of one byte after the <structname>sqlca_t</> structure (Peter Eisentraut)
|
|
</para>
|
|
</listitem>
|
|
|
|
<listitem>
|
|
<para>
|
|
Fix <filename>contrib/dblink</>'s <function>dblink_exec()</> to not leak
|
|
temporary database connections upon error (Tom Lane)
|
|
</para>
|
|
</listitem>
|
|
|
|
<listitem>
|
|
<para>
|
|
Fix <filename>contrib/dblink</> to report the correct connection name in
|
|
error messages (Kyotaro Horiguchi)
|
|
</para>
|
|
</listitem>
|
|
|
|
<listitem>
|
|
<para>
|
|
Fix <filename>contrib/vacuumlo</> to use multiple transactions when
|
|
dropping many large objects (Tim Lewis, Robert Haas, Tom Lane)
|
|
</para>
|
|
|
|
<para>
|
|
This change avoids exceeding <varname>max_locks_per_transaction</> when
|
|
many objects need to be dropped. The behavior can be adjusted with the
|
|
new <literal>-l</> (limit) option.
|
|
</para>
|
|
</listitem>
|
|
|
|
<listitem>
|
|
<para>
|
|
Update time zone data files to <application>tzdata</> release 2012c
|
|
for DST law changes in Antarctica, Armenia, Chile, Cuba, Falkland
|
|
Islands, Gaza, Haiti, Hebron, Morocco, Syria, and Tokelau Islands;
|
|
also historical corrections for Canada.
|
|
</para>
|
|
</listitem>
|
|
|
|
</itemizedlist>
|
|
|
|
</sect2>
|
|
</sect1>
|
|
|
|
<sect1 id="release-9-0-7">
|
|
<title>Release 9.0.7</title>
|
|
|
|
<note>
|
|
<title>Release Date</title>
|
|
<simpara>2012-02-27</simpara>
|
|
</note>
|
|
|
|
<para>
|
|
This release contains a variety of fixes from 9.0.6.
|
|
For information about new features in the 9.0 major release, see
|
|
<xref linkend="release-9-0">.
|
|
</para>
|
|
|
|
<sect2>
|
|
<title>Migration to Version 9.0.7</title>
|
|
|
|
<para>
|
|
A dump/restore is not required for those running 9.0.X.
|
|
</para>
|
|
|
|
<para>
|
|
However, if you are upgrading from a version earlier than 9.0.6,
|
|
see <xref linkend="release-9-0-6">.
|
|
</para>
|
|
|
|
</sect2>
|
|
|
|
<sect2>
|
|
<title>Changes</title>
|
|
|
|
<itemizedlist>
|
|
|
|
<listitem>
|
|
<para>
|
|
Require execute permission on the trigger function for
|
|
<command>CREATE TRIGGER</> (Robert Haas)
|
|
</para>
|
|
|
|
<para>
|
|
This missing check could allow another user to execute a trigger
|
|
function with forged input data, by installing it on a table he owns.
|
|
This is only of significance for trigger functions marked
|
|
<literal>SECURITY DEFINER</>, since otherwise trigger functions run
|
|
as the table owner anyway. (CVE-2012-0866)
|
|
</para>
|
|
</listitem>
|
|
|
|
<listitem>
|
|
<para>
|
|
Remove arbitrary limitation on length of common name in SSL
|
|
certificates (Heikki Linnakangas)
|
|
</para>
|
|
|
|
<para>
|
|
Both <application>libpq</> and the server truncated the common name
|
|
extracted from an SSL certificate at 32 bytes. Normally this would
|
|
cause nothing worse than an unexpected verification failure, but there
|
|
are some rather-implausible scenarios in which it might allow one
|
|
certificate holder to impersonate another. The victim would have to
|
|
have a common name exactly 32 bytes long, and the attacker would have
|
|
to persuade a trusted CA to issue a certificate in which the common
|
|
name has that string as a prefix. Impersonating a server would also
|
|
require some additional exploit to redirect client connections.
|
|
(CVE-2012-0867)
|
|
</para>
|
|
</listitem>
|
|
|
|
<listitem>
|
|
<para>
|
|
Convert newlines to spaces in names written in <application>pg_dump</>
|
|
comments (Robert Haas)
|
|
</para>
|
|
|
|
<para>
|
|
<application>pg_dump</> was incautious about sanitizing object names
|
|
that are emitted within SQL comments in its output script. A name
|
|
containing a newline would at least render the script syntactically
|
|
incorrect. Maliciously crafted object names could present a SQL
|
|
injection risk when the script is reloaded. (CVE-2012-0868)
|
|
</para>
|
|
</listitem>
|
|
|
|
<listitem>
|
|
<para>
|
|
Fix btree index corruption from insertions concurrent with vacuuming
|
|
(Tom Lane)
|
|
</para>
|
|
|
|
<para>
|
|
An index page split caused by an insertion could sometimes cause a
|
|
concurrently-running <command>VACUUM</> to miss removing index entries
|
|
that it should remove. After the corresponding table rows are removed,
|
|
the dangling index entries would cause errors (such as <quote>could not
|
|
read block N in file ...</>) or worse, silently wrong query results
|
|
after unrelated rows are re-inserted at the now-free table locations.
|
|
This bug has been present since release 8.2, but occurs so infrequently
|
|
that it was not diagnosed until now. If you have reason to suspect
|
|
that it has happened in your database, reindexing the affected index
|
|
will fix things.
|
|
</para>
|
|
</listitem>
|
|
|
|
<listitem>
|
|
<para>
|
|
Fix transient zeroing of shared buffers during WAL replay (Tom Lane)
|
|
</para>
|
|
|
|
<para>
|
|
The replay logic would sometimes zero and refill a shared buffer, so
|
|
that the contents were transiently invalid. In hot standby mode this
|
|
can result in a query that's executing in parallel seeing garbage data.
|
|
Various symptoms could result from that, but the most common one seems
|
|
to be <quote>invalid memory alloc request size</>.
|
|
</para>
|
|
</listitem>
|
|
|
|
<listitem>
|
|
<para>
|
|
Fix postmaster to attempt restart after a hot-standby crash (Tom Lane)
|
|
</para>
|
|
|
|
<para>
|
|
A logic error caused the postmaster to terminate, rather than attempt
|
|
to restart the cluster, if any backend process crashed while operating
|
|
in hot standby mode.
|
|
</para>
|
|
</listitem>
|
|
|
|
<listitem>
|
|
<para>
|
|
Fix <command>CLUSTER</>/<command>VACUUM FULL</> handling of toast
|
|
values owned by recently-updated rows (Tom Lane)
|
|
</para>
|
|
|
|
<para>
|
|
This oversight could lead to <quote>duplicate key value violates unique
|
|
constraint</> errors being reported against the toast table's index
|
|
during one of these commands.
|
|
</para>
|
|
</listitem>
|
|
|
|
<listitem>
|
|
<para>
|
|
Update per-column permissions, not only per-table permissions, when
|
|
changing table owner (Tom Lane)
|
|
</para>
|
|
|
|
<para>
|
|
Failure to do this meant that any previously granted column permissions
|
|
were still shown as having been granted by the old owner. This meant
|
|
that neither the new owner nor a superuser could revoke the
|
|
now-untraceable-to-table-owner permissions.
|
|
</para>
|
|
</listitem>
|
|
|
|
<listitem>
|
|
<para>
|
|
Support foreign data wrappers and foreign servers in
|
|
<command>REASSIGN OWNED</> (Alvaro Herrera)
|
|
</para>
|
|
|
|
<para>
|
|
This command failed with <quote>unexpected classid</> errors if
|
|
it needed to change the ownership of any such objects.
|
|
</para>
|
|
</listitem>
|
|
|
|
<listitem>
|
|
<para>
|
|
Allow non-existent values for some settings in <command>ALTER
|
|
USER/DATABASE SET</> (Heikki Linnakangas)
|
|
</para>
|
|
|
|
<para>
|
|
Allow <varname>default_text_search_config</>,
|
|
<varname>default_tablespace</>, and <varname>temp_tablespaces</> to be
|
|
set to names that are not known. This is because they might be known
|
|
in another database where the setting is intended to be used, or for the
|
|
tablespace cases because the tablespace might not be created yet. The
|
|
same issue was previously recognized for <varname>search_path</>, and
|
|
these settings now act like that one.
|
|
</para>
|
|
</listitem>
|
|
|
|
<listitem>
|
|
<para>
|
|
Avoid crashing when we have problems deleting table files post-commit
|
|
(Tom Lane)
|
|
</para>
|
|
|
|
<para>
|
|
Dropping a table should lead to deleting the underlying disk files only
|
|
after the transaction commits. In event of failure then (for instance,
|
|
because of wrong file permissions) the code is supposed to just emit a
|
|
warning message and go on, since it's too late to abort the
|
|
transaction. This logic got broken as of release 8.4, causing such
|
|
situations to result in a PANIC and an unrestartable database.
|
|
</para>
|
|
</listitem>
|
|
|
|
<listitem>
|
|
<para>
|
|
Recover from errors occurring during WAL replay of <command>DROP
|
|
TABLESPACE</> (Tom Lane)
|
|
</para>
|
|
|
|
<para>
|
|
Replay will attempt to remove the tablespace's directories, but there
|
|
are various reasons why this might fail (for example, incorrect
|
|
ownership or permissions on those directories). Formerly the replay
|
|
code would panic, rendering the database unrestartable without manual
|
|
intervention. It seems better to log the problem and continue, since
|
|
the only consequence of failure to remove the directories is some
|
|
wasted disk space.
|
|
</para>
|
|
</listitem>
|
|
|
|
<listitem>
|
|
<para>
|
|
Fix race condition in logging AccessExclusiveLocks for hot standby
|
|
(Simon Riggs)
|
|
</para>
|
|
|
|
<para>
|
|
Sometimes a lock would be logged as being held by <quote>transaction
|
|
zero</>. This is at least known to produce assertion failures on
|
|
slave servers, and might be the cause of more serious problems.
|
|
</para>
|
|
</listitem>
|
|
|
|
<listitem>
|
|
<para>
|
|
Track the OID counter correctly during WAL replay, even when it wraps
|
|
around (Tom Lane)
|
|
</para>
|
|
|
|
<para>
|
|
Previously the OID counter would remain stuck at a high value until the
|
|
system exited replay mode. The practical consequences of that are
|
|
usually nil, but there are scenarios wherein a standby server that's
|
|
been promoted to master might take a long time to advance the OID
|
|
counter to a reasonable value once values are needed.
|
|
</para>
|
|
</listitem>
|
|
|
|
<listitem>
|
|
<para>
|
|
Prevent emitting misleading <quote>consistent recovery state reached</>
|
|
log message at the beginning of crash recovery (Heikki Linnakangas)
|
|
</para>
|
|
</listitem>
|
|
|
|
<listitem>
|
|
<para>
|
|
Fix initial value of
|
|
<structname>pg_stat_replication</>.<structfield>replay_location</>
|
|
(Fujii Masao)
|
|
</para>
|
|
|
|
<para>
|
|
Previously, the value shown would be wrong until at least one WAL
|
|
record had been replayed.
|
|
</para>
|
|
</listitem>
|
|
|
|
<listitem>
|
|
<para>
|
|
Fix regular expression back-references with <literal>*</> attached
|
|
(Tom Lane)
|
|
</para>
|
|
|
|
<para>
|
|
Rather than enforcing an exact string match, the code would effectively
|
|
accept any string that satisfies the pattern sub-expression referenced
|
|
by the back-reference symbol.
|
|
</para>
|
|
|
|
<para>
|
|
A similar problem still afflicts back-references that are embedded in a
|
|
larger quantified expression, rather than being the immediate subject
|
|
of the quantifier. This will be addressed in a future
|
|
<productname>PostgreSQL</> release.
|
|
</para>
|
|
</listitem>
|
|
|
|
<listitem>
|
|
<para>
|
|
Fix recently-introduced memory leak in processing of
|
|
<type>inet</>/<type>cidr</> values (Heikki Linnakangas)
|
|
</para>
|
|
|
|
<para>
|
|
A patch in the December 2011 releases of <productname>PostgreSQL</>
|
|
caused memory leakage in these operations, which could be significant
|
|
in scenarios such as building a btree index on such a column.
|
|
</para>
|
|
</listitem>
|
|
|
|
<listitem>
|
|
<para>
|
|
Fix dangling pointer after <command>CREATE TABLE AS</>/<command>SELECT
|
|
INTO</> in a SQL-language function (Tom Lane)
|
|
</para>
|
|
|
|
<para>
|
|
In most cases this only led to an assertion failure in assert-enabled
|
|
builds, but worse consequences seem possible.
|
|
</para>
|
|
</listitem>
|
|
|
|
<listitem>
|
|
<para>
|
|
Avoid double close of file handle in syslogger on Windows (MauMau)
|
|
</para>
|
|
|
|
<para>
|
|
Ordinarily this error was invisible, but it would cause an exception
|
|
when running on a debug version of Windows.
|
|
</para>
|
|
</listitem>
|
|
|
|
<listitem>
|
|
<para>
|
|
Fix I/O-conversion-related memory leaks in plpgsql
|
|
(Andres Freund, Jan Urbanski, Tom Lane)
|
|
</para>
|
|
|
|
<para>
|
|
Certain operations would leak memory until the end of the current
|
|
function.
|
|
</para>
|
|
</listitem>
|
|
|
|
<listitem>
|
|
<para>
|
|
Improve <application>pg_dump</>'s handling of inherited table columns
|
|
(Tom Lane)
|
|
</para>
|
|
|
|
<para>
|
|
<application>pg_dump</> mishandled situations where a child column has
|
|
a different default expression than its parent column. If the default
|
|
is textually identical to the parent's default, but not actually the
|
|
same (for instance, because of schema search path differences) it would
|
|
not be recognized as different, so that after dump and restore the
|
|
child would be allowed to inherit the parent's default. Child columns
|
|
that are <literal>NOT NULL</> where their parent is not could also be
|
|
restored subtly incorrectly.
|
|
</para>
|
|
</listitem>
|
|
|
|
<listitem>
|
|
<para>
|
|
Fix <application>pg_restore</>'s direct-to-database mode for
|
|
INSERT-style table data (Tom Lane)
|
|
</para>
|
|
|
|
<para>
|
|
Direct-to-database restores from archive files made with
|
|
<option>--inserts</> or <option>--column-inserts</> options fail when
|
|
using <application>pg_restore</> from a release dated September or
|
|
December 2011, as a result of an oversight in a fix for another
|
|
problem. The archive file itself is not at fault, and text-mode
|
|
output is okay.
|
|
</para>
|
|
</listitem>
|
|
|
|
<listitem>
|
|
<para>
|
|
Allow <application>pg_upgrade</> to process tables containing
|
|
<type>regclass</> columns (Bruce Momjian)
|
|
</para>
|
|
|
|
<para>
|
|
Since <application>pg_upgrade</> now takes care to preserve
|
|
<structname>pg_class</> OIDs, there was no longer any reason for this
|
|
restriction.
|
|
</para>
|
|
</listitem>
|
|
|
|
<listitem>
|
|
<para>
|
|
Make <application>libpq</> ignore <literal>ENOTDIR</> errors
|
|
when looking for an SSL client certificate file
|
|
(Magnus Hagander)
|
|
</para>
|
|
|
|
<para>
|
|
This allows SSL connections to be established, though without a
|
|
certificate, even when the user's home directory is set to something
|
|
like <literal>/dev/null</>.
|
|
</para>
|
|
</listitem>
|
|
|
|
<listitem>
|
|
<para>
|
|
Fix some more field alignment issues in <application>ecpg</>'s SQLDA area
|
|
(Zoltan Boszormenyi)
|
|
</para>
|
|
</listitem>
|
|
|
|
<listitem>
|
|
<para>
|
|
Allow <literal>AT</> option in <application>ecpg</>
|
|
<literal>DEALLOCATE</> statements (Michael Meskes)
|
|
</para>
|
|
|
|
<para>
|
|
The infrastructure to support this has been there for awhile, but
|
|
through an oversight there was still an error check rejecting the case.
|
|
</para>
|
|
</listitem>
|
|
|
|
<listitem>
|
|
<para>
|
|
Do not use the variable name when defining a varchar structure in ecpg
|
|
(Michael Meskes)
|
|
</para>
|
|
</listitem>
|
|
|
|
<listitem>
|
|
<para>
|
|
Fix <filename>contrib/auto_explain</>'s JSON output mode to produce
|
|
valid JSON (Andrew Dunstan)
|
|
</para>
|
|
|
|
<para>
|
|
The output used brackets at the top level, when it should have used
|
|
braces.
|
|
</para>
|
|
</listitem>
|
|
|
|
<listitem>
|
|
<para>
|
|
Fix error in <filename>contrib/intarray</>'s <literal>int[] &
|
|
int[]</> operator (Guillaume Lelarge)
|
|
</para>
|
|
|
|
<para>
|
|
If the smallest integer the two input arrays have in common is 1,
|
|
and there are smaller values in either array, then 1 would be
|
|
incorrectly omitted from the result.
|
|
</para>
|
|
</listitem>
|
|
|
|
<listitem>
|
|
<para>
|
|
Fix error detection in <filename>contrib/pgcrypto</>'s
|
|
<function>encrypt_iv()</> and <function>decrypt_iv()</>
|
|
(Marko Kreen)
|
|
</para>
|
|
|
|
<para>
|
|
These functions failed to report certain types of invalid-input errors,
|
|
and would instead return random garbage values for incorrect input.
|
|
</para>
|
|
</listitem>
|
|
|
|
<listitem>
|
|
<para>
|
|
Fix one-byte buffer overrun in <filename>contrib/test_parser</>
|
|
(Paul Guyot)
|
|
</para>
|
|
|
|
<para>
|
|
The code would try to read one more byte than it should, which would
|
|
crash in corner cases.
|
|
Since <filename>contrib/test_parser</> is only example code, this is
|
|
not a security issue in itself, but bad example code is still bad.
|
|
</para>
|
|
</listitem>
|
|
|
|
<listitem>
|
|
<para>
|
|
Use <function>__sync_lock_test_and_set()</> for spinlocks on ARM, if
|
|
available (Martin Pitt)
|
|
</para>
|
|
|
|
<para>
|
|
This function replaces our previous use of the <literal>SWPB</>
|
|
instruction, which is deprecated and not available on ARMv6 and later.
|
|
Reports suggest that the old code doesn't fail in an obvious way on
|
|
recent ARM boards, but simply doesn't interlock concurrent accesses,
|
|
leading to bizarre failures in multiprocess operation.
|
|
</para>
|
|
</listitem>
|
|
|
|
<listitem>
|
|
<para>
|
|
Use <option>-fexcess-precision=standard</> option when building with
|
|
gcc versions that accept it (Andrew Dunstan)
|
|
</para>
|
|
|
|
<para>
|
|
This prevents assorted scenarios wherein recent versions of gcc will
|
|
produce creative results.
|
|
</para>
|
|
</listitem>
|
|
|
|
<listitem>
|
|
<para>
|
|
Allow use of threaded Python on FreeBSD (Chris Rees)
|
|
</para>
|
|
|
|
<para>
|
|
Our configure script previously believed that this combination wouldn't
|
|
work; but FreeBSD fixed the problem, so remove that error check.
|
|
</para>
|
|
</listitem>
|
|
|
|
</itemizedlist>
|
|
|
|
</sect2>
|
|
</sect1>
|
|
|
|
<sect1 id="release-9-0-6">
|
|
<title>Release 9.0.6</title>
|
|
|
|
<note>
|
|
<title>Release Date</title>
|
|
<simpara>2011-12-05</simpara>
|
|
</note>
|
|
|
|
<para>
|
|
This release contains a variety of fixes from 9.0.5.
|
|
For information about new features in the 9.0 major release, see
|
|
<xref linkend="release-9-0">.
|
|
</para>
|
|
|
|
<sect2>
|
|
<title>Migration to Version 9.0.6</title>
|
|
|
|
<para>
|
|
A dump/restore is not required for those running 9.0.X.
|
|
</para>
|
|
|
|
<para>
|
|
However, a longstanding error was discovered in the definition of the
|
|
<literal>information_schema.referential_constraints</> view. If you
|
|
rely on correct results from that view, you should replace its
|
|
definition as explained in the first changelog item below.
|
|
</para>
|
|
|
|
<para>
|
|
Also, if you are upgrading from a version earlier than 9.0.4,
|
|
see <xref linkend="release-9-0-4">.
|
|
</para>
|
|
|
|
</sect2>
|
|
|
|
<sect2>
|
|
<title>Changes</title>
|
|
|
|
<itemizedlist>
|
|
|
|
<listitem>
|
|
<para>
|
|
Fix bugs in <literal>information_schema.referential_constraints</> view
|
|
(Tom Lane)
|
|
</para>
|
|
|
|
<para>
|
|
This view was being insufficiently careful about matching the
|
|
foreign-key constraint to the depended-on primary or unique key
|
|
constraint. That could result in failure to show a foreign key
|
|
constraint at all, or showing it multiple times, or claiming that it
|
|
depends on a different constraint than the one it really does.
|
|
</para>
|
|
|
|
<para>
|
|
Since the view definition is installed by <application>initdb</>,
|
|
merely upgrading will not fix the problem. If you need to fix this
|
|
in an existing installation, you can (as a superuser) drop the
|
|
<literal>information_schema</> schema then re-create it by sourcing
|
|
<filename><replaceable>SHAREDIR</>/information_schema.sql</filename>.
|
|
(Run <literal>pg_config --sharedir</> if you're uncertain where
|
|
<replaceable>SHAREDIR</> is.) This must be repeated in each database
|
|
to be fixed.
|
|
</para>
|
|
</listitem>
|
|
|
|
<listitem>
|
|
<para>
|
|
Fix possible crash during <command>UPDATE</> or <command>DELETE</> that
|
|
joins to the output of a scalar-returning function (Tom Lane)
|
|
</para>
|
|
|
|
<para>
|
|
A crash could only occur if the target row had been concurrently
|
|
updated, so this problem surfaced only intermittently.
|
|
</para>
|
|
</listitem>
|
|
|
|
<listitem>
|
|
<para>
|
|
Fix incorrect replay of WAL records for GIN index updates
|
|
(Tom Lane)
|
|
</para>
|
|
|
|
<para>
|
|
This could result in transiently failing to find index entries after
|
|
a crash, or on a hot-standby server. The problem would be repaired
|
|
by the next <command>VACUUM</> of the index, however.
|
|
</para>
|
|
</listitem>
|
|
|
|
<listitem>
|
|
<para>
|
|
Fix TOAST-related data corruption during <literal>CREATE TABLE dest AS
|
|
SELECT * FROM src</> or <literal>INSERT INTO dest SELECT * FROM src</>
|
|
(Tom Lane)
|
|
</para>
|
|
|
|
<para>
|
|
If a table has been modified by <command>ALTER TABLE ADD COLUMN</>,
|
|
attempts to copy its data verbatim to another table could produce
|
|
corrupt results in certain corner cases.
|
|
The problem can only manifest in this precise form in 8.4 and later,
|
|
but we patched earlier versions as well in case there are other code
|
|
paths that could trigger the same bug.
|
|
</para>
|
|
</listitem>
|
|
|
|
<listitem>
|
|
<para>
|
|
Fix possible failures during hot standby startup (Simon Riggs)
|
|
</para>
|
|
</listitem>
|
|
|
|
<listitem>
|
|
<para>
|
|
Start hot standby faster when initial snapshot is incomplete
|
|
(Simon Riggs)
|
|
</para>
|
|
</listitem>
|
|
|
|
<listitem>
|
|
<para>
|
|
Fix race condition during toast table access from stale syscache entries
|
|
(Tom Lane)
|
|
</para>
|
|
|
|
<para>
|
|
The typical symptom was transient errors like <quote>missing chunk
|
|
number 0 for toast value NNNNN in pg_toast_2619</>, where the cited
|
|
toast table would always belong to a system catalog.
|
|
</para>
|
|
</listitem>
|
|
|
|
<listitem>
|
|
<para>
|
|
Track dependencies of functions on items used in parameter default
|
|
expressions (Tom Lane)
|
|
</para>
|
|
|
|
<para>
|
|
Previously, a referenced object could be dropped without having dropped
|
|
or modified the function, leading to misbehavior when the function was
|
|
used. Note that merely installing this update will not fix the missing
|
|
dependency entries; to do that, you'd need to <command>CREATE OR
|
|
REPLACE</> each such function afterwards. If you have functions whose
|
|
defaults depend on non-built-in objects, doing so is recommended.
|
|
</para>
|
|
</listitem>
|
|
|
|
<listitem>
|
|
<para>
|
|
Allow inlining of set-returning SQL functions with multiple OUT
|
|
parameters (Tom Lane)
|
|
</para>
|
|
</listitem>
|
|
|
|
<listitem>
|
|
<para>
|
|
Don't trust deferred-unique indexes for join removal (Tom Lane and Marti
|
|
Raudsepp)
|
|
</para>
|
|
|
|
<para>
|
|
A deferred uniqueness constraint might not hold intra-transaction,
|
|
so assuming that it does could give incorrect query results.
|
|
</para>
|
|
</listitem>
|
|
|
|
<listitem>
|
|
<para>
|
|
Make <function>DatumGetInetP()</> unpack inet datums that have a 1-byte
|
|
header, and add a new macro, <function>DatumGetInetPP()</>, that does
|
|
not (Heikki Linnakangas)
|
|
</para>
|
|
|
|
<para>
|
|
This change affects no core code, but might prevent crashes in add-on
|
|
code that expects <function>DatumGetInetP()</> to produce an unpacked
|
|
datum as per usual convention.
|
|
</para>
|
|
</listitem>
|
|
|
|
<listitem>
|
|
<para>
|
|
Improve locale support in <type>money</> type's input and output
|
|
(Tom Lane)
|
|
</para>
|
|
|
|
<para>
|
|
Aside from not supporting all standard
|
|
<link linkend="guc-lc-monetary"><varname>lc_monetary</></link>
|
|
formatting options, the input and output functions were inconsistent,
|
|
meaning there were locales in which dumped <type>money</> values could
|
|
not be re-read.
|
|
</para>
|
|
</listitem>
|
|
|
|
<listitem>
|
|
<para>
|
|
Don't let <link
|
|
linkend="guc-transform-null-equals"><varname>transform_null_equals</></link>
|
|
affect <literal>CASE foo WHEN NULL ...</> constructs
|
|
(Heikki Linnakangas)
|
|
</para>
|
|
|
|
<para>
|
|
<varname>transform_null_equals</> is only supposed to affect
|
|
<literal>foo = NULL</> expressions written directly by the user, not
|
|
equality checks generated internally by this form of <literal>CASE</>.
|
|
</para>
|
|
</listitem>
|
|
|
|
<listitem>
|
|
<para>
|
|
Change foreign-key trigger creation order to better support
|
|
self-referential foreign keys (Tom Lane)
|
|
</para>
|
|
|
|
<para>
|
|
For a cascading foreign key that references its own table, a row update
|
|
will fire both the <literal>ON UPDATE</> trigger and the
|
|
<literal>CHECK</> trigger as one event. The <literal>ON UPDATE</>
|
|
trigger must execute first, else the <literal>CHECK</> will check a
|
|
non-final state of the row and possibly throw an inappropriate error.
|
|
However, the firing order of these triggers is determined by their
|
|
names, which generally sort in creation order since the triggers have
|
|
auto-generated names following the convention
|
|
<quote>RI_ConstraintTrigger_NNNN</>. A proper fix would require
|
|
modifying that convention, which we will do in 9.2, but it seems risky
|
|
to change it in existing releases. So this patch just changes the
|
|
creation order of the triggers. Users encountering this type of error
|
|
should drop and re-create the foreign key constraint to get its
|
|
triggers into the right order.
|
|
</para>
|
|
</listitem>
|
|
|
|
<listitem>
|
|
<para>
|
|
Avoid floating-point underflow while tracking buffer allocation rate
|
|
(Greg Matthews)
|
|
</para>
|
|
|
|
<para>
|
|
While harmless in itself, on certain platforms this would result in
|
|
annoying kernel log messages.
|
|
</para>
|
|
</listitem>
|
|
|
|
<listitem>
|
|
<para>
|
|
Preserve configuration file name and line number values when starting
|
|
child processes under Windows (Tom Lane)
|
|
</para>
|
|
|
|
<para>
|
|
Formerly, these would not be displayed correctly in the
|
|
<structname>pg_settings</> view.
|
|
</para>
|
|
</listitem>
|
|
|
|
<listitem>
|
|
<para>
|
|
Fix incorrect field alignment in <application>ecpg</>'s SQLDA area
|
|
(Zoltan Boszormenyi)
|
|
</para>
|
|
</listitem>
|
|
|
|
<listitem>
|
|
<para>
|
|
Preserve blank lines within commands in <application>psql</>'s command
|
|
history (Robert Haas)
|
|
</para>
|
|
|
|
<para>
|
|
The former behavior could cause problems if an empty line was removed
|
|
from within a string literal, for example.
|
|
</para>
|
|
</listitem>
|
|
|
|
<listitem>
|
|
<para>
|
|
Fix <application>pg_dump</> to dump user-defined casts between
|
|
auto-generated types, such as table rowtypes (Tom Lane)
|
|
</para>
|
|
</listitem>
|
|
|
|
<listitem>
|
|
<para>
|
|
Assorted fixes for <application>pg_upgrade</> (Bruce Momjian)
|
|
</para>
|
|
|
|
<para>
|
|
Handle exclusion constraints correctly, avoid failures on Windows,
|
|
don't complain about mismatched toast table names in 8.4 databases.
|
|
</para>
|
|
</listitem>
|
|
|
|
<listitem>
|
|
<para>
|
|
Use the preferred version of <application>xsubpp</> to build PL/Perl,
|
|
not necessarily the operating system's main copy
|
|
(David Wheeler and Alex Hunsaker)
|
|
</para>
|
|
</listitem>
|
|
|
|
<listitem>
|
|
<para>
|
|
Fix incorrect coding in <filename>contrib/dict_int</> and
|
|
<filename>contrib/dict_xsyn</> (Tom Lane)
|
|
</para>
|
|
|
|
<para>
|
|
Some functions incorrectly assumed that memory returned by
|
|
<function>palloc()</> is guaranteed zeroed.
|
|
</para>
|
|
</listitem>
|
|
|
|
<listitem>
|
|
<para>
|
|
Fix assorted errors in <filename>contrib/unaccent</>'s configuration
|
|
file parsing (Tom Lane)
|
|
</para>
|
|
</listitem>
|
|
|
|
<listitem>
|
|
<para>
|
|
Honor query cancel interrupts promptly in <function>pgstatindex()</>
|
|
(Robert Haas)
|
|
</para>
|
|
</listitem>
|
|
|
|
<listitem>
|
|
<para>
|
|
Fix incorrect quoting of log file name in Mac OS X start script
|
|
(Sidar Lopez)
|
|
</para>
|
|
</listitem>
|
|
|
|
<listitem>
|
|
<para>
|
|
Ensure VPATH builds properly install all server header files
|
|
(Peter Eisentraut)
|
|
</para>
|
|
</listitem>
|
|
|
|
<listitem>
|
|
<para>
|
|
Shorten file names reported in verbose error messages (Peter Eisentraut)
|
|
</para>
|
|
|
|
<para>
|
|
Regular builds have always reported just the name of the C file
|
|
containing the error message call, but VPATH builds formerly
|
|
reported an absolute path name.
|
|
</para>
|
|
</listitem>
|
|
|
|
<listitem>
|
|
<para>
|
|
Fix interpretation of Windows timezone names for Central America
|
|
(Tom Lane)
|
|
</para>
|
|
|
|
<para>
|
|
Map <quote>Central America Standard Time</> to <literal>CST6</>, not
|
|
<literal>CST6CDT</>, because DST is generally not observed anywhere in
|
|
Central America.
|
|
</para>
|
|
</listitem>
|
|
|
|
<listitem>
|
|
<para>
|
|
Update time zone data files to <application>tzdata</> release 2011n
|
|
for DST law changes in Brazil, Cuba, Fiji, Palestine, Russia, and Samoa;
|
|
also historical corrections for Alaska and British East Africa.
|
|
</para>
|
|
</listitem>
|
|
|
|
</itemizedlist>
|
|
|
|
</sect2>
|
|
</sect1>
|
|
|
|
<sect1 id="release-9-0-5">
|
|
<title>Release 9.0.5</title>
|
|
|
|
<note>
|
|
<title>Release Date</title>
|
|
<simpara>2011-09-26</simpara>
|
|
</note>
|
|
|
|
<para>
|
|
This release contains a variety of fixes from 9.0.4.
|
|
For information about new features in the 9.0 major release, see
|
|
<xref linkend="release-9-0">.
|
|
</para>
|
|
|
|
<sect2>
|
|
<title>Migration to Version 9.0.5</title>
|
|
|
|
<para>
|
|
A dump/restore is not required for those running 9.0.X.
|
|
</para>
|
|
|
|
<para>
|
|
However, if you are upgrading from a version earlier than 9.0.4,
|
|
see <xref linkend="release-9-0-4">.
|
|
</para>
|
|
|
|
</sect2>
|
|
|
|
<sect2>
|
|
<title>Changes</title>
|
|
|
|
<itemizedlist>
|
|
|
|
<listitem>
|
|
<para>
|
|
Fix catalog cache invalidation after a <command>VACUUM FULL</> or
|
|
<command>CLUSTER</> on a system catalog (Tom Lane)
|
|
</para>
|
|
|
|
<para>
|
|
In some cases the relocation of a system catalog row to another place
|
|
would not be recognized by concurrent server processes, allowing catalog
|
|
corruption to occur if they then tried to update that row. The
|
|
worst-case outcome could be as bad as complete loss of a table.
|
|
</para>
|
|
</listitem>
|
|
|
|
<listitem>
|
|
<para>
|
|
Fix incorrect order of operations during sinval reset processing,
|
|
and ensure that TOAST OIDs are preserved in system catalogs (Tom
|
|
Lane)
|
|
</para>
|
|
|
|
<para>
|
|
These mistakes could lead to transient failures after a <command>VACUUM
|
|
FULL</> or <command>CLUSTER</> on a system catalog.
|
|
</para>
|
|
</listitem>
|
|
|
|
<listitem>
|
|
<para>
|
|
Fix bugs in indexing of in-doubt HOT-updated tuples (Tom Lane)
|
|
</para>
|
|
|
|
<para>
|
|
These bugs could result in index corruption after reindexing a system
|
|
catalog. They are not believed to affect user indexes.
|
|
</para>
|
|
</listitem>
|
|
|
|
<listitem>
|
|
<para>
|
|
Fix multiple bugs in GiST index page split processing (Heikki
|
|
Linnakangas)
|
|
</para>
|
|
|
|
<para>
|
|
The probability of occurrence was low, but these could lead to index
|
|
corruption.
|
|
</para>
|
|
</listitem>
|
|
|
|
<listitem>
|
|
<para>
|
|
Fix possible buffer overrun in <function>tsvector_concat()</>
|
|
(Tom Lane)
|
|
</para>
|
|
|
|
<para>
|
|
The function could underestimate the amount of memory needed for its
|
|
result, leading to server crashes.
|
|
</para>
|
|
</listitem>
|
|
|
|
<listitem>
|
|
<para>
|
|
Fix crash in <function>xml_recv</> when processing a
|
|
<quote>standalone</> parameter (Tom Lane)
|
|
</para>
|
|
</listitem>
|
|
|
|
<listitem>
|
|
<para>
|
|
Make <function>pg_options_to_table</> return NULL for an option with no
|
|
value (Tom Lane)
|
|
</para>
|
|
|
|
<para>
|
|
Previously such cases would result in a server crash.
|
|
</para>
|
|
</listitem>
|
|
|
|
<listitem>
|
|
<para>
|
|
Avoid possibly accessing off the end of memory in <command>ANALYZE</>
|
|
and in SJIS-2004 encoding conversion (Noah Misch)
|
|
</para>
|
|
|
|
<para>
|
|
This fixes some very-low-probability server crash scenarios.
|
|
</para>
|
|
</listitem>
|
|
|
|
<listitem>
|
|
<para>
|
|
Protect <function>pg_stat_reset_shared()</> against NULL input (Magnus
|
|
Hagander)
|
|
</para>
|
|
</listitem>
|
|
|
|
<listitem>
|
|
<para>
|
|
Fix possible failure when a recovery conflict deadlock is detected
|
|
within a sub-transaction (Tom Lane)
|
|
</para>
|
|
</listitem>
|
|
|
|
<listitem>
|
|
<para>
|
|
Avoid spurious conflicts while recycling btree index pages during hot
|
|
standby (Noah Misch, Simon Riggs)
|
|
</para>
|
|
</listitem>
|
|
|
|
<listitem>
|
|
<para>
|
|
Shut down WAL receiver if it's still running at end of recovery (Heikki
|
|
Linnakangas)
|
|
</para>
|
|
|
|
<para>
|
|
The postmaster formerly panicked in this situation, but it's actually a
|
|
legitimate case.
|
|
</para>
|
|
</listitem>
|
|
|
|
<listitem>
|
|
<para>
|
|
Fix race condition in relcache init file invalidation (Tom Lane)
|
|
</para>
|
|
|
|
<para>
|
|
There was a window wherein a new backend process could read a stale init
|
|
file but miss the inval messages that would tell it the data is stale.
|
|
The result would be bizarre failures in catalog accesses, typically
|
|
<quote>could not read block 0 in file ...</> later during startup.
|
|
</para>
|
|
</listitem>
|
|
|
|
<listitem>
|
|
<para>
|
|
Fix memory leak at end of a GiST index scan (Tom Lane)
|
|
</para>
|
|
|
|
<para>
|
|
Commands that perform many separate GiST index scans, such as
|
|
verification of a new GiST-based exclusion constraint on a table
|
|
already containing many rows, could transiently require large amounts of
|
|
memory due to this leak.
|
|
</para>
|
|
</listitem>
|
|
|
|
<listitem>
|
|
<para>
|
|
Fix memory leak when encoding conversion has to be done on incoming
|
|
command strings and <command>LISTEN</> is active (Tom Lane)
|
|
</para>
|
|
</listitem>
|
|
|
|
<listitem>
|
|
<para>
|
|
Fix incorrect memory accounting (leading to possible memory bloat) in
|
|
tuplestores supporting holdable cursors and plpgsql's <literal>RETURN
|
|
NEXT</> command (Tom Lane)
|
|
</para>
|
|
</listitem>
|
|
|
|
<listitem>
|
|
<para>
|
|
Fix trigger <literal>WHEN</> conditions when both <literal>BEFORE</> and
|
|
<literal>AFTER</> triggers exist (Tom Lane)
|
|
</para>
|
|
|
|
<para>
|
|
Evaluation of <literal>WHEN</> conditions for <literal>AFTER ROW
|
|
UPDATE</> triggers could crash if there had been a <literal>BEFORE
|
|
ROW</> trigger fired for the same update.
|
|
</para>
|
|
</listitem>
|
|
|
|
<listitem>
|
|
<para>
|
|
Fix performance problem when constructing a large, lossy bitmap
|
|
(Tom Lane)
|
|
</para>
|
|
</listitem>
|
|
|
|
<listitem>
|
|
<para>
|
|
Fix join selectivity estimation for unique columns (Tom Lane)
|
|
</para>
|
|
|
|
<para>
|
|
This fixes an erroneous planner heuristic that could lead to poor
|
|
estimates of the result size of a join.
|
|
</para>
|
|
</listitem>
|
|
|
|
<listitem>
|
|
<para>
|
|
Fix nested PlaceHolderVar expressions that appear only in sub-select
|
|
target lists (Tom Lane)
|
|
</para>
|
|
|
|
<para>
|
|
This mistake could result in outputs of an outer join incorrectly
|
|
appearing as NULL.
|
|
</para>
|
|
</listitem>
|
|
|
|
<listitem>
|
|
<para>
|
|
Allow the planner to assume that empty parent tables really are empty
|
|
(Tom Lane)
|
|
</para>
|
|
|
|
<para>
|
|
Normally an empty table is assumed to have a certain minimum size for
|
|
planning purposes; but this heuristic seems to do more harm than good
|
|
for the parent table of an inheritance hierarchy, which often is
|
|
permanently empty.
|
|
</para>
|
|
</listitem>
|
|
|
|
<listitem>
|
|
<para>
|
|
Allow nested <literal>EXISTS</> queries to be optimized properly (Tom
|
|
Lane)
|
|
</para>
|
|
</listitem>
|
|
|
|
<listitem>
|
|
<para>
|
|
Fix array- and path-creating functions to ensure padding bytes are
|
|
zeroes (Tom Lane)
|
|
</para>
|
|
|
|
<para>
|
|
This avoids some situations where the planner will think that
|
|
semantically-equal constants are not equal, resulting in poor
|
|
optimization.
|
|
</para>
|
|
</listitem>
|
|
|
|
<listitem>
|
|
<para>
|
|
Fix <command>EXPLAIN</> to handle gating Result nodes within
|
|
inner-indexscan subplans (Tom Lane)
|
|
</para>
|
|
|
|
<para>
|
|
The usual symptom of this oversight was <quote>bogus varno</> errors.
|
|
</para>
|
|
</listitem>
|
|
|
|
<listitem>
|
|
<para>
|
|
Fix btree preprocessing of <replaceable>indexedcol</> <literal>IS
|
|
NULL</> conditions (Dean Rasheed)
|
|
</para>
|
|
|
|
<para>
|
|
Such a condition is unsatisfiable if combined with any other type of
|
|
btree-indexable condition on the same index column. The case was
|
|
handled incorrectly in 9.0.0 and later, leading to query output where
|
|
there should be none.
|
|
</para>
|
|
</listitem>
|
|
|
|
<listitem>
|
|
<para>
|
|
Work around gcc 4.6.0 bug that breaks WAL replay (Tom Lane)
|
|
</para>
|
|
|
|
<para>
|
|
This could lead to loss of committed transactions after a server crash.
|
|
</para>
|
|
</listitem>
|
|
|
|
<listitem>
|
|
<para>
|
|
Fix dump bug for <literal>VALUES</> in a view (Tom Lane)
|
|
</para>
|
|
</listitem>
|
|
|
|
<listitem>
|
|
<para>
|
|
Disallow <literal>SELECT FOR UPDATE/SHARE</> on sequences (Tom Lane)
|
|
</para>
|
|
|
|
<para>
|
|
This operation doesn't work as expected and can lead to failures.
|
|
</para>
|
|
</listitem>
|
|
|
|
<listitem>
|
|
<para>
|
|
Fix <command>VACUUM</> so that it always updates
|
|
<literal>pg_class</>.<literal>reltuples</>/<literal>relpages</> (Tom
|
|
Lane)
|
|
</para>
|
|
|
|
<para>
|
|
This fixes some scenarios where autovacuum could make increasingly poor
|
|
decisions about when to vacuum tables.
|
|
</para>
|
|
</listitem>
|
|
|
|
<listitem>
|
|
<para>
|
|
Defend against integer overflow when computing size of a hash table (Tom
|
|
Lane)
|
|
</para>
|
|
</listitem>
|
|
|
|
<listitem>
|
|
<para>
|
|
Fix cases where <command>CLUSTER</> might attempt to access
|
|
already-removed TOAST data (Tom Lane)
|
|
</para>
|
|
</listitem>
|
|
|
|
<listitem>
|
|
<para>
|
|
Fix premature timeout failures during initial authentication transaction
|
|
(Tom Lane)
|
|
</para>
|
|
</listitem>
|
|
|
|
<listitem>
|
|
<para>
|
|
Fix portability bugs in use of credentials control messages for
|
|
<quote>peer</> authentication (Tom Lane)
|
|
</para>
|
|
</listitem>
|
|
|
|
<listitem>
|
|
<para>
|
|
Fix SSPI login when multiple roundtrips are required (Ahmed Shinwari,
|
|
Magnus Hagander)
|
|
</para>
|
|
|
|
<para>
|
|
The typical symptom of this problem was <quote>The function requested is
|
|
not supported</> errors during SSPI login.
|
|
</para>
|
|
</listitem>
|
|
|
|
<listitem>
|
|
<para>
|
|
Fix failure when adding a new variable of a custom variable class to
|
|
<filename>postgresql.conf</> (Tom Lane)
|
|
</para>
|
|
</listitem>
|
|
|
|
<listitem>
|
|
<para>
|
|
Throw an error if <filename>pg_hba.conf</> contains <literal>hostssl</>
|
|
but SSL is disabled (Tom Lane)
|
|
</para>
|
|
|
|
<para>
|
|
This was concluded to be more user-friendly than the previous behavior
|
|
of silently ignoring such lines.
|
|
</para>
|
|
</listitem>
|
|
|
|
<listitem>
|
|
<para>
|
|
Fix failure when <command>DROP OWNED BY</> attempts to remove default
|
|
privileges on sequences (Shigeru Hanada)
|
|
</para>
|
|
</listitem>
|
|
|
|
<listitem>
|
|
<para>
|
|
Fix typo in <function>pg_srand48</> seed initialization (Andres Freund)
|
|
</para>
|
|
|
|
<para>
|
|
This led to failure to use all bits of the provided seed. This function
|
|
is not used on most platforms (only those without <function>srandom</>),
|
|
and the potential security exposure from a less-random-than-expected
|
|
seed seems minimal in any case.
|
|
</para>
|
|
</listitem>
|
|
|
|
<listitem>
|
|
<para>
|
|
Avoid integer overflow when the sum of <literal>LIMIT</> and
|
|
<literal>OFFSET</> values exceeds 2^63 (Heikki Linnakangas)
|
|
</para>
|
|
</listitem>
|
|
|
|
<listitem>
|
|
<para>
|
|
Add overflow checks to <type>int4</> and <type>int8</> versions of
|
|
<function>generate_series()</> (Robert Haas)
|
|
</para>
|
|
</listitem>
|
|
|
|
<listitem>
|
|
<para>
|
|
Fix trailing-zero removal in <function>to_char()</> (Marti Raudsepp)
|
|
</para>
|
|
|
|
<para>
|
|
In a format with <literal>FM</> and no digit positions
|
|
after the decimal point, zeroes to the left of the decimal point could
|
|
be removed incorrectly.
|
|
</para>
|
|
</listitem>
|
|
|
|
<listitem>
|
|
<para>
|
|
Fix <function>pg_size_pretty()</> to avoid overflow for inputs close to
|
|
2^63 (Tom Lane)
|
|
</para>
|
|
</listitem>
|
|
|
|
<listitem>
|
|
<para>
|
|
Weaken plpgsql's check for typmod matching in record values (Tom Lane)
|
|
</para>
|
|
|
|
<para>
|
|
An overly enthusiastic check could lead to discarding length modifiers
|
|
that should have been kept.
|
|
</para>
|
|
</listitem>
|
|
|
|
<listitem>
|
|
<para>
|
|
Correctly handle quotes in locale names during <application>initdb</>
|
|
(Heikki Linnakangas)
|
|
</para>
|
|
|
|
<para>
|
|
The case can arise with some Windows locales, such as <quote>People's
|
|
Republic of China</>.
|
|
</para>
|
|
</listitem>
|
|
|
|
<listitem>
|
|
<para>
|
|
In <application>pg_upgrade</>, avoid dumping orphaned temporary tables
|
|
(Bruce Momjian)
|
|
</para>
|
|
|
|
<para>
|
|
This prevents situations wherein table OID assignments could get out of
|
|
sync between old and new installations.
|
|
</para>
|
|
</listitem>
|
|
|
|
<listitem>
|
|
<para>
|
|
Fix <application>pg_upgrade</> to preserve toast tables' relfrozenxids
|
|
during an upgrade from 8.3 (Bruce Momjian)
|
|
</para>
|
|
|
|
<para>
|
|
Failure to do this could lead to <filename>pg_clog</> files being
|
|
removed too soon after the upgrade.
|
|
</para>
|
|
</listitem>
|
|
|
|
<listitem>
|
|
<para>
|
|
In <application>pg_upgrade</>, fix the <literal>-l</> (log) option to
|
|
work on Windows (Bruce Momjian)
|
|
</para>
|
|
</listitem>
|
|
|
|
<listitem>
|
|
<para>
|
|
In <application>pg_ctl</>, support silent mode for service registrations
|
|
on Windows (MauMau)
|
|
</para>
|
|
</listitem>
|
|
|
|
<listitem>
|
|
<para>
|
|
Fix <application>psql</>'s counting of script file line numbers during
|
|
<literal>COPY</> from a different file (Tom Lane)
|
|
</para>
|
|
</listitem>
|
|
|
|
<listitem>
|
|
<para>
|
|
Fix <application>pg_restore</>'s direct-to-database mode for
|
|
<varname>standard_conforming_strings</> (Tom Lane)
|
|
</para>
|
|
|
|
<para>
|
|
<application>pg_restore</> could emit incorrect commands when restoring
|
|
directly to a database server from an archive file that had been made
|
|
with <varname>standard_conforming_strings</> set to <literal>on</>.
|
|
</para>
|
|
</listitem>
|
|
|
|
<listitem>
|
|
<para>
|
|
Be more user-friendly about unsupported cases for parallel
|
|
<application>pg_restore</> (Tom Lane)
|
|
</para>
|
|
|
|
<para>
|
|
This change ensures that such cases are detected and reported before
|
|
any restore actions have been taken.
|
|
</para>
|
|
</listitem>
|
|
|
|
<listitem>
|
|
<para>
|
|
Fix write-past-buffer-end and memory leak in <application>libpq</>'s
|
|
LDAP service lookup code (Albe Laurenz)
|
|
</para>
|
|
</listitem>
|
|
|
|
<listitem>
|
|
<para>
|
|
In <application>libpq</>, avoid failures when using nonblocking I/O
|
|
and an SSL connection (Martin Pihlak, Tom Lane)
|
|
</para>
|
|
</listitem>
|
|
|
|
<listitem>
|
|
<para>
|
|
Improve libpq's handling of failures during connection startup
|
|
(Tom Lane)
|
|
</para>
|
|
|
|
<para>
|
|
In particular, the response to a server report of <function>fork()</>
|
|
failure during SSL connection startup is now saner.
|
|
</para>
|
|
</listitem>
|
|
|
|
<listitem>
|
|
<para>
|
|
Improve <application>libpq</>'s error reporting for SSL failures (Tom
|
|
Lane)
|
|
</para>
|
|
</listitem>
|
|
|
|
<listitem>
|
|
<para>
|
|
Fix <function>PQsetvalue()</> to avoid possible crash when adding a new
|
|
tuple to a <structname>PGresult</> originally obtained from a server
|
|
query (Andrew Chernow)
|
|
</para>
|
|
</listitem>
|
|
|
|
<listitem>
|
|
<para>
|
|
Make <application>ecpglib</> write <type>double</> values with 15 digits
|
|
precision (Akira Kurosawa)
|
|
</para>
|
|
</listitem>
|
|
|
|
<listitem>
|
|
<para>
|
|
In <application>ecpglib</>, be sure <literal>LC_NUMERIC</> setting is
|
|
restored after an error (Michael Meskes)
|
|
</para>
|
|
</listitem>
|
|
|
|
<listitem>
|
|
<para>
|
|
Apply upstream fix for blowfish signed-character bug (CVE-2011-2483)
|
|
(Tom Lane)
|
|
</para>
|
|
|
|
<para>
|
|
<filename>contrib/pg_crypto</>'s blowfish encryption code could give
|
|
wrong results on platforms where char is signed (which is most),
|
|
leading to encrypted passwords being weaker than they should be.
|
|
</para>
|
|
</listitem>
|
|
|
|
<listitem>
|
|
<para>
|
|
Fix memory leak in <filename>contrib/seg</> (Heikki Linnakangas)
|
|
</para>
|
|
</listitem>
|
|
|
|
<listitem>
|
|
<para>
|
|
Fix <function>pgstatindex()</> to give consistent results for empty
|
|
indexes (Tom Lane)
|
|
</para>
|
|
</listitem>
|
|
|
|
<listitem>
|
|
<para>
|
|
Allow building with perl 5.14 (Alex Hunsaker)
|
|
</para>
|
|
</listitem>
|
|
|
|
<listitem>
|
|
<para>
|
|
Fix assorted issues with build and install file paths containing spaces
|
|
(Tom Lane)
|
|
</para>
|
|
</listitem>
|
|
|
|
<listitem>
|
|
<para>
|
|
Update time zone data files to <application>tzdata</> release 2011i
|
|
for DST law changes in Canada, Egypt, Russia, Samoa, and South Sudan.
|
|
</para>
|
|
</listitem>
|
|
|
|
</itemizedlist>
|
|
|
|
</sect2>
|
|
</sect1>
|
|
|
|
<sect1 id="release-9-0-4">
|
|
<title>Release 9.0.4</title>
|
|
|
|
<note>
|
|
<title>Release Date</title>
|
|
<simpara>2011-04-18</simpara>
|
|
</note>
|
|
|
|
<para>
|
|
This release contains a variety of fixes from 9.0.3.
|
|
For information about new features in the 9.0 major release, see
|
|
<xref linkend="release-9-0">.
|
|
</para>
|
|
|
|
<sect2>
|
|
<title>Migration to Version 9.0.4</title>
|
|
|
|
<para>
|
|
A dump/restore is not required for those running 9.0.X.
|
|
</para>
|
|
|
|
<para>
|
|
However, if your installation was upgraded from a previous major
|
|
release by running <application>pg_upgrade</>, you should take
|
|
action to prevent possible data loss due to a now-fixed bug in
|
|
<application>pg_upgrade</>. The recommended solution is to run
|
|
<command>VACUUM FREEZE</> on all TOAST tables.
|
|
More information is available at <ulink
|
|
url="http://wiki.postgresql.org/wiki/20110408pg_upgrade_fix">
|
|
http://wiki.postgresql.org/wiki/20110408pg_upgrade_fix</ulink>.
|
|
</para>
|
|
|
|
</sect2>
|
|
|
|
<sect2>
|
|
<title>Changes</title>
|
|
|
|
<itemizedlist>
|
|
|
|
<listitem>
|
|
<para>
|
|
Fix <application>pg_upgrade</>'s handling of TOAST tables
|
|
(Bruce Momjian)
|
|
</para>
|
|
|
|
<para>
|
|
The <structname>pg_class</>.<structfield>relfrozenxid</> value for
|
|
TOAST tables was not correctly copied into the new installation
|
|
during <application>pg_upgrade</>. This could later result in
|
|
<literal>pg_clog</> files being discarded while they were still
|
|
needed to validate tuples in the TOAST tables, leading to
|
|
<quote>could not access status of transaction</> failures.
|
|
</para>
|
|
|
|
<para>
|
|
This error poses a significant risk of data loss for installations
|
|
that have been upgraded with <application>pg_upgrade</>. This patch
|
|
corrects the problem for future uses of <application>pg_upgrade</>,
|
|
but does not in itself cure the issue in installations that have been
|
|
processed with a buggy version of <application>pg_upgrade</>.
|
|
</para>
|
|
</listitem>
|
|
|
|
<listitem>
|
|
<para>
|
|
Suppress incorrect <quote>PD_ALL_VISIBLE flag was incorrectly set</>
|
|
warning (Heikki Linnakangas)
|
|
</para>
|
|
|
|
<para>
|
|
<command>VACUUM</> would sometimes issue this warning in cases that
|
|
are actually valid.
|
|
</para>
|
|
</listitem>
|
|
|
|
<listitem>
|
|
<para>
|
|
Use better SQLSTATE error codes for hot standby conflict cases
|
|
(Tatsuo Ishii and Simon Riggs)
|
|
</para>
|
|
|
|
<para>
|
|
All retryable conflict errors now have an error code that indicates
|
|
that a retry is possible. Also, session closure due to the database
|
|
being dropped on the master is now reported as
|
|
<literal>ERRCODE_DATABASE_DROPPED</>, rather than
|
|
<literal>ERRCODE_ADMIN_SHUTDOWN</>, so that connection poolers can
|
|
handle the situation correctly.
|
|
</para>
|
|
</listitem>
|
|
|
|
<listitem>
|
|
<para>
|
|
Prevent intermittent hang in interactions of startup process with
|
|
bgwriter process (Simon Riggs)
|
|
</para>
|
|
|
|
<para>
|
|
This affected recovery in non-hot-standby cases.
|
|
</para>
|
|
</listitem>
|
|
|
|
<listitem>
|
|
<para>
|
|
Disallow including a composite type in itself (Tom Lane)
|
|
</para>
|
|
|
|
<para>
|
|
This prevents scenarios wherein the server could recurse infinitely
|
|
while processing the composite type. While there are some possible
|
|
uses for such a structure, they don't seem compelling enough to
|
|
justify the effort required to make sure it always works safely.
|
|
</para>
|
|
</listitem>
|
|
|
|
<listitem>
|
|
<para>
|
|
Avoid potential deadlock during catalog cache initialization
|
|
(Nikhil Sontakke)
|
|
</para>
|
|
|
|
<para>
|
|
In some cases the cache loading code would acquire share lock on a
|
|
system index before locking the index's catalog. This could deadlock
|
|
against processes trying to acquire exclusive locks in the other,
|
|
more standard order.
|
|
</para>
|
|
</listitem>
|
|
|
|
<listitem>
|
|
<para>
|
|
Fix dangling-pointer problem in <literal>BEFORE ROW UPDATE</> trigger
|
|
handling when there was a concurrent update to the target tuple
|
|
(Tom Lane)
|
|
</para>
|
|
|
|
<para>
|
|
This bug has been observed to result in intermittent <quote>cannot
|
|
extract system attribute from virtual tuple</> failures while trying to
|
|
do <literal>UPDATE RETURNING ctid</>. There is a very small probability
|
|
of more serious errors, such as generating incorrect index entries for
|
|
the updated tuple.
|
|
</para>
|
|
</listitem>
|
|
|
|
<listitem>
|
|
<para>
|
|
Disallow <command>DROP TABLE</> when there are pending deferred trigger
|
|
events for the table (Tom Lane)
|
|
</para>
|
|
|
|
<para>
|
|
Formerly the <command>DROP</> would go through, leading to
|
|
<quote>could not open relation with OID nnn</> errors when the
|
|
triggers were eventually fired.
|
|
</para>
|
|
</listitem>
|
|
|
|
<listitem>
|
|
<para>
|
|
Allow <quote>replication</> as a user name in
|
|
<filename>pg_hba.conf</> (Andrew Dunstan)
|
|
</para>
|
|
|
|
<para>
|
|
<quote>replication</> is special in the database name column, but it
|
|
was mistakenly also treated as special in the user name column.
|
|
</para>
|
|
</listitem>
|
|
|
|
<listitem>
|
|
<para>
|
|
Prevent crash triggered by constant-false WHERE conditions during
|
|
GEQO optimization (Tom Lane)
|
|
</para>
|
|
</listitem>
|
|
|
|
<listitem>
|
|
<para>
|
|
Improve planner's handling of semi-join and anti-join cases
|
|
(Tom Lane)
|
|
</para>
|
|
</listitem>
|
|
|
|
<listitem>
|
|
<para>
|
|
Fix handling of <literal>SELECT FOR UPDATE</> in a sub-SELECT
|
|
(Tom Lane)
|
|
</para>
|
|
|
|
<para>
|
|
This bug typically led to <quote>cannot extract system attribute from
|
|
virtual tuple</> errors.
|
|
</para>
|
|
</listitem>
|
|
|
|
<listitem>
|
|
<para>
|
|
Fix selectivity estimation for text search to account for NULLs
|
|
(Jesper Krogh)
|
|
</para>
|
|
</listitem>
|
|
|
|
<listitem>
|
|
<para>
|
|
Fix get_actual_variable_range() to support hypothetical indexes
|
|
injected by an index adviser plugin (Gurjeet Singh)
|
|
</para>
|
|
</listitem>
|
|
|
|
<listitem>
|
|
<para>
|
|
Fix PL/Python memory leak involving array slices (Daniel Popowich)
|
|
</para>
|
|
</listitem>
|
|
|
|
<listitem>
|
|
<para>
|
|
Allow <application>libpq</>'s SSL initialization to succeed when
|
|
user's home directory is unavailable (Tom Lane)
|
|
</para>
|
|
|
|
<para>
|
|
If the SSL mode is such that a root certificate file is not required,
|
|
there is no need to fail. This change restores the behavior to what
|
|
it was in pre-9.0 releases.
|
|
</para>
|
|
</listitem>
|
|
|
|
<listitem>
|
|
<para>
|
|
Fix <application>libpq</> to return a useful error message for errors
|
|
detected in <function>conninfo_array_parse</> (Joseph Adams)
|
|
</para>
|
|
|
|
<para>
|
|
A typo caused the library to return NULL, rather than the
|
|
<structname>PGconn</> structure containing the error message, to the
|
|
application.
|
|
</para>
|
|
</listitem>
|
|
|
|
<listitem>
|
|
<para>
|
|
Fix <application>ecpg</> preprocessor's handling of float constants
|
|
(Heikki Linnakangas)
|
|
</para>
|
|
</listitem>
|
|
|
|
<listitem>
|
|
<para>
|
|
Fix parallel <application>pg_restore</> to handle comments on
|
|
POST_DATA items correctly (Arnd Hannemann)
|
|
</para>
|
|
</listitem>
|
|
|
|
<listitem>
|
|
<para>
|
|
Fix <application>pg_restore</> to cope with long lines (over 1KB) in
|
|
TOC files (Tom Lane)
|
|
</para>
|
|
</listitem>
|
|
|
|
<listitem>
|
|
<para>
|
|
Put in more safeguards against crashing due to division-by-zero
|
|
with overly enthusiastic compiler optimization (Aurelien Jarno)
|
|
</para>
|
|
</listitem>
|
|
|
|
<listitem>
|
|
<para>
|
|
Support use of dlopen() in FreeBSD and OpenBSD on MIPS (Tom Lane)
|
|
</para>
|
|
|
|
<para>
|
|
There was a hard-wired assumption that this system function was not
|
|
available on MIPS hardware on these systems. Use a compile-time test
|
|
instead, since more recent versions have it.
|
|
</para>
|
|
</listitem>
|
|
|
|
<listitem>
|
|
<para>
|
|
Fix compilation failures on HP-UX (Heikki Linnakangas)
|
|
</para>
|
|
</listitem>
|
|
|
|
<listitem>
|
|
<para>
|
|
Avoid crash when trying to write to the Windows console very early
|
|
in process startup (Rushabh Lathia)
|
|
</para>
|
|
</listitem>
|
|
|
|
<listitem>
|
|
<para>
|
|
Support building with MinGW 64 bit compiler for Windows
|
|
(Andrew Dunstan)
|
|
</para>
|
|
</listitem>
|
|
|
|
<listitem>
|
|
<para>
|
|
Fix version-incompatibility problem with <application>libintl</> on
|
|
Windows (Hiroshi Inoue)
|
|
</para>
|
|
</listitem>
|
|
|
|
<listitem>
|
|
<para>
|
|
Fix usage of <application>xcopy</> in Windows build scripts to
|
|
work correctly under Windows 7 (Andrew Dunstan)
|
|
</para>
|
|
|
|
<para>
|
|
This affects the build scripts only, not installation or usage.
|
|
</para>
|
|
</listitem>
|
|
|
|
<listitem>
|
|
<para>
|
|
Fix path separator used by <application>pg_regress</> on Cygwin
|
|
(Andrew Dunstan)
|
|
</para>
|
|
</listitem>
|
|
|
|
<listitem>
|
|
<para>
|
|
Update time zone data files to <application>tzdata</> release 2011f
|
|
for DST law changes in Chile, Cuba, Falkland Islands, Morocco, Samoa,
|
|
and Turkey; also historical corrections for South Australia, Alaska,
|
|
and Hawaii.
|
|
</para>
|
|
</listitem>
|
|
|
|
</itemizedlist>
|
|
|
|
</sect2>
|
|
</sect1>
|
|
|
|
<sect1 id="release-9-0-3">
|
|
<title>Release 9.0.3</title>
|
|
|
|
<note>
|
|
<title>Release Date</title>
|
|
<simpara>2011-01-31</simpara>
|
|
</note>
|
|
|
|
<para>
|
|
This release contains a variety of fixes from 9.0.2.
|
|
For information about new features in the 9.0 major release, see
|
|
<xref linkend="release-9-0">.
|
|
</para>
|
|
|
|
<sect2>
|
|
<title>Migration to Version 9.0.3</title>
|
|
|
|
<para>
|
|
A dump/restore is not required for those running 9.0.X.
|
|
</para>
|
|
|
|
</sect2>
|
|
|
|
<sect2>
|
|
<title>Changes</title>
|
|
|
|
<itemizedlist>
|
|
|
|
<listitem>
|
|
<para>
|
|
Before exiting <application>walreceiver</>, ensure all the received WAL
|
|
is fsync'd to disk (Heikki Linnakangas)
|
|
</para>
|
|
|
|
<para>
|
|
Otherwise the standby server could replay some un-synced WAL, conceivably
|
|
leading to data corruption if the system crashes just at that point.
|
|
</para>
|
|
</listitem>
|
|
|
|
<listitem>
|
|
<para>
|
|
Avoid excess fsync activity in <application>walreceiver</>
|
|
(Heikki Linnakangas)
|
|
</para>
|
|
</listitem>
|
|
|
|
<listitem>
|
|
<para>
|
|
Make <command>ALTER TABLE</> revalidate uniqueness and exclusion
|
|
constraints when needed (Noah Misch)
|
|
</para>
|
|
|
|
<para>
|
|
This was broken in 9.0 by a change that was intended to suppress
|
|
revalidation during <command>VACUUM FULL</> and <command>CLUSTER</>,
|
|
but unintentionally affected <command>ALTER TABLE</> as well.
|
|
</para>
|
|
</listitem>
|
|
|
|
<listitem>
|
|
<para>
|
|
Fix EvalPlanQual for <command>UPDATE</> of an inheritance tree in which
|
|
the tables are not all alike (Tom Lane)
|
|
</para>
|
|
|
|
<para>
|
|
Any variation in the table row types (including dropped columns present
|
|
in only some child tables) would confuse the EvalPlanQual code, leading
|
|
to misbehavior or even crashes. Since EvalPlanQual is only executed
|
|
during concurrent updates to the same row, the problem was only seen
|
|
intermittently.
|
|
</para>
|
|
</listitem>
|
|
|
|
<listitem>
|
|
<para>
|
|
Avoid failures when <command>EXPLAIN</> tries to display a simple-form
|
|
<literal>CASE</> expression (Tom Lane)
|
|
</para>
|
|
|
|
<para>
|
|
If the <literal>CASE</>'s test expression was a constant, the planner
|
|
could simplify the <literal>CASE</> into a form that confused the
|
|
expression-display code, resulting in <quote>unexpected CASE WHEN
|
|
clause</> errors.
|
|
</para>
|
|
</listitem>
|
|
|
|
<listitem>
|
|
<para>
|
|
Fix assignment to an array slice that is before the existing range
|
|
of subscripts (Tom Lane)
|
|
</para>
|
|
|
|
<para>
|
|
If there was a gap between the newly added subscripts and the first
|
|
pre-existing subscript, the code miscalculated how many entries needed
|
|
to be copied from the old array's null bitmap, potentially leading to
|
|
data corruption or crash.
|
|
</para>
|
|
</listitem>
|
|
|
|
<listitem>
|
|
<para>
|
|
Avoid unexpected conversion overflow in planner for very distant date
|
|
values (Tom Lane)
|
|
</para>
|
|
|
|
<para>
|
|
The <type>date</> type supports a wider range of dates than can be
|
|
represented by the <type>timestamp</> types, but the planner assumed it
|
|
could always convert a date to timestamp with impunity.
|
|
</para>
|
|
</listitem>
|
|
|
|
<listitem>
|
|
<para>
|
|
Fix PL/Python crash when an array contains null entries (Alex Hunsaker)
|
|
</para>
|
|
</listitem>
|
|
|
|
<listitem>
|
|
<para>
|
|
Remove <application>ecpg</>'s fixed length limit for constants defining
|
|
an array dimension (Michael Meskes)
|
|
</para>
|
|
</listitem>
|
|
|
|
<listitem>
|
|
<para>
|
|
Fix erroneous parsing of <type>tsquery</> values containing
|
|
<literal>... & !(subexpression) | ...</literal> (Tom Lane)
|
|
</para>
|
|
|
|
<para>
|
|
Queries containing this combination of operators were not executed
|
|
correctly. The same error existed in <filename>contrib/intarray</>'s
|
|
<type>query_int</> type and <filename>contrib/ltree</>'s
|
|
<type>ltxtquery</> type.
|
|
</para>
|
|
</listitem>
|
|
|
|
<listitem>
|
|
<para>
|
|
Fix buffer overrun in <filename>contrib/intarray</>'s input function
|
|
for the <type>query_int</> type (Apple)
|
|
</para>
|
|
|
|
<para>
|
|
This bug is a security risk since the function's return address could
|
|
be overwritten. Thanks to Apple Inc's security team for reporting this
|
|
issue and supplying the fix. (CVE-2010-4015)
|
|
</para>
|
|
</listitem>
|
|
|
|
<listitem>
|
|
<para>
|
|
Fix bug in <filename>contrib/seg</>'s GiST picksplit algorithm
|
|
(Alexander Korotkov)
|
|
</para>
|
|
|
|
<para>
|
|
This could result in considerable inefficiency, though not actually
|
|
incorrect answers, in a GiST index on a <type>seg</> column.
|
|
If you have such an index, consider <command>REINDEX</>ing it after
|
|
installing this update. (This is identical to the bug that was fixed in
|
|
<filename>contrib/cube</> in the previous update.)
|
|
</para>
|
|
</listitem>
|
|
|
|
</itemizedlist>
|
|
|
|
</sect2>
|
|
</sect1>
|
|
|
|
<sect1 id="release-9-0-2">
|
|
<title>Release 9.0.2</title>
|
|
|
|
<note>
|
|
<title>Release Date</title>
|
|
<simpara>2010-12-16</simpara>
|
|
</note>
|
|
|
|
<para>
|
|
This release contains a variety of fixes from 9.0.1.
|
|
For information about new features in the 9.0 major release, see
|
|
<xref linkend="release-9-0">.
|
|
</para>
|
|
|
|
<sect2>
|
|
<title>Migration to Version 9.0.2</title>
|
|
|
|
<para>
|
|
A dump/restore is not required for those running 9.0.X.
|
|
</para>
|
|
|
|
</sect2>
|
|
|
|
<sect2>
|
|
<title>Changes</title>
|
|
|
|
<itemizedlist>
|
|
|
|
<listitem>
|
|
<para>
|
|
Force the default
|
|
<link linkend="guc-wal-sync-method"><varname>wal_sync_method</></link>
|
|
to be <literal>fdatasync</> on Linux (Tom Lane, Marti Raudsepp)
|
|
</para>
|
|
|
|
<para>
|
|
The default on Linux has actually been <literal>fdatasync</> for many
|
|
years, but recent kernel changes caused <productname>PostgreSQL</> to
|
|
choose <literal>open_datasync</> instead. This choice did not result
|
|
in any performance improvement, and caused outright failures on
|
|
certain filesystems, notably <literal>ext4</> with the
|
|
<literal>data=journal</> mount option.
|
|
</para>
|
|
</listitem>
|
|
|
|
<listitem>
|
|
<para>
|
|
Fix <quote>too many KnownAssignedXids</> error during Hot Standby
|
|
replay (Heikki Linnakangas)
|
|
</para>
|
|
</listitem>
|
|
|
|
<listitem>
|
|
<para>
|
|
Fix race condition in lock acquisition during Hot Standby (Simon Riggs)
|
|
</para>
|
|
</listitem>
|
|
|
|
<listitem>
|
|
<para>
|
|
Avoid unnecessary conflicts during Hot Standby (Simon Riggs)
|
|
</para>
|
|
|
|
<para>
|
|
This fixes some cases where replay was considered to conflict with
|
|
standby queries (causing delay of replay or possibly cancellation of
|
|
the queries), but there was no real conflict.
|
|
</para>
|
|
</listitem>
|
|
|
|
<listitem>
|
|
<para>
|
|
Fix assorted bugs in WAL replay logic for GIN indexes (Tom Lane)
|
|
</para>
|
|
|
|
<para>
|
|
This could result in <quote>bad buffer id: 0</> failures or
|
|
corruption of index contents during replication.
|
|
</para>
|
|
</listitem>
|
|
|
|
<listitem>
|
|
<para>
|
|
Fix recovery from base backup when the starting checkpoint WAL record
|
|
is not in the same WAL segment as its redo point (Jeff Davis)
|
|
</para>
|
|
</listitem>
|
|
|
|
<listitem>
|
|
<para>
|
|
Fix corner-case bug when streaming replication is enabled immediately
|
|
after creating the master database cluster (Heikki Linnakangas)
|
|
</para>
|
|
</listitem>
|
|
|
|
<listitem>
|
|
<para>
|
|
Fix persistent slowdown of autovacuum workers when multiple workers
|
|
remain active for a long time (Tom Lane)
|
|
</para>
|
|
|
|
<para>
|
|
The effective <varname>vacuum_cost_limit</> for an autovacuum worker
|
|
could drop to nearly zero if it processed enough tables, causing it
|
|
to run extremely slowly.
|
|
</para>
|
|
</listitem>
|
|
|
|
<listitem>
|
|
<para>
|
|
Fix long-term memory leak in autovacuum launcher (Alvaro Herrera)
|
|
</para>
|
|
</listitem>
|
|
|
|
<listitem>
|
|
<para>
|
|
Avoid failure when trying to report an impending transaction
|
|
wraparound condition from outside a transaction (Tom Lane)
|
|
</para>
|
|
|
|
<para>
|
|
This oversight prevented recovery after transaction wraparound got
|
|
too close, because database startup processing would fail.
|
|
</para>
|
|
</listitem>
|
|
|
|
<listitem>
|
|
<para>
|
|
Add support for detecting register-stack overrun on <literal>IA64</>
|
|
(Tom Lane)
|
|
</para>
|
|
|
|
<para>
|
|
The <literal>IA64</> architecture has two hardware stacks. Full
|
|
prevention of stack-overrun failures requires checking both.
|
|
</para>
|
|
</listitem>
|
|
|
|
<listitem>
|
|
<para>
|
|
Add a check for stack overflow in <function>copyObject()</> (Tom Lane)
|
|
</para>
|
|
|
|
<para>
|
|
Certain code paths could crash due to stack overflow given a
|
|
sufficiently complex query.
|
|
</para>
|
|
</listitem>
|
|
|
|
<listitem>
|
|
<para>
|
|
Fix detection of page splits in temporary GiST indexes (Heikki
|
|
Linnakangas)
|
|
</para>
|
|
|
|
<para>
|
|
It is possible to have a <quote>concurrent</> page split in a
|
|
temporary index, if for example there is an open cursor scanning the
|
|
index when an insertion is done. GiST failed to detect this case and
|
|
hence could deliver wrong results when execution of the cursor
|
|
continued.
|
|
</para>
|
|
</listitem>
|
|
|
|
<listitem>
|
|
<para>
|
|
Fix error checking during early connection processing (Tom Lane)
|
|
</para>
|
|
|
|
<para>
|
|
The check for too many child processes was skipped in some cases,
|
|
possibly leading to postmaster crash when attempting to add the new
|
|
child process to fixed-size arrays.
|
|
</para>
|
|
</listitem>
|
|
|
|
<listitem>
|
|
<para>
|
|
Improve efficiency of window functions (Tom Lane)
|
|
</para>
|
|
|
|
<para>
|
|
Certain cases where a large number of tuples needed to be read in
|
|
advance, but <varname>work_mem</> was large enough to allow them all
|
|
to be held in memory, were unexpectedly slow.
|
|
<function>percent_rank()</>, <function>cume_dist()</> and
|
|
<function>ntile()</> in particular were subject to this problem.
|
|
</para>
|
|
</listitem>
|
|
|
|
<listitem>
|
|
<para>
|
|
Avoid memory leakage while <command>ANALYZE</>'ing complex index
|
|
expressions (Tom Lane)
|
|
</para>
|
|
</listitem>
|
|
|
|
<listitem>
|
|
<para>
|
|
Ensure an index that uses a whole-row Var still depends on its table
|
|
(Tom Lane)
|
|
</para>
|
|
|
|
<para>
|
|
An index declared like <literal>create index i on t (foo(t.*))</>
|
|
would not automatically get dropped when its table was dropped.
|
|
</para>
|
|
</listitem>
|
|
|
|
<listitem>
|
|
<para>
|
|
Add missing support in <command>DROP OWNED BY</> for removing foreign
|
|
data wrapper/server privileges belonging to a user (Heikki Linnakangas)
|
|
</para>
|
|
</listitem>
|
|
|
|
<listitem>
|
|
<para>
|
|
Do not <quote>inline</> a SQL function with multiple <literal>OUT</>
|
|
parameters (Tom Lane)
|
|
</para>
|
|
|
|
<para>
|
|
This avoids a possible crash due to loss of information about the
|
|
expected result rowtype.
|
|
</para>
|
|
</listitem>
|
|
|
|
<listitem>
|
|
<para>
|
|
Fix crash when inline-ing a set-returning function whose argument list
|
|
contains a reference to an inline-able user function (Tom Lane)
|
|
</para>
|
|
</listitem>
|
|
|
|
<listitem>
|
|
<para>
|
|
Behave correctly if <literal>ORDER BY</>, <literal>LIMIT</>,
|
|
<literal>FOR UPDATE</>, or <literal>WITH</> is attached to the
|
|
<literal>VALUES</> part of <literal>INSERT ... VALUES</> (Tom Lane)
|
|
</para>
|
|
</listitem>
|
|
|
|
<listitem>
|
|
<para>
|
|
Make the <literal>OFF</> keyword unreserved (Heikki Linnakangas)
|
|
</para>
|
|
|
|
<para>
|
|
This prevents problems with using <literal>off</> as a variable name in
|
|
<application>PL/pgSQL</>. That worked before 9.0, but was now broken
|
|
because <application>PL/pgSQL</> now treats all core reserved words
|
|
as reserved.
|
|
</para>
|
|
</listitem>
|
|
|
|
<listitem>
|
|
<para>
|
|
Fix constant-folding of <literal>COALESCE()</> expressions (Tom Lane)
|
|
</para>
|
|
|
|
<para>
|
|
The planner would sometimes attempt to evaluate sub-expressions that
|
|
in fact could never be reached, possibly leading to unexpected errors.
|
|
</para>
|
|
</listitem>
|
|
|
|
<listitem>
|
|
<para>
|
|
Fix <quote>could not find pathkey item to sort</> planner failure
|
|
with comparison of whole-row Vars (Tom Lane)
|
|
</para>
|
|
</listitem>
|
|
|
|
<listitem>
|
|
<para>
|
|
Fix postmaster crash when connection acceptance
|
|
(<function>accept()</> or one of the calls made immediately after it)
|
|
fails, and the postmaster was compiled with GSSAPI support (Alexander
|
|
Chernikov)
|
|
</para>
|
|
</listitem>
|
|
|
|
<listitem>
|
|
<para>
|
|
Retry after receiving an invalid response packet from a RADIUS
|
|
authentication server (Magnus Hagander)
|
|
</para>
|
|
|
|
<para>
|
|
This fixes a low-risk potential denial of service condition.
|
|
</para>
|
|
</listitem>
|
|
|
|
<listitem>
|
|
<para>
|
|
Fix missed unlink of temporary files when <varname>log_temp_files</>
|
|
is active (Tom Lane)
|
|
</para>
|
|
|
|
<para>
|
|
If an error occurred while attempting to emit the log message, the
|
|
unlink was not done, resulting in accumulation of temp files.
|
|
</para>
|
|
</listitem>
|
|
|
|
<listitem>
|
|
<para>
|
|
Add print functionality for <structname>InhRelation</> nodes (Tom Lane)
|
|
</para>
|
|
|
|
<para>
|
|
This avoids a failure when <varname>debug_print_parse</> is enabled
|
|
and certain types of query are executed.
|
|
</para>
|
|
</listitem>
|
|
|
|
<listitem>
|
|
<para>
|
|
Fix incorrect calculation of distance from a point to a horizontal
|
|
line segment (Tom Lane)
|
|
</para>
|
|
|
|
<para>
|
|
This bug affected several different geometric distance-measurement
|
|
operators.
|
|
</para>
|
|
</listitem>
|
|
|
|
<listitem>
|
|
<para>
|
|
Fix incorrect calculation of transaction status in
|
|
<application>ecpg</> (Itagaki Takahiro)
|
|
</para>
|
|
</listitem>
|
|
|
|
<listitem>
|
|
<para>
|
|
Fix errors in <application>psql</>'s Unicode-escape support (Tom Lane)
|
|
</para>
|
|
</listitem>
|
|
|
|
<listitem>
|
|
<para>
|
|
Speed up parallel <application>pg_restore</> when the archive
|
|
contains many large objects (blobs) (Tom Lane)
|
|
</para>
|
|
</listitem>
|
|
|
|
<listitem>
|
|
<para>
|
|
Fix <application>PL/pgSQL</>'s handling of <quote>simple</>
|
|
expressions to not fail in recursion or error-recovery cases (Tom Lane)
|
|
</para>
|
|
</listitem>
|
|
|
|
<listitem>
|
|
<para>
|
|
Fix <application>PL/pgSQL</>'s error reporting for no-such-column
|
|
cases (Tom Lane)
|
|
</para>
|
|
|
|
<para>
|
|
As of 9.0, it would sometimes report <quote>missing FROM-clause entry
|
|
for table foo</> when <quote>record foo has no field bar</> would be
|
|
more appropriate.
|
|
</para>
|
|
</listitem>
|
|
|
|
<listitem>
|
|
<para>
|
|
Fix <application>PL/Python</> to honor typmod (i.e., length or
|
|
precision restrictions) when assigning to tuple fields (Tom Lane)
|
|
</para>
|
|
|
|
<para>
|
|
This fixes a regression from 8.4.
|
|
</para>
|
|
</listitem>
|
|
|
|
<listitem>
|
|
<para>
|
|
Fix <application>PL/Python</>'s handling of set-returning functions
|
|
(Jan Urbanski)
|
|
</para>
|
|
|
|
<para>
|
|
Attempts to call SPI functions within the iterator generating a set
|
|
result would fail.
|
|
</para>
|
|
</listitem>
|
|
|
|
<listitem>
|
|
<para>
|
|
Fix bug in <filename>contrib/cube</>'s GiST picksplit algorithm
|
|
(Alexander Korotkov)
|
|
</para>
|
|
|
|
<para>
|
|
This could result in considerable inefficiency, though not actually
|
|
incorrect answers, in a GiST index on a <type>cube</> column.
|
|
If you have such an index, consider <command>REINDEX</>ing it after
|
|
installing this update.
|
|
</para>
|
|
</listitem>
|
|
|
|
<listitem>
|
|
<para>
|
|
Don't emit <quote>identifier will be truncated</> notices in
|
|
<filename>contrib/dblink</> except when creating new connections
|
|
(Itagaki Takahiro)
|
|
</para>
|
|
</listitem>
|
|
|
|
<listitem>
|
|
<para>
|
|
Fix potential coredump on missing public key in
|
|
<filename>contrib/pgcrypto</> (Marti Raudsepp)
|
|
</para>
|
|
</listitem>
|
|
|
|
<listitem>
|
|
<para>
|
|
Fix buffer overrun in <filename>contrib/pg_upgrade</> (Hernan Gonzalez)
|
|
</para>
|
|
</listitem>
|
|
|
|
<listitem>
|
|
<para>
|
|
Fix memory leak in <filename>contrib/xml2</>'s XPath query functions
|
|
(Tom Lane)
|
|
</para>
|
|
</listitem>
|
|
|
|
<listitem>
|
|
<para>
|
|
Update time zone data files to <application>tzdata</> release 2010o
|
|
for DST law changes in Fiji and Samoa;
|
|
also historical corrections for Hong Kong.
|
|
</para>
|
|
</listitem>
|
|
|
|
</itemizedlist>
|
|
|
|
</sect2>
|
|
</sect1>
|
|
|
|
<sect1 id="release-9-0-1">
|
|
<title>Release 9.0.1</title>
|
|
|
|
<note>
|
|
<title>Release Date</title>
|
|
<simpara>2010-10-04</simpara>
|
|
</note>
|
|
|
|
<para>
|
|
This release contains a variety of fixes from 9.0.0.
|
|
For information about new features in the 9.0 major release, see
|
|
<xref linkend="release-9-0">.
|
|
</para>
|
|
|
|
<sect2>
|
|
<title>Migration to Version 9.0.1</title>
|
|
|
|
<para>
|
|
A dump/restore is not required for those running 9.0.X.
|
|
</para>
|
|
|
|
</sect2>
|
|
|
|
<sect2>
|
|
<title>Changes</title>
|
|
|
|
<itemizedlist>
|
|
|
|
<listitem>
|
|
<para>
|
|
Use a separate interpreter for each calling SQL userid in PL/Perl and
|
|
PL/Tcl (Tom Lane)
|
|
</para>
|
|
|
|
<para>
|
|
This change prevents security problems that can be caused by subverting
|
|
Perl or Tcl code that will be executed later in the same session under
|
|
another SQL user identity (for example, within a <literal>SECURITY
|
|
DEFINER</> function). Most scripting languages offer numerous ways that
|
|
that might be done, such as redefining standard functions or operators
|
|
called by the target function. Without this change, any SQL user with
|
|
Perl or Tcl language usage rights can do essentially anything with the
|
|
SQL privileges of the target function's owner.
|
|
</para>
|
|
|
|
<para>
|
|
The cost of this change is that intentional communication among Perl
|
|
and Tcl functions becomes more difficult. To provide an escape hatch,
|
|
PL/PerlU and PL/TclU functions continue to use only one interpreter
|
|
per session. This is not considered a security issue since all such
|
|
functions execute at the trust level of a database superuser already.
|
|
</para>
|
|
|
|
<para>
|
|
It is likely that third-party procedural languages that claim to offer
|
|
trusted execution have similar security issues. We advise contacting
|
|
the authors of any PL you are depending on for security-critical
|
|
purposes.
|
|
</para>
|
|
|
|
<para>
|
|
Our thanks to Tim Bunce for pointing out this issue (CVE-2010-3433).
|
|
</para>
|
|
</listitem>
|
|
|
|
<listitem>
|
|
<para>
|
|
Improve <function>pg_get_expr()</> security fix so that the function
|
|
can still be used on the output of a sub-select (Tom Lane)
|
|
</para>
|
|
</listitem>
|
|
|
|
<listitem>
|
|
<para>
|
|
Fix incorrect placement of placeholder evaluation (Tom Lane)
|
|
</para>
|
|
|
|
<para>
|
|
This bug could result in query outputs being non-null when they
|
|
should be null, in cases where the inner side of an outer join
|
|
is a sub-select with non-strict expressions in its output list.
|
|
</para>
|
|
</listitem>
|
|
|
|
<listitem>
|
|
<para>
|
|
Fix join removal's handling of placeholder expressions (Tom Lane)
|
|
</para>
|
|
</listitem>
|
|
|
|
<listitem>
|
|
<para>
|
|
Fix possible duplicate scans of <literal>UNION ALL</> member relations
|
|
(Tom Lane)
|
|
</para>
|
|
</listitem>
|
|
|
|
<listitem>
|
|
<para>
|
|
Prevent infinite loop in ProcessIncomingNotify() after unlistening
|
|
(Jeff Davis)
|
|
</para>
|
|
</listitem>
|
|
|
|
<listitem>
|
|
<para>
|
|
Prevent show_session_authorization() from crashing within autovacuum
|
|
processes (Tom Lane)
|
|
</para>
|
|
</listitem>
|
|
|
|
<listitem>
|
|
<para>
|
|
Re-allow input of Julian dates prior to 0001-01-01 AD (Tom Lane)
|
|
</para>
|
|
|
|
<para>
|
|
Input such as <literal>'J100000'::date</> worked before 8.4,
|
|
but was unintentionally broken by added error-checking.
|
|
</para>
|
|
</listitem>
|
|
|
|
<listitem>
|
|
<para>
|
|
Make psql recognize <command>DISCARD ALL</> as a command that should
|
|
not be encased in a transaction block in autocommit-off mode
|
|
(Itagaki Takahiro)
|
|
</para>
|
|
</listitem>
|
|
|
|
<listitem>
|
|
<para>
|
|
Update build infrastructure and documentation to reflect the source code
|
|
repository's move from CVS to Git (Magnus Hagander and others)
|
|
</para>
|
|
</listitem>
|
|
|
|
</itemizedlist>
|
|
|
|
</sect2>
|
|
</sect1>
|
|
|
|
<sect1 id="release-9-0">
|
|
<title>Release 9.0</title>
|
|
|
|
<note>
|
|
<title>Release Date</title>
|
|
<simpara>2010-09-20</simpara>
|
|
</note>
|
|
|
|
<sect2>
|
|
<title>Overview</title>
|
|
|
|
<para>
|
|
This release of
|
|
<productname>PostgreSQL</> adds features that have been requested
|
|
for years, such as easy-to-use replication, a mass permission-changing
|
|
facility, and anonymous code blocks. While past major releases have
|
|
been conservative in their scope, this release shows a
|
|
bold new desire to provide facilities that new and existing
|
|
users of <productname>PostgreSQL</> will embrace. This has all
|
|
been done with few incompatibilities. Major enhancements include:
|
|
</para>
|
|
|
|
<itemizedlist>
|
|
|
|
<!-- This list duplicates items below, but without authors or details-->
|
|
|
|
<listitem>
|
|
|
|
<para>
|
|
Built-in replication based on log shipping. This advance consists of
|
|
two features: Streaming Replication, allowing continuous archive
|
|
(<acronym>WAL</>) files to be streamed over a network connection to a
|
|
standby server, and Hot Standby, allowing continuous archive standby
|
|
servers to execute read-only queries. The net effect is to support a
|
|
single master with multiple read-only slave servers.
|
|
</para>
|
|
</listitem>
|
|
|
|
<listitem>
|
|
<para>
|
|
Easier database object permissions management. <link
|
|
linkend="SQL-GRANT"><command>GRANT</>/<command>REVOKE IN
|
|
SCHEMA</></link> supports mass permissions changes on existing objects,
|
|
while <link linkend="SQL-ALTERDEFAULTPRIVILEGES"><command>ALTER DEFAULT
|
|
PRIVILEGES</></link> allows control of privileges for objects created in
|
|
the future. Large objects (BLOBs) now support permissions management as
|
|
well.
|
|
</para>
|
|
</listitem>
|
|
|
|
<listitem>
|
|
<para>
|
|
Broadly enhanced stored procedure support.
|
|
The <link linkend="SQL-DO"><command>DO</></link> statement supports
|
|
ad-hoc or <quote>anonymous</> code blocks.
|
|
Functions can now be called using named parameters.
|
|
<link linkend="plpgsql">PL/pgSQL</link> is now installed by default, and
|
|
<link linkend="plperl">PL/Perl</link> and <link
|
|
linkend="plpython">PL/Python</link> have been enhanced in several ways,
|
|
including support for Python3.
|
|
</para>
|
|
</listitem>
|
|
|
|
<listitem>
|
|
<para>
|
|
Full support for <link linkend="install-windows">64-bit
|
|
<productname>Windows</></link>.
|
|
</para>
|
|
</listitem>
|
|
|
|
<listitem>
|
|
<para>
|
|
More advanced reporting queries, including additional windowing options
|
|
(<literal>PRECEDING</> and <literal>FOLLOWING</>) and the ability to
|
|
control the order in which values are fed to aggregate functions.
|
|
</para>
|
|
</listitem>
|
|
|
|
<listitem>
|
|
<para>
|
|
New trigger features, including
|
|
SQL-standard-compliant <link
|
|
linkend="SQL-CREATETRIGGER">per-column triggers</link> and
|
|
conditional trigger execution.
|
|
</para>
|
|
</listitem>
|
|
|
|
<listitem>
|
|
<para>
|
|
<link linkend="SQL-CREATETABLE-compatibility">Deferrable
|
|
unique constraints</link>. Mass updates to unique keys are now possible
|
|
without trickery.
|
|
</para>
|
|
</listitem>
|
|
|
|
<listitem>
|
|
<para>
|
|
<link linkend="ddl-constraints-exclusion">Exclusion constraints</link>.
|
|
These provide a generalized version of unique constraints, allowing
|
|
enforcement of complex conditions.
|
|
</para>
|
|
</listitem>
|
|
|
|
<listitem>
|
|
<para>
|
|
New and enhanced security features, including RADIUS authentication,
|
|
LDAP authentication improvements, and a new contrib module
|
|
<link linkend="passwordcheck"><filename>passwordcheck</></link>
|
|
for testing password strength.
|
|
</para>
|
|
</listitem>
|
|
|
|
<listitem>
|
|
<para>
|
|
New high-performance implementation of the
|
|
<link linkend="SQL-LISTEN"><command>LISTEN</></link>/<link
|
|
linkend="SQL-NOTIFY"><command>NOTIFY</></link> feature.
|
|
Pending events are now stored in a memory-based queue rather than
|
|
a table. Also, a <quote>payload</> string can be sent with each
|
|
event, rather than transmitting just an event name as before.
|
|
</para>
|
|
</listitem>
|
|
|
|
<listitem>
|
|
<para>
|
|
New implementation of
|
|
<link linkend="SQL-VACUUM"><command>VACUUM FULL</></link>.
|
|
This command now rewrites the entire table and indexes, rather than
|
|
moving individual rows to compact space. It is substantially faster
|
|
in most cases, and no longer results in index bloat.
|
|
</para>
|
|
</listitem>
|
|
|
|
<listitem>
|
|
<para>
|
|
New contrib module
|
|
<link linkend="pgupgrade"><filename>pg_upgrade</></link>
|
|
to support in-place upgrades from 8.3 or 8.4 to 9.0.
|
|
</para>
|
|
</listitem>
|
|
|
|
<listitem>
|
|
<para>
|
|
Multiple performance enhancements for specific types of queries,
|
|
including elimination of unnecessary joins. This helps optimize some
|
|
automatically-generated queries, such as those produced by
|
|
object-relational mappers (ORMs).
|
|
</para>
|
|
</listitem>
|
|
|
|
<listitem>
|
|
<para>
|
|
<link linkend="SQL-EXPLAIN "><command>EXPLAIN</></link> enhancements.
|
|
The output is now available in JSON, XML, or YAML format, and includes
|
|
buffer utilization and other data not previously available.
|
|
</para>
|
|
</listitem>
|
|
|
|
<listitem>
|
|
<para>
|
|
<link linkend="hstore"><filename>hstore</></link> improvements,
|
|
including new functions and greater data capacity.
|
|
</para>
|
|
</listitem>
|
|
|
|
</itemizedlist>
|
|
|
|
<para>
|
|
The above items are explained in more detail in the sections below.
|
|
</para>
|
|
|
|
</sect2>
|
|
|
|
<sect2>
|
|
|
|
<title>Migration to Version 9.0</title>
|
|
|
|
<para>
|
|
A dump/restore using <application>pg_dump</application>,
|
|
or use of <application>pg_upgrade</application>, is required
|
|
for those wishing to migrate data from any previous
|
|
release.
|
|
</para>
|
|
|
|
<para>
|
|
Version 9.0 contains a number of changes that selectively break backwards
|
|
compatibility in order to support new features and code quality
|
|
improvements. In particular, users who make extensive use of PL/pgSQL,
|
|
Point-In-Time Recovery (PITR), or Warm Standby should test their
|
|
applications because of slight user-visible changes in those areas.
|
|
Observe the following incompatibilities:
|
|
</para>
|
|
|
|
<sect3>
|
|
<title>Server Settings</title>
|
|
|
|
<itemizedlist>
|
|
|
|
<listitem>
|
|
<para>
|
|
Remove server parameter <varname>add_missing_from</>, which was
|
|
defaulted to off for many years (Tom Lane)
|
|
</para>
|
|
</listitem>
|
|
|
|
<listitem>
|
|
<para>
|
|
Remove server parameter <varname>regex_flavor</>, which
|
|
was defaulted to <link
|
|
linkend="posix-syntax-details"><literal>advanced</></link>
|
|
for many years (Tom Lane)
|
|
</para>
|
|
</listitem>
|
|
|
|
<listitem>
|
|
<para>
|
|
<link linkend="guc-archive-mode"><varname>archive_mode</></link>
|
|
now only affects <link
|
|
linkend="guc-archive-command"><varname>archive_command</></link>;
|
|
a new setting, <link
|
|
linkend="guc-wal-level"><varname>wal_level</></link>, affects
|
|
the contents of the write-ahead log (Heikki Linnakangas)
|
|
</para>
|
|
</listitem>
|
|
|
|
<listitem>
|
|
<para>
|
|
<link linkend="guc-log-temp-files"><varname>log_temp_files</></link>
|
|
now uses default file size units of kilobytes (Robert Haas)
|
|
</para>
|
|
</listitem>
|
|
|
|
</itemizedlist>
|
|
|
|
</sect3>
|
|
|
|
<sect3>
|
|
<title>Queries</title>
|
|
|
|
<itemizedlist>
|
|
|
|
<listitem>
|
|
<para>
|
|
When querying a <link linkend="ddl-inherit">parent table</link>,
|
|
do not do any separate permission checks on child tables
|
|
scanned as part of the query (Peter Eisentraut)
|
|
</para>
|
|
|
|
<para>
|
|
The SQL standard specifies this behavior, and it is also much more
|
|
convenient in practice than the former behavior of checking permissions
|
|
on each child as well as the parent.
|
|
</para>
|
|
</listitem>
|
|
|
|
</itemizedlist>
|
|
|
|
</sect3>
|
|
|
|
<sect3>
|
|
<title>Data Types</title>
|
|
|
|
<itemizedlist>
|
|
|
|
<listitem>
|
|
<para>
|
|
<link linkend="datatype-binary"><type>bytea</></link> output now
|
|
appears in hex format by default (Peter Eisentraut)
|
|
</para>
|
|
|
|
<para>
|
|
The server parameter <link
|
|
linkend="guc-bytea-output"><varname>bytea_output</></link> can be
|
|
used to select the traditional output format if needed for
|
|
compatibility.
|
|
</para>
|
|
</listitem>
|
|
|
|
<listitem>
|
|
<para>
|
|
Array input now considers only plain ASCII whitespace characters
|
|
to be potentially ignorable; it will never ignore non-ASCII characters,
|
|
even if they are whitespace according to some locales (Tom Lane)
|
|
</para>
|
|
|
|
<para>
|
|
This avoids some corner cases where array values could be interpreted
|
|
differently depending on the server's locale settings.
|
|
</para>
|
|
</listitem>
|
|
|
|
<listitem>
|
|
<para>
|
|
Improve standards compliance of <link
|
|
linkend="functions-similarto-regexp"><literal>SIMILAR TO</></link>
|
|
patterns and SQL-style <function>substring()</> patterns (Tom Lane)
|
|
</para>
|
|
|
|
<para>
|
|
This includes treating <literal>?</> and <literal>{...}</> as
|
|
pattern metacharacters, while they were simple literal characters
|
|
before; that corresponds to new features added in SQL:2008.
|
|
Also, <literal>^</> and <literal>$</> are now treated as simple
|
|
literal characters; formerly they were treated as metacharacters,
|
|
as if the pattern were following POSIX rather than SQL rules.
|
|
Also, in SQL-standard <function>substring()</>, use of parentheses
|
|
for nesting no longer interferes with capturing of a substring.
|
|
Also, processing of bracket expressions (character classes) is
|
|
now more standards-compliant.
|
|
</para>
|
|
</listitem>
|
|
|
|
<listitem>
|
|
<para>
|
|
Reject negative length values in 3-parameter <link
|
|
linkend="functions-string-sql"><function>substring()</></link>
|
|
for bit strings, per the SQL standard (Tom Lane)
|
|
</para>
|
|
</listitem>
|
|
|
|
<listitem>
|
|
<para>
|
|
Make <function>date_trunc</> truncate rather than round when reducing
|
|
precision of fractional seconds (Tom Lane)
|
|
</para>
|
|
|
|
<para>
|
|
The code always acted this way for integer-based dates/times.
|
|
Now float-based dates/times behave similarly.
|
|
</para>
|
|
</listitem>
|
|
|
|
</itemizedlist>
|
|
|
|
</sect3>
|
|
|
|
<sect3>
|
|
<title>Object Renaming</title>
|
|
|
|
<itemizedlist>
|
|
|
|
<listitem>
|
|
<para>
|
|
Tighten enforcement of column name consistency during <command>RENAME</>
|
|
when a child table inherits the same column from multiple unrelated
|
|
parents (KaiGai Kohei)
|
|
</para>
|
|
</listitem>
|
|
|
|
<listitem>
|
|
<para>
|
|
No longer automatically rename indexes and index columns when the
|
|
underlying table columns are renamed (Tom Lane)
|
|
</para>
|
|
|
|
<para>
|
|
Administrators can still rename such indexes and columns manually.
|
|
This change will require an update of the JDBC driver, and possibly other
|
|
drivers, so that unique indexes are correctly recognized after a rename.
|
|
</para>
|
|
</listitem>
|
|
|
|
<listitem>
|
|
<para>
|
|
<command>CREATE OR REPLACE FUNCTION</command> can no longer change
|
|
the declared names of function parameters (Pavel Stehule)
|
|
</para>
|
|
|
|
<para>
|
|
In order to avoid creating ambiguity in named-parameter calls, it is
|
|
no longer allowed to change the aliases for input parameters
|
|
in the declaration of an existing function (although names can still
|
|
be assigned to previously unnamed parameters). You now have to
|
|
<command>DROP</command> and recreate the function to do that.
|
|
</para>
|
|
</listitem>
|
|
|
|
</itemizedlist>
|
|
|
|
</sect3>
|
|
|
|
<sect3>
|
|
<title>PL/pgSQL</title>
|
|
|
|
<itemizedlist>
|
|
|
|
<listitem>
|
|
<para>
|
|
PL/pgSQL now throws an error if a variable name conflicts with a
|
|
column name used in a query (Tom Lane)
|
|
</para>
|
|
|
|
<para>
|
|
The former behavior was to bind ambiguous names to PL/pgSQL variables
|
|
in preference to query columns, which often resulted in surprising
|
|
misbehavior. Throwing an error allows easy detection of ambiguous
|
|
situations. Although it's recommended that functions encountering this
|
|
type of error be modified to remove the conflict, the old behavior can
|
|
be restored if necessary via the configuration parameter <link
|
|
linkend="plpgsql-var-subst"><varname>plpgsql.variable_conflict</></link>,
|
|
or via the per-function option <literal>#variable_conflict</>.
|
|
</para>
|
|
</listitem>
|
|
|
|
<listitem>
|
|
<para>
|
|
PL/pgSQL no longer allows variable names that match certain SQL
|
|
reserved words (Tom Lane)
|
|
</para>
|
|
|
|
<para>
|
|
This is a consequence of aligning the PL/pgSQL parser to match the
|
|
core SQL parser more closely. If necessary,
|
|
variable names can be double-quoted to avoid this restriction.
|
|
</para>
|
|
</listitem>
|
|
|
|
<listitem>
|
|
<para>
|
|
PL/pgSQL now requires columns of composite results to match the
|
|
expected type modifier as well as base type (Pavel Stehule, Tom Lane)
|
|
</para>
|
|
|
|
<para>
|
|
For example, if a column of the result type is declared as
|
|
<literal>NUMERIC(30,2)</>, it is no longer acceptable to return a
|
|
<literal>NUMERIC</> of some other precision in that column. Previous
|
|
versions neglected to check the type modifier and would thus allow
|
|
result rows that didn't actually conform to the declared restrictions.
|
|
</para>
|
|
</listitem>
|
|
|
|
<listitem>
|
|
<para>
|
|
PL/pgSQL now treats selection into composite fields more consistently
|
|
(Tom Lane)
|
|
</para>
|
|
|
|
<para>
|
|
Formerly, a statement like
|
|
<literal>SELECT ... INTO <replaceable>rec</>.<replaceable>fld</> FROM ...</literal>
|
|
was treated as a scalar assignment even if the record field
|
|
<replaceable>fld</> was of composite type. Now it is treated as a
|
|
record assignment, the same as when the <literal>INTO</> target is a
|
|
regular variable of composite type. So the values to be assigned to the
|
|
field's subfields should be written as separate columns of the
|
|
<command>SELECT</> list, not as a <literal>ROW(...)</> construct as in
|
|
previous versions.
|
|
</para>
|
|
|
|
<para>
|
|
If you need to do this in a way that will work in both 9.0 and previous
|
|
releases, you can write something like
|
|
<literal><replaceable>rec</>.<replaceable>fld</> := ROW(...) FROM ...</literal>.
|
|
</para>
|
|
</listitem>
|
|
|
|
<listitem>
|
|
<para>
|
|
Remove PL/pgSQL's <literal>RENAME</> declaration (Tom Lane)
|
|
</para>
|
|
|
|
<para>
|
|
Instead of <literal>RENAME</>, use <link
|
|
linkend="plpgsql-declaration-alias"><literal>ALIAS</></link>,
|
|
which can now create an alias for any variable, not only dollar sign
|
|
parameter names (such as <literal>$1</>) as before.
|
|
</para>
|
|
</listitem>
|
|
</itemizedlist>
|
|
|
|
</sect3>
|
|
|
|
<sect3>
|
|
<title>Other Incompatibilities</title>
|
|
|
|
<itemizedlist>
|
|
|
|
<listitem>
|
|
<para>
|
|
Deprecate use of <literal>=></> as an operator name (Robert Haas)
|
|
</para>
|
|
|
|
<para>
|
|
Future versions of <productname>PostgreSQL</> will probably reject
|
|
this operator name entirely, in order to support the SQL-standard
|
|
notation for named function parameters. For the moment, it is
|
|
still allowed, but a warning is emitted when such an operator is
|
|
defined.
|
|
</para>
|
|
</listitem>
|
|
|
|
<listitem>
|
|
<para>
|
|
Remove support for platforms that don't have a working 64-bit
|
|
integer data type (Tom Lane)
|
|
</para>
|
|
|
|
<para>
|
|
It is believed all still-supported platforms have working 64-bit
|
|
integer data types.
|
|
</para>
|
|
</listitem>
|
|
|
|
</itemizedlist>
|
|
</sect3>
|
|
</sect2>
|
|
|
|
<sect2>
|
|
<title>Changes</title>
|
|
<para>
|
|
Version 9.0 has an unprecedented number of new major features,
|
|
and over 200 enhancements, improvements, new commands,
|
|
new functions, and other changes.
|
|
</para>
|
|
|
|
<sect3>
|
|
<title>Server</title>
|
|
|
|
<sect4>
|
|
<title>Continuous Archiving and Streaming Replication</title>
|
|
|
|
<para>
|
|
PostgreSQL's existing standby-server capability has been expanded both to
|
|
support read-only queries on standby servers and to greatly reduce
|
|
the lag between master and standby servers. For many users, this
|
|
will be a useful and low-administration form of replication, either
|
|
for high availability or for horizontal scalability.
|
|
</para>
|
|
|
|
<itemizedlist>
|
|
<listitem>
|
|
<para>
|
|
Allow a standby server to accept read-only queries
|
|
(Simon Riggs, Heikki Linnakangas)
|
|
</para>
|
|
|
|
<para>
|
|
This feature is called Hot Standby. There are new
|
|
<filename>postgresql.conf</> and <filename>recovery.conf</>
|
|
settings to control this feature, as well as extensive
|
|
<link linkend="hot-standby">documentation</link>.
|
|
</para>
|
|
</listitem>
|
|
|
|
<listitem>
|
|
<para>
|
|
Allow write-ahead log (<acronym>WAL</>) data to be streamed to a
|
|
standby server (Fujii Masao, Heikki Linnakangas)
|
|
</para>
|
|
|
|
<para>
|
|
This feature is called Streaming Replication.
|
|
Previously <acronym>WAL</> data could be sent to standby servers only
|
|
in units of entire <acronym>WAL</> files (normally 16 megabytes each).
|
|
Streaming Replication eliminates this inefficiency and allows updates
|
|
on the master to be propagated to standby servers with very little
|
|
delay. There are new <filename>postgresql.conf</> and
|
|
<filename>recovery.conf</> settings to control this feature, as well as
|
|
extensive <link linkend="streaming-replication">documentation</link>.
|
|
</para>
|
|
</listitem>
|
|
|
|
<listitem>
|
|
<para>
|
|
Add <link
|
|
linkend="functions-recovery-info-table"><function>pg_last_xlog_receive_location()</></link>
|
|
and <function>pg_last_xlog_replay_location()</>, which
|
|
can be used to monitor standby server <acronym>WAL</>
|
|
activity (Simon Riggs, Fujii Masao, Heikki Linnakangas)
|
|
</para>
|
|
</listitem>
|
|
|
|
</itemizedlist>
|
|
|
|
</sect4>
|
|
|
|
<sect4>
|
|
<title>Performance</title>
|
|
|
|
<itemizedlist>
|
|
|
|
<listitem>
|
|
<para>
|
|
Allow per-tablespace values to be set for sequential and random page
|
|
cost estimates (<varname>seq_page_cost</>/<varname>random_page_cost</>)
|
|
via <link linkend="SQL-ALTERTABLESPACE"><command>ALTER TABLESPACE
|
|
... SET/RESET</></link> (Robert Haas)
|
|
</para>
|
|
</listitem>
|
|
|
|
<listitem>
|
|
<para>
|
|
Improve performance and reliability of EvalPlanQual rechecks in join
|
|
queries (Tom Lane)
|
|
</para>
|
|
|
|
<para>
|
|
<command>UPDATE</>, <command>DELETE</>, and <command>SELECT FOR
|
|
UPDATE/SHARE</> queries that involve joins will now behave much better
|
|
when encountering freshly-updated rows.
|
|
</para>
|
|
</listitem>
|
|
|
|
<listitem>
|
|
<para>
|
|
Improve performance of <link
|
|
linkend="SQL-TRUNCATE"><command>TRUNCATE</></link> when
|
|
the table was created or truncated earlier in the same transaction
|
|
(Tom Lane)
|
|
</para>
|
|
</listitem>
|
|
|
|
<listitem>
|
|
<para>
|
|
Improve performance of finding inheritance child tables (Tom Lane)
|
|
</para>
|
|
</listitem>
|
|
|
|
</itemizedlist>
|
|
|
|
</sect4>
|
|
|
|
<sect4>
|
|
<title>Optimizer</title>
|
|
|
|
<itemizedlist>
|
|
|
|
<listitem>
|
|
<para>
|
|
Remove unnecessary <link linkend="queries-join">outer
|
|
joins</link> (Robert Haas)
|
|
</para>
|
|
|
|
<para>
|
|
Outer joins where the inner side is unique and not referenced above
|
|
the join are unnecessary and are therefore now removed. This will
|
|
accelerate many automatically generated queries, such as those created
|
|
by object-relational mappers (ORMs).
|
|
</para>
|
|
</listitem>
|
|
|
|
<listitem>
|
|
<para>
|
|
Allow <literal>IS NOT NULL</> restrictions to use indexes (Tom Lane)
|
|
</para>
|
|
|
|
<para>
|
|
This is particularly useful for finding
|
|
<function>MAX()</>/<function>MIN()</> values in indexes that
|
|
contain many null values.
|
|
</para>
|
|
</listitem>
|
|
|
|
<listitem>
|
|
<para>
|
|
Improve the optimizer's choices about when to use materialize nodes,
|
|
and when to use sorting versus hashing for <literal>DISTINCT</>
|
|
(Tom Lane)
|
|
</para>
|
|
</listitem>
|
|
|
|
<listitem>
|
|
<para>
|
|
Improve the optimizer's equivalence detection for expressions involving
|
|
<type>boolean</> <literal><></> operators (Tom Lane)
|
|
</para>
|
|
</listitem>
|
|
</itemizedlist>
|
|
</sect4>
|
|
|
|
<sect4>
|
|
<title><link linkend="geqo">GEQO</link></title>
|
|
|
|
<itemizedlist>
|
|
|
|
<listitem>
|
|
<para>
|
|
Use the same random seed every time GEQO plans a query (Andres
|
|
Freund)
|
|
</para>
|
|
|
|
<para>
|
|
While the Genetic Query Optimizer (GEQO) still selects
|
|
random plans, it now always selects the same random plans for identical
|
|
queries, thus giving more consistent performance. You can modify <link
|
|
linkend="guc-geqo-seed"><varname>geqo_seed</></link> to experiment with
|
|
alternative plans.
|
|
</para>
|
|
</listitem>
|
|
|
|
<listitem>
|
|
<para>
|
|
Improve GEQO plan selection (Tom Lane)
|
|
</para>
|
|
|
|
<para>
|
|
This avoids the rare error <quote>failed to make a valid plan</>,
|
|
and should also improve planning speed.
|
|
</para>
|
|
</listitem>
|
|
|
|
</itemizedlist>
|
|
|
|
</sect4>
|
|
|
|
<sect4>
|
|
<title>Optimizer Statistics</title>
|
|
|
|
<itemizedlist>
|
|
|
|
<listitem>
|
|
<para>
|
|
Improve <link linkend="SQL-ANALYZE"><command>ANALYZE</></link>
|
|
to support inheritance-tree statistics (Tom Lane)
|
|
</para>
|
|
|
|
<para>
|
|
This is particularly useful for partitioned tables. However,
|
|
autovacuum does not yet automatically re-analyze parent tables
|
|
when child tables change.
|
|
</para>
|
|
</listitem>
|
|
|
|
<listitem>
|
|
<para>
|
|
Improve <link linkend="routine-vacuuming">autovacuum</link>'s
|
|
detection of when re-analyze is necessary (Tom Lane)
|
|
</para>
|
|
</listitem>
|
|
|
|
<listitem>
|
|
<para>
|
|
Improve optimizer's estimation for greater/less-than comparisons
|
|
(Tom Lane)
|
|
</para>
|
|
|
|
<para>
|
|
When looking up statistics for greater/less-than comparisons,
|
|
if the comparison value is in the first or last histogram bucket,
|
|
use an index (if available) to fetch the current actual column
|
|
minimum or maximum. This greatly improves the accuracy of estimates
|
|
for comparison values near the ends of the data range, particularly
|
|
if the range is constantly changing due to addition of new data.
|
|
</para>
|
|
</listitem>
|
|
|
|
<listitem>
|
|
<para>
|
|
Allow setting of number-of-distinct-values statistics using <link
|
|
linkend="SQL-ALTERTABLE"><command>ALTER TABLE</></link>
|
|
(Robert Haas)
|
|
</para>
|
|
|
|
<para>
|
|
This allows users to override the estimated number or percentage of
|
|
distinct values for a column. This statistic is normally computed by
|
|
<command>ANALYZE</>, but the estimate can be poor, especially on tables
|
|
with very large numbers of rows.
|
|
</para>
|
|
</listitem>
|
|
|
|
</itemizedlist>
|
|
|
|
</sect4>
|
|
|
|
<sect4>
|
|
<title>Authentication</title>
|
|
|
|
<itemizedlist>
|
|
|
|
<listitem>
|
|
<para>
|
|
Add support for <link
|
|
linkend="auth-radius"><acronym>RADIUS</></link> (Remote
|
|
Authentication Dial In User Service) authentication
|
|
(Magnus Hagander)
|
|
</para>
|
|
</listitem>
|
|
|
|
<listitem>
|
|
<para>
|
|
Allow <link linkend="auth-ldap"><acronym>LDAP</></link>
|
|
(Lightweight Directory Access Protocol) authentication
|
|
to operate in <quote>search/bind</> mode
|
|
(Robert Fleming, Magnus Hagander)
|
|
</para>
|
|
|
|
<para>
|
|
This allows the user to be looked up first, then the system uses
|
|
the <acronym>DN</> (Distinguished Name) returned for that user.
|
|
</para>
|
|
</listitem>
|
|
|
|
<listitem>
|
|
<para>
|
|
Add <link
|
|
linkend="auth-pg-hba-conf"><literal>samehost</></link>
|
|
and <literal>samenet</> designations to
|
|
<filename>pg_hba.conf</> (Stef Walter)
|
|
</para>
|
|
|
|
<para>
|
|
These match the server's <acronym>IP</> address and subnet address
|
|
respectively.
|
|
</para>
|
|
</listitem>
|
|
|
|
<listitem>
|
|
<para>
|
|
Pass trusted SSL root certificate names to the client so the client
|
|
can return an appropriate client certificate (Craig Ringer)
|
|
</para>
|
|
</listitem>
|
|
|
|
</itemizedlist>
|
|
|
|
</sect4>
|
|
|
|
<sect4>
|
|
<title>Monitoring</title>
|
|
|
|
<itemizedlist>
|
|
|
|
<listitem>
|
|
<para>
|
|
Add the ability for clients to set an <link
|
|
linkend="libpq-connect-application-name">application
|
|
name</link>, which is displayed in
|
|
<structname>pg_stat_activity</> (Dave Page)
|
|
</para>
|
|
|
|
<para>
|
|
This allows administrators to characterize database traffic
|
|
and troubleshoot problems by source application.
|
|
</para>
|
|
</listitem>
|
|
|
|
<listitem>
|
|
<para>
|
|
Add a SQLSTATE option (<literal>%e</>) to <link
|
|
linkend="guc-log-line-prefix"><varname>log_line_prefix</></link>
|
|
(Guillaume Smet)
|
|
</para>
|
|
|
|
<para>
|
|
This allows users to compile statistics on errors and messages
|
|
by error code number.
|
|
</para>
|
|
|
|
</listitem>
|
|
|
|
<listitem>
|
|
<para>
|
|
Write to the Windows event log in <acronym>UTF16</> encoding
|
|
(Itagaki Takahiro)
|
|
</para>
|
|
|
|
<para>
|
|
Now there is true multilingual support for PostgreSQL log messages
|
|
on Windows.
|
|
</para>
|
|
</listitem>
|
|
|
|
</itemizedlist>
|
|
|
|
</sect4>
|
|
|
|
<sect4>
|
|
<title>Statistics Counters</title>
|
|
|
|
<itemizedlist>
|
|
|
|
<listitem>
|
|
<para>
|
|
Add <link
|
|
linkend="monitoring-stats-funcs-table"><function>pg_stat_reset_shared('bgwriter')</></link>
|
|
to reset the cluster-wide shared statistics for the
|
|
background writer (Greg Smith)
|
|
</para>
|
|
</listitem>
|
|
|
|
<listitem>
|
|
<para>
|
|
Add <link
|
|
linkend="monitoring-stats-funcs-table"><function>pg_stat_reset_single_table_counters()</></link>
|
|
and <function>pg_stat_reset_single_function_counters()</>
|
|
to allow resetting the statistics counters for individual
|
|
tables and functions (Magnus Hagander)
|
|
</para>
|
|
</listitem>
|
|
|
|
</itemizedlist>
|
|
|
|
</sect4>
|
|
|
|
<sect4>
|
|
<title>Server Settings</title>
|
|
|
|
<itemizedlist>
|
|
|
|
<listitem>
|
|
<para>
|
|
Allow setting of configuration parameters based on <link
|
|
linkend="sql-alterrole">database/role combinations</link>
|
|
(Alvaro Herrera)
|
|
</para>
|
|
|
|
<para>
|
|
Previously only per-database and per-role settings were possible,
|
|
not combinations. All role and database settings are now stored
|
|
in the new <structname>pg_db_role_setting</> system catalog. A new
|
|
<application>psql</> command <literal>\drds</> shows these settings.
|
|
The legacy system views <structname>pg_roles</>,
|
|
<structname>pg_shadow</>, and <structname>pg_user</>
|
|
do not show combination settings, and therefore no longer
|
|
completely represent the configuration for a user or database.
|
|
</para>
|
|
</listitem>
|
|
|
|
<listitem>
|
|
<para>
|
|
Add server parameter <link
|
|
linkend="guc-bonjour"><varname>bonjour</></link>, which
|
|
controls whether a Bonjour-enabled server advertises
|
|
itself via <productname>Bonjour</> (Tom Lane)
|
|
</para>
|
|
|
|
<para>
|
|
The default is off, meaning it does not advertise. This allows
|
|
packagers to distribute Bonjour-enabled builds without worrying
|
|
that individual users might not want the feature.
|
|
</para>
|
|
</listitem>
|
|
|
|
<listitem>
|
|
<para>
|
|
Add server parameter <link
|
|
linkend="guc-enable-material"><varname>enable_material</></link>, which
|
|
controls the use of materialize nodes in the optimizer
|
|
(Robert Haas)
|
|
</para>
|
|
|
|
<para>
|
|
The default is on. When off, the optimizer will not add
|
|
materialize nodes purely for performance reasons, though they
|
|
will still be used when necessary for correctness.
|
|
</para>
|
|
</listitem>
|
|
|
|
<listitem>
|
|
<para>
|
|
Change server parameter <link
|
|
linkend="guc-log-temp-files"><varname>log_temp_files</></link> to
|
|
use default file size units of kilobytes (Robert Haas)
|
|
</para>
|
|
|
|
<para>
|
|
Previously this setting was interpreted in bytes if no units were
|
|
specified.
|
|
</para>
|
|
</listitem>
|
|
|
|
<listitem>
|
|
<para>
|
|
Log changes of parameter values when <filename>postgresql.conf</> is
|
|
reloaded (Peter Eisentraut)
|
|
</para>
|
|
|
|
<para>
|
|
This lets administrators and security staff audit changes of database
|
|
settings, and is also very convenient for checking the effects of
|
|
<filename>postgresql.conf</> edits.
|
|
</para>
|
|
</listitem>
|
|
|
|
<listitem>
|
|
<para>
|
|
Properly enforce superuser permissions for custom server parameters
|
|
(Tom Lane)
|
|
</para>
|
|
|
|
<para>
|
|
Non-superusers can no longer issue <command>ALTER
|
|
ROLE</>/<command>DATABASE SET</> for parameters that are not currently
|
|
known to the server. This allows the server to correctly check that
|
|
superuser-only parameters are only set by superusers. Previously,
|
|
the <literal>SET</> would be allowed and then ignored at session start,
|
|
making superuser-only custom parameters much less useful than they
|
|
should be.
|
|
</para>
|
|
</listitem>
|
|
|
|
</itemizedlist>
|
|
|
|
</sect4>
|
|
|
|
</sect3>
|
|
|
|
<sect3>
|
|
<title>Queries</title>
|
|
|
|
<itemizedlist>
|
|
|
|
<listitem>
|
|
<para>
|
|
Perform <link linkend="SQL-FOR-UPDATE-SHARE"><command>SELECT
|
|
FOR UPDATE</>/<literal>SHARE</></link> processing after
|
|
applying <literal>LIMIT</>, so the number of rows returned
|
|
is always predictable (Tom Lane)
|
|
</para>
|
|
|
|
<para>
|
|
Previously, changes made by concurrent transactions could cause a
|
|
<command>SELECT FOR UPDATE</> to unexpectedly return fewer rows than
|
|
specified by its <literal>LIMIT</>. <literal>FOR UPDATE</> in combination
|
|
with <literal>ORDER BY</> can still produce surprising results, but that
|
|
can be corrected by placing <literal>FOR UPDATE</> in a subquery.
|
|
</para>
|
|
</listitem>
|
|
|
|
<listitem>
|
|
<para>
|
|
Allow mixing of traditional and SQL-standard <link
|
|
linkend="SQL-LIMIT"><literal>LIMIT</>/<literal>OFFSET</></link>
|
|
syntax (Tom Lane)
|
|
</para>
|
|
</listitem>
|
|
|
|
<listitem>
|
|
<para>
|
|
Extend the supported frame options in <link
|
|
linkend="SQL-WINDOW">window functions</link> (Hitoshi
|
|
Harada)
|
|
</para>
|
|
|
|
<para>
|
|
Frames can now start with <literal>CURRENT ROW</>, and the <literal>ROWS
|
|
<replaceable>n</> PRECEDING</>/<literal>FOLLOWING</> options are now
|
|
supported.
|
|
</para>
|
|
</listitem>
|
|
|
|
<listitem>
|
|
<para>
|
|
Make <command>SELECT INTO</> and <command>CREATE TABLE AS</> return
|
|
row counts to the client in their command tags
|
|
(Boszormenyi Zoltan)
|
|
</para>
|
|
|
|
<para>
|
|
This can save an entire round-trip to the client, allowing result counts
|
|
and pagination to be calculated without an additional
|
|
<command>COUNT</command> query.
|
|
</para>
|
|
</listitem>
|
|
|
|
</itemizedlist>
|
|
|
|
<sect4>
|
|
<title>Unicode Strings</title>
|
|
|
|
<itemizedlist>
|
|
|
|
<listitem>
|
|
<para>
|
|
Support Unicode surrogate pairs (dual 16-bit representation) in
|
|
<link
|
|
linkend="sql-syntax-strings-uescape"><literal>U&</></link>
|
|
strings and identifiers (Peter Eisentraut)
|
|
</para>
|
|
</listitem>
|
|
|
|
<listitem>
|
|
<para>
|
|
Support Unicode escapes in <link
|
|
linkend="sql-syntax-strings-escape"><literal>E'...'</></link>
|
|
strings (Marko Kreen)
|
|
</para>
|
|
</listitem>
|
|
|
|
</itemizedlist>
|
|
|
|
</sect4>
|
|
|
|
</sect3>
|
|
|
|
<sect3>
|
|
<title>Object Manipulation</title>
|
|
|
|
<itemizedlist>
|
|
|
|
<listitem>
|
|
<para>
|
|
Speed up <link linkend="SQL-CREATEDATABASE"><command>CREATE
|
|
DATABASE</></link> by deferring flushes to disk (Andres
|
|
Freund, Greg Stark)
|
|
</para>
|
|
</listitem>
|
|
|
|
<listitem>
|
|
<para>
|
|
Allow <link linkend="SQL-COMMENT">comments</link> on
|
|
columns of tables, views, and composite types only, not other
|
|
relation types such as indexes and <acronym>TOAST</> tables (Tom Lane)
|
|
</para>
|
|
</listitem>
|
|
|
|
<listitem>
|
|
<para>
|
|
Allow the creation of <link
|
|
linkend="SQL-CREATETYPE-enum">enumerated types</link> containing
|
|
no values (Bruce Momjian)
|
|
</para>
|
|
</listitem>
|
|
|
|
<listitem>
|
|
<para>
|
|
Let values of columns having storage type <literal>MAIN</> remain on
|
|
the main heap page unless the row cannot fit on a page (Kevin Grittner)
|
|
</para>
|
|
|
|
<para>
|
|
Previously <literal>MAIN</> values were forced out to <acronym>TOAST</>
|
|
tables until the row size was less than one-quarter of the page size.
|
|
</para>
|
|
</listitem>
|
|
|
|
</itemizedlist>
|
|
|
|
<sect4>
|
|
<title><command>ALTER TABLE</></title>
|
|
|
|
<itemizedlist>
|
|
|
|
<listitem>
|
|
<para>
|
|
Implement <literal>IF EXISTS</> for <literal>ALTER TABLE DROP COLUMN</>
|
|
and <literal>ALTER TABLE DROP CONSTRAINT </> (Andres Freund)
|
|
</para>
|
|
</listitem>
|
|
|
|
<listitem>
|
|
<para>
|
|
Allow <command>ALTER TABLE</> commands that rewrite tables to skip
|
|
<acronym>WAL</> logging (Itagaki Takahiro)
|
|
</para>
|
|
|
|
<para>
|
|
Such operations either produce a new copy of the table or are rolled
|
|
back, so <acronym>WAL</> archiving can be skipped, unless running in
|
|
continuous archiving mode. This reduces I/O overhead and improves
|
|
performance.
|
|
</para>
|
|
</listitem>
|
|
|
|
<listitem>
|
|
<para>
|
|
Fix failure of <literal>ALTER TABLE <replaceable>table</> ADD COLUMN
|
|
<replaceable>col</> serial</literal> when done by non-owner of table
|
|
(Tom Lane)
|
|
</para>
|
|
</listitem>
|
|
|
|
</itemizedlist>
|
|
|
|
</sect4>
|
|
|
|
<sect4>
|
|
<title><link linkend="SQL-CREATETABLE"><command>CREATE TABLE</></link></title>
|
|
|
|
<itemizedlist>
|
|
|
|
<listitem>
|
|
<para>
|
|
Add support for copying <literal>COMMENTS</> and <literal>STORAGE</>
|
|
settings in <command>CREATE TABLE ... LIKE</> commands
|
|
(Itagaki Takahiro)
|
|
</para>
|
|
</listitem>
|
|
|
|
<listitem>
|
|
<para>
|
|
Add a shortcut for copying all properties in <command>CREATE
|
|
TABLE ... LIKE</> commands (Itagaki Takahiro)
|
|
</para>
|
|
</listitem>
|
|
|
|
<listitem>
|
|
<para>
|
|
Add the SQL-standard
|
|
<literal>CREATE TABLE ... OF <replaceable>type</></literal> command
|
|
(Peter Eisentraut)
|
|
</para>
|
|
|
|
<para>
|
|
This allows creation of a table that matches an existing composite
|
|
type. Additional constraints and defaults can be specified in the
|
|
command.
|
|
</para>
|
|
</listitem>
|
|
|
|
</itemizedlist>
|
|
|
|
</sect4>
|
|
|
|
<sect4>
|
|
<title>Constraints</title>
|
|
|
|
<itemizedlist>
|
|
|
|
<listitem>
|
|
<para>
|
|
Add <link linkend="SQL-CREATETABLE-compatibility">deferrable
|
|
unique constraints</link> (Dean Rasheed)
|
|
</para>
|
|
|
|
<para>
|
|
This allows mass updates, such as
|
|
<literal>UPDATE tab SET col = col + 1</>,
|
|
to work reliably
|
|
on columns that have unique indexes or are marked as primary keys.
|
|
If the constraint is specified as <literal>DEFERRABLE</> it will be
|
|
checked at the end of the statement, rather than after each row is
|
|
updated. The constraint check can also be deferred until the end of the
|
|
current transaction, allowing such updates to be spread over multiple
|
|
SQL commands.
|
|
</para>
|
|
</listitem>
|
|
|
|
<listitem>
|
|
<para>
|
|
Add
|
|
<link linkend="ddl-constraints-exclusion">exclusion constraints</link>
|
|
(Jeff Davis)
|
|
</para>
|
|
|
|
<para>
|
|
Exclusion constraints generalize uniqueness constraints by allowing
|
|
arbitrary comparison operators, not just equality. They are created
|
|
with the <link linkend="SQL-CREATETABLE-EXCLUDE"><command>CREATE
|
|
TABLE CONSTRAINT ... EXCLUDE</></link> clause.
|
|
The most common use of exclusion constraints is to specify that column
|
|
entries must not overlap, rather than simply not be equal. This is
|
|
useful for time periods and other ranges, as well as arrays.
|
|
This feature enhances checking of data integrity for many
|
|
calendaring, time-management, and scientific applications.
|
|
</para>
|
|
</listitem>
|
|
|
|
<listitem>
|
|
<para>
|
|
Improve uniqueness-constraint violation error messages to
|
|
report the values causing the failure (Itagaki Takahiro)
|
|
</para>
|
|
|
|
<para>
|
|
For example, a uniqueness constraint violation might now report
|
|
<literal>Key (x)=(2) already exists</>.
|
|
</para>
|
|
</listitem>
|
|
|
|
</itemizedlist>
|
|
|
|
</sect4>
|
|
|
|
<sect4>
|
|
<title>Object Permissions</title>
|
|
|
|
<itemizedlist>
|
|
|
|
<listitem>
|
|
<para>
|
|
Add the ability to make mass permission changes across a whole
|
|
schema using the new <link
|
|
linkend="SQL-GRANT"><command>GRANT</>/<command>REVOKE
|
|
IN SCHEMA</></link> clause (Petr Jelinek)
|
|
</para>
|
|
|
|
<para>
|
|
This simplifies management of object permissions
|
|
and makes it easier to utilize database roles for application
|
|
data security.
|
|
</para>
|
|
</listitem>
|
|
|
|
<listitem>
|
|
<para>
|
|
Add <link linkend="SQL-ALTERDEFAULTPRIVILEGES"><command>ALTER
|
|
DEFAULT PRIVILEGES</></link> command to control privileges
|
|
of objects created later (Petr Jelinek)
|
|
</para>
|
|
|
|
<para>
|
|
This greatly simplifies the assignment of object privileges in a
|
|
complex database application. Default privileges can be set for
|
|
tables, views, sequences, and functions. Defaults may be assigned on a
|
|
per-schema basis, or database-wide.
|
|
</para>
|
|
</listitem>
|
|
|
|
<listitem>
|
|
<para>
|
|
Add the ability to control large object (BLOB) permissions with
|
|
<command>GRANT</>/<command>REVOKE</> (KaiGai Kohei)
|
|
</para>
|
|
|
|
<para>
|
|
Formerly, any database user could read or modify any large object.
|
|
Read and write permissions can now be granted and revoked per
|
|
large object, and the ownership of large objects is tracked.
|
|
</para>
|
|
</listitem>
|
|
|
|
</itemizedlist>
|
|
|
|
</sect4>
|
|
|
|
</sect3>
|
|
|
|
<sect3>
|
|
<title>Utility Operations</title>
|
|
|
|
<itemizedlist>
|
|
|
|
<listitem>
|
|
<para>
|
|
Make <link linkend="SQL-LISTEN"><command>LISTEN</></link>/<link
|
|
linkend="SQL-NOTIFY"><command>NOTIFY</></link> store pending events
|
|
in a memory queue, rather than in a system table (Joachim
|
|
Wieland)
|
|
</para>
|
|
|
|
<para>
|
|
This substantially improves performance, while retaining the existing
|
|
features of transactional support and guaranteed delivery.
|
|
</para>
|
|
</listitem>
|
|
|
|
<listitem>
|
|
<para>
|
|
Allow <link linkend="SQL-NOTIFY"><command>NOTIFY</></link>
|
|
to pass an optional <quote>payload</> string to listeners
|
|
(Joachim Wieland)
|
|
</para>
|
|
|
|
<para>
|
|
This greatly improves the usefulness of
|
|
<command>LISTEN</>/<command>NOTIFY</> as a
|
|
general-purpose event queue system.
|
|
</para>
|
|
</listitem>
|
|
|
|
<listitem>
|
|
<para>
|
|
Allow <link linkend="SQL-CLUSTER"><command>CLUSTER</></link>
|
|
on all per-database system catalogs (Tom Lane)
|
|
</para>
|
|
|
|
<para>
|
|
Shared catalogs still cannot be clustered.
|
|
</para>
|
|
</listitem>
|
|
|
|
</itemizedlist>
|
|
|
|
<sect4>
|
|
<title><link linkend="SQL-COPY"><command>COPY</></link></title>
|
|
|
|
<itemizedlist>
|
|
|
|
<listitem>
|
|
<para>
|
|
Accept <literal>COPY ... CSV FORCE QUOTE *</>
|
|
(Itagaki Takahiro)
|
|
</para>
|
|
|
|
<para>
|
|
Now <literal>*</> can be used as shorthand for <quote>all columns</>
|
|
in the <literal>FORCE QUOTE</> clause.
|
|
</para>
|
|
</listitem>
|
|
|
|
<listitem>
|
|
<para>
|
|
Add new <command>COPY</> syntax that allows options to be
|
|
specified inside parentheses (Robert Haas, Emmanuel Cecchet)
|
|
</para>
|
|
|
|
<para>
|
|
This allows greater flexibility for future <command>COPY</> options.
|
|
The old syntax is still supported, but only for pre-existing options.
|
|
</para>
|
|
</listitem>
|
|
|
|
</itemizedlist>
|
|
|
|
</sect4>
|
|
|
|
<sect4>
|
|
<title><link linkend="SQL-EXPLAIN"><command>EXPLAIN</></link></title>
|
|
|
|
<itemizedlist>
|
|
|
|
<listitem>
|
|
<para>
|
|
Allow <command>EXPLAIN</> to output in <acronym>XML</>,
|
|
<acronym>JSON</>, or <acronym>YAML</> format (Robert Haas, Greg
|
|
Sabino Mullane)
|
|
</para>
|
|
|
|
<para>
|
|
The new output formats are easily machine-readable, supporting the
|
|
development of new tools for analysis of <command>EXPLAIN</> output.
|
|
</para>
|
|
</listitem>
|
|
|
|
<listitem>
|
|
<para>
|
|
Add new <literal>BUFFERS</> option to report query
|
|
buffer usage during <command>EXPLAIN ANALYZE</> (Itagaki Takahiro)
|
|
</para>
|
|
|
|
<para>
|
|
This allows better query profiling for individual queries.
|
|
Buffer usage is no longer reported in the output for <link
|
|
linkend="runtime-config-statistics-monitor">log_statement_stats</link>
|
|
and related settings.
|
|
</para>
|
|
</listitem>
|
|
|
|
<listitem>
|
|
<para>
|
|
Add hash usage information to <command>EXPLAIN</> output (Robert
|
|
Haas)
|
|
</para>
|
|
</listitem>
|
|
|
|
<listitem>
|
|
<para>
|
|
Add new <command>EXPLAIN</> syntax that allows options to be
|
|
specified inside parentheses (Robert Haas)
|
|
</para>
|
|
|
|
<para>
|
|
This allows greater flexibility for future <command>EXPLAIN</> options.
|
|
The old syntax is still supported, but only for pre-existing options.
|
|
</para>
|
|
</listitem>
|
|
|
|
</itemizedlist>
|
|
|
|
</sect4>
|
|
|
|
<sect4>
|
|
<title><link linkend="SQL-VACUUM"><command>VACUUM</></link></title>
|
|
|
|
<itemizedlist>
|
|
|
|
<listitem>
|
|
<para>
|
|
Change <command>VACUUM FULL</> to rewrite the entire table and
|
|
rebuild its indexes, rather than moving individual rows around to
|
|
compact space (Itagaki Takahiro, Tom Lane)
|
|
</para>
|
|
|
|
<para>
|
|
The previous method was usually slower and caused index bloat.
|
|
Note that the new method will use more disk space transiently
|
|
during <command>VACUUM FULL</>; potentially as much as twice
|
|
the space normally occupied by the table and its indexes.
|
|
</para>
|
|
|
|
</listitem>
|
|
|
|
<listitem>
|
|
<para>
|
|
Add new <command>VACUUM</> syntax that allows options to be
|
|
specified inside parentheses (Itagaki Takahiro)
|
|
</para>
|
|
|
|
<para>
|
|
This allows greater flexibility for future <command>VACUUM</> options.
|
|
The old syntax is still supported, but only for pre-existing options.
|
|
</para>
|
|
</listitem>
|
|
|
|
</itemizedlist>
|
|
|
|
</sect4>
|
|
|
|
<sect4>
|
|
<title>Indexes</title>
|
|
|
|
<itemizedlist>
|
|
|
|
<listitem>
|
|
<para>
|
|
Allow an index to be named automatically by omitting the index name in
|
|
<link linkend="SQL-CREATEINDEX"><command>CREATE INDEX</></link>
|
|
(Tom Lane)
|
|
</para>
|
|
</listitem>
|
|
|
|
<listitem>
|
|
<para>
|
|
By default, multicolumn indexes are now named after all their columns;
|
|
and index expression columns are now named based on their expressions
|
|
(Tom Lane)
|
|
</para>
|
|
</listitem>
|
|
|
|
<listitem>
|
|
<para>
|
|
Reindexing shared system catalogs is now fully transactional
|
|
and crash-safe (Tom Lane)
|
|
</para>
|
|
|
|
<para>
|
|
Formerly, reindexing a shared index was only allowed in standalone
|
|
mode, and a crash during the operation could leave the index in
|
|
worse condition than it was before.
|
|
</para>
|
|
</listitem>
|
|
|
|
<listitem>
|
|
<para>
|
|
Add <literal>point_ops</> operator class for <acronym>GiST</>
|
|
(Teodor Sigaev)
|
|
</para>
|
|
|
|
<para>
|
|
This feature permits <acronym>GiST</> indexing of <type>point</>
|
|
columns. The index can be used for several types of queries
|
|
such as <replaceable>point</> <literal><@</> <replaceable>polygon</>
|
|
(point is in polygon). This should make many
|
|
<productname>PostGIS</> queries faster.
|
|
</para>
|
|
</listitem>
|
|
|
|
<listitem>
|
|
<para>
|
|
Use red-black binary trees for <acronym>GIN</> index creation
|
|
(Teodor Sigaev)
|
|
</para>
|
|
|
|
<para>
|
|
Red-black trees are self-balancing. This avoids slowdowns in
|
|
cases where the input is in nonrandom order.
|
|
</para>
|
|
|
|
</listitem>
|
|
|
|
</itemizedlist>
|
|
|
|
</sect4>
|
|
|
|
</sect3>
|
|
|
|
<sect3>
|
|
<title>Data Types</title>
|
|
|
|
<itemizedlist>
|
|
|
|
<listitem>
|
|
<para>
|
|
Allow <link linkend="datatype-binary"><type>bytea</></link> values
|
|
to be written in hex notation (Peter Eisentraut)
|
|
</para>
|
|
|
|
<para>
|
|
The server parameter <link
|
|
linkend="guc-bytea-output"><varname>bytea_output</></link> controls
|
|
whether hex or traditional format is used for <type>bytea</>
|
|
output. Libpq's <function>PQescapeByteaConn()</> function automatically
|
|
uses the hex format when connected to <productname>PostgreSQL</> 9.0
|
|
or newer servers. However, pre-9.0 libpq versions will not
|
|
correctly process hex format from newer servers.
|
|
</para>
|
|
|
|
<para>
|
|
The new hex format will be directly compatible with more applications
|
|
that use binary data, allowing them to store and retrieve it without
|
|
extra conversion. It is also significantly faster to read and write
|
|
than the traditional format.
|
|
</para>
|
|
</listitem>
|
|
|
|
<listitem>
|
|
<para>
|
|
Allow server parameter <link
|
|
linkend="guc-extra-float-digits">extra_float_digits</link>
|
|
to be increased to <literal>3</> (Tom Lane)
|
|
</para>
|
|
|
|
<para>
|
|
The previous maximum <varname>extra_float_digits</> setting was
|
|
<literal>2</>. There are cases where 3 digits are needed to dump and
|
|
restore <type>float4</> values exactly. <application>pg_dump</> will
|
|
now use the setting of 3 when dumping from a server that allows it.
|
|
</para>
|
|
</listitem>
|
|
|
|
<listitem>
|
|
<para>
|
|
Tighten input checking for <type>int2vector</> values (Caleb
|
|
Welton)
|
|
</para>
|
|
</listitem>
|
|
|
|
</itemizedlist>
|
|
|
|
<sect4>
|
|
<title><link linkend="textsearch">Full Text Search</link></title>
|
|
|
|
<itemizedlist>
|
|
|
|
<listitem>
|
|
<para>
|
|
Add prefix support in <literal>synonym</> dictionaries
|
|
(Teodor Sigaev)
|
|
</para>
|
|
</listitem>
|
|
|
|
<listitem>
|
|
<para>
|
|
Add <firstterm>filtering</> dictionaries (Teodor Sigaev)
|
|
</para>
|
|
|
|
<para>
|
|
Filtering dictionaries allow tokens to be modified then passed to
|
|
subsequent dictionaries.
|
|
</para>
|
|
</listitem>
|
|
|
|
<listitem>
|
|
<para>
|
|
Allow underscores in email-address tokens (Teodor Sigaev)
|
|
</para>
|
|
</listitem>
|
|
|
|
<listitem>
|
|
<para>
|
|
Use more standards-compliant rules for parsing <acronym>URL</> tokens
|
|
(Tom Lane)
|
|
</para>
|
|
</listitem>
|
|
|
|
</itemizedlist>
|
|
|
|
</sect4>
|
|
|
|
</sect3>
|
|
|
|
<sect3>
|
|
<title>Functions</title>
|
|
|
|
<itemizedlist>
|
|
|
|
<listitem>
|
|
<para>
|
|
Allow function calls to supply parameter names and match them to named
|
|
parameters in the function definition (Pavel Stehule)
|
|
</para>
|
|
|
|
<para>
|
|
For example, if a function is defined to take parameters <literal>a</>
|
|
and <literal>b</>, it can be called with <literal>func(a := 7, b
|
|
:= 12)</> or <literal>func(b := 12, a := 7)</>.
|
|
</para>
|
|
</listitem>
|
|
|
|
<listitem>
|
|
<para>
|
|
Support locale-specific <link
|
|
linkend="functions-posix-regexp">regular expression</link>
|
|
processing with <acronym>UTF-8</> server encoding (Tom Lane)
|
|
</para>
|
|
|
|
<para>
|
|
Locale-specific regular expression functionality includes
|
|
case-insensitive matching and locale-specific character classes.
|
|
Previously, these features worked correctly for non-<acronym>ASCII</>
|
|
characters only if the database used a single-byte server encoding (such
|
|
as LATIN1). They will still misbehave in multi-byte encodings other
|
|
than <acronym>UTF-8</>.
|
|
</para>
|
|
</listitem>
|
|
|
|
<listitem>
|
|
<para>
|
|
Add support for scientific notation in <link
|
|
linkend="functions-formatting"><function>to_char()</></link>
|
|
(<link linkend="functions-formatting-numeric-table"><literal>EEEE</>
|
|
specification</link>)
|
|
(Pavel Stehule, Brendan Jurd)
|
|
</para>
|
|
</listitem>
|
|
|
|
<listitem>
|
|
<para>
|
|
Make <function>to_char()</> honor <link
|
|
linkend="functions-formatting-datetimemod-table"><literal>FM</></link>
|
|
(fill mode) in <literal>Y</>, <literal>YY</>, and
|
|
<literal>YYY</> specifications (Bruce Momjian, Tom Lane)
|
|
</para>
|
|
|
|
<para>
|
|
It was already honored by <literal>YYYY</>.
|
|
</para>
|
|
</listitem>
|
|
|
|
<listitem>
|
|
<para>
|
|
Fix <function>to_char()</> to output localized numeric and monetary
|
|
strings in the correct encoding on <productname>Windows</>
|
|
(Hiroshi Inoue, Itagaki Takahiro, Bruce Momjian)
|
|
</para>
|
|
</listitem>
|
|
|
|
<listitem>
|
|
<para>
|
|
Correct calculations of <link
|
|
linkend="functions-geometry-op-table"><quote>overlaps</quote></link>
|
|
and <quote>contains</quote> operations for polygons (Teodor Sigaev)
|
|
</para>
|
|
|
|
<para>
|
|
The polygon <literal>&&</> (overlaps) operator formerly just
|
|
checked to see if the two polygons' bounding boxes overlapped. It now
|
|
does a more correct check. The polygon <literal>@></> and
|
|
<literal><@</> (contains/contained by) operators formerly checked
|
|
to see if one polygon's vertexes were all contained in the other;
|
|
this can wrongly report <quote>true</> for some non-convex polygons.
|
|
Now they check that all line segments of one polygon are contained in
|
|
the other.
|
|
</para>
|
|
</listitem>
|
|
|
|
</itemizedlist>
|
|
|
|
<sect4>
|
|
<title>Aggregates</title>
|
|
|
|
<itemizedlist>
|
|
|
|
<listitem>
|
|
<para>
|
|
Allow aggregate functions to use <link
|
|
linkend="syntax-aggregates"><literal>ORDER BY</></link> (Andrew Gierth)
|
|
</para>
|
|
|
|
<para>
|
|
For example, this is now supported: <literal>array_agg(a ORDER BY
|
|
b)</>. This is useful with aggregates for which the order of input
|
|
values is significant, and eliminates the need to use a nonstandard
|
|
subquery to determine the ordering.
|
|
</para>
|
|
</listitem>
|
|
|
|
<listitem>
|
|
<para>
|
|
Multi-argument aggregate functions can now use <literal>DISTINCT</>
|
|
(Andrew Gierth)
|
|
</para>
|
|
</listitem>
|
|
|
|
<listitem>
|
|
<para>
|
|
Add the <link
|
|
linkend="functions-aggregate-table"><function>string_agg()</></link>
|
|
aggregate function to combine values into a single
|
|
string (Pavel Stehule)
|
|
</para>
|
|
</listitem>
|
|
|
|
<listitem>
|
|
<para>
|
|
Aggregate functions that are called with <literal>DISTINCT</> are
|
|
now passed NULL values if the aggregate transition function is
|
|
not marked as <literal>STRICT</> (Andrew Gierth)
|
|
</para>
|
|
|
|
<para>
|
|
For example, <literal>agg(DISTINCT x)</> might pass a NULL <literal>x</>
|
|
value to <function>agg()</>. This is more consistent with the behavior
|
|
in non-<literal>DISTINCT</> cases.
|
|
</para>
|
|
</listitem>
|
|
|
|
</itemizedlist>
|
|
|
|
</sect4>
|
|
|
|
<sect4>
|
|
<title>Bit Strings</title>
|
|
|
|
<itemizedlist>
|
|
|
|
<listitem>
|
|
<para>
|
|
Add <link
|
|
linkend="functions-binarystring-other"><function>get_bit()</></link>
|
|
and <function>set_bit()</> functions for <type>bit</>
|
|
strings, mirroring those for <type>bytea</> (Leonardo
|
|
F)
|
|
</para>
|
|
</listitem>
|
|
|
|
<listitem>
|
|
<para>
|
|
Implement <link
|
|
linkend="functions-string-sql"><function>OVERLAY()</></link>
|
|
(replace) for <type>bit</> strings and <type>bytea</>
|
|
(Leonardo F)
|
|
</para>
|
|
</listitem>
|
|
|
|
</itemizedlist>
|
|
|
|
</sect4>
|
|
|
|
<sect4>
|
|
<title>Object Information Functions</title>
|
|
|
|
<itemizedlist>
|
|
|
|
<listitem>
|
|
<para>
|
|
Add <link
|
|
linkend="functions-admin-dbsize"><function>pg_table_size()</></link>
|
|
and <function>pg_indexes_size()</> to provide a more
|
|
user-friendly interface to the <function>pg_relation_size()</>
|
|
function (Bernd Helmle)
|
|
</para>
|
|
</listitem>
|
|
|
|
<listitem>
|
|
<para>
|
|
Add <link
|
|
linkend="functions-info-access-table"><function>has_sequence_privilege()</></link>
|
|
for sequence permission checking (Abhijit Menon-Sen)
|
|
</para>
|
|
</listitem>
|
|
|
|
<listitem>
|
|
<para>
|
|
Update the <link linkend="information-schema">information_schema</link>
|
|
views to conform to SQL:2008
|
|
(Peter Eisentraut)
|
|
</para>
|
|
</listitem>
|
|
|
|
<listitem>
|
|
<para>
|
|
Make the <literal>information_schema</> views correctly display maximum
|
|
octet lengths for <type>char</> and <type>varchar</> columns (Peter
|
|
Eisentraut)
|
|
</para>
|
|
</listitem>
|
|
|
|
<listitem>
|
|
<para>
|
|
Speed up <literal>information_schema</> privilege views
|
|
(Joachim Wieland)
|
|
</para>
|
|
</listitem>
|
|
|
|
</itemizedlist>
|
|
|
|
</sect4>
|
|
|
|
<sect4>
|
|
<title>Function and Trigger Creation</title>
|
|
|
|
<itemizedlist>
|
|
|
|
<listitem>
|
|
<para>
|
|
Support execution of anonymous code blocks using the <link
|
|
linkend="SQL-DO"><command>DO</></link> statement
|
|
(Petr Jelinek, Joshua Tolley, Hannu Valtonen)
|
|
</para>
|
|
|
|
<para>
|
|
This allows execution of server-side code without the need to create
|
|
and delete a temporary function definition. Code can be executed in
|
|
any language for which the user has permissions to define a function.
|
|
</para>
|
|
</listitem>
|
|
|
|
<listitem>
|
|
<para>
|
|
Implement SQL-standard-compliant <link
|
|
linkend="SQL-CREATETRIGGER">per-column triggers</link>
|
|
(Itagaki Takahiro)
|
|
</para>
|
|
|
|
<para>
|
|
Such triggers are fired only when the specified column(s) are affected
|
|
by the query, e.g. appear in an <command>UPDATE</>'s <literal>SET</>
|
|
list.
|
|
</para>
|
|
</listitem>
|
|
|
|
<listitem>
|
|
<para>
|
|
Add the <literal>WHEN</> clause to <link
|
|
linkend="SQL-CREATETRIGGER"><command>CREATE TRIGGER</></link>
|
|
to allow control over whether a trigger is fired (Itagaki
|
|
Takahiro)
|
|
</para>
|
|
|
|
<para>
|
|
While the same type of check can always be performed inside the
|
|
trigger, doing it in an external <literal>WHEN</> clause can have
|
|
performance benefits.
|
|
</para>
|
|
</listitem>
|
|
|
|
</itemizedlist>
|
|
|
|
</sect4>
|
|
|
|
</sect3>
|
|
|
|
<sect3>
|
|
<title>Server-Side Languages</title>
|
|
|
|
<itemizedlist>
|
|
|
|
<listitem>
|
|
<para>
|
|
Add the <literal>OR REPLACE</> clause to <link
|
|
linkend="SQL-CREATELANGUAGE"><command>CREATE LANGUAGE</></link>
|
|
(Tom Lane)
|
|
</para>
|
|
|
|
<para>
|
|
This is helpful to optionally install a language if it does not
|
|
already exist, and is particularly helpful now that PL/pgSQL is
|
|
installed by default.
|
|
</para>
|
|
</listitem>
|
|
|
|
</itemizedlist>
|
|
|
|
<sect4>
|
|
<title><link linkend="plpgsql">PL/pgSQL</link> Server-Side
|
|
Language</title>
|
|
|
|
<itemizedlist>
|
|
|
|
<listitem>
|
|
<para>
|
|
Install PL/pgSQL by default (Bruce Momjian)
|
|
</para>
|
|
|
|
<para>
|
|
The language can still be removed from a particular database if the
|
|
administrator has security or performance concerns about making it
|
|
available.
|
|
</para>
|
|
</listitem>
|
|
|
|
<listitem>
|
|
<para>
|
|
Improve handling of cases where PL/pgSQL variable names conflict with
|
|
identifiers used in queries within a function
|
|
(Tom Lane)
|
|
</para>
|
|
|
|
<para>
|
|
The default behavior is now to throw an error when there is a conflict,
|
|
so as to avoid surprising behaviors. This can be modified, via the
|
|
configuration parameter <link
|
|
linkend="plpgsql-var-subst"><varname>plpgsql.variable_conflict</></link>
|
|
or the per-function option <literal>#variable_conflict</>, to allow
|
|
either the variable or the query-supplied column to be used. In any
|
|
case PL/pgSQL will no longer attempt to substitute variables in places
|
|
where they would not be syntactically valid.
|
|
</para>
|
|
</listitem>
|
|
|
|
<listitem>
|
|
<para>
|
|
Make PL/pgSQL use the main lexer, rather than its own version
|
|
(Tom Lane)
|
|
</para>
|
|
|
|
<para>
|
|
This ensures accurate tracking of the main system's behavior for details
|
|
such as string escaping. Some user-visible details, such as the set
|
|
of keywords considered reserved in PL/pgSQL, have changed in
|
|
consequence.
|
|
</para>
|
|
</listitem>
|
|
|
|
<listitem>
|
|
<para>
|
|
Avoid throwing an unnecessary error for an invalid record reference
|
|
(Tom Lane)
|
|
</para>
|
|
|
|
<para>
|
|
An error is now thrown only if the reference is actually fetched,
|
|
rather than whenever the enclosing expression is reached. For
|
|
example, many people have tried to do this in triggers:
|
|
<programlisting>
|
|
if TG_OP = 'INSERT' and NEW.col1 = ... then
|
|
</programlisting>
|
|
This will now actually work as expected.
|
|
</para>
|
|
</listitem>
|
|
|
|
<listitem>
|
|
<para>
|
|
Improve PL/pgSQL's ability to handle row types with dropped columns
|
|
(Pavel Stehule)
|
|
</para>
|
|
</listitem>
|
|
|
|
<listitem>
|
|
<para>
|
|
Allow input parameters to be assigned values within
|
|
PL/pgSQL functions (Steve Prentice)
|
|
</para>
|
|
|
|
<para>
|
|
Formerly, input parameters were treated as being declared
|
|
<literal>CONST</>, so the function's code could not change their
|
|
values. This restriction has been removed to simplify
|
|
porting of functions from other DBMSes that do not impose the
|
|
equivalent restriction. An input parameter now acts like a local
|
|
variable initialized to the passed-in value.
|
|
</para>
|
|
</listitem>
|
|
|
|
<listitem>
|
|
<para>
|
|
Improve error location reporting in PL/pgSQL (Tom Lane)
|
|
</para>
|
|
</listitem>
|
|
|
|
<listitem>
|
|
<para>
|
|
Add <replaceable>count</> and <literal>ALL</> options to <command>MOVE
|
|
FORWARD</>/<literal>BACKWARD</> in PL/pgSQL (Pavel Stehule)
|
|
</para>
|
|
</listitem>
|
|
|
|
<listitem>
|
|
<para>
|
|
Allow PL/pgSQL's <literal>WHERE CURRENT OF</> to use a cursor
|
|
variable (Tom Lane)
|
|
</para>
|
|
</listitem>
|
|
|
|
<listitem>
|
|
<para>
|
|
Allow PL/pgSQL's <command>OPEN <replaceable>cursor</> FOR EXECUTE</> to
|
|
use parameters (Pavel Stehule, Itagaki Takahiro)
|
|
</para>
|
|
|
|
<para>
|
|
This is accomplished with a new <literal>USING</> clause.
|
|
</para>
|
|
</listitem>
|
|
|
|
</itemizedlist>
|
|
|
|
</sect4>
|
|
|
|
<sect4>
|
|
<title><link linkend="plperl">PL/Perl</link> Server-Side Language</title>
|
|
|
|
<itemizedlist>
|
|
|
|
<listitem>
|
|
<para>
|
|
Add new PL/Perl functions: <link
|
|
linkend="plperl-utility-functions"><function>quote_literal()</></link>,
|
|
<function>quote_nullable()</>, <function>quote_ident()</>,
|
|
<function>encode_bytea()</>, <function>decode_bytea()</>,
|
|
<function>looks_like_number()</>,
|
|
<function>encode_array_literal()</>,
|
|
<function>encode_array_constructor()</> (Tim Bunce)
|
|
</para>
|
|
</listitem>
|
|
|
|
<listitem>
|
|
<para>
|
|
Add server parameter <link
|
|
linkend="guc-plperl-on-init"><varname>plperl.on_init</></link> to
|
|
specify a PL/Perl initialization function (Tim
|
|
Bunce)
|
|
</para>
|
|
|
|
<para>
|
|
<link
|
|
linkend="guc-plperl-on-plperl-init"><varname>plperl.on_plperl_init</></link>
|
|
and <link
|
|
linkend="guc-plperl-on-plperl-init"><varname>plperl.on_plperlu_init</></link>
|
|
are also available for initialization that is specific to the trusted
|
|
or untrusted language respectively.
|
|
</para>
|
|
</listitem>
|
|
|
|
<listitem>
|
|
<para>
|
|
Support <command>END</> blocks in PL/Perl (Tim Bunce)
|
|
</para>
|
|
|
|
<para>
|
|
<command>END</> blocks do not currently allow database access.
|
|
</para>
|
|
</listitem>
|
|
|
|
<listitem>
|
|
<para>
|
|
Allow <command>use strict</> in PL/Perl (Tim Bunce)
|
|
</para>
|
|
|
|
<para>
|
|
Perl <literal>strict</> checks can also be globally enabled with the
|
|
new server parameter <link
|
|
linkend="guc-plperl-use-strict"><varname>plperl.use_strict</></link>.
|
|
</para>
|
|
</listitem>
|
|
|
|
<listitem>
|
|
<para>
|
|
Allow <command>require</> in PL/Perl (Tim Bunce)
|
|
</para>
|
|
|
|
<para>
|
|
This basically tests to see if the module is loaded, and if not,
|
|
generates an error. It will not allow loading of modules that
|
|
the administrator has not preloaded via the initialization parameters.
|
|
</para>
|
|
</listitem>
|
|
|
|
<listitem>
|
|
<para>
|
|
Allow <command>use feature</> in PL/Perl if Perl version 5.10 or
|
|
later is used (Tim Bunce)
|
|
</para>
|
|
</listitem>
|
|
|
|
<listitem>
|
|
<para>
|
|
Verify that PL/Perl return values are valid in the server encoding
|
|
(Andrew Dunstan)
|
|
</para>
|
|
</listitem>
|
|
|
|
</itemizedlist>
|
|
|
|
</sect4>
|
|
|
|
<sect4>
|
|
<title><link linkend="plpython">PL/Python</link> Server-Side Language</title>
|
|
|
|
<itemizedlist>
|
|
|
|
<listitem>
|
|
<para>
|
|
Add Unicode support in PL/Python (Peter Eisentraut)
|
|
</para>
|
|
|
|
<para>
|
|
Strings are automatically converted from/to the server encoding as
|
|
necessary.
|
|
</para>
|
|
</listitem>
|
|
|
|
<listitem>
|
|
<para>
|
|
Improve <type>bytea</> support in PL/Python (Caleb Welton)
|
|
</para>
|
|
|
|
<para>
|
|
<type>Bytea</> values passed into PL/Python are now represented as
|
|
binary, rather than the PostgreSQL <type>bytea</> text format.
|
|
<type>Bytea</> values containing null bytes are now also output
|
|
properly from PL/Python. Passing of boolean, integer, and float
|
|
values was also improved.
|
|
</para>
|
|
</listitem>
|
|
|
|
<listitem>
|
|
<para>
|
|
Support <link linkend="plpython-arrays">arrays</link> as parameters and
|
|
return values in PL/Python (Peter Eisentraut)
|
|
</para>
|
|
</listitem>
|
|
|
|
<listitem>
|
|
<para>
|
|
Improve mapping of SQL domains to Python types (Peter Eisentraut)
|
|
</para>
|
|
</listitem>
|
|
|
|
<listitem>
|
|
<para>
|
|
Add <application>Python</> 3 support to PL/Python (Peter Eisentraut)
|
|
</para>
|
|
|
|
<para>
|
|
The new server-side language is called <link
|
|
linkend="plpython-python23"><literal>plpython3u</></link>. This
|
|
cannot be used in the same session with the
|
|
<application>Python</> 2 server-side language.
|
|
</para>
|
|
</listitem>
|
|
|
|
<listitem>
|
|
<para>
|
|
Improve error location and exception reporting in PL/Python (Peter Eisentraut)
|
|
</para>
|
|
</listitem>
|
|
|
|
</itemizedlist>
|
|
|
|
</sect4>
|
|
|
|
</sect3>
|
|
|
|
<sect3>
|
|
<title>Client Applications</title>
|
|
|
|
<itemizedlist>
|
|
|
|
<listitem>
|
|
<para>
|
|
Add an <option>--analyze-only</> option to <link
|
|
linkend="APP-VACUUMDB"><command>vacuumdb</></link>, to analyze without
|
|
vacuuming (Bruce Momjian)
|
|
</para>
|
|
</listitem>
|
|
|
|
</itemizedlist>
|
|
|
|
<sect4>
|
|
<title><link linkend="APP-PSQL"><application>psql</></link></title>
|
|
|
|
<itemizedlist>
|
|
|
|
<listitem>
|
|
<para>
|
|
Add support for quoting/escaping the values of <application>psql</>
|
|
<link linkend="APP-PSQL-variables">variables</link> as SQL strings or
|
|
identifiers (Pavel Stehule, Robert Haas)
|
|
</para>
|
|
|
|
<para>
|
|
For example, <literal>:'var'</> will produce the value of
|
|
<literal>var</> quoted and properly escaped as a literal string, while
|
|
<literal>:"var"</> will produce its value quoted and escaped as an
|
|
identifier.
|
|
</para>
|
|
</listitem>
|
|
|
|
<listitem>
|
|
<para>
|
|
Ignore a leading UTF-8-encoded Unicode byte-order marker in
|
|
script files read by <application>psql</> (Itagaki Takahiro)
|
|
</para>
|
|
|
|
<para>
|
|
This is enabled when the client encoding is <acronym>UTF-8</>.
|
|
It improves compatibility with certain editors, mostly on Windows,
|
|
that insist on inserting such markers.
|
|
</para>
|
|
</listitem>
|
|
|
|
<listitem>
|
|
<para>
|
|
Fix <command>psql --file -</> to properly honor <link
|
|
linkend="R1-APP-PSQL-3"><option>--single-transaction</></link>
|
|
(Bruce Momjian)
|
|
</para>
|
|
</listitem>
|
|
|
|
<listitem>
|
|
<para>
|
|
Avoid overwriting of <application>psql</>'s command-line history when
|
|
two <application>psql</> sessions are run concurrently (Tom Lane)
|
|
</para>
|
|
</listitem>
|
|
|
|
<listitem>
|
|
<para>
|
|
Improve <application>psql</>'s tab completion support (Itagaki
|
|
Takahiro)
|
|
</para>
|
|
</listitem>
|
|
|
|
<listitem>
|
|
<para>
|
|
Show <literal>\timing</> output when it is enabled, regardless of
|
|
<quote>quiet</> mode (Peter Eisentraut)
|
|
</para>
|
|
</listitem>
|
|
|
|
</itemizedlist>
|
|
|
|
<sect5>
|
|
<title><application>psql</> Display</title>
|
|
|
|
<itemizedlist>
|
|
|
|
<listitem>
|
|
<para>
|
|
Improve display of wrapped columns in <application>psql</> (Roger
|
|
Leigh)
|
|
</para>
|
|
|
|
<para>
|
|
This behavior is now the default.
|
|
The previous formatting is available by using <command>\pset linestyle
|
|
old-ascii</>.
|
|
</para>
|
|
</listitem>
|
|
|
|
<listitem>
|
|
<para>
|
|
Allow <application>psql</> to use fancy Unicode line-drawing
|
|
characters via <command>\pset linestyle unicode</> (Roger Leigh)
|
|
</para>
|
|
</listitem>
|
|
|
|
</itemizedlist>
|
|
|
|
</sect5>
|
|
|
|
<sect5>
|
|
<title><application>psql</> <link
|
|
linkend="APP-PSQL-meta-commands"><command>\d</></link>
|
|
Commands</title>
|
|
|
|
<itemizedlist>
|
|
|
|
<listitem>
|
|
<para>
|
|
Make <command>\d</> show child tables that inherit from the specified
|
|
parent (Damien Clochard)
|
|
</para>
|
|
|
|
<para>
|
|
<command>\d</> shows only the number of child tables, while
|
|
<command>\d+</> shows the names of all child tables.
|
|
</para>
|
|
</listitem>
|
|
|
|
<listitem>
|
|
<para>
|
|
Show definitions of index columns in <command>\d index_name</>
|
|
(Khee Chin)
|
|
</para>
|
|
|
|
<para>
|
|
The definition is useful for expression indexes.
|
|
</para>
|
|
</listitem>
|
|
|
|
<listitem>
|
|
<para>
|
|
Show a view's defining query only in
|
|
<command>\d+</>, not in <command>\d</> (Peter Eisentraut)
|
|
</para>
|
|
|
|
<para>
|
|
Always including the query was deemed overly verbose.
|
|
</para>
|
|
</listitem>
|
|
|
|
</itemizedlist>
|
|
|
|
</sect5>
|
|
</sect4>
|
|
|
|
<sect4>
|
|
<title><link linkend="APP-PGDUMP"><application>pg_dump</></link></title>
|
|
|
|
<itemizedlist>
|
|
|
|
<listitem>
|
|
<para>
|
|
Make <application>pg_dump</>/<application>pg_restore</>
|
|
<link linkend="pg-dump-options"><option>--clean</></link>
|
|
also remove large objects (Itagaki Takahiro)
|
|
</para>
|
|
</listitem>
|
|
|
|
<listitem>
|
|
<para>
|
|
Fix <application>pg_dump</> to properly dump large objects when
|
|
<literal>standard_conforming_strings</> is enabled (Tom Lane)
|
|
</para>
|
|
|
|
<para>
|
|
The previous coding could fail when dumping to an archive file
|
|
and then generating script output from <application>pg_restore</>.
|
|
</para>
|
|
</listitem>
|
|
|
|
<listitem>
|
|
<para>
|
|
<application>pg_restore</> now emits large-object data in hex format
|
|
when generating script output (Tom Lane)
|
|
</para>
|
|
|
|
<para>
|
|
This could cause compatibility problems if the script is then
|
|
loaded into a pre-9.0 server. To work around that, restore
|
|
directly to the server, instead.
|
|
</para>
|
|
</listitem>
|
|
|
|
<listitem>
|
|
<para>
|
|
Allow <application>pg_dump</> to dump comments attached to columns
|
|
of composite types (Taro Minowa (Higepon))
|
|
</para>
|
|
</listitem>
|
|
|
|
<listitem>
|
|
<para>
|
|
Make <application>pg_dump</> <link
|
|
linkend="pg-dump-options"><option>--verbose</></link>
|
|
output the <application>pg_dump</> and server versions
|
|
in text output mode (Jim Cox, Tom Lane)
|
|
</para>
|
|
|
|
<para>
|
|
These were already provided in custom output mode.
|
|
</para>
|
|
</listitem>
|
|
|
|
<listitem>
|
|
<para>
|
|
<application>pg_restore</> now complains if any command-line arguments
|
|
remain after the switches and optional file name (Tom Lane)
|
|
</para>
|
|
|
|
<para>
|
|
Previously, it silently ignored any such arguments.
|
|
</para>
|
|
</listitem>
|
|
|
|
</itemizedlist>
|
|
|
|
</sect4>
|
|
|
|
<sect4>
|
|
<title><link
|
|
linkend="app-pg-ctl"><application>pg_ctl</></link></title>
|
|
|
|
<itemizedlist>
|
|
|
|
<listitem>
|
|
<para>
|
|
Allow <application>pg_ctl</> to be used safely to start the
|
|
<application>postmaster</> during a system reboot (Tom Lane)
|
|
</para>
|
|
|
|
<para>
|
|
Previously, <application>pg_ctl</>'s parent process could have been
|
|
mistakenly identified as a running <application>postmaster</> based on
|
|
a stale <application>postmaster</> lock file, resulting in a transient
|
|
failure to start the database.
|
|
</para>
|
|
</listitem>
|
|
|
|
<listitem>
|
|
<para>
|
|
Give <application>pg_ctl</> the ability to initialize the database
|
|
(by invoking <application>initdb</>) (Zdenek Kotala)
|
|
</para>
|
|
</listitem>
|
|
|
|
</itemizedlist>
|
|
|
|
</sect4>
|
|
|
|
</sect3>
|
|
|
|
<sect3>
|
|
<title><application>Development Tools</></title>
|
|
|
|
<sect4>
|
|
<title><link linkend="libpq"><application>libpq</></link></title>
|
|
|
|
<itemizedlist>
|
|
|
|
<listitem>
|
|
<para>
|
|
Add new <application>libpq</> functions
|
|
<link
|
|
linkend="libpq-connect"><function>PQconnectdbParams()</></link>
|
|
and <function>PQconnectStartParams()</> (Guillaume
|
|
Lelarge)
|
|
</para>
|
|
|
|
<para>
|
|
These functions are similar to <function>PQconnectdb()</> and
|
|
<function>PQconnectStart()</> except that they accept a null-terminated
|
|
array of connection options, rather than requiring all options to
|
|
be provided in a single string.
|
|
</para>
|
|
</listitem>
|
|
|
|
<listitem>
|
|
<para>
|
|
Add <application>libpq</> functions <link
|
|
linkend="libpq-exec-escape-string"><function>PQescapeLiteral()</></link>
|
|
and <function>PQescapeIdentifier()</> (Robert Haas)
|
|
</para>
|
|
|
|
<para>
|
|
These functions return appropriately quoted and escaped SQL string
|
|
literals and identifiers. The caller is not required to pre-allocate
|
|
the string result, as is required by <function>PQescapeStringConn()</>.
|
|
</para>
|
|
</listitem>
|
|
|
|
<listitem>
|
|
<para>
|
|
Add support for a per-user service file (<link
|
|
linkend="libpq-pgservice"><filename>.pg_service.conf</></link>),
|
|
which is checked before the site-wide service file
|
|
(Peter Eisentraut)
|
|
</para>
|
|
</listitem>
|
|
|
|
<listitem>
|
|
<para>
|
|
Properly report an error if the specified <application>libpq</> service
|
|
cannot be found (Peter Eisentraut)
|
|
</para>
|
|
</listitem>
|
|
|
|
<listitem>
|
|
<para>
|
|
Add <link linkend="libpq-keepalives">TCP keepalive settings</link>
|
|
in libpq (Tollef Fog Heen, Fujii Masao, Robert Haas)
|
|
</para>
|
|
|
|
<para>
|
|
Keepalive settings were already supported on the server end of
|
|
TCP connections.
|
|
</para>
|
|
</listitem>
|
|
|
|
<listitem>
|
|
<para>
|
|
Avoid extra system calls to block and unblock <literal>SIGPIPE</>
|
|
in <application>libpq</>, on platforms that offer alternative methods
|
|
(Jeremy Kerr)
|
|
</para>
|
|
</listitem>
|
|
|
|
<listitem>
|
|
<para>
|
|
When a <link linkend="libpq-pgpass"><filename>.pgpass</></link>-supplied
|
|
password fails, mention where the password came from in the error
|
|
message (Bruce Momjian)
|
|
</para>
|
|
</listitem>
|
|
|
|
<listitem>
|
|
<para>
|
|
Load all SSL certificates given in the client certificate file
|
|
(Tom Lane)
|
|
</para>
|
|
|
|
<para>
|
|
This improves support for indirectly-signed SSL certificates.
|
|
</para>
|
|
</listitem>
|
|
|
|
</itemizedlist>
|
|
|
|
</sect4>
|
|
|
|
<sect4>
|
|
<title><link linkend="ecpg"><application>ecpg</></link></title>
|
|
|
|
<itemizedlist>
|
|
|
|
<listitem>
|
|
<para>
|
|
Add <link linkend="ecpg-descriptors"><acronym>SQLDA</></link>
|
|
(SQL Descriptor Area) support to <application>ecpg</>
|
|
(Boszormenyi Zoltan)
|
|
</para>
|
|
</listitem>
|
|
|
|
<listitem>
|
|
<para>
|
|
Add the <link linkend="ecpg-descriptors"><command>DESCRIBE</>
|
|
[ <literal>OUTPUT</> ]</link> statement to <application>ecpg</>
|
|
(Boszormenyi Zoltan)
|
|
</para>
|
|
</listitem>
|
|
|
|
<listitem>
|
|
<para>
|
|
Add an <link linkend="ecpg-library">ECPGtransactionStatus</link>
|
|
function to return the current transaction status (Bernd Helmle)
|
|
</para>
|
|
</listitem>
|
|
|
|
<listitem>
|
|
<para>
|
|
Add the <literal>string</> data type in <application>ecpg</>
|
|
Informix-compatibility mode (Boszormenyi Zoltan)
|
|
</para>
|
|
</listitem>
|
|
|
|
<listitem>
|
|
<para>
|
|
Allow <application>ecpg</> to use <literal>new</> and <literal>old</>
|
|
variable names without restriction (Michael Meskes)
|
|
</para>
|
|
</listitem>
|
|
|
|
<listitem>
|
|
<para>
|
|
Allow <application>ecpg</> to use variable names in
|
|
<function>free()</> (Michael Meskes)
|
|
</para>
|
|
</listitem>
|
|
|
|
<listitem>
|
|
<para>
|
|
Make <function>ecpg_dynamic_type()</> return zero for non-SQL3 data
|
|
types (Michael Meskes)
|
|
</para>
|
|
|
|
<para>
|
|
Previously it returned the negative of the data type OID.
|
|
This could be confused with valid type OIDs, however.
|
|
</para>
|
|
</listitem>
|
|
|
|
<listitem>
|
|
<para>
|
|
Support <type>long long</> types on platforms that already have 64-bit
|
|
<type>long</> (Michael Meskes)
|
|
</para>
|
|
</listitem>
|
|
|
|
</itemizedlist>
|
|
|
|
<sect5>
|
|
<title><application>ecpg</> Cursors</title>
|
|
|
|
<itemizedlist>
|
|
|
|
<listitem>
|
|
<para>
|
|
Add out-of-scope cursor support in <application>ecpg</>'s native mode
|
|
(Boszormenyi Zoltan)
|
|
</para>
|
|
|
|
<para>
|
|
This allows <command>DECLARE</> to use variables that are not in
|
|
scope when <command>OPEN</> is called. This facility already existed
|
|
in <application>ecpg</>'s Informix-compatibility mode.
|
|
</para>
|
|
</listitem>
|
|
|
|
<listitem>
|
|
<para>
|
|
Allow dynamic cursor names in <application>ecpg</> (Boszormenyi Zoltan)
|
|
</para>
|
|
</listitem>
|
|
|
|
<listitem>
|
|
<para>
|
|
Allow <application>ecpg</> to use noise words <literal>FROM</> and
|
|
<literal>IN</> in <command>FETCH</> and <command>MOVE</> (Boszormenyi
|
|
Zoltan)
|
|
</para>
|
|
</listitem>
|
|
|
|
</itemizedlist>
|
|
|
|
</sect5>
|
|
|
|
</sect4>
|
|
|
|
</sect3>
|
|
|
|
<sect3>
|
|
<title>Build Options</title>
|
|
|
|
<itemizedlist>
|
|
|
|
<listitem>
|
|
<para>
|
|
Enable client thread safety by default (Bruce Momjian)
|
|
</para>
|
|
|
|
<para>
|
|
The thread-safety option can be disabled with <link
|
|
linkend="configure"><literal>configure</></link>
|
|
<option>--disable-thread-safety</>.
|
|
</para>
|
|
</listitem>
|
|
|
|
<listitem>
|
|
<para>
|
|
Add support for controlling the Linux out-of-memory killer
|
|
(Alex Hunsaker, Tom Lane)
|
|
</para>
|
|
|
|
<para>
|
|
Now that <filename>/proc/self/oom_adj</> allows disabling
|
|
of the <productname>Linux</> out-of-memory (<acronym>OOM</>)
|
|
killer, it's recommendable to disable OOM kills for the postmaster.
|
|
It may then be desirable to re-enable OOM kills for the postmaster's
|
|
child processes. The new compile-time option <link
|
|
linkend="linux-memory-overcommit"><literal>LINUX_OOM_ADJ</></link>
|
|
allows the killer to be reactivated for child processes.
|
|
</para>
|
|
</listitem>
|
|
|
|
</itemizedlist>
|
|
|
|
<sect4>
|
|
<title>Makefiles</title>
|
|
|
|
<itemizedlist>
|
|
|
|
<listitem>
|
|
<para>
|
|
New <filename>Makefile</> targets <link
|
|
linkend="build"><literal>world</></link>,
|
|
<literal>install-world</>, and <literal>installcheck-world</>
|
|
(Andrew Dunstan)
|
|
</para>
|
|
|
|
<para>
|
|
These are similar to the existing <literal>all</>, <literal>install</>,
|
|
and <literal>installcheck</> targets, but they also build the
|
|
<acronym>HTML</> documentation, build and test <filename>contrib</>,
|
|
and test server-side languages and <application>ecpg</>.
|
|
</para>
|
|
</listitem>
|
|
|
|
<listitem>
|
|
<para>
|
|
Add data and documentation installation location control to
|
|
<acronym>PGXS</> Makefiles (Mark Cave-Ayland)
|
|
</para>
|
|
</listitem>
|
|
|
|
<listitem>
|
|
<para>
|
|
Add Makefile rules to build the <productname>PostgreSQL</> documentation
|
|
as a single <acronym>HTML</> file or as a single plain-text file
|
|
(Peter Eisentraut, Bruce Momjian)
|
|
</para>
|
|
</listitem>
|
|
|
|
</itemizedlist>
|
|
|
|
</sect4>
|
|
|
|
<sect4>
|
|
<title>Windows</title>
|
|
|
|
<itemizedlist>
|
|
|
|
<listitem>
|
|
<para>
|
|
Support compiling on <link
|
|
linkend="install-windows">64-bit
|
|
<productname>Windows</></link> and running in 64-bit
|
|
mode (Tsutomu Yamada, Magnus Hagander)
|
|
</para>
|
|
|
|
<para>
|
|
This allows for large shared memory sizes on <productname>Windows</>.
|
|
</para>
|
|
</listitem>
|
|
|
|
<listitem>
|
|
<para>
|
|
Support server builds using <link
|
|
linkend="install-windows-full"><productname>Visual Studio
|
|
2008</></link> (Magnus Hagander)
|
|
</para>
|
|
</listitem>
|
|
|
|
</itemizedlist>
|
|
|
|
</sect4>
|
|
|
|
</sect3>
|
|
|
|
<sect3>
|
|
<title>Source Code</title>
|
|
|
|
<itemizedlist>
|
|
|
|
<listitem>
|
|
<para>
|
|
Distribute prebuilt documentation in a subdirectory tree, rather than
|
|
as tar archive files inside the distribution tarball
|
|
(Peter Eisentraut)
|
|
</para>
|
|
|
|
<para>
|
|
For example, the prebuilt <acronym>HTML</> documentation is now in
|
|
<filename>doc/src/sgml/html/</>; the manual pages are packaged
|
|
similarly.
|
|
</para>
|
|
</listitem>
|
|
|
|
<listitem>
|
|
<para>
|
|
Make the server's lexer reentrant (Tom Lane)
|
|
</para>
|
|
|
|
<para>
|
|
This was needed for use of the lexer by PL/pgSQL.
|
|
</para>
|
|
</listitem>
|
|
|
|
<listitem>
|
|
<para>
|
|
Improve speed of memory allocation (Tom Lane, Greg Stark)
|
|
</para>
|
|
</listitem>
|
|
|
|
<listitem>
|
|
<para>
|
|
User-defined constraint triggers now have entries in
|
|
<structname>pg_constraint</> as well as <structname>pg_trigger</>
|
|
(Tom Lane)
|
|
</para>
|
|
|
|
<para>
|
|
Because of this change,
|
|
<structname>pg_constraint</>.<structfield>pgconstrname</> is now
|
|
redundant and has been removed.
|
|
</para>
|
|
</listitem>
|
|
|
|
<listitem>
|
|
<para>
|
|
Add system catalog columns
|
|
<structname>pg_constraint</>.<structfield>conindid</> and
|
|
<structname>pg_trigger</>.<structfield>tgconstrindid</>
|
|
to better document the use of indexes for constraint
|
|
enforcement (Tom Lane)
|
|
</para>
|
|
</listitem>
|
|
|
|
<listitem>
|
|
<para>
|
|
Allow multiple conditions to be communicated to backends using a single
|
|
operating system signal (Fujii Masao)
|
|
</para>
|
|
|
|
<para>
|
|
This allows new features to be added without a platform-specific
|
|
constraint on the number of signal conditions.
|
|
</para>
|
|
</listitem>
|
|
|
|
<listitem>
|
|
<para>
|
|
Improve source code test coverage, including <filename>contrib</>, PL/Python,
|
|
and PL/Perl (Peter Eisentraut, Andrew Dunstan)
|
|
</para>
|
|
</listitem>
|
|
|
|
<listitem>
|
|
<para>
|
|
Remove the use of flat files for system table bootstrapping
|
|
(Tom Lane, Alvaro Herrera)
|
|
</para>
|
|
|
|
<para>
|
|
This improves performance when using many roles or
|
|
databases, and eliminates some possible failure conditions.
|
|
</para>
|
|
</listitem>
|
|
|
|
<listitem>
|
|
<para>
|
|
Automatically generate the initial contents of
|
|
<structname>pg_attribute</> for <quote>bootstrapped</> catalogs
|
|
(John Naylor)
|
|
</para>
|
|
|
|
<para>
|
|
This greatly simplifies changes to these catalogs.
|
|
</para>
|
|
</listitem>
|
|
|
|
<listitem>
|
|
<para>
|
|
Split the processing of
|
|
<command>INSERT</>/<command>UPDATE</>/<command>DELETE</> operations out
|
|
of <filename>execMain.c</> (Marko Tiikkaja)
|
|
</para>
|
|
|
|
<para>
|
|
Updates are now executed in a separate ModifyTable node. This change is
|
|
necessary infrastructure for future improvements.
|
|
</para>
|
|
</listitem>
|
|
|
|
<listitem>
|
|
<para>
|
|
Simplify translation of <application>psql</>'s SQL help text
|
|
(Peter Eisentraut)
|
|
</para>
|
|
</listitem>
|
|
|
|
<listitem>
|
|
<para>
|
|
Reduce the lengths of some file names so that all file paths in the
|
|
distribution tarball are less than 100 characters (Tom Lane)
|
|
</para>
|
|
|
|
<para>
|
|
Some decompression programs have problems with longer file paths.
|
|
</para>
|
|
</listitem>
|
|
|
|
<listitem>
|
|
<para>
|
|
Add a new <link
|
|
linkend="errcodes-table"><literal>ERRCODE_INVALID_PASSWORD</></link>
|
|
<literal>SQLSTATE</> error code (Bruce Momjian)
|
|
</para>
|
|
</listitem>
|
|
|
|
<listitem>
|
|
<para>
|
|
With authors' permissions, remove the few remaining personal source code
|
|
copyright notices (Bruce Momjian)
|
|
</para>
|
|
|
|
<para>
|
|
The personal copyright notices were insignificant but the community
|
|
occasionally had to answer questions about them.
|
|
</para>
|
|
</listitem>
|
|
|
|
<listitem>
|
|
<para>
|
|
Add new documentation <link linkend="non-durability">section</link>
|
|
about running <productname>PostgreSQL</> in non-durable mode
|
|
to improve performance (Bruce Momjian)
|
|
</para>
|
|
</listitem>
|
|
|
|
<listitem>
|
|
<para>
|
|
Restructure the <acronym>HTML</> documentation
|
|
<filename>Makefile</> rules to make their dependency checks work
|
|
correctly, avoiding unnecessary rebuilds (Peter Eisentraut)
|
|
</para>
|
|
</listitem>
|
|
|
|
<listitem>
|
|
<para>
|
|
Use <productname>DocBook</> <acronym>XSL</> stylesheets for man page
|
|
building, rather than <productname>Docbook2X</> (Peter Eisentraut)
|
|
</para>
|
|
|
|
<para>
|
|
This changes the set of tools needed to build the man pages.
|
|
</para>
|
|
</listitem>
|
|
|
|
<listitem>
|
|
<para>
|
|
Improve PL/Perl code structure (Tim Bunce)
|
|
</para>
|
|
</listitem>
|
|
|
|
<listitem>
|
|
<para>
|
|
Improve error context reports in PL/Perl (Alexey Klyukin)
|
|
</para>
|
|
</listitem>
|
|
|
|
</itemizedlist>
|
|
|
|
<sect4>
|
|
<title>New Build Requirements</title>
|
|
|
|
<para>
|
|
Note that these requirements do not apply when building from a
|
|
distribution tarball, since tarballs include the files that these
|
|
programs are used to build.
|
|
</para>
|
|
|
|
<itemizedlist>
|
|
<listitem>
|
|
<para>
|
|
Require <application>Autoconf</> 2.63 to build
|
|
<application>configure</> (Peter Eisentraut)
|
|
</para>
|
|
</listitem>
|
|
|
|
<listitem>
|
|
<para>
|
|
Require <application>Flex</> 2.5.31 or later to build
|
|
from a <acronym>CVS</> checkout (Tom Lane)
|
|
</para>
|
|
</listitem>
|
|
|
|
<listitem>
|
|
<para>
|
|
Require <application>Perl</> version 5.8 or later to build
|
|
from a <acronym>CVS</> checkout (John Naylor, Andrew Dunstan)
|
|
</para>
|
|
</listitem>
|
|
|
|
</itemizedlist>
|
|
|
|
</sect4>
|
|
|
|
<sect4>
|
|
<title>Portability</title>
|
|
|
|
<itemizedlist>
|
|
|
|
<listitem>
|
|
<para>
|
|
Use a more modern <acronym>API</> for <application>Bonjour</> (Tom Lane)
|
|
</para>
|
|
|
|
<para>
|
|
Bonjour support now requires <productname>OS X</> 10.3 or later.
|
|
The older API has been deprecated by Apple.
|
|
</para>
|
|
</listitem>
|
|
|
|
<listitem>
|
|
<para>
|
|
Add spinlock support for the <productname>SuperH</>
|
|
architecture (Nobuhiro Iwamatsu)
|
|
</para>
|
|
</listitem>
|
|
|
|
<listitem>
|
|
<para>
|
|
Allow non-<application>GCC</> compilers to use inline functions if
|
|
they support them (Kurt Harriman)
|
|
</para>
|
|
</listitem>
|
|
|
|
<listitem>
|
|
<para>
|
|
Remove support for platforms that don't have a working 64-bit
|
|
integer data type (Tom Lane)
|
|
</para>
|
|
</listitem>
|
|
|
|
<listitem>
|
|
<para>
|
|
Restructure use of <literal>LDFLAGS</> to be more consistent
|
|
across platforms (Tom Lane)
|
|
</para>
|
|
|
|
<para>
|
|
<literal>LDFLAGS</> is now used for linking both executables and shared
|
|
libraries, and we add on <literal>LDFLAGS_EX</> when linking
|
|
executables, or <literal>LDFLAGS_SL</> when linking shared libraries.
|
|
</para>
|
|
</listitem>
|
|
|
|
</itemizedlist>
|
|
|
|
</sect4>
|
|
|
|
<sect4>
|
|
<title>Server Programming</title>
|
|
|
|
<itemizedlist>
|
|
|
|
<listitem>
|
|
<para>
|
|
Make backend header files safe to include in <productname>C++</>
|
|
(Kurt Harriman, Peter Eisentraut)
|
|
</para>
|
|
|
|
<para>
|
|
These changes remove keyword conflicts that previously made
|
|
<productname>C++</> usage difficult in backend code. However, there
|
|
are still other complexities when using <productname>C++</> for backend
|
|
functions. <literal>extern "C" { }</> is still necessary in
|
|
appropriate places, and memory management and error handling are
|
|
still problematic.
|
|
</para>
|
|
</listitem>
|
|
|
|
<listitem>
|
|
<para>
|
|
Add <link
|
|
linkend="xaggr"><function>AggCheckCallContext()</></link>
|
|
for use in detecting if a <productname>C</> function is
|
|
being called as an aggregate (Hitoshi Harada)
|
|
</para>
|
|
</listitem>
|
|
|
|
<listitem>
|
|
<para>
|
|
Change calling convention for <function>SearchSysCache()</> and related
|
|
functions to avoid hard-wiring the maximum number of cache keys
|
|
(Robert Haas)
|
|
</para>
|
|
|
|
<para>
|
|
Existing calls will still work for the moment, but can be expected to
|
|
break in 9.1 or later if not converted to the new style.
|
|
</para>
|
|
</listitem>
|
|
|
|
<listitem>
|
|
<para>
|
|
Require calls of <function>fastgetattr()</> and
|
|
<function>heap_getattr()</> backend macros to provide a non-NULL fourth
|
|
argument (Robert Haas)
|
|
</para>
|
|
</listitem>
|
|
|
|
<listitem>
|
|
<para>
|
|
Custom typanalyze functions should no longer rely on
|
|
<structname>VacAttrStats</>.<structfield>attr</> to determine the type
|
|
of data they will be passed (Tom Lane)
|
|
</para>
|
|
|
|
<para>
|
|
This was changed to allow collection of statistics on index columns
|
|
for which the storage type is different from the underlying column
|
|
data type. There are new fields that tell the actual datatype being
|
|
analyzed.
|
|
</para>
|
|
</listitem>
|
|
|
|
</itemizedlist>
|
|
|
|
</sect4>
|
|
|
|
<sect4>
|
|
<title>Server Hooks</title>
|
|
|
|
<itemizedlist>
|
|
|
|
<listitem>
|
|
<para>
|
|
Add parser hooks for processing ColumnRef and ParamRef nodes
|
|
(Tom Lane)
|
|
</para>
|
|
</listitem>
|
|
|
|
<listitem>
|
|
<para>
|
|
Add a ProcessUtility hook so loadable modules can control utility
|
|
commands (Itagaki Takahiro)
|
|
</para>
|
|
</listitem>
|
|
|
|
</itemizedlist>
|
|
|
|
</sect4>
|
|
|
|
<sect4>
|
|
<title>Binary Upgrade Support</title>
|
|
|
|
<itemizedlist>
|
|
|
|
<listitem>
|
|
<para>
|
|
Add <link linkend="pgupgrade"><filename>contrib/pg_upgrade</></link>
|
|
to support in-place upgrades (Bruce Momjian)
|
|
</para>
|
|
|
|
<para>
|
|
This avoids the requirement of dumping/reloading the database when
|
|
upgrading to a new major release of PostgreSQL, thus reducing downtime
|
|
by orders of magnitude. It supports upgrades to 9.0
|
|
from PostgreSQL 8.3 and 8.4.
|
|
</para>
|
|
</listitem>
|
|
|
|
<listitem>
|
|
<para>
|
|
Add support for preserving relation <link
|
|
linkend="catalog-pg-class"><structname>relfilenode</></link> values
|
|
during binary upgrades (Bruce Momjian)
|
|
</para>
|
|
</listitem>
|
|
|
|
<listitem>
|
|
<para>
|
|
Add support for preserving <structname>pg_type</>
|
|
and <structname>pg_enum</> OIDs during binary upgrades
|
|
(Bruce Momjian)
|
|
</para>
|
|
</listitem>
|
|
|
|
<listitem>
|
|
<para>
|
|
Move data files within tablespaces into
|
|
<productname>PostgreSQL</>-version-specific subdirectories
|
|
(Bruce Momjian)
|
|
</para>
|
|
|
|
<para>
|
|
This simplifies binary upgrades.
|
|
</para>
|
|
</listitem>
|
|
|
|
</itemizedlist>
|
|
|
|
</sect4>
|
|
|
|
</sect3>
|
|
|
|
<sect3>
|
|
<title>Contrib</title>
|
|
|
|
<itemizedlist>
|
|
|
|
<listitem>
|
|
<para>
|
|
Add multithreading option (<option>-j</>) to <link
|
|
linkend="pgbench"><filename>contrib/pgbench</></link>
|
|
(Itagaki Takahiro)
|
|
</para>
|
|
|
|
<para>
|
|
This allows multiple <acronym>CPU</>s to be used by pgbench,
|
|
reducing the risk of pgbench itself becoming the test bottleneck.
|
|
</para>
|
|
</listitem>
|
|
|
|
<listitem>
|
|
<para>
|
|
Add <command>\shell</> and <command>\setshell</> meta
|
|
commands to <link
|
|
linkend="pgbench"><filename>contrib/pgbench</></link>
|
|
(Michael Paquier)
|
|
</para>
|
|
</listitem>
|
|
|
|
<listitem>
|
|
<para>
|
|
New features for <link
|
|
linkend="dict-xsyn"><filename>contrib/dict_xsyn</></link>
|
|
(Sergey Karpov)
|
|
</para>
|
|
|
|
<para>
|
|
The new options are <literal>matchorig</>, <literal>matchsynonyms</>,
|
|
and <literal>keepsynonyms</>.
|
|
</para>
|
|
</listitem>
|
|
|
|
<listitem>
|
|
<para>
|
|
Add full text dictionary <link
|
|
linkend="unaccent"><filename>contrib/unaccent</></link>
|
|
(Teodor Sigaev)
|
|
</para>
|
|
|
|
<para>
|
|
This filtering dictionary removes accents from letters, which
|
|
makes full-text searches over multiple languages much easier.
|
|
</para>
|
|
</listitem>
|
|
|
|
<listitem>
|
|
<para>
|
|
Add <link
|
|
linkend="CONTRIB-DBLINK-GET-NOTIFY"><function>dblink_get_notify()</></link>
|
|
to <filename>contrib/dblink</> (Marcus Kempe)
|
|
</para>
|
|
|
|
<para>
|
|
This allows asynchronous notifications in <productname>dblink</>.
|
|
</para>
|
|
</listitem>
|
|
|
|
<listitem>
|
|
<para>
|
|
Improve <filename>contrib/dblink</>'s handling of dropped columns
|
|
(Tom Lane)
|
|
</para>
|
|
|
|
<para>
|
|
This affects <link
|
|
linkend="CONTRIB-DBLINK-BUILD-SQL-INSERT"><function>dblink_build_sql_insert()</></link>
|
|
and related functions. These functions now number columns according
|
|
to logical not physical column numbers.
|
|
</para>
|
|
</listitem>
|
|
|
|
<listitem>
|
|
<para>
|
|
Greatly increase <link
|
|
linkend="hstore"><filename>contrib/hstore</></link>'s data
|
|
length limit, and add B-tree and hash support so <literal>GROUP
|
|
BY</> and <literal>DISTINCT</> operations are possible on
|
|
<type>hstore</> columns (Andrew Gierth)
|
|
</para>
|
|
|
|
<para>
|
|
New functions and operators were also added. These improvements
|
|
make <type>hstore</> a full-function key-value store embedded in
|
|
<productname>PostgreSQL</>.
|
|
</para>
|
|
</listitem>
|
|
|
|
<listitem>
|
|
<para>
|
|
Add <link
|
|
linkend="passwordcheck"><filename>contrib/passwordcheck</></link>
|
|
to support site-specific password strength policies (Laurenz
|
|
Albe)
|
|
</para>
|
|
|
|
<para>
|
|
The source code of this module should be modified to implement
|
|
site-specific password policies.
|
|
</para>
|
|
</listitem>
|
|
|
|
<listitem>
|
|
<para>
|
|
Add <link
|
|
linkend="pgarchivecleanup"><filename>contrib/pg_archivecleanup</></link>
|
|
tool (Simon Riggs)
|
|
</para>
|
|
|
|
<para>
|
|
This is designed to be used in the
|
|
<literal>archive_cleanup_command</literal>
|
|
server parameter, to remove no-longer-needed archive files.
|
|
</para>
|
|
</listitem>
|
|
|
|
<listitem>
|
|
<para>
|
|
Add query text to <link
|
|
linkend="auto-explain"><filename>contrib/auto_explain</></link>
|
|
output (Andrew Dunstan)
|
|
</para>
|
|
</listitem>
|
|
|
|
<listitem>
|
|
<para>
|
|
Add buffer access counters to <link
|
|
linkend="pgstatstatements"><filename>contrib/pg_stat_statements</></link>
|
|
(Itagaki Takahiro)
|
|
</para>
|
|
</listitem>
|
|
|
|
<listitem>
|
|
<para>
|
|
Update <link
|
|
linkend="server-start"><filename>contrib/start-scripts/linux</></link>
|
|
to use <filename>/proc/self/oom_adj</> to disable the
|
|
<link linkend="linux-memory-overcommit"><productname>Linux</>
|
|
out-of-memory</link> (<acronym>OOM</>) killer (Alex
|
|
Hunsaker, Tom Lane)
|
|
</para>
|
|
</listitem>
|
|
|
|
</itemizedlist>
|
|
|
|
</sect3>
|
|
</sect2>
|
|
</sect1>
|