rdelaage
/
postgresql
mirror of https://git.postgresql.org/git/postgresql.git
1
0
Fork 0
Code Issues Packages Projects Releases Wiki Activity
postgresql/doc/src/sgml/release-8.4.sgml

10081 lines
269 KiB
Plaintext
Raw Blame History

<!-- doc/src/sgml/release-8.4.sgml -->
<!-- See header comment in release.sgml about typical markup -->
<sect1 id="release-8-4-22">
<title>Release 8.4.22</title>
<note>
<title>Release Date</title>
<simpara>2014-07-24</simpara>
</note>
<para>
This release contains a variety of fixes from 8.4.21.
For information about new features in the 8.4 major release, see
<xref linkend="release-8-4">.
</para>
<para>
This is expected to be the last <productname>PostgreSQL</> release
in the 8.4.X series. Users are encouraged to update to a newer
release branch soon.
</para>
<sect2>
<title>Migration to Version 8.4.22</title>
<para>
A dump/restore is not required for those running 8.4.X.
</para>
<para>
However, this release corrects an index corruption problem in some GiST
indexes. See the first changelog entry below to find out whether your
installation has been affected and what steps you should take if so.
</para>
<para>
Also, if you are upgrading from a version earlier than 8.4.19,
see <xref linkend="release-8-4-19">.
</para>
</sect2>
<sect2>
<title>Changes</title>
<itemizedlist>
<listitem>
<para>
Correctly initialize padding bytes in <filename>contrib/btree_gist</>
indexes on <type>bit</> columns (Heikki Linnakangas)
</para>
<para>
This error could result in incorrect query results due to values that
should compare equal not being seen as equal.
Users with GiST indexes on <type>bit</> or <type>bit varying</>
columns should <command>REINDEX</> those indexes after installing this
update.
</para>
</listitem>
<listitem>
<para>
Protect against torn pages when deleting GIN list pages (Heikki
Linnakangas)
</para>
<para>
This fix prevents possible index corruption if a system crash occurs
while the page update is being written to disk.
</para>
</listitem>
<listitem>
<para>
Fix possibly-incorrect cache invalidation during nested calls
to <function>ReceiveSharedInvalidMessages</> (Andres Freund)
</para>
</listitem>
<listitem>
<para>
Don't assume a subquery's output is unique if there's a set-returning
function in its targetlist (David Rowley)
</para>
<para>
This oversight could lead to misoptimization of constructs
like <literal>WHERE x IN (SELECT y, generate_series(1,10) FROM t GROUP
BY y)</literal>.
</para>
</listitem>
<listitem>
<para>
Fix failure to detoast fields in composite elements of structured
types (Tom Lane)
</para>
<para>
This corrects cases where TOAST pointers could be copied into other
tables without being dereferenced. If the original data is later
deleted, it would lead to errors like <quote>missing chunk number 0
for toast value ...</> when the now-dangling pointer is used.
</para>
</listitem>
<listitem>
<para>
Fix <quote>record type has not been registered</> failures with
whole-row references to the output of Append plan nodes (Tom Lane)
</para>
</listitem>
<listitem>
<para>
Fix possible crash when invoking a user-defined function while
rewinding a cursor (Tom Lane)
</para>
</listitem>
<listitem>
<para>
Fix query-lifespan memory leak while evaluating the arguments for a
function in <literal>FROM</> (Tom Lane)
</para>
</listitem>
<listitem>
<para>
Fix session-lifespan memory leaks in regular-expression processing
(Tom Lane, Arthur O'Dwyer, Greg Stark)
</para>
</listitem>
<listitem>
<para>
Fix data encoding error in <filename>hungarian.stop</> (Tom Lane)
</para>
</listitem>
<listitem>
<para>
Fix liveness checks for rows that were inserted in the current
transaction and then deleted by a now-rolled-back subtransaction
(Andres Freund)
</para>
<para>
This could cause problems (at least spurious warnings, and at worst an
infinite loop) if <command>CREATE INDEX</> or <command>CLUSTER</> were
done later in the same transaction.
</para>
</listitem>
<listitem>
<para>
Clear <structname>pg_stat_activity</>.<structfield>xact_start</>
during <command>PREPARE TRANSACTION</> (Andres Freund)
</para>
<para>
After the <command>PREPARE</>, the originating session is no longer in
a transaction, so it should not continue to display a transaction
start time.
</para>
</listitem>
<listitem>
<para>
Fix <command>REASSIGN OWNED</> to not fail for text search objects
(&Aacute;lvaro Herrera)
</para>
</listitem>
<listitem>
<para>
Block signals during postmaster startup (Tom Lane)
</para>
<para>
This ensures that the postmaster will properly clean up after itself
if, for example, it receives <systemitem>SIGINT</> while still
starting up.
</para>
</listitem>
<listitem>
<para>
Secure Unix-domain sockets of temporary postmasters started during
<literal>make check</> (Noah Misch)
</para>
<para>
Any local user able to access the socket file could connect as the
server's bootstrap superuser, then proceed to execute arbitrary code as
the operating-system user running the test, as we previously noted in
CVE-2014-0067. This change defends against that risk by placing the
server's socket in a temporary, mode 0700 subdirectory
of <filename>/tmp</>. The hazard remains however on platforms where
Unix sockets are not supported, notably Windows, because then the
temporary postmaster must accept local TCP connections.
</para>
<para>
A useful side effect of this change is to simplify
<literal>make check</> testing in builds that
override <literal>DEFAULT_PGSOCKET_DIR</>. Popular non-default values
like <filename>/var/run/postgresql</> are often not writable by the
build user, requiring workarounds that will no longer be necessary.
</para>
</listitem>
<listitem>
<para>
On Windows, allow new sessions to absorb values of PGC_BACKEND
parameters (such as <xref linkend="guc-log-connections">) from the
configuration file (Amit Kapila)
</para>
<para>
Previously, if such a parameter were changed in the file post-startup,
the change would have no effect.
</para>
</listitem>
<listitem>
<para>
Properly quote executable path names on Windows (Nikhil Deshpande)
</para>
<para>
This oversight could cause <application>initdb</>
and <application>pg_upgrade</> to fail on Windows, if the installation
path contained both spaces and <literal>@</> signs.
</para>
</listitem>
<listitem>
<para>
Fix linking of <application>libpython</> on OS X (Tom Lane)
</para>
<para>
The method we previously used can fail with the Python library
supplied by Xcode 5.0 and later.
</para>
</listitem>
<listitem>
<para>
Avoid buffer bloat in <application>libpq</> when the server
consistently sends data faster than the client can absorb it
(Shin-ichi Morita, Tom Lane)
</para>
<para>
<application>libpq</> could be coerced into enlarging its input buffer
until it runs out of memory (which would be reported misleadingly
as <quote>lost synchronization with server</>). Under ordinary
circumstances it's quite far-fetched that data could be continuously
transmitted more quickly than the <function>recv()</> loop can
absorb it, but this has been observed when the client is artificially
slowed by scheduler constraints.
</para>
</listitem>
<listitem>
<para>
Ensure that LDAP lookup attempts in <application>libpq</> time out as
intended (Laurenz Albe)
</para>
</listitem>
<listitem>
<para>
Fix <application>pg_restore</>'s processing of old-style large object
comments (Tom Lane)
</para>
<para>
A direct-to-database restore from an archive file generated by a
pre-9.0 version of <application>pg_dump</> would usually fail if the
archive contained more than a few comments for large objects.
</para>
</listitem>
<listitem>
<para>
In <filename>contrib/pgcrypto</> functions, ensure sensitive
information is cleared from stack variables before returning
(Marko Kreen)
</para>
</listitem>
<listitem>
<para>
In <filename>contrib/uuid-ossp</>, cache the state of the OSSP UUID
library across calls (Tom Lane)
</para>
<para>
This improves the efficiency of UUID generation and reduces the amount
of entropy drawn from <filename>/dev/urandom</>, on platforms that
have that.
</para>
</listitem>
<listitem>
<para>
Update time zone data files to <application>tzdata</> release 2014e
for DST law changes in Crimea, Egypt, and Morocco.
</para>
</listitem>
</itemizedlist>
</sect2>
</sect1>
<sect1 id="release-8-4-21">
<title>Release 8.4.21</title>
<note>
<title>Release Date</title>
<simpara>2014-03-20</simpara>
</note>
<para>
This release contains a variety of fixes from 8.4.20.
For information about new features in the 8.4 major release, see
<xref linkend="release-8-4">.
</para>
<para>
The <productname>PostgreSQL</> community will stop releasing updates
for the 8.4.X release series in July 2014.
Users are encouraged to update to a newer release branch soon.
</para>
<sect2>
<title>Migration to Version 8.4.21</title>
<para>
A dump/restore is not required for those running 8.4.X.
</para>
<para>
However, if you are upgrading from a version earlier than 8.4.19,
see <xref linkend="release-8-4-19">.
</para>
</sect2>
<sect2>
<title>Changes</title>
<itemizedlist>
<listitem>
<para>
Restore GIN metapages unconditionally to avoid torn-page risk
(Heikki Linnakangas)
</para>
<para>
Although this oversight could theoretically result in a corrupted
index, it is unlikely to have caused any problems in practice, since
the active part of a GIN metapage is smaller than a standard 512-byte
disk sector.
</para>
</listitem>
<listitem>
<para>
Allow regular-expression operators to be terminated early by query
cancel requests (Tom Lane)
</para>
<para>
This prevents scenarios wherein a pathological regular expression
could lock up a server process uninterruptably for a long time.
</para>
</listitem>
<listitem>
<para>
Remove incorrect code that tried to allow <literal>OVERLAPS</> with
single-element row arguments (Joshua Yanovski)
</para>
<para>
This code never worked correctly, and since the case is neither
specified by the SQL standard nor documented, it seemed better to
remove it than fix it.
</para>
</listitem>
<listitem>
<para>
Avoid getting more than <literal>AccessShareLock</> when de-parsing a
rule or view (Dean Rasheed)
</para>
<para>
This oversight resulted in <application>pg_dump</> unexpectedly
acquiring <literal>RowExclusiveLock</> locks on tables mentioned as
the targets of <literal>INSERT</>/<literal>UPDATE</>/<literal>DELETE</>
commands in rules. While usually harmless, that could interfere with
concurrent transactions that tried to acquire, for example,
<literal>ShareLock</> on those tables.
</para>
</listitem>
<listitem>
<para>
Prevent interrupts while reporting non-<literal>ERROR</> messages
(Tom Lane)
</para>
<para>
This guards against rare server-process freezeups due to recursive
entry to <function>syslog()</>, and perhaps other related problems.
</para>
</listitem>
<listitem>
<para>
Update time zone data files to <application>tzdata</> release 2014a
for DST law changes in Fiji and Turkey, plus historical changes in
Israel and Ukraine.
</para>
</listitem>
</itemizedlist>
</sect2>
</sect1>
<sect1 id="release-8-4-20">
<title>Release 8.4.20</title>
<note>
<title>Release Date</title>
<simpara>2014-02-20</simpara>
</note>
<para>
This release contains a variety of fixes from 8.4.19.
For information about new features in the 8.4 major release, see
<xref linkend="release-8-4">.
</para>
<para>
The <productname>PostgreSQL</> community will stop releasing updates
for the 8.4.X release series in July 2014.
Users are encouraged to update to a newer release branch soon.
</para>
<sect2>
<title>Migration to Version 8.4.20</title>
<para>
A dump/restore is not required for those running 8.4.X.
</para>
<para>
However, if you are upgrading from a version earlier than 8.4.19,
see <xref linkend="release-8-4-19">.
</para>
</sect2>
<sect2>
<title>Changes</title>
<itemizedlist>
<listitem>
<para>
Shore up <literal>GRANT ... WITH ADMIN OPTION</> restrictions
(Noah Misch)
</para>
<para>
Granting a role without <literal>ADMIN OPTION</> is supposed to
prevent the grantee from adding or removing members from the granted
role, but this restriction was easily bypassed by doing <literal>SET
ROLE</> first. The security impact is mostly that a role member can
revoke the access of others, contrary to the wishes of his grantor.
Unapproved role member additions are a lesser concern, since an
uncooperative role member could provide most of his rights to others
anyway by creating views or <literal>SECURITY DEFINER</> functions.
(CVE-2014-0060)
</para>
</listitem>
<listitem>
<para>
Prevent privilege escalation via manual calls to PL validator
functions (Andres Freund)
</para>
<para>
The primary role of PL validator functions is to be called implicitly
during <command>CREATE FUNCTION</>, but they are also normal SQL
functions that a user can call explicitly. Calling a validator on
a function actually written in some other language was not checked
for and could be exploited for privilege-escalation purposes.
The fix involves adding a call to a privilege-checking function in
each validator function. Non-core procedural languages will also
need to make this change to their own validator functions, if any.
(CVE-2014-0061)
</para>
</listitem>
<listitem>
<para>
Avoid multiple name lookups during table and index DDL
(Robert Haas, Andres Freund)
</para>
<para>
If the name lookups come to different conclusions due to concurrent
activity, we might perform some parts of the DDL on a different table
than other parts. At least in the case of <command>CREATE INDEX</>,
this can be used to cause the permissions checks to be performed
against a different table than the index creation, allowing for a
privilege escalation attack.
(CVE-2014-0062)
</para>
</listitem>
<listitem>
<para>
Prevent buffer overrun with long datetime strings (Noah Misch)
</para>
<para>
The <literal>MAXDATELEN</> constant was too small for the longest
possible value of type <type>interval</>, allowing a buffer overrun
in <function>interval_out()</>. Although the datetime input
functions were more careful about avoiding buffer overrun, the limit
was short enough to cause them to reject some valid inputs, such as
input containing a very long timezone name. The <application>ecpg</>
library contained these vulnerabilities along with some of its own.
(CVE-2014-0063)
</para>
</listitem>
<listitem>
<para>
Prevent buffer overrun due to integer overflow in size calculations
(Noah Misch, Heikki Linnakangas)
</para>
<para>
Several functions, mostly type input functions, calculated an
allocation size without checking for overflow. If overflow did
occur, a too-small buffer would be allocated and then written past.
(CVE-2014-0064)
</para>
</listitem>
<listitem>
<para>
Prevent overruns of fixed-size buffers
(Peter Eisentraut, Jozef Mlich)
</para>
<para>
Use <function>strlcpy()</> and related functions to provide a clear
guarantee that fixed-size buffers are not overrun. Unlike the
preceding items, it is unclear whether these cases really represent
live issues, since in most cases there appear to be previous
constraints on the size of the input string. Nonetheless it seems
prudent to silence all Coverity warnings of this type.
(CVE-2014-0065)
</para>
</listitem>
<listitem>
<para>
Avoid crashing if <function>crypt()</> returns NULL (Honza Horak,
Bruce Momjian)
</para>
<para>
There are relatively few scenarios in which <function>crypt()</>
could return NULL, but <filename>contrib/chkpass</> would crash
if it did. One practical case in which this could be an issue is
if <application>libc</> is configured to refuse to execute unapproved
hashing algorithms (e.g., <quote>FIPS mode</>).
(CVE-2014-0066)
</para>
</listitem>
<listitem>
<para>
Document risks of <literal>make check</> in the regression testing
instructions (Noah Misch, Tom Lane)
</para>
<para>
Since the temporary server started by <literal>make check</>
uses <quote>trust</> authentication, another user on the same machine
could connect to it as database superuser, and then potentially
exploit the privileges of the operating-system user who started the
tests. A future release will probably incorporate changes in the
testing procedure to prevent this risk, but some public discussion is
needed first. So for the moment, just warn people against using
<literal>make check</> when there are untrusted users on the
same machine.
(CVE-2014-0067)
</para>
</listitem>
<listitem>
<para>
Fix possible mis-replay of WAL records when some segments of a
relation aren't full size (Greg Stark, Tom Lane)
</para>
<para>
The WAL update could be applied to the wrong page, potentially many
pages past where it should have been. Aside from corrupting data,
this error has been observed to result in significant <quote>bloat</>
of standby servers compared to their masters, due to updates being
applied far beyond where the end-of-file should have been. This
failure mode does not appear to be a significant risk during crash
recovery, only when initially synchronizing a standby created from a
base backup taken from a quickly-changing master.
</para>
</listitem>
<listitem>
<para>
Ensure that insertions into non-leaf GIN index pages write a full-page
WAL record when appropriate (Heikki Linnakangas)
</para>
<para>
The previous coding risked index corruption in the event of a
partial-page write during a system crash.
</para>
</listitem>
<listitem>
<para>
Fix race conditions during server process exit (Robert Haas)
</para>
<para>
Ensure that signal handlers don't attempt to use the
process's <varname>MyProc</> pointer after it's no longer valid.
</para>
</listitem>
<listitem>
<para>
Fix unsafe references to <varname>errno</> within error reporting
logic (Christian Kruse)
</para>
<para>
This would typically lead to odd behaviors such as missing or
inappropriate <literal>HINT</> fields.
</para>
</listitem>
<listitem>
<para>
Fix possible crashes from using <function>ereport()</> too early
during server startup (Tom Lane)
</para>
<para>
The principal case we've seen in the field is a crash if the server
is started in a directory it doesn't have permission to read.
</para>
</listitem>
<listitem>
<para>
Clear retry flags properly in OpenSSL socket write
function (Alexander Kukushkin)
</para>
<para>
This omission could result in a server lockup after unexpected loss
of an SSL-encrypted connection.
</para>
</listitem>
<listitem>
<para>
Fix length checking for Unicode identifiers (<literal>U&amp;"..."</>
syntax) containing escapes (Tom Lane)
</para>
<para>
A spurious truncation warning would be printed for such identifiers
if the escaped form of the identifier was too long, but the
identifier actually didn't need truncation after de-escaping.
</para>
</listitem>
<listitem>
<para>
Fix possible crash due to invalid plan for nested sub-selects, such
as <literal>WHERE (... x IN (SELECT ...) ...) IN (SELECT ...)</>
(Tom Lane)
</para>
</listitem>
<listitem>
<para>
Ensure that <command>ANALYZE</> creates statistics for a table column
even when all the values in it are <quote>too wide</> (Tom Lane)
</para>
<para>
<command>ANALYZE</> intentionally omits very wide values from its
histogram and most-common-values calculations, but it neglected to do
something sane in the case that all the sampled entries are too wide.
</para>
</listitem>
<listitem>
<para>
In <literal>ALTER TABLE ... SET TABLESPACE</>, allow the database's
default tablespace to be used without a permissions check
(Stephen Frost)
</para>
<para>
<literal>CREATE TABLE</> has always allowed such usage,
but <literal>ALTER TABLE</> didn't get the memo.
</para>
</listitem>
<listitem>
<para>
Fix <quote>cannot accept a set</> error when some arms of
a <literal>CASE</> return a set and others don't (Tom Lane)
</para>
</listitem>
<listitem>
<para>
Fix checks for all-zero client addresses in pgstat functions (Kevin
Grittner)
</para>
</listitem>
<listitem>
<para>
Fix possible misclassification of multibyte characters by the text
search parser (Tom Lane)
</para>
<para>
Non-ASCII characters could be misclassified when using C locale with
a multibyte encoding. On Cygwin, non-C locales could fail as well.
</para>
</listitem>
<listitem>
<para>
Fix possible misbehavior in <function>plainto_tsquery()</>
(Heikki Linnakangas)
</para>
<para>
Use <function>memmove()</> not <function>memcpy()</> for copying
overlapping memory regions. There have been no field reports of
this actually causing trouble, but it's certainly risky.
</para>
</listitem>
<listitem>
<para>
Accept <literal>SHIFT_JIS</> as an encoding name for locale checking
purposes (Tatsuo Ishii)
</para>
</listitem>
<listitem>
<para>
Fix misbehavior of <function>PQhost()</> on Windows (Fujii Masao)
</para>
<para>
It should return <literal>localhost</> if no host has been specified.
</para>
</listitem>
<listitem>
<para>
Improve error handling in <application>libpq</> and <application>psql</>
for failures during <literal>COPY TO STDOUT/FROM STDIN</> (Tom Lane)
</para>
<para>
In particular this fixes an infinite loop that could occur in 9.2 and
up if the server connection was lost during <literal>COPY FROM
STDIN</>. Variants of that scenario might be possible in older
versions, or with other client applications.
</para>
</listitem>
<listitem>
<para>
Fix misaligned descriptors in <application>ecpg</> (MauMau)
</para>
</listitem>
<listitem>
<para>
In <application>ecpg</>, handle lack of a hostname in the connection
parameters properly (Michael Meskes)
</para>
</listitem>
<listitem>
<para>
Fix performance regression in <filename>contrib/dblink</> connection
startup (Joe Conway)
</para>
<para>
Avoid an unnecessary round trip when client and server encodings match.
</para>
</listitem>
<listitem>
<para>
In <filename>contrib/isn</>, fix incorrect calculation of the check
digit for ISMN values (Fabien Coelho)
</para>
</listitem>
<listitem>
<para>
Ensure client-code-only installation procedure works as documented
(Peter Eisentraut)
</para>
</listitem>
<listitem>
<para>
In Mingw and Cygwin builds, install the <application>libpq</> DLL
in the <filename>bin</> directory (Andrew Dunstan)
</para>
<para>
This duplicates what the MSVC build has long done. It should fix
problems with programs like <application>psql</> failing to start
because they can't find the DLL.
</para>
</listitem>
<listitem>
<para>
Don't generate plain-text <filename>HISTORY</>
and <filename>src/test/regress/README</> files anymore (Tom Lane)
</para>
<para>
These text files duplicated the main HTML and PDF documentation
formats. The trouble involved in maintaining them greatly outweighs
the likely audience for plain-text format. Distribution tarballs
will still contain files by these names, but they'll just be stubs
directing the reader to consult the main documentation.
The plain-text <filename>INSTALL</> file will still be maintained, as
there is arguably a use-case for that.
</para>
</listitem>
<listitem>
<para>
Update time zone data files to <application>tzdata</> release 2013i
for DST law changes in Jordan and historical changes in Cuba.
</para>
<para>
In addition, the zones <literal>Asia/Riyadh87</>,
<literal>Asia/Riyadh88</>, and <literal>Asia/Riyadh89</> have been
removed, as they are no longer maintained by IANA, and never
represented actual civil timekeeping practice.
</para>
</listitem>
</itemizedlist>
</sect2>
</sect1>
<sect1 id="release-8-4-19">
<title>Release 8.4.19</title>
<note>
<title>Release Date</title>
<simpara>2013-12-05</simpara>
</note>
<para>
This release contains a variety of fixes from 8.4.18.
For information about new features in the 8.4 major release, see
<xref linkend="release-8-4">.
</para>
<sect2>
<title>Migration to Version 8.4.19</title>
<para>
A dump/restore is not required for those running 8.4.X.
</para>
<para>
However, this release corrects a potential data corruption
issue. See the first changelog entry below to find out whether
your installation has been affected and what steps you can take if so.
</para>
<para>
Also, if you are upgrading from a version earlier than 8.4.17,
see <xref linkend="release-8-4-17">.
</para>
</sect2>
<sect2>
<title>Changes</title>
<itemizedlist>
<listitem>
<para>
Fix <command>VACUUM</>'s tests to see whether it can
update <structfield>relfrozenxid</> (Andres Freund)
</para>
<para>
In some cases <command>VACUUM</> (either manual or autovacuum) could
incorrectly advance a table's <structfield>relfrozenxid</> value,
allowing tuples to escape freezing, causing those rows to become
invisible once 2^31 transactions have elapsed. The probability of
data loss is fairly low since multiple incorrect advancements would
need to happen before actual loss occurs, but it's not zero. Users
upgrading from release 8.4.8 or earlier are not affected, but all later
versions contain the bug.
</para>
<para>
The issue can be ameliorated by, after upgrading, vacuuming all tables
in all databases while having <link
linkend="guc-vacuum-freeze-table-age"><varname>vacuum_freeze_table_age</></link>
set to zero. This will fix any latent corruption but will not be able
to fix all pre-existing data errors. However, an installation can be
presumed safe after performing this vacuuming if it has executed fewer
than 2^31 update transactions in its lifetime (check this with
<literal>SELECT txid_current() < 2^31</>).
</para>
</listitem>
<listitem>
<para>
Fix race condition in GIN index posting tree page deletion (Heikki
Linnakangas)
</para>
<para>
This could lead to transient wrong answers or query failures.
</para>
</listitem>
<listitem>
<para>
Avoid flattening a subquery whose <literal>SELECT</> list contains a
volatile function wrapped inside a sub-<literal>SELECT</> (Tom Lane)
</para>
<para>
This avoids unexpected results due to extra evaluations of the
volatile function.
</para>
</listitem>
<listitem>
<para>
Fix planner's processing of non-simple-variable subquery outputs
nested within outer joins (Tom Lane)
</para>
<para>
This error could lead to incorrect plans for queries involving
multiple levels of subqueries within <literal>JOIN</> syntax.
</para>
</listitem>
<listitem>
<para>
Fix premature deletion of temporary files (Andres Freund)
</para>
</listitem>
<listitem>
<para>
Fix possible read past end of memory in rule printing (Peter Eisentraut)
</para>
</listitem>
<listitem>
<para>
Fix array slicing of <type>int2vector</> and <type>oidvector</> values
(Tom Lane)
</para>
<para>
Expressions of this kind are now implicitly promoted to
regular <type>int2</> or <type>oid</> arrays.
</para>
</listitem>
<listitem>
<para>
Fix incorrect behaviors when using a SQL-standard, simple GMT offset
timezone (Tom Lane)
</para>
<para>
In some cases, the system would use the simple GMT offset value when
it should have used the regular timezone setting that had prevailed
before the simple offset was selected. This change also causes
the <function>timeofday</> function to honor the simple GMT offset
zone.
</para>
</listitem>
<listitem>
<para>
Prevent possible misbehavior when logging translations of Windows
error codes (Tom Lane)
</para>
</listitem>
<listitem>
<para>
Properly quote generated command lines in <application>pg_ctl</>
(Naoya Anzai and Tom Lane)
</para>
<para>
This fix applies only to Windows.
</para>
</listitem>
<listitem>
<para>
Fix <application>pg_dumpall</> to work when a source database
sets <link
linkend="guc-default-transaction-read-only"><varname>default_transaction_read_only</></link>
via <command>ALTER DATABASE SET</> (Kevin Grittner)
</para>
<para>
Previously, the generated script would fail during restore.
</para>
</listitem>
<listitem>
<para>
Fix <application>ecpg</>'s processing of lists of variables
declared <type>varchar</> (Zolt&aacute;n B&ouml;sz&ouml;rm&eacute;nyi)
</para>
</listitem>
<listitem>
<para>
Make <filename>contrib/lo</> defend against incorrect trigger definitions
(Marc Cousin)
</para>
</listitem>
<listitem>
<para>
Update time zone data files to <application>tzdata</> release 2013h
for DST law changes in Argentina, Brazil, Jordan, Libya,
Liechtenstein, Morocco, and Palestine. Also, new timezone
abbreviations WIB, WIT, WITA for Indonesia.
</para>
</listitem>
</itemizedlist>
</sect2>
</sect1>
<sect1 id="release-8-4-18">
<title>Release 8.4.18</title>
<note>
<title>Release Date</title>
<simpara>2013-10-10</simpara>
</note>
<para>
This release contains a variety of fixes from 8.4.17.
For information about new features in the 8.4 major release, see
<xref linkend="release-8-4">.
</para>
<sect2>
<title>Migration to Version 8.4.18</title>
<para>
A dump/restore is not required for those running 8.4.X.
</para>
<para>
However, if you are upgrading from a version earlier than 8.4.17,
see <xref linkend="release-8-4-17">.
</para>
</sect2>
<sect2>
<title>Changes</title>
<itemizedlist>
<listitem>
<para>
Prevent corruption of multi-byte characters when attempting to
case-fold identifiers (Andrew Dunstan)
</para>
<para>
<productname>PostgreSQL</> case-folds non-ASCII characters only
when using a single-byte server encoding.
</para>
</listitem>
<listitem>
<para>
Fix memory leak caused by <function>lo_open()</function> failure
(Heikki Linnakangas)
</para>
</listitem>
<listitem>
<para>
Fix memory overcommit bug when <varname>work_mem</> is using more
than 24GB of memory (Stephen Frost)
</para>
</listitem>
<listitem>
<para>
Fix deadlock bug in libpq when using SSL (Stephen Frost)
</para>
</listitem>
<listitem>
<para>
Properly compute row estimates for boolean columns containing many NULL
values (Andrew Gierth)
</para>
<para>
Previously tests like <literal>col IS NOT TRUE</> and <literal>col IS
NOT FALSE</> did not properly factor in NULL values when estimating
plan costs.
</para>
</listitem>
<listitem>
<para>
Prevent pushing down <literal>WHERE</> clauses into unsafe
<literal>UNION/INTERSECT</> subqueries (Tom Lane)
</para>
<para>
Subqueries of a <literal>UNION</> or <literal>INTERSECT</> that
contain set-returning functions or volatile functions in their
<literal>SELECT</> lists could be improperly optimized, leading to
run-time errors or incorrect query results.
</para>
</listitem>
<listitem>
<para>
Fix rare case of <quote>failed to locate grouping columns</>
planner failure (Tom Lane)
</para>
</listitem>
<listitem>
<para>
Improve view dumping code's handling of dropped columns in referenced
tables (Tom Lane)
</para>
</listitem>
<listitem>
<para>
Fix possible deadlock during concurrent <command>CREATE INDEX
CONCURRENTLY</> operations (Tom Lane)
</para>
</listitem>
<listitem>
<para>
Fix <function>regexp_matches()</> handling of zero-length matches
(Jeevan Chalke)
</para>
<para>
Previously, zero-length matches like '^' could return too many matches.
</para>
</listitem>
<listitem>
<para>
Fix crash for overly-complex regular expressions (Heikki Linnakangas)
</para>
</listitem>
<listitem>
<para>
Fix regular expression match failures for back references combined with
non-greedy quantifiers (Jeevan Chalke)
</para>
</listitem>
<listitem>
<para>
Prevent <command>CREATE FUNCTION</> from checking <command>SET</>
variables unless function body checking is enabled (Tom Lane)
</para>
</listitem>
<listitem>
<para>
Fix <function>pgp_pub_decrypt()</> so it works for secret keys with
passwords (Marko Kreen)
</para>
</listitem>
<listitem>
<para>
Remove rare inaccurate warning during vacuum of index-less tables
(Heikki Linnakangas)
</para>
</listitem>
<listitem>
<para>
Avoid possible failure when performing transaction control commands (e.g
<command>ROLLBACK</>) in prepared queries (Tom Lane)
</para>
</listitem>
<listitem>
<para>
Ensure that floating-point data input accepts standard spellings
of <quote>infinity</> on all platforms (Tom Lane)
</para>
<para>
The C99 standard says that allowable spellings are <literal>inf</>,
<literal>+inf</>, <literal>-inf</>, <literal>infinity</>,
<literal>+infinity</>, and <literal>-infinity</>. Make sure we
recognize these even if the platform's <function>strtod</> function
doesn't.
</para>
</listitem>
<listitem>
<para>
Expand ability to compare rows to records and arrays (Rafal Rzepecki,
Tom Lane)
</para>
</listitem>
<listitem>
<para>
Update time zone data files to <application>tzdata</> release 2013d
for DST law changes in Israel, Morocco, Palestine, and Paraguay.
Also, historical zone data corrections for Macquarie Island.
</para>
</listitem>
</itemizedlist>
</sect2>
</sect1>
<sect1 id="release-8-4-17">
<title>Release 8.4.17</title>
<note>
<title>Release Date</title>
<simpara>2013-04-04</simpara>
</note>
<para>
This release contains a variety of fixes from 8.4.16.
For information about new features in the 8.4 major release, see
<xref linkend="release-8-4">.
</para>
<sect2>
<title>Migration to Version 8.4.17</title>
<para>
A dump/restore is not required for those running 8.4.X.
</para>
<para>
However, this release corrects several errors in management of GiST
indexes. After installing this update, it is advisable to
<command>REINDEX</> any GiST indexes that meet one or more of the
conditions described below.
</para>
<para>
Also, if you are upgrading from a version earlier than 8.4.10,
see <xref linkend="release-8-4-10">.
</para>
</sect2>
<sect2>
<title>Changes</title>
<itemizedlist>
<listitem>
<para>
Reset OpenSSL randomness state in each postmaster child process
(Marko Kreen)
</para>
<para>
This avoids a scenario wherein random numbers generated by
<filename>contrib/pgcrypto</> functions might be relatively easy for
another database user to guess. The risk is only significant when
the postmaster is configured with <varname>ssl</> = <literal>on</>
but most connections don't use SSL encryption. (CVE-2013-1900)
</para>
</listitem>
<listitem>
<para>
Fix GiST indexes to not use <quote>fuzzy</> geometric comparisons when
it's not appropriate to do so (Alexander Korotkov)
</para>
<para>
The core geometric types perform comparisons using <quote>fuzzy</>
equality, but <function>gist_box_same</> must do exact comparisons,
else GiST indexes using it might become inconsistent. After installing
this update, users should <command>REINDEX</> any GiST indexes on
<type>box</>, <type>polygon</>, <type>circle</>, or <type>point</>
columns, since all of these use <function>gist_box_same</>.
</para>
</listitem>
<listitem>
<para>
Fix erroneous range-union and penalty logic in GiST indexes that use
<filename>contrib/btree_gist</> for variable-width data types, that is
<type>text</>, <type>bytea</>, <type>bit</>, and <type>numeric</>
columns (Tom Lane)
</para>
<para>
These errors could result in inconsistent indexes in which some keys
that are present would not be found by searches, and also in useless
index bloat. Users are advised to <command>REINDEX</> such indexes
after installing this update.
</para>
</listitem>
<listitem>
<para>
Fix bugs in GiST page splitting code for multi-column indexes
(Tom Lane)
</para>
<para>
These errors could result in inconsistent indexes in which some keys
that are present would not be found by searches, and also in indexes
that are unnecessarily inefficient to search. Users are advised to
<command>REINDEX</> multi-column GiST indexes after installing this
update.
</para>
</listitem>
<listitem>
<para>
Fix infinite-loop risk in regular expression compilation (Tom Lane,
Don Porter)
</para>
</listitem>
<listitem>
<para>
Fix potential null-pointer dereference in regular expression compilation
(Tom Lane)
</para>
</listitem>
<listitem>
<para>
Fix <function>to_char()</> to use ASCII-only case-folding rules where
appropriate (Tom Lane)
</para>
<para>
This fixes misbehavior of some template patterns that should be
locale-independent, but mishandled <quote><literal>I</></quote> and
<quote><literal>i</></quote> in Turkish locales.
</para>
</listitem>
<listitem>
<para>
Fix unwanted rejection of timestamp <literal>1999-12-31 24:00:00</>
(Tom Lane)
</para>
</listitem>
<listitem>
<para>
Remove useless <quote>picksplit doesn't support secondary split</> log
messages (Josh Hansen, Tom Lane)
</para>
<para>
This message seems to have been added in expectation of code that was
never written, and probably never will be, since GiST's default
handling of secondary splits is actually pretty good. So stop nagging
end users about it.
</para>
</listitem>
<listitem>
<para>
Fix possible failure to send a session's last few transaction
commit/abort counts to the statistics collector (Tom Lane)
</para>
</listitem>
<listitem>
<para>
Eliminate memory leaks in PL/Perl's <function>spi_prepare()</> function
(Alex Hunsaker, Tom Lane)
</para>
</listitem>
<listitem>
<para>
Fix <application>pg_dumpall</> to handle database names containing
<quote><literal>=</></quote> correctly (Heikki Linnakangas)
</para>
</listitem>
<listitem>
<para>
Avoid crash in <application>pg_dump</> when an incorrect connection
string is given (Heikki Linnakangas)
</para>
</listitem>
<listitem>
<para>
Ignore invalid indexes in <application>pg_dump</> (Michael Paquier)
</para>
<para>
Dumping invalid indexes can cause problems at restore time, for example
if the reason the index creation failed was because it tried to enforce
a uniqueness condition not satisfied by the table's data. Also, if the
index creation is in fact still in progress, it seems reasonable to
consider it to be an uncommitted DDL change, which
<application>pg_dump</> wouldn't be expected to dump anyway.
</para>
</listitem>
<listitem>
<para>
Fix <filename>contrib/pg_trgm</>'s <function>similarity()</> function
to return zero for trigram-less strings (Tom Lane)
</para>
<para>
Previously it returned <literal>NaN</> due to internal division by zero.
</para>
</listitem>
<listitem>
<para>
Update time zone data files to <application>tzdata</> release 2013b
for DST law changes in Chile, Haiti, Morocco, Paraguay, and some
Russian areas. Also, historical zone data corrections for numerous
places.
</para>
<para>
Also, update the time zone abbreviation files for recent changes in
Russia and elsewhere: <literal>CHOT</>, <literal>GET</>,
<literal>IRKT</>, <literal>KGT</>, <literal>KRAT</>, <literal>MAGT</>,
<literal>MAWT</>, <literal>MSK</>, <literal>NOVT</>, <literal>OMST</>,
<literal>TKT</>, <literal>VLAT</>, <literal>WST</>, <literal>YAKT</>,
<literal>YEKT</> now follow their current meanings, and
<literal>VOLT</> (Europe/Volgograd) and <literal>MIST</>
(Antarctica/Macquarie) are added to the default abbreviations list.
</para>
</listitem>
</itemizedlist>
</sect2>
</sect1>
<sect1 id="release-8-4-16">
<title>Release 8.4.16</title>
<note>
<title>Release Date</title>
<simpara>2013-02-07</simpara>
</note>
<para>
This release contains a variety of fixes from 8.4.15.
For information about new features in the 8.4 major release, see
<xref linkend="release-8-4">.
</para>
<sect2>
<title>Migration to Version 8.4.16</title>
<para>
A dump/restore is not required for those running 8.4.X.
</para>
<para>
However, if you are upgrading from a version earlier than 8.4.10,
see <xref linkend="release-8-4-10">.
</para>
</sect2>
<sect2>
<title>Changes</title>
<itemizedlist>
<listitem>
<para>
Prevent execution of <function>enum_recv</> from SQL (Tom Lane)
</para>
<para>
The function was misdeclared, allowing a simple SQL command to crash the
server. In principle an attacker might be able to use it to examine the
contents of server memory. Our thanks to Sumit Soni (via Secunia SVCRP)
for reporting this issue. (CVE-2013-0255)
</para>
</listitem>
<listitem>
<para>
Update minimum recovery point when truncating a relation file (Heikki
Linnakangas)
</para>
<para>
Once data has been discarded, it's no longer safe to stop recovery at
an earlier point in the timeline.
</para>
</listitem>
<listitem>
<para>
Fix SQL grammar to allow subscripting or field selection from a
sub-SELECT result (Tom Lane)
</para>
</listitem>
<listitem>
<para>
Protect against race conditions when scanning
<structname>pg_tablespace</> (Stephen Frost, Tom Lane)
</para>
<para>
<command>CREATE DATABASE</> and <command>DROP DATABASE</> could
misbehave if there were concurrent updates of
<structname>pg_tablespace</> entries.
</para>
</listitem>
<listitem>
<para>
Prevent <command>DROP OWNED</> from trying to drop whole databases or
tablespaces (&Aacute;lvaro Herrera)
</para>
<para>
For safety, ownership of these objects must be reassigned, not dropped.
</para>
</listitem>
<listitem>
<para>
Fix error in <link
linkend="guc-vacuum-freeze-table-age"><varname>vacuum_freeze_table_age</></link>
implementation (Andres Freund)
</para>
<para>
In installations that have existed for more than <link
linkend="guc-vacuum-freeze-min-age"><varname>vacuum_freeze_min_age</></link>
transactions, this mistake prevented autovacuum from using partial-table
scans, so that a full-table scan would always happen instead.
</para>
</listitem>
<listitem>
<para>
Prevent misbehavior when a <symbol>RowExpr</> or <symbol>XmlExpr</>
is parse-analyzed twice (Andres Freund, Tom Lane)
</para>
<para>
This mistake could be user-visible in contexts such as
<literal>CREATE TABLE LIKE INCLUDING INDEXES</>.
</para>
</listitem>
<listitem>
<para>
Improve defenses against integer overflow in hashtable sizing
calculations (Jeff Davis)
</para>
</listitem>
<listitem>
<para>
Reject out-of-range dates in <function>to_date()</> (Hitoshi Harada)
</para>
</listitem>
<listitem>
<para>
Ensure that non-ASCII prompt strings are translated to the correct
code page on Windows (Alexander Law, Noah Misch)
</para>
<para>
This bug affected <application>psql</> and some other client programs.
</para>
</listitem>
<listitem>
<para>
Fix possible crash in <application>psql</>'s <command>\?</> command
when not connected to a database (Meng Qingzhong)
</para>
</listitem>
<listitem>
<para>
Fix one-byte buffer overrun in <application>libpq</>'s
<function>PQprintTuples</> (Xi Wang)
</para>
<para>
This ancient function is not used anywhere by
<productname>PostgreSQL</> itself, but it might still be used by some
client code.
</para>
</listitem>
<listitem>
<para>
Make <application>ecpglib</> use translated messages properly
(Chen Huajun)
</para>
</listitem>
<listitem>
<para>
Properly install <application>ecpg_compat</> and
<application>pgtypes</> libraries on MSVC (Jiang Guiqing)
</para>
</listitem>
<listitem>
<para>
Rearrange configure's tests for supplied functions so it is not
fooled by bogus exports from libedit/libreadline (Christoph Berg)
</para>
</listitem>
<listitem>
<para>
Ensure Windows build number increases over time (Magnus Hagander)
</para>
</listitem>
<listitem>
<para>
Make <application>pgxs</> build executables with the right
<literal>.exe</> suffix when cross-compiling for Windows
(Zoltan Boszormenyi)
</para>
</listitem>
<listitem>
<para>
Add new timezone abbreviation <literal>FET</> (Tom Lane)
</para>
<para>
This is now used in some eastern-European time zones.
</para>
</listitem>
</itemizedlist>
</sect2>
</sect1>
<sect1 id="release-8-4-15">
<title>Release 8.4.15</title>
<note>
<title>Release Date</title>
<simpara>2012-12-06</simpara>
</note>
<para>
This release contains a variety of fixes from 8.4.14.
For information about new features in the 8.4 major release, see
<xref linkend="release-8-4">.
</para>
<sect2>
<title>Migration to Version 8.4.15</title>
<para>
A dump/restore is not required for those running 8.4.X.
</para>
<para>
However, if you are upgrading from a version earlier than 8.4.10,
see <xref linkend="release-8-4-10">.
</para>
</sect2>
<sect2>
<title>Changes</title>
<itemizedlist>
<listitem>
<para>
Fix multiple bugs associated with <command>CREATE INDEX
CONCURRENTLY</> (Andres Freund, Tom Lane)
</para>
<para>
Fix <command>CREATE INDEX CONCURRENTLY</> to use
in-place updates when changing the state of an index's
<structname>pg_index</> row. This prevents race conditions that could
cause concurrent sessions to miss updating the target index, thus
resulting in corrupt concurrently-created indexes.
</para>
<para>
Also, fix various other operations to ensure that they ignore
invalid indexes resulting from a failed <command>CREATE INDEX
CONCURRENTLY</> command. The most important of these is
<command>VACUUM</>, because an auto-vacuum could easily be launched
on the table before corrective action can be taken to fix or remove
the invalid index.
</para>
</listitem>
<listitem>
<para>
Avoid corruption of internal hash tables when out of memory
(Hitoshi Harada)
</para>
</listitem>
<listitem>
<para>
Fix planning of non-strict equivalence clauses above outer joins
(Tom Lane)
</para>
<para>
The planner could derive incorrect constraints from a clause equating
a non-strict construct to something else, for example
<literal>WHERE COALESCE(foo, 0) = 0</>
when <literal>foo</> is coming from the nullable side of an outer join.
</para>
</listitem>
<listitem>
<para>
Improve planner's ability to prove exclusion constraints from
equivalence classes (Tom Lane)
</para>
</listitem>
<listitem>
<para>
Fix partial-row matching in hashed subplans to handle cross-type cases
correctly (Tom Lane)
</para>
<para>
This affects multicolumn <literal>NOT IN</> subplans, such as
<literal>WHERE (a, b) NOT IN (SELECT x, y FROM ...)</>
when for instance <literal>b</> and <literal>y</> are <type>int4</>
and <type>int8</> respectively. This mistake led to wrong answers
or crashes depending on the specific datatypes involved.
</para>
</listitem>
<listitem>
<para>
Acquire buffer lock when re-fetching the old tuple for an
<literal>AFTER ROW UPDATE/DELETE</> trigger (Andres Freund)
</para>
<para>
In very unusual circumstances, this oversight could result in passing
incorrect data to the precheck logic for a foreign-key enforcement
trigger. That could result in a crash, or in an incorrect decision
about whether to fire the trigger.
</para>
</listitem>
<listitem>
<para>
Fix <command>ALTER COLUMN TYPE</> to handle inherited check
constraints properly (Pavan Deolasee)
</para>
<para>
This worked correctly in pre-8.4 releases, and now works correctly
in 8.4 and later.
</para>
</listitem>
<listitem>
<para>
Fix <command>REASSIGN OWNED</> to handle grants on tablespaces
(&Aacute;lvaro Herrera)
</para>
</listitem>
<listitem>
<para>
Ignore incorrect <structname>pg_attribute</> entries for system
columns for views (Tom Lane)
</para>
<para>
Views do not have any system columns. However, we forgot to
remove such entries when converting a table to a view. That's fixed
properly for 9.3 and later, but in previous branches we need to defend
against existing mis-converted views.
</para>
</listitem>
<listitem>
<para>
Fix rule printing to dump <literal>INSERT INTO <replaceable>table</>
DEFAULT VALUES</literal> correctly (Tom Lane)
</para>
</listitem>
<listitem>
<para>
Guard against stack overflow when there are too many
<literal>UNION</>/<literal>INTERSECT</>/<literal>EXCEPT</> clauses
in a query (Tom Lane)
</para>
</listitem>
<listitem>
<para>
Prevent platform-dependent failures when dividing the minimum possible
integer value by -1 (Xi Wang, Tom Lane)
</para>
</listitem>
<listitem>
<para>
Fix possible access past end of string in date parsing
(Hitoshi Harada)
</para>
</listitem>
<listitem>
<para>
Produce an understandable error message if the length of the path name
for a Unix-domain socket exceeds the platform-specific limit
(Tom Lane, Andrew Dunstan)
</para>
<para>
Formerly, this would result in something quite unhelpful, such as
<quote>Non-recoverable failure in name resolution</>.
</para>
</listitem>
<listitem>
<para>
Fix memory leaks when sending composite column values to the client
(Tom Lane)
</para>
</listitem>
<listitem>
<para>
Make <application>pg_ctl</> more robust about reading the
<filename>postmaster.pid</> file (Heikki Linnakangas)
</para>
<para>
Fix race conditions and possible file descriptor leakage.
</para>
</listitem>
<listitem>
<para>
Fix possible crash in <application>psql</> if incorrectly-encoded data
is presented and the <varname>client_encoding</> setting is a
client-only encoding, such as SJIS (Jiang Guiqing)
</para>
</listitem>
<listitem>
<para>
Fix bugs in the <filename>restore.sql</> script emitted by
<application>pg_dump</> in <literal>tar</> output format (Tom Lane)
</para>
<para>
The script would fail outright on tables whose names include
upper-case characters. Also, make the script capable of restoring
data in <option>--inserts</> mode as well as the regular COPY mode.
</para>
</listitem>
<listitem>
<para>
Fix <application>pg_restore</> to accept POSIX-conformant
<literal>tar</> files (Brian Weaver, Tom Lane)
</para>
<para>
The original coding of <application>pg_dump</>'s <literal>tar</>
output mode produced files that are not fully conformant with the
POSIX standard. This has been corrected for version 9.3. This
patch updates previous branches so that they will accept both the
incorrect and the corrected formats, in hopes of avoiding
compatibility problems when 9.3 comes out.
</para>
</listitem>
<listitem>
<para>
Fix <application>pg_resetxlog</> to locate <filename>postmaster.pid</>
correctly when given a relative path to the data directory (Tom Lane)
</para>
<para>
This mistake could lead to <application>pg_resetxlog</> not noticing
that there is an active postmaster using the data directory.
</para>
</listitem>
<listitem>
<para>
Fix <application>libpq</>'s <function>lo_import()</> and
<function>lo_export()</> functions to report file I/O errors properly
(Tom Lane)
</para>
</listitem>
<listitem>
<para>
Fix <application>ecpg</>'s processing of nested structure pointer
variables (Muhammad Usama)
</para>
</listitem>
<listitem>
<para>
Make <filename>contrib/pageinspect</>'s btree page inspection
functions take buffer locks while examining pages (Tom Lane)
</para>
</listitem>
<listitem>
<para>
Fix <application>pgxs</> support for building loadable modules on AIX
(Tom Lane)
</para>
<para>
Building modules outside the original source tree didn't work on AIX.
</para>
</listitem>
<listitem>
<para>
Update time zone data files to <application>tzdata</> release 2012j
for DST law changes in Cuba, Israel, Jordan, Libya, Palestine, Western
Samoa, and portions of Brazil.
</para>
</listitem>
</itemizedlist>
</sect2>
</sect1>
<sect1 id="release-8-4-14">
<title>Release 8.4.14</title>
<note>
<title>Release Date</title>
<simpara>2012-09-24</simpara>
</note>
<para>
This release contains a variety of fixes from 8.4.13.
For information about new features in the 8.4 major release, see
<xref linkend="release-8-4">.
</para>
<sect2>
<title>Migration to Version 8.4.14</title>
<para>
A dump/restore is not required for those running 8.4.X.
</para>
<para>
However, if you are upgrading from a version earlier than 8.4.10,
see <xref linkend="release-8-4-10">.
</para>
</sect2>
<sect2>
<title>Changes</title>
<itemizedlist>
<listitem>
<para>
Fix planner's assignment of executor parameters, and fix executor's
rescan logic for CTE plan nodes (Tom Lane)
</para>
<para>
These errors could result in wrong answers from queries that scan the
same <literal>WITH</> subquery multiple times.
</para>
</listitem>
<listitem>
<para>
Improve page-splitting decisions in GiST indexes (Alexander Korotkov,
Robert Haas, Tom Lane)
</para>
<para>
Multi-column GiST indexes might suffer unexpected bloat due to this
error.
</para>
</listitem>
<listitem>
<para>
Fix cascading privilege revoke to stop if privileges are still held
(Tom Lane)
</para>
<para>
If we revoke a grant option from some role <replaceable>X</>, but
<replaceable>X</> still holds that option via a grant from someone
else, we should not recursively revoke the corresponding privilege
from role(s) <replaceable>Y</> that <replaceable>X</> had granted it
to.
</para>
</listitem>
<listitem>
<para>
Fix handling of <literal>SIGFPE</> when PL/Perl is in use (Andres Freund)
</para>
<para>
Perl resets the process's <literal>SIGFPE</> handler to
<literal>SIG_IGN</>, which could result in crashes later on. Restore
the normal Postgres signal handler after initializing PL/Perl.
</para>
</listitem>
<listitem>
<para>
Prevent PL/Perl from crashing if a recursive PL/Perl function is
redefined while being executed (Tom Lane)
</para>
</listitem>
<listitem>
<para>
Work around possible misoptimization in PL/Perl (Tom Lane)
</para>
<para>
Some Linux distributions contain an incorrect version of
<filename>pthread.h</> that results in incorrect compiled code in
PL/Perl, leading to crashes if a PL/Perl function calls another one
that throws an error.
</para>
</listitem>
<listitem>
<para>
Update time zone data files to <application>tzdata</> release 2012f
for DST law changes in Fiji
</para>
</listitem>
</itemizedlist>
</sect2>
</sect1>
<sect1 id="release-8-4-13">
<title>Release 8.4.13</title>
<note>
<title>Release Date</title>
<simpara>2012-08-17</simpara>
</note>
<para>
This release contains a variety of fixes from 8.4.12.
For information about new features in the 8.4 major release, see
<xref linkend="release-8-4">.
</para>
<sect2>
<title>Migration to Version 8.4.13</title>
<para>
A dump/restore is not required for those running 8.4.X.
</para>
<para>
However, if you are upgrading from a version earlier than 8.4.10,
see <xref linkend="release-8-4-10">.
</para>
</sect2>
<sect2>
<title>Changes</title>
<itemizedlist>
<listitem>
<para>
Prevent access to external files/URLs via XML entity references
(Noah Misch, Tom Lane)
</para>
<para>
<function>xml_parse()</> would attempt to fetch external files or
URLs as needed to resolve DTD and entity references in an XML value,
thus allowing unprivileged database users to attempt to fetch data
with the privileges of the database server. While the external data
wouldn't get returned directly to the user, portions of it could be
exposed in error messages if the data didn't parse as valid XML; and
in any case the mere ability to check existence of a file might be
useful to an attacker. (CVE-2012-3489)
</para>
</listitem>
<listitem>
<para>
Prevent access to external files/URLs via <filename>contrib/xml2</>'s
<function>xslt_process()</> (Peter Eisentraut)
</para>
<para>
<application>libxslt</> offers the ability to read and write both
files and URLs through stylesheet commands, thus allowing
unprivileged database users to both read and write data with the
privileges of the database server. Disable that through proper use
of <application>libxslt</>'s security options. (CVE-2012-3488)
</para>
<para>
Also, remove <function>xslt_process()</>'s ability to fetch documents
and stylesheets from external files/URLs. While this was a
documented <quote>feature</>, it was long regarded as a bad idea.
The fix for CVE-2012-3489 broke that capability, and rather than
expend effort on trying to fix it, we're just going to summarily
remove it.
</para>
</listitem>
<listitem>
<para>
Prevent too-early recycling of btree index pages (Noah Misch)
</para>
<para>
When we allowed read-only transactions to skip assigning XIDs, we
introduced the possibility that a deleted btree page could be
recycled while a read-only transaction was still in flight to it.
This would result in incorrect index search results. The probability
of such an error occurring in the field seems very low because of the
timing requirements, but nonetheless it should be fixed.
</para>
</listitem>
<listitem>
<para>
Fix crash-safety bug with newly-created-or-reset sequences (Tom Lane)
</para>
<para>
If <command>ALTER SEQUENCE</> was executed on a freshly created or
reset sequence, and then precisely one <function>nextval()</> call
was made on it, and then the server crashed, WAL replay would restore
the sequence to a state in which it appeared that no
<function>nextval()</> had been done, thus allowing the first
sequence value to be returned again by the next
<function>nextval()</> call. In particular this could manifest for
<type>serial</> columns, since creation of a serial column's sequence
includes an <command>ALTER SEQUENCE OWNED BY</> step.
</para>
</listitem>
<listitem>
<para>
Ensure the <filename>backup_label</> file is fsync'd after
<function>pg_start_backup()</> (Dave Kerr)
</para>
</listitem>
<listitem>
<para>
Back-patch 9.1 improvement to compress the fsync request queue
(Robert Haas)
</para>
<para>
This improves performance during checkpoints. The 9.1 change
has now seen enough field testing to seem safe to back-patch.
</para>
</listitem>
<listitem>
<para>
Only allow autovacuum to be auto-canceled by a directly blocked
process (Tom Lane)
</para>
<para>
The original coding could allow inconsistent behavior in some cases;
in particular, an autovacuum could get canceled after less than
<literal>deadlock_timeout</> grace period.
</para>
</listitem>
<listitem>
<para>
Improve logging of autovacuum cancels (Robert Haas)
</para>
</listitem>
<listitem>
<para>
Fix log collector so that <literal>log_truncate_on_rotation</> works
during the very first log rotation after server start (Tom Lane)
</para>
</listitem>
<listitem>
<para>
Fix <literal>WITH</> attached to a nested set operation
(<literal>UNION</>/<literal>INTERSECT</>/<literal>EXCEPT</>)
(Tom Lane)
</para>
</listitem>
<listitem>
<para>
Ensure that a whole-row reference to a subquery doesn't include any
extra <literal>GROUP BY</> or <literal>ORDER BY</> columns (Tom Lane)
</para>
</listitem>
<listitem>
<para>
Disallow copying whole-row references in <literal>CHECK</>
constraints and index definitions during <command>CREATE TABLE</>
(Tom Lane)
</para>
<para>
This situation can arise in <command>CREATE TABLE</> with
<literal>LIKE</> or <literal>INHERITS</>. The copied whole-row
variable was incorrectly labeled with the row type of the original
table not the new one. Rejecting the case seems reasonable for
<literal>LIKE</>, since the row types might well diverge later. For
<literal>INHERITS</> we should ideally allow it, with an implicit
coercion to the parent table's row type; but that will require more
work than seems safe to back-patch.
</para>
</listitem>
<listitem>
<para>
Fix memory leak in <literal>ARRAY(SELECT ...)</> subqueries (Heikki
Linnakangas, Tom Lane)
</para>
</listitem>
<listitem>
<para>
Fix extraction of common prefixes from regular expressions (Tom Lane)
</para>
<para>
The code could get confused by quantified parenthesized
subexpressions, such as <literal>^(foo)?bar</>. This would lead to
incorrect index optimization of searches for such patterns.
</para>
</listitem>
<listitem>
<para>
Fix bugs with parsing signed
<replaceable>hh</><literal>:</><replaceable>mm</> and
<replaceable>hh</><literal>:</><replaceable>mm</><literal>:</><replaceable>ss</>
fields in <type>interval</> constants (Amit Kapila, Tom Lane)
</para>
</listitem>
<listitem>
<para>
Report errors properly in <filename>contrib/xml2</>'s
<function>xslt_process()</> (Tom Lane)
</para>
</listitem>
<listitem>
<para>
Update time zone data files to <application>tzdata</> release 2012e
for DST law changes in Morocco and Tokelau
</para>
</listitem>
</itemizedlist>
</sect2>
</sect1>
<sect1 id="release-8-4-12">
<title>Release 8.4.12</title>
<note>
<title>Release Date</title>
<simpara>2012-06-04</simpara>
</note>
<para>
This release contains a variety of fixes from 8.4.11.
For information about new features in the 8.4 major release, see
<xref linkend="release-8-4">.
</para>
<sect2>
<title>Migration to Version 8.4.12</title>
<para>
A dump/restore is not required for those running 8.4.X.
</para>
<para>
However, if you are upgrading from a version earlier than 8.4.10,
see <xref linkend="release-8-4-10">.
</para>
</sect2>
<sect2>
<title>Changes</title>
<itemizedlist>
<listitem>
<para>
Fix incorrect password transformation in
<filename>contrib/pgcrypto</>'s DES <function>crypt()</> function
(Solar Designer)
</para>
<para>
If a password string contained the byte value <literal>0x80</>, the
remainder of the password was ignored, causing the password to be much
weaker than it appeared. With this fix, the rest of the string is
properly included in the DES hash. Any stored password values that are
affected by this bug will thus no longer match, so the stored values may
need to be updated. (CVE-2012-2143)
</para>
</listitem>
<listitem>
<para>
Ignore <literal>SECURITY DEFINER</> and <literal>SET</> attributes for
a procedural language's call handler (Tom Lane)
</para>
<para>
Applying such attributes to a call handler could crash the server.
(CVE-2012-2655)
</para>
</listitem>
<listitem>
<para>
Allow numeric timezone offsets in <type>timestamp</> input to be up to
16 hours away from UTC (Tom Lane)
</para>
<para>
Some historical time zones have offsets larger than 15 hours, the
previous limit. This could result in dumped data values being rejected
during reload.
</para>
</listitem>
<listitem>
<para>
Fix timestamp conversion to cope when the given time is exactly the
last DST transition time for the current timezone (Tom Lane)
</para>
<para>
This oversight has been there a long time, but was not noticed
previously because most DST-using zones are presumed to have an
indefinite sequence of future DST transitions.
</para>
</listitem>
<listitem>
<para>
Fix <type>text</> to <type>name</> and <type>char</> to <type>name</>
casts to perform string truncation correctly in multibyte encodings
(Karl Schnaitter)
</para>
</listitem>
<listitem>
<para>
Fix memory copying bug in <function>to_tsquery()</> (Heikki Linnakangas)
</para>
</listitem>
<listitem>
<para>
Fix planner's handling of outer PlaceHolderVars within subqueries (Tom
Lane)
</para>
<para>
This bug concerns sub-SELECTs that reference variables coming from the
nullable side of an outer join of the surrounding query.
In 9.1, queries affected by this bug would fail with <quote>ERROR:
Upper-level PlaceHolderVar found where not expected</>. But in 9.0 and
8.4, you'd silently get possibly-wrong answers, since the value
transmitted into the subquery wouldn't go to null when it should.
</para>
</listitem>
<listitem>
<para>
Fix slow session startup when <structname>pg_attribute</> is very large
(Tom Lane)
</para>
<para>
If <structname>pg_attribute</> exceeds one-fourth of
<varname>shared_buffers</>, cache rebuilding code that is sometimes
needed during session start would trigger the synchronized-scan logic,
causing it to take many times longer than normal. The problem was
particularly acute if many new sessions were starting at once.
</para>
</listitem>
<listitem>
<para>
Ensure sequential scans check for query cancel reasonably often (Merlin
Moncure)
</para>
<para>
A scan encountering many consecutive pages that contain no live tuples
would not respond to interrupts meanwhile.
</para>
</listitem>
<listitem>
<para>
Ensure the Windows implementation of <function>PGSemaphoreLock()</>
clears <varname>ImmediateInterruptOK</> before returning (Tom Lane)
</para>
<para>
This oversight meant that a query-cancel interrupt received later
in the same query could be accepted at an unsafe time, with
unpredictable but not good consequences.
</para>
</listitem>
<listitem>
<para>
Show whole-row variables safely when printing views or rules
(Abbas Butt, Tom Lane)
</para>
<para>
Corner cases involving ambiguous names (that is, the name could be
either a table or column name of the query) were printed in an
ambiguous way, risking that the view or rule would be interpreted
differently after dump and reload. Avoid the ambiguous case by
attaching a no-op cast.
</para>
</listitem>
<listitem>
<para>
Fix <command>COPY FROM</> to properly handle null marker strings that
correspond to invalid encoding (Tom Lane)
</para>
<para>
A null marker string such as <literal>E'\\0'</> should work, and did
work in the past, but the case got broken in 8.4.
</para>
</listitem>
<listitem>
<para>
Ensure autovacuum worker processes perform stack depth checking
properly (Heikki Linnakangas)
</para>
<para>
Previously, infinite recursion in a function invoked by
auto-<command>ANALYZE</> could crash worker processes.
</para>
</listitem>
<listitem>
<para>
Fix logging collector to not lose log coherency under high load (Andrew
Dunstan)
</para>
<para>
The collector previously could fail to reassemble large messages if it
got too busy.
</para>
</listitem>
<listitem>
<para>
Fix logging collector to ensure it will restart file rotation
after receiving <systemitem>SIGHUP</> (Tom Lane)
</para>
</listitem>
<listitem>
<para>
Fix WAL replay logic for GIN indexes to not fail if the index was
subsequently dropped (Tom Lane)
</para>
</listitem>
<listitem>
<para>
Fix memory leak in PL/pgSQL's <command>RETURN NEXT</> command (Joe
Conway)
</para>
</listitem>
<listitem>
<para>
Fix PL/pgSQL's <command>GET DIAGNOSTICS</> command when the target
is the function's first variable (Tom Lane)
</para>
</listitem>
<listitem>
<para>
Fix potential access off the end of memory in <application>psql</>'s
expanded display (<command>\x</>) mode (Peter Eisentraut)
</para>
</listitem>
<listitem>
<para>
Fix several performance problems in <application>pg_dump</> when
the database contains many objects (Jeff Janes, Tom Lane)
</para>
<para>
<application>pg_dump</> could get very slow if the database contained
many schemas, or if many objects are in dependency loops, or if there
are many owned sequences.
</para>
</listitem>
<listitem>
<para>
Fix <filename>contrib/dblink</>'s <function>dblink_exec()</> to not leak
temporary database connections upon error (Tom Lane)
</para>
</listitem>
<listitem>
<para>
Fix <filename>contrib/dblink</> to report the correct connection name in
error messages (Kyotaro Horiguchi)
</para>
</listitem>
<listitem>
<para>
Update time zone data files to <application>tzdata</> release 2012c
for DST law changes in Antarctica, Armenia, Chile, Cuba, Falkland
Islands, Gaza, Haiti, Hebron, Morocco, Syria, and Tokelau Islands;
also historical corrections for Canada.
</para>
</listitem>
</itemizedlist>
</sect2>
</sect1>
<sect1 id="release-8-4-11">
<title>Release 8.4.11</title>
<note>
<title>Release Date</title>
<simpara>2012-02-27</simpara>
</note>
<para>
This release contains a variety of fixes from 8.4.10.
For information about new features in the 8.4 major release, see
<xref linkend="release-8-4">.
</para>
<sect2>
<title>Migration to Version 8.4.11</title>
<para>
A dump/restore is not required for those running 8.4.X.
</para>
<para>
However, if you are upgrading from a version earlier than 8.4.10,
see <xref linkend="release-8-4-10">.
</para>
</sect2>
<sect2>
<title>Changes</title>
<itemizedlist>
<listitem>
<para>
Require execute permission on the trigger function for
<command>CREATE TRIGGER</> (Robert Haas)
</para>
<para>
This missing check could allow another user to execute a trigger
function with forged input data, by installing it on a table he owns.
This is only of significance for trigger functions marked
<literal>SECURITY DEFINER</>, since otherwise trigger functions run
as the table owner anyway. (CVE-2012-0866)
</para>
</listitem>
<listitem>
<para>
Remove arbitrary limitation on length of common name in SSL
certificates (Heikki Linnakangas)
</para>
<para>
Both <application>libpq</> and the server truncated the common name
extracted from an SSL certificate at 32 bytes. Normally this would
cause nothing worse than an unexpected verification failure, but there
are some rather-implausible scenarios in which it might allow one
certificate holder to impersonate another. The victim would have to
have a common name exactly 32 bytes long, and the attacker would have
to persuade a trusted CA to issue a certificate in which the common
name has that string as a prefix. Impersonating a server would also
require some additional exploit to redirect client connections.
(CVE-2012-0867)
</para>
</listitem>
<listitem>
<para>
Convert newlines to spaces in names written in <application>pg_dump</>
comments (Robert Haas)
</para>
<para>
<application>pg_dump</> was incautious about sanitizing object names
that are emitted within SQL comments in its output script. A name
containing a newline would at least render the script syntactically
incorrect. Maliciously crafted object names could present a SQL
injection risk when the script is reloaded. (CVE-2012-0868)
</para>
</listitem>
<listitem>
<para>
Fix btree index corruption from insertions concurrent with vacuuming
(Tom Lane)
</para>
<para>
An index page split caused by an insertion could sometimes cause a
concurrently-running <command>VACUUM</> to miss removing index entries
that it should remove. After the corresponding table rows are removed,
the dangling index entries would cause errors (such as <quote>could not
read block N in file ...</>) or worse, silently wrong query results
after unrelated rows are re-inserted at the now-free table locations.
This bug has been present since release 8.2, but occurs so infrequently
that it was not diagnosed until now. If you have reason to suspect
that it has happened in your database, reindexing the affected index
will fix things.
</para>
</listitem>
<listitem>
<para>
Update per-column permissions, not only per-table permissions, when
changing table owner (Tom Lane)
</para>
<para>
Failure to do this meant that any previously granted column permissions
were still shown as having been granted by the old owner. This meant
that neither the new owner nor a superuser could revoke the
now-untraceable-to-table-owner permissions.
</para>
</listitem>
<listitem>
<para>
Allow non-existent values for some settings in <command>ALTER
USER/DATABASE SET</> (Heikki Linnakangas)
</para>
<para>
Allow <varname>default_text_search_config</>,
<varname>default_tablespace</>, and <varname>temp_tablespaces</> to be
set to names that are not known. This is because they might be known
in another database where the setting is intended to be used, or for the
tablespace cases because the tablespace might not be created yet. The
same issue was previously recognized for <varname>search_path</>, and
these settings now act like that one.
</para>
</listitem>
<listitem>
<para>
Avoid crashing when we have problems deleting table files post-commit
(Tom Lane)
</para>
<para>
Dropping a table should lead to deleting the underlying disk files only
after the transaction commits. In event of failure then (for instance,
because of wrong file permissions) the code is supposed to just emit a
warning message and go on, since it's too late to abort the
transaction. This logic got broken as of release 8.4, causing such
situations to result in a PANIC and an unrestartable database.
</para>
</listitem>
<listitem>
<para>
Track the OID counter correctly during WAL replay, even when it wraps
around (Tom Lane)
</para>
<para>
Previously the OID counter would remain stuck at a high value until the
system exited replay mode. The practical consequences of that are
usually nil, but there are scenarios wherein a standby server that's
been promoted to master might take a long time to advance the OID
counter to a reasonable value once values are needed.
</para>
</listitem>
<listitem>
<para>
Fix regular expression back-references with <literal>*</> attached
(Tom Lane)
</para>
<para>
Rather than enforcing an exact string match, the code would effectively
accept any string that satisfies the pattern sub-expression referenced
by the back-reference symbol.
</para>
<para>
A similar problem still afflicts back-references that are embedded in a
larger quantified expression, rather than being the immediate subject
of the quantifier. This will be addressed in a future
<productname>PostgreSQL</> release.
</para>
</listitem>
<listitem>
<para>
Fix recently-introduced memory leak in processing of
<type>inet</>/<type>cidr</> values (Heikki Linnakangas)
</para>
<para>
A patch in the December 2011 releases of <productname>PostgreSQL</>
caused memory leakage in these operations, which could be significant
in scenarios such as building a btree index on such a column.
</para>
</listitem>
<listitem>
<para>
Fix dangling pointer after <command>CREATE TABLE AS</>/<command>SELECT
INTO</> in a SQL-language function (Tom Lane)
</para>
<para>
In most cases this only led to an assertion failure in assert-enabled
builds, but worse consequences seem possible.
</para>
</listitem>
<listitem>
<para>
Avoid double close of file handle in syslogger on Windows (MauMau)
</para>
<para>
Ordinarily this error was invisible, but it would cause an exception
when running on a debug version of Windows.
</para>
</listitem>
<listitem>
<para>
Fix I/O-conversion-related memory leaks in plpgsql
(Andres Freund, Jan Urbanski, Tom Lane)
</para>
<para>
Certain operations would leak memory until the end of the current
function.
</para>
</listitem>
<listitem>
<para>
Improve <application>pg_dump</>'s handling of inherited table columns
(Tom Lane)
</para>
<para>
<application>pg_dump</> mishandled situations where a child column has
a different default expression than its parent column. If the default
is textually identical to the parent's default, but not actually the
same (for instance, because of schema search path differences) it would
not be recognized as different, so that after dump and restore the
child would be allowed to inherit the parent's default. Child columns
that are <literal>NOT NULL</> where their parent is not could also be
restored subtly incorrectly.
</para>
</listitem>
<listitem>
<para>
Fix <application>pg_restore</>'s direct-to-database mode for
INSERT-style table data (Tom Lane)
</para>
<para>
Direct-to-database restores from archive files made with
<option>--inserts</> or <option>--column-inserts</> options fail when
using <application>pg_restore</> from a release dated September or
December 2011, as a result of an oversight in a fix for another
problem. The archive file itself is not at fault, and text-mode
output is okay.
</para>
</listitem>
<listitem>
<para>
Allow <literal>AT</> option in <application>ecpg</>
<literal>DEALLOCATE</> statements (Michael Meskes)
</para>
<para>
The infrastructure to support this has been there for awhile, but
through an oversight there was still an error check rejecting the case.
</para>
</listitem>
<listitem>
<para>
Fix error in <filename>contrib/intarray</>'s <literal>int[] &amp;
int[]</> operator (Guillaume Lelarge)
</para>
<para>
If the smallest integer the two input arrays have in common is 1,
and there are smaller values in either array, then 1 would be
incorrectly omitted from the result.
</para>
</listitem>
<listitem>
<para>
Fix error detection in <filename>contrib/pgcrypto</>'s
<function>encrypt_iv()</> and <function>decrypt_iv()</>
(Marko Kreen)
</para>
<para>
These functions failed to report certain types of invalid-input errors,
and would instead return random garbage values for incorrect input.
</para>
</listitem>
<listitem>
<para>
Fix one-byte buffer overrun in <filename>contrib/test_parser</>
(Paul Guyot)
</para>
<para>
The code would try to read one more byte than it should, which would
crash in corner cases.
Since <filename>contrib/test_parser</> is only example code, this is
not a security issue in itself, but bad example code is still bad.
</para>
</listitem>
<listitem>
<para>
Use <function>__sync_lock_test_and_set()</> for spinlocks on ARM, if
available (Martin Pitt)
</para>
<para>
This function replaces our previous use of the <literal>SWPB</>
instruction, which is deprecated and not available on ARMv6 and later.
Reports suggest that the old code doesn't fail in an obvious way on
recent ARM boards, but simply doesn't interlock concurrent accesses,
leading to bizarre failures in multiprocess operation.
</para>
</listitem>
<listitem>
<para>
Use <option>-fexcess-precision=standard</> option when building with
gcc versions that accept it (Andrew Dunstan)
</para>
<para>
This prevents assorted scenarios wherein recent versions of gcc will
produce creative results.
</para>
</listitem>
<listitem>
<para>
Allow use of threaded Python on FreeBSD (Chris Rees)
</para>
<para>
Our configure script previously believed that this combination wouldn't
work; but FreeBSD fixed the problem, so remove that error check.
</para>
</listitem>
</itemizedlist>
</sect2>
</sect1>
<sect1 id="release-8-4-10">
<title>Release 8.4.10</title>
<note>
<title>Release Date</title>
<simpara>2011-12-05</simpara>
</note>
<para>
This release contains a variety of fixes from 8.4.9.
For information about new features in the 8.4 major release, see
<xref linkend="release-8-4">.
</para>
<sect2>
<title>Migration to Version 8.4.10</title>
<para>
A dump/restore is not required for those running 8.4.X.
</para>
<para>
However, a longstanding error was discovered in the definition of the
<literal>information_schema.referential_constraints</> view. If you
rely on correct results from that view, you should replace its
definition as explained in the first changelog item below.
</para>
<para>
Also, if you are upgrading from a version earlier than 8.4.8,
see <xref linkend="release-8-4-8">.
</para>
</sect2>
<sect2>
<title>Changes</title>
<itemizedlist>
<listitem>
<para>
Fix bugs in <literal>information_schema.referential_constraints</> view
(Tom Lane)
</para>
<para>
This view was being insufficiently careful about matching the
foreign-key constraint to the depended-on primary or unique key
constraint. That could result in failure to show a foreign key
constraint at all, or showing it multiple times, or claiming that it
depends on a different constraint than the one it really does.
</para>
<para>
Since the view definition is installed by <application>initdb</>,
merely upgrading will not fix the problem. If you need to fix this
in an existing installation, you can (as a superuser) drop the
<literal>information_schema</> schema then re-create it by sourcing
<filename><replaceable>SHAREDIR</>/information_schema.sql</filename>.
(Run <literal>pg_config --sharedir</> if you're uncertain where
<replaceable>SHAREDIR</> is.) This must be repeated in each database
to be fixed.
</para>
</listitem>
<listitem>
<para>
Fix incorrect replay of WAL records for GIN index updates
(Tom Lane)
</para>
<para>
This could result in transiently failing to find index entries after
a crash, or on a hot-standby server. The problem would be repaired
by the next <command>VACUUM</> of the index, however.
</para>
</listitem>
<listitem>
<para>
Fix TOAST-related data corruption during <literal>CREATE TABLE dest AS
SELECT * FROM src</> or <literal>INSERT INTO dest SELECT * FROM src</>
(Tom Lane)
</para>
<para>
If a table has been modified by <command>ALTER TABLE ADD COLUMN</>,
attempts to copy its data verbatim to another table could produce
corrupt results in certain corner cases.
The problem can only manifest in this precise form in 8.4 and later,
but we patched earlier versions as well in case there are other code
paths that could trigger the same bug.
</para>
</listitem>
<listitem>
<para>
Fix race condition during toast table access from stale syscache entries
(Tom Lane)
</para>
<para>
The typical symptom was transient errors like <quote>missing chunk
number 0 for toast value NNNNN in pg_toast_2619</>, where the cited
toast table would always belong to a system catalog.
</para>
</listitem>
<listitem>
<para>
Track dependencies of functions on items used in parameter default
expressions (Tom Lane)
</para>
<para>
Previously, a referenced object could be dropped without having dropped
or modified the function, leading to misbehavior when the function was
used. Note that merely installing this update will not fix the missing
dependency entries; to do that, you'd need to <command>CREATE OR
REPLACE</> each such function afterwards. If you have functions whose
defaults depend on non-built-in objects, doing so is recommended.
</para>
</listitem>
<listitem>
<para>
Allow inlining of set-returning SQL functions with multiple OUT
parameters (Tom Lane)
</para>
</listitem>
<listitem>
<para>
Make <function>DatumGetInetP()</> unpack inet datums that have a 1-byte
header, and add a new macro, <function>DatumGetInetPP()</>, that does
not (Heikki Linnakangas)
</para>
<para>
This change affects no core code, but might prevent crashes in add-on
code that expects <function>DatumGetInetP()</> to produce an unpacked
datum as per usual convention.
</para>
</listitem>
<listitem>
<para>
Improve locale support in <type>money</> type's input and output
(Tom Lane)
</para>
<para>
Aside from not supporting all standard
<link linkend="guc-lc-monetary"><varname>lc_monetary</></link>
formatting options, the input and output functions were inconsistent,
meaning there were locales in which dumped <type>money</> values could
not be re-read.
</para>
</listitem>
<listitem>
<para>
Don't let <link
linkend="guc-transform-null-equals"><varname>transform_null_equals</></link>
affect <literal>CASE foo WHEN NULL ...</> constructs
(Heikki Linnakangas)
</para>
<para>
<varname>transform_null_equals</> is only supposed to affect
<literal>foo = NULL</> expressions written directly by the user, not
equality checks generated internally by this form of <literal>CASE</>.
</para>
</listitem>
<listitem>
<para>
Change foreign-key trigger creation order to better support
self-referential foreign keys (Tom Lane)
</para>
<para>
For a cascading foreign key that references its own table, a row update
will fire both the <literal>ON UPDATE</> trigger and the
<literal>CHECK</> trigger as one event. The <literal>ON UPDATE</>
trigger must execute first, else the <literal>CHECK</> will check a
non-final state of the row and possibly throw an inappropriate error.
However, the firing order of these triggers is determined by their
names, which generally sort in creation order since the triggers have
auto-generated names following the convention
<quote>RI_ConstraintTrigger_NNNN</>. A proper fix would require
modifying that convention, which we will do in 9.2, but it seems risky
to change it in existing releases. So this patch just changes the
creation order of the triggers. Users encountering this type of error
should drop and re-create the foreign key constraint to get its
triggers into the right order.
</para>
</listitem>
<listitem>
<para>
Avoid floating-point underflow while tracking buffer allocation rate
(Greg Matthews)
</para>
<para>
While harmless in itself, on certain platforms this would result in
annoying kernel log messages.
</para>
</listitem>
<listitem>
<para>
Preserve configuration file name and line number values when starting
child processes under Windows (Tom Lane)
</para>
<para>
Formerly, these would not be displayed correctly in the
<structname>pg_settings</> view.
</para>
</listitem>
<listitem>
<para>
Preserve blank lines within commands in <application>psql</>'s command
history (Robert Haas)
</para>
<para>
The former behavior could cause problems if an empty line was removed
from within a string literal, for example.
</para>
</listitem>
<listitem>
<para>
Fix <application>pg_dump</> to dump user-defined casts between
auto-generated types, such as table rowtypes (Tom Lane)
</para>
</listitem>
<listitem>
<para>
Use the preferred version of <application>xsubpp</> to build PL/Perl,
not necessarily the operating system's main copy
(David Wheeler and Alex Hunsaker)
</para>
</listitem>
<listitem>
<para>
Fix incorrect coding in <filename>contrib/dict_int</> and
<filename>contrib/dict_xsyn</> (Tom Lane)
</para>
<para>
Some functions incorrectly assumed that memory returned by
<function>palloc()</> is guaranteed zeroed.
</para>
</listitem>
<listitem>
<para>
Honor query cancel interrupts promptly in <function>pgstatindex()</>
(Robert Haas)
</para>
</listitem>
<listitem>
<para>
Ensure VPATH builds properly install all server header files
(Peter Eisentraut)
</para>
</listitem>
<listitem>
<para>
Shorten file names reported in verbose error messages (Peter Eisentraut)
</para>
<para>
Regular builds have always reported just the name of the C file
containing the error message call, but VPATH builds formerly
reported an absolute path name.
</para>
</listitem>
<listitem>
<para>
Fix interpretation of Windows timezone names for Central America
(Tom Lane)
</para>
<para>
Map <quote>Central America Standard Time</> to <literal>CST6</>, not
<literal>CST6CDT</>, because DST is generally not observed anywhere in
Central America.
</para>
</listitem>
<listitem>
<para>
Update time zone data files to <application>tzdata</> release 2011n
for DST law changes in Brazil, Cuba, Fiji, Palestine, Russia, and Samoa;
also historical corrections for Alaska and British East Africa.
</para>
</listitem>
</itemizedlist>
</sect2>
</sect1>
<sect1 id="release-8-4-9">
<title>Release 8.4.9</title>
<note>
<title>Release Date</title>
<simpara>2011-09-26</simpara>
</note>
<para>
This release contains a variety of fixes from 8.4.8.
For information about new features in the 8.4 major release, see
<xref linkend="release-8-4">.
</para>
<sect2>
<title>Migration to Version 8.4.9</title>
<para>
A dump/restore is not required for those running 8.4.X.
</para>
<para>
However, if you are upgrading from a version earlier than 8.4.8,
see <xref linkend="release-8-4-8">.
</para>
</sect2>
<sect2>
<title>Changes</title>
<itemizedlist>
<listitem>
<para>
Fix bugs in indexing of in-doubt HOT-updated tuples (Tom Lane)
</para>
<para>
These bugs could result in index corruption after reindexing a system
catalog. They are not believed to affect user indexes.
</para>
</listitem>
<listitem>
<para>
Fix multiple bugs in GiST index page split processing (Heikki
Linnakangas)
</para>
<para>
The probability of occurrence was low, but these could lead to index
corruption.
</para>
</listitem>
<listitem>
<para>
Fix possible buffer overrun in <function>tsvector_concat()</>
(Tom Lane)
</para>
<para>
The function could underestimate the amount of memory needed for its
result, leading to server crashes.
</para>
</listitem>
<listitem>
<para>
Fix crash in <function>xml_recv</> when processing a
<quote>standalone</> parameter (Tom Lane)
</para>
</listitem>
<listitem>
<para>
Make <function>pg_options_to_table</> return NULL for an option with no
value (Tom Lane)
</para>
<para>
Previously such cases would result in a server crash.
</para>
</listitem>
<listitem>
<para>
Avoid possibly accessing off the end of memory in <command>ANALYZE</>
and in SJIS-2004 encoding conversion (Noah Misch)
</para>
<para>
This fixes some very-low-probability server crash scenarios.
</para>
</listitem>
<listitem>
<para>
Prevent intermittent hang in interactions of startup process with
bgwriter process (Simon Riggs)
</para>
<para>
This affected recovery in non-hot-standby cases.
</para>
</listitem>
<listitem>
<para>
Fix race condition in relcache init file invalidation (Tom Lane)
</para>
<para>
There was a window wherein a new backend process could read a stale init
file but miss the inval messages that would tell it the data is stale.
The result would be bizarre failures in catalog accesses, typically
<quote>could not read block 0 in file ...</> later during startup.
</para>
</listitem>
<listitem>
<para>
Fix memory leak at end of a GiST index scan (Tom Lane)
</para>
<para>
Commands that perform many separate GiST index scans, such as
verification of a new GiST-based exclusion constraint on a table
already containing many rows, could transiently require large amounts of
memory due to this leak.
</para>
</listitem>
<listitem>
<para>
Fix incorrect memory accounting (leading to possible memory bloat) in
tuplestores supporting holdable cursors and plpgsql's <literal>RETURN
NEXT</> command (Tom Lane)
</para>
</listitem>
<listitem>
<para>
Fix performance problem when constructing a large, lossy bitmap
(Tom Lane)
</para>
</listitem>
<listitem>
<para>
Fix join selectivity estimation for unique columns (Tom Lane)
</para>
<para>
This fixes an erroneous planner heuristic that could lead to poor
estimates of the result size of a join.
</para>
</listitem>
<listitem>
<para>
Fix nested PlaceHolderVar expressions that appear only in sub-select
target lists (Tom Lane)
</para>
<para>
This mistake could result in outputs of an outer join incorrectly
appearing as NULL.
</para>
</listitem>
<listitem>
<para>
Allow nested <literal>EXISTS</> queries to be optimized properly (Tom
Lane)
</para>
</listitem>
<listitem>
<para>
Fix array- and path-creating functions to ensure padding bytes are
zeroes (Tom Lane)
</para>
<para>
This avoids some situations where the planner will think that
semantically-equal constants are not equal, resulting in poor
optimization.
</para>
</listitem>
<listitem>
<para>
Fix <command>EXPLAIN</> to handle gating Result nodes within
inner-indexscan subplans (Tom Lane)
</para>
<para>
The usual symptom of this oversight was <quote>bogus varno</> errors.
</para>
</listitem>
<listitem>
<para>
Work around gcc 4.6.0 bug that breaks WAL replay (Tom Lane)
</para>
<para>
This could lead to loss of committed transactions after a server crash.
</para>
</listitem>
<listitem>
<para>
Fix dump bug for <literal>VALUES</> in a view (Tom Lane)
</para>
</listitem>
<listitem>
<para>
Disallow <literal>SELECT FOR UPDATE/SHARE</> on sequences (Tom Lane)
</para>
<para>
This operation doesn't work as expected and can lead to failures.
</para>
</listitem>
<listitem>
<para>
Fix <command>VACUUM</> so that it always updates
<literal>pg_class</>.<literal>reltuples</>/<literal>relpages</> (Tom
Lane)
</para>
<para>
This fixes some scenarios where autovacuum could make increasingly poor
decisions about when to vacuum tables.
</para>
</listitem>
<listitem>
<para>
Defend against integer overflow when computing size of a hash table (Tom
Lane)
</para>
</listitem>
<listitem>
<para>
Fix cases where <command>CLUSTER</> might attempt to access
already-removed TOAST data (Tom Lane)
</para>
</listitem>
<listitem>
<para>
Fix portability bugs in use of credentials control messages for
<quote>peer</> authentication (Tom Lane)
</para>
</listitem>
<listitem>
<para>
Fix SSPI login when multiple roundtrips are required (Ahmed Shinwari,
Magnus Hagander)
</para>
<para>
The typical symptom of this problem was <quote>The function requested is
not supported</> errors during SSPI login.
</para>
</listitem>
<listitem>
<para>
Throw an error if <filename>pg_hba.conf</> contains <literal>hostssl</>
but SSL is disabled (Tom Lane)
</para>
<para>
This was concluded to be more user-friendly than the previous behavior
of silently ignoring such lines.
</para>
</listitem>
<listitem>
<para>
Fix typo in <function>pg_srand48</> seed initialization (Andres Freund)
</para>
<para>
This led to failure to use all bits of the provided seed. This function
is not used on most platforms (only those without <function>srandom</>),
and the potential security exposure from a less-random-than-expected
seed seems minimal in any case.
</para>
</listitem>
<listitem>
<para>
Avoid integer overflow when the sum of <literal>LIMIT</> and
<literal>OFFSET</> values exceeds 2^63 (Heikki Linnakangas)
</para>
</listitem>
<listitem>
<para>
Add overflow checks to <type>int4</> and <type>int8</> versions of
<function>generate_series()</> (Robert Haas)
</para>
</listitem>
<listitem>
<para>
Fix trailing-zero removal in <function>to_char()</> (Marti Raudsepp)
</para>
<para>
In a format with <literal>FM</> and no digit positions
after the decimal point, zeroes to the left of the decimal point could
be removed incorrectly.
</para>
</listitem>
<listitem>
<para>
Fix <function>pg_size_pretty()</> to avoid overflow for inputs close to
2^63 (Tom Lane)
</para>
</listitem>
<listitem>
<para>
Weaken plpgsql's check for typmod matching in record values (Tom Lane)
</para>
<para>
An overly enthusiastic check could lead to discarding length modifiers
that should have been kept.
</para>
</listitem>
<listitem>
<para>
Correctly handle quotes in locale names during <application>initdb</>
(Heikki Linnakangas)
</para>
<para>
The case can arise with some Windows locales, such as <quote>People's
Republic of China</>.
</para>
</listitem>
<listitem>
<para>
Fix <application>pg_upgrade</> to preserve toast tables' relfrozenxids
during an upgrade from 8.3 (Bruce Momjian)
</para>
<para>
Failure to do this could lead to <filename>pg_clog</> files being
removed too soon after the upgrade.
</para>
</listitem>
<listitem>
<para>
In <application>pg_ctl</>, support silent mode for service registrations
on Windows (MauMau)
</para>
</listitem>
<listitem>
<para>
Fix <application>psql</>'s counting of script file line numbers during
<literal>COPY</> from a different file (Tom Lane)
</para>
</listitem>
<listitem>
<para>
Fix <application>pg_restore</>'s direct-to-database mode for
<varname>standard_conforming_strings</> (Tom Lane)
</para>
<para>
<application>pg_restore</> could emit incorrect commands when restoring
directly to a database server from an archive file that had been made
with <varname>standard_conforming_strings</> set to <literal>on</>.
</para>
</listitem>
<listitem>
<para>
Be more user-friendly about unsupported cases for parallel
<application>pg_restore</> (Tom Lane)
</para>
<para>
This change ensures that such cases are detected and reported before
any restore actions have been taken.
</para>
</listitem>
<listitem>
<para>
Fix write-past-buffer-end and memory leak in <application>libpq</>'s
LDAP service lookup code (Albe Laurenz)
</para>
</listitem>
<listitem>
<para>
In <application>libpq</>, avoid failures when using nonblocking I/O
and an SSL connection (Martin Pihlak, Tom Lane)
</para>
</listitem>
<listitem>
<para>
Improve libpq's handling of failures during connection startup
(Tom Lane)
</para>
<para>
In particular, the response to a server report of <function>fork()</>
failure during SSL connection startup is now saner.
</para>
</listitem>
<listitem>
<para>
Improve <application>libpq</>'s error reporting for SSL failures (Tom
Lane)
</para>
</listitem>
<listitem>
<para>
Fix <function>PQsetvalue()</> to avoid possible crash when adding a new
tuple to a <structname>PGresult</> originally obtained from a server
query (Andrew Chernow)
</para>
</listitem>
<listitem>
<para>
Make <application>ecpglib</> write <type>double</> values with 15 digits
precision (Akira Kurosawa)
</para>
</listitem>
<listitem>
<para>
In <application>ecpglib</>, be sure <literal>LC_NUMERIC</> setting is
restored after an error (Michael Meskes)
</para>
</listitem>
<listitem>
<para>
Apply upstream fix for blowfish signed-character bug (CVE-2011-2483)
(Tom Lane)
</para>
<para>
<filename>contrib/pg_crypto</>'s blowfish encryption code could give
wrong results on platforms where char is signed (which is most),
leading to encrypted passwords being weaker than they should be.
</para>
</listitem>
<listitem>
<para>
Fix memory leak in <filename>contrib/seg</> (Heikki Linnakangas)
</para>
</listitem>
<listitem>
<para>
Fix <function>pgstatindex()</> to give consistent results for empty
indexes (Tom Lane)
</para>
</listitem>
<listitem>
<para>
Allow building with perl 5.14 (Alex Hunsaker)
</para>
</listitem>
<listitem>
<para>
Update configure script's method for probing existence of system
functions (Tom Lane)
</para>
<para>
The version of autoconf we used in 8.3 and 8.2 could be fooled by
compilers that perform link-time optimization.
</para>
</listitem>
<listitem>
<para>
Fix assorted issues with build and install file paths containing spaces
(Tom Lane)
</para>
</listitem>
<listitem>
<para>
Update time zone data files to <application>tzdata</> release 2011i
for DST law changes in Canada, Egypt, Russia, Samoa, and South Sudan.
</para>
</listitem>
</itemizedlist>
</sect2>
</sect1>
<sect1 id="release-8-4-8">
<title>Release 8.4.8</title>
<note>
<title>Release Date</title>
<simpara>2011-04-18</simpara>
</note>
<para>
This release contains a variety of fixes from 8.4.7.
For information about new features in the 8.4 major release, see
<xref linkend="release-8-4">.
</para>
<sect2>
<title>Migration to Version 8.4.8</title>
<para>
A dump/restore is not required for those running 8.4.X.
</para>
<para>
However, if your installation was upgraded from a previous major
release by running <application>pg_upgrade</>, you should take
action to prevent possible data loss due to a now-fixed bug in
<application>pg_upgrade</>. The recommended solution is to run
<command>VACUUM FREEZE</> on all TOAST tables.
More information is available at <ulink
url="http://wiki.postgresql.org/wiki/20110408pg_upgrade_fix">
http://wiki.postgresql.org/wiki/20110408pg_upgrade_fix</ulink>.
</para>
<para>
Also, if you are upgrading from a version earlier than 8.4.2,
see <xref linkend="release-8-4-2">.
</para>
</sect2>
<sect2>
<title>Changes</title>
<itemizedlist>
<listitem>
<para>
Fix <application>pg_upgrade</>'s handling of TOAST tables
(Bruce Momjian)
</para>
<para>
The <structname>pg_class</>.<structfield>relfrozenxid</> value for
TOAST tables was not correctly copied into the new installation
during <application>pg_upgrade</>. This could later result in
<literal>pg_clog</> files being discarded while they were still
needed to validate tuples in the TOAST tables, leading to
<quote>could not access status of transaction</> failures.
</para>
<para>
This error poses a significant risk of data loss for installations
that have been upgraded with <application>pg_upgrade</>. This patch
corrects the problem for future uses of <application>pg_upgrade</>,
but does not in itself cure the issue in installations that have been
processed with a buggy version of <application>pg_upgrade</>.
</para>
</listitem>
<listitem>
<para>
Suppress incorrect <quote>PD_ALL_VISIBLE flag was incorrectly set</>
warning (Heikki Linnakangas)
</para>
<para>
<command>VACUUM</> would sometimes issue this warning in cases that
are actually valid.
</para>
</listitem>
<listitem>
<para>
Disallow including a composite type in itself (Tom Lane)
</para>
<para>
This prevents scenarios wherein the server could recurse infinitely
while processing the composite type. While there are some possible
uses for such a structure, they don't seem compelling enough to
justify the effort required to make sure it always works safely.
</para>
</listitem>
<listitem>
<para>
Avoid potential deadlock during catalog cache initialization
(Nikhil Sontakke)
</para>
<para>
In some cases the cache loading code would acquire share lock on a
system index before locking the index's catalog. This could deadlock
against processes trying to acquire exclusive locks in the other,
more standard order.
</para>
</listitem>
<listitem>
<para>
Fix dangling-pointer problem in <literal>BEFORE ROW UPDATE</> trigger
handling when there was a concurrent update to the target tuple
(Tom Lane)
</para>
<para>
This bug has been observed to result in intermittent <quote>cannot
extract system attribute from virtual tuple</> failures while trying to
do <literal>UPDATE RETURNING ctid</>. There is a very small probability
of more serious errors, such as generating incorrect index entries for
the updated tuple.
</para>
</listitem>
<listitem>
<para>
Disallow <command>DROP TABLE</> when there are pending deferred trigger
events for the table (Tom Lane)
</para>
<para>
Formerly the <command>DROP</> would go through, leading to
<quote>could not open relation with OID nnn</> errors when the
triggers were eventually fired.
</para>
</listitem>
<listitem>
<para>
Prevent crash triggered by constant-false WHERE conditions during
GEQO optimization (Tom Lane)
</para>
</listitem>
<listitem>
<para>
Improve planner's handling of semi-join and anti-join cases
(Tom Lane)
</para>
</listitem>
<listitem>
<para>
Fix selectivity estimation for text search to account for NULLs
(Jesper Krogh)
</para>
</listitem>
<listitem>
<para>
Improve PL/pgSQL's ability to handle row types with dropped columns
(Pavel Stehule)
</para>
<para>
This is a back-patch of fixes previously made in 9.0.
</para>
</listitem>
<listitem>
<para>
Fix PL/Python memory leak involving array slices (Daniel Popowich)
</para>
</listitem>
<listitem>
<para>
Fix <application>pg_restore</> to cope with long lines (over 1KB) in
TOC files (Tom Lane)
</para>
</listitem>
<listitem>
<para>
Put in more safeguards against crashing due to division-by-zero
with overly enthusiastic compiler optimization (Aurelien Jarno)
</para>
</listitem>
<listitem>
<para>
Support use of dlopen() in FreeBSD and OpenBSD on MIPS (Tom Lane)
</para>
<para>
There was a hard-wired assumption that this system function was not
available on MIPS hardware on these systems. Use a compile-time test
instead, since more recent versions have it.
</para>
</listitem>
<listitem>
<para>
Fix compilation failures on HP-UX (Heikki Linnakangas)
</para>
</listitem>
<listitem>
<para>
Fix version-incompatibility problem with <application>libintl</> on
Windows (Hiroshi Inoue)
</para>
</listitem>
<listitem>
<para>
Fix usage of <application>xcopy</> in Windows build scripts to
work correctly under Windows 7 (Andrew Dunstan)
</para>
<para>
This affects the build scripts only, not installation or usage.
</para>
</listitem>
<listitem>
<para>
Fix path separator used by <application>pg_regress</> on Cygwin
(Andrew Dunstan)
</para>
</listitem>
<listitem>
<para>
Update time zone data files to <application>tzdata</> release 2011f
for DST law changes in Chile, Cuba, Falkland Islands, Morocco, Samoa,
and Turkey; also historical corrections for South Australia, Alaska,
and Hawaii.
</para>
</listitem>
</itemizedlist>
</sect2>
</sect1>
<sect1 id="release-8-4-7">
<title>Release 8.4.7</title>
<note>
<title>Release Date</title>
<simpara>2011-01-31</simpara>
</note>
<para>
This release contains a variety of fixes from 8.4.6.
For information about new features in the 8.4 major release, see
<xref linkend="release-8-4">.
</para>
<sect2>
<title>Migration to Version 8.4.7</title>
<para>
A dump/restore is not required for those running 8.4.X.
However, if you are upgrading from a version earlier than 8.4.2,
see <xref linkend="release-8-4-2">.
</para>
</sect2>
<sect2>
<title>Changes</title>
<itemizedlist>
<listitem>
<para>
Avoid failures when <command>EXPLAIN</> tries to display a simple-form
<literal>CASE</> expression (Tom Lane)
</para>
<para>
If the <literal>CASE</>'s test expression was a constant, the planner
could simplify the <literal>CASE</> into a form that confused the
expression-display code, resulting in <quote>unexpected CASE WHEN
clause</> errors.
</para>
</listitem>
<listitem>
<para>
Fix assignment to an array slice that is before the existing range
of subscripts (Tom Lane)
</para>
<para>
If there was a gap between the newly added subscripts and the first
pre-existing subscript, the code miscalculated how many entries needed
to be copied from the old array's null bitmap, potentially leading to
data corruption or crash.
</para>
</listitem>
<listitem>
<para>
Avoid unexpected conversion overflow in planner for very distant date
values (Tom Lane)
</para>
<para>
The <type>date</> type supports a wider range of dates than can be
represented by the <type>timestamp</> types, but the planner assumed it
could always convert a date to timestamp with impunity.
</para>
</listitem>
<listitem>
<para>
Fix <application>pg_restore</>'s text output for large objects (BLOBs)
when <varname>standard_conforming_strings</> is on (Tom Lane)
</para>
<para>
Although restoring directly to a database worked correctly, string
escaping was incorrect if <application>pg_restore</> was asked for
SQL text output and <varname>standard_conforming_strings</> had been
enabled in the source database.
</para>
</listitem>
<listitem>
<para>
Fix erroneous parsing of <type>tsquery</> values containing
<literal>... &amp; !(subexpression) | ...</literal> (Tom Lane)
</para>
<para>
Queries containing this combination of operators were not executed
correctly. The same error existed in <filename>contrib/intarray</>'s
<type>query_int</> type and <filename>contrib/ltree</>'s
<type>ltxtquery</> type.
</para>
</listitem>
<listitem>
<para>
Fix buffer overrun in <filename>contrib/intarray</>'s input function
for the <type>query_int</> type (Apple)
</para>
<para>
This bug is a security risk since the function's return address could
be overwritten. Thanks to Apple Inc's security team for reporting this
issue and supplying the fix. (CVE-2010-4015)
</para>
</listitem>
<listitem>
<para>
Fix bug in <filename>contrib/seg</>'s GiST picksplit algorithm
(Alexander Korotkov)
</para>
<para>
This could result in considerable inefficiency, though not actually
incorrect answers, in a GiST index on a <type>seg</> column.
If you have such an index, consider <command>REINDEX</>ing it after
installing this update. (This is identical to the bug that was fixed in
<filename>contrib/cube</> in the previous update.)
</para>
</listitem>
</itemizedlist>
</sect2>
</sect1>
<sect1 id="release-8-4-6">
<title>Release 8.4.6</title>
<note>
<title>Release Date</title>
<simpara>2010-12-16</simpara>
</note>
<para>
This release contains a variety of fixes from 8.4.5.
For information about new features in the 8.4 major release, see
<xref linkend="release-8-4">.
</para>
<sect2>
<title>Migration to Version 8.4.6</title>
<para>
A dump/restore is not required for those running 8.4.X.
However, if you are upgrading from a version earlier than 8.4.2,
see <xref linkend="release-8-4-2">.
</para>
</sect2>
<sect2>
<title>Changes</title>
<itemizedlist>
<listitem>
<para>
Force the default
<link linkend="guc-wal-sync-method"><varname>wal_sync_method</></link>
to be <literal>fdatasync</> on Linux (Tom Lane, Marti Raudsepp)
</para>
<para>
The default on Linux has actually been <literal>fdatasync</> for many
years, but recent kernel changes caused <productname>PostgreSQL</> to
choose <literal>open_datasync</> instead. This choice did not result
in any performance improvement, and caused outright failures on
certain filesystems, notably <literal>ext4</> with the
<literal>data=journal</> mount option.
</para>
</listitem>
<listitem>
<para>
Fix assorted bugs in WAL replay logic for GIN indexes (Tom Lane)
</para>
<para>
This could result in <quote>bad buffer id: 0</> failures or
corruption of index contents during replication.
</para>
</listitem>
<listitem>
<para>
Fix recovery from base backup when the starting checkpoint WAL record
is not in the same WAL segment as its redo point (Jeff Davis)
</para>
</listitem>
<listitem>
<para>
Fix persistent slowdown of autovacuum workers when multiple workers
remain active for a long time (Tom Lane)
</para>
<para>
The effective <varname>vacuum_cost_limit</> for an autovacuum worker
could drop to nearly zero if it processed enough tables, causing it
to run extremely slowly.
</para>
</listitem>
<listitem>
<para>
Add support for detecting register-stack overrun on <literal>IA64</>
(Tom Lane)
</para>
<para>
The <literal>IA64</> architecture has two hardware stacks. Full
prevention of stack-overrun failures requires checking both.
</para>
</listitem>
<listitem>
<para>
Add a check for stack overflow in <function>copyObject()</> (Tom Lane)
</para>
<para>
Certain code paths could crash due to stack overflow given a
sufficiently complex query.
</para>
</listitem>
<listitem>
<para>
Fix detection of page splits in temporary GiST indexes (Heikki
Linnakangas)
</para>
<para>
It is possible to have a <quote>concurrent</> page split in a
temporary index, if for example there is an open cursor scanning the
index when an insertion is done. GiST failed to detect this case and
hence could deliver wrong results when execution of the cursor
continued.
</para>
</listitem>
<listitem>
<para>
Fix error checking during early connection processing (Tom Lane)
</para>
<para>
The check for too many child processes was skipped in some cases,
possibly leading to postmaster crash when attempting to add the new
child process to fixed-size arrays.
</para>
</listitem>
<listitem>
<para>
Improve efficiency of window functions (Tom Lane)
</para>
<para>
Certain cases where a large number of tuples needed to be read in
advance, but <varname>work_mem</> was large enough to allow them all
to be held in memory, were unexpectedly slow.
<function>percent_rank()</>, <function>cume_dist()</> and
<function>ntile()</> in particular were subject to this problem.
</para>
</listitem>
<listitem>
<para>
Avoid memory leakage while <command>ANALYZE</>'ing complex index
expressions (Tom Lane)
</para>
</listitem>
<listitem>
<para>
Ensure an index that uses a whole-row Var still depends on its table
(Tom Lane)
</para>
<para>
An index declared like <literal>create index i on t (foo(t.*))</>
would not automatically get dropped when its table was dropped.
</para>
</listitem>
<listitem>
<para>
Do not <quote>inline</> a SQL function with multiple <literal>OUT</>
parameters (Tom Lane)
</para>
<para>
This avoids a possible crash due to loss of information about the
expected result rowtype.
</para>
</listitem>
<listitem>
<para>
Behave correctly if <literal>ORDER BY</>, <literal>LIMIT</>,
<literal>FOR UPDATE</>, or <literal>WITH</> is attached to the
<literal>VALUES</> part of <literal>INSERT ... VALUES</> (Tom Lane)
</para>
</listitem>
<listitem>
<para>
Fix constant-folding of <literal>COALESCE()</> expressions (Tom Lane)
</para>
<para>
The planner would sometimes attempt to evaluate sub-expressions that
in fact could never be reached, possibly leading to unexpected errors.
</para>
</listitem>
<listitem>
<para>
Fix postmaster crash when connection acceptance
(<function>accept()</> or one of the calls made immediately after it)
fails, and the postmaster was compiled with GSSAPI support (Alexander
Chernikov)
</para>
</listitem>
<listitem>
<para>
Fix missed unlink of temporary files when <varname>log_temp_files</>
is active (Tom Lane)
</para>
<para>
If an error occurred while attempting to emit the log message, the
unlink was not done, resulting in accumulation of temp files.
</para>
</listitem>
<listitem>
<para>
Add print functionality for <structname>InhRelation</> nodes (Tom Lane)
</para>
<para>
This avoids a failure when <varname>debug_print_parse</> is enabled
and certain types of query are executed.
</para>
</listitem>
<listitem>
<para>
Fix incorrect calculation of distance from a point to a horizontal
line segment (Tom Lane)
</para>
<para>
This bug affected several different geometric distance-measurement
operators.
</para>
</listitem>
<listitem>
<para>
Fix incorrect calculation of transaction status in
<application>ecpg</> (Itagaki Takahiro)
</para>
</listitem>
<listitem>
<para>
Fix <application>PL/pgSQL</>'s handling of <quote>simple</>
expressions to not fail in recursion or error-recovery cases (Tom Lane)
</para>
</listitem>
<listitem>
<para>
Fix <application>PL/Python</>'s handling of set-returning functions
(Jan Urbanski)
</para>
<para>
Attempts to call SPI functions within the iterator generating a set
result would fail.
</para>
</listitem>
<listitem>
<para>
Fix bug in <filename>contrib/cube</>'s GiST picksplit algorithm
(Alexander Korotkov)
</para>
<para>
This could result in considerable inefficiency, though not actually
incorrect answers, in a GiST index on a <type>cube</> column.
If you have such an index, consider <command>REINDEX</>ing it after
installing this update.
</para>
</listitem>
<listitem>
<para>
Don't emit <quote>identifier will be truncated</> notices in
<filename>contrib/dblink</> except when creating new connections
(Itagaki Takahiro)
</para>
</listitem>
<listitem>
<para>
Fix potential coredump on missing public key in
<filename>contrib/pgcrypto</> (Marti Raudsepp)
</para>
</listitem>
<listitem>
<para>
Fix memory leak in <filename>contrib/xml2</>'s XPath query functions
(Tom Lane)
</para>
</listitem>
<listitem>
<para>
Update time zone data files to <application>tzdata</> release 2010o
for DST law changes in Fiji and Samoa;
also historical corrections for Hong Kong.
</para>
</listitem>
</itemizedlist>
</sect2>
</sect1>
<sect1 id="release-8-4-5">
<title>Release 8.4.5</title>
<note>
<title>Release Date</title>
<simpara>2010-10-04</simpara>
</note>
<para>
This release contains a variety of fixes from 8.4.4.
For information about new features in the 8.4 major release, see
<xref linkend="release-8-4">.
</para>
<sect2>
<title>Migration to Version 8.4.5</title>
<para>
A dump/restore is not required for those running 8.4.X.
However, if you are upgrading from a version earlier than 8.4.2,
see <xref linkend="release-8-4-2">.
</para>
</sect2>
<sect2>
<title>Changes</title>
<itemizedlist>
<listitem>
<para>
Use a separate interpreter for each calling SQL userid in PL/Perl and
PL/Tcl (Tom Lane)
</para>
<para>
This change prevents security problems that can be caused by subverting
Perl or Tcl code that will be executed later in the same session under
another SQL user identity (for example, within a <literal>SECURITY
DEFINER</> function). Most scripting languages offer numerous ways that
that might be done, such as redefining standard functions or operators
called by the target function. Without this change, any SQL user with
Perl or Tcl language usage rights can do essentially anything with the
SQL privileges of the target function's owner.
</para>
<para>
The cost of this change is that intentional communication among Perl
and Tcl functions becomes more difficult. To provide an escape hatch,
PL/PerlU and PL/TclU functions continue to use only one interpreter
per session. This is not considered a security issue since all such
functions execute at the trust level of a database superuser already.
</para>
<para>
It is likely that third-party procedural languages that claim to offer
trusted execution have similar security issues. We advise contacting
the authors of any PL you are depending on for security-critical
purposes.
</para>
<para>
Our thanks to Tim Bunce for pointing out this issue (CVE-2010-3433).
</para>
</listitem>
<listitem>
<para>
Prevent possible crashes in <function>pg_get_expr()</> by disallowing
it from being called with an argument that is not one of the system
catalog columns it's intended to be used with
(Heikki Linnakangas, Tom Lane)
</para>
</listitem>
<listitem>
<para>
Treat exit code 128 (<literal>ERROR_WAIT_NO_CHILDREN</>) as non-fatal on
Windows (Magnus Hagander)
</para>
<para>
Under high load, Windows processes will sometimes fail at startup with
this error code. Formerly the postmaster treated this as a panic
condition and restarted the whole database, but that seems to be
an overreaction.
</para>
</listitem>
<listitem>
<para>
Fix incorrect placement of placeholder evaluation (Tom Lane)
</para>
<para>
This bug could result in query outputs being non-null when they
should be null, in cases where the inner side of an outer join
is a sub-select with non-strict expressions in its output list.
</para>
</listitem>
<listitem>
<para>
Fix possible duplicate scans of <literal>UNION ALL</> member relations
(Tom Lane)
</para>
</listitem>
<listitem>
<para>
Fix <quote>cannot handle unplanned sub-select</quote> error (Tom Lane)
</para>
<para>
This occurred when a sub-select contains a join alias reference that
expands into an expression containing another sub-select.
</para>
</listitem>
<listitem>
<para>
Fix mishandling of whole-row Vars that reference a view or sub-select
and appear within a nested sub-select (Tom Lane)
</para>
</listitem>
<listitem>
<para>
Fix mishandling of cross-type <literal>IN</> comparisons (Tom Lane)
</para>
<para>
This could result in failures if the planner tried to implement an
<literal>IN</> join with a sort-then-unique-then-plain-join plan.
</para>
</listitem>
<listitem>
<para>
Fix computation of <command>ANALYZE</> statistics for <type>tsvector</>
columns (Jan Urbanski)
</para>
<para>
The original coding could produce incorrect statistics, leading to
poor plan choices later.
</para>
</listitem>
<listitem>
<para>
Improve planner's estimate of memory used by <function>array_agg()</>,
<function>string_agg()</>, and similar aggregate functions
(Hitoshi Harada)
</para>
<para>
The previous drastic underestimate could lead to out-of-memory failures
due to inappropriate choice of a hash-aggregation plan.
</para>
</listitem>
<listitem>
<para>
Fix failure to mark cached plans as transient (Tom Lane)
</para>
<para>
If a plan is prepared while <command>CREATE INDEX CONCURRENTLY</> is
in progress for one of the referenced tables, it is supposed to be
re-planned once the index is ready for use. This was not happening
reliably.
</para>
</listitem>
<listitem>
<para>
Reduce PANIC to ERROR in some occasionally-reported btree failure cases,
and provide additional detail in the resulting error messages
(Tom Lane)
</para>
<para>
This should improve the system's robustness with corrupted indexes.
</para>
</listitem>
<listitem>
<para>
Fix incorrect search logic for partial-match queries with GIN indexes
(Tom Lane)
</para>
<para>
Cases involving AND/OR combination of several GIN index conditions
didn't always give the right answer, and were sometimes much slower
than necessary.
</para>
</listitem>
<listitem>
<para>
Prevent show_session_authorization() from crashing within autovacuum
processes (Tom Lane)
</para>
</listitem>
<listitem>
<para>
Defend against functions returning setof record where not all the
returned rows are actually of the same rowtype (Tom Lane)
</para>
</listitem>
<listitem>
<para>
Fix possible corruption of pending trigger event lists during
subtransaction rollback (Tom Lane)
</para>
<para>
This could lead to a crash or incorrect firing of triggers.
</para>
</listitem>
<listitem>
<para>
Fix possible failure when hashing a pass-by-reference function result
(Tao Ma, Tom Lane)
</para>
</listitem>
<listitem>
<para>
Improve merge join's handling of NULLs in the join columns (Tom Lane)
</para>
<para>
A merge join can now stop entirely upon reaching the first NULL,
if the sort order is such that NULLs sort high.
</para>
</listitem>
<listitem>
<para>
Take care to fsync the contents of lockfiles (both
<filename>postmaster.pid</> and the socket lockfile) while writing them
(Tom Lane)
</para>
<para>
This omission could result in corrupted lockfile contents if the
machine crashes shortly after postmaster start. That could in turn
prevent subsequent attempts to start the postmaster from succeeding,
until the lockfile is manually removed.
</para>
</listitem>
<listitem>
<para>
Avoid recursion while assigning XIDs to heavily-nested
subtransactions (Andres Freund, Robert Haas)
</para>
<para>
The original coding could result in a crash if there was limited
stack space.
</para>
</listitem>
<listitem>
<para>
Avoid holding open old WAL segments in the walwriter process
(Magnus Hagander, Heikki Linnakangas)
</para>
<para>
The previous coding would prevent removal of no-longer-needed segments.
</para>
</listitem>
<listitem>
<para>
Fix <varname>log_line_prefix</>'s <literal>%i</> escape,
which could produce junk early in backend startup (Tom Lane)
</para>
</listitem>
<listitem>
<para>
Prevent misinterpretation of partially-specified relation options
for TOAST tables (Itagaki Takahiro)
</para>
<para>
In particular, <literal>fillfactor</> would be read as zero if any
other reloption had been set for the table, leading to serious bloat.
</para>
</listitem>
<listitem>
<para>
Fix inheritance count tracking in <command>ALTER TABLE ... ADD
CONSTRAINT</> (Robert Haas)
</para>
</listitem>
<listitem>
<para>
Fix possible data corruption in <command>ALTER TABLE ... SET
TABLESPACE</> when archiving is enabled (Jeff Davis)
</para>
</listitem>
<listitem>
<para>
Allow <command>CREATE DATABASE</> and <command>ALTER DATABASE ... SET
TABLESPACE</> to be interrupted by query-cancel (Guillaume Lelarge)
</para>
</listitem>
<listitem>
<para>
Improve <command>CREATE INDEX</>'s checking of whether proposed index
expressions are immutable (Tom Lane)
</para>
</listitem>
<listitem>
<para>
Fix <command>REASSIGN OWNED</> to handle operator classes and families
(Asko Tiidumaa)
</para>
</listitem>
<listitem>
<para>
Fix possible core dump when comparing two empty <type>tsquery</> values
(Tom Lane)
</para>
</listitem>
<listitem>
<para>
Fix <literal>LIKE</>'s handling of patterns containing <literal>%</>
followed by <literal>_</> (Tom Lane)
</para>
<para>
We've fixed this before, but there were still some incorrectly-handled
cases.
</para>
</listitem>
<listitem>
<para>
Re-allow input of Julian dates prior to 0001-01-01 AD (Tom Lane)
</para>
<para>
Input such as <literal>'J100000'::date</> worked before 8.4,
but was unintentionally broken by added error-checking.
</para>
</listitem>
<listitem>
<para>
Fix PL/pgSQL to throw an error, not crash, if a cursor is closed within
a <literal>FOR</> loop that is iterating over that cursor
(Heikki Linnakangas)
</para>
</listitem>
<listitem>
<para>
In PL/Python, defend against null pointer results from
<function>PyCObject_AsVoidPtr</> and <function>PyCObject_FromVoidPtr</>
(Peter Eisentraut)
</para>
</listitem>
<listitem>
<para>
In <application>libpq</>, fix full SSL certificate verification for the
case where both <literal>host</> and <literal>hostaddr</> are specified
(Tom Lane)
</para>
</listitem>
<listitem>
<para>
Make psql recognize <command>DISCARD ALL</> as a command that should
not be encased in a transaction block in autocommit-off mode
(Itagaki Takahiro)
</para>
</listitem>
<listitem>
<para>
Fix some issues in <application>pg_dump</>'s handling of SQL/MED objects
(Tom Lane)
</para>
<para>
Notably, <application>pg_dump</> would always fail if run by a
non-superuser, which was not intended.
</para>
</listitem>
<listitem>
<para>
Improve <application>pg_dump</> and <application>pg_restore</>'s
handling of non-seekable archive files (Tom Lane, Robert Haas)
</para>
<para>
This is important for proper functioning of parallel restore.
</para>
</listitem>
<listitem>
<para>
Improve parallel pg_restore's ability to cope with selective restore
(<literal>-L</> option) (Tom Lane)
</para>
<para>
The original code tended to fail if the <literal>-L</> file commanded
a non-default restore ordering.
</para>
</listitem>
<listitem>
<para>
Fix <application>ecpg</> to process data from <literal>RETURNING</>
clauses correctly (Michael Meskes)
</para>
</listitem>
<listitem>
<para>
Fix some memory leaks in <application>ecpg</> (Zoltan Boszormenyi)
</para>
</listitem>
<listitem>
<para>
Improve <filename>contrib/dblink</>'s handling of tables containing
dropped columns (Tom Lane)
</para>
</listitem>
<listitem>
<para>
Fix connection leak after <quote>duplicate connection name</quote>
errors in <filename>contrib/dblink</> (Itagaki Takahiro)
</para>
</listitem>
<listitem>
<para>
Fix <filename>contrib/dblink</> to handle connection names longer than
62 bytes correctly (Itagaki Takahiro)
</para>
</listitem>
<listitem>
<para>
Add <function>hstore(text, text)</>
function to <filename>contrib/hstore</> (Robert Haas)
</para>
<para>
This function is the recommended substitute for the now-deprecated
<literal>=&gt;</> operator. It was back-patched so that future-proofed
code can be used with older server versions. Note that the patch will
be effective only after <filename>contrib/hstore</> is installed or
reinstalled in a particular database. Users might prefer to execute
the <command>CREATE FUNCTION</> command by hand, instead.
</para>
</listitem>
<listitem>
<para>
Update build infrastructure and documentation to reflect the source code
repository's move from CVS to Git (Magnus Hagander and others)
</para>
</listitem>
<listitem>
<para>
Update time zone data files to <application>tzdata</> release 2010l
for DST law changes in Egypt and Palestine; also historical corrections
for Finland.
</para>
<para>
This change also adds new names for two Micronesian timezones:
Pacific/Chuuk is now preferred over Pacific/Truk (and the preferred
abbreviation is CHUT not TRUT) and Pacific/Pohnpei is preferred over
Pacific/Ponape.
</para>
</listitem>
<listitem>
<para>
Make Windows' <quote>N. Central Asia Standard Time</> timezone map to
Asia/Novosibirsk, not Asia/Almaty (Magnus Hagander)
</para>
<para>
Microsoft changed the DST behavior of this zone in the timezone update
from KB976098. Asia/Novosibirsk is a better match to its new behavior.
</para>
</listitem>
</itemizedlist>
</sect2>
</sect1>
<sect1 id="release-8-4-4">
<title>Release 8.4.4</title>
<note>
<title>Release Date</title>
<simpara>2010-05-17</simpara>
</note>
<para>
This release contains a variety of fixes from 8.4.3.
For information about new features in the 8.4 major release, see
<xref linkend="release-8-4">.
</para>
<sect2>
<title>Migration to Version 8.4.4</title>
<para>
A dump/restore is not required for those running 8.4.X.
However, if you are upgrading from a version earlier than 8.4.2,
see <xref linkend="release-8-4-2">.
</para>
</sect2>
<sect2>
<title>Changes</title>
<itemizedlist>
<listitem>
<para>
Enforce restrictions in <literal>plperl</> using an opmask applied to
the whole interpreter, instead of using <filename>Safe.pm</>
(Tim Bunce, Andrew Dunstan)
</para>
<para>
Recent developments have convinced us that <filename>Safe.pm</> is too
insecure to rely on for making <literal>plperl</> trustable. This
change removes use of <filename>Safe.pm</> altogether, in favor of using
a separate interpreter with an opcode mask that is always applied.
Pleasant side effects of the change include that it is now possible to
use Perl's <literal>strict</> pragma in a natural way in
<literal>plperl</>, and that Perl's <literal>$a</> and <literal>$b</>
variables work as expected in sort routines, and that function
compilation is significantly faster. (CVE-2010-1169)
</para>
</listitem>
<listitem>
<para>
Prevent PL/Tcl from executing untrustworthy code from
<structname>pltcl_modules</> (Tom)
</para>
<para>
PL/Tcl's feature for autoloading Tcl code from a database table
could be exploited for trojan-horse attacks, because there was no
restriction on who could create or insert into that table. This change
disables the feature unless <structname>pltcl_modules</> is owned by a
superuser. (However, the permissions on the table are not checked, so
installations that really need a less-than-secure modules table can
still grant suitable privileges to trusted non-superusers.) Also,
prevent loading code into the unrestricted <quote>normal</> Tcl
interpreter unless we are really going to execute a <literal>pltclu</>
function. (CVE-2010-1170)
</para>
</listitem>
<listitem>
<para>
Fix data corruption during WAL replay of
<literal>ALTER ... SET TABLESPACE</> (Tom)
</para>
<para>
When <varname>archive_mode</> is on, <literal>ALTER ... SET TABLESPACE</>
generates a WAL record whose replay logic was incorrect. It could write
the data to the wrong place, leading to possibly-unrecoverable data
corruption. Data corruption would be observed on standby slaves, and
could occur on the master as well if a database crash and recovery
occurred after committing the <literal>ALTER</> and before the next
checkpoint.
</para>
</listitem>
<listitem>
<para>
Fix possible crash if a cache reset message is received during
rebuild of a relcache entry (Heikki)
</para>
<para>
This error was introduced in 8.4.3 while fixing a related failure.
</para>
</listitem>
<listitem>
<para>
Apply per-function GUC settings while running the language validator
for the function (Itagaki Takahiro)
</para>
<para>
This avoids failures if the function's code is invalid without the
setting; an example is that SQL functions may not parse if the
<varname>search_path</> is not correct.
</para>
</listitem>
<listitem>
<para>
Do constraint exclusion for inherited <command>UPDATE</> and
<command>DELETE</> target tables when
<varname>constraint_exclusion</> = <literal>partition</> (Tom)
</para>
<para>
Due to an oversight, this setting previously only caused constraint
exclusion to be checked in <command>SELECT</> commands.
</para>
</listitem>
<listitem>
<para>
Do not allow an unprivileged user to reset superuser-only parameter
settings (Alvaro)
</para>
<para>
Previously, if an unprivileged user ran <literal>ALTER USER ... RESET
ALL</> for himself, or <literal>ALTER DATABASE ... RESET ALL</> for
a database he owns, this would remove all special parameter settings
for the user or database, even ones that are only supposed to be
changeable by a superuser. Now, the <command>ALTER</> will only
remove the parameters that the user has permission to change.
</para>
</listitem>
<listitem>
<para>
Avoid possible crash during backend shutdown if shutdown occurs
when a <literal>CONTEXT</> addition would be made to log entries (Tom)
</para>
<para>
In some cases the context-printing function would fail because the
current transaction had already been rolled back when it came time
to print a log message.
</para>
</listitem>
<listitem>
<para>
Fix erroneous handling of <literal>%r</> parameter in
<varname>recovery_end_command</> (Heikki)
</para>
<para>
The value always came out zero.
</para>
</listitem>
<listitem>
<para>
Ensure the archiver process responds to changes in
<varname>archive_command</> as soon as possible (Tom)
</para>
</listitem>
<listitem>
<para>
Fix pl/pgsql's <literal>CASE</> statement to not fail when the
case expression is a query that returns no rows (Tom)
</para>
</listitem>
<listitem>
<para>
Update pl/perl's <filename>ppport.h</> for modern Perl versions
(Andrew)
</para>
</listitem>
<listitem>
<para>
Fix assorted memory leaks in pl/python (Andreas Freund, Tom)
</para>
</listitem>
<listitem>
<para>
Handle empty-string connect parameters properly in ecpg (Michael)
</para>
</listitem>
<listitem>
<para>
Prevent infinite recursion in <application>psql</> when expanding
a variable that refers to itself (Tom)
</para>
</listitem>
<listitem>
<para>
Fix <application>psql</>'s <literal>\copy</> to not add spaces around
a dot within <literal>\copy (select ...)</> (Tom)
</para>
<para>
Addition of spaces around the decimal point in a numeric literal would
result in a syntax error.
</para>
</listitem>
<listitem>
<para>
Avoid formatting failure in <application>psql</> when running in a
locale context that doesn't match the <varname>client_encoding</>
(Tom)
</para>
</listitem>
<listitem>
<para>
Fix unnecessary <quote>GIN indexes do not support whole-index scans</>
errors for unsatisfiable queries using <filename>contrib/intarray</>
operators (Tom)
</para>
</listitem>
<listitem>
<para>
Ensure that <filename>contrib/pgstattuple</> functions respond to cancel
interrupts promptly (Tatsuhito Kasahara)
</para>
</listitem>
<listitem>
<para>
Make server startup deal properly with the case that
<function>shmget()</> returns <literal>EINVAL</> for an existing
shared memory segment (Tom)
</para>
<para>
This behavior has been observed on BSD-derived kernels including OS X.
It resulted in an entirely-misleading startup failure complaining that
the shared memory request size was too large.
</para>
</listitem>
<listitem>
<para>
Avoid possible crashes in syslogger process on Windows (Heikki)
</para>
</listitem>
<listitem>
<para>
Deal more robustly with incomplete time zone information in the
Windows registry (Magnus)
</para>
</listitem>
<listitem>
<para>
Update the set of known Windows time zone names (Magnus)
</para>
</listitem>
<listitem>
<para>
Update time zone data files to <application>tzdata</> release 2010j
for DST law changes in Argentina, Australian Antarctic, Bangladesh,
Mexico, Morocco, Pakistan, Palestine, Russia, Syria, Tunisia;
also historical corrections for Taiwan.
</para>
<para>
Also, add <literal>PKST</> (Pakistan Summer Time) to the default set of
timezone abbreviations.
</para>
</listitem>
</itemizedlist>
</sect2>
</sect1>
<sect1 id="release-8-4-3">
<title>Release 8.4.3</title>
<note>
<title>Release Date</title>
<simpara>2010-03-15</simpara>
</note>
<para>
This release contains a variety of fixes from 8.4.2.
For information about new features in the 8.4 major release, see
<xref linkend="release-8-4">.
</para>
<sect2>
<title>Migration to Version 8.4.3</title>
<para>
A dump/restore is not required for those running 8.4.X.
However, if you are upgrading from a version earlier than 8.4.2,
see <xref linkend="release-8-4-2">.
</para>
</sect2>
<sect2>
<title>Changes</title>
<itemizedlist>
<listitem>
<para>
Add new configuration parameter <varname>ssl_renegotiation_limit</> to
control how often we do session key renegotiation for an SSL connection
(Magnus)
</para>
<para>
This can be set to zero to disable renegotiation completely, which may
be required if a broken SSL library is used. In particular, some
vendors are shipping stopgap patches for CVE-2009-3555 that cause
renegotiation attempts to fail.
</para>
</listitem>
<listitem>
<para>
Fix possible deadlock during backend startup (Tom)
</para>
</listitem>
<listitem>
<para>
Fix possible crashes due to not handling errors during relcache reload
cleanly (Tom)
</para>
</listitem>
<listitem>
<para>
Fix possible crash due to use of dangling pointer to a cached plan
(Tatsuo)
</para>
</listitem>
<listitem>
<para>
Fix possible crash due to overenthusiastic invalidation of cached
plan for <command>ROLLBACK</> (Tom)
</para>
</listitem>
<listitem>
<para>
Fix possible crashes when trying to recover from a failure in
subtransaction start (Tom)
</para>
</listitem>
<listitem>
<para>
Fix server memory leak associated with use of savepoints and a client
encoding different from server's encoding (Tom)
</para>
</listitem>
<listitem>
<para>
Fix incorrect WAL data emitted during end-of-recovery cleanup of a GIST
index page split (Yoichi Hirai)
</para>
<para>
This would result in index corruption, or even more likely an error
during WAL replay, if we were unlucky enough to crash during
end-of-recovery cleanup after having completed an incomplete GIST
insertion.
</para>
</listitem>
<listitem>
<para>
Fix bug in WAL redo cleanup method for GIN indexes (Heikki)
</para>
</listitem>
<listitem>
<para>
Fix incorrect comparison of scan key in GIN index search (Teodor)
</para>
</listitem>
<listitem>
<para>
Make <function>substring()</> for <type>bit</> types treat any negative
length as meaning <quote>all the rest of the string</> (Tom)
</para>
<para>
The previous coding treated only -1 that way, and would produce an
invalid result value for other negative values, possibly leading to
a crash (CVE-2010-0442).
</para>
</listitem>
<listitem>
<para>
Fix integer-to-bit-string conversions to handle the first fractional
byte correctly when the output bit width is wider than the given
integer by something other than a multiple of 8 bits (Tom)
</para>
</listitem>
<listitem>
<para>
Fix some cases of pathologically slow regular expression matching (Tom)
</para>
</listitem>
<listitem>
<para>
Fix bug occurring when trying to inline a SQL function that returns
a set of a composite type that contains dropped columns (Tom)
</para>
</listitem>
<listitem>
<para>
Fix bug with trying to update a field of an element of a
composite-type array column (Tom)
</para>
</listitem>
<listitem>
<para>
Avoid failure when <command>EXPLAIN</> has to print a FieldStore or
assignment ArrayRef expression (Tom)
</para>
<para>
These cases can arise now that <command>EXPLAIN VERBOSE</> tries to
print plan node target lists.
</para>
</listitem>
<listitem>
<para>
Avoid an unnecessary coercion failure in some cases where an undecorated
literal string appears in a subquery within
<command>UNION</>/<command>INTERSECT</>/<command>EXCEPT</> (Tom)
</para>
<para>
This fixes a regression for some cases that worked before 8.4.
</para>
</listitem>
<listitem>
<para>
Avoid undesirable rowtype compatibility check failures in some cases
where a whole-row Var has a rowtype that contains dropped columns (Tom)
</para>
</listitem>
<listitem>
<para>
Fix the <literal>STOP WAL LOCATION</> entry in backup history files to
report the next WAL segment's name when the end location is exactly at a
segment boundary (Itagaki Takahiro)
</para>
</listitem>
<listitem>
<para>
Always pass the catalog ID to an option validator function specified in
<command>CREATE FOREIGN DATA WRAPPER</> (Martin Pihlak)
</para>
</listitem>
<listitem>
<para>
Fix some more cases of temporary-file leakage (Heikki)
</para>
<para>
This corrects a problem introduced in the previous minor release.
One case that failed is when a plpgsql function returning set is
called within another function's exception handler.
</para>
</listitem>
<listitem>
<para>
Add support for doing <literal>FULL JOIN ON FALSE</> (Tom)
</para>
<para>
This prevents a regression from pre-8.4 releases for some queries that
can now be simplified to a constant-false join condition.
</para>
</listitem>
<listitem>
<para>
Improve constraint exclusion processing of boolean-variable cases,
in particular make it possible to exclude a partition that has a
<quote>bool_column = false</> constraint (Tom)
</para>
</listitem>
<listitem>
<para>
Prevent treating an <literal>INOUT</> cast as representing binary
compatibility (Heikki)
</para>
</listitem>
<listitem>
<para>
Include column name in the message when warning about inability to
grant or revoke column-level privileges (Stephen Frost)
</para>
<para>
This is more useful than before and helps to prevent confusion when
a <command>REVOKE</> generates multiple messages, which formerly
appeared to be duplicates.
</para>
</listitem>
<listitem>
<para>
When reading <filename>pg_hba.conf</> and related files, do not treat
<literal>@something</> as a file inclusion request if the <literal>@</>
appears inside quote marks; also, never treat <literal>@</> by itself
as a file inclusion request (Tom)
</para>
<para>
This prevents erratic behavior if a role or database name starts with
<literal>@</>. If you need to include a file whose path name
contains spaces, you can still do so, but you must write
<literal>@"/path to/file"</> rather than putting the quotes around
the whole construct.
</para>
</listitem>
<listitem>
<para>
Prevent infinite loop on some platforms if a directory is named as
an inclusion target in <filename>pg_hba.conf</> and related files
(Tom)
</para>
</listitem>
<listitem>
<para>
Fix possible infinite loop if <function>SSL_read</> or
<function>SSL_write</> fails without setting <varname>errno</> (Tom)
</para>
<para>
This is reportedly possible with some Windows versions of
<application>openssl</>.
</para>
</listitem>
<listitem>
<para>
Disallow <acronym>GSSAPI</> authentication on local connections,
since it requires a hostname to function correctly (Magnus)
</para>
</listitem>
<listitem>
<para>
Protect <application>ecpg</> against applications freeing strings
unexpectedly (Michael)
</para>
</listitem>
<listitem>
<para>
Make <application>ecpg</> report the proper SQLSTATE if the connection
disappears (Michael)
</para>
</listitem>
<listitem>
<para>
Fix translation of cell contents in <application>psql</> <literal>\d</>
output (Heikki)
</para>
</listitem>
<listitem>
<para>
Fix <application>psql</>'s <literal>numericlocale</> option to not
format strings it shouldn't in latex and troff output formats (Heikki)
</para>
</listitem>
<listitem>
<para>
Fix a small per-query memory leak in <application>psql</> (Tom)
</para>
</listitem>
<listitem>
<para>
Make <application>psql</> return the correct exit status (3) when
<literal>ON_ERROR_STOP</> and <literal>--single-transaction</> are
both specified and an error occurs during the implied <command>COMMIT</>
(Bruce)
</para>
</listitem>
<listitem>
<para>
Fix <application>pg_dump</>'s output of permissions for foreign servers
(Heikki)
</para>
</listitem>
<listitem>
<para>
Fix possible crash in parallel <application>pg_restore</> due to
out-of-range dependency IDs (Tom)
</para>
</listitem>
<listitem>
<para>
Fix plpgsql failure in one case where a composite column is set to NULL
(Tom)
</para>
</listitem>
<listitem>
<para>
Fix possible failure when calling PL/Perl functions from PL/PerlU
or vice versa (Tim Bunce)
</para>
</listitem>
<listitem>
<para>
Add <literal>volatile</> markings in PL/Python to avoid possible
compiler-specific misbehavior (Zdenek Kotala)
</para>
</listitem>
<listitem>
<para>
Ensure PL/Tcl initializes the Tcl interpreter fully (Tom)
</para>
<para>
The only known symptom of this oversight is that the Tcl
<literal>clock</> command misbehaves if using Tcl 8.5 or later.
</para>
</listitem>
<listitem>
<para>
Prevent <function>ExecutorEnd</> from being run on portals created
within a failed transaction or subtransaction (Tom)
</para>
<para>
This is known to cause issues when using
<filename>contrib/auto_explain</>.
</para>
</listitem>
<listitem>
<para>
Prevent crash in <filename>contrib/dblink</> when too many key
columns are specified to a <function>dblink_build_sql_*</> function
(Rushabh Lathia, Joe Conway)
</para>
</listitem>
<listitem>
<para>
Allow zero-dimensional arrays in <filename>contrib/ltree</> operations
(Tom)
</para>
<para>
This case was formerly rejected as an error, but it's more convenient to
treat it the same as a zero-element array. In particular this avoids
unnecessary failures when an <type>ltree</> operation is applied to the
result of <literal>ARRAY(SELECT ...)</> and the sub-select returns no
rows.
</para>
</listitem>
<listitem>
<para>
Fix assorted crashes in <filename>contrib/xml2</> caused by sloppy
memory management (Tom)
</para>
</listitem>
<listitem>
<para>
Make building of <filename>contrib/xml2</> more robust on Windows
(Andrew)
</para>
</listitem>
<listitem>
<para>
Fix race condition in Windows signal handling (Radu Ilie)
</para>
<para>
One known symptom of this bug is that rows in <structname>pg_listener</>
could be dropped under heavy load.
</para>
</listitem>
<listitem>
<para>
Make the configure script report failure if the C compiler does
not provide a working 64-bit integer datatype (Tom)
</para>
<para>
This case has been broken for some time, and no longer seems worth
supporting, so just reject it at configure time instead.
</para>
</listitem>
<listitem>
<para>
Update time zone data files to <application>tzdata</> release 2010e
for DST law changes in Bangladesh, Chile, Fiji, Mexico, Paraguay, Samoa.
</para>
</listitem>
</itemizedlist>
</sect2>
</sect1>
<sect1 id="release-8-4-2">
<title>Release 8.4.2</title>
<note>
<title>Release Date</title>
<simpara>2009-12-14</simpara>
</note>
<para>
This release contains a variety of fixes from 8.4.1.
For information about new features in the 8.4 major release, see
<xref linkend="release-8-4">.
</para>
<sect2>
<title>Migration to Version 8.4.2</title>
<para>
A dump/restore is not required for those running 8.4.X.
However, if you have any hash indexes,
you should <command>REINDEX</> them after updating to 8.4.2,
to repair possible damage.
</para>
</sect2>
<sect2>
<title>Changes</title>
<itemizedlist>
<listitem>
<para>
Protect against indirect security threats caused by index functions
changing session-local state (Gurjeet Singh, Tom)
</para>
<para>
This change prevents allegedly-immutable index functions from possibly
subverting a superuser's session (CVE-2009-4136).
</para>
</listitem>
<listitem>
<para>
Reject SSL certificates containing an embedded null byte in the common
name (CN) field (Magnus)
</para>
<para>
This prevents unintended matching of a certificate to a server or client
name during SSL validation (CVE-2009-4034).
</para>
</listitem>
<listitem>
<para>
Fix hash index corruption (Tom)
</para>
<para>
The 8.4 change that made hash indexes keep entries sorted by hash value
failed to update the bucket splitting and compaction routines to
preserve the ordering. So application of either of those operations
could lead to permanent corruption of an index, in the sense that
searches might fail to find entries that are present. To deal with
this, it is recommended to <literal>REINDEX</> any hash indexes you may
have after installing this update.
</para>
</listitem>
<listitem>
<para>
Fix possible crash during backend-startup-time cache initialization (Tom)
</para>
</listitem>
<listitem>
<para>
Avoid crash on empty thesaurus dictionary (Tom)
</para>
</listitem>
<listitem>
<para>
Prevent signals from interrupting <literal>VACUUM</> at unsafe times
(Alvaro)
</para>
<para>
This fix prevents a PANIC if a <literal>VACUUM FULL</> is canceled
after it's already committed its tuple movements, as well as transient
errors if a plain <literal>VACUUM</> is interrupted after having
truncated the table.
</para>
</listitem>
<listitem>
<para>
Fix possible crash due to integer overflow in hash table size
calculation (Tom)
</para>
<para>
This could occur with extremely large planner estimates for the size of
a hashjoin's result.
</para>
</listitem>
<listitem>
<para>
Fix crash if a <literal>DROP</> is attempted on an internally-dependent
object (Tom)
</para>
</listitem>
<listitem>
<para>
Fix very rare crash in <type>inet</>/<type>cidr</> comparisons (Chris
Mikkelson)
</para>
</listitem>
<listitem>
<para>
Ensure that shared tuple-level locks held by prepared transactions are
not ignored (Heikki)
</para>
</listitem>
<listitem>
<para>
Fix premature drop of temporary files used for a cursor that is accessed
within a subtransaction (Heikki)
</para>
</listitem>
<listitem>
<para>
Fix memory leak in syslogger process when rotating to a new CSV logfile
(Tom)
</para>
</listitem>
<listitem>
<para>
Fix memory leak in postmaster when re-parsing <filename>pg_hba.conf</>
(Tom)
</para>
</listitem>
<listitem>
<para>
Fix Windows permission-downgrade logic (Jesse Morris)
</para>
<para>
This fixes some cases where the database failed to start on Windows,
often with misleading error messages such as <quote>could not locate
matching postgres executable</quote>.
</para>
</listitem>
<listitem>
<para>
Make <literal>FOR UPDATE/SHARE</> in the primary query not propagate
into <literal>WITH</> queries (Tom)
</para>
<para>
For example, in
<programlisting>
WITH w AS (SELECT * FROM foo) SELECT * FROM w, bar ... FOR UPDATE
</programlisting>
the <literal>FOR UPDATE</> will now affect <literal>bar</> but not
<literal>foo</>. This is more useful and consistent than the original
8.4 behavior, which tried to propagate <literal>FOR UPDATE</> into the
<literal>WITH</> query but always failed due to assorted implementation
restrictions. It also follows the design rule that <literal>WITH</>
queries are executed as if independent of the main query.
</para>
</listitem>
<listitem>
<para>
Fix bug with a <literal>WITH RECURSIVE</> query immediately inside
another one (Tom)
</para>
</listitem>
<listitem>
<para>
Fix concurrency bug in hash indexes (Tom)
</para>
<para>
Concurrent insertions could cause index scans to transiently report
wrong results.
</para>
</listitem>
<listitem>
<para>
Fix incorrect logic for GiST index page splits, when the split depends
on a non-first column of the index (Paul Ramsey)
</para>
</listitem>
<listitem>
<para>
Fix wrong search results for a multi-column GIN index with
<literal>fastupdate</> enabled (Teodor)
</para>
</listitem>
<listitem>
<para>
Fix bugs in WAL entry creation for GIN indexes (Tom)
</para>
<para>
These bugs were masked when <varname>full_page_writes</> was on, but
with it off a WAL replay failure was certain if a crash occurred before
the next checkpoint.
</para>
</listitem>
<listitem>
<para>
Don't error out if recycling or removing an old WAL file fails at the
end of checkpoint (Heikki)
</para>
<para>
It's better to treat the problem as non-fatal and allow the checkpoint
to complete. Future checkpoints will retry the removal. Such problems
are not expected in normal operation, but have been seen to be
caused by misdesigned Windows anti-virus and backup software.
</para>
</listitem>
<listitem>
<para>
Ensure WAL files aren't repeatedly archived on Windows (Heikki)
</para>
<para>
This is another symptom that could happen if some other process
interfered with deletion of a no-longer-needed file.
</para>
</listitem>
<listitem>
<para>
Fix PAM password processing to be more robust (Tom)
</para>
<para>
The previous code is known to fail with the combination of the Linux
<literal>pam_krb5</> PAM module with Microsoft Active Directory as the
domain controller. It might have problems elsewhere too, since it was
making unjustified assumptions about what arguments the PAM stack would
pass to it.
</para>
</listitem>
<listitem>
<para>
Raise the maximum authentication token (Kerberos ticket) size in GSSAPI
and SSPI authentication methods (Ian Turner)
</para>
<para>
While the old 2000-byte limit was more than enough for Unix Kerberos
implementations, tickets issued by Windows Domain Controllers can be
much larger.
</para>
</listitem>
<listitem>
<para>
Ensure that domain constraints are enforced in constructs like
<literal>ARRAY[...]::domain</>, where the domain is over an array type
(Heikki)
</para>
</listitem>
<listitem>
<para>
Fix foreign-key logic for some cases involving composite-type columns
as foreign keys (Tom)
</para>
</listitem>
<listitem>
<para>
Ensure that a cursor's snapshot is not modified after it is created
(Alvaro)
</para>
<para>
This could lead to a cursor delivering wrong results if later operations
in the same transaction modify the data the cursor is supposed to return.
</para>
</listitem>
<listitem>
<para>
Fix <literal>CREATE TABLE</> to properly merge default expressions
coming from different inheritance parent tables (Tom)
</para>
<para>
This used to work but was broken in 8.4.
</para>
</listitem>
<listitem>
<para>
Re-enable collection of access statistics for sequences (Akira Kurosawa)
</para>
<para>
This used to work but was broken in 8.3.
</para>
</listitem>
<listitem>
<para>
Fix processing of ownership dependencies during <literal>CREATE OR
REPLACE FUNCTION</> (Tom)
</para>
</listitem>
<listitem>
<para>
Fix incorrect handling of <literal>WHERE</>
<replaceable>x</>=<replaceable>x</> conditions (Tom)
</para>
<para>
In some cases these could get ignored as redundant, but they aren't
&mdash; they're equivalent to <replaceable>x</> <literal>IS NOT NULL</>.
</para>
</listitem>
<listitem>
<para>
Fix incorrect plan construction when using hash aggregation to implement
<literal>DISTINCT</> for textually identical volatile expressions (Tom)
</para>
</listitem>
<listitem>
<para>
Fix Assert failure for a volatile <literal>SELECT DISTINCT ON</>
expression (Tom)
</para>
</listitem>
<listitem>
<para>
Fix <function>ts_stat()</> to not fail on an empty <type>tsvector</>
value (Tom)
</para>
</listitem>
<listitem>
<para>
Make text search parser accept underscores in XML attributes (Peter)
</para>
</listitem>
<listitem>
<para>
Fix encoding handling in <type>xml</> binary input (Heikki)
</para>
<para>
If the XML header doesn't specify an encoding, we now assume UTF-8 by
default; the previous handling was inconsistent.
</para>
</listitem>
<listitem>
<para>
Fix bug with calling <literal>plperl</> from <literal>plperlu</> or vice
versa (Tom)
</para>
<para>
An error exit from the inner function could result in crashes due to
failure to re-select the correct Perl interpreter for the outer function.
</para>
</listitem>
<listitem>
<para>
Fix session-lifespan memory leak when a PL/Perl function is redefined
(Tom)
</para>
</listitem>
<listitem>
<para>
Ensure that Perl arrays are properly converted to
<productname>PostgreSQL</> arrays when returned by a set-returning
PL/Perl function (Andrew Dunstan, Abhijit Menon-Sen)
</para>
<para>
This worked correctly already for non-set-returning functions.
</para>
</listitem>
<listitem>
<para>
Fix rare crash in exception processing in PL/Python (Peter)
</para>
</listitem>
<listitem>
<para>
Fix <application>ecpg</> problem with comments in <literal>DECLARE
CURSOR</> statements (Michael)
</para>
</listitem>
<listitem>
<para>
Fix <application>ecpg</> to not treat recently-added keywords as
reserved words (Tom)
</para>
<para>
This affected the keywords <literal>CALLED</>, <literal>CATALOG</>,
<literal>DEFINER</>, <literal>ENUM</>, <literal>FOLLOWING</>,
<literal>INVOKER</>, <literal>OPTIONS</>, <literal>PARTITION</>,
<literal>PRECEDING</>, <literal>RANGE</>, <literal>SECURITY</>,
<literal>SERVER</>, <literal>UNBOUNDED</>, and <literal>WRAPPER</>.
</para>
</listitem>
<listitem>
<para>
Re-allow regular expression special characters in <application>psql</>'s
<literal>\df</> function name parameter (Tom)
</para>
</listitem>
<listitem>
<para>
In <filename>contrib/fuzzystrmatch</>, correct the calculation of
<function>levenshtein</> distances with non-default costs (Marcin Mank)
</para>
</listitem>
<listitem>
<para>
In <filename>contrib/pg_standby</>, disable triggering failover with a
signal on Windows (Fujii Masao)
</para>
<para>
This never did anything useful, because Windows doesn't have Unix-style
signals, but recent changes made it actually crash.
</para>
</listitem>
<listitem>
<para>
Put <literal>FREEZE</> and <literal>VERBOSE</> options in the right
order in the <literal>VACUUM</> command that
<filename>contrib/vacuumdb</> produces (Heikki)
</para>
</listitem>
<listitem>
<para>
Fix possible leak of connections when <filename>contrib/dblink</>
encounters an error (Tatsuhito Kasahara)
</para>
</listitem>
<listitem>
<para>
Ensure <application>psql</>'s flex module is compiled with the correct
system header definitions (Tom)
</para>
<para>
This fixes build failures on platforms where
<literal>--enable-largefile</> causes incompatible changes in the
generated code.
</para>
</listitem>
<listitem>
<para>
Make the postmaster ignore any <literal>application_name</> parameter in
connection request packets, to improve compatibility with future libpq
versions (Tom)
</para>
</listitem>
<listitem>
<para>
Update the timezone abbreviation files to match current reality (Joachim
Wieland)
</para>
<para>
This includes adding <literal>IDT</> to the default
timezone abbreviation set.
</para>
</listitem>
<listitem>
<para>
Update time zone data files to <application>tzdata</> release 2009s
for DST law changes in Antarctica, Argentina, Bangladesh, Fiji,
Novokuznetsk, Pakistan, Palestine, Samoa, Syria; also historical
corrections for Hong Kong.
</para>
</listitem>
</itemizedlist>
</sect2>
</sect1>
<sect1 id="release-8-4-1">
<title>Release 8.4.1</title>
<note>
<title>Release Date</title>
<simpara>2009-09-09</simpara>
</note>
<para>
This release contains a variety of fixes from 8.4.
For information about new features in the 8.4 major release, see
<xref linkend="release-8-4">.
</para>
<sect2>
<title>Migration to Version 8.4.1</title>
<para>
A dump/restore is not required for those running 8.4.X.
</para>
</sect2>
<sect2>
<title>Changes</title>
<itemizedlist>
<listitem>
<para>
Fix WAL page header initialization at the end of archive recovery
(Heikki)
</para>
<para>
This could lead to failure to process the WAL in a subsequent
archive recovery.
</para>
</listitem>
<listitem>
<para>
Fix <quote>cannot make new WAL entries during recovery</> error (Tom)
</para>
</listitem>
<listitem>
<para>
Fix problem that could make expired rows visible after a crash (Tom)
</para>
<para>
This bug involved a page status bit potentially not being set
correctly after a server crash.
</para>
</listitem>
<listitem>
<para>
Disallow <command>RESET ROLE</> and <command>RESET SESSION
AUTHORIZATION</> inside security-definer functions (Tom, Heikki)
</para>
<para>
This covers a case that was missed in the previous patch that
disallowed <command>SET ROLE</> and <command>SET SESSION
AUTHORIZATION</> inside security-definer functions.
(See CVE-2007-6600)
</para>
</listitem>
<listitem>
<para>
Make <command>LOAD</> of an already-loaded loadable module
into a no-op (Tom)
</para>
<para>
Formerly, <command>LOAD</> would attempt to unload and re-load the
module, but this is unsafe and not all that useful.
</para>
</listitem>
<listitem>
<para>
Make window function <literal>PARTITION BY</> and <literal>ORDER BY</>
items always be interpreted as simple expressions (Tom)
</para>
<para>
In 8.4.0 these lists were parsed following the rules used for
top-level <literal>GROUP BY</> and <literal>ORDER BY</> lists.
But this was not correct per the SQL standard, and it led to possible
circularity.
</para>
</listitem>
<listitem>
<para>
Fix several errors in planning of semi-joins (Tom)
</para>
<para>
These led to wrong query results in some cases where <literal>IN</>
or <literal>EXISTS</> was used together with another join.
</para>
</listitem>
<listitem>
<para>
Fix handling of whole-row references to subqueries that are within
an outer join (Tom)
</para>
<para>
An example is
<literal>SELECT COUNT(ss.*) FROM ... LEFT JOIN (SELECT ...) ss ON ...</>.
Here, <literal>ss.*</> would be treated as <literal>ROW(NULL,NULL,...)</>
for null-extended join rows, which is not the same as a simple NULL.
Now it is treated as a simple NULL.
</para>
</listitem>
<listitem>
<para>
Fix Windows shared-memory allocation code (Tsutomu Yamada, Magnus)
</para>
<para>
This bug led to the often-reported <quote>could not reattach
to shared memory</> error message.
</para>
</listitem>
<listitem>
<para>
Fix locale handling with plperl (Heikki)
</para>
<para>
This bug could cause the server's locale setting to change when a
plperl function is called, leading to data corruption.
</para>
</listitem>
<listitem>
<para>
Fix handling of reloptions to ensure setting one option doesn't
force default values for others (Itagaki Takahiro)
</para>
</listitem>
<listitem>
<para>
Ensure that a <quote>fast shutdown</> request will forcibly terminate
open sessions, even if a <quote>smart shutdown</> was already in progress
(Fujii Masao)
</para>
</listitem>
<listitem>
<para>
Avoid memory leak for <function>array_agg()</> in <literal>GROUP BY</>
queries (Tom)
</para>
</listitem>
<listitem>
<para>
Treat <function>to_char(..., 'TH')</> as an uppercase ordinal
suffix with <literal>'HH'</>/<literal>'HH12'</> (Heikki)
</para>
<para>
It was previously handled as <literal>'th'</> (lowercase).
</para>
</listitem>
<listitem>
<para>
Include the fractional part in the result of
<function>EXTRACT(second)</> and
<function>EXTRACT(milliseconds)</> for
<type>time</> and <type>time with time zone</> inputs (Tom)
</para>
<para>
This has always worked for floating-point datetime configurations,
but was broken in the integer datetime code.
</para>
</listitem>
<listitem>
<para>
Fix overflow for <literal>INTERVAL '<replaceable>x</> ms'</literal>
when <replaceable>x</> is more than 2 million and integer
datetimes are in use (Alex Hunsaker)
</para>
</listitem>
<listitem>
<para>
Improve performance when processing toasted values in index scans (Tom)
</para>
<para>
This is particularly useful for <ulink
url="http://postgis.refractions.net/">PostGIS</ulink>.
</para>
</listitem>
<listitem>
<para>
Fix a typo that disabled <varname>commit_delay</> (Jeff Janes)
</para>
</listitem>
<listitem>
<para>
Output early-startup messages to <filename>postmaster.log</> if the
server is started in silent mode (Tom)
</para>
<para>
Previously such error messages were discarded, leading to
difficulty in debugging.
</para>
</listitem>
<listitem>
<para>
Remove translated FAQs (Peter)
</para>
<para>
They are now on the <ulink
url="http://wiki.postgresql.org/wiki/FAQ">wiki</ulink>. The
main FAQ was moved to the wiki some time ago.
</para>
</listitem>
<listitem>
<para>
Fix <application>pg_ctl</> to not go into an infinite loop if
<filename>postgresql.conf</> is empty (Jeff Davis)
</para>
</listitem>
<listitem>
<para>
Fix several errors in <application>pg_dump</>'s
<literal>--binary-upgrade</> mode (Bruce, Tom)
</para>
<para>
<literal>pg_dump --binary-upgrade</> is used by pg_migrator.
</para>
</listitem>
<listitem>
<para>
Fix <filename>contrib/xml2</>'s <function>xslt_process()</> to
properly handle the maximum number of parameters (twenty) (Tom)
</para>
</listitem>
<listitem>
<para>
Improve robustness of <application>libpq</>'s code to recover
from errors during <command>COPY FROM STDIN</> (Tom)
</para>
</listitem>
<listitem>
<para>
Avoid including conflicting readline and editline header files
when both libraries are installed (Zdenek Kotala)
</para>
</listitem>
<listitem>
<para>
Work around gcc bug that causes <quote>floating-point exception</>
instead of <quote>division by zero</> on some platforms (Tom)
</para>
</listitem>
<listitem>
<para>
Update time zone data files to <application>tzdata</> release 2009l
for DST law changes in Bangladesh, Egypt, Mauritius.
</para>
</listitem>
</itemizedlist>
</sect2>
</sect1>
<sect1 id="release-8-4">
<title>Release 8.4</title>
<note>
<title>Release Date</title>
<simpara>2009-07-01</simpara>
</note>
<sect2>
<title>Overview</title>
<para>
After many years of development, <productname>PostgreSQL</> has
become feature-complete in many areas. This release shows a
targeted approach to adding features (e.g., authentication,
monitoring, space reuse), and adds capabilities defined in the
later SQL standards. The major areas of enhancement are:
</para>
<itemizedlist>
<!-- This list duplicates items below, but without authors or details-->
<listitem>
<para>
Windowing Functions
</para>
</listitem>
<listitem>
<para>
Common Table Expressions and Recursive Queries
</para>
</listitem>
<listitem>
<para>
Default and variadic parameters for functions
</para>
</listitem>
<listitem>
<para>
Parallel Restore
</para>
</listitem>
<listitem>
<para>
Column Permissions
</para>
</listitem>
<listitem>
<para>
Per-database locale settings
</para>
</listitem>
<listitem>
<para>
Improved hash indexes
</para>
</listitem>
<listitem>
<para>
Improved join performance for <literal>EXISTS</> and <literal>NOT EXISTS</> queries
</para>
</listitem>
<listitem>
<para>
Easier-to-use Warm Standby
</para>
</listitem>
<listitem>
<para>
Automatic sizing of the Free Space Map
</para>
</listitem>
<listitem>
<para>
Visibility Map (greatly reduces vacuum overhead for slowly-changing tables)
</para>
</listitem>
<listitem>
<para>
Version-aware psql (backslash commands work against older servers)
</para>
</listitem>
<listitem>
<para>
Support SSL certificates for user authentication
</para>
</listitem>
<listitem>
<para>
Per-function runtime statistics
</para>
</listitem>
<listitem>
<para>
Easy editing of functions in psql
</para>
</listitem>
<listitem>
<para>
New contrib modules: pg_stat_statements, auto_explain, citext, btree_gin
</para>
</listitem>
</itemizedlist>
<para>
The above items are explained in more detail in the sections below.
</para>
</sect2>
<sect2>
<title>Migration to Version 8.4</title>
<para>
A dump/restore using <application>pg_dump</application> is
required for those wishing to migrate data from any previous
release.
</para>
<para>
Observe the following incompatibilities:
</para>
<sect3>
<title>General</title>
<itemizedlist>
<listitem>
<para>
Use 64-bit integer datetimes by default (Neil Conway)
</para>
<para>
Previously this was selected by <application>configure</>'s
<option>--enable-integer-datetimes</> option. To retain
the old behavior, build with <option>--disable-integer-datetimes</>.
</para>
</listitem>
<listitem>
<para>
Remove <application>ipcclean</> utility command (Bruce)
</para>
<para>
The utility only worked on a few platforms. Users should use
their operating system tools instead.
</para>
</listitem>
</itemizedlist>
</sect3>
<sect3>
<title>Server Settings</title>
<itemizedlist>
<listitem>
<para>
Change default setting for
<literal>log_min_messages</> to <literal>warning</> (previously
it was <literal>notice</>) to reduce log file volume (Tom)
</para>
</listitem>
<listitem>
<para>
Change default setting for <literal>max_prepared_transactions</> to
zero (previously it was 5) (Tom)
</para>
</listitem>
<listitem>
<para>
Make <literal>debug_print_parse</>, <literal>debug_print_rewritten</>,
and <literal>debug_print_plan</>
output appear at <literal>LOG</> message level, not
<literal>DEBUG1</> as formerly (Tom)
</para>
</listitem>
<listitem>
<para>
Make <literal>debug_pretty_print</> default to <literal>on</> (Tom)
</para>
</listitem>
<listitem>
<para>
Remove <varname>explain_pretty_print</> parameter (no longer needed) (Tom)
</para>
</listitem>
<listitem>
<para>
Make <varname>log_temp_files</> settable by superusers only, like other
logging options (Simon Riggs)
</para>
</listitem>
<listitem>
<para>
Remove automatic appending of the epoch timestamp when no <literal>%</>
escapes are present in <literal>log_filename</> (Robert Haas)
</para>
<para>
This change was made because some users wanted a fixed log filename,
for use with an external log rotation tool.
</para>
</listitem>
<listitem>
<para>
Remove <varname>log_restartpoints</> from <filename>recovery.conf</>;
instead use <varname>log_checkpoints</> (Simon)
</para>
</listitem>
<listitem>
<para>
Remove <varname>krb_realm</> and <varname>krb_server_hostname</>;
these are now set in <filename>pg_hba.conf</> instead (Magnus)
</para>
</listitem>
<listitem>
<para>
There are also significant changes in <link
linkend="release-8-4-pg-hba-conf"><filename>pg_hba.conf</></link>,
as described below.
</para>
</listitem>
</itemizedlist>
</sect3>
<sect3>
<title>Queries</title>
<itemizedlist>
<listitem>
<para>
Change <command>TRUNCATE</> and <command>LOCK</> to
apply to child tables of the specified table(s) (Peter)
</para>
<para>
These commands now accept an <literal>ONLY</> option that prevents
processing child tables; this option must be used if the old
behavior is needed.
</para>
</listitem>
<listitem>
<para>
<command>SELECT DISTINCT</> and
<literal>UNION</>/<literal>INTERSECT</>/<literal>EXCEPT</>
no longer always produce sorted output (Tom)
</para>
<para>
Previously, these types of queries always removed duplicate rows
by means of Sort/Unique processing (i.e., sort then remove adjacent
duplicates). Now they can be implemented by hashing, which will not
produce sorted output. If an application relied on the output being
in sorted order, the recommended fix is to add an <literal>ORDER BY</>
clause. As a short-term workaround, the previous behavior can be
restored by disabling <literal>enable_hashagg</>, but that is a very
performance-expensive fix. <literal>SELECT DISTINCT ON</> never uses
hashing, however, so its behavior is unchanged.
</para>
</listitem>
<listitem>
<para>
Force child tables to inherit <literal>CHECK</> constraints from parents
(Alex Hunsaker, Nikhil Sontakke, Tom)
</para>
<para>
Formerly it was possible to drop such a constraint from a child
table, allowing rows that violate the constraint to be visible
when scanning the parent table. This was deemed inconsistent,
as well as contrary to SQL standard.
</para>
</listitem>
<listitem>
<para>
Disallow negative <literal>LIMIT</> or <literal>OFFSET</>
values, rather than treating them as zero (Simon)
</para>
</listitem>
<listitem>
<para>
Disallow <command>LOCK TABLE</> outside a transaction block
(Tom)
</para>
<para>
Such an operation is useless because the lock would be released
immediately.
</para>
</listitem>
<listitem>
<para>
Sequences now contain an additional <structfield>start_value</> column
(Zoltan Boszormenyi)
</para>
<para>
This supports <command>ALTER SEQUENCE ... RESTART</>.
</para>
</listitem>
</itemizedlist>
</sect3>
<sect3>
<title>Functions and Operators</title>
<itemizedlist>
<listitem>
<para>
Make <type>numeric</> zero raised to a fractional power return
<literal>0</>, rather than throwing an error, and make
<type>numeric</> zero raised to the zero power return <literal>1</>,
rather than error (Bruce)
</para>
<para>
This matches the longstanding <type>float8</> behavior.
</para>
</listitem>
<listitem>
<para>
Allow unary minus of floating-point values to produce minus zero (Tom)
</para>
<para>
The changed behavior is more <acronym>IEEE</>-standard
compliant.
</para>
</listitem>
<listitem>
<para>
Throw an error if an escape character is the last character in
a <literal>LIKE</> pattern (i.e., it has nothing to escape) (Tom)
</para>
<para>
Previously, such an escape character was silently ignored,
thus possibly masking application logic errors.
</para>
</listitem>
<listitem>
<para>
Remove <literal>~=~</> and <literal>~&lt;&gt;~</> operators
formerly used for <literal>LIKE</> index comparisons (Tom)
</para>
<para>
Pattern indexes now use the regular equality operator.
</para>
</listitem>
<listitem>
<para>
<function>xpath()</> now passes its arguments to <application>libxml</>
without any changes (Andrew)
</para>
<para>
This means that the XML argument must be a well-formed XML document.
The previous coding attempted to allow XML fragments, but it did not
work well.
</para>
</listitem>
<listitem>
<para>
Make <function>xmlelement()</> format attribute values just like
content values (Peter)
</para>
<para>
Previously, attribute values were formatted according to the
normal SQL output behavior, which is sometimes at odds with
XML rules.
</para>
</listitem>
<listitem>
<para>
Rewrite memory management for <application>libxml</>-using functions
(Tom)
</para>
<para>
This change should avoid some compatibility problems with use of
<application>libxml</> in PL/Perl and other add-on code.
</para>
</listitem>
<listitem>
<para>
Adopt a faster algorithm for hash functions (Kenneth Marshall,
based on work of Bob Jenkins)
</para>
<para>
Many of the built-in hash functions now deliver different results on
little-endian and big-endian platforms.
</para>
</listitem>
</itemizedlist>
<sect4>
<title>Temporal Functions and Operators</title>
<itemizedlist>
<listitem>
<para>
<varname>DateStyle</> no longer controls <type>interval</> output
formatting; instead there is a new variable <varname>IntervalStyle</>
(Ron Mayer)
</para>
</listitem>
<listitem>
<para>
Improve consistency of handling of fractional seconds in
<type>timestamp</> and <type>interval</> output (Ron Mayer)
</para>
<para>
This may result in displaying a different number of fractional
digits than before, or rounding instead of truncating.
</para>
</listitem>
<listitem>
<para>
Make <function>to_char()</>'s localized month/day names depend
on <varname>LC_TIME</>, not <varname>LC_MESSAGES</> (Euler
Taveira de Oliveira)
</para>
</listitem>
<listitem>
<para>
Cause <function>to_date()</> and <function>to_timestamp()</>
to more consistently report errors for invalid input (Brendan
Jurd)
</para>
<para>
Previous versions would often ignore or silently misread input
that did not match the format string. Such cases will now
result in an error.
</para>
</listitem>
<listitem>
<para>
Fix <function>to_timestamp()</> to not require upper/lower case
matching for meridian (<literal>AM</>/<literal>PM</>) and era
(<literal>BC</>/<literal>AD</>) format designations (Brendan
Jurd)
</para>
<para>
For example, input value <literal>ad</> now matches the format
string <literal>AD</>.
</para>
</listitem>
</itemizedlist>
</sect4>
</sect3>
</sect2>
<sect2>
<title>Changes</title>
<para>
Below you will find a detailed account of the changes between
<productname>PostgreSQL</productname> 8.4 and the previous major
release.
</para>
<sect3>
<title>Performance</title>
<itemizedlist>
<listitem>
<para>
Improve optimizer statistics calculations (Jan Urbanski, Tom)
</para>
<para>
In particular, estimates for full-text-search operators are
greatly improved.
</para>
</listitem>
<listitem>
<para>
Allow <command>SELECT DISTINCT</> and
<literal>UNION</>/<literal>INTERSECT</>/<literal>EXCEPT</> to
use hashing (Tom)
</para>
<para>
This means that these types of queries no longer automatically
produce sorted output.
</para>
</listitem>
<listitem>
<para>
Create explicit concepts of semi-joins and anti-joins (Tom)
</para>
<para>
This work formalizes our previous ad-hoc treatment of <literal>IN
(SELECT ...)</> clauses, and extends it to <literal>EXISTS</> and
<literal>NOT EXISTS</> clauses. It should result in significantly
better planning of <literal>EXISTS</> and <literal>NOT EXISTS</>
queries. In general, logically equivalent <literal>IN</> and
<literal>EXISTS</> clauses should now have similar performance,
whereas previously <literal>IN</> often won.
</para>
</listitem>
<listitem>
<para>
Improve optimization of sub-selects beneath outer joins (Tom)
</para>
<para>
Formerly, a sub-select or view could not be optimized very well if it
appeared within the nullable side of an outer join and contained
non-strict expressions (for instance, constants) in its result list.
</para>
</listitem>
<listitem>
<para>
Improve the performance of <function>text_position()</> and
related functions by using Boyer-Moore-Horspool searching (David
Rowley)
</para>
<para>
This is particularly helpful for long search patterns.
</para>
</listitem>
<listitem>
<para>
Reduce I/O load of writing the statistics collection file
by writing the file only when requested (Martin Pihlak)
</para>
</listitem>
<listitem>
<para>
Improve performance for bulk inserts (Robert Haas, Simon)
</para>
</listitem>
<listitem>
<para>
Increase the default value of <varname>default_statistics_target</>
from <literal>10</> to <literal>100</> (Greg Sabino Mullane,
Tom)
</para>
<para>
The maximum value was also increased from <literal>1000</> to
<literal>10000</>.
</para>
</listitem>
<listitem>
<para>
Perform <varname>constraint_exclusion</> checking by default
in queries involving inheritance or <literal>UNION ALL</> (Tom)
</para>
<para>
A new <varname>constraint_exclusion</> setting,
<literal>partition</>, was added to specify this behavior.
</para>
</listitem>
<listitem>
<para>
Allow I/O read-ahead for bitmap index scans (Greg Stark)
</para>
<para>
The amount of read-ahead is controlled by
<varname>effective_io_concurrency</>. This feature is available only
if the kernel has <function>posix_fadvise()</> support.
</para>
</listitem>
<listitem>
<para>
Inline simple set-returning <acronym>SQL</> functions in
<literal>FROM</> clauses (Richard Rowell)
</para>
</listitem>
<listitem>
<para>
Improve performance of multi-batch hash joins by providing a special
case for join key values that are especially common in the outer
relation (Bryce Cutt, Ramon Lawrence)
</para>
</listitem>
<listitem>
<para>
Reduce volume of temporary data in multi-batch hash joins
by suppressing <quote>physical tlist</> optimization (Michael
Henderson, Ramon Lawrence)
</para>
</listitem>
<listitem>
<para>
Avoid waiting for idle-in-transaction sessions during
<command>CREATE INDEX CONCURRENTLY</> (Simon)
</para>
</listitem>
<listitem>
<para>
Improve performance of shared cache invalidation (Tom)
</para>
</listitem>
</itemizedlist>
</sect3>
<sect3>
<title>Server</title>
<sect4>
<title>Settings</title>
<itemizedlist>
<listitem>
<para>
Convert many <filename>postgresql.conf</> settings to enumerated
values so that <literal>pg_settings</> can display the valid
values (Magnus)
</para>
</listitem>
<listitem>
<para>
Add <varname>cursor_tuple_fraction</> parameter to control the
fraction of a cursor's rows that the planner assumes will be
fetched (Robert Hell)
</para>
</listitem>
<listitem>
<para>
Allow underscores in the names of custom variable
classes in <filename>postgresql.conf</> (Tom)
</para>
</listitem>
</itemizedlist>
</sect4>
<sect4>
<title>Authentication and security</title>
<itemizedlist>
<listitem>
<para>
Remove support for the (insecure) <literal>crypt</> authentication method
(Magnus)
</para>
<para>
This effectively obsoletes pre-<productname>PostgreSQL</> 7.2 client
libraries, as there is no longer any non-plaintext password method that
they can use.
</para>
</listitem>
<listitem>
<para>
Support regular expressions in <filename>pg_ident.conf</>
(Magnus)
</para>
</listitem>
<listitem>
<para>
Allow <productname>Kerberos</>/<acronym>GSSAPI</> parameters
to be changed without restarting the postmaster (Magnus)
</para>
</listitem>
<listitem>
<para>
Support <acronym>SSL</> certificate chains in server certificate
file (Andrew Gierth)
</para>
<para>
Including the full certificate chain makes the client able
to verify the certificate without having all intermediate CA
certificates present in the local store, which is often the case for
commercial CAs.
</para>
</listitem>
<listitem>
<para>
Report appropriate error message for combination of <literal>MD5</>
authentication and <varname>db_user_namespace</> enabled (Bruce)
</para>
</listitem>
</itemizedlist>
</sect4>
<sect4 id="release-8-4-pg-hba-conf">
<title><filename>pg_hba.conf</></title>
<itemizedlist>
<listitem>
<para>
Change all authentication options to use <literal>name=value</>
syntax (Magnus)
</para>
<para>
This makes incompatible changes to the <literal>ldap</>,
<literal>pam</> and <literal>ident</> authentication methods. All
<filename>pg_hba.conf</> entries with these methods need to be
rewritten using the new format.
</para>
</listitem>
<listitem>
<para>
Remove the <literal>ident sameuser</> option, instead making that
behavior the default if no usermap is specified (Magnus)
</para>
</listitem>
<listitem>
<para>
Allow a usermap parameter for all external authentication methods
(Magnus)
</para>
<para>
Previously a usermap was only supported for <literal>ident</>
authentication.
</para>
</listitem>
<listitem>
<para>
Add <literal>clientcert</> option to control requesting of a
client certificate (Magnus)
</para>
<para>
Previously this was controlled by the presence of a root
certificate file in the server's data directory.
</para>
</listitem>
<listitem>
<para>
Add <literal>cert</> authentication method to allow
<emphasis>user</> authentication via <acronym>SSL</> certificates
(Magnus)
</para>
<para>
Previously <acronym>SSL</> certificates could only verify that
the client had access to a certificate, not authenticate a
user.
</para>
</listitem>
<listitem>
<para>
Allow <literal>krb5</>, <literal>gssapi</> and <literal>sspi</>
realm and <literal>krb5</> host settings to be specified in
<filename>pg_hba.conf</> (Magnus)
</para>
<para>
These override the settings in <filename>postgresql.conf</>.
</para>
</listitem>
<listitem>
<para>
Add <varname>include_realm</> parameter for <literal>krb5</>,
<literal>gssapi</>, and <literal>sspi</> methods (Magnus)
</para>
<para>
This allows identical usernames from different realms to be
authenticated as different database users using usermaps.
</para>
</listitem>
<listitem>
<para>
Parse <filename>pg_hba.conf</> fully when it is loaded,
so that errors are reported immediately (Magnus)
</para>
<para>
Previously, most errors in the file wouldn't be detected until clients
tried to connect, so an erroneous file could render the system
unusable. With the new behavior, if an error is detected during
reload then the bad file is rejected and the postmaster continues
to use its old copy.
</para>
</listitem>
<listitem>
<para>
Show all parsing errors in <filename>pg_hba.conf</> instead of
aborting after the first one (Selena Deckelmann)
</para>
</listitem>
<listitem>
<para>
Support <literal>ident</> authentication over Unix-domain sockets
on <productname>Solaris</> (Garick Hamlin)
</para>
</listitem>
</itemizedlist>
</sect4>
<sect4>
<title>Continuous Archiving</title>
<itemizedlist>
<listitem>
<para>
Provide an option to <function>pg_start_backup()</> to force its
implied checkpoint to finish as quickly as possible (Tom)
</para>
<para>
The default behavior avoids excess I/O consumption, but that is
pointless if no concurrent query activity is going on.
</para>
</listitem>
<listitem>
<para>
Make <function>pg_stop_backup()</> wait for modified <acronym>WAL</>
files to be archived (Simon)
</para>
<para>
This guarantees that the backup is valid at the time
<function>pg_stop_backup()</> completes.
</para>
</listitem>
<listitem>
<para>
When archiving is enabled, rotate the last WAL segment at shutdown
so that all transactions can be archived immediately
(Guillaume Smet, Heikki)
</para>
</listitem>
<listitem>
<para>
Delay <quote>smart</> shutdown while a continuous archiving base backup
is in progress (Laurenz Albe)
</para>
</listitem>
<listitem>
<para>
Cancel a continuous archiving base backup if <quote>fast</> shutdown
is requested (Laurenz Albe)
</para>
</listitem>
<listitem>
<para>
Allow <filename>recovery.conf</> boolean variables to take the
same range of string values as <filename>postgresql.conf</>
boolean variables
(Bruce)
</para>
</listitem>
</itemizedlist>
</sect4>
<sect4>
<title>Monitoring</title>
<itemizedlist>
<listitem>
<para>
Add <function>pg_conf_load_time()</> to report when
the <productname>PostgreSQL</> configuration files were last loaded
(George Gensure)
</para>
</listitem>
<listitem>
<para>
Add <function>pg_terminate_backend()</> to safely terminate a
backend (the <literal>SIGTERM</> signal works also) (Tom, Bruce)
</para>
<para>
While it's always been possible to <literal>SIGTERM</> a single
backend, this was previously considered unsupported; and testing
of the case found some bugs that are now fixed.
</para>
</listitem>
<listitem>
<para>
Add ability to track user-defined functions' call counts and
runtimes (Martin Pihlak)
</para>
<para>
Function statistics appear in a new system view,
<literal>pg_stat_user_functions</>. Tracking is controlled
by the new parameter <varname>track_functions</>.
</para>
</listitem>
<listitem>
<para>
Allow specification of the maximum query string size in
<literal>pg_stat_activity</> via new
<varname>track_activity_query_size</> parameter (Thomas Lee)
</para>
</listitem>
<listitem>
<para>
Increase the maximum line length sent to <application>syslog</>, in
hopes of improving performance (Tom)
</para>
</listitem>
<listitem>
<para>
Add read-only configuration variables <varname>segment_size</>,
<varname>wal_block_size</>, and <varname>wal_segment_size</>
(Bernd Helmle)
</para>
</listitem>
<listitem>
<para>
When reporting a deadlock, report the text of all queries involved
in the deadlock to the server log (Itagaki Takahiro)
</para>
</listitem>
<listitem>
<para>
Add <function>pg_stat_get_activity(pid)</> function to return
information about a specific process id (Magnus)
</para>
</listitem>
<listitem>
<para>
Allow the location of the server's statistics file to be specified
via <varname>stats_temp_directory</> (Magnus)
</para>
<para>
This allows the statistics file to be placed in a
<acronym>RAM</>-resident directory to reduce I/O requirements.
On startup/shutdown, the file is copied to its traditional location
(<literal>$PGDATA/global/</>) so it is preserved across restarts.
</para>
</listitem>
</itemizedlist>
</sect4>
</sect3>
<sect3>
<title>Queries</title>
<itemizedlist>
<listitem>
<para>
Add support for <literal>WINDOW</> functions (Hitoshi Harada)
</para>
</listitem>
<listitem>
<para>
Add support for <literal>WITH</> clauses (CTEs), including <literal>WITH
RECURSIVE</> (Yoshiyuki Asaba, Tatsuo Ishii, Tom)
</para>
</listitem>
<listitem>
<para>
Add <command>TABLE</> command (Peter)
</para>
<para>
<literal>TABLE tablename</> is a SQL standard short-hand for
<literal>SELECT * FROM tablename</>.
</para>
</listitem>
<listitem>
<para>
Allow <literal>AS</> to be optional when specifying a
<command>SELECT</> (or <literal>RETURNING</>) column output
label (Hiroshi Saito)
</para>
<para>
This works so long as the column label is not any
<productname>PostgreSQL</> keyword; otherwise <literal>AS</> is still
needed.
</para>
</listitem>
<listitem>
<para>
Support set-returning functions in <command>SELECT</> result lists
even for functions that return their result via a tuplestore (Tom)
</para>
<para>
In particular, this means that functions written in PL/pgSQL
and other PL languages can now be called this way.
</para>
</listitem>
<listitem>
<para>
Support set-returning functions in the output of aggregation
and grouping queries (Tom)
</para>
</listitem>
<listitem>
<para>
Allow <command>SELECT FOR UPDATE</>/<literal>SHARE</> to work
on inheritance trees (Tom)
</para>
</listitem>
<listitem>
<para>
Add infrastructure for <acronym>SQL/MED</> (Martin Pihlak,
Peter)
</para>
<para>
There are no remote or external <acronym>SQL/MED</> capabilities
yet, but this change provides a standardized and future-proof
system for managing connection information for modules like
<filename>dblink</> and <filename>plproxy</>.
</para>
</listitem>
<listitem>
<para>
Invalidate cached plans when referenced schemas, functions, operators,
or operator classes are modified (Martin Pihlak, Tom)
</para>
<para>
This improves the system's ability to respond to on-the-fly
DDL changes.
</para>
</listitem>
<listitem>
<para>
Allow comparison of composite types and allow arrays of
anonymous composite types (Tom)
</para>
<para>
This allows constructs such as
<literal>row(1, 1.1) = any (array[row(7, 7.7), row(1, 1.0)])</>.
This is particularly useful in recursive queries.
</para>
</listitem>
<listitem>
<para>
Add support for Unicode string literal and identifier specifications
using code points, e.g. <literal>U&amp;'d\0061t\+000061'</>
(Peter)
</para>
</listitem>
<listitem>
<para>
Reject <literal>\000</> in string literals and <command>COPY</> data
(Tom)
</para>
<para>
Previously, this was accepted but had the effect of terminating
the string contents.
</para>
</listitem>
<listitem>
<para>
Improve the parser's ability to report error locations (Tom)
</para>
<para>
An error location is now reported for many semantic errors,
such as mismatched datatypes, that previously could not be localized.
</para>
</listitem>
</itemizedlist>
<sect4>
<title><command>TRUNCATE</></title>
<itemizedlist>
<listitem>
<para>
Support statement-level <literal>ON TRUNCATE</> triggers (Simon)
</para>
</listitem>
<listitem>
<para>
Add <literal>RESTART</>/<literal>CONTINUE IDENTITY</> options
for <command>TRUNCATE TABLE</>
(Zoltan Boszormenyi)
</para>
<para>
The start value of a sequence can be changed by <command>ALTER
SEQUENCE START WITH</>.
</para>
</listitem>
<listitem>
<para>
Allow <command>TRUNCATE tab1, tab1</> to succeed (Bruce)
</para>
</listitem>
<listitem>
<para>
Add a separate <command>TRUNCATE</> permission (Robert Haas)
</para>
</listitem>
</itemizedlist>
</sect4>
<sect4>
<title><command>EXPLAIN</></title>
<itemizedlist>
<listitem>
<para>
Make <command>EXPLAIN VERBOSE</> show the output columns of each
plan node (Tom)
</para>
<para>
Previously <command>EXPLAIN VERBOSE</> output an internal
representation of the query plan. (That behavior is now
available via <varname>debug_print_plan</>.)
</para>
</listitem>
<listitem>
<para>
Make <command>EXPLAIN</> identify subplans and initplans with
individual labels (Tom)
</para>
</listitem>
<listitem>
<para>
Make <command>EXPLAIN</> honor <varname>debug_print_plan</> (Tom)
</para>
</listitem>
<listitem>
<para>
Allow <command>EXPLAIN</> on <command>CREATE TABLE AS</> (Peter)
</para>
</listitem>
</itemizedlist>
</sect4>
<sect4>
<title><literal>LIMIT</>/<literal>OFFSET</></title>
<itemizedlist>
<listitem>
<para>
Allow sub-selects in <literal>LIMIT</> and <literal>OFFSET</> (Tom)
</para>
</listitem>
<listitem>
<para>
Add <acronym>SQL</>-standard syntax for
<literal>LIMIT</>/<literal>OFFSET</> capabilities (Peter)
</para>
<para>
To wit,
<literal>OFFSET num {ROW|ROWS} FETCH {FIRST|NEXT} [num] {ROW|ROWS}
ONLY</>.
</para>
</listitem>
</itemizedlist>
</sect4>
</sect3>
<sect3>
<title>Object Manipulation</title>
<itemizedlist>
<listitem>
<para>
Add support for column-level privileges (Stephen Frost, KaiGai
Kohei)
</para>
</listitem>
<listitem>
<para>
Refactor multi-object <command>DROP</> operations to reduce the
need for <literal>CASCADE</> (Alex Hunsaker)
</para>
<para>
For example, if table <literal>B</> has a dependency on table
<literal>A</>, the command <literal>DROP TABLE A, B</> no longer
requires the <literal>CASCADE</> option.
</para>
</listitem>
<listitem>
<para>
Fix various problems with concurrent <command>DROP</> commands
by ensuring that locks are taken before we begin to drop dependencies
of an object (Tom)
</para>
</listitem>
<listitem>
<para>
Improve reporting of dependencies during <command>DROP</>
commands (Tom)
</para>
</listitem>
<listitem>
<para>
Add <literal>WITH [NO] DATA</> clause to <command>CREATE TABLE
AS</>, per the <acronym>SQL</> standard (Peter, Tom)
</para>
</listitem>
<listitem>
<para>
Add support for user-defined I/O conversion casts (Heikki)
</para>
</listitem>
<listitem>
<para>
Allow <command>CREATE AGGREGATE</> to use an <type>internal</>
transition datatype (Tom)
</para>
</listitem>
<listitem>
<para>
Add <literal>LIKE</> clause to <command>CREATE TYPE</> (Tom)
</para>
<para>
This simplifies creation of data types that use the same internal
representation as an existing type.
</para>
</listitem>
<listitem>
<para>
Allow specification of the type category and <quote>preferred</>
status for user-defined base types (Tom)
</para>
<para>
This allows more control over the coercion behavior of user-defined
types.
</para>
</listitem>
<listitem>
<para>
Allow <command>CREATE OR REPLACE VIEW</> to add columns to the
end of a view (Robert Haas)
</para>
</listitem>
</itemizedlist>
<sect4>
<title><command>ALTER</></title>
<itemizedlist>
<listitem>
<para>
Add <command>ALTER TYPE RENAME</> (Petr Jelinek)
</para>
</listitem>
<listitem>
<para>
Add <command>ALTER SEQUENCE ... RESTART</> (with no parameter) to
reset a sequence to its initial value (Zoltan Boszormenyi)
</para>
</listitem>
<listitem>
<para>
Modify the <command>ALTER TABLE</> syntax to allow all reasonable
combinations for tables, indexes, sequences, and views (Tom)
</para>
<para>
This change allows the following new syntaxes:
<itemizedlist>
<listitem>
<para>
<command>ALTER SEQUENCE OWNER TO</>
</para>
</listitem>
<listitem>
<para>
<command>ALTER VIEW ALTER COLUMN SET/DROP DEFAULT</>
</para>
</listitem>
<listitem>
<para>
<command>ALTER VIEW OWNER TO</>
</para>
</listitem>
<listitem>
<para>
<command>ALTER VIEW SET SCHEMA</>
</para>
</listitem>
</itemizedlist>
There is no actual new functionality here, but formerly
you had to say <command>ALTER TABLE</> to do these things,
which was confusing.
</para>
</listitem>
<listitem>
<para>
Add support for the syntax <command>ALTER TABLE ... ALTER COLUMN
... SET DATA TYPE</> (Peter)
</para>
<para>
This is <acronym>SQL</>-standard syntax for functionality that
was already supported.
</para>
</listitem>
<listitem>
<para>
Make <command>ALTER TABLE SET WITHOUT OIDS</> rewrite the table
to physically remove <type>OID</> values (Tom)
</para>
<para>
Also, add <command>ALTER TABLE SET WITH OIDS</> to rewrite the
table to add <type>OID</>s.
</para>
</listitem>
</itemizedlist>
</sect4>
<sect4>
<title>Database Manipulation</title>
<itemizedlist>
<listitem>
<para>
Improve reporting of
<command>CREATE</>/<command>DROP</>/<command>RENAME DATABASE</>
failure when uncommitted prepared transactions are the cause
(Tom)
</para>
</listitem>
<listitem>
<para>
Make <varname>LC_COLLATE</> and <varname>LC_CTYPE</> into
per-database settings (Radek Strnad, Heikki)
</para>
<para>
This makes collation similar to encoding, which was always
configurable per database.
</para>
</listitem>
<listitem>
<para>
Improve checks that the database encoding, collation
(<varname>LC_COLLATE</>), and character classes
(<varname>LC_CTYPE</>) match (Heikki, Tom)
</para>
<para>
Note in particular that a new database's encoding and locale
settings can be changed only when copying from <literal>template0</>.
This prevents possibly copying data that doesn't match the settings.
</para>
</listitem>
<listitem>
<para>
Add <command>ALTER DATABASE SET TABLESPACE</> to move a database
to a new tablespace (Guillaume Lelarge, Bernd Helmle)
</para>
</listitem>
</itemizedlist>
</sect4>
</sect3>
<sect3>
<title>Utility Operations</title>
<itemizedlist>
<listitem>
<para>
Add a <literal>VERBOSE</> option to the <command>CLUSTER</> command and
<application>clusterdb</> (Jim Cox)
</para>
</listitem>
<listitem>
<para>
Decrease memory requirements for recording pending trigger
events (Tom)
</para>
</listitem>
</itemizedlist>
<sect4>
<title>Indexes</title>
<itemizedlist>
<listitem>
<para>
Dramatically improve the speed of building and accessing hash
indexes (Tom Raney, Shreya Bhargava)
</para>
<para>
This allows hash indexes to be sometimes faster than btree
indexes. However, hash indexes are still not crash-safe.
</para>
</listitem>
<listitem>
<para>
Make hash indexes store only the hash code, not the full value of
the indexed column (Xiao Meng)
</para>
<para>
This greatly reduces the size of hash indexes for long indexed
values, improving performance.
</para>
</listitem>
<listitem>
<para>
Implement fast update option for GIN indexes (Teodor, Oleg)
</para>
<para>
This option greatly improves update speed at a small penalty in search
speed.
</para>
</listitem>
<listitem>
<para>
<literal>xxx_pattern_ops</> indexes can now be used for simple
equality comparisons, not only for <literal>LIKE</> (Tom)
</para>
</listitem>
</itemizedlist>
</sect4>
<sect4>
<title>Full Text Indexes</title>
<itemizedlist>
<listitem>
<para>
Remove the requirement to use <literal>@@@</> when doing
<acronym>GIN</> weighted lookups on full text indexes (Tom, Teodor)
</para>
<para>
The normal <literal>@@</> text search operator can be used
instead.
</para>
</listitem>
<listitem>
<para>
Add an optimizer selectivity function for <literal>@@</> text
search operations (Jan Urbanski)
</para>
</listitem>
<listitem>
<para>
Allow prefix matching in full text searches (Teodor Sigaev,
Oleg Bartunov)
</para>
</listitem>
<listitem>
<para>
Support multi-column <acronym>GIN</> indexes (Teodor Sigaev)
</para>
</listitem>
<listitem>
<para>
Improve support for Nepali language and Devanagari alphabet (Teodor)
</para>
</listitem>
</itemizedlist>
</sect4>
<sect4>
<title><command>VACUUM</></title>
<itemizedlist>
<listitem>
<para>
Track free space in separate per-relation <quote>fork</> files (Heikki)
</para>
<para>
Free space discovered by <command>VACUUM</> is now recorded in
<filename>*_fsm</> files, rather than in a fixed-sized shared memory
area. The <varname>max_fsm_pages</> and <varname>max_fsm_relations</>
settings have been removed, greatly simplifying administration of
free space management.
</para>
</listitem>
<listitem>
<para>
Add a visibility map to track pages that do not require
vacuuming (Heikki)
</para>
<para>
This allows <command>VACUUM</> to avoid scanning all of
a table when only a portion of the table needs vacuuming.
The visibility map is stored in per-relation <quote>fork</> files.
</para>
</listitem>
<listitem>
<para>
Add <varname>vacuum_freeze_table_age</> parameter to control
when <command>VACUUM</> should ignore the visibility map and
do a full table scan to freeze tuples (Heikki)
</para>
</listitem>
<listitem>
<para>
Track transaction snapshots more carefully (Alvaro)
</para>
<para>
This improves <command>VACUUM</>'s ability to reclaim space
in the presence of long-running transactions.
</para>
</listitem>
<listitem>
<para>
Add ability to specify per-relation autovacuum and <acronym>TOAST</>
parameters in <command>CREATE TABLE</> (Alvaro, Euler Taveira de
Oliveira)
</para>
<para>
Autovacuum options used to be stored in a system table.
</para>
</listitem>
<listitem>
<para>
Add <literal>--freeze</> option to <application>vacuumdb</>
(Bruce)
</para>
</listitem>
</itemizedlist>
</sect4>
</sect3>
<sect3>
<title>Data Types</title>
<itemizedlist>
<listitem>
<para>
Add a <literal>CaseSensitive</> option for text search synonym
dictionaries (Simon)
</para>
</listitem>
<listitem>
<para>
Improve the precision of <type>NUMERIC</> division (Tom)
</para>
</listitem>
<listitem>
<para>
Add basic arithmetic operators for <type>int2</> with <type>int8</>
(Tom)
</para>
<para>
This eliminates the need for explicit casting in some situations.
</para>
</listitem>
<listitem>
<para>
Allow <type>UUID</> input to accept an optional hyphen after
every fourth digit (Robert Haas)
</para>
</listitem>
<listitem>
<para>
Allow <literal>on</>/<literal>off</> as input for the boolean data type
(Itagaki Takahiro)
</para>
</listitem>
<listitem>
<para>
Allow spaces around <literal>NaN</> in the input string for
type <type>numeric</> (Sam Mason)
</para>
</listitem>
</itemizedlist>
<sect4>
<title>Temporal Data Types</title>
<itemizedlist>
<listitem>
<para>
Reject year <literal>0 BC</> and years <literal>000</> and
<literal>0000</> (Tom)
</para>
<para>
Previously these were interpreted as <literal>1 BC</>.
(Note: years <literal>0</> and <literal>00</> are still assumed to be
the year 2000.)
</para>
</listitem>
<listitem>
<para>
Include <literal>SGT</> (Singapore time) in the default list of
known time zone abbreviations (Tom)
</para>
</listitem>
<listitem>
<para>
Support <literal>infinity</> and <literal>-infinity</> as
values of type <type>date</> (Tom)
</para>
</listitem>
<listitem>
<para>
Make parsing of <type>interval</> literals more standard-compliant
(Tom, Ron Mayer)
</para>
<para>
For example, <literal>INTERVAL '1' YEAR</> now does what it's
supposed to.
</para>
</listitem>
<listitem>
<para>
Allow <type>interval</> fractional-seconds precision to be specified
after the <literal>second</> keyword, for <acronym>SQL</> standard
compliance (Tom)
</para>
<para>
Formerly the precision had to be specified after the keyword
<type>interval</>. (For backwards compatibility, this syntax is still
supported, though deprecated.) Data type definitions will now be
output using the standard format.
</para>
</listitem>
<listitem>
<para>
Support the <acronym>IS0 8601</> <type>interval</> syntax (Ron
Mayer, Kevin Grittner)
</para>
<para>
For example, <literal>INTERVAL 'P1Y2M3DT4H5M6.7S'</> is now
supported.
</para>
</listitem>
<listitem>
<para>
Add <varname>IntervalStyle</> parameter
which controls how <type>interval</> values are output (Ron Mayer)
</para>
<para>
Valid values are: <literal>postgres</>, <literal>postgres_verbose</>,
<literal>sql_standard</>, <literal>iso_8601</>. This setting also
controls the handling of negative <type>interval</> input when only
some fields have positive/negative designations.
</para>
</listitem>
<listitem>
<para>
Improve consistency of handling of fractional seconds in
<type>timestamp</> and <type>interval</> output (Ron Mayer)
</para>
</listitem>
</itemizedlist>
</sect4>
<sect4>
<title>Arrays</title>
<itemizedlist>
<listitem>
<para>
Improve the handling of casts applied to <literal>ARRAY[]</>
constructs, such as <literal>ARRAY[...]::integer[]</>
(Brendan Jurd)
</para>
<para>
Formerly <productname>PostgreSQL</> attempted to determine a data type
for the <literal>ARRAY[]</> construct without reference to the ensuing
cast. This could fail unnecessarily in many cases, in particular when
the <literal>ARRAY[]</> construct was empty or contained only
ambiguous entries such as <literal>NULL</>. Now the cast is consulted
to determine the type that the array elements must be.
</para>
</listitem>
<listitem>
<para>
Make <acronym>SQL</>-syntax <type>ARRAY</> dimensions optional
to match the <acronym>SQL</> standard (Peter)
</para>
</listitem>
<listitem>
<para>
Add <function>array_ndims()</> to return the number
of dimensions of an array (Robert Haas)
</para>
</listitem>
<listitem>
<para>
Add <function>array_length()</> to return the length
of an array for a specified dimension (Jim Nasby, Robert
Haas, Peter Eisentraut)
</para>
</listitem>
<listitem>
<para>
Add aggregate function <function>array_agg()</>, which
returns all aggregated values as a single array (Robert Haas,
Jeff Davis, Peter)
</para>
</listitem>
<listitem>
<para>
Add <function>unnest()</>, which converts an array to
individual row values (Tom)
</para>
<para>
This is the opposite of <function>array_agg()</>.
</para>
</listitem>
<listitem>
<para>
Add <function>array_fill()</> to create arrays initialized with
a value (Pavel Stehule)
</para>
</listitem>
<listitem>
<para>
Add <function>generate_subscripts()</> to simplify generating
the range of an array's subscripts (Pavel Stehule)
</para>
</listitem>
</itemizedlist>
</sect4>
<sect4>
<title>Wide-Value Storage (<acronym>TOAST</>)</title>
<itemizedlist>
<listitem>
<para>
Consider <acronym>TOAST</> compression on values as short as
32 bytes (previously 256 bytes) (Greg Stark)
</para>
</listitem>
<listitem>
<para>
Require 25% minimum space savings before using <acronym>TOAST</>
compression (previously 20% for small values and any-savings-at-all
for large values) (Greg)
</para>
</listitem>
<listitem>
<para>
Improve <acronym>TOAST</> heuristics for rows that have a mix of large
and small toastable fields, so that we prefer to push large values out
of line and don't compress small values unnecessarily (Greg, Tom)
</para>
</listitem>
</itemizedlist>
</sect4>
</sect3>
<sect3>
<title>Functions</title>
<itemizedlist>
<listitem>
<para>
Document that <function>setseed()</> allows values from
<literal>-1</> to <literal>1</> (not just <literal>0</> to
<literal>1</>), and enforce the valid range (Kris Jurka)
</para>
</listitem>
<listitem>
<para>
Add server-side function <function>lo_import(filename, oid)</>
(Tatsuo)
</para>
</listitem>
<listitem>
<para>
Add <function>quote_nullable()</>, which behaves like
<function>quote_literal()</> but returns the string <literal>NULL</> for
a null argument (Brendan Jurd)
</para>
</listitem>
<listitem>
<para>
Improve full text search <function>headline()</> function to
allow extracting several fragments of text (Sushant Sinha)
</para>
</listitem>
<listitem>
<para>
Add <function>suppress_redundant_updates_trigger()</> trigger
function to avoid overhead for non-data-changing updates (Andrew)
</para>
</listitem>
<listitem>
<para>
Add <function>div(numeric, numeric)</> to perform <type>numeric</>
division without rounding (Tom)
</para>
</listitem>
<listitem>
<para>
Add <type>timestamp</> and <type>timestamptz</> versions of
<function>generate_series()</> (Hitoshi Harada)
</para>
</listitem>
</itemizedlist>
<sect4>
<title>Object Information Functions</title>
<itemizedlist>
<listitem>
<para>
Implement <function>current_query()</> for use by functions
that need to know the currently running query (Tomas Doran)
</para>
</listitem>
<listitem>
<para>
Add <function>pg_get_keywords()</> to return a list of the
parser keywords (Dave Page)
</para>
</listitem>
<listitem>
<para>
Add <function>pg_get_functiondef()</> to see a function's
definition (Abhijit Menon-Sen)
</para>
</listitem>
<listitem>
<para>
Allow the second argument of <function>pg_get_expr()</> to be zero
when deparsing an expression that does not contain variables (Tom)
</para>
</listitem>
<listitem>
<para>
Modify <function>pg_relation_size()</> to use <literal>regclass</>
(Heikki)
</para>
<para>
<function>pg_relation_size(data_type_name)</> no longer works.
</para>
</listitem>
<listitem>
<para>
Add <literal>boot_val</> and <literal>reset_val</> columns to
<literal>pg_settings</> output (Greg Smith)
</para>
</listitem>
<listitem>
<para>
Add source file name and line number columns to
<literal>pg_settings</> output for variables set in a configuration
file (Magnus, Alvaro)
</para>
<para>
For security reasons, these columns are only visible to superusers.
</para>
</listitem>
<listitem>
<para>
Add support for <varname>CURRENT_CATALOG</>,
<varname>CURRENT_SCHEMA</>, <varname>SET CATALOG</>, <varname>SET
SCHEMA</> (Peter)
</para>
<para>
These provide <acronym>SQL</>-standard syntax for existing features.
</para>
</listitem>
<listitem>
<para>
Add <function>pg_typeof()</> which returns the data type
of any value (Brendan Jurd)
</para>
</listitem>
<listitem>
<para>
Make <function>version()</> return information about whether
the server is a 32- or 64-bit binary (Bruce)
</para>
</listitem>
<listitem>
<para>
Fix the behavior of information schema columns
<structfield>is_insertable_into</> and <structfield>is_updatable</> to
be consistent (Peter)
</para>
</listitem>
<listitem>
<para>
Improve the behavior of information schema
<structfield>datetime_precision</> columns (Peter)
</para>
<para>
These columns now show zero for <type>date</> columns, and 6
(the default precision) for <type>time</>, <type>timestamp</>, and
<type>interval</> without a declared precision, rather than showing
null as formerly.
</para>
</listitem>
<listitem>
<para>
Convert remaining builtin set-returning functions to use
<literal>OUT</> parameters (Jaime Casanova)
</para>
<para>
This makes it possible to call these functions without specifying
a column list: <function>pg_show_all_settings()</>,
<function>pg_lock_status()</>, <function>pg_prepared_xact()</>,
<function>pg_prepared_statement()</>, <function>pg_cursor()</>
</para>
</listitem>
<listitem>
<para>
Make <function>pg_*_is_visible()</> and
<function>has_*_privilege()</> functions return <literal>NULL</>
for invalid OIDs, rather than reporting an error (Tom)
</para>
</listitem>
<listitem>
<para>
Extend <function>has_*_privilege()</> functions to allow inquiring
about the OR of multiple privileges in one call (Stephen
Frost, Tom)
</para>
</listitem>
<listitem>
<para>
Add <function>has_column_privilege()</> and
<function>has_any_column_privilege()</> functions (Stephen
Frost, Tom)
</para>
</listitem>
</itemizedlist>
</sect4>
<sect4>
<title>Function Creation</title>
<itemizedlist>
<listitem>
<para>
Support variadic functions (functions with a variable number
of arguments) (Pavel Stehule)
</para>
<para>
Only trailing arguments can be optional, and they all must be
of the same data type.
</para>
</listitem>
<listitem>
<para>
Support default values for function arguments (Pavel Stehule)
</para>
</listitem>
<listitem>
<para>
Add <command>CREATE FUNCTION ... RETURNS TABLE</> clause (Pavel
Stehule)
</para>
</listitem>
<listitem>
<para>
Allow <acronym>SQL</>-language functions to return the output
of an <command>INSERT</>/<command>UPDATE</>/<command>DELETE</>
<literal>RETURNING</> clause (Tom)
</para>
</listitem>
</itemizedlist>
</sect4>
<sect4>
<title>PL/pgSQL Server-Side Language</title>
<itemizedlist>
<listitem>
<para>
Support <literal>EXECUTE USING</> for easier insertion of data
values into a dynamic query string (Pavel Stehule)
</para>
</listitem>
<listitem>
<para>
Allow looping over the results of a cursor using a <literal>FOR</>
loop (Pavel Stehule)
</para>
</listitem>
<listitem>
<para>
Support <literal>RETURN QUERY EXECUTE</> (Pavel
Stehule)
</para>
</listitem>
<listitem>
<para>
Improve the <literal>RAISE</> command (Pavel Stehule)
<itemizedlist>
<listitem>
<para>
Support <literal>DETAIL</> and <literal>HINT</> fields
</para>
</listitem>
<listitem>
<para>
Support specification of the <literal>SQLSTATE</> error code
</para>
</listitem>
<listitem>
<para>
Support an exception name parameter
</para>
</listitem>
<listitem>
<para>
Allow <literal>RAISE</> without parameters in an exception
block to re-throw the current error
</para>
</listitem>
</itemizedlist>
</para>
</listitem>
<listitem>
<para>
Allow specification of <varname>SQLSTATE</> codes
in <literal>EXCEPTION</> lists (Pavel Stehule)
</para>
<para>
This is useful for handling custom <varname>SQLSTATE</> codes.
</para>
</listitem>
<listitem>
<para>
Support the <literal>CASE</> statement (Pavel Stehule)
</para>
</listitem>
<listitem>
<para>
Make <command>RETURN QUERY</> set the special <literal>FOUND</> and
<command>GET DIAGNOSTICS</> <literal>ROW_COUNT</> variables
(Pavel Stehule)
</para>
</listitem>
<listitem>
<para>
Make <command>FETCH</> and <command>MOVE</> set the
<command>GET DIAGNOSTICS</> <literal>ROW_COUNT</> variable
(Andrew Gierth)
</para>
</listitem>
<listitem>
<para>
Make <command>EXIT</> without a label always exit the innermost
loop (Tom)
</para>
<para>
Formerly, if there were a <literal>BEGIN</> block more closely nested
than any loop, it would exit that block instead. The new behavior
matches Oracle(TM) and is also what was previously stated by our own
documentation.
</para>
</listitem>
<listitem>
<para>
Make processing of string literals and nested block comments
match the main SQL parser's processing (Tom)
</para>
<para>
In particular, the format string in <command>RAISE</> now works
the same as any other string literal, including being subject
to <varname>standard_conforming_strings</>. This change also
fixes other cases in which valid commands would fail when
<varname>standard_conforming_strings</> is on.
</para>
</listitem>
<listitem>
<para>
Avoid memory leakage when the same function is called at varying
exception-block nesting depths (Tom)
</para>
</listitem>
</itemizedlist>
</sect4>
</sect3>
<sect3>
<title>Client Applications</title>
<itemizedlist>
<listitem>
<para>
Fix <literal>pg_ctl restart</> to preserve command-line arguments
(Bruce)
</para>
</listitem>
<listitem>
<para>
Add <literal>-w</>/<literal>--no-password</> option that
prevents password prompting in all utilities that have a
<literal>-W</>/<literal>--password</> option (Peter)
</para>
</listitem>
<listitem>
<para>
Remove <option>-q</> (quiet) option of <application>createdb</>,
<application>createuser</>, <application>dropdb</>,
<application>dropuser</> (Peter)
</para>
<para>
These options have had no effect since <productname>PostgreSQL</>
8.3.
</para>
</listitem>
</itemizedlist>
<sect4>
<title><application>psql</></title>
<itemizedlist>
<listitem>
<para>
Remove verbose startup banner; now just suggest <literal>help</>
(Joshua Drake)
</para>
</listitem>
<listitem>
<para>
Make <literal>help</> show common backslash commands (Greg
Sabino Mullane)
</para>
</listitem>
<listitem>
<para>
Add <literal>\pset format wrapped</> mode to wrap output to the
screen width, or file/pipe output too if <literal>\pset columns</>
is set (Bryce Nesbitt)
</para>
</listitem>
<listitem>
<para>
Allow all supported spellings of boolean values in <command>\pset</>,
rather than just <literal>on</> and <literal>off</> (Bruce)
</para>
<para>
Formerly, any string other than <quote>off</> was silently taken
to mean <literal>true</>. <application>psql</> will now complain
about unrecognized spellings (but still take them as <literal>true</>).
</para>
</listitem>
<listitem>
<para>
Use the pager for wide output (Bruce)
</para>
</listitem>
<listitem>
<para>
Require a space between a one-letter backslash command and its first
argument (Bernd Helmle)
</para>
<para>
This removes a historical source of ambiguity.
</para>
</listitem>
<listitem>
<para>
Improve tab completion support for schema-qualified and
quoted identifiers (Greg Sabino Mullane)
</para>
</listitem>
<listitem>
<para>
Add optional <literal>on</>/<literal>off</> argument for
<command>\timing</> (David Fetter)
</para>
</listitem>
<listitem>
<para>
Display access control rights on multiple lines (Brendan
Jurd, Andreas Scherbaum)
</para>
</listitem>
<listitem>
<para>
Make <command>\l</> show database access privileges (Andrew Gilligan)
</para>
</listitem>
<listitem>
<para>
Make <command>\l+</> show database sizes, if permissions
allow (Andrew Gilligan)
</para>
</listitem>
<listitem>
<para>
Add the <command>\ef</> command to edit function definitions
(Abhijit Menon-Sen)
</para>
</listitem>
</itemizedlist>
</sect4>
<sect4>
<title><application>psql</> \d* commands</title>
<itemizedlist>
<listitem>
<para>
Make <command>\d*</> commands that do not have a pattern argument
show system objects only if the <literal>S</> modifier is specified
(Greg Sabino Mullane, Bruce)
</para>
<para>
The former behavior was inconsistent across different variants
of <command>\d</>, and in most cases it provided no easy way to see
just user objects.
</para>
</listitem>
<listitem>
<para>
Improve <command>\d*</> commands to work with older
<productname>PostgreSQL</> server versions (back to 7.4),
not only the current server version
(Guillaume Lelarge)
</para>
</listitem>
<listitem>
<para>
Make <command>\d</> show foreign-key constraints that reference
the selected table (Kenneth D'Souza)
</para>
</listitem>
<listitem>
<para>
Make <command>\d</> on a sequence show its column values
(Euler Taveira de Oliveira)
</para>
</listitem>
<listitem>
<para>
Add column storage type and other relation options to the
<command>\d+</> display (Gregory Stark, Euler Taveira de
Oliveira)
</para>
</listitem>
<listitem>
<para>
Show relation size in <command>\dt+</> output (Dickson S.
Guedes)
</para>
</listitem>
<listitem>
<para>
Show the possible values of <literal>enum</> types in <command>\dT+</>
(David Fetter)
</para>
</listitem>
<listitem>
<para>
Allow <command>\dC</> to accept a wildcard pattern, which matches
either datatype involved in the cast (Tom)
</para>
</listitem>
<listitem>
<para>
Add a function type column to <command>\df</>'s output, and add
options to list only selected types of functions (David Fetter)
</para>
</listitem>
<listitem>
<para>
Make <command>\df</> not hide functions that take or return
type <type>cstring</> (Tom)
</para>
<para>
Previously, such functions were hidden because most of them are
datatype I/O functions, which were deemed uninteresting. The new
policy about hiding system functions by default makes this wart
unnecessary.
</para>
</listitem>
</itemizedlist>
</sect4>
<sect4>
<title><application>pg_dump</></title>
<itemizedlist>
<listitem>
<para>
Add a <literal>--no-tablespaces</> option to
<application>pg_dump</>/<application>pg_dumpall</>/<application>pg_restore</>
so that dumps can be restored to clusters that have non-matching
tablespace layouts (Gavin Roy)
</para>
</listitem>
<listitem>
<para>
Remove <option>-d</> and <option>-D</> options from
<application>pg_dump</> and <application>pg_dumpall</> (Tom)
</para>
<para>
These options were too frequently confused with the option to
select a database name in other <productname>PostgreSQL</>
client applications. The functionality is still available,
but you must now spell out the long option name
<option>--inserts</> or <option>--column-inserts</>.
</para>
</listitem>
<listitem>
<para>
Remove <option>-i</>/<option>--ignore-version</> option from
<application>pg_dump</> and <application>pg_dumpall</> (Tom)
</para>
<para>
Use of this option does not throw an error, but it has no
effect. This option was removed because the version checks
are necessary for safety.
</para>
</listitem>
<listitem>
<para>
Disable <varname>statement_timeout</> during dump and restore
(Joshua Drake)
</para>
</listitem>
<listitem>
<para>
Add <application>pg_dump</>/<application>pg_dumpall</> option
<option>--lock-wait-timeout</> (David Gould)
</para>
<para>
This allows dumps to fail if unable to acquire a shared lock
within the specified amount of time.
</para>
</listitem>
<listitem>
<para>
Reorder <application>pg_dump</> <literal>--data-only</> output
to dump tables referenced by foreign keys before
the referencing tables (Tom)
</para>
<para>
This allows data loads when foreign keys are already present.
If circular references make a safe ordering impossible, a
<literal>NOTICE</> is issued.
</para>
</listitem>
<listitem>
<para>
Allow <application>pg_dump</>, <application>pg_dumpall</>, and
<application>pg_restore</> to use a specified role (Benedek
L&aacute;szl&oacute;)
</para>
</listitem>
<listitem>
<para>
Allow <application>pg_restore</> to use multiple concurrent
connections to do the restore (Andrew)
</para>
<para>
The number of concurrent connections is controlled by the option
<literal>--jobs</>. This is supported only for custom-format archives.
</para>
</listitem>
</itemizedlist>
</sect4>
</sect3>
<sect3>
<title>Programming Tools</title>
<sect4>
<title><application>libpq</></title>
<itemizedlist>
<listitem>
<para>
Allow the <type>OID</> to be specified when importing a large
object, via new function <function>lo_import_with_oid()</> (Tatsuo)
</para>
</listitem>
<listitem>
<para>
Add <quote>events</> support (Andrew Chernow, Merlin Moncure)
</para>
<para>
This adds the ability to register callbacks to manage private
data associated with <structname>PGconn</> and <structname>PGresult</>
objects.
</para>
</listitem>
<listitem>
<para>
Improve error handling to allow the return of multiple
error messages as multi-line error reports (Magnus)
</para>
</listitem>
<listitem>
<para>
Make <function>PQexecParams()</> and related functions return
<varname>PGRES_EMPTY_QUERY</> for an empty query (Tom)
</para>
<para>
They previously returned <varname>PGRES_COMMAND_OK</>.
</para>
</listitem>
<listitem>
<para>
Document how to avoid the overhead of <function>WSACleanup()</>
on Windows (Andrew Chernow)
</para>
</listitem>
<listitem>
<para>
Do not rely on Kerberos tickets to determine the default database
username (Magnus)
</para>
<para>
Previously, a Kerberos-capable build of libpq would use the
principal name from any available Kerberos ticket as default
database username, even if the connection wasn't using Kerberos
authentication. This was deemed inconsistent and confusing.
The default username is now determined the same way with or
without Kerberos. Note however that the database username must still
match the ticket when Kerberos authentication is used.
</para>
</listitem>
</itemizedlist>
</sect4>
<sect4>
<title><application>libpq</> <acronym>SSL</> (Secure Sockets Layer)
support</title>
<itemizedlist>
<listitem>
<para>
Fix certificate validation for <acronym>SSL</> connections
(Magnus)
</para>
<para>
<application>libpq</> now supports verifying both the certificate
and the name of the server when making <acronym>SSL</>
connections. If a root certificate is not available to use for
verification, <acronym>SSL</> connections will fail. The
<literal>sslmode</> parameter is used to enable certificate
verification and set the level of checking.
The default is still not to do any verification, allowing connections
to SSL-enabled servers without requiring a root certificate on the
client.
</para>
</listitem>
<listitem>
<para>
Support wildcard server certificates (Magnus)
</para>
<para>
If a certificate <acronym>CN</> starts with <literal>*</>, it will
be treated as a wildcard when matching the hostname, allowing the
use of the same certificate for multiple servers.
</para>
</listitem>
<listitem>
<para>
Allow the file locations for client certificates to be specified
(Mark Woodward, Alvaro, Magnus)
</para>
</listitem>
<listitem>
<para>
Add a <function>PQinitOpenSSL</> function to allow greater control
over OpenSSL/libcrypto initialization (Andrew Chernow)
</para>
</listitem>
<listitem>
<para>
Make <application>libpq</> unregister its <application>OpenSSL</>
callbacks when no database connections remain open
(Bruce, Magnus, Russell Smith)
</para>
<para>
This is required for applications that unload the libpq library,
otherwise invalid <application>OpenSSL</> callbacks will remain.
</para>
</listitem>
</itemizedlist>
</sect4>
<sect4>
<title><application>ecpg</></title>
<itemizedlist>
<listitem>
<para>
Add localization support for messages (Euler Taveira de
Oliveira)
</para>
</listitem>
<listitem>
<para>
ecpg parser is now automatically generated from the server
parser (Michael)
</para>
<para>
Previously the ecpg parser was hand-maintained.
</para>
</listitem>
</itemizedlist>
</sect4>
<sect4>
<title>Server Programming Interface (<acronym>SPI</>)</title>
<itemizedlist>
<listitem>
<para>
Add support for single-use plans with out-of-line
parameters (Tom)
</para>
</listitem>
<listitem>
<para>
Add new <varname>SPI_OK_REWRITTEN</> return code for
<function>SPI_execute()</> (Heikki)
</para>
<para>
This is used when a command is rewritten to another type of
command.
</para>
</listitem>
<listitem>
<para>
Remove unnecessary inclusions from <filename>executor/spi.h</> (Tom)
</para>
<para>
SPI-using modules might need to add some <literal>#include</>
lines if they were depending on <filename>spi.h</> to include
things for them.
</para>
</listitem>
</itemizedlist>
</sect4>
</sect3>
<sect3>
<title>Build Options</title>
<itemizedlist>
<listitem>
<para>
Update build system to use <productname>Autoconf</> 2.61 (Peter)
</para>
</listitem>
<listitem>
<para>
Require <productname>GNU bison</> for source code builds (Peter)
</para>
<para>
This has effectively been required for several years, but now there
is no infrastructure claiming to support other parser tools.
</para>
</listitem>
<listitem>
<para>
Add <application>pg_config</> <literal>--htmldir</> option
(Peter)
</para>
</listitem>
<listitem>
<para>
Pass <type>float4</> by value inside the server (Zoltan
Boszormenyi)
</para>
<para>
Add <application>configure</> option
<literal>--disable-float4-byval</> to use the old behavior.
External C functions that use old-style (version 0) call convention
and pass or return <type>float4</> values will be broken by this
change, so you may need the <application>configure</> option if you
have such functions and don't want to update them.
</para>
</listitem>
<listitem>
<para>
Pass <type>float8</>, <type>int8</>, and related datatypes
by value inside the server on 64-bit platforms (Zoltan Boszormenyi)
</para>
<para>
Add <application>configure</> option
<literal>--disable-float8-byval</> to use the old behavior.
As above, this change might break old-style external C functions.
</para>
</listitem>
<listitem>
<para>
Add configure options <literal>--with-segsize</>,
<literal>--with-blocksize</>, <literal>--with-wal-blocksize</>,
<literal>--with-wal-segsize</> (Zdenek Kotala, Tom)
</para>
<para>
This simplifies build-time control over several constants that
previously could only be changed by editing
<filename>pg_config_manual.h</>.
</para>
</listitem>
<listitem>
<para>
Allow threaded builds on <productname>Solaris</> 2.5 (Bruce)
</para>
</listitem>
<listitem>
<para>
Use the system's <function>getopt_long()</> on <productname>Solaris</>
(Zdenek Kotala, Tom)
</para>
<para>
This makes option processing more consistent with what Solaris users
expect.
</para>
</listitem>
<listitem>
<para>
Add support for the <productname>Sun Studio</> compiler on
<productname>Linux</> (Julius Stroffek)
</para>
</listitem>
<listitem>
<para>
Append the major version number to the backend <application>gettext</>
domain, and the <literal>soname</> major version number to
libraries' <application>gettext</> domain (Peter)
</para>
<para>
This simplifies parallel installations of multiple versions.
</para>
</listitem>
<listitem>
<para>
Add support for code coverage testing with <application>gcov</>
(Michelle Caisse)
</para>
</listitem>
<listitem>
<para>
Allow out-of-tree builds on <productname>Mingw</> and
<productname>Cygwin</> (Richard Evans)
</para>
</listitem>
<listitem>
<para>
Fix the use of <productname>Mingw</> as a cross-compiling source
platform (Peter)
</para>
</listitem>
</itemizedlist>
</sect3>
<sect3>
<title>Source Code</title>
<itemizedlist>
<listitem>
<para>
Support 64-bit time zone data files (Heikki)
</para>
<para>
This adds support for daylight saving time (<acronym>DST</>)
calculations beyond the year 2038.
</para>
</listitem>
<listitem>
<para>
Deprecate use of platform's <type>time_t</> data type (Tom)
</para>
<para>
Some platforms have migrated to 64-bit <type>time_t</>, some have
not, and Windows can't make up its mind what it's doing. Define
<type>pg_time_t</> to have the same meaning as <type>time_t</>,
but always be 64 bits (unless the platform has no 64-bit integer type),
and use that type in all module APIs and on-disk data formats.
</para>
</listitem>
<listitem>
<para>
Fix bug in handling of the time zone database when cross-compiling
(Richard Evans)
</para>
</listitem>
<listitem>
<para>
Link backend object files in one step, rather than in stages
(Peter)
</para>
</listitem>
<listitem>
<para>
Improve <application>gettext</> support to allow better translation
of plurals (Peter)
</para>
</listitem>
<listitem>
<para>
Add message translation support to the PL languages (Alvaro, Peter)
</para>
</listitem>
<listitem>
<para>
Add more <application>DTrace</> probes (Robert Lor)
</para>
</listitem>
<listitem>
<para>
Enable <application>DTrace</> support on <application>Mac OS X
Leopard</> and other non-Solaris platforms (Robert Lor)
</para>
</listitem>
<listitem>
<para>
Simplify and standardize conversions between C strings and
<type>text</> datums, by providing common functions for the purpose
(Brendan Jurd, Tom)
</para>
</listitem>
<listitem>
<para>
Clean up the <filename>include/catalog/</> header files so that
frontend programs can include them without including
<filename>postgres.h</>
(Zdenek Kotala)
</para>
</listitem>
<listitem>
<para>
Make <type>name</> char-aligned, and suppress zero-padding of
<type>name</> entries in indexes (Tom)
</para>
</listitem>
<listitem>
<para>
Recover better if dynamically-loaded code executes <function>exit()</>
(Tom)
</para>
</listitem>
<listitem>
<para>
Add a hook to let plug-ins monitor the executor (Itagaki
Takahiro)
</para>
</listitem>
<listitem>
<para>
Add a hook to allow the planner's statistics lookup behavior to
be overridden (Simon Riggs)
</para>
</listitem>
<listitem>
<para>
Add <function>shmem_startup_hook()</> for custom shared memory
requirements (Tom)
</para>
</listitem>
<listitem>
<para>
Replace the index access method <function>amgetmulti</> entry point
with <function>amgetbitmap</>, and extend the API for
<function>amgettuple</> to support run-time determination of
operator lossiness (Heikki, Tom, Teodor)
</para>
<para>
The API for GIN and GiST opclass <function>consistent</> functions
has been extended as well.
</para>
</listitem>
<listitem>
<para>
Add support for partial-match searches in <acronym>GIN</> indexes
(Teodor Sigaev, Oleg Bartunov)
</para>
</listitem>
<listitem>
<para>
Replace <structname>pg_class</> column <structfield>reltriggers</>
with boolean <structfield>relhastriggers</> (Simon)
</para>
<para>
Also remove unused <structname>pg_class</> columns
<structfield>relukeys</>, <structfield>relfkeys</>, and
<structfield>relrefs</>.
</para>
</listitem>
<listitem>
<para>
Add a <structfield>relistemp</> column to <structname>pg_class</>
to ease identification of temporary tables (Tom)
</para>
</listitem>
<listitem>
<para>
Move platform <acronym>FAQ</>s into the main documentation
(Peter)
</para>
</listitem>
<listitem>
<para>
Prevent parser input files from being built with any conflicts
(Peter)
</para>
</listitem>
<listitem>
<para>
Add support for the <literal>KOI8U</> (Ukrainian) encoding
(Peter)
</para>
</listitem>
<listitem>
<para>
Add Japanese message translations (Japan PostgreSQL Users Group)
</para>
<para>
This used to be maintained as a separate project.
</para>
</listitem>
<listitem>
<para>
Fix problem when setting <varname>LC_MESSAGES</> on
<application>MSVC</>-built systems (Hiroshi Inoue, Hiroshi
Saito, Magnus)
</para>
</listitem>
</itemizedlist>
</sect3>
<sect3>
<title>Contrib</title>
<itemizedlist>
<listitem>
<para>
Add <filename>contrib/auto_explain</> to automatically run
<command>EXPLAIN</> on queries exceeding a specified duration
(Itagaki Takahiro, Tom)
</para>
</listitem>
<listitem>
<para>
Add <filename>contrib/btree_gin</> to allow GIN indexes to
handle more datatypes (Oleg, Teodor)
</para>
</listitem>
<listitem>
<para>
Add <filename>contrib/citext</> to provide a case-insensitive,
multibyte-aware text data type (David Wheeler)
</para>
</listitem>
<listitem>
<para>
Add <filename>contrib/pg_stat_statements</> for server-wide
tracking of statement execution statistics (Itagaki Takahiro)
</para>
</listitem>
<listitem>
<para>
Add duration and query mode options to <filename>contrib/pgbench</>
(Itagaki Takahiro)
</para>
</listitem>
<listitem>
<para>
Make <filename>contrib/pgbench</> use table names
<structname>pgbench_accounts</>, <structname>pgbench_branches</>,
<structname>pgbench_history</>, and <structname>pgbench_tellers</>,
rather than just <structname>accounts</>, <structname>branches</>,
<structname>history</>, and <structname>tellers</> (Tom)
</para>
<para>
This is to reduce the risk of accidentally destroying real data
by running <application>pgbench</>.
</para>
</listitem>
<listitem>
<para>
Fix <filename>contrib/pgstattuple</> to handle tables and
indexes with over 2 billion pages (Tatsuhito Kasahara)
</para>
</listitem>
<listitem>
<para>
In <filename>contrib/fuzzystrmatch</>, add a version of the
Levenshtein string-distance function that allows the user to
specify the costs of insertion, deletion, and substitution
(Volkan Yazici)
</para>
</listitem>
<listitem>
<para>
Make <filename>contrib/ltree</> support multibyte encodings
(laser)
</para>
</listitem>
<listitem>
<para>
Enable <filename>contrib/dblink</> to use connection information
stored in the SQL/MED catalogs (Joe Conway)
</para>
</listitem>
<listitem>
<para>
Improve <filename>contrib/dblink</>'s reporting of errors from
the remote server (Joe Conway)
</para>
</listitem>
<listitem>
<para>
Make <filename>contrib/dblink</> set <varname>client_encoding</>
to match the local database's encoding (Joe Conway)
</para>
<para>
This prevents encoding problems when communicating with a remote
database that uses a different encoding.
</para>
</listitem>
<listitem>
<para>
Make sure <filename>contrib/dblink</> uses a password supplied
by the user, and not accidentally taken from the server's
<filename>.pgpass</> file (Joe Conway)
</para>
<para>
This is a minor security enhancement.
</para>
</listitem>
<listitem>
<para>
Add <function>fsm_page_contents()</>
to <filename>contrib/pageinspect</> (Heikki)
</para>
</listitem>
<listitem>
<para>
Modify <function>get_raw_page()</> to support free space map
(<filename>*_fsm</>) files. Also update
<filename>contrib/pg_freespacemap</>.
</para>
</listitem>
<listitem>
<para>
Add support for multibyte encodings to <filename>contrib/pg_trgm</>
(Teodor)
</para>
</listitem>
<listitem>
<para>
Rewrite <filename>contrib/intagg</> to use new
functions <function>array_agg()</> and <function>unnest()</>
(Tom)
</para>
</listitem>
<listitem>
<para>
Make <filename>contrib/pg_standby</> recover all available WAL before
failover (Fujii Masao, Simon, Heikki)
</para>
<para>
To make this work safely, you now need to set the new
<literal>recovery_end_command</> option in <filename>recovery.conf</>
to clean up the trigger file after failover. <application>pg_standby</>
will no longer remove the trigger file itself.
</para>
</listitem>
<listitem>
<para>
<filename>contrib/pg_standby</>'s <option>-l</> option is now a no-op,
because it is unsafe to use a symlink (Simon)
</para>
</listitem>
</itemizedlist>
</sect3>
</sect2>
</sect1>
Reference in New Issue View Git Blame Copy Permalink