diff options
Diffstat (limited to 'doc/src/sgml/release-9.0.sgml')
| -rw-r--r-- | doc/src/sgml/release-9.0.sgml | 11091 |
1 files changed, 0 insertions, 11091 deletions
diff --git a/doc/src/sgml/release-9.0.sgml b/doc/src/sgml/release-9.0.sgml deleted file mode 100644 index 9e90f5a7f32..00000000000 --- a/doc/src/sgml/release-9.0.sgml +++ /dev/null @@ -1,11091 +0,0 @@ -<!-- doc/src/sgml/release-9.0.sgml --> -<!-- See header comment in release.sgml about typical markup --> - - <sect1 id="release-9-0-23"> - <title>Release 9.0.23</title> - - <formalpara> - <title>Release date:</title> - <para>2015-10-08</para> - </formalpara> - - <para> - This release contains a variety of fixes from 9.0.22. - For information about new features in the 9.0 major release, see - <xref linkend="release-9-0"/>. - </para> - - <para> - This is expected to be the last <productname>PostgreSQL</productname> release - in the 9.0.X series. Users are encouraged to update to a newer - release branch soon. - </para> - - <sect2> - <title>Migration to Version 9.0.23</title> - - <para> - A dump/restore is not required for those running 9.0.X. - </para> - - <para> - However, if you are upgrading from a version earlier than 9.0.18, - see <xref linkend="release-9-0-18"/>. - </para> - - </sect2> - - <sect2> - <title>Changes</title> - - <itemizedlist> - - <listitem> - <para> - Fix <filename>contrib/pgcrypto</filename> to detect and report - too-short <function>crypt()</function> salts (Josh Kupershmidt) - </para> - - <para> - Certain invalid salt arguments crashed the server or disclosed a few - bytes of server memory. We have not ruled out the viability of - attacks that arrange for presence of confidential information in the - disclosed bytes, but they seem unlikely. (CVE-2015-5288) - </para> - </listitem> - - <listitem> - <para> - Fix subtransaction cleanup after a portal (cursor) belonging to an - outer subtransaction fails (Tom Lane, Michael Paquier) - </para> - - <para> - A function executed in an outer-subtransaction cursor could cause an - assertion failure or crash by referencing a relation created within an - inner subtransaction. - </para> - </listitem> - - <listitem> - <para> - Fix insertion of relations into the relation cache <quote>init file</quote> - (Tom Lane) - </para> - - <para> - An oversight in a patch in the most recent minor releases - caused <structname>pg_trigger_tgrelid_tgname_index</structname> to be omitted - from the init file. Subsequent sessions detected this, then deemed the - init file to be broken and silently ignored it, resulting in a - significant degradation in session startup time. In addition to fixing - the bug, install some guards so that any similar future mistake will be - more obvious. - </para> - </listitem> - - <listitem> - <para> - Avoid O(N^2) behavior when inserting many tuples into a SPI query - result (Neil Conway) - </para> - </listitem> - - <listitem> - <para> - Improve <command>LISTEN</command> startup time when there are many unread - notifications (Matt Newell) - </para> - </listitem> - - <listitem> - <para> - Disable SSL renegotiation by default (Michael Paquier, Andres Freund) - </para> - - <para> - While use of SSL renegotiation is a good idea in theory, we have seen - too many bugs in practice, both in the underlying OpenSSL library and - in our usage of it. Renegotiation will be removed entirely in 9.5 and - later. In the older branches, just change the default value - of <varname>ssl_renegotiation_limit</varname> to zero (disabled). - </para> - </listitem> - - <listitem> - <para> - Lower the minimum values of the <literal>*_freeze_max_age</literal> parameters - (Andres Freund) - </para> - - <para> - This is mainly to make tests of related behavior less time-consuming, - but it may also be of value for installations with limited disk space. - </para> - </listitem> - - <listitem> - <para> - Limit the maximum value of <varname>wal_buffers</varname> to 2GB to avoid - server crashes (Josh Berkus) - </para> - </listitem> - - <listitem> - <para> - Fix rare internal overflow in multiplication of <type>numeric</type> values - (Dean Rasheed) - </para> - </listitem> - - <listitem> - <para> - Guard against hard-to-reach stack overflows involving record types, - range types, <type>json</type>, <type>jsonb</type>, <type>tsquery</type>, - <type>ltxtquery</type> and <type>query_int</type> (Noah Misch) - </para> - </listitem> - - <listitem> - <para> - Fix handling of <literal>DOW</literal> and <literal>DOY</literal> in datetime input - (Greg Stark) - </para> - - <para> - These tokens aren't meant to be used in datetime values, but previously - they resulted in opaque internal error messages rather - than <quote>invalid input syntax</quote>. - </para> - </listitem> - - <listitem> - <para> - Add more query-cancel checks to regular expression matching (Tom Lane) - </para> - </listitem> - - <listitem> - <para> - Add recursion depth protections to regular expression, <literal>SIMILAR - TO</literal>, and <literal>LIKE</literal> matching (Tom Lane) - </para> - - <para> - Suitable search patterns and a low stack depth limit could lead to - stack-overrun crashes. - </para> - </listitem> - - <listitem> - <para> - Fix potential infinite loop in regular expression execution (Tom Lane) - </para> - - <para> - A search pattern that can apparently match a zero-length string, but - actually doesn't match because of a back reference, could lead to an - infinite loop. - </para> - </listitem> - - <listitem> - <para> - Fix low-memory failures in regular expression compilation - (Andreas Seltenreich) - </para> - </listitem> - - <listitem> - <para> - Fix low-probability memory leak during regular expression execution - (Tom Lane) - </para> - </listitem> - - <listitem> - <para> - Fix rare low-memory failure in lock cleanup during transaction abort - (Tom Lane) - </para> - </listitem> - - <listitem> - <para> - Fix <quote>unexpected out-of-memory situation during sort</quote> errors - when using tuplestores with small <varname>work_mem</varname> settings (Tom - Lane) - </para> - </listitem> - - <listitem> - <para> - Fix very-low-probability stack overrun in <function>qsort</function> (Tom Lane) - </para> - </listitem> - - <listitem> - <para> - Fix <quote>invalid memory alloc request size</quote> failure in hash joins - with large <varname>work_mem</varname> settings (Tomas Vondra, Tom Lane) - </para> - </listitem> - - <listitem> - <para> - Fix assorted planner bugs (Tom Lane) - </para> - - <para> - These mistakes could lead to incorrect query plans that would give wrong - answers, or to assertion failures in assert-enabled builds, or to odd - planner errors such as <quote>could not devise a query plan for the - given query</quote>, <quote>could not find pathkey item to - sort</quote>, <quote>plan should not reference subplan's variable</quote>, - or <quote>failed to assign all NestLoopParams to plan nodes</quote>. - Thanks are due to Andreas Seltenreich and Piotr Stefaniak for fuzz - testing that exposed these problems. - </para> - </listitem> - - <listitem> - <para> - Use fuzzy path cost tiebreaking rule in all supported branches (Tom Lane) - </para> - - <para> - This change is meant to avoid platform-specific behavior when - alternative plan choices have effectively-identical estimated costs. - </para> - </listitem> - - <listitem> - <para> - During postmaster shutdown, ensure that per-socket lock files are - removed and listen sockets are closed before we remove - the <filename>postmaster.pid</filename> file (Tom Lane) - </para> - - <para> - This avoids race-condition failures if an external script attempts to - start a new postmaster as soon as <literal>pg_ctl stop</literal> returns. - </para> - </listitem> - - <listitem> - <para> - Fix postmaster's handling of a startup-process crash during crash - recovery (Tom Lane) - </para> - - <para> - If, during a crash recovery cycle, the startup process crashes without - having restored database consistency, we'd try to launch a new startup - process, which typically would just crash again, leading to an infinite - loop. - </para> - </listitem> - - <listitem> - <para> - Do not print a <literal>WARNING</literal> when an autovacuum worker is already - gone when we attempt to signal it, and reduce log verbosity for such - signals (Tom Lane) - </para> - </listitem> - - <listitem> - <para> - Prevent autovacuum launcher from sleeping unduly long if the server - clock is moved backwards a large amount (Álvaro Herrera) - </para> - </listitem> - - <listitem> - <para> - Ensure that cleanup of a GIN index's pending-insertions list is - interruptable by cancel requests (Jeff Janes) - </para> - </listitem> - - <listitem> - <para> - Allow all-zeroes pages in GIN indexes to be reused (Heikki Linnakangas) - </para> - - <para> - Such a page might be left behind after a crash. - </para> - </listitem> - - <listitem> - <para> - Fix off-by-one error that led to otherwise-harmless warnings - about <quote>apparent wraparound</quote> in subtrans/multixact truncation - (Thomas Munro) - </para> - </listitem> - - <listitem> - <para> - Fix misreporting of <command>CONTINUE</command> and <command>MOVE</command> statement - types in <application>PL/pgSQL</application>'s error context messages - (Pavel Stehule, Tom Lane) - </para> - </listitem> - - <listitem> - <para> - Fix some places in <application>PL/Tcl</application> that neglected to check for - failure of <function>malloc()</function> calls (Michael Paquier, Álvaro - Herrera) - </para> - </listitem> - - <listitem> - <para> - Improve <application>libpq</application>'s handling of out-of-memory conditions - (Michael Paquier, Heikki Linnakangas) - </para> - </listitem> - - <listitem> - <para> - Fix memory leaks and missing out-of-memory checks - in <application>ecpg</application> (Michael Paquier) - </para> - </listitem> - - <listitem> - <para> - Fix <application>psql</application>'s code for locale-aware formatting of numeric - output (Tom Lane) - </para> - - <para> - The formatting code invoked by <literal>\pset numericlocale on</literal> - did the wrong thing for some uncommon cases such as numbers with an - exponent but no decimal point. It could also mangle already-localized - output from the <type>money</type> data type. - </para> - </listitem> - - <listitem> - <para> - Prevent crash in <application>psql</application>'s <command>\c</command> command when - there is no current connection (Noah Misch) - </para> - </listitem> - - <listitem> - <para> - Ensure that temporary files created during a <application>pg_dump</application> - run with <acronym>tar</acronym>-format output are not world-readable (Michael - Paquier) - </para> - </listitem> - - <listitem> - <para> - Fix <application>pg_dump</application> and <application>pg_upgrade</application> to support - cases where the <literal>postgres</literal> or <literal>template1</literal> database - is in a non-default tablespace (Marti Raudsepp, Bruce Momjian) - </para> - </listitem> - - <listitem> - <para> - Fix <application>pg_dump</application> to handle object privileges sanely when - dumping from a server too old to have a particular privilege type - (Tom Lane) - </para> - - <para> - When dumping functions or procedural languages from pre-7.3 - servers, <application>pg_dump</application> would - produce <command>GRANT</command>/<command>REVOKE</command> commands that revoked the - owner's grantable privileges and instead granted all privileges - to <literal>PUBLIC</literal>. Since the privileges involved are - just <literal>USAGE</literal> and <literal>EXECUTE</literal>, this isn't a security - problem, but it's certainly a surprising representation of the older - systems' behavior. Fix it to leave the default privilege state alone - in these cases. - </para> - </listitem> - - <listitem> - <para> - Fix <application>pg_dump</application> to dump shell types (Tom Lane) - </para> - - <para> - Shell types (that is, not-yet-fully-defined types) aren't useful for - much, but nonetheless <application>pg_dump</application> should dump them. - </para> - </listitem> - - <listitem> - <para> - Fix spinlock assembly code for PPC hardware to be compatible - with <acronym>AIX</acronym>'s native assembler (Tom Lane) - </para> - - <para> - Building with <application>gcc</application> didn't work if <application>gcc</application> - had been configured to use the native assembler, which is becoming more - common. - </para> - </listitem> - - <listitem> - <para> - On <acronym>AIX</acronym>, test the <literal>-qlonglong</literal> compiler option - rather than just assuming it's safe to use (Noah Misch) - </para> - </listitem> - - <listitem> - <para> - On <acronym>AIX</acronym>, use <literal>-Wl,-brtllib</literal> link option to allow - symbols to be resolved at runtime (Noah Misch) - </para> - - <para> - Perl relies on this ability in 5.8.0 and later. - </para> - </listitem> - - <listitem> - <para> - Avoid use of inline functions when compiling with - 32-bit <application>xlc</application>, due to compiler bugs (Noah Misch) - </para> - </listitem> - - <listitem> - <para> - Use <filename>librt</filename> for <function>sched_yield()</function> when necessary, - which it is on some Solaris versions (Oskari Saarenmaa) - </para> - </listitem> - - <listitem> - <para> - Fix Windows <filename>install.bat</filename> script to handle target directory - names that contain spaces (Heikki Linnakangas) - </para> - </listitem> - - <listitem> - <para> - Make the numeric form of the <productname>PostgreSQL</productname> version number - (e.g., <literal>90405</literal>) readily available to extension Makefiles, - as a variable named <varname>VERSION_NUM</varname> (Michael Paquier) - </para> - </listitem> - - <listitem> - <para> - Update time zone data files to <application>tzdata</application> release 2015g for - DST law changes in Cayman Islands, Fiji, Moldova, Morocco, Norfolk - Island, North Korea, Turkey, and Uruguay. There is a new zone name - <literal>America/Fort_Nelson</literal> for the Canadian Northern Rockies. - </para> - </listitem> - - </itemizedlist> - - </sect2> - </sect1> - - <sect1 id="release-9-0-22"> - <title>Release 9.0.22</title> - - <formalpara> - <title>Release date:</title> - <para>2015-06-12</para> - </formalpara> - - <para> - This release contains a small number of fixes from 9.0.21. - For information about new features in the 9.0 major release, see - <xref linkend="release-9-0"/>. - </para> - - <para> - The <productname>PostgreSQL</productname> community will stop releasing updates - for the 9.0.X release series in September 2015. - Users are encouraged to update to a newer release branch soon. - </para> - - <sect2> - <title>Migration to Version 9.0.22</title> - - <para> - A dump/restore is not required for those running 9.0.X. - </para> - - <para> - However, if you are upgrading from a version earlier than 9.0.18, - see <xref linkend="release-9-0-18"/>. - </para> - - </sect2> - - <sect2> - <title>Changes</title> - - <itemizedlist> - - <listitem> - <para> - Fix rare failure to invalidate relation cache init file (Tom Lane) - </para> - - <para> - With just the wrong timing of concurrent activity, a <command>VACUUM - FULL</command> on a system catalog might fail to update the <quote>init file</quote> - that's used to avoid cache-loading work for new sessions. This would - result in later sessions being unable to access that catalog at all. - This is a very ancient bug, but it's so hard to trigger that no - reproducible case had been seen until recently. - </para> - </listitem> - - <listitem> - <para> - Avoid deadlock between incoming sessions and <literal>CREATE/DROP - DATABASE</literal> (Tom Lane) - </para> - - <para> - A new session starting in a database that is the target of - a <command>DROP DATABASE</command> command, or is the template for - a <command>CREATE DATABASE</command> command, could cause the command to wait - for five seconds and then fail, even if the new session would have - exited before that. - </para> - </listitem> - - </itemizedlist> - - </sect2> - </sect1> - - <sect1 id="release-9-0-21"> - <title>Release 9.0.21</title> - - <formalpara> - <title>Release date:</title> - <para>2015-06-04</para> - </formalpara> - - <para> - This release contains a small number of fixes from 9.0.20. - For information about new features in the 9.0 major release, see - <xref linkend="release-9-0"/>. - </para> - - <para> - The <productname>PostgreSQL</productname> community will stop releasing updates - for the 9.0.X release series in September 2015. - Users are encouraged to update to a newer release branch soon. - </para> - - <sect2> - <title>Migration to Version 9.0.21</title> - - <para> - A dump/restore is not required for those running 9.0.X. - </para> - - <para> - However, if you are upgrading from a version earlier than 9.0.18, - see <xref linkend="release-9-0-18"/>. - </para> - - </sect2> - - <sect2> - <title>Changes</title> - - <itemizedlist> - - <listitem> - <para> - Avoid failures while <function>fsync</function>'ing data directory during - crash restart (Abhijit Menon-Sen, Tom Lane) - </para> - - <para> - In the previous minor releases we added a patch to <function>fsync</function> - everything in the data directory after a crash. Unfortunately its - response to any error condition was to fail, thereby preventing the - server from starting up, even when the problem was quite harmless. - An example is that an unwritable file in the data directory would - prevent restart on some platforms; but it is common to make SSL - certificate files unwritable by the server. Revise this behavior so - that permissions failures are ignored altogether, and other types of - failures are logged but do not prevent continuing. - </para> - </listitem> - - <listitem> - <para> - Remove <application>configure</application>'s check prohibiting linking to a - threaded <application>libpython</application> - on <systemitem class="osname">OpenBSD</systemitem> (Tom Lane) - </para> - - <para> - The failure this restriction was meant to prevent seems to not be a - problem anymore on current <systemitem class="osname">OpenBSD</systemitem> - versions. - </para> - </listitem> - - <listitem> - <para> - Allow <application>libpq</application> to use TLS protocol versions beyond v1 - (Noah Misch) - </para> - - <para> - For a long time, <application>libpq</application> was coded so that the only SSL - protocol it would allow was TLS v1. Now that newer TLS versions are - becoming popular, allow it to negotiate the highest commonly-supported - TLS version with the server. (<productname>PostgreSQL</productname> servers were - already capable of such negotiation, so no change is needed on the - server side.) This is a back-patch of a change already released in - 9.4.0. - </para> - </listitem> - - </itemizedlist> - - </sect2> - </sect1> - - <sect1 id="release-9-0-20"> - <title>Release 9.0.20</title> - - <formalpara> - <title>Release date:</title> - <para>2015-05-22</para> - </formalpara> - - <para> - This release contains a variety of fixes from 9.0.19. - For information about new features in the 9.0 major release, see - <xref linkend="release-9-0"/>. - </para> - - <para> - The <productname>PostgreSQL</productname> community will stop releasing updates - for the 9.0.X release series in September 2015. - Users are encouraged to update to a newer release branch soon. - </para> - - <sect2> - <title>Migration to Version 9.0.20</title> - - <para> - A dump/restore is not required for those running 9.0.X. - </para> - - <para> - However, if you are upgrading from a version earlier than 9.0.18, - see <xref linkend="release-9-0-18"/>. - </para> - - </sect2> - - <sect2> - <title>Changes</title> - - <itemizedlist> - - <listitem> - <para> - Avoid possible crash when client disconnects just before the - authentication timeout expires (Benkocs Norbert Attila) - </para> - - <para> - If the timeout interrupt fired partway through the session shutdown - sequence, SSL-related state would be freed twice, typically causing a - crash and hence denial of service to other sessions. Experimentation - shows that an unauthenticated remote attacker could trigger the bug - somewhat consistently, hence treat as security issue. - (CVE-2015-3165) - </para> - </listitem> - - <listitem> - <para> - Improve detection of system-call failures (Noah Misch) - </para> - - <para> - Our replacement implementation of <function>snprintf()</function> failed to - check for errors reported by the underlying system library calls; - the main case that might be missed is out-of-memory situations. - In the worst case this might lead to information exposure, due to our - code assuming that a buffer had been overwritten when it hadn't been. - Also, there were a few places in which security-relevant calls of other - system library functions did not check for failure. - </para> - - <para> - It remains possible that some calls of the <function>*printf()</function> - family of functions are vulnerable to information disclosure if an - out-of-memory error occurs at just the wrong time. We judge the risk - to not be large, but will continue analysis in this area. - (CVE-2015-3166) - </para> - </listitem> - - <listitem> - <para> - In <filename>contrib/pgcrypto</filename>, uniformly report decryption failures - as <quote>Wrong key or corrupt data</quote> (Noah Misch) - </para> - - <para> - Previously, some cases of decryption with an incorrect key could report - other error message texts. It has been shown that such variance in - error reports can aid attackers in recovering keys from other systems. - While it's unknown whether <filename>pgcrypto</filename>'s specific behaviors - are likewise exploitable, it seems better to avoid the risk by using a - one-size-fits-all message. - (CVE-2015-3167) - </para> - </listitem> - - <listitem> - <para> - Fix incorrect checking of deferred exclusion constraints after a HOT - update (Tom Lane) - </para> - - <para> - If a new row that potentially violates a deferred exclusion constraint - is HOT-updated (that is, no indexed columns change and the row can be - stored back onto the same table page) later in the same transaction, - the exclusion constraint would be reported as violated when the check - finally occurred, even if the row(s) the new row originally conflicted - with had been deleted. - </para> - </listitem> - - <listitem> - <para> - Prevent improper reordering of antijoins (NOT EXISTS joins) versus - other outer joins (Tom Lane) - </para> - - <para> - This oversight in the planner has been observed to cause <quote>could - not find RelOptInfo for given relids</quote> errors, but it seems possible - that sometimes an incorrect query plan might get past that consistency - check and result in silently-wrong query output. - </para> - </listitem> - - <listitem> - <para> - Fix incorrect matching of subexpressions in outer-join plan nodes - (Tom Lane) - </para> - - <para> - Previously, if textually identical non-strict subexpressions were used - both above and below an outer join, the planner might try to re-use - the value computed below the join, which would be incorrect because the - executor would force the value to NULL in case of an unmatched outer row. - </para> - </listitem> - - <listitem> - <para> - Fix GEQO planner to cope with failure of its join order heuristic - (Tom Lane) - </para> - - <para> - This oversight has been seen to lead to <quote>failed to join all - relations together</quote> errors in queries involving <literal>LATERAL</literal>, - and that might happen in other cases as well. - </para> - </listitem> - - <listitem> - <para> - Fix possible deadlock at startup - when <literal>max_prepared_transactions</literal> is too small - (Heikki Linnakangas) - </para> - </listitem> - - <listitem> - <para> - Don't archive useless preallocated WAL files after a timeline switch - (Heikki Linnakangas) - </para> - </listitem> - - <listitem> - <para> - Avoid <quote>cannot GetMultiXactIdMembers() during recovery</quote> error - (Álvaro Herrera) - </para> - </listitem> - - <listitem> - <para> - Recursively <function>fsync()</function> the data directory after a crash - (Abhijit Menon-Sen, Robert Haas) - </para> - - <para> - This ensures consistency if another crash occurs shortly later. (The - second crash would have to be a system-level crash, not just a database - crash, for there to be a problem.) - </para> - </listitem> - - <listitem> - <para> - Fix autovacuum launcher's possible failure to shut down, if an error - occurs after it receives SIGTERM (Álvaro Herrera) - </para> - </listitem> - - <listitem> - <para> - Cope with unexpected signals in <function>LockBufferForCleanup()</function> - (Andres Freund) - </para> - - <para> - This oversight could result in spurious errors about <quote>multiple - backends attempting to wait for pincount 1</quote>. - </para> - </listitem> - - <listitem> - <para> - Avoid waiting for WAL flush or synchronous replication during commit of - a transaction that was read-only so far as the user is concerned - (Andres Freund) - </para> - - <para> - Previously, a delay could occur at commit in transactions that had - written WAL due to HOT page pruning, leading to undesirable effects - such as sessions getting stuck at startup if all synchronous replicas - are down. Sessions have also been observed to get stuck in catchup - interrupt processing when using synchronous replication; this will fix - that problem as well. - </para> - </listitem> - - <listitem> - <para> - Fix crash when manipulating hash indexes on temporary tables - (Heikki Linnakangas) - </para> - </listitem> - - <listitem> - <para> - Fix possible failure during hash index bucket split, if other processes - are modifying the index concurrently (Tom Lane) - </para> - </listitem> - - <listitem> - <para> - Check for interrupts while analyzing index expressions (Jeff Janes) - </para> - - <para> - <command>ANALYZE</command> executes index expressions many times; if there are - slow functions in such an expression, it's desirable to be able to - cancel the <command>ANALYZE</command> before that loop finishes. - </para> - </listitem> - - <listitem> - <para> - Add the name of the target server to object description strings for - foreign-server user mappings (Álvaro Herrera) - </para> - </listitem> - - <listitem> - <para> - Recommend setting <literal>include_realm</literal> to 1 when using - Kerberos/GSSAPI/SSPI authentication (Stephen Frost) - </para> - - <para> - Without this, identically-named users from different realms cannot be - distinguished. For the moment this is only a documentation change, but - it will become the default setting in <productname>PostgreSQL</productname> 9.5. - </para> - </listitem> - - <listitem> - <para> - Remove code for matching IPv4 <filename>pg_hba.conf</filename> entries to - IPv4-in-IPv6 addresses (Tom Lane) - </para> - - <para> - This hack was added in 2003 in response to a report that some Linux - kernels of the time would report IPv4 connections as having - IPv4-in-IPv6 addresses. However, the logic was accidentally broken in - 9.0. The lack of any field complaints since then shows that it's not - needed anymore. Now we have reports that the broken code causes - crashes on some systems, so let's just remove it rather than fix it. - (Had we chosen to fix it, that would make for a subtle and potentially - security-sensitive change in the effective meaning of - IPv4 <filename>pg_hba.conf</filename> entries, which does not seem like a good - thing to do in minor releases.) - </para> - </listitem> - - <listitem> - <para> - While shutting down service on Windows, periodically send status - updates to the Service Control Manager to prevent it from killing the - service too soon; and ensure that <application>pg_ctl</application> will wait for - shutdown (Krystian Bigaj) - </para> - </listitem> - - <listitem> - <para> - Reduce risk of network deadlock when using <application>libpq</application>'s - non-blocking mode (Heikki Linnakangas) - </para> - - <para> - When sending large volumes of data, it's important to drain the input - buffer every so often, in case the server has sent enough response data - to cause it to block on output. (A typical scenario is that the server - is sending a stream of NOTICE messages during <literal>COPY FROM - STDIN</literal>.) This worked properly in the normal blocking mode, but not - so much in non-blocking mode. We've modified <application>libpq</application> - to opportunistically drain input when it can, but a full defense - against this problem requires application cooperation: the application - should watch for socket read-ready as well as write-ready conditions, - and be sure to call <function>PQconsumeInput()</function> upon read-ready. - </para> - </listitem> - - <listitem> - <para> - Fix array handling in <application>ecpg</application> (Michael Meskes) - </para> - </listitem> - - <listitem> - <para> - Fix <application>psql</application> to sanely handle URIs and conninfo strings as - the first parameter to <command>\connect</command> - (David Fetter, Andrew Dunstan, Álvaro Herrera) - </para> - - <para> - This syntax has been accepted (but undocumented) for a long time, but - previously some parameters might be taken from the old connection - instead of the given string, which was agreed to be undesirable. - </para> - </listitem> - - <listitem> - <para> - Suppress incorrect complaints from <application>psql</application> on some - platforms that it failed to write <filename>~/.psql_history</filename> at exit - (Tom Lane) - </para> - - <para> - This misbehavior was caused by a workaround for a bug in very old - (pre-2006) versions of <application>libedit</application>. We fixed it by - removing the workaround, which will cause a similar failure to appear - for anyone still using such versions of <application>libedit</application>. - Recommendation: upgrade that library, or use <application>libreadline</application>. - </para> - </listitem> - - <listitem> - <para> - Fix <application>pg_dump</application>'s rule for deciding which casts are - system-provided casts that should not be dumped (Tom Lane) - </para> - </listitem> - - <listitem> - <para> - Fix dumping of views that are just <literal>VALUES(...)</literal> but have - column aliases (Tom Lane) - </para> - </listitem> - - <listitem> - <para> - In <application>pg_upgrade</application>, force timeline 1 in the new cluster - (Bruce Momjian) - </para> - - <para> - This change prevents upgrade failures caused by bogus complaints about - missing WAL history files. - </para> - </listitem> - - <listitem> - <para> - In <application>pg_upgrade</application>, check for improperly non-connectable - databases before proceeding - (Bruce Momjian) - </para> - </listitem> - - <listitem> - <para> - In <application>pg_upgrade</application>, quote directory paths - properly in the generated <literal>delete_old_cluster</literal> script - (Bruce Momjian) - </para> - </listitem> - - <listitem> - <para> - In <application>pg_upgrade</application>, preserve database-level freezing info - properly - (Bruce Momjian) - </para> - - <para> - This oversight could cause missing-clog-file errors for tables within - the <literal>postgres</literal> and <literal>template1</literal> databases. - </para> - </listitem> - - <listitem> - <para> - Run <application>pg_upgrade</application> and <application>pg_resetxlog</application> with - restricted privileges on Windows, so that they don't fail when run by - an administrator (Muhammad Asif Naeem) - </para> - </listitem> - - <listitem> - <para> - Fix slow sorting algorithm in <filename>contrib/intarray</filename> (Tom Lane) - </para> - </listitem> - - <listitem> - <para> - Fix compile failure on Sparc V8 machines (Rob Rowan) - </para> - </listitem> - - <listitem> - <para> - Update time zone data files to <application>tzdata</application> release 2015d - for DST law changes in Egypt, Mongolia, and Palestine, plus historical - changes in Canada and Chile. Also adopt revised zone abbreviations for - the America/Adak zone (HST/HDT not HAST/HADT). - </para> - </listitem> - - </itemizedlist> - - </sect2> - </sect1> - - <sect1 id="release-9-0-19"> - <title>Release 9.0.19</title> - - <formalpara> - <title>Release date:</title> - <para>2015-02-05</para> - </formalpara> - - <para> - This release contains a variety of fixes from 9.0.18. - For information about new features in the 9.0 major release, see - <xref linkend="release-9-0"/>. - </para> - - <sect2> - <title>Migration to Version 9.0.19</title> - - <para> - A dump/restore is not required for those running 9.0.X. - </para> - - <para> - However, if you are upgrading from a version earlier than 9.0.18, - see <xref linkend="release-9-0-18"/>. - </para> - - </sect2> - - <sect2> - <title>Changes</title> - - <itemizedlist> - - <listitem> - <para> - Fix buffer overruns in <function>to_char()</function> - (Bruce Momjian) - </para> - - <para> - When <function>to_char()</function> processes a numeric formatting template - calling for a large number of digits, <productname>PostgreSQL</productname> - would read past the end of a buffer. When processing a crafted - timestamp formatting template, <productname>PostgreSQL</productname> would write - past the end of a buffer. Either case could crash the server. - We have not ruled out the possibility of attacks that lead to - privilege escalation, though they seem unlikely. - (CVE-2015-0241) - </para> - </listitem> - - <listitem> - <para> - Fix buffer overrun in replacement <function>*printf()</function> functions - (Tom Lane) - </para> - - <para> - <productname>PostgreSQL</productname> includes a replacement implementation - of <function>printf</function> and related functions. This code will overrun - a stack buffer when formatting a floating point number (conversion - specifiers <literal>e</literal>, <literal>E</literal>, <literal>f</literal>, <literal>F</literal>, - <literal>g</literal> or <literal>G</literal>) with requested precision greater than - about 500. This will crash the server, and we have not ruled out the - possibility of attacks that lead to privilege escalation. - A database user can trigger such a buffer overrun through - the <function>to_char()</function> SQL function. While that is the only - affected core <productname>PostgreSQL</productname> functionality, extension - modules that use printf-family functions may be at risk as well. - </para> - - <para> - This issue primarily affects <productname>PostgreSQL</productname> on Windows. - <productname>PostgreSQL</productname> uses the system implementation of these - functions where adequate, which it is on other modern platforms. - (CVE-2015-0242) - </para> - </listitem> - - <listitem> - <para> - Fix buffer overruns in <filename>contrib/pgcrypto</filename> - (Marko Tiikkaja, Noah Misch) - </para> - - <para> - Errors in memory size tracking within the <filename>pgcrypto</filename> - module permitted stack buffer overruns and improper dependence on the - contents of uninitialized memory. The buffer overrun cases can - crash the server, and we have not ruled out the possibility of - attacks that lead to privilege escalation. - (CVE-2015-0243) - </para> - </listitem> - - <listitem> - <para> - Fix possible loss of frontend/backend protocol synchronization after - an error - (Heikki Linnakangas) - </para> - - <para> - If any error occurred while the server was in the middle of reading a - protocol message from the client, it could lose synchronization and - incorrectly try to interpret part of the message's data as a new - protocol message. An attacker able to submit crafted binary data - within a command parameter might succeed in injecting his own SQL - commands this way. Statement timeout and query cancellation are the - most likely sources of errors triggering this scenario. Particularly - vulnerable are applications that use a timeout and also submit - arbitrary user-crafted data as binary query parameters. Disabling - statement timeout will reduce, but not eliminate, the risk of - exploit. Our thanks to Emil Lenngren for reporting this issue. - (CVE-2015-0244) - </para> - </listitem> - - <listitem> - <para> - Fix information leak via constraint-violation error messages - (Stephen Frost) - </para> - - <para> - Some server error messages show the values of columns that violate - a constraint, such as a unique constraint. If the user does not have - <literal>SELECT</literal> privilege on all columns of the table, this could - mean exposing values that the user should not be able to see. Adjust - the code so that values are displayed only when they came from the SQL - command or could be selected by the user. - (CVE-2014-8161) - </para> - </listitem> - - <listitem> - <para> - Lock down regression testing's temporary installations on Windows - (Noah Misch) - </para> - - <para> - Use SSPI authentication to allow connections only from the OS user - who launched the test suite. This closes on Windows the same - vulnerability previously closed on other platforms, namely that other - users might be able to connect to the test postmaster. - (CVE-2014-0067) - </para> - </listitem> - - <listitem> - <para> - Avoid possible data corruption if <command>ALTER DATABASE SET - TABLESPACE</command> is used to move a database to a new tablespace and then - shortly later move it back to its original tablespace (Tom Lane) - </para> - </listitem> - - <listitem> - <para> - Avoid corrupting tables when <command>ANALYZE</command> inside a transaction - is rolled back (Andres Freund, Tom Lane, Michael Paquier) - </para> - - <para> - If the failing transaction had earlier removed the last index, rule, or - trigger from the table, the table would be left in a corrupted state - with the relevant <structname>pg_class</structname> flags not set though they - should be. - </para> - </listitem> - - <listitem> - <para> - Fix use-of-already-freed-memory problem in EvalPlanQual processing - (Tom Lane) - </para> - - <para> - In <literal>READ COMMITTED</literal> mode, queries that lock or update - recently-updated rows could crash as a result of this bug. - </para> - </listitem> - - <listitem> - <para> - Fix planning of <command>SELECT FOR UPDATE</command> when using a partial - index on a child table (Kyotaro Horiguchi) - </para> - - <para> - In <literal>READ COMMITTED</literal> mode, <command>SELECT FOR UPDATE</command> must - also recheck the partial index's <literal>WHERE</literal> condition when - rechecking a recently-updated row to see if it still satisfies the - query's <literal>WHERE</literal> condition. This requirement was missed if the - index belonged to an inheritance child table, so that it was possible - to incorrectly return rows that no longer satisfy the query condition. - </para> - </listitem> - - <listitem> - <para> - Fix corner case wherein <command>SELECT FOR UPDATE</command> could return a row - twice, and possibly miss returning other rows (Tom Lane) - </para> - - <para> - In <literal>READ COMMITTED</literal> mode, a <command>SELECT FOR UPDATE</command> - that is scanning an inheritance tree could incorrectly return a row - from a prior child table instead of the one it should return from a - later child table. - </para> - </listitem> - - <listitem> - <para> - Reject duplicate column names in the referenced-columns list of - a <literal>FOREIGN KEY</literal> declaration (David Rowley) - </para> - - <para> - This restriction is per SQL standard. Previously we did not reject - the case explicitly, but later on the code would fail with - bizarre-looking errors. - </para> - </listitem> - - <listitem> - <para> - Fix bugs in raising a <type>numeric</type> value to a large integral power - (Tom Lane) - </para> - - <para> - The previous code could get a wrong answer, or consume excessive - amounts of time and memory before realizing that the answer must - overflow. - </para> - </listitem> - - <listitem> - <para> - In <function>numeric_recv()</function>, truncate away any fractional digits - that would be hidden according to the value's <literal>dscale</literal> field - (Tom Lane) - </para> - - <para> - A <type>numeric</type> value's display scale (<literal>dscale</literal>) should - never be less than the number of nonzero fractional digits; but - apparently there's at least one broken client application that - transmits binary <type>numeric</type> values in which that's true. - This leads to strange behavior since the extra digits are taken into - account by arithmetic operations even though they aren't printed. - The least risky fix seems to be to truncate away such <quote>hidden</quote> - digits on receipt, so that the value is indeed what it prints as. - </para> - </listitem> - - <listitem> - <para> - Reject out-of-range numeric timezone specifications (Tom Lane) - </para> - - <para> - Simple numeric timezone specifications exceeding +/- 168 hours (one - week) would be accepted, but could then cause null-pointer dereference - crashes in certain operations. There's no use-case for such large UTC - offsets, so reject them. - </para> - </listitem> - - <listitem> - <para> - Fix bugs in <type>tsquery</type> <literal>@></literal> <type>tsquery</type> - operator (Heikki Linnakangas) - </para> - - <para> - Two different terms would be considered to match if they had the same - CRC. Also, if the second operand had more terms than the first, it - would be assumed not to be contained in the first; which is wrong - since it might contain duplicate terms. - </para> - </listitem> - - <listitem> - <para> - Improve ispell dictionary's defenses against bad affix files (Tom Lane) - </para> - </listitem> - - <listitem> - <para> - Allow more than 64K phrases in a thesaurus dictionary (David Boutin) - </para> - - <para> - The previous coding could crash on an oversize dictionary, so this was - deemed a back-patchable bug fix rather than a feature addition. - </para> - </listitem> - - <listitem> - <para> - Fix namespace handling in <function>xpath()</function> (Ali Akbar) - </para> - - <para> - Previously, the <type>xml</type> value resulting from - an <function>xpath()</function> call would not have namespace declarations if - the namespace declarations were attached to an ancestor element in the - input <type>xml</type> value, rather than to the specific element being - returned. Propagate the ancestral declaration so that the result is - correct when considered in isolation. - </para> - </listitem> - - <listitem> - <para> - Fix planner problems with nested append relations, such as inherited - tables within <literal>UNION ALL</literal> subqueries (Tom Lane) - </para> - </listitem> - - <listitem> - <para> - Fail cleanly when a GiST index tuple doesn't fit on a page, rather - than going into infinite recursion (Andrew Gierth) - </para> - </listitem> - - <listitem> - <para> - Exempt tables that have per-table <varname>cost_limit</varname> - and/or <varname>cost_delay</varname> settings from autovacuum's global cost - balancing rules (Álvaro Herrera) - </para> - - <para> - The previous behavior resulted in basically ignoring these per-table - settings, which was unintended. Now, a table having such settings - will be vacuumed using those settings, independently of what is going - on in other autovacuum workers. This may result in heavier total I/O - load than before, so such settings should be re-examined for sanity. - </para> - </listitem> - - <listitem> - <para> - Avoid wholesale autovacuuming when autovacuum is nominally off - (Tom Lane) - </para> - - <para> - Even when autovacuum is nominally off, we will still launch autovacuum - worker processes to vacuum tables that are at risk of XID wraparound. - However, such a worker process then proceeded to vacuum all tables in - the target database, if they met the usual thresholds for - autovacuuming. This is at best pretty unexpected; at worst it delays - response to the wraparound threat. Fix it so that if autovacuum is - turned off, workers <emphasis>only</emphasis> do anti-wraparound vacuums and - not any other work. - </para> - </listitem> - - <listitem> - <para> - Fix race condition between hot standby queries and replaying a - full-page image (Heikki Linnakangas) - </para> - - <para> - This mistake could result in transient errors in queries being - executed in hot standby. - </para> - </listitem> - - <listitem> - <para> - Fix several cases where recovery logic improperly ignored WAL records - for <literal>COMMIT/ABORT PREPARED</literal> (Heikki Linnakangas) - </para> - - <para> - The most notable oversight was - that <varname>recovery_target_xid</varname> could not be used to stop at - a two-phase commit. - </para> - </listitem> - - <listitem> - <para> - Avoid creating unnecessary <filename>.ready</filename> marker files for - timeline history files (Fujii Masao) - </para> - </listitem> - - <listitem> - <para> - Fix possible null pointer dereference when an empty prepared statement - is used and the <varname>log_statement</varname> setting is <literal>mod</literal> - or <literal>ddl</literal> (Fujii Masao) - </para> - </listitem> - - <listitem> - <para> - Change <quote>pgstat wait timeout</quote> warning message to be LOG level, - and rephrase it to be more understandable (Tom Lane) - </para> - - <para> - This message was originally thought to be essentially a can't-happen - case, but it occurs often enough on our slower buildfarm members to be - a nuisance. Reduce it to LOG level, and expend a bit more effort on - the wording: it now reads <quote>using stale statistics instead of - current ones because stats collector is not responding</quote>. - </para> - </listitem> - - <listitem> - <para> - Fix SPARC spinlock implementation to ensure correctness if the CPU is - being run in a non-TSO coherency mode, as some non-Solaris kernels do - (Andres Freund) - </para> - </listitem> - - <listitem> - <para> - Warn if macOS's <function>setlocale()</function> starts an unwanted extra - thread inside the postmaster (Noah Misch) - </para> - </listitem> - - <listitem> - <para> - Fix processing of repeated <literal>dbname</literal> parameters - in <function>PQconnectdbParams()</function> (Alex Shulgin) - </para> - - <para> - Unexpected behavior ensued if the first occurrence - of <literal>dbname</literal> contained a connection string or URI to be - expanded. - </para> - </listitem> - - <listitem> - <para> - Ensure that <application>libpq</application> reports a suitable error message on - unexpected socket EOF (Marko Tiikkaja, Tom Lane) - </para> - - <para> - Depending on kernel behavior, <application>libpq</application> might return an - empty error string rather than something useful when the server - unexpectedly closed the socket. - </para> - </listitem> - - <listitem> - <para> - Clear any old error message during <function>PQreset()</function> - (Heikki Linnakangas) - </para> - - <para> - If <function>PQreset()</function> is called repeatedly, and the connection - cannot be re-established, error messages from the failed connection - attempts kept accumulating in the <structname>PGconn</structname>'s error - string. - </para> - </listitem> - - <listitem> - <para> - Properly handle out-of-memory conditions while parsing connection - options in <application>libpq</application> (Alex Shulgin, Heikki Linnakangas) - </para> - </listitem> - - <listitem> - <para> - Fix array overrun in <application>ecpg</application>'s version - of <function>ParseDateTime()</function> (Michael Paquier) - </para> - </listitem> - - <listitem> - <para> - In <application>initdb</application>, give a clearer error message if a password - file is specified but is empty (Mats Erik Andersson) - </para> - </listitem> - - <listitem> - <para> - Fix <application>psql</application>'s <command>\s</command> command to work nicely with - libedit, and add pager support (Stepan Rutz, Tom Lane) - </para> - - <para> - When using libedit rather than readline, <command>\s</command> printed the - command history in a fairly unreadable encoded format, and on recent - libedit versions might fail altogether. Fix that by printing the - history ourselves rather than having the library do it. A pleasant - side-effect is that the pager is used if appropriate. - </para> - - <para> - This patch also fixes a bug that caused newline encoding to be applied - inconsistently when saving the command history with libedit. - Multiline history entries written by older <application>psql</application> - versions will be read cleanly with this patch, but perhaps not - vice versa, depending on the exact libedit versions involved. - </para> - </listitem> - - <listitem> - <para> - Improve consistency of parsing of <application>psql</application>'s special - variables (Tom Lane) - </para> - - <para> - Allow variant spellings of <literal>on</literal> and <literal>off</literal> (such - as <literal>1</literal>/<literal>0</literal>) for <literal>ECHO_HIDDEN</literal> - and <literal>ON_ERROR_ROLLBACK</literal>. Report a warning for unrecognized - values for <literal>COMP_KEYWORD_CASE</literal>, <literal>ECHO</literal>, - <literal>ECHO_HIDDEN</literal>, <literal>HISTCONTROL</literal>, - <literal>ON_ERROR_ROLLBACK</literal>, and <literal>VERBOSITY</literal>. Recognize - all values for all these variables case-insensitively; previously - there was a mishmash of case-sensitive and case-insensitive behaviors. - </para> - </listitem> - - <listitem> - <para> - Fix <application>psql</application>'s expanded-mode display to work - consistently when using <literal>border</literal> = 3 - and <literal>linestyle</literal> = <literal>ascii</literal> or <literal>unicode</literal> - (Stephen Frost) - </para> - </listitem> - - <listitem> - <para> - Fix possible deadlock during parallel restore of a schema-only dump - (Robert Haas, Tom Lane) - </para> - </listitem> - - <listitem> - <para> - Fix core dump in <literal>pg_dump --binary-upgrade</literal> on zero-column - composite type (Rushabh Lathia) - </para> - </listitem> - - <listitem> - <para> - Fix block number checking - in <filename>contrib/pageinspect</filename>'s <function>get_raw_page()</function> - (Tom Lane) - </para> - - <para> - The incorrect checking logic could prevent access to some pages in - non-main relation forks. - </para> - </listitem> - - <listitem> - <para> - Fix <filename>contrib/pgcrypto</filename>'s <function>pgp_sym_decrypt()</function> - to not fail on messages whose length is 6 less than a power of 2 - (Marko Tiikkaja) - </para> - </listitem> - - <listitem> - <para> - Handle unexpected query results, especially NULLs, safely in - <filename>contrib/tablefunc</filename>'s <function>connectby()</function> - (Michael Paquier) - </para> - - <para> - <function>connectby()</function> previously crashed if it encountered a NULL - key value. It now prints that row but doesn't recurse further. - </para> - </listitem> - - <listitem> - <para> - Avoid a possible crash in <filename>contrib/xml2</filename>'s - <function>xslt_process()</function> (Mark Simonetti) - </para> - - <para> - <application>libxslt</application> seems to have an undocumented dependency on - the order in which resources are freed; reorder our calls to avoid a - crash. - </para> - </listitem> - - <listitem> - <para> - Numerous cleanups of warnings from Coverity static code analyzer - (Andres Freund, Tatsuo Ishii, Marko Kreen, Tom Lane, Michael Paquier) - </para> - - <para> - These changes are mostly cosmetic but in some cases fix corner-case - bugs, for example a crash rather than a proper error report after an - out-of-memory failure. None are believed to represent security - issues. - </para> - </listitem> - - <listitem> - <para> - Detect incompatible OpenLDAP versions during build (Noah Misch) - </para> - - <para> - With OpenLDAP versions 2.4.24 through 2.4.31, - inclusive, <productname>PostgreSQL</productname> backends can crash at exit. - Raise a warning during <application>configure</application> based on the - compile-time OpenLDAP version number, and test the crashing scenario - in the <filename>contrib/dblink</filename> regression test. - </para> - </listitem> - - <listitem> - <para> - In non-MSVC Windows builds, ensure <filename>libpq.dll</filename> is installed - with execute permissions (Noah Misch) - </para> - </listitem> - - <listitem> - <para> - Make <application>pg_regress</application> remove any temporary installation it - created upon successful exit (Tom Lane) - </para> - - <para> - This results in a very substantial reduction in disk space usage - during <literal>make check-world</literal>, since that sequence involves - creation of numerous temporary installations. - </para> - </listitem> - - <listitem> - <para> - Support time zone abbreviations that change UTC offset from time to - time (Tom Lane) - </para> - - <para> - Previously, <productname>PostgreSQL</productname> assumed that the UTC offset - associated with a time zone abbreviation (such as <literal>EST</literal>) - never changes in the usage of any particular locale. However this - assumption fails in the real world, so introduce the ability for a - zone abbreviation to represent a UTC offset that sometimes changes. - Update the zone abbreviation definition files to make use of this - feature in timezone locales that have changed the UTC offset of their - abbreviations since 1970 (according to the IANA timezone database). - In such timezones, <productname>PostgreSQL</productname> will now associate the - correct UTC offset with the abbreviation depending on the given date. - </para> - </listitem> - - <listitem> - <para> - Update time zone abbreviations lists (Tom Lane) - </para> - - <para> - Add CST (China Standard Time) to our lists. - Remove references to ADT as <quote>Arabia Daylight Time</quote>, an - abbreviation that's been out of use since 2007; therefore, claiming - there is a conflict with <quote>Atlantic Daylight Time</quote> doesn't seem - especially helpful. - Fix entirely incorrect GMT offsets for CKT (Cook Islands), FJT, and FJST - (Fiji); we didn't even have them on the proper side of the date line. - </para> - </listitem> - - <listitem> - <para> - Update time zone data files to <application>tzdata</application> release 2015a. - </para> - - <para> - The IANA timezone database has adopted abbreviations of the form - <literal>A<replaceable>x</replaceable>ST</literal>/<literal>A<replaceable>x</replaceable>DT</literal> - for all Australian time zones, reflecting what they believe to be - current majority practice Down Under. These names do not conflict - with usage elsewhere (other than ACST for Acre Summer Time, which has - been in disuse since 1994). Accordingly, adopt these names into - our <quote>Default</quote> timezone abbreviation set. - The <quote>Australia</quote> abbreviation set now contains only CST, EAST, - EST, SAST, SAT, and WST, all of which are thought to be mostly - historical usage. Note that SAST has also been changed to be South - Africa Standard Time in the <quote>Default</quote> abbreviation set. - </para> - - <para> - Also, add zone abbreviations SRET (Asia/Srednekolymsk) and XJT - (Asia/Urumqi), and use WSST/WSDT for western Samoa. Also, there were - DST law changes in Chile, Mexico, the Turks & Caicos Islands - (America/Grand_Turk), and Fiji. There is a new zone - Pacific/Bougainville for portions of Papua New Guinea. Also, numerous - corrections for historical (pre-1970) time zone data. - </para> - </listitem> - - </itemizedlist> - - </sect2> - </sect1> - - <sect1 id="release-9-0-18"> - <title>Release 9.0.18</title> - - <formalpara> - <title>Release date:</title> - <para>2014-07-24</para> - </formalpara> - - <para> - This release contains a variety of fixes from 9.0.17. - For information about new features in the 9.0 major release, see - <xref linkend="release-9-0"/>. - </para> - - <sect2> - <title>Migration to Version 9.0.18</title> - - <para> - A dump/restore is not required for those running 9.0.X. - </para> - - <para> - However, this release corrects an index corruption problem in some GiST - indexes. See the first changelog entry below to find out whether your - installation has been affected and what steps you should take if so. - </para> - - <para> - Also, if you are upgrading from a version earlier than 9.0.15, - see <xref linkend="release-9-0-15"/>. - </para> - - </sect2> - - <sect2> - <title>Changes</title> - - <itemizedlist> - - <listitem> - <para> - Correctly initialize padding bytes in <filename>contrib/btree_gist</filename> - indexes on <type>bit</type> columns (Heikki Linnakangas) - </para> - - <para> - This error could result in incorrect query results due to values that - should compare equal not being seen as equal. - Users with GiST indexes on <type>bit</type> or <type>bit varying</type> - columns should <command>REINDEX</command> those indexes after installing this - update. - </para> - </listitem> - - <listitem> - <para> - Protect against torn pages when deleting GIN list pages (Heikki - Linnakangas) - </para> - - <para> - This fix prevents possible index corruption if a system crash occurs - while the page update is being written to disk. - </para> - </listitem> - - <listitem> - <para> - Don't clear the right-link of a GiST index page while replaying - updates from WAL (Heikki Linnakangas) - </para> - - <para> - This error could lead to transiently wrong answers from GiST index - scans performed in Hot Standby. - </para> - </listitem> - - <listitem> - <para> - Fix possibly-incorrect cache invalidation during nested calls - to <function>ReceiveSharedInvalidMessages</function> (Andres Freund) - </para> - </listitem> - - <listitem> - <para> - Don't assume a subquery's output is unique if there's a set-returning - function in its targetlist (David Rowley) - </para> - - <para> - This oversight could lead to misoptimization of constructs - like <literal>WHERE x IN (SELECT y, generate_series(1,10) FROM t GROUP - BY y)</literal>. - </para> - </listitem> - - <listitem> - <para> - Fix failure to detoast fields in composite elements of structured - types (Tom Lane) - </para> - - <para> - This corrects cases where TOAST pointers could be copied into other - tables without being dereferenced. If the original data is later - deleted, it would lead to errors like <quote>missing chunk number 0 - for toast value ...</quote> when the now-dangling pointer is used. - </para> - </listitem> - - <listitem> - <para> - Fix <quote>record type has not been registered</quote> failures with - whole-row references to the output of Append plan nodes (Tom Lane) - </para> - </listitem> - - <listitem> - <para> - Fix possible crash when invoking a user-defined function while - rewinding a cursor (Tom Lane) - </para> - </listitem> - - <listitem> - <para> - Fix query-lifespan memory leak while evaluating the arguments for a - function in <literal>FROM</literal> (Tom Lane) - </para> - </listitem> - - <listitem> - <para> - Fix session-lifespan memory leaks in regular-expression processing - (Tom Lane, Arthur O'Dwyer, Greg Stark) - </para> - </listitem> - - <listitem> - <para> - Fix data encoding error in <filename>hungarian.stop</filename> (Tom Lane) - </para> - </listitem> - - <listitem> - <para> - Fix liveness checks for rows that were inserted in the current - transaction and then deleted by a now-rolled-back subtransaction - (Andres Freund) - </para> - - <para> - This could cause problems (at least spurious warnings, and at worst an - infinite loop) if <command>CREATE INDEX</command> or <command>CLUSTER</command> were - done later in the same transaction. - </para> - </listitem> - - <listitem> - <para> - Clear <structname>pg_stat_activity</structname>.<structfield>xact_start</structfield> - during <command>PREPARE TRANSACTION</command> (Andres Freund) - </para> - - <para> - After the <command>PREPARE</command>, the originating session is no longer in - a transaction, so it should not continue to display a transaction - start time. - </para> - </listitem> - - <listitem> - <para> - Fix <command>REASSIGN OWNED</command> to not fail for text search objects - (Álvaro Herrera) - </para> - </listitem> - - <listitem> - <para> - Block signals during postmaster startup (Tom Lane) - </para> - - <para> - This ensures that the postmaster will properly clean up after itself - if, for example, it receives <systemitem>SIGINT</systemitem> while still - starting up. - </para> - </listitem> - - <listitem> - <para> - Secure Unix-domain sockets of temporary postmasters started during - <literal>make check</literal> (Noah Misch) - </para> - - <para> - Any local user able to access the socket file could connect as the - server's bootstrap superuser, then proceed to execute arbitrary code as - the operating-system user running the test, as we previously noted in - CVE-2014-0067. This change defends against that risk by placing the - server's socket in a temporary, mode 0700 subdirectory - of <filename>/tmp</filename>. The hazard remains however on platforms where - Unix sockets are not supported, notably Windows, because then the - temporary postmaster must accept local TCP connections. - </para> - - <para> - A useful side effect of this change is to simplify - <literal>make check</literal> testing in builds that - override <literal>DEFAULT_PGSOCKET_DIR</literal>. Popular non-default values - like <filename>/var/run/postgresql</filename> are often not writable by the - build user, requiring workarounds that will no longer be necessary. - </para> - </listitem> - - <listitem> - <para> - Fix tablespace creation WAL replay to work on Windows (MauMau) - </para> - </listitem> - - <listitem> - <para> - Fix detection of socket creation failures on Windows (Bruce Momjian) - </para> - </listitem> - - <listitem> - <para> - On Windows, allow new sessions to absorb values of PGC_BACKEND - parameters (such as <xref linkend="guc-log-connections"/>) from the - configuration file (Amit Kapila) - </para> - - <para> - Previously, if such a parameter were changed in the file post-startup, - the change would have no effect. - </para> - </listitem> - - <listitem> - <para> - Properly quote executable path names on Windows (Nikhil Deshpande) - </para> - - <para> - This oversight could cause <application>initdb</application> - and <application>pg_upgrade</application> to fail on Windows, if the installation - path contained both spaces and <literal>@</literal> signs. - </para> - </listitem> - - <listitem> - <para> - Fix linking of <application>libpython</application> on macOS (Tom Lane) - </para> - - <para> - The method we previously used can fail with the Python library - supplied by Xcode 5.0 and later. - </para> - </listitem> - - <listitem> - <para> - Avoid buffer bloat in <application>libpq</application> when the server - consistently sends data faster than the client can absorb it - (Shin-ichi Morita, Tom Lane) - </para> - - <para> - <application>libpq</application> could be coerced into enlarging its input buffer - until it runs out of memory (which would be reported misleadingly - as <quote>lost synchronization with server</quote>). Under ordinary - circumstances it's quite far-fetched that data could be continuously - transmitted more quickly than the <function>recv()</function> loop can - absorb it, but this has been observed when the client is artificially - slowed by scheduler constraints. - </para> - </listitem> - - <listitem> - <para> - Ensure that LDAP lookup attempts in <application>libpq</application> time out as - intended (Laurenz Albe) - </para> - </listitem> - - <listitem> - <para> - Fix <application>ecpg</application> to do the right thing when an array - of <type>char *</type> is the target for a FETCH statement returning more - than one row, as well as some other array-handling fixes - (Ashutosh Bapat) - </para> - </listitem> - - <listitem> - <para> - Fix <application>pg_restore</application>'s processing of old-style large object - comments (Tom Lane) - </para> - - <para> - A direct-to-database restore from an archive file generated by a - pre-9.0 version of <application>pg_dump</application> would usually fail if the - archive contained more than a few comments for large objects. - </para> - </listitem> - - <listitem> - <para> - In <filename>contrib/pgcrypto</filename> functions, ensure sensitive - information is cleared from stack variables before returning - (Marko Kreen) - </para> - </listitem> - - <listitem> - <para> - In <filename>contrib/uuid-ossp</filename>, cache the state of the OSSP UUID - library across calls (Tom Lane) - </para> - - <para> - This improves the efficiency of UUID generation and reduces the amount - of entropy drawn from <filename>/dev/urandom</filename>, on platforms that - have that. - </para> - </listitem> - - <listitem> - <para> - Update time zone data files to <application>tzdata</application> release 2014e - for DST law changes in Crimea, Egypt, and Morocco. - </para> - </listitem> - - </itemizedlist> - - </sect2> - </sect1> - - <sect1 id="release-9-0-17"> - <title>Release 9.0.17</title> - - <formalpara> - <title>Release date:</title> - <para>2014-03-20</para> - </formalpara> - - <para> - This release contains a variety of fixes from 9.0.16. - For information about new features in the 9.0 major release, see - <xref linkend="release-9-0"/>. - </para> - - <sect2> - <title>Migration to Version 9.0.17</title> - - <para> - A dump/restore is not required for those running 9.0.X. - </para> - - <para> - However, if you are upgrading from a version earlier than 9.0.15, - see <xref linkend="release-9-0-15"/>. - </para> - - </sect2> - - <sect2> - <title>Changes</title> - - <itemizedlist> - - <listitem> - <para> - Restore GIN metapages unconditionally to avoid torn-page risk - (Heikki Linnakangas) - </para> - - <para> - Although this oversight could theoretically result in a corrupted - index, it is unlikely to have caused any problems in practice, since - the active part of a GIN metapage is smaller than a standard 512-byte - disk sector. - </para> - </listitem> - - <listitem> - <para> - Avoid race condition in checking transaction commit status during - receipt of a <command>NOTIFY</command> message (Marko Tiikkaja) - </para> - - <para> - This prevents a scenario wherein a sufficiently fast client might - respond to a notification before database updates made by the - notifier have become visible to the recipient. - </para> - </listitem> - - <listitem> - <para> - Allow regular-expression operators to be terminated early by query - cancel requests (Tom Lane) - </para> - - <para> - This prevents scenarios wherein a pathological regular expression - could lock up a server process uninterruptibly for a long time. - </para> - </listitem> - - <listitem> - <para> - Remove incorrect code that tried to allow <literal>OVERLAPS</literal> with - single-element row arguments (Joshua Yanovski) - </para> - - <para> - This code never worked correctly, and since the case is neither - specified by the SQL standard nor documented, it seemed better to - remove it than fix it. - </para> - </listitem> - - <listitem> - <para> - Avoid getting more than <literal>AccessShareLock</literal> when de-parsing a - rule or view (Dean Rasheed) - </para> - - <para> - This oversight resulted in <application>pg_dump</application> unexpectedly - acquiring <literal>RowExclusiveLock</literal> locks on tables mentioned as - the targets of <literal>INSERT</literal>/<literal>UPDATE</literal>/<literal>DELETE</literal> - commands in rules. While usually harmless, that could interfere with - concurrent transactions that tried to acquire, for example, - <literal>ShareLock</literal> on those tables. - </para> - </listitem> - - <listitem> - <para> - Improve performance of index endpoint probes during planning (Tom Lane) - </para> - - <para> - This change fixes a significant performance problem that occurred - when there were many not-yet-committed rows at the end of the index, - which is a common situation for indexes on sequentially-assigned - values such as timestamps or sequence-generated identifiers. - </para> - </listitem> - - <listitem> - <para> - Fix test to see if hot standby connections can be allowed immediately - after a crash (Heikki Linnakangas) - </para> - </listitem> - - <listitem> - <para> - Prevent interrupts while reporting non-<literal>ERROR</literal> messages - (Tom Lane) - </para> - - <para> - This guards against rare server-process freezeups due to recursive - entry to <function>syslog()</function>, and perhaps other related problems. - </para> - </listitem> - - <listitem> - <para> - Prevent intermittent <quote>could not reserve shared memory region</quote> - failures on recent Windows versions (MauMau) - </para> - </listitem> - - <listitem> - <para> - Update time zone data files to <application>tzdata</application> release 2014a - for DST law changes in Fiji and Turkey, plus historical changes in - Israel and Ukraine. - </para> - </listitem> - - </itemizedlist> - - </sect2> - </sect1> - - <sect1 id="release-9-0-16"> - <title>Release 9.0.16</title> - - <formalpara> - <title>Release date:</title> - <para>2014-02-20</para> - </formalpara> - - <para> - This release contains a variety of fixes from 9.0.15. - For information about new features in the 9.0 major release, see - <xref linkend="release-9-0"/>. - </para> - - <sect2> - <title>Migration to Version 9.0.16</title> - - <para> - A dump/restore is not required for those running 9.0.X. - </para> - - <para> - However, if you are upgrading from a version earlier than 9.0.15, - see <xref linkend="release-9-0-15"/>. - </para> - - </sect2> - - <sect2> - <title>Changes</title> - - <itemizedlist> - - <listitem> - <para> - Shore up <literal>GRANT ... WITH ADMIN OPTION</literal> restrictions - (Noah Misch) - </para> - - <para> - Granting a role without <literal>ADMIN OPTION</literal> is supposed to - prevent the grantee from adding or removing members from the granted - role, but this restriction was easily bypassed by doing <literal>SET - ROLE</literal> first. The security impact is mostly that a role member can - revoke the access of others, contrary to the wishes of his grantor. - Unapproved role member additions are a lesser concern, since an - uncooperative role member could provide most of his rights to others - anyway by creating views or <literal>SECURITY DEFINER</literal> functions. - (CVE-2014-0060) - </para> - </listitem> - - <listitem> - <para> - Prevent privilege escalation via manual calls to PL validator - functions (Andres Freund) - </para> - - <para> - The primary role of PL validator functions is to be called implicitly - during <command>CREATE FUNCTION</command>, but they are also normal SQL - functions that a user can call explicitly. Calling a validator on - a function actually written in some other language was not checked - for and could be exploited for privilege-escalation purposes. - The fix involves adding a call to a privilege-checking function in - each validator function. Non-core procedural languages will also - need to make this change to their own validator functions, if any. - (CVE-2014-0061) - </para> - </listitem> - - <listitem> - <para> - Avoid multiple name lookups during table and index DDL - (Robert Haas, Andres Freund) - </para> - - <para> - If the name lookups come to different conclusions due to concurrent - activity, we might perform some parts of the DDL on a different table - than other parts. At least in the case of <command>CREATE INDEX</command>, - this can be used to cause the permissions checks to be performed - against a different table than the index creation, allowing for a - privilege escalation attack. - (CVE-2014-0062) - </para> - </listitem> - - <listitem> - <para> - Prevent buffer overrun with long datetime strings (Noah Misch) - </para> - - <para> - The <literal>MAXDATELEN</literal> constant was too small for the longest - possible value of type <type>interval</type>, allowing a buffer overrun - in <function>interval_out()</function>. Although the datetime input - functions were more careful about avoiding buffer overrun, the limit - was short enough to cause them to reject some valid inputs, such as - input containing a very long timezone name. The <application>ecpg</application> - library contained these vulnerabilities along with some of its own. - (CVE-2014-0063) - </para> - </listitem> - - <listitem> - <para> - Prevent buffer overrun due to integer overflow in size calculations - (Noah Misch, Heikki Linnakangas) - </para> - - <para> - Several functions, mostly type input functions, calculated an - allocation size without checking for overflow. If overflow did - occur, a too-small buffer would be allocated and then written past. - (CVE-2014-0064) - </para> - </listitem> - - <listitem> - <para> - Prevent overruns of fixed-size buffers - (Peter Eisentraut, Jozef Mlich) - </para> - - <para> - Use <function>strlcpy()</function> and related functions to provide a clear - guarantee that fixed-size buffers are not overrun. Unlike the - preceding items, it is unclear whether these cases really represent - live issues, since in most cases there appear to be previous - constraints on the size of the input string. Nonetheless it seems - prudent to silence all Coverity warnings of this type. - (CVE-2014-0065) - </para> - </listitem> - - <listitem> - <para> - Avoid crashing if <function>crypt()</function> returns NULL (Honza Horak, - Bruce Momjian) - </para> - - <para> - There are relatively few scenarios in which <function>crypt()</function> - could return NULL, but <filename>contrib/chkpass</filename> would crash - if it did. One practical case in which this could be an issue is - if <application>libc</application> is configured to refuse to execute unapproved - hashing algorithms (e.g., <quote>FIPS mode</quote>). - (CVE-2014-0066) - </para> - </listitem> - - <listitem> - <para> - Document risks of <literal>make check</literal> in the regression testing - instructions (Noah Misch, Tom Lane) - </para> - - <para> - Since the temporary server started by <literal>make check</literal> - uses <quote>trust</quote> authentication, another user on the same machine - could connect to it as database superuser, and then potentially - exploit the privileges of the operating-system user who started the - tests. A future release will probably incorporate changes in the - testing procedure to prevent this risk, but some public discussion is - needed first. So for the moment, just warn people against using - <literal>make check</literal> when there are untrusted users on the - same machine. - (CVE-2014-0067) - </para> - </listitem> - - <listitem> - <para> - Fix possible mis-replay of WAL records when some segments of a - relation aren't full size (Greg Stark, Tom Lane) - </para> - - <para> - The WAL update could be applied to the wrong page, potentially many - pages past where it should have been. Aside from corrupting data, - this error has been observed to result in significant <quote>bloat</quote> - of standby servers compared to their masters, due to updates being - applied far beyond where the end-of-file should have been. This - failure mode does not appear to be a significant risk during crash - recovery, only when initially synchronizing a standby created from a - base backup taken from a quickly-changing master. - </para> - </listitem> - - <listitem> - <para> - Fix bug in determining when recovery has reached consistency - (Tomonari Katsumata, Heikki Linnakangas) - </para> - - <para> - In some cases WAL replay would mistakenly conclude that the database - was already consistent at the start of replay, thus possibly allowing - hot-standby queries before the database was really consistent. Other - symptoms such as <quote>PANIC: WAL contains references to invalid - pages</quote> were also possible. - </para> - </listitem> - - <listitem> - <para> - Fix improper locking of btree index pages while replaying - a <literal>VACUUM</literal> operation in hot-standby mode (Andres Freund, - Heikki Linnakangas, Tom Lane) - </para> - - <para> - This error could result in <quote>PANIC: WAL contains references to - invalid pages</quote> failures. - </para> - </listitem> - - <listitem> - <para> - Ensure that insertions into non-leaf GIN index pages write a full-page - WAL record when appropriate (Heikki Linnakangas) - </para> - - <para> - The previous coding risked index corruption in the event of a - partial-page write during a system crash. - </para> - </listitem> - - <listitem> - <para> - Fix race conditions during server process exit (Robert Haas) - </para> - - <para> - Ensure that signal handlers don't attempt to use the - process's <varname>MyProc</varname> pointer after it's no longer valid. - </para> - </listitem> - - <listitem> - <para> - Fix unsafe references to <varname>errno</varname> within error reporting - logic (Christian Kruse) - </para> - - <para> - This would typically lead to odd behaviors such as missing or - inappropriate <literal>HINT</literal> fields. - </para> - </listitem> - - <listitem> - <para> - Fix possible crashes from using <function>ereport()</function> too early - during server startup (Tom Lane) - </para> - - <para> - The principal case we've seen in the field is a crash if the server - is started in a directory it doesn't have permission to read. - </para> - </listitem> - - <listitem> - <para> - Clear retry flags properly in OpenSSL socket write - function (Alexander Kukushkin) - </para> - - <para> - This omission could result in a server lockup after unexpected loss - of an SSL-encrypted connection. - </para> - </listitem> - - <listitem> - <para> - Fix length checking for Unicode identifiers (<literal>U&"..."</literal> - syntax) containing escapes (Tom Lane) - </para> - - <para> - A spurious truncation warning would be printed for such identifiers - if the escaped form of the identifier was too long, but the - identifier actually didn't need truncation after de-escaping. - </para> - </listitem> - - <listitem> - <para> - Allow keywords that are type names to be used in lists of roles - (Stephen Frost) - </para> - - <para> - A previous patch allowed such keywords to be used without quoting - in places such as role identifiers; but it missed cases where a - list of role identifiers was permitted, such as <literal>DROP ROLE</literal>. - </para> - </listitem> - - <listitem> - <para> - Fix possible crash due to invalid plan for nested sub-selects, such - as <literal>WHERE (... x IN (SELECT ...) ...) IN (SELECT ...)</literal> - (Tom Lane) - </para> - </listitem> - - <listitem> - <para> - Ensure that <command>ANALYZE</command> creates statistics for a table column - even when all the values in it are <quote>too wide</quote> (Tom Lane) - </para> - - <para> - <command>ANALYZE</command> intentionally omits very wide values from its - histogram and most-common-values calculations, but it neglected to do - something sane in the case that all the sampled entries are too wide. - </para> - </listitem> - - <listitem> - <para> - In <literal>ALTER TABLE ... SET TABLESPACE</literal>, allow the database's - default tablespace to be used without a permissions check - (Stephen Frost) - </para> - - <para> - <literal>CREATE TABLE</literal> has always allowed such usage, - but <literal>ALTER TABLE</literal> didn't get the memo. - </para> - </listitem> - - <listitem> - <para> - Fix <quote>cannot accept a set</quote> error when some arms of - a <literal>CASE</literal> return a set and others don't (Tom Lane) - </para> - </listitem> - - <listitem> - <para> - Fix checks for all-zero client addresses in pgstat functions (Kevin - Grittner) - </para> - </listitem> - - <listitem> - <para> - Fix possible misclassification of multibyte characters by the text - search parser (Tom Lane) - </para> - - <para> - Non-ASCII characters could be misclassified when using C locale with - a multibyte encoding. On Cygwin, non-C locales could fail as well. - </para> - </listitem> - - <listitem> - <para> - Fix possible misbehavior in <function>plainto_tsquery()</function> - (Heikki Linnakangas) - </para> - - <para> - Use <function>memmove()</function> not <function>memcpy()</function> for copying - overlapping memory regions. There have been no field reports of - this actually causing trouble, but it's certainly risky. - </para> - </listitem> - - <listitem> - <para> - Accept <literal>SHIFT_JIS</literal> as an encoding name for locale checking - purposes (Tatsuo Ishii) - </para> - </listitem> - - <listitem> - <para> - Fix misbehavior of <function>PQhost()</function> on Windows (Fujii Masao) - </para> - - <para> - It should return <literal>localhost</literal> if no host has been specified. - </para> - </listitem> - - <listitem> - <para> - Improve error handling in <application>libpq</application> and <application>psql</application> - for failures during <literal>COPY TO STDOUT/FROM STDIN</literal> (Tom Lane) - </para> - - <para> - In particular this fixes an infinite loop that could occur in 9.2 and - up if the server connection was lost during <literal>COPY FROM - STDIN</literal>. Variants of that scenario might be possible in older - versions, or with other client applications. - </para> - </listitem> - - <listitem> - <para> - Fix misaligned descriptors in <application>ecpg</application> (MauMau) - </para> - </listitem> - - <listitem> - <para> - In <application>ecpg</application>, handle lack of a hostname in the connection - parameters properly (Michael Meskes) - </para> - </listitem> - - <listitem> - <para> - Fix performance regression in <filename>contrib/dblink</filename> connection - startup (Joe Conway) - </para> - - <para> - Avoid an unnecessary round trip when client and server encodings match. - </para> - </listitem> - - <listitem> - <para> - In <filename>contrib/isn</filename>, fix incorrect calculation of the check - digit for ISMN values (Fabien Coelho) - </para> - </listitem> - - <listitem> - <para> - Ensure client-code-only installation procedure works as documented - (Peter Eisentraut) - </para> - </listitem> - - <listitem> - <para> - In Mingw and Cygwin builds, install the <application>libpq</application> DLL - in the <filename>bin</filename> directory (Andrew Dunstan) - </para> - - <para> - This duplicates what the MSVC build has long done. It should fix - problems with programs like <application>psql</application> failing to start - because they can't find the DLL. - </para> - </listitem> - - <listitem> - <para> - Avoid using the deprecated <literal>dllwrap</literal> tool in Cygwin builds - (Marco Atzeri) - </para> - </listitem> - - <listitem> - <para> - Don't generate plain-text <filename>HISTORY</filename> - and <filename>src/test/regress/README</filename> files anymore (Tom Lane) - </para> - - <para> - These text files duplicated the main HTML and PDF documentation - formats. The trouble involved in maintaining them greatly outweighs - the likely audience for plain-text format. Distribution tarballs - will still contain files by these names, but they'll just be stubs - directing the reader to consult the main documentation. - The plain-text <filename>INSTALL</filename> file will still be maintained, as - there is arguably a use-case for that. - </para> - </listitem> - - <listitem> - <para> - Update time zone data files to <application>tzdata</application> release 2013i - for DST law changes in Jordan and historical changes in Cuba. - </para> - - <para> - In addition, the zones <literal>Asia/Riyadh87</literal>, - <literal>Asia/Riyadh88</literal>, and <literal>Asia/Riyadh89</literal> have been - removed, as they are no longer maintained by IANA, and never - represented actual civil timekeeping practice. - </para> - </listitem> - - </itemizedlist> - - </sect2> - </sect1> - - <sect1 id="release-9-0-15"> - <title>Release 9.0.15</title> - - <formalpara> - <title>Release date:</title> - <para>2013-12-05</para> - </formalpara> - - <para> - This release contains a variety of fixes from 9.0.14. - For information about new features in the 9.0 major release, see - <xref linkend="release-9-0"/>. - </para> - - <sect2> - <title>Migration to Version 9.0.15</title> - - <para> - A dump/restore is not required for those running 9.0.X. - </para> - - <para> - However, this release corrects a number of potential data corruption - issues. See the first two changelog entries below to find out whether - your installation has been affected and what steps you can take if so. - </para> - - <para> - Also, if you are upgrading from a version earlier than 9.0.13, - see <xref linkend="release-9-0-13"/>. - </para> - - </sect2> - - <sect2> - <title>Changes</title> - - <itemizedlist> - - <listitem> - <para> - Fix <command>VACUUM</command>'s tests to see whether it can - update <structfield>relfrozenxid</structfield> (Andres Freund) - </para> - - <para> - In some cases <command>VACUUM</command> (either manual or autovacuum) could - incorrectly advance a table's <structfield>relfrozenxid</structfield> value, - allowing tuples to escape freezing, causing those rows to become - invisible once 2^31 transactions have elapsed. The probability of - data loss is fairly low since multiple incorrect advancements would - need to happen before actual loss occurs, but it's not zero. Users - upgrading from releases 9.0.4 or 8.4.8 or earlier are not affected, but - all later versions contain the bug. - </para> - - <para> - The issue can be ameliorated by, after upgrading, vacuuming all tables - in all databases while having <link - linkend="guc-vacuum-freeze-table-age"><varname>vacuum_freeze_table_age</varname></link> - set to zero. This will fix any latent corruption but will not be able - to fix all pre-existing data errors. However, an installation can be - presumed safe after performing this vacuuming if it has executed fewer - than 2^31 update transactions in its lifetime (check this with - <literal>SELECT txid_current() < 2^31</literal>). - </para> - </listitem> - - <listitem> - <para> - Fix initialization of <filename>pg_clog</filename> and <filename>pg_subtrans</filename> - during hot standby startup (Andres Freund, Heikki Linnakangas) - </para> - - <para> - This bug can cause data loss on standby servers at the moment they - start to accept hot-standby queries, by marking committed transactions - as uncommitted. The likelihood of such corruption is small unless, at - the time of standby startup, the primary server has executed many - updating transactions since its last checkpoint. Symptoms include - missing rows, rows that should have been deleted being still visible, - and obsolete versions of updated rows being still visible alongside - their newer versions. - </para> - - <para> - This bug was introduced in versions 9.3.0, 9.2.5, 9.1.10, and 9.0.14. - Standby servers that have only been running earlier releases are not - at risk. It's recommended that standby servers that have ever run any - of the buggy releases be re-cloned from the primary (e.g., with a new - base backup) after upgrading. - </para> - </listitem> - - <listitem> - <para> - Truncate <filename>pg_multixact</filename> contents during WAL replay - (Andres Freund) - </para> - - <para> - This avoids ever-increasing disk space consumption in standby servers. - </para> - </listitem> - - <listitem> - <para> - Fix race condition in GIN index posting tree page deletion (Heikki - Linnakangas) - </para> - - <para> - This could lead to transient wrong answers or query failures. - </para> - </listitem> - - <listitem> - <para> - Avoid flattening a subquery whose <literal>SELECT</literal> list contains a - volatile function wrapped inside a sub-<literal>SELECT</literal> (Tom Lane) - </para> - - <para> - This avoids unexpected results due to extra evaluations of the - volatile function. - </para> - </listitem> - - <listitem> - <para> - Fix planner's processing of non-simple-variable subquery outputs - nested within outer joins (Tom Lane) - </para> - - <para> - This error could lead to incorrect plans for queries involving - multiple levels of subqueries within <literal>JOIN</literal> syntax. - </para> - </listitem> - - <listitem> - <para> - Fix premature deletion of temporary files (Andres Freund) - </para> - </listitem> - - <listitem> - <para> - Fix possible read past end of memory in rule printing (Peter Eisentraut) - </para> - </listitem> - - <listitem> - <para> - Fix array slicing of <type>int2vector</type> and <type>oidvector</type> values - (Tom Lane) - </para> - - <para> - Expressions of this kind are now implicitly promoted to - regular <type>int2</type> or <type>oid</type> arrays. - </para> - </listitem> - - <listitem> - <para> - Fix incorrect behaviors when using a SQL-standard, simple GMT offset - timezone (Tom Lane) - </para> - - <para> - In some cases, the system would use the simple GMT offset value when - it should have used the regular timezone setting that had prevailed - before the simple offset was selected. This change also causes - the <function>timeofday</function> function to honor the simple GMT offset - zone. - </para> - </listitem> - - <listitem> - <para> - Prevent possible misbehavior when logging translations of Windows - error codes (Tom Lane) - </para> - </listitem> - - <listitem> - <para> - Properly quote generated command lines in <application>pg_ctl</application> - (Naoya Anzai and Tom Lane) - </para> - - <para> - This fix applies only to Windows. - </para> - </listitem> - - <listitem> - <para> - Fix <application>pg_dumpall</application> to work when a source database - sets <link - linkend="guc-default-transaction-read-only"><varname>default_transaction_read_only</varname></link> - via <command>ALTER DATABASE SET</command> (Kevin Grittner) - </para> - - <para> - Previously, the generated script would fail during restore. - </para> - </listitem> - - <listitem> - <para> - Fix <application>ecpg</application>'s processing of lists of variables - declared <type>varchar</type> (Zoltán Böszörményi) - </para> - </listitem> - - <listitem> - <para> - Make <filename>contrib/lo</filename> defend against incorrect trigger definitions - (Marc Cousin) - </para> - </listitem> - - <listitem> - <para> - Update time zone data files to <application>tzdata</application> release 2013h - for DST law changes in Argentina, Brazil, Jordan, Libya, - Liechtenstein, Morocco, and Palestine. Also, new timezone - abbreviations WIB, WIT, WITA for Indonesia. - </para> - </listitem> - - </itemizedlist> - - </sect2> - </sect1> - - <sect1 id="release-9-0-14"> - <title>Release 9.0.14</title> - - <formalpara> - <title>Release date:</title> - <para>2013-10-10</para> - </formalpara> - - <para> - This release contains a variety of fixes from 9.0.13. - For information about new features in the 9.0 major release, see - <xref linkend="release-9-0"/>. - </para> - - <sect2> - <title>Migration to Version 9.0.14</title> - - <para> - A dump/restore is not required for those running 9.0.X. - </para> - - <para> - However, if you are upgrading from a version earlier than 9.0.13, - see <xref linkend="release-9-0-13"/>. - </para> - - </sect2> - - <sect2> - <title>Changes</title> - - <itemizedlist> - - <listitem> - <para> - Prevent corruption of multi-byte characters when attempting to - case-fold identifiers (Andrew Dunstan) - </para> - - <para> - <productname>PostgreSQL</productname> case-folds non-ASCII characters only - when using a single-byte server encoding. - </para> - </listitem> - - <listitem> - <para> - Fix checkpoint memory leak in background writer when <literal>wal_level = - hot_standby</literal> (Naoya Anzai) - </para> - </listitem> - - <listitem> - <para> - Fix memory leak caused by <function>lo_open()</function> failure - (Heikki Linnakangas) - </para> - </listitem> - - <listitem> - <para> - Fix memory overcommit bug when <varname>work_mem</varname> is using more - than 24GB of memory (Stephen Frost) - </para> - </listitem> - - <listitem> - <para> - Fix deadlock bug in libpq when using SSL (Stephen Frost) - </para> - </listitem> - - <listitem> - <para> - Fix possible SSL state corruption in threaded libpq applications - (Nick Phillips, Stephen Frost) - </para> - </listitem> - - <listitem> - <para> - Properly compute row estimates for boolean columns containing many NULL - values (Andrew Gierth) - </para> - - <para> - Previously tests like <literal>col IS NOT TRUE</literal> and <literal>col IS - NOT FALSE</literal> did not properly factor in NULL values when estimating - plan costs. - </para> - </listitem> - - <listitem> - <para> - Prevent pushing down <literal>WHERE</literal> clauses into unsafe - <literal>UNION/INTERSECT</literal> subqueries (Tom Lane) - </para> - - <para> - Subqueries of a <literal>UNION</literal> or <literal>INTERSECT</literal> that - contain set-returning functions or volatile functions in their - <literal>SELECT</literal> lists could be improperly optimized, leading to - run-time errors or incorrect query results. - </para> - </listitem> - - <listitem> - <para> - Fix rare case of <quote>failed to locate grouping columns</quote> - planner failure (Tom Lane) - </para> - </listitem> - - <listitem> - <para> - Improve view dumping code's handling of dropped columns in referenced - tables (Tom Lane) - </para> - </listitem> - - <listitem> - <para> - Properly record index comments created using <literal>UNIQUE</literal> - and <literal>PRIMARY KEY</literal> syntax (Andres Freund) - </para> - - <para> - This fixes a parallel <application>pg_restore</application> failure. - </para> - </listitem> - - <listitem> - <para> - Fix <command>REINDEX TABLE</command> and <command>REINDEX DATABASE</command> - to properly revalidate constraints and mark invalidated indexes as - valid (Noah Misch) - </para> - - <para> - <command>REINDEX INDEX</command> has always worked properly. - </para> - </listitem> - - <listitem> - <para> - Fix possible deadlock during concurrent <command>CREATE INDEX - CONCURRENTLY</command> operations (Tom Lane) - </para> - </listitem> - - <listitem> - <para> - Fix <function>regexp_matches()</function> handling of zero-length matches - (Jeevan Chalke) - </para> - - <para> - Previously, zero-length matches like '^' could return too many matches. - </para> - </listitem> - - <listitem> - <para> - Fix crash for overly-complex regular expressions (Heikki Linnakangas) - </para> - </listitem> - - <listitem> - <para> - Fix regular expression match failures for back references combined with - non-greedy quantifiers (Jeevan Chalke) - </para> - </listitem> - - <listitem> - <para> - Prevent <command>CREATE FUNCTION</command> from checking <command>SET</command> - variables unless function body checking is enabled (Tom Lane) - </para> - </listitem> - - <listitem> - <para> - Allow <command>ALTER DEFAULT PRIVILEGES</command> to operate on schemas - without requiring CREATE permission (Tom Lane) - </para> - </listitem> - - <listitem> - <para> - Loosen restriction on keywords used in queries (Tom Lane) - </para> - - <para> - Specifically, lessen keyword restrictions for role names, language - names, <command>EXPLAIN</command> and <command>COPY</command> options, and - <command>SET</command> values. This allows <literal>COPY ... (FORMAT - BINARY)</literal> to work as expected; previously <literal>BINARY</literal> needed - to be quoted. - </para> - </listitem> - - <listitem> - <para> - Fix <function>pgp_pub_decrypt()</function> so it works for secret keys with - passwords (Marko Kreen) - </para> - </listitem> - - <listitem> - <para> - Remove rare inaccurate warning during vacuum of index-less tables - (Heikki Linnakangas) - </para> - </listitem> - - <listitem> - <para> - Ensure that <command>VACUUM ANALYZE</command> still runs the ANALYZE phase - if its attempt to truncate the file is cancelled due to lock conflicts - (Kevin Grittner) - </para> - </listitem> - - <listitem> - <para> - Avoid possible failure when performing transaction control commands (e.g - ROLLBACK) in prepared queries (Tom Lane) - </para> - </listitem> - - <listitem> - <para> - Ensure that floating-point data input accepts standard spellings - of <quote>infinity</quote> on all platforms (Tom Lane) - </para> - - <para> - The C99 standard says that allowable spellings are <literal>inf</literal>, - <literal>+inf</literal>, <literal>-inf</literal>, <literal>infinity</literal>, - <literal>+infinity</literal>, and <literal>-infinity</literal>. Make sure we - recognize these even if the platform's <function>strtod</function> function - doesn't. - </para> - </listitem> - - <listitem> - <para> - Expand ability to compare rows to records and arrays (Rafal Rzepecki, - Tom Lane) - </para> - </listitem> - - <listitem> - <para> - Update time zone data files to <application>tzdata</application> release 2013d - for DST law changes in Israel, Morocco, Palestine, and Paraguay. - Also, historical zone data corrections for Macquarie Island. - </para> - </listitem> - - </itemizedlist> - - </sect2> - </sect1> - - <sect1 id="release-9-0-13"> - <title>Release 9.0.13</title> - - <formalpara> - <title>Release date:</title> - <para>2013-04-04</para> - </formalpara> - - <para> - This release contains a variety of fixes from 9.0.12. - For information about new features in the 9.0 major release, see - <xref linkend="release-9-0"/>. - </para> - - <sect2> - <title>Migration to Version 9.0.13</title> - - <para> - A dump/restore is not required for those running 9.0.X. - </para> - - <para> - However, this release corrects several errors in management of GiST - indexes. After installing this update, it is advisable to - <command>REINDEX</command> any GiST indexes that meet one or more of the - conditions described below. - </para> - - <para> - Also, if you are upgrading from a version earlier than 9.0.6, - see <xref linkend="release-9-0-6"/>. - </para> - - </sect2> - - <sect2> - <title>Changes</title> - - <itemizedlist> - - <listitem> - <para> - Fix insecure parsing of server command-line switches (Mitsumasa - Kondo, Kyotaro Horiguchi) - </para> - - <para> - A connection request containing a database name that begins with - <quote><literal>-</literal></quote> could be crafted to damage or destroy - files within the server's data directory, even if the request is - eventually rejected. (CVE-2013-1899) - </para> - </listitem> - - <listitem> - <para> - Reset OpenSSL randomness state in each postmaster child process - (Marko Kreen) - </para> - - <para> - This avoids a scenario wherein random numbers generated by - <filename>contrib/pgcrypto</filename> functions might be relatively easy for - another database user to guess. The risk is only significant when - the postmaster is configured with <varname>ssl</varname> = <literal>on</literal> - but most connections don't use SSL encryption. (CVE-2013-1900) - </para> - </listitem> - - <listitem> - <para> - Fix GiST indexes to not use <quote>fuzzy</quote> geometric comparisons when - it's not appropriate to do so (Alexander Korotkov) - </para> - - <para> - The core geometric types perform comparisons using <quote>fuzzy</quote> - equality, but <function>gist_box_same</function> must do exact comparisons, - else GiST indexes using it might become inconsistent. After installing - this update, users should <command>REINDEX</command> any GiST indexes on - <type>box</type>, <type>polygon</type>, <type>circle</type>, or <type>point</type> - columns, since all of these use <function>gist_box_same</function>. - </para> - </listitem> - - <listitem> - <para> - Fix erroneous range-union and penalty logic in GiST indexes that use - <filename>contrib/btree_gist</filename> for variable-width data types, that is - <type>text</type>, <type>bytea</type>, <type>bit</type>, and <type>numeric</type> - columns (Tom Lane) - </para> - - <para> - These errors could result in inconsistent indexes in which some keys - that are present would not be found by searches, and also in useless - index bloat. Users are advised to <command>REINDEX</command> such indexes - after installing this update. - </para> - </listitem> - - <listitem> - <para> - Fix bugs in GiST page splitting code for multi-column indexes - (Tom Lane) - </para> - - <para> - These errors could result in inconsistent indexes in which some keys - that are present would not be found by searches, and also in indexes - that are unnecessarily inefficient to search. Users are advised to - <command>REINDEX</command> multi-column GiST indexes after installing this - update. - </para> - </listitem> - - <listitem> - <para> - Fix <function>gist_point_consistent</function> - to handle fuzziness consistently (Alexander Korotkov) - </para> - - <para> - Index scans on GiST indexes on <type>point</type> columns would sometimes - yield results different from a sequential scan, because - <function>gist_point_consistent</function> disagreed with the underlying - operator code about whether to do comparisons exactly or fuzzily. - </para> - </listitem> - - <listitem> - <para> - Fix buffer leak in WAL replay (Heikki Linnakangas) - </para> - - <para> - This bug could result in <quote>incorrect local pin count</quote> errors - during replay, making recovery impossible. - </para> - </listitem> - - <listitem> - <para> - Fix race condition in <command>DELETE RETURNING</command> (Tom Lane) - </para> - - <para> - Under the right circumstances, <command>DELETE RETURNING</command> could - attempt to fetch data from a shared buffer that the current process - no longer has any pin on. If some other process changed the buffer - meanwhile, this would lead to garbage <literal>RETURNING</literal> output, or - even a crash. - </para> - </listitem> - - <listitem> - <para> - Fix infinite-loop risk in regular expression compilation (Tom Lane, - Don Porter) - </para> - </listitem> - - <listitem> - <para> - Fix potential null-pointer dereference in regular expression compilation - (Tom Lane) - </para> - </listitem> - - <listitem> - <para> - Fix <function>to_char()</function> to use ASCII-only case-folding rules where - appropriate (Tom Lane) - </para> - - <para> - This fixes misbehavior of some template patterns that should be - locale-independent, but mishandled <quote><literal>I</literal></quote> and - <quote><literal>i</literal></quote> in Turkish locales. - </para> - </listitem> - - <listitem> - <para> - Fix unwanted rejection of timestamp <literal>1999-12-31 24:00:00</literal> - (Tom Lane) - </para> - </listitem> - - <listitem> - <para> - Fix logic error when a single transaction does <command>UNLISTEN</command> - then <command>LISTEN</command> (Tom Lane) - </para> - - <para> - The session wound up not listening for notify events at all, though it - surely should listen in this case. - </para> - </listitem> - - <listitem> - <para> - Remove useless <quote>picksplit doesn't support secondary split</quote> log - messages (Josh Hansen, Tom Lane) - </para> - - <para> - This message seems to have been added in expectation of code that was - never written, and probably never will be, since GiST's default - handling of secondary splits is actually pretty good. So stop nagging - end users about it. - </para> - </listitem> - - <listitem> - <para> - Fix possible failure to send a session's last few transaction - commit/abort counts to the statistics collector (Tom Lane) - </para> - </listitem> - - <listitem> - <para> - Eliminate memory leaks in PL/Perl's <function>spi_prepare()</function> function - (Alex Hunsaker, Tom Lane) - </para> - </listitem> - - <listitem> - <para> - Fix <application>pg_dumpall</application> to handle database names containing - <quote><literal>=</literal></quote> correctly (Heikki Linnakangas) - </para> - </listitem> - - <listitem> - <para> - Avoid crash in <application>pg_dump</application> when an incorrect connection - string is given (Heikki Linnakangas) - </para> - </listitem> - - <listitem> - <para> - Ignore invalid indexes in <application>pg_dump</application> and - <application>pg_upgrade</application> (Michael Paquier, Bruce Momjian) - </para> - - <para> - Dumping invalid indexes can cause problems at restore time, for example - if the reason the index creation failed was because it tried to enforce - a uniqueness condition not satisfied by the table's data. Also, if the - index creation is in fact still in progress, it seems reasonable to - consider it to be an uncommitted DDL change, which - <application>pg_dump</application> wouldn't be expected to dump anyway. - <application>pg_upgrade</application> now also skips invalid indexes rather than - failing. - </para> - </listitem> - - <listitem> - <para> - Fix <filename>contrib/pg_trgm</filename>'s <function>similarity()</function> function - to return zero for trigram-less strings (Tom Lane) - </para> - - <para> - Previously it returned <literal>NaN</literal> due to internal division by zero. - </para> - </listitem> - - <listitem> - <para> - Update time zone data files to <application>tzdata</application> release 2013b - for DST law changes in Chile, Haiti, Morocco, Paraguay, and some - Russian areas. Also, historical zone data corrections for numerous - places. - </para> - - <para> - Also, update the time zone abbreviation files for recent changes in - Russia and elsewhere: <literal>CHOT</literal>, <literal>GET</literal>, - <literal>IRKT</literal>, <literal>KGT</literal>, <literal>KRAT</literal>, <literal>MAGT</literal>, - <literal>MAWT</literal>, <literal>MSK</literal>, <literal>NOVT</literal>, <literal>OMST</literal>, - <literal>TKT</literal>, <literal>VLAT</literal>, <literal>WST</literal>, <literal>YAKT</literal>, - <literal>YEKT</literal> now follow their current meanings, and - <literal>VOLT</literal> (Europe/Volgograd) and <literal>MIST</literal> - (Antarctica/Macquarie) are added to the default abbreviations list. - </para> - </listitem> - - </itemizedlist> - - </sect2> - </sect1> - - <sect1 id="release-9-0-12"> - <title>Release 9.0.12</title> - - <formalpara> - <title>Release date:</title> - <para>2013-02-07</para> - </formalpara> - - <para> - This release contains a variety of fixes from 9.0.11. - For information about new features in the 9.0 major release, see - <xref linkend="release-9-0"/>. - </para> - - <sect2> - <title>Migration to Version 9.0.12</title> - - <para> - A dump/restore is not required for those running 9.0.X. - </para> - - <para> - However, if you are upgrading from a version earlier than 9.0.6, - see <xref linkend="release-9-0-6"/>. - </para> - - </sect2> - - <sect2> - <title>Changes</title> - - <itemizedlist> - - <listitem> - <para> - Prevent execution of <function>enum_recv</function> from SQL (Tom Lane) - </para> - - <para> - The function was misdeclared, allowing a simple SQL command to crash the - server. In principle an attacker might be able to use it to examine the - contents of server memory. Our thanks to Sumit Soni (via Secunia SVCRP) - for reporting this issue. (CVE-2013-0255) - </para> - </listitem> - - <listitem> - <para> - Fix multiple problems in detection of when a consistent database - state has been reached during WAL replay (Fujii Masao, Heikki - Linnakangas, Simon Riggs, Andres Freund) - </para> - </listitem> - - <listitem> - <para> - Update minimum recovery point when truncating a relation file (Heikki - Linnakangas) - </para> - - <para> - Once data has been discarded, it's no longer safe to stop recovery at - an earlier point in the timeline. - </para> - </listitem> - - <listitem> - <para> - Fix missing cancellations in hot standby mode (Noah Misch, Simon Riggs) - </para> - - <para> - The need to cancel conflicting hot-standby queries would sometimes be - missed, allowing those queries to see inconsistent data. - </para> - </listitem> - - <listitem> - <para> - Fix SQL grammar to allow subscripting or field selection from a - sub-SELECT result (Tom Lane) - </para> - </listitem> - - <listitem> - <para> - Fix performance problems with autovacuum truncation in busy workloads - (Jan Wieck) - </para> - - <para> - Truncation of empty pages at the end of a table requires exclusive - lock, but autovacuum was coded to fail (and release the table lock) - when there are conflicting lock requests. Under load, it is easily - possible that truncation would never occur, resulting in table bloat. - Fix by performing a partial truncation, releasing the lock, then - attempting to re-acquire the lock and continue. This fix also greatly - reduces the average time before autovacuum releases the lock after a - conflicting request arrives. - </para> - </listitem> - - <listitem> - <para> - Protect against race conditions when scanning - <structname>pg_tablespace</structname> (Stephen Frost, Tom Lane) - </para> - - <para> - <command>CREATE DATABASE</command> and <command>DROP DATABASE</command> could - misbehave if there were concurrent updates of - <structname>pg_tablespace</structname> entries. - </para> - </listitem> - - <listitem> - <para> - Prevent <command>DROP OWNED</command> from trying to drop whole databases or - tablespaces (Álvaro Herrera) - </para> - - <para> - For safety, ownership of these objects must be reassigned, not dropped. - </para> - </listitem> - - <listitem> - <para> - Fix error in <link - linkend="guc-vacuum-freeze-table-age"><varname>vacuum_freeze_table_age</varname></link> - implementation (Andres Freund) - </para> - - <para> - In installations that have existed for more than <link - linkend="guc-vacuum-freeze-min-age"><varname>vacuum_freeze_min_age</varname></link> - transactions, this mistake prevented autovacuum from using partial-table - scans, so that a full-table scan would always happen instead. - </para> - </listitem> - - <listitem> - <para> - Prevent misbehavior when a <symbol>RowExpr</symbol> or <symbol>XmlExpr</symbol> - is parse-analyzed twice (Andres Freund, Tom Lane) - </para> - - <para> - This mistake could be user-visible in contexts such as - <literal>CREATE TABLE LIKE INCLUDING INDEXES</literal>. - </para> - </listitem> - - <listitem> - <para> - Improve defenses against integer overflow in hashtable sizing - calculations (Jeff Davis) - </para> - </listitem> - - <listitem> - <para> - Reject out-of-range dates in <function>to_date()</function> (Hitoshi Harada) - </para> - </listitem> - - <listitem> - <para> - Ensure that non-ASCII prompt strings are translated to the correct - code page on Windows (Alexander Law, Noah Misch) - </para> - - <para> - This bug affected <application>psql</application> and some other client programs. - </para> - </listitem> - - <listitem> - <para> - Fix possible crash in <application>psql</application>'s <command>\?</command> command - when not connected to a database (Meng Qingzhong) - </para> - </listitem> - - <listitem> - <para> - Fix <application>pg_upgrade</application> to deal with invalid indexes safely - (Bruce Momjian) - </para> - </listitem> - - <listitem> - <para> - Fix one-byte buffer overrun in <application>libpq</application>'s - <function>PQprintTuples</function> (Xi Wang) - </para> - - <para> - This ancient function is not used anywhere by - <productname>PostgreSQL</productname> itself, but it might still be used by some - client code. - </para> - </listitem> - - <listitem> - <para> - Make <application>ecpglib</application> use translated messages properly - (Chen Huajun) - </para> - </listitem> - - <listitem> - <para> - Properly install <application>ecpg_compat</application> and - <application>pgtypes</application> libraries on MSVC (Jiang Guiqing) - </para> - </listitem> - - <listitem> - <para> - Include our version of <function>isinf()</function> in - <application>libecpg</application> if it's not provided by the system - (Jiang Guiqing) - </para> - </listitem> - - <listitem> - <para> - Rearrange configure's tests for supplied functions so it is not - fooled by bogus exports from libedit/libreadline (Christoph Berg) - </para> - </listitem> - - <listitem> - <para> - Ensure Windows build number increases over time (Magnus Hagander) - </para> - </listitem> - - <listitem> - <para> - Make <application>pgxs</application> build executables with the right - <literal>.exe</literal> suffix when cross-compiling for Windows - (Zoltan Boszormenyi) - </para> - </listitem> - - <listitem> - <para> - Add new timezone abbreviation <literal>FET</literal> (Tom Lane) - </para> - - <para> - This is now used in some eastern-European time zones. - </para> - </listitem> - - </itemizedlist> - - </sect2> - </sect1> - - <sect1 id="release-9-0-11"> - <title>Release 9.0.11</title> - - <formalpara> - <title>Release date:</title> - <para>2012-12-06</para> - </formalpara> - - <para> - This release contains a variety of fixes from 9.0.10. - For information about new features in the 9.0 major release, see - <xref linkend="release-9-0"/>. - </para> - - <sect2> - <title>Migration to Version 9.0.11</title> - - <para> - A dump/restore is not required for those running 9.0.X. - </para> - - <para> - However, if you are upgrading from a version earlier than 9.0.6, - see <xref linkend="release-9-0-6"/>. - </para> - - </sect2> - - <sect2> - <title>Changes</title> - - <itemizedlist> - - <listitem> - <para> - Fix multiple bugs associated with <command>CREATE INDEX - CONCURRENTLY</command> (Andres Freund, Tom Lane) - </para> - - <para> - Fix <command>CREATE INDEX CONCURRENTLY</command> to use - in-place updates when changing the state of an index's - <structname>pg_index</structname> row. This prevents race conditions that could - cause concurrent sessions to miss updating the target index, thus - resulting in corrupt concurrently-created indexes. - </para> - - <para> - Also, fix various other operations to ensure that they ignore - invalid indexes resulting from a failed <command>CREATE INDEX - CONCURRENTLY</command> command. The most important of these is - <command>VACUUM</command>, because an auto-vacuum could easily be launched - on the table before corrective action can be taken to fix or remove - the invalid index. - </para> - </listitem> - - <listitem> - <para> - Fix buffer locking during WAL replay (Tom Lane) - </para> - - <para> - The WAL replay code was insufficiently careful about locking buffers - when replaying WAL records that affect more than one page. This could - result in hot standby queries transiently seeing inconsistent states, - resulting in wrong answers or unexpected failures. - </para> - </listitem> - - <listitem> - <para> - Fix an error in WAL generation logic for GIN indexes (Tom Lane) - </para> - - <para> - This could result in index corruption, if a torn-page failure occurred. - </para> - </listitem> - - <listitem> - <para> - Properly remove startup process's virtual XID lock when promoting a - hot standby server to normal running (Simon Riggs) - </para> - - <para> - This oversight could prevent subsequent execution of certain - operations such as <command>CREATE INDEX CONCURRENTLY</command>. - </para> - </listitem> - - <listitem> - <para> - Avoid bogus <quote>out-of-sequence timeline ID</quote> errors in standby - mode (Heikki Linnakangas) - </para> - </listitem> - - <listitem> - <para> - Prevent the postmaster from launching new child processes after it's - received a shutdown signal (Tom Lane) - </para> - - <para> - This mistake could result in shutdown taking longer than it should, or - even never completing at all without additional user action. - </para> - </listitem> - - <listitem> - <para> - Avoid corruption of internal hash tables when out of memory - (Hitoshi Harada) - </para> - </listitem> - - <listitem> - <para> - Fix planning of non-strict equivalence clauses above outer joins - (Tom Lane) - </para> - - <para> - The planner could derive incorrect constraints from a clause equating - a non-strict construct to something else, for example - <literal>WHERE COALESCE(foo, 0) = 0</literal> - when <literal>foo</literal> is coming from the nullable side of an outer join. - </para> - </listitem> - - <listitem> - <para> - Improve planner's ability to prove exclusion constraints from - equivalence classes (Tom Lane) - </para> - </listitem> - - <listitem> - <para> - Fix partial-row matching in hashed subplans to handle cross-type cases - correctly (Tom Lane) - </para> - - <para> - This affects multicolumn <literal>NOT IN</literal> subplans, such as - <literal>WHERE (a, b) NOT IN (SELECT x, y FROM ...)</literal> - when for instance <literal>b</literal> and <literal>y</literal> are <type>int4</type> - and <type>int8</type> respectively. This mistake led to wrong answers - or crashes depending on the specific datatypes involved. - </para> - </listitem> - - <listitem> - <para> - Acquire buffer lock when re-fetching the old tuple for an - <literal>AFTER ROW UPDATE/DELETE</literal> trigger (Andres Freund) - </para> - - <para> - In very unusual circumstances, this oversight could result in passing - incorrect data to the precheck logic for a foreign-key enforcement - trigger. That could result in a crash, or in an incorrect decision - about whether to fire the trigger. - </para> - </listitem> - - <listitem> - <para> - Fix <command>ALTER COLUMN TYPE</command> to handle inherited check - constraints properly (Pavan Deolasee) - </para> - - <para> - This worked correctly in pre-8.4 releases, and now works correctly - in 8.4 and later. - </para> - </listitem> - - <listitem> - <para> - Fix <command>REASSIGN OWNED</command> to handle grants on tablespaces - (Álvaro Herrera) - </para> - </listitem> - - <listitem> - <para> - Ignore incorrect <structname>pg_attribute</structname> entries for system - columns for views (Tom Lane) - </para> - - <para> - Views do not have any system columns. However, we forgot to - remove such entries when converting a table to a view. That's fixed - properly for 9.3 and later, but in previous branches we need to defend - against existing mis-converted views. - </para> - </listitem> - - <listitem> - <para> - Fix rule printing to dump <literal>INSERT INTO <replaceable>table</replaceable> - DEFAULT VALUES</literal> correctly (Tom Lane) - </para> - </listitem> - - <listitem> - <para> - Guard against stack overflow when there are too many - <literal>UNION</literal>/<literal>INTERSECT</literal>/<literal>EXCEPT</literal> clauses - in a query (Tom Lane) - </para> - </listitem> - - <listitem> - <para> - Prevent platform-dependent failures when dividing the minimum possible - integer value by -1 (Xi Wang, Tom Lane) - </para> - </listitem> - - <listitem> - <para> - Fix possible access past end of string in date parsing - (Hitoshi Harada) - </para> - </listitem> - - <listitem> - <para> - Fix failure to advance XID epoch if XID wraparound happens during a - checkpoint and <varname>wal_level</varname> is <literal>hot_standby</literal> - (Tom Lane, Andres Freund) - </para> - - <para> - While this mistake had no particular impact on - <productname>PostgreSQL</productname> itself, it was bad for - applications that rely on <function>txid_current()</function> and related - functions: the TXID value would appear to go backwards. - </para> - </listitem> - - <listitem> - <para> - Produce an understandable error message if the length of the path name - for a Unix-domain socket exceeds the platform-specific limit - (Tom Lane, Andrew Dunstan) - </para> - - <para> - Formerly, this would result in something quite unhelpful, such as - <quote>Non-recoverable failure in name resolution</quote>. - </para> - </listitem> - - <listitem> - <para> - Fix memory leaks when sending composite column values to the client - (Tom Lane) - </para> - </listitem> - - <listitem> - <para> - Make <application>pg_ctl</application> more robust about reading the - <filename>postmaster.pid</filename> file (Heikki Linnakangas) - </para> - - <para> - Fix race conditions and possible file descriptor leakage. - </para> - </listitem> - - <listitem> - <para> - Fix possible crash in <application>psql</application> if incorrectly-encoded data - is presented and the <varname>client_encoding</varname> setting is a - client-only encoding, such as SJIS (Jiang Guiqing) - </para> - </listitem> - - <listitem> - <para> - Fix bugs in the <filename>restore.sql</filename> script emitted by - <application>pg_dump</application> in <literal>tar</literal> output format (Tom Lane) - </para> - - <para> - The script would fail outright on tables whose names include - upper-case characters. Also, make the script capable of restoring - data in <option>--inserts</option> mode as well as the regular COPY mode. - </para> - </listitem> - - <listitem> - <para> - Fix <application>pg_restore</application> to accept POSIX-conformant - <literal>tar</literal> files (Brian Weaver, Tom Lane) - </para> - - <para> - The original coding of <application>pg_dump</application>'s <literal>tar</literal> - output mode produced files that are not fully conformant with the - POSIX standard. This has been corrected for version 9.3. This - patch updates previous branches so that they will accept both the - incorrect and the corrected formats, in hopes of avoiding - compatibility problems when 9.3 comes out. - </para> - </listitem> - - <listitem> - <para> - Fix <application>pg_resetxlog</application> to locate <filename>postmaster.pid</filename> - correctly when given a relative path to the data directory (Tom Lane) - </para> - - <para> - This mistake could lead to <application>pg_resetxlog</application> not noticing - that there is an active postmaster using the data directory. - </para> - </listitem> - - <listitem> - <para> - Fix <application>libpq</application>'s <function>lo_import()</function> and - <function>lo_export()</function> functions to report file I/O errors properly - (Tom Lane) - </para> - </listitem> - - <listitem> - <para> - Fix <application>ecpg</application>'s processing of nested structure pointer - variables (Muhammad Usama) - </para> - </listitem> - - <listitem> - <para> - Fix <application>ecpg</application>'s <function>ecpg_get_data</function> function to - handle arrays properly (Michael Meskes) - </para> - </listitem> - - <listitem> - <para> - Make <filename>contrib/pageinspect</filename>'s btree page inspection - functions take buffer locks while examining pages (Tom Lane) - </para> - </listitem> - - <listitem> - <para> - Fix <application>pgxs</application> support for building loadable modules on AIX - (Tom Lane) - </para> - - <para> - Building modules outside the original source tree didn't work on AIX. - </para> - </listitem> - - <listitem> - <para> - Update time zone data files to <application>tzdata</application> release 2012j - for DST law changes in Cuba, Israel, Jordan, Libya, Palestine, Western - Samoa, and portions of Brazil. - </para> - </listitem> - - </itemizedlist> - - </sect2> - </sect1> - - <sect1 id="release-9-0-10"> - <title>Release 9.0.10</title> - - <formalpara> - <title>Release date:</title> - <para>2012-09-24</para> - </formalpara> - - <para> - This release contains a variety of fixes from 9.0.9. - For information about new features in the 9.0 major release, see - <xref linkend="release-9-0"/>. - </para> - - <sect2> - <title>Migration to Version 9.0.10</title> - - <para> - A dump/restore is not required for those running 9.0.X. - </para> - - <para> - However, if you are upgrading from a version earlier than 9.0.6, - see <xref linkend="release-9-0-6"/>. - </para> - - </sect2> - - <sect2> - <title>Changes</title> - - <itemizedlist> - - <listitem> - <para> - Fix planner's assignment of executor parameters, and fix executor's - rescan logic for CTE plan nodes (Tom Lane) - </para> - - <para> - These errors could result in wrong answers from queries that scan the - same <literal>WITH</literal> subquery multiple times. - </para> - </listitem> - - <listitem> - <para> - Improve page-splitting decisions in GiST indexes (Alexander Korotkov, - Robert Haas, Tom Lane) - </para> - - <para> - Multi-column GiST indexes might suffer unexpected bloat due to this - error. - </para> - </listitem> - - <listitem> - <para> - Fix cascading privilege revoke to stop if privileges are still held - (Tom Lane) - </para> - - <para> - If we revoke a grant option from some role <replaceable>X</replaceable>, but - <replaceable>X</replaceable> still holds that option via a grant from someone - else, we should not recursively revoke the corresponding privilege - from role(s) <replaceable>Y</replaceable> that <replaceable>X</replaceable> had granted it - to. - </para> - </listitem> - - <listitem> - <para> - Improve error messages for Hot Standby misconfiguration errors - (Gurjeet Singh) - </para> - </listitem> - - <listitem> - <para> - Fix handling of <literal>SIGFPE</literal> when PL/Perl is in use (Andres Freund) - </para> - - <para> - Perl resets the process's <literal>SIGFPE</literal> handler to - <literal>SIG_IGN</literal>, which could result in crashes later on. Restore - the normal Postgres signal handler after initializing PL/Perl. - </para> - </listitem> - - <listitem> - <para> - Prevent PL/Perl from crashing if a recursive PL/Perl function is - redefined while being executed (Tom Lane) - </para> - </listitem> - - <listitem> - <para> - Work around possible misoptimization in PL/Perl (Tom Lane) - </para> - - <para> - Some Linux distributions contain an incorrect version of - <filename>pthread.h</filename> that results in incorrect compiled code in - PL/Perl, leading to crashes if a PL/Perl function calls another one - that throws an error. - </para> - </listitem> - - <listitem> - <para> - Fix <application>pg_upgrade</application>'s handling of line endings on Windows - (Andrew Dunstan) - </para> - - <para> - Previously, <application>pg_upgrade</application> might add or remove carriage - returns in places such as function bodies. - </para> - </listitem> - - <listitem> - <para> - On Windows, make <application>pg_upgrade</application> use backslash path - separators in the scripts it emits (Andrew Dunstan) - </para> - </listitem> - - <listitem> - <para> - Update time zone data files to <application>tzdata</application> release 2012f - for DST law changes in Fiji - </para> - </listitem> - - </itemizedlist> - - </sect2> - </sect1> - - <sect1 id="release-9-0-9"> - <title>Release 9.0.9</title> - - <formalpara> - <title>Release date:</title> - <para>2012-08-17</para> - </formalpara> - - <para> - This release contains a variety of fixes from 9.0.8. - For information about new features in the 9.0 major release, see - <xref linkend="release-9-0"/>. - </para> - - <sect2> - <title>Migration to Version 9.0.9</title> - - <para> - A dump/restore is not required for those running 9.0.X. - </para> - - <para> - However, if you are upgrading from a version earlier than 9.0.6, - see <xref linkend="release-9-0-6"/>. - </para> - - </sect2> - - <sect2> - <title>Changes</title> - - <itemizedlist> - - <listitem> - <para> - Prevent access to external files/URLs via XML entity references - (Noah Misch, Tom Lane) - </para> - - <para> - <function>xml_parse()</function> would attempt to fetch external files or - URLs as needed to resolve DTD and entity references in an XML value, - thus allowing unprivileged database users to attempt to fetch data - with the privileges of the database server. While the external data - wouldn't get returned directly to the user, portions of it could be - exposed in error messages if the data didn't parse as valid XML; and - in any case the mere ability to check existence of a file might be - useful to an attacker. (CVE-2012-3489) - </para> - </listitem> - - <listitem> - <para> - Prevent access to external files/URLs via <filename>contrib/xml2</filename>'s - <function>xslt_process()</function> (Peter Eisentraut) - </para> - - <para> - <application>libxslt</application> offers the ability to read and write both - files and URLs through stylesheet commands, thus allowing - unprivileged database users to both read and write data with the - privileges of the database server. Disable that through proper use - of <application>libxslt</application>'s security options. (CVE-2012-3488) - </para> - - <para> - Also, remove <function>xslt_process()</function>'s ability to fetch documents - and stylesheets from external files/URLs. While this was a - documented <quote>feature</quote>, it was long regarded as a bad idea. - The fix for CVE-2012-3489 broke that capability, and rather than - expend effort on trying to fix it, we're just going to summarily - remove it. - </para> - </listitem> - - <listitem> - <para> - Prevent too-early recycling of btree index pages (Noah Misch) - </para> - - <para> - When we allowed read-only transactions to skip assigning XIDs, we - introduced the possibility that a deleted btree page could be - recycled while a read-only transaction was still in flight to it. - This would result in incorrect index search results. The probability - of such an error occurring in the field seems very low because of the - timing requirements, but nonetheless it should be fixed. - </para> - </listitem> - - <listitem> - <para> - Fix crash-safety bug with newly-created-or-reset sequences (Tom Lane) - </para> - - <para> - If <command>ALTER SEQUENCE</command> was executed on a freshly created or - reset sequence, and then precisely one <function>nextval()</function> call - was made on it, and then the server crashed, WAL replay would restore - the sequence to a state in which it appeared that no - <function>nextval()</function> had been done, thus allowing the first - sequence value to be returned again by the next - <function>nextval()</function> call. In particular this could manifest for - <type>serial</type> columns, since creation of a serial column's sequence - includes an <command>ALTER SEQUENCE OWNED BY</command> step. - </para> - </listitem> - - <listitem> - <para> - Fix <function>txid_current()</function> to report the correct epoch when not - in hot standby (Heikki Linnakangas) - </para> - - <para> - This fixes a regression introduced in the previous minor release. - </para> - </listitem> - - <listitem> - <para> - Fix bug in startup of Hot Standby when a master transaction has many - subtransactions (Andres Freund) - </para> - - <para> - This mistake led to failures reported as <quote>out-of-order XID - insertion in KnownAssignedXids</quote>. - </para> - </listitem> - - <listitem> - <para> - Ensure the <filename>backup_label</filename> file is fsync'd after - <function>pg_start_backup()</function> (Dave Kerr) - </para> - </listitem> - - <listitem> - <para> - Fix timeout handling in walsender processes (Tom Lane) - </para> - - <para> - WAL sender background processes neglected to establish a - <systemitem>SIGALRM</systemitem> handler, meaning they would wait forever in - some corner cases where a timeout ought to happen. - </para> - </listitem> - - <listitem> - <para> - Back-patch 9.1 improvement to compress the fsync request queue - (Robert Haas) - </para> - - <para> - This improves performance during checkpoints. The 9.1 change - has now seen enough field testing to seem safe to back-patch. - </para> - </listitem> - - <listitem> - <para> - Fix <literal>LISTEN</literal>/<literal>NOTIFY</literal> to cope better with I/O - problems, such as out of disk space (Tom Lane) - </para> - - <para> - After a write failure, all subsequent attempts to send more - <literal>NOTIFY</literal> messages would fail with messages like - <quote>Could not read from file "pg_notify/<replaceable>nnnn</replaceable>" at - offset <replaceable>nnnnn</replaceable>: Success</quote>. - </para> - </listitem> - - <listitem> - <para> - Only allow autovacuum to be auto-canceled by a directly blocked - process (Tom Lane) - </para> - - <para> - The original coding could allow inconsistent behavior in some cases; - in particular, an autovacuum could get canceled after less than - <literal>deadlock_timeout</literal> grace period. - </para> - </listitem> - - <listitem> - <para> - Improve logging of autovacuum cancels (Robert Haas) - </para> - </listitem> - - <listitem> - <para> - Fix log collector so that <literal>log_truncate_on_rotation</literal> works - during the very first log rotation after server start (Tom Lane) - </para> - </listitem> - - <listitem> - <para> - Fix <literal>WITH</literal> attached to a nested set operation - (<literal>UNION</literal>/<literal>INTERSECT</literal>/<literal>EXCEPT</literal>) - (Tom Lane) - </para> - </listitem> - - <listitem> - <para> - Ensure that a whole-row reference to a subquery doesn't include any - extra <literal>GROUP BY</literal> or <literal>ORDER BY</literal> columns (Tom Lane) - </para> - </listitem> - - <listitem> - <para> - Disallow copying whole-row references in <literal>CHECK</literal> - constraints and index definitions during <command>CREATE TABLE</command> - (Tom Lane) - </para> - - <para> - This situation can arise in <command>CREATE TABLE</command> with - <literal>LIKE</literal> or <literal>INHERITS</literal>. The copied whole-row - variable was incorrectly labeled with the row type of the original - table not the new one. Rejecting the case seems reasonable for - <literal>LIKE</literal>, since the row types might well diverge later. For - <literal>INHERITS</literal> we should ideally allow it, with an implicit - coercion to the parent table's row type; but that will require more - work than seems safe to back-patch. - </para> - </listitem> - - <listitem> - <para> - Fix memory leak in <literal>ARRAY(SELECT ...)</literal> subqueries (Heikki - Linnakangas, Tom Lane) - </para> - </listitem> - - <listitem> - <para> - Fix extraction of common prefixes from regular expressions (Tom Lane) - </para> - - <para> - The code could get confused by quantified parenthesized - subexpressions, such as <literal>^(foo)?bar</literal>. This would lead to - incorrect index optimization of searches for such patterns. - </para> - </listitem> - - <listitem> - <para> - Fix bugs with parsing signed - <replaceable>hh</replaceable><literal>:</literal><replaceable>mm</replaceable> and - <replaceable>hh</replaceable><literal>:</literal><replaceable>mm</replaceable><literal>:</literal><replaceable>ss</replaceable> - fields in <type>interval</type> constants (Amit Kapila, Tom Lane) - </para> - </listitem> - - <listitem> - <para> - Use Postgres' encoding conversion functions, not Python's, when - converting a Python Unicode string to the server encoding in - PL/Python (Jan Urbanski) - </para> - - <para> - This avoids some corner-case problems, notably that Python doesn't - support all the encodings Postgres does. A notable functional change - is that if the server encoding is SQL_ASCII, you will get the UTF-8 - representation of the string; formerly, any non-ASCII characters in - the string would result in an error. - </para> - </listitem> - - <listitem> - <para> - Fix mapping of PostgreSQL encodings to Python encodings in PL/Python - (Jan Urbanski) - </para> - </listitem> - - <listitem> - <para> - Report errors properly in <filename>contrib/xml2</filename>'s - <function>xslt_process()</function> (Tom Lane) - </para> - </listitem> - - <listitem> - <para> - Update time zone data files to <application>tzdata</application> release 2012e - for DST law changes in Morocco and Tokelau - </para> - </listitem> - - </itemizedlist> - - </sect2> - </sect1> - - <sect1 id="release-9-0-8"> - <title>Release 9.0.8</title> - - <formalpara> - <title>Release date:</title> - <para>2012-06-04</para> - </formalpara> - - <para> - This release contains a variety of fixes from 9.0.7. - For information about new features in the 9.0 major release, see - <xref linkend="release-9-0"/>. - </para> - - <sect2> - <title>Migration to Version 9.0.8</title> - - <para> - A dump/restore is not required for those running 9.0.X. - </para> - - <para> - However, if you are upgrading from a version earlier than 9.0.6, - see <xref linkend="release-9-0-6"/>. - </para> - - </sect2> - - <sect2> - <title>Changes</title> - - <itemizedlist> - - <listitem> - <para> - Fix incorrect password transformation in - <filename>contrib/pgcrypto</filename>'s DES <function>crypt()</function> function - (Solar Designer) - </para> - - <para> - If a password string contained the byte value <literal>0x80</literal>, the - remainder of the password was ignored, causing the password to be much - weaker than it appeared. With this fix, the rest of the string is - properly included in the DES hash. Any stored password values that are - affected by this bug will thus no longer match, so the stored values may - need to be updated. (CVE-2012-2143) - </para> - </listitem> - - <listitem> - <para> - Ignore <literal>SECURITY DEFINER</literal> and <literal>SET</literal> attributes for - a procedural language's call handler (Tom Lane) - </para> - - <para> - Applying such attributes to a call handler could crash the server. - (CVE-2012-2655) - </para> - </listitem> - - <listitem> - <para> - Allow numeric timezone offsets in <type>timestamp</type> input to be up to - 16 hours away from UTC (Tom Lane) - </para> - - <para> - Some historical time zones have offsets larger than 15 hours, the - previous limit. This could result in dumped data values being rejected - during reload. - </para> - </listitem> - - <listitem> - <para> - Fix timestamp conversion to cope when the given time is exactly the - last DST transition time for the current timezone (Tom Lane) - </para> - - <para> - This oversight has been there a long time, but was not noticed - previously because most DST-using zones are presumed to have an - indefinite sequence of future DST transitions. - </para> - </listitem> - - <listitem> - <para> - Fix <type>text</type> to <type>name</type> and <type>char</type> to <type>name</type> - casts to perform string truncation correctly in multibyte encodings - (Karl Schnaitter) - </para> - </listitem> - - <listitem> - <para> - Fix memory copying bug in <function>to_tsquery()</function> (Heikki Linnakangas) - </para> - </listitem> - - <listitem> - <para> - Ensure <function>txid_current()</function> reports the correct epoch when - executed in hot standby (Simon Riggs) - </para> - </listitem> - - <listitem> - <para> - Fix planner's handling of outer PlaceHolderVars within subqueries (Tom - Lane) - </para> - - <para> - This bug concerns sub-SELECTs that reference variables coming from the - nullable side of an outer join of the surrounding query. - In 9.1, queries affected by this bug would fail with <quote>ERROR: - Upper-level PlaceHolderVar found where not expected</quote>. But in 9.0 and - 8.4, you'd silently get possibly-wrong answers, since the value - transmitted into the subquery wouldn't go to null when it should. - </para> - </listitem> - - <listitem> - <para> - Fix slow session startup when <structname>pg_attribute</structname> is very large - (Tom Lane) - </para> - - <para> - If <structname>pg_attribute</structname> exceeds one-fourth of - <varname>shared_buffers</varname>, cache rebuilding code that is sometimes - needed during session start would trigger the synchronized-scan logic, - causing it to take many times longer than normal. The problem was - particularly acute if many new sessions were starting at once. - </para> - </listitem> - - <listitem> - <para> - Ensure sequential scans check for query cancel reasonably often (Merlin - Moncure) - </para> - - <para> - A scan encountering many consecutive pages that contain no live tuples - would not respond to interrupts meanwhile. - </para> - </listitem> - - <listitem> - <para> - Ensure the Windows implementation of <function>PGSemaphoreLock()</function> - clears <varname>ImmediateInterruptOK</varname> before returning (Tom Lane) - </para> - - <para> - This oversight meant that a query-cancel interrupt received later - in the same query could be accepted at an unsafe time, with - unpredictable but not good consequences. - </para> - </listitem> - - <listitem> - <para> - Show whole-row variables safely when printing views or rules - (Abbas Butt, Tom Lane) - </para> - - <para> - Corner cases involving ambiguous names (that is, the name could be - either a table or column name of the query) were printed in an - ambiguous way, risking that the view or rule would be interpreted - differently after dump and reload. Avoid the ambiguous case by - attaching a no-op cast. - </para> - </listitem> - - <listitem> - <para> - Fix <command>COPY FROM</command> to properly handle null marker strings that - correspond to invalid encoding (Tom Lane) - </para> - - <para> - A null marker string such as <literal>E'\\0'</literal> should work, and did - work in the past, but the case got broken in 8.4. - </para> - </listitem> - - <listitem> - <para> - Ensure autovacuum worker processes perform stack depth checking - properly (Heikki Linnakangas) - </para> - - <para> - Previously, infinite recursion in a function invoked by - auto-<command>ANALYZE</command> could crash worker processes. - </para> - </listitem> - - <listitem> - <para> - Fix logging collector to not lose log coherency under high load (Andrew - Dunstan) - </para> - - <para> - The collector previously could fail to reassemble large messages if it - got too busy. - </para> - </listitem> - - <listitem> - <para> - Fix logging collector to ensure it will restart file rotation - after receiving <systemitem>SIGHUP</systemitem> (Tom Lane) - </para> - </listitem> - - <listitem> - <para> - Fix WAL replay logic for GIN indexes to not fail if the index was - subsequently dropped (Tom Lane) - </para> - </listitem> - - <listitem> - <para> - Fix memory leak in PL/pgSQL's <command>RETURN NEXT</command> command (Joe - Conway) - </para> - </listitem> - - <listitem> - <para> - Fix PL/pgSQL's <command>GET DIAGNOSTICS</command> command when the target - is the function's first variable (Tom Lane) - </para> - </listitem> - - <listitem> - <para> - Fix potential access off the end of memory in <application>psql</application>'s - expanded display (<command>\x</command>) mode (Peter Eisentraut) - </para> - </listitem> - - <listitem> - <para> - Fix several performance problems in <application>pg_dump</application> when - the database contains many objects (Jeff Janes, Tom Lane) - </para> - - <para> - <application>pg_dump</application> could get very slow if the database contained - many schemas, or if many objects are in dependency loops, or if there - are many owned sequences. - </para> - </listitem> - - <listitem> - <para> - Fix <application>pg_upgrade</application> for the case that a database stored in a - non-default tablespace contains a table in the cluster's default - tablespace (Bruce Momjian) - </para> - </listitem> - - <listitem> - <para> - In <application>ecpg</application>, fix rare memory leaks and possible overwrite - of one byte after the <structname>sqlca_t</structname> structure (Peter Eisentraut) - </para> - </listitem> - - <listitem> - <para> - Fix <filename>contrib/dblink</filename>'s <function>dblink_exec()</function> to not leak - temporary database connections upon error (Tom Lane) - </para> - </listitem> - - <listitem> - <para> - Fix <filename>contrib/dblink</filename> to report the correct connection name in - error messages (Kyotaro Horiguchi) - </para> - </listitem> - - <listitem> - <para> - Fix <filename>contrib/vacuumlo</filename> to use multiple transactions when - dropping many large objects (Tim Lewis, Robert Haas, Tom Lane) - </para> - - <para> - This change avoids exceeding <varname>max_locks_per_transaction</varname> when - many objects need to be dropped. The behavior can be adjusted with the - new <literal>-l</literal> (limit) option. - </para> - </listitem> - - <listitem> - <para> - Update time zone data files to <application>tzdata</application> release 2012c - for DST law changes in Antarctica, Armenia, Chile, Cuba, Falkland - Islands, Gaza, Haiti, Hebron, Morocco, Syria, and Tokelau Islands; - also historical corrections for Canada. - </para> - </listitem> - - </itemizedlist> - - </sect2> - </sect1> - - <sect1 id="release-9-0-7"> - <title>Release 9.0.7</title> - - <formalpara> - <title>Release date:</title> - <para>2012-02-27</para> - </formalpara> - - <para> - This release contains a variety of fixes from 9.0.6. - For information about new features in the 9.0 major release, see - <xref linkend="release-9-0"/>. - </para> - - <sect2> - <title>Migration to Version 9.0.7</title> - - <para> - A dump/restore is not required for those running 9.0.X. - </para> - - <para> - However, if you are upgrading from a version earlier than 9.0.6, - see <xref linkend="release-9-0-6"/>. - </para> - - </sect2> - - <sect2> - <title>Changes</title> - - <itemizedlist> - - <listitem> - <para> - Require execute permission on the trigger function for - <command>CREATE TRIGGER</command> (Robert Haas) - </para> - - <para> - This missing check could allow another user to execute a trigger - function with forged input data, by installing it on a table he owns. - This is only of significance for trigger functions marked - <literal>SECURITY DEFINER</literal>, since otherwise trigger functions run - as the table owner anyway. (CVE-2012-0866) - </para> - </listitem> - - <listitem> - <para> - Remove arbitrary limitation on length of common name in SSL - certificates (Heikki Linnakangas) - </para> - - <para> - Both <application>libpq</application> and the server truncated the common name - extracted from an SSL certificate at 32 bytes. Normally this would - cause nothing worse than an unexpected verification failure, but there - are some rather-implausible scenarios in which it might allow one - certificate holder to impersonate another. The victim would have to - have a common name exactly 32 bytes long, and the attacker would have - to persuade a trusted CA to issue a certificate in which the common - name has that string as a prefix. Impersonating a server would also - require some additional exploit to redirect client connections. - (CVE-2012-0867) - </para> - </listitem> - - <listitem> - <para> - Convert newlines to spaces in names written in <application>pg_dump</application> - comments (Robert Haas) - </para> - - <para> - <application>pg_dump</application> was incautious about sanitizing object names - that are emitted within SQL comments in its output script. A name - containing a newline would at least render the script syntactically - incorrect. Maliciously crafted object names could present a SQL - injection risk when the script is reloaded. (CVE-2012-0868) - </para> - </listitem> - - <listitem> - <para> - Fix btree index corruption from insertions concurrent with vacuuming - (Tom Lane) - </para> - - <para> - An index page split caused by an insertion could sometimes cause a - concurrently-running <command>VACUUM</command> to miss removing index entries - that it should remove. After the corresponding table rows are removed, - the dangling index entries would cause errors (such as <quote>could not - read block N in file ...</quote>) or worse, silently wrong query results - after unrelated rows are re-inserted at the now-free table locations. - This bug has been present since release 8.2, but occurs so infrequently - that it was not diagnosed until now. If you have reason to suspect - that it has happened in your database, reindexing the affected index - will fix things. - </para> - </listitem> - - <listitem> - <para> - Fix transient zeroing of shared buffers during WAL replay (Tom Lane) - </para> - - <para> - The replay logic would sometimes zero and refill a shared buffer, so - that the contents were transiently invalid. In hot standby mode this - can result in a query that's executing in parallel seeing garbage data. - Various symptoms could result from that, but the most common one seems - to be <quote>invalid memory alloc request size</quote>. - </para> - </listitem> - - <listitem> - <para> - Fix postmaster to attempt restart after a hot-standby crash (Tom Lane) - </para> - - <para> - A logic error caused the postmaster to terminate, rather than attempt - to restart the cluster, if any backend process crashed while operating - in hot standby mode. - </para> - </listitem> - - <listitem> - <para> - Fix <command>CLUSTER</command>/<command>VACUUM FULL</command> handling of toast - values owned by recently-updated rows (Tom Lane) - </para> - - <para> - This oversight could lead to <quote>duplicate key value violates unique - constraint</quote> errors being reported against the toast table's index - during one of these commands. - </para> - </listitem> - - <listitem> - <para> - Update per-column permissions, not only per-table permissions, when - changing table owner (Tom Lane) - </para> - - <para> - Failure to do this meant that any previously granted column permissions - were still shown as having been granted by the old owner. This meant - that neither the new owner nor a superuser could revoke the - now-untraceable-to-table-owner permissions. - </para> - </listitem> - - <listitem> - <para> - Support foreign data wrappers and foreign servers in - <command>REASSIGN OWNED</command> (Alvaro Herrera) - </para> - - <para> - This command failed with <quote>unexpected classid</quote> errors if - it needed to change the ownership of any such objects. - </para> - </listitem> - - <listitem> - <para> - Allow non-existent values for some settings in <command>ALTER - USER/DATABASE SET</command> (Heikki Linnakangas) - </para> - - <para> - Allow <varname>default_text_search_config</varname>, - <varname>default_tablespace</varname>, and <varname>temp_tablespaces</varname> to be - set to names that are not known. This is because they might be known - in another database where the setting is intended to be used, or for the - tablespace cases because the tablespace might not be created yet. The - same issue was previously recognized for <varname>search_path</varname>, and - these settings now act like that one. - </para> - </listitem> - - <listitem> - <para> - Avoid crashing when we have problems deleting table files post-commit - (Tom Lane) - </para> - - <para> - Dropping a table should lead to deleting the underlying disk files only - after the transaction commits. In event of failure then (for instance, - because of wrong file permissions) the code is supposed to just emit a - warning message and go on, since it's too late to abort the - transaction. This logic got broken as of release 8.4, causing such - situations to result in a PANIC and an unrestartable database. - </para> - </listitem> - - <listitem> - <para> - Recover from errors occurring during WAL replay of <command>DROP - TABLESPACE</command> (Tom Lane) - </para> - - <para> - Replay will attempt to remove the tablespace's directories, but there - are various reasons why this might fail (for example, incorrect - ownership or permissions on those directories). Formerly the replay - code would panic, rendering the database unrestartable without manual - intervention. It seems better to log the problem and continue, since - the only consequence of failure to remove the directories is some - wasted disk space. - </para> - </listitem> - - <listitem> - <para> - Fix race condition in logging AccessExclusiveLocks for hot standby - (Simon Riggs) - </para> - - <para> - Sometimes a lock would be logged as being held by <quote>transaction - zero</quote>. This is at least known to produce assertion failures on - slave servers, and might be the cause of more serious problems. - </para> - </listitem> - - <listitem> - <para> - Track the OID counter correctly during WAL replay, even when it wraps - around (Tom Lane) - </para> - - <para> - Previously the OID counter would remain stuck at a high value until the - system exited replay mode. The practical consequences of that are - usually nil, but there are scenarios wherein a standby server that's - been promoted to master might take a long time to advance the OID - counter to a reasonable value once values are needed. - </para> - </listitem> - - <listitem> - <para> - Prevent emitting misleading <quote>consistent recovery state reached</quote> - log message at the beginning of crash recovery (Heikki Linnakangas) - </para> - </listitem> - - <listitem> - <para> - Fix initial value of - <structname>pg_stat_replication</structname>.<structfield>replay_location</structfield> - (Fujii Masao) - </para> - - <para> - Previously, the value shown would be wrong until at least one WAL - record had been replayed. - </para> - </listitem> - - <listitem> - <para> - Fix regular expression back-references with <literal>*</literal> attached - (Tom Lane) - </para> - - <para> - Rather than enforcing an exact string match, the code would effectively - accept any string that satisfies the pattern sub-expression referenced - by the back-reference symbol. - </para> - - <para> - A similar problem still afflicts back-references that are embedded in a - larger quantified expression, rather than being the immediate subject - of the quantifier. This will be addressed in a future - <productname>PostgreSQL</productname> release. - </para> - </listitem> - - <listitem> - <para> - Fix recently-introduced memory leak in processing of - <type>inet</type>/<type>cidr</type> values (Heikki Linnakangas) - </para> - - <para> - A patch in the December 2011 releases of <productname>PostgreSQL</productname> - caused memory leakage in these operations, which could be significant - in scenarios such as building a btree index on such a column. - </para> - </listitem> - - <listitem> - <para> - Fix dangling pointer after <command>CREATE TABLE AS</command>/<command>SELECT - INTO</command> in a SQL-language function (Tom Lane) - </para> - - <para> - In most cases this only led to an assertion failure in assert-enabled - builds, but worse consequences seem possible. - </para> - </listitem> - - <listitem> - <para> - Avoid double close of file handle in syslogger on Windows (MauMau) - </para> - - <para> - Ordinarily this error was invisible, but it would cause an exception - when running on a debug version of Windows. - </para> - </listitem> - - <listitem> - <para> - Fix I/O-conversion-related memory leaks in plpgsql - (Andres Freund, Jan Urbanski, Tom Lane) - </para> - - <para> - Certain operations would leak memory until the end of the current - function. - </para> - </listitem> - - <listitem> - <para> - Improve <application>pg_dump</application>'s handling of inherited table columns - (Tom Lane) - </para> - - <para> - <application>pg_dump</application> mishandled situations where a child column has - a different default expression than its parent column. If the default - is textually identical to the parent's default, but not actually the - same (for instance, because of schema search path differences) it would - not be recognized as different, so that after dump and restore the - child would be allowed to inherit the parent's default. Child columns - that are <literal>NOT NULL</literal> where their parent is not could also be - restored subtly incorrectly. - </para> - </listitem> - - <listitem> - <para> - Fix <application>pg_restore</application>'s direct-to-database mode for - INSERT-style table data (Tom Lane) - </para> - - <para> - Direct-to-database restores from archive files made with - <option>--inserts</option> or <option>--column-inserts</option> options fail when - using <application>pg_restore</application> from a release dated September or - December 2011, as a result of an oversight in a fix for another - problem. The archive file itself is not at fault, and text-mode - output is okay. - </para> - </listitem> - - <listitem> - <para> - Allow <application>pg_upgrade</application> to process tables containing - <type>regclass</type> columns (Bruce Momjian) - </para> - - <para> - Since <application>pg_upgrade</application> now takes care to preserve - <structname>pg_class</structname> OIDs, there was no longer any reason for this - restriction. - </para> - </listitem> - - <listitem> - <para> - Make <application>libpq</application> ignore <literal>ENOTDIR</literal> errors - when looking for an SSL client certificate file - (Magnus Hagander) - </para> - - <para> - This allows SSL connections to be established, though without a - certificate, even when the user's home directory is set to something - like <literal>/dev/null</literal>. - </para> - </listitem> - - <listitem> - <para> - Fix some more field alignment issues in <application>ecpg</application>'s SQLDA area - (Zoltan Boszormenyi) - </para> - </listitem> - - <listitem> - <para> - Allow <literal>AT</literal> option in <application>ecpg</application> - <literal>DEALLOCATE</literal> statements (Michael Meskes) - </para> - - <para> - The infrastructure to support this has been there for awhile, but - through an oversight there was still an error check rejecting the case. - </para> - </listitem> - - <listitem> - <para> - Do not use the variable name when defining a varchar structure in ecpg - (Michael Meskes) - </para> - </listitem> - - <listitem> - <para> - Fix <filename>contrib/auto_explain</filename>'s JSON output mode to produce - valid JSON (Andrew Dunstan) - </para> - - <para> - The output used brackets at the top level, when it should have used - braces. - </para> - </listitem> - - <listitem> - <para> - Fix error in <filename>contrib/intarray</filename>'s <literal>int[] & - int[]</literal> operator (Guillaume Lelarge) - </para> - - <para> - If the smallest integer the two input arrays have in common is 1, - and there are smaller values in either array, then 1 would be - incorrectly omitted from the result. - </para> - </listitem> - - <listitem> - <para> - Fix error detection in <filename>contrib/pgcrypto</filename>'s - <function>encrypt_iv()</function> and <function>decrypt_iv()</function> - (Marko Kreen) - </para> - - <para> - These functions failed to report certain types of invalid-input errors, - and would instead return random garbage values for incorrect input. - </para> - </listitem> - - <listitem> - <para> - Fix one-byte buffer overrun in <filename>contrib/test_parser</filename> - (Paul Guyot) - </para> - - <para> - The code would try to read one more byte than it should, which would - crash in corner cases. - Since <filename>contrib/test_parser</filename> is only example code, this is - not a security issue in itself, but bad example code is still bad. - </para> - </listitem> - - <listitem> - <para> - Use <function>__sync_lock_test_and_set()</function> for spinlocks on ARM, if - available (Martin Pitt) - </para> - - <para> - This function replaces our previous use of the <literal>SWPB</literal> - instruction, which is deprecated and not available on ARMv6 and later. - Reports suggest that the old code doesn't fail in an obvious way on - recent ARM boards, but simply doesn't interlock concurrent accesses, - leading to bizarre failures in multiprocess operation. - </para> - </listitem> - - <listitem> - <para> - Use <option>-fexcess-precision=standard</option> option when building with - gcc versions that accept it (Andrew Dunstan) - </para> - - <para> - This prevents assorted scenarios wherein recent versions of gcc will - produce creative results. - </para> - </listitem> - - <listitem> - <para> - Allow use of threaded Python on FreeBSD (Chris Rees) - </para> - - <para> - Our configure script previously believed that this combination wouldn't - work; but FreeBSD fixed the problem, so remove that error check. - </para> - </listitem> - - </itemizedlist> - - </sect2> - </sect1> - - <sect1 id="release-9-0-6"> - <title>Release 9.0.6</title> - - <formalpara> - <title>Release date:</title> - <para>2011-12-05</para> - </formalpara> - - <para> - This release contains a variety of fixes from 9.0.5. - For information about new features in the 9.0 major release, see - <xref linkend="release-9-0"/>. - </para> - - <sect2> - <title>Migration to Version 9.0.6</title> - - <para> - A dump/restore is not required for those running 9.0.X. - </para> - - <para> - However, a longstanding error was discovered in the definition of the - <literal>information_schema.referential_constraints</literal> view. If you - rely on correct results from that view, you should replace its - definition as explained in the first changelog item below. - </para> - - <para> - Also, if you are upgrading from a version earlier than 9.0.4, - see <xref linkend="release-9-0-4"/>. - </para> - - </sect2> - - <sect2> - <title>Changes</title> - - <itemizedlist> - - <listitem> - <para> - Fix bugs in <literal>information_schema.referential_constraints</literal> view - (Tom Lane) - </para> - - <para> - This view was being insufficiently careful about matching the - foreign-key constraint to the depended-on primary or unique key - constraint. That could result in failure to show a foreign key - constraint at all, or showing it multiple times, or claiming that it - depends on a different constraint than the one it really does. - </para> - - <para> - Since the view definition is installed by <application>initdb</application>, - merely upgrading will not fix the problem. If you need to fix this - in an existing installation, you can (as a superuser) drop the - <literal>information_schema</literal> schema then re-create it by sourcing - <filename><replaceable>SHAREDIR</replaceable>/information_schema.sql</filename>. - (Run <literal>pg_config --sharedir</literal> if you're uncertain where - <replaceable>SHAREDIR</replaceable> is.) This must be repeated in each database - to be fixed. - </para> - </listitem> - - <listitem> - <para> - Fix possible crash during <command>UPDATE</command> or <command>DELETE</command> that - joins to the output of a scalar-returning function (Tom Lane) - </para> - - <para> - A crash could only occur if the target row had been concurrently - updated, so this problem surfaced only intermittently. - </para> - </listitem> - - <listitem> - <para> - Fix incorrect replay of WAL records for GIN index updates - (Tom Lane) - </para> - - <para> - This could result in transiently failing to find index entries after - a crash, or on a hot-standby server. The problem would be repaired - by the next <command>VACUUM</command> of the index, however. - </para> - </listitem> - - <listitem> - <para> - Fix TOAST-related data corruption during <literal>CREATE TABLE dest AS - SELECT * FROM src</literal> or <literal>INSERT INTO dest SELECT * FROM src</literal> - (Tom Lane) - </para> - - <para> - If a table has been modified by <command>ALTER TABLE ADD COLUMN</command>, - attempts to copy its data verbatim to another table could produce - corrupt results in certain corner cases. - The problem can only manifest in this precise form in 8.4 and later, - but we patched earlier versions as well in case there are other code - paths that could trigger the same bug. - </para> - </listitem> - - <listitem> - <para> - Fix possible failures during hot standby startup (Simon Riggs) - </para> - </listitem> - - <listitem> - <para> - Start hot standby faster when initial snapshot is incomplete - (Simon Riggs) - </para> - </listitem> - - <listitem> - <para> - Fix race condition during toast table access from stale syscache entries - (Tom Lane) - </para> - - <para> - The typical symptom was transient errors like <quote>missing chunk - number 0 for toast value NNNNN in pg_toast_2619</quote>, where the cited - toast table would always belong to a system catalog. - </para> - </listitem> - - <listitem> - <para> - Track dependencies of functions on items used in parameter default - expressions (Tom Lane) - </para> - - <para> - Previously, a referenced object could be dropped without having dropped - or modified the function, leading to misbehavior when the function was - used. Note that merely installing this update will not fix the missing - dependency entries; to do that, you'd need to <command>CREATE OR - REPLACE</command> each such function afterwards. If you have functions whose - defaults depend on non-built-in objects, doing so is recommended. - </para> - </listitem> - - <listitem> - <para> - Allow inlining of set-returning SQL functions with multiple OUT - parameters (Tom Lane) - </para> - </listitem> - - <listitem> - <para> - Don't trust deferred-unique indexes for join removal (Tom Lane and Marti - Raudsepp) - </para> - - <para> - A deferred uniqueness constraint might not hold intra-transaction, - so assuming that it does could give incorrect query results. - </para> - </listitem> - - <listitem> - <para> - Make <function>DatumGetInetP()</function> unpack inet datums that have a 1-byte - header, and add a new macro, <function>DatumGetInetPP()</function>, that does - not (Heikki Linnakangas) - </para> - - <para> - This change affects no core code, but might prevent crashes in add-on - code that expects <function>DatumGetInetP()</function> to produce an unpacked - datum as per usual convention. - </para> - </listitem> - - <listitem> - <para> - Improve locale support in <type>money</type> type's input and output - (Tom Lane) - </para> - - <para> - Aside from not supporting all standard - <link linkend="guc-lc-monetary"><varname>lc_monetary</varname></link> - formatting options, the input and output functions were inconsistent, - meaning there were locales in which dumped <type>money</type> values could - not be re-read. - </para> - </listitem> - - <listitem> - <para> - Don't let <link - linkend="guc-transform-null-equals"><varname>transform_null_equals</varname></link> - affect <literal>CASE foo WHEN NULL ...</literal> constructs - (Heikki Linnakangas) - </para> - - <para> - <varname>transform_null_equals</varname> is only supposed to affect - <literal>foo = NULL</literal> expressions written directly by the user, not - equality checks generated internally by this form of <literal>CASE</literal>. - </para> - </listitem> - - <listitem> - <para> - Change foreign-key trigger creation order to better support - self-referential foreign keys (Tom Lane) - </para> - - <para> - For a cascading foreign key that references its own table, a row update - will fire both the <literal>ON UPDATE</literal> trigger and the - <literal>CHECK</literal> trigger as one event. The <literal>ON UPDATE</literal> - trigger must execute first, else the <literal>CHECK</literal> will check a - non-final state of the row and possibly throw an inappropriate error. - However, the firing order of these triggers is determined by their - names, which generally sort in creation order since the triggers have - auto-generated names following the convention - <quote>RI_ConstraintTrigger_NNNN</quote>. A proper fix would require - modifying that convention, which we will do in 9.2, but it seems risky - to change it in existing releases. So this patch just changes the - creation order of the triggers. Users encountering this type of error - should drop and re-create the foreign key constraint to get its - triggers into the right order. - </para> - </listitem> - - <listitem> - <para> - Avoid floating-point underflow while tracking buffer allocation rate - (Greg Matthews) - </para> - - <para> - While harmless in itself, on certain platforms this would result in - annoying kernel log messages. - </para> - </listitem> - - <listitem> - <para> - Preserve configuration file name and line number values when starting - child processes under Windows (Tom Lane) - </para> - - <para> - Formerly, these would not be displayed correctly in the - <structname>pg_settings</structname> view. - </para> - </listitem> - - <listitem> - <para> - Fix incorrect field alignment in <application>ecpg</application>'s SQLDA area - (Zoltan Boszormenyi) - </para> - </listitem> - - <listitem> - <para> - Preserve blank lines within commands in <application>psql</application>'s command - history (Robert Haas) - </para> - - <para> - The former behavior could cause problems if an empty line was removed - from within a string literal, for example. - </para> - </listitem> - - <listitem> - <para> - Fix <application>pg_dump</application> to dump user-defined casts between - auto-generated types, such as table rowtypes (Tom Lane) - </para> - </listitem> - - <listitem> - <para> - Assorted fixes for <application>pg_upgrade</application> (Bruce Momjian) - </para> - - <para> - Handle exclusion constraints correctly, avoid failures on Windows, - don't complain about mismatched toast table names in 8.4 databases. - </para> - </listitem> - - <listitem> - <para> - Use the preferred version of <application>xsubpp</application> to build PL/Perl, - not necessarily the operating system's main copy - (David Wheeler and Alex Hunsaker) - </para> - </listitem> - - <listitem> - <para> - Fix incorrect coding in <filename>contrib/dict_int</filename> and - <filename>contrib/dict_xsyn</filename> (Tom Lane) - </para> - - <para> - Some functions incorrectly assumed that memory returned by - <function>palloc()</function> is guaranteed zeroed. - </para> - </listitem> - - <listitem> - <para> - Fix assorted errors in <filename>contrib/unaccent</filename>'s configuration - file parsing (Tom Lane) - </para> - </listitem> - - <listitem> - <para> - Honor query cancel interrupts promptly in <function>pgstatindex()</function> - (Robert Haas) - </para> - </listitem> - - <listitem> - <para> - Fix incorrect quoting of log file name in macOS start script - (Sidar Lopez) - </para> - </listitem> - - <listitem> - <para> - Ensure VPATH builds properly install all server header files - (Peter Eisentraut) - </para> - </listitem> - - <listitem> - <para> - Shorten file names reported in verbose error messages (Peter Eisentraut) - </para> - - <para> - Regular builds have always reported just the name of the C file - containing the error message call, but VPATH builds formerly - reported an absolute path name. - </para> - </listitem> - - <listitem> - <para> - Fix interpretation of Windows timezone names for Central America - (Tom Lane) - </para> - - <para> - Map <quote>Central America Standard Time</quote> to <literal>CST6</literal>, not - <literal>CST6CDT</literal>, because DST is generally not observed anywhere in - Central America. - </para> - </listitem> - - <listitem> - <para> - Update time zone data files to <application>tzdata</application> release 2011n - for DST law changes in Brazil, Cuba, Fiji, Palestine, Russia, and Samoa; - also historical corrections for Alaska and British East Africa. - </para> - </listitem> - - </itemizedlist> - - </sect2> - </sect1> - - <sect1 id="release-9-0-5"> - <title>Release 9.0.5</title> - - <formalpara> - <title>Release date:</title> - <para>2011-09-26</para> - </formalpara> - - <para> - This release contains a variety of fixes from 9.0.4. - For information about new features in the 9.0 major release, see - <xref linkend="release-9-0"/>. - </para> - - <sect2> - <title>Migration to Version 9.0.5</title> - - <para> - A dump/restore is not required for those running 9.0.X. - </para> - - <para> - However, if you are upgrading from a version earlier than 9.0.4, - see <xref linkend="release-9-0-4"/>. - </para> - - </sect2> - - <sect2> - <title>Changes</title> - - <itemizedlist> - - <listitem> - <para> - Fix catalog cache invalidation after a <command>VACUUM FULL</command> or - <command>CLUSTER</command> on a system catalog (Tom Lane) - </para> - - <para> - In some cases the relocation of a system catalog row to another place - would not be recognized by concurrent server processes, allowing catalog - corruption to occur if they then tried to update that row. The - worst-case outcome could be as bad as complete loss of a table. - </para> - </listitem> - - <listitem> - <para> - Fix incorrect order of operations during sinval reset processing, - and ensure that TOAST OIDs are preserved in system catalogs (Tom - Lane) - </para> - - <para> - These mistakes could lead to transient failures after a <command>VACUUM - FULL</command> or <command>CLUSTER</command> on a system catalog. - </para> - </listitem> - - <listitem> - <para> - Fix bugs in indexing of in-doubt HOT-updated tuples (Tom Lane) - </para> - - <para> - These bugs could result in index corruption after reindexing a system - catalog. They are not believed to affect user indexes. - </para> - </listitem> - - <listitem> - <para> - Fix multiple bugs in GiST index page split processing (Heikki - Linnakangas) - </para> - - <para> - The probability of occurrence was low, but these could lead to index - corruption. - </para> - </listitem> - - <listitem> - <para> - Fix possible buffer overrun in <function>tsvector_concat()</function> - (Tom Lane) - </para> - - <para> - The function could underestimate the amount of memory needed for its - result, leading to server crashes. - </para> - </listitem> - - <listitem> - <para> - Fix crash in <function>xml_recv</function> when processing a - <quote>standalone</quote> parameter (Tom Lane) - </para> - </listitem> - - <listitem> - <para> - Make <function>pg_options_to_table</function> return NULL for an option with no - value (Tom Lane) - </para> - - <para> - Previously such cases would result in a server crash. - </para> - </listitem> - - <listitem> - <para> - Avoid possibly accessing off the end of memory in <command>ANALYZE</command> - and in SJIS-2004 encoding conversion (Noah Misch) - </para> - - <para> - This fixes some very-low-probability server crash scenarios. - </para> - </listitem> - - <listitem> - <para> - Protect <function>pg_stat_reset_shared()</function> against NULL input (Magnus - Hagander) - </para> - </listitem> - - <listitem> - <para> - Fix possible failure when a recovery conflict deadlock is detected - within a sub-transaction (Tom Lane) - </para> - </listitem> - - <listitem> - <para> - Avoid spurious conflicts while recycling btree index pages during hot - standby (Noah Misch, Simon Riggs) - </para> - </listitem> - - <listitem> - <para> - Shut down WAL receiver if it's still running at end of recovery (Heikki - Linnakangas) - </para> - - <para> - The postmaster formerly panicked in this situation, but it's actually a - legitimate case. - </para> - </listitem> - - <listitem> - <para> - Fix race condition in relcache init file invalidation (Tom Lane) - </para> - - <para> - There was a window wherein a new backend process could read a stale init - file but miss the inval messages that would tell it the data is stale. - The result would be bizarre failures in catalog accesses, typically - <quote>could not read block 0 in file ...</quote> later during startup. - </para> - </listitem> - - <listitem> - <para> - Fix memory leak at end of a GiST index scan (Tom Lane) - </para> - - <para> - Commands that perform many separate GiST index scans, such as - verification of a new GiST-based exclusion constraint on a table - already containing many rows, could transiently require large amounts of - memory due to this leak. - </para> - </listitem> - - <listitem> - <para> - Fix memory leak when encoding conversion has to be done on incoming - command strings and <command>LISTEN</command> is active (Tom Lane) - </para> - </listitem> - - <listitem> - <para> - Fix incorrect memory accounting (leading to possible memory bloat) in - tuplestores supporting holdable cursors and plpgsql's <literal>RETURN - NEXT</literal> command (Tom Lane) - </para> - </listitem> - - <listitem> - <para> - Fix trigger <literal>WHEN</literal> conditions when both <literal>BEFORE</literal> and - <literal>AFTER</literal> triggers exist (Tom Lane) - </para> - - <para> - Evaluation of <literal>WHEN</literal> conditions for <literal>AFTER ROW - UPDATE</literal> triggers could crash if there had been a <literal>BEFORE - ROW</literal> trigger fired for the same update. - </para> - </listitem> - - <listitem> - <para> - Fix performance problem when constructing a large, lossy bitmap - (Tom Lane) - </para> - </listitem> - - <listitem> - <para> - Fix join selectivity estimation for unique columns (Tom Lane) - </para> - - <para> - This fixes an erroneous planner heuristic that could lead to poor - estimates of the result size of a join. - </para> - </listitem> - - <listitem> - <para> - Fix nested PlaceHolderVar expressions that appear only in sub-select - target lists (Tom Lane) - </para> - - <para> - This mistake could result in outputs of an outer join incorrectly - appearing as NULL. - </para> - </listitem> - - <listitem> - <para> - Allow the planner to assume that empty parent tables really are empty - (Tom Lane) - </para> - - <para> - Normally an empty table is assumed to have a certain minimum size for - planning purposes; but this heuristic seems to do more harm than good - for the parent table of an inheritance hierarchy, which often is - permanently empty. - </para> - </listitem> - - <listitem> - <para> - Allow nested <literal>EXISTS</literal> queries to be optimized properly (Tom - Lane) - </para> - </listitem> - - <listitem> - <para> - Fix array- and path-creating functions to ensure padding bytes are - zeroes (Tom Lane) - </para> - - <para> - This avoids some situations where the planner will think that - semantically-equal constants are not equal, resulting in poor - optimization. - </para> - </listitem> - - <listitem> - <para> - Fix <command>EXPLAIN</command> to handle gating Result nodes within - inner-indexscan subplans (Tom Lane) - </para> - - <para> - The usual symptom of this oversight was <quote>bogus varno</quote> errors. - </para> - </listitem> - - <listitem> - <para> - Fix btree preprocessing of <replaceable>indexedcol</replaceable> <literal>IS - NULL</literal> conditions (Dean Rasheed) - </para> - - <para> - Such a condition is unsatisfiable if combined with any other type of - btree-indexable condition on the same index column. The case was - handled incorrectly in 9.0.0 and later, leading to query output where - there should be none. - </para> - </listitem> - - <listitem> - <para> - Work around gcc 4.6.0 bug that breaks WAL replay (Tom Lane) - </para> - - <para> - This could lead to loss of committed transactions after a server crash. - </para> - </listitem> - - <listitem> - <para> - Fix dump bug for <literal>VALUES</literal> in a view (Tom Lane) - </para> - </listitem> - - <listitem> - <para> - Disallow <literal>SELECT FOR UPDATE/SHARE</literal> on sequences (Tom Lane) - </para> - - <para> - This operation doesn't work as expected and can lead to failures. - </para> - </listitem> - - <listitem> - <para> - Fix <command>VACUUM</command> so that it always updates - <literal>pg_class</literal>.<literal>reltuples</literal>/<literal>relpages</literal> (Tom - Lane) - </para> - - <para> - This fixes some scenarios where autovacuum could make increasingly poor - decisions about when to vacuum tables. - </para> - </listitem> - - <listitem> - <para> - Defend against integer overflow when computing size of a hash table (Tom - Lane) - </para> - </listitem> - - <listitem> - <para> - Fix cases where <command>CLUSTER</command> might attempt to access - already-removed TOAST data (Tom Lane) - </para> - </listitem> - - <listitem> - <para> - Fix premature timeout failures during initial authentication transaction - (Tom Lane) - </para> - </listitem> - - <listitem> - <para> - Fix portability bugs in use of credentials control messages for - <quote>peer</quote> authentication (Tom Lane) - </para> - </listitem> - - <listitem> - <para> - Fix SSPI login when multiple roundtrips are required (Ahmed Shinwari, - Magnus Hagander) - </para> - - <para> - The typical symptom of this problem was <quote>The function requested is - not supported</quote> errors during SSPI login. - </para> - </listitem> - - <listitem> - <para> - Fix failure when adding a new variable of a custom variable class to - <filename>postgresql.conf</filename> (Tom Lane) - </para> - </listitem> - - <listitem> - <para> - Throw an error if <filename>pg_hba.conf</filename> contains <literal>hostssl</literal> - but SSL is disabled (Tom Lane) - </para> - - <para> - This was concluded to be more user-friendly than the previous behavior - of silently ignoring such lines. - </para> - </listitem> - - <listitem> - <para> - Fix failure when <command>DROP OWNED BY</command> attempts to remove default - privileges on sequences (Shigeru Hanada) - </para> - </listitem> - - <listitem> - <para> - Fix typo in <function>pg_srand48</function> seed initialization (Andres Freund) - </para> - - <para> - This led to failure to use all bits of the provided seed. This function - is not used on most platforms (only those without <function>srandom</function>), - and the potential security exposure from a less-random-than-expected - seed seems minimal in any case. - </para> - </listitem> - - <listitem> - <para> - Avoid integer overflow when the sum of <literal>LIMIT</literal> and - <literal>OFFSET</literal> values exceeds 2^63 (Heikki Linnakangas) - </para> - </listitem> - - <listitem> - <para> - Add overflow checks to <type>int4</type> and <type>int8</type> versions of - <function>generate_series()</function> (Robert Haas) - </para> - </listitem> - - <listitem> - <para> - Fix trailing-zero removal in <function>to_char()</function> (Marti Raudsepp) - </para> - - <para> - In a format with <literal>FM</literal> and no digit positions - after the decimal point, zeroes to the left of the decimal point could - be removed incorrectly. - </para> - </listitem> - - <listitem> - <para> - Fix <function>pg_size_pretty()</function> to avoid overflow for inputs close to - 2^63 (Tom Lane) - </para> - </listitem> - - <listitem> - <para> - Weaken plpgsql's check for typmod matching in record values (Tom Lane) - </para> - - <para> - An overly enthusiastic check could lead to discarding length modifiers - that should have been kept. - </para> - </listitem> - - <listitem> - <para> - Correctly handle quotes in locale names during <application>initdb</application> - (Heikki Linnakangas) - </para> - - <para> - The case can arise with some Windows locales, such as <quote>People's - Republic of China</quote>. - </para> - </listitem> - - <listitem> - <para> - In <application>pg_upgrade</application>, avoid dumping orphaned temporary tables - (Bruce Momjian) - </para> - - <para> - This prevents situations wherein table OID assignments could get out of - sync between old and new installations. - </para> - </listitem> - - <listitem> - <para> - Fix <application>pg_upgrade</application> to preserve toast tables' relfrozenxids - during an upgrade from 8.3 (Bruce Momjian) - </para> - - <para> - Failure to do this could lead to <filename>pg_clog</filename> files being - removed too soon after the upgrade. - </para> - </listitem> - - <listitem> - <para> - In <application>pg_upgrade</application>, fix the <literal>-l</literal> (log) option to - work on Windows (Bruce Momjian) - </para> - </listitem> - - <listitem> - <para> - In <application>pg_ctl</application>, support silent mode for service registrations - on Windows (MauMau) - </para> - </listitem> - - <listitem> - <para> - Fix <application>psql</application>'s counting of script file line numbers during - <literal>COPY</literal> from a different file (Tom Lane) - </para> - </listitem> - - <listitem> - <para> - Fix <application>pg_restore</application>'s direct-to-database mode for - <varname>standard_conforming_strings</varname> (Tom Lane) - </para> - - <para> - <application>pg_restore</application> could emit incorrect commands when restoring - directly to a database server from an archive file that had been made - with <varname>standard_conforming_strings</varname> set to <literal>on</literal>. - </para> - </listitem> - - <listitem> - <para> - Be more user-friendly about unsupported cases for parallel - <application>pg_restore</application> (Tom Lane) - </para> - - <para> - This change ensures that such cases are detected and reported before - any restore actions have been taken. - </para> - </listitem> - - <listitem> - <para> - Fix write-past-buffer-end and memory leak in <application>libpq</application>'s - LDAP service lookup code (Albe Laurenz) - </para> - </listitem> - - <listitem> - <para> - In <application>libpq</application>, avoid failures when using nonblocking I/O - and an SSL connection (Martin Pihlak, Tom Lane) - </para> - </listitem> - - <listitem> - <para> - Improve libpq's handling of failures during connection startup - (Tom Lane) - </para> - - <para> - In particular, the response to a server report of <function>fork()</function> - failure during SSL connection startup is now saner. - </para> - </listitem> - - <listitem> - <para> - Improve <application>libpq</application>'s error reporting for SSL failures (Tom - Lane) - </para> - </listitem> - - <listitem> - <para> - Fix <function>PQsetvalue()</function> to avoid possible crash when adding a new - tuple to a <structname>PGresult</structname> originally obtained from a server - query (Andrew Chernow) - </para> - </listitem> - - <listitem> - <para> - Make <application>ecpglib</application> write <type>double</type> values with 15 digits - precision (Akira Kurosawa) - </para> - </listitem> - - <listitem> - <para> - In <application>ecpglib</application>, be sure <literal>LC_NUMERIC</literal> setting is - restored after an error (Michael Meskes) - </para> - </listitem> - - <listitem> - <para> - Apply upstream fix for blowfish signed-character bug (CVE-2011-2483) - (Tom Lane) - </para> - - <para> - <filename>contrib/pg_crypto</filename>'s blowfish encryption code could give - wrong results on platforms where char is signed (which is most), - leading to encrypted passwords being weaker than they should be. - </para> - </listitem> - - <listitem> - <para> - Fix memory leak in <filename>contrib/seg</filename> (Heikki Linnakangas) - </para> - </listitem> - - <listitem> - <para> - Fix <function>pgstatindex()</function> to give consistent results for empty - indexes (Tom Lane) - </para> - </listitem> - - <listitem> - <para> - Allow building with perl 5.14 (Alex Hunsaker) - </para> - </listitem> - - <listitem> - <para> - Fix assorted issues with build and install file paths containing spaces - (Tom Lane) - </para> - </listitem> - - <listitem> - <para> - Update time zone data files to <application>tzdata</application> release 2011i - for DST law changes in Canada, Egypt, Russia, Samoa, and South Sudan. - </para> - </listitem> - - </itemizedlist> - - </sect2> - </sect1> - - <sect1 id="release-9-0-4"> - <title>Release 9.0.4</title> - - <formalpara> - <title>Release date:</title> - <para>2011-04-18</para> - </formalpara> - - <para> - This release contains a variety of fixes from 9.0.3. - For information about new features in the 9.0 major release, see - <xref linkend="release-9-0"/>. - </para> - - <sect2> - <title>Migration to Version 9.0.4</title> - - <para> - A dump/restore is not required for those running 9.0.X. - </para> - - <para> - However, if your installation was upgraded from a previous major - release by running <application>pg_upgrade</application>, you should take - action to prevent possible data loss due to a now-fixed bug in - <application>pg_upgrade</application>. The recommended solution is to run - <command>VACUUM FREEZE</command> on all TOAST tables. - More information is available at <ulink - url="http://wiki.postgresql.org/wiki/20110408pg_upgrade_fix"> - http://wiki.postgresql.org/wiki/20110408pg_upgrade_fix</ulink>. - </para> - - </sect2> - - <sect2> - <title>Changes</title> - - <itemizedlist> - - <listitem> - <para> - Fix <application>pg_upgrade</application>'s handling of TOAST tables - (Bruce Momjian) - </para> - - <para> - The <structname>pg_class</structname>.<structfield>relfrozenxid</structfield> value for - TOAST tables was not correctly copied into the new installation - during <application>pg_upgrade</application>. This could later result in - <literal>pg_clog</literal> files being discarded while they were still - needed to validate tuples in the TOAST tables, leading to - <quote>could not access status of transaction</quote> failures. - </para> - - <para> - This error poses a significant risk of data loss for installations - that have been upgraded with <application>pg_upgrade</application>. This patch - corrects the problem for future uses of <application>pg_upgrade</application>, - but does not in itself cure the issue in installations that have been - processed with a buggy version of <application>pg_upgrade</application>. - </para> - </listitem> - - <listitem> - <para> - Suppress incorrect <quote>PD_ALL_VISIBLE flag was incorrectly set</quote> - warning (Heikki Linnakangas) - </para> - - <para> - <command>VACUUM</command> would sometimes issue this warning in cases that - are actually valid. - </para> - </listitem> - - <listitem> - <para> - Use better SQLSTATE error codes for hot standby conflict cases - (Tatsuo Ishii and Simon Riggs) - </para> - - <para> - All retryable conflict errors now have an error code that indicates - that a retry is possible. Also, session closure due to the database - being dropped on the master is now reported as - <literal>ERRCODE_DATABASE_DROPPED</literal>, rather than - <literal>ERRCODE_ADMIN_SHUTDOWN</literal>, so that connection poolers can - handle the situation correctly. - </para> - </listitem> - - <listitem> - <para> - Prevent intermittent hang in interactions of startup process with - bgwriter process (Simon Riggs) - </para> - - <para> - This affected recovery in non-hot-standby cases. - </para> - </listitem> - - <listitem> - <para> - Disallow including a composite type in itself (Tom Lane) - </para> - - <para> - This prevents scenarios wherein the server could recurse infinitely - while processing the composite type. While there are some possible - uses for such a structure, they don't seem compelling enough to - justify the effort required to make sure it always works safely. - </para> - </listitem> - - <listitem> - <para> - Avoid potential deadlock during catalog cache initialization - (Nikhil Sontakke) - </para> - - <para> - In some cases the cache loading code would acquire share lock on a - system index before locking the index's catalog. This could deadlock - against processes trying to acquire exclusive locks in the other, - more standard order. - </para> - </listitem> - - <listitem> - <para> - Fix dangling-pointer problem in <literal>BEFORE ROW UPDATE</literal> trigger - handling when there was a concurrent update to the target tuple - (Tom Lane) - </para> - - <para> - This bug has been observed to result in intermittent <quote>cannot - extract system attribute from virtual tuple</quote> failures while trying to - do <literal>UPDATE RETURNING ctid</literal>. There is a very small probability - of more serious errors, such as generating incorrect index entries for - the updated tuple. - </para> - </listitem> - - <listitem> - <para> - Disallow <command>DROP TABLE</command> when there are pending deferred trigger - events for the table (Tom Lane) - </para> - - <para> - Formerly the <command>DROP</command> would go through, leading to - <quote>could not open relation with OID nnn</quote> errors when the - triggers were eventually fired. - </para> - </listitem> - - <listitem> - <para> - Allow <quote>replication</quote> as a user name in - <filename>pg_hba.conf</filename> (Andrew Dunstan) - </para> - - <para> - <quote>replication</quote> is special in the database name column, but it - was mistakenly also treated as special in the user name column. - </para> - </listitem> - - <listitem> - <para> - Prevent crash triggered by constant-false WHERE conditions during - GEQO optimization (Tom Lane) - </para> - </listitem> - - <listitem> - <para> - Improve planner's handling of semi-join and anti-join cases - (Tom Lane) - </para> - </listitem> - - <listitem> - <para> - Fix handling of <literal>SELECT FOR UPDATE</literal> in a sub-SELECT - (Tom Lane) - </para> - - <para> - This bug typically led to <quote>cannot extract system attribute from - virtual tuple</quote> errors. - </para> - </listitem> - - <listitem> - <para> - Fix selectivity estimation for text search to account for NULLs - (Jesper Krogh) - </para> - </listitem> - - <listitem> - <para> - Fix get_actual_variable_range() to support hypothetical indexes - injected by an index adviser plugin (Gurjeet Singh) - </para> - </listitem> - - <listitem> - <para> - Fix PL/Python memory leak involving array slices (Daniel Popowich) - </para> - </listitem> - - <listitem> - <para> - Allow <application>libpq</application>'s SSL initialization to succeed when - user's home directory is unavailable (Tom Lane) - </para> - - <para> - If the SSL mode is such that a root certificate file is not required, - there is no need to fail. This change restores the behavior to what - it was in pre-9.0 releases. - </para> - </listitem> - - <listitem> - <para> - Fix <application>libpq</application> to return a useful error message for errors - detected in <function>conninfo_array_parse</function> (Joseph Adams) - </para> - - <para> - A typo caused the library to return NULL, rather than the - <structname>PGconn</structname> structure containing the error message, to the - application. - </para> - </listitem> - - <listitem> - <para> - Fix <application>ecpg</application> preprocessor's handling of float constants - (Heikki Linnakangas) - </para> - </listitem> - - <listitem> - <para> - Fix parallel <application>pg_restore</application> to handle comments on - POST_DATA items correctly (Arnd Hannemann) - </para> - </listitem> - - <listitem> - <para> - Fix <application>pg_restore</application> to cope with long lines (over 1KB) in - TOC files (Tom Lane) - </para> - </listitem> - - <listitem> - <para> - Put in more safeguards against crashing due to division-by-zero - with overly enthusiastic compiler optimization (Aurelien Jarno) - </para> - </listitem> - - <listitem> - <para> - Support use of dlopen() in FreeBSD and OpenBSD on MIPS (Tom Lane) - </para> - - <para> - There was a hard-wired assumption that this system function was not - available on MIPS hardware on these systems. Use a compile-time test - instead, since more recent versions have it. - </para> - </listitem> - - <listitem> - <para> - Fix compilation failures on HP-UX (Heikki Linnakangas) - </para> - </listitem> - - <listitem> - <para> - Avoid crash when trying to write to the Windows console very early - in process startup (Rushabh Lathia) - </para> - </listitem> - - <listitem> - <para> - Support building with MinGW 64 bit compiler for Windows - (Andrew Dunstan) - </para> - </listitem> - - <listitem> - <para> - Fix version-incompatibility problem with <application>libintl</application> on - Windows (Hiroshi Inoue) - </para> - </listitem> - - <listitem> - <para> - Fix usage of <application>xcopy</application> in Windows build scripts to - work correctly under Windows 7 (Andrew Dunstan) - </para> - - <para> - This affects the build scripts only, not installation or usage. - </para> - </listitem> - - <listitem> - <para> - Fix path separator used by <application>pg_regress</application> on Cygwin - (Andrew Dunstan) - </para> - </listitem> - - <listitem> - <para> - Update time zone data files to <application>tzdata</application> release 2011f - for DST law changes in Chile, Cuba, Falkland Islands, Morocco, Samoa, - and Turkey; also historical corrections for South Australia, Alaska, - and Hawaii. - </para> - </listitem> - - </itemizedlist> - - </sect2> - </sect1> - - <sect1 id="release-9-0-3"> - <title>Release 9.0.3</title> - - <formalpara> - <title>Release date:</title> - <para>2011-01-31</para> - </formalpara> - - <para> - This release contains a variety of fixes from 9.0.2. - For information about new features in the 9.0 major release, see - <xref linkend="release-9-0"/>. - </para> - - <sect2> - <title>Migration to Version 9.0.3</title> - - <para> - A dump/restore is not required for those running 9.0.X. - </para> - - </sect2> - - <sect2> - <title>Changes</title> - - <itemizedlist> - - <listitem> - <para> - Before exiting <application>walreceiver</application>, ensure all the received WAL - is fsync'd to disk (Heikki Linnakangas) - </para> - - <para> - Otherwise the standby server could replay some un-synced WAL, conceivably - leading to data corruption if the system crashes just at that point. - </para> - </listitem> - - <listitem> - <para> - Avoid excess fsync activity in <application>walreceiver</application> - (Heikki Linnakangas) - </para> - </listitem> - - <listitem> - <para> - Make <command>ALTER TABLE</command> revalidate uniqueness and exclusion - constraints when needed (Noah Misch) - </para> - - <para> - This was broken in 9.0 by a change that was intended to suppress - revalidation during <command>VACUUM FULL</command> and <command>CLUSTER</command>, - but unintentionally affected <command>ALTER TABLE</command> as well. - </para> - </listitem> - - <listitem> - <para> - Fix EvalPlanQual for <command>UPDATE</command> of an inheritance tree in which - the tables are not all alike (Tom Lane) - </para> - - <para> - Any variation in the table row types (including dropped columns present - in only some child tables) would confuse the EvalPlanQual code, leading - to misbehavior or even crashes. Since EvalPlanQual is only executed - during concurrent updates to the same row, the problem was only seen - intermittently. - </para> - </listitem> - - <listitem> - <para> - Avoid failures when <command>EXPLAIN</command> tries to display a simple-form - <literal>CASE</literal> expression (Tom Lane) - </para> - - <para> - If the <literal>CASE</literal>'s test expression was a constant, the planner - could simplify the <literal>CASE</literal> into a form that confused the - expression-display code, resulting in <quote>unexpected CASE WHEN - clause</quote> errors. - </para> - </listitem> - - <listitem> - <para> - Fix assignment to an array slice that is before the existing range - of subscripts (Tom Lane) - </para> - - <para> - If there was a gap between the newly added subscripts and the first - pre-existing subscript, the code miscalculated how many entries needed - to be copied from the old array's null bitmap, potentially leading to - data corruption or crash. - </para> - </listitem> - - <listitem> - <para> - Avoid unexpected conversion overflow in planner for very distant date - values (Tom Lane) - </para> - - <para> - The <type>date</type> type supports a wider range of dates than can be - represented by the <type>timestamp</type> types, but the planner assumed it - could always convert a date to timestamp with impunity. - </para> - </listitem> - - <listitem> - <para> - Fix PL/Python crash when an array contains null entries (Alex Hunsaker) - </para> - </listitem> - - <listitem> - <para> - Remove <application>ecpg</application>'s fixed length limit for constants defining - an array dimension (Michael Meskes) - </para> - </listitem> - - <listitem> - <para> - Fix erroneous parsing of <type>tsquery</type> values containing - <literal>... & !(subexpression) | ...</literal> (Tom Lane) - </para> - - <para> - Queries containing this combination of operators were not executed - correctly. The same error existed in <filename>contrib/intarray</filename>'s - <type>query_int</type> type and <filename>contrib/ltree</filename>'s - <type>ltxtquery</type> type. - </para> - </listitem> - - <listitem> - <para> - Fix buffer overrun in <filename>contrib/intarray</filename>'s input function - for the <type>query_int</type> type (Apple) - </para> - - <para> - This bug is a security risk since the function's return address could - be overwritten. Thanks to Apple Inc's security team for reporting this - issue and supplying the fix. (CVE-2010-4015) - </para> - </listitem> - - <listitem> - <para> - Fix bug in <filename>contrib/seg</filename>'s GiST picksplit algorithm - (Alexander Korotkov) - </para> - - <para> - This could result in considerable inefficiency, though not actually - incorrect answers, in a GiST index on a <type>seg</type> column. - If you have such an index, consider <command>REINDEX</command>ing it after - installing this update. (This is identical to the bug that was fixed in - <filename>contrib/cube</filename> in the previous update.) - </para> - </listitem> - - </itemizedlist> - - </sect2> - </sect1> - - <sect1 id="release-9-0-2"> - <title>Release 9.0.2</title> - - <formalpara> - <title>Release date:</title> - <para>2010-12-16</para> - </formalpara> - - <para> - This release contains a variety of fixes from 9.0.1. - For information about new features in the 9.0 major release, see - <xref linkend="release-9-0"/>. - </para> - - <sect2> - <title>Migration to Version 9.0.2</title> - - <para> - A dump/restore is not required for those running 9.0.X. - </para> - - </sect2> - - <sect2> - <title>Changes</title> - - <itemizedlist> - - <listitem> - <para> - Force the default - <link linkend="guc-wal-sync-method"><varname>wal_sync_method</varname></link> - to be <literal>fdatasync</literal> on Linux (Tom Lane, Marti Raudsepp) - </para> - - <para> - The default on Linux has actually been <literal>fdatasync</literal> for many - years, but recent kernel changes caused <productname>PostgreSQL</productname> to - choose <literal>open_datasync</literal> instead. This choice did not result - in any performance improvement, and caused outright failures on - certain filesystems, notably <literal>ext4</literal> with the - <literal>data=journal</literal> mount option. - </para> - </listitem> - - <listitem> - <para> - Fix <quote>too many KnownAssignedXids</quote> error during Hot Standby - replay (Heikki Linnakangas) - </para> - </listitem> - - <listitem> - <para> - Fix race condition in lock acquisition during Hot Standby (Simon Riggs) - </para> - </listitem> - - <listitem> - <para> - Avoid unnecessary conflicts during Hot Standby (Simon Riggs) - </para> - - <para> - This fixes some cases where replay was considered to conflict with - standby queries (causing delay of replay or possibly cancellation of - the queries), but there was no real conflict. - </para> - </listitem> - - <listitem> - <para> - Fix assorted bugs in WAL replay logic for GIN indexes (Tom Lane) - </para> - - <para> - This could result in <quote>bad buffer id: 0</quote> failures or - corruption of index contents during replication. - </para> - </listitem> - - <listitem> - <para> - Fix recovery from base backup when the starting checkpoint WAL record - is not in the same WAL segment as its redo point (Jeff Davis) - </para> - </listitem> - - <listitem> - <para> - Fix corner-case bug when streaming replication is enabled immediately - after creating the master database cluster (Heikki Linnakangas) - </para> - </listitem> - - <listitem> - <para> - Fix persistent slowdown of autovacuum workers when multiple workers - remain active for a long time (Tom Lane) - </para> - - <para> - The effective <varname>vacuum_cost_limit</varname> for an autovacuum worker - could drop to nearly zero if it processed enough tables, causing it - to run extremely slowly. - </para> - </listitem> - - <listitem> - <para> - Fix long-term memory leak in autovacuum launcher (Alvaro Herrera) - </para> - </listitem> - - <listitem> - <para> - Avoid failure when trying to report an impending transaction - wraparound condition from outside a transaction (Tom Lane) - </para> - - <para> - This oversight prevented recovery after transaction wraparound got - too close, because database startup processing would fail. - </para> - </listitem> - - <listitem> - <para> - Add support for detecting register-stack overrun on <literal>IA64</literal> - (Tom Lane) - </para> - - <para> - The <literal>IA64</literal> architecture has two hardware stacks. Full - prevention of stack-overrun failures requires checking both. - </para> - </listitem> - - <listitem> - <para> - Add a check for stack overflow in <function>copyObject()</function> (Tom Lane) - </para> - - <para> - Certain code paths could crash due to stack overflow given a - sufficiently complex query. - </para> - </listitem> - - <listitem> - <para> - Fix detection of page splits in temporary GiST indexes (Heikki - Linnakangas) - </para> - - <para> - It is possible to have a <quote>concurrent</quote> page split in a - temporary index, if for example there is an open cursor scanning the - index when an insertion is done. GiST failed to detect this case and - hence could deliver wrong results when execution of the cursor - continued. - </para> - </listitem> - - <listitem> - <para> - Fix error checking during early connection processing (Tom Lane) - </para> - - <para> - The check for too many child processes was skipped in some cases, - possibly leading to postmaster crash when attempting to add the new - child process to fixed-size arrays. - </para> - </listitem> - - <listitem> - <para> - Improve efficiency of window functions (Tom Lane) - </para> - - <para> - Certain cases where a large number of tuples needed to be read in - advance, but <varname>work_mem</varname> was large enough to allow them all - to be held in memory, were unexpectedly slow. - <function>percent_rank()</function>, <function>cume_dist()</function> and - <function>ntile()</function> in particular were subject to this problem. - </para> - </listitem> - - <listitem> - <para> - Avoid memory leakage while <command>ANALYZE</command>'ing complex index - expressions (Tom Lane) - </para> - </listitem> - - <listitem> - <para> - Ensure an index that uses a whole-row Var still depends on its table - (Tom Lane) - </para> - - <para> - An index declared like <literal>create index i on t (foo(t.*))</literal> - would not automatically get dropped when its table was dropped. - </para> - </listitem> - - <listitem> - <para> - Add missing support in <command>DROP OWNED BY</command> for removing foreign - data wrapper/server privileges belonging to a user (Heikki Linnakangas) - </para> - </listitem> - - <listitem> - <para> - Do not <quote>inline</quote> a SQL function with multiple <literal>OUT</literal> - parameters (Tom Lane) - </para> - - <para> - This avoids a possible crash due to loss of information about the - expected result rowtype. - </para> - </listitem> - - <listitem> - <para> - Fix crash when inline-ing a set-returning function whose argument list - contains a reference to an inline-able user function (Tom Lane) - </para> - </listitem> - - <listitem> - <para> - Behave correctly if <literal>ORDER BY</literal>, <literal>LIMIT</literal>, - <literal>FOR UPDATE</literal>, or <literal>WITH</literal> is attached to the - <literal>VALUES</literal> part of <literal>INSERT ... VALUES</literal> (Tom Lane) - </para> - </listitem> - - <listitem> - <para> - Make the <literal>OFF</literal> keyword unreserved (Heikki Linnakangas) - </para> - - <para> - This prevents problems with using <literal>off</literal> as a variable name in - <application>PL/pgSQL</application>. That worked before 9.0, but was now broken - because <application>PL/pgSQL</application> now treats all core reserved words - as reserved. - </para> - </listitem> - - <listitem> - <para> - Fix constant-folding of <literal>COALESCE()</literal> expressions (Tom Lane) - </para> - - <para> - The planner would sometimes attempt to evaluate sub-expressions that - in fact could never be reached, possibly leading to unexpected errors. - </para> - </listitem> - - <listitem> - <para> - Fix <quote>could not find pathkey item to sort</quote> planner failure - with comparison of whole-row Vars (Tom Lane) - </para> - </listitem> - - <listitem> - <para> - Fix postmaster crash when connection acceptance - (<function>accept()</function> or one of the calls made immediately after it) - fails, and the postmaster was compiled with GSSAPI support (Alexander - Chernikov) - </para> - </listitem> - - <listitem> - <para> - Retry after receiving an invalid response packet from a RADIUS - authentication server (Magnus Hagander) - </para> - - <para> - This fixes a low-risk potential denial of service condition. - </para> - </listitem> - - <listitem> - <para> - Fix missed unlink of temporary files when <varname>log_temp_files</varname> - is active (Tom Lane) - </para> - - <para> - If an error occurred while attempting to emit the log message, the - unlink was not done, resulting in accumulation of temp files. - </para> - </listitem> - - <listitem> - <para> - Add print functionality for <structname>InhRelation</structname> nodes (Tom Lane) - </para> - - <para> - This avoids a failure when <varname>debug_print_parse</varname> is enabled - and certain types of query are executed. - </para> - </listitem> - - <listitem> - <para> - Fix incorrect calculation of distance from a point to a horizontal - line segment (Tom Lane) - </para> - - <para> - This bug affected several different geometric distance-measurement - operators. - </para> - </listitem> - - <listitem> - <para> - Fix incorrect calculation of transaction status in - <application>ecpg</application> (Itagaki Takahiro) - </para> - </listitem> - - <listitem> - <para> - Fix errors in <application>psql</application>'s Unicode-escape support (Tom Lane) - </para> - </listitem> - - <listitem> - <para> - Speed up parallel <application>pg_restore</application> when the archive - contains many large objects (blobs) (Tom Lane) - </para> - </listitem> - - <listitem> - <para> - Fix <application>PL/pgSQL</application>'s handling of <quote>simple</quote> - expressions to not fail in recursion or error-recovery cases (Tom Lane) - </para> - </listitem> - - <listitem> - <para> - Fix <application>PL/pgSQL</application>'s error reporting for no-such-column - cases (Tom Lane) - </para> - - <para> - As of 9.0, it would sometimes report <quote>missing FROM-clause entry - for table foo</quote> when <quote>record foo has no field bar</quote> would be - more appropriate. - </para> - </listitem> - - <listitem> - <para> - Fix <application>PL/Python</application> to honor typmod (i.e., length or - precision restrictions) when assigning to tuple fields (Tom Lane) - </para> - - <para> - This fixes a regression from 8.4. - </para> - </listitem> - - <listitem> - <para> - Fix <application>PL/Python</application>'s handling of set-returning functions - (Jan Urbanski) - </para> - - <para> - Attempts to call SPI functions within the iterator generating a set - result would fail. - </para> - </listitem> - - <listitem> - <para> - Fix bug in <filename>contrib/cube</filename>'s GiST picksplit algorithm - (Alexander Korotkov) - </para> - - <para> - This could result in considerable inefficiency, though not actually - incorrect answers, in a GiST index on a <type>cube</type> column. - If you have such an index, consider <command>REINDEX</command>ing it after - installing this update. - </para> - </listitem> - - <listitem> - <para> - Don't emit <quote>identifier will be truncated</quote> notices in - <filename>contrib/dblink</filename> except when creating new connections - (Itagaki Takahiro) - </para> - </listitem> - - <listitem> - <para> - Fix potential coredump on missing public key in - <filename>contrib/pgcrypto</filename> (Marti Raudsepp) - </para> - </listitem> - - <listitem> - <para> - Fix buffer overrun in <filename>contrib/pg_upgrade</filename> (Hernan Gonzalez) - </para> - </listitem> - - <listitem> - <para> - Fix memory leak in <filename>contrib/xml2</filename>'s XPath query functions - (Tom Lane) - </para> - </listitem> - - <listitem> - <para> - Update time zone data files to <application>tzdata</application> release 2010o - for DST law changes in Fiji and Samoa; - also historical corrections for Hong Kong. - </para> - </listitem> - - </itemizedlist> - - </sect2> - </sect1> - - <sect1 id="release-9-0-1"> - <title>Release 9.0.1</title> - - <formalpara> - <title>Release date:</title> - <para>2010-10-04</para> - </formalpara> - - <para> - This release contains a variety of fixes from 9.0.0. - For information about new features in the 9.0 major release, see - <xref linkend="release-9-0"/>. - </para> - - <sect2> - <title>Migration to Version 9.0.1</title> - - <para> - A dump/restore is not required for those running 9.0.X. - </para> - - </sect2> - - <sect2> - <title>Changes</title> - - <itemizedlist> - - <listitem> - <para> - Use a separate interpreter for each calling SQL userid in PL/Perl and - PL/Tcl (Tom Lane) - </para> - - <para> - This change prevents security problems that can be caused by subverting - Perl or Tcl code that will be executed later in the same session under - another SQL user identity (for example, within a <literal>SECURITY - DEFINER</literal> function). Most scripting languages offer numerous ways that - that might be done, such as redefining standard functions or operators - called by the target function. Without this change, any SQL user with - Perl or Tcl language usage rights can do essentially anything with the - SQL privileges of the target function's owner. - </para> - - <para> - The cost of this change is that intentional communication among Perl - and Tcl functions becomes more difficult. To provide an escape hatch, - PL/PerlU and PL/TclU functions continue to use only one interpreter - per session. This is not considered a security issue since all such - functions execute at the trust level of a database superuser already. - </para> - - <para> - It is likely that third-party procedural languages that claim to offer - trusted execution have similar security issues. We advise contacting - the authors of any PL you are depending on for security-critical - purposes. - </para> - - <para> - Our thanks to Tim Bunce for pointing out this issue (CVE-2010-3433). - </para> - </listitem> - - <listitem> - <para> - Improve <function>pg_get_expr()</function> security fix so that the function - can still be used on the output of a sub-select (Tom Lane) - </para> - </listitem> - - <listitem> - <para> - Fix incorrect placement of placeholder evaluation (Tom Lane) - </para> - - <para> - This bug could result in query outputs being non-null when they - should be null, in cases where the inner side of an outer join - is a sub-select with non-strict expressions in its output list. - </para> - </listitem> - - <listitem> - <para> - Fix join removal's handling of placeholder expressions (Tom Lane) - </para> - </listitem> - - <listitem> - <para> - Fix possible duplicate scans of <literal>UNION ALL</literal> member relations - (Tom Lane) - </para> - </listitem> - - <listitem> - <para> - Prevent infinite loop in ProcessIncomingNotify() after unlistening - (Jeff Davis) - </para> - </listitem> - - <listitem> - <para> - Prevent show_session_authorization() from crashing within autovacuum - processes (Tom Lane) - </para> - </listitem> - - <listitem> - <para> - Re-allow input of Julian dates prior to 0001-01-01 AD (Tom Lane) - </para> - - <para> - Input such as <literal>'J100000'::date</literal> worked before 8.4, - but was unintentionally broken by added error-checking. - </para> - </listitem> - - <listitem> - <para> - Make psql recognize <command>DISCARD ALL</command> as a command that should - not be encased in a transaction block in autocommit-off mode - (Itagaki Takahiro) - </para> - </listitem> - - <listitem> - <para> - Update build infrastructure and documentation to reflect the source code - repository's move from CVS to Git (Magnus Hagander and others) - </para> - </listitem> - - </itemizedlist> - - </sect2> - </sect1> - - <sect1 id="release-9-0"> - <title>Release 9.0</title> - - <formalpara> - <title>Release date:</title> - <para>2010-09-20</para> - </formalpara> - - <sect2> - <title>Overview</title> - - <para> - This release of - <productname>PostgreSQL</productname> adds features that have been requested - for years, such as easy-to-use replication, a mass permission-changing - facility, and anonymous code blocks. While past major releases have - been conservative in their scope, this release shows a - bold new desire to provide facilities that new and existing - users of <productname>PostgreSQL</productname> will embrace. This has all - been done with few incompatibilities. Major enhancements include: - </para> - - <itemizedlist> - - <!-- This list duplicates items below, but without authors or details--> - - <listitem> - - <para> - Built-in replication based on log shipping. This advance consists of - two features: Streaming Replication, allowing continuous archive - (<acronym>WAL</acronym>) files to be streamed over a network connection to a - standby server, and Hot Standby, allowing continuous archive standby - servers to execute read-only queries. The net effect is to support a - single master with multiple read-only slave servers. - </para> - </listitem> - - <listitem> - <para> - Easier database object permissions management. <link - linkend="sql-grant"><command>GRANT</command>/<command>REVOKE IN - SCHEMA</command></link> supports mass permissions changes on existing objects, - while <link linkend="sql-alterdefaultprivileges"><command>ALTER DEFAULT - PRIVILEGES</command></link> allows control of privileges for objects created in - the future. Large objects (BLOBs) now support permissions management as - well. - </para> - </listitem> - - <listitem> - <para> - Broadly enhanced stored procedure support. - The <link linkend="sql-do"><command>DO</command></link> statement supports - ad-hoc or <quote>anonymous</quote> code blocks. - Functions can now be called using named parameters. - <link linkend="plpgsql">PL/pgSQL</link> is now installed by default, and - <link linkend="plperl">PL/Perl</link> and <link - linkend="plpython">PL/Python</link> have been enhanced in several ways, - including support for Python3. - </para> - </listitem> - - <listitem> - <para> - Full support for <link linkend="install-windows">64-bit - <productname>Windows</productname></link>. - </para> - </listitem> - - <listitem> - <para> - More advanced reporting queries, including additional windowing options - (<literal>PRECEDING</literal> and <literal>FOLLOWING</literal>) and the ability to - control the order in which values are fed to aggregate functions. - </para> - </listitem> - - <listitem> - <para> - New trigger features, including - SQL-standard-compliant <link - linkend="sql-createtrigger">per-column triggers</link> and - conditional trigger execution. - </para> - </listitem> - - <listitem> - <para> - <link linkend="sql-createtable-compatibility">Deferrable - unique constraints</link>. Mass updates to unique keys are now possible - without trickery. - </para> - </listitem> - - <listitem> - <para> - <link linkend="ddl-constraints-exclusion">Exclusion constraints</link>. - These provide a generalized version of unique constraints, allowing - enforcement of complex conditions. - </para> - </listitem> - - <listitem> - <para> - New and enhanced security features, including RADIUS authentication, - LDAP authentication improvements, and a new contrib module - <link linkend="passwordcheck"><filename>passwordcheck</filename></link> - for testing password strength. - </para> - </listitem> - - <listitem> - <para> - New high-performance implementation of the - <link linkend="sql-listen"><command>LISTEN</command></link>/<link - linkend="sql-notify"><command>NOTIFY</command></link> feature. - Pending events are now stored in a memory-based queue rather than - a table. Also, a <quote>payload</quote> string can be sent with each - event, rather than transmitting just an event name as before. - </para> - </listitem> - - <listitem> - <para> - New implementation of - <link linkend="sql-vacuum"><command>VACUUM FULL</command></link>. - This command now rewrites the entire table and indexes, rather than - moving individual rows to compact space. It is substantially faster - in most cases, and no longer results in index bloat. - </para> - </listitem> - - <listitem> - <para> - New contrib module - <link linkend="pgupgrade"><filename>pg_upgrade</filename></link> - to support in-place upgrades from 8.3 or 8.4 to 9.0. - </para> - </listitem> - - <listitem> - <para> - Multiple performance enhancements for specific types of queries, - including elimination of unnecessary joins. This helps optimize some - automatically-generated queries, such as those produced by - object-relational mappers (ORMs). - </para> - </listitem> - - <listitem> - <para> - <link linkend="sql-explain"><command>EXPLAIN</command></link> enhancements. - The output is now available in JSON, XML, or YAML format, and includes - buffer utilization and other data not previously available. - </para> - </listitem> - - <listitem> - <para> - <link linkend="hstore"><filename>hstore</filename></link> improvements, - including new functions and greater data capacity. - </para> - </listitem> - - </itemizedlist> - - <para> - The above items are explained in more detail in the sections below. - </para> - - </sect2> - - <sect2> - - <title>Migration to Version 9.0</title> - - <para> - A dump/restore using <application>pg_dump</application>, - or use of <application>pg_upgrade</application>, is required - for those wishing to migrate data from any previous - release. - </para> - - <para> - Version 9.0 contains a number of changes that selectively break backwards - compatibility in order to support new features and code quality - improvements. In particular, users who make extensive use of PL/pgSQL, - Point-In-Time Recovery (PITR), or Warm Standby should test their - applications because of slight user-visible changes in those areas. - Observe the following incompatibilities: - </para> - - <sect3> - <title>Server Settings</title> - - <itemizedlist> - - <listitem> - <para> - Remove server parameter <varname>add_missing_from</varname>, which was - defaulted to off for many years (Tom Lane) - </para> - </listitem> - - <listitem> - <para> - Remove server parameter <varname>regex_flavor</varname>, which - was defaulted to <link - linkend="posix-syntax-details"><literal>advanced</literal></link> - for many years (Tom Lane) - </para> - </listitem> - - <listitem> - <para> - <link linkend="guc-archive-mode"><varname>archive_mode</varname></link> - now only affects <link - linkend="guc-archive-command"><varname>archive_command</varname></link>; - a new setting, <link - linkend="guc-wal-level"><varname>wal_level</varname></link>, affects - the contents of the write-ahead log (Heikki Linnakangas) - </para> - </listitem> - - <listitem> - <para> - <link linkend="guc-log-temp-files"><varname>log_temp_files</varname></link> - now uses default file size units of kilobytes (Robert Haas) - </para> - </listitem> - - </itemizedlist> - - </sect3> - - <sect3> - <title>Queries</title> - - <itemizedlist> - - <listitem> - <para> - When querying a <link linkend="ddl-inherit">parent table</link>, - do not do any separate permission checks on child tables - scanned as part of the query (Peter Eisentraut) - </para> - - <para> - The SQL standard specifies this behavior, and it is also much more - convenient in practice than the former behavior of checking permissions - on each child as well as the parent. - </para> - </listitem> - - </itemizedlist> - - </sect3> - - <sect3> - <title>Data Types</title> - - <itemizedlist> - - <listitem> - <para> - <link linkend="datatype-binary"><type>bytea</type></link> output now - appears in hex format by default (Peter Eisentraut) - </para> - - <para> - The server parameter <link - linkend="guc-bytea-output"><varname>bytea_output</varname></link> can be - used to select the traditional output format if needed for - compatibility. - </para> - </listitem> - - <listitem> - <para> - Array input now considers only plain ASCII whitespace characters - to be potentially ignorable; it will never ignore non-ASCII characters, - even if they are whitespace according to some locales (Tom Lane) - </para> - - <para> - This avoids some corner cases where array values could be interpreted - differently depending on the server's locale settings. - </para> - </listitem> - - <listitem> - <para> - Improve standards compliance of <link - linkend="functions-similarto-regexp"><literal>SIMILAR TO</literal></link> - patterns and SQL-style <function>substring()</function> patterns (Tom Lane) - </para> - - <para> - This includes treating <literal>?</literal> and <literal>{...}</literal> as - pattern metacharacters, while they were simple literal characters - before; that corresponds to new features added in SQL:2008. - Also, <literal>^</literal> and <literal>$</literal> are now treated as simple - literal characters; formerly they were treated as metacharacters, - as if the pattern were following POSIX rather than SQL rules. - Also, in SQL-standard <function>substring()</function>, use of parentheses - for nesting no longer interferes with capturing of a substring. - Also, processing of bracket expressions (character classes) is - now more standards-compliant. - </para> - </listitem> - - <listitem> - <para> - Reject negative length values in 3-parameter <link - linkend="functions-string-sql"><function>substring()</function></link> - for bit strings, per the SQL standard (Tom Lane) - </para> - </listitem> - - <listitem> - <para> - Make <function>date_trunc</function> truncate rather than round when reducing - precision of fractional seconds (Tom Lane) - </para> - - <para> - The code always acted this way for integer-based dates/times. - Now float-based dates/times behave similarly. - </para> - </listitem> - - </itemizedlist> - - </sect3> - - <sect3> - <title>Object Renaming</title> - - <itemizedlist> - - <listitem> - <para> - Tighten enforcement of column name consistency during <command>RENAME</command> - when a child table inherits the same column from multiple unrelated - parents (KaiGai Kohei) - </para> - </listitem> - - <listitem> - <para> - No longer automatically rename indexes and index columns when the - underlying table columns are renamed (Tom Lane) - </para> - - <para> - Administrators can still rename such indexes and columns manually. - This change will require an update of the JDBC driver, and possibly other - drivers, so that unique indexes are correctly recognized after a rename. - </para> - </listitem> - - <listitem> - <para> - <command>CREATE OR REPLACE FUNCTION</command> can no longer change - the declared names of function parameters (Pavel Stehule) - </para> - - <para> - In order to avoid creating ambiguity in named-parameter calls, it is - no longer allowed to change the aliases for input parameters - in the declaration of an existing function (although names can still - be assigned to previously unnamed parameters). You now have to - <command>DROP</command> and recreate the function to do that. - </para> - </listitem> - - </itemizedlist> - - </sect3> - - <sect3> - <title>PL/pgSQL</title> - - <itemizedlist> - - <listitem> - <para> - PL/pgSQL now throws an error if a variable name conflicts with a - column name used in a query (Tom Lane) - </para> - - <para> - The former behavior was to bind ambiguous names to PL/pgSQL variables - in preference to query columns, which often resulted in surprising - misbehavior. Throwing an error allows easy detection of ambiguous - situations. Although it's recommended that functions encountering this - type of error be modified to remove the conflict, the old behavior can - be restored if necessary via the configuration parameter <link - linkend="plpgsql-var-subst"><varname>plpgsql.variable_conflict</varname></link>, - or via the per-function option <literal>#variable_conflict</literal>. - </para> - </listitem> - - <listitem> - <para> - PL/pgSQL no longer allows variable names that match certain SQL - reserved words (Tom Lane) - </para> - - <para> - This is a consequence of aligning the PL/pgSQL parser to match the - core SQL parser more closely. If necessary, - variable names can be double-quoted to avoid this restriction. - </para> - </listitem> - - <listitem> - <para> - PL/pgSQL now requires columns of composite results to match the - expected type modifier as well as base type (Pavel Stehule, Tom Lane) - </para> - - <para> - For example, if a column of the result type is declared as - <literal>NUMERIC(30,2)</literal>, it is no longer acceptable to return a - <literal>NUMERIC</literal> of some other precision in that column. Previous - versions neglected to check the type modifier and would thus allow - result rows that didn't actually conform to the declared restrictions. - </para> - </listitem> - - <listitem> - <para> - PL/pgSQL now treats selection into composite fields more consistently - (Tom Lane) - </para> - - <para> - Formerly, a statement like - <literal>SELECT ... INTO <replaceable>rec</replaceable>.<replaceable>fld</replaceable> FROM ...</literal> - was treated as a scalar assignment even if the record field - <replaceable>fld</replaceable> was of composite type. Now it is treated as a - record assignment, the same as when the <literal>INTO</literal> target is a - regular variable of composite type. So the values to be assigned to the - field's subfields should be written as separate columns of the - <command>SELECT</command> list, not as a <literal>ROW(...)</literal> construct as in - previous versions. - </para> - - <para> - If you need to do this in a way that will work in both 9.0 and previous - releases, you can write something like - <literal><replaceable>rec</replaceable>.<replaceable>fld</replaceable> := ROW(...) FROM ...</literal>. - </para> - </listitem> - - <listitem> - <para> - Remove PL/pgSQL's <literal>RENAME</literal> declaration (Tom Lane) - </para> - - <para> - Instead of <literal>RENAME</literal>, use <link - linkend="plpgsql-declaration-alias"><literal>ALIAS</literal></link>, - which can now create an alias for any variable, not only dollar sign - parameter names (such as <literal>$1</literal>) as before. - </para> - </listitem> - </itemizedlist> - - </sect3> - - <sect3> - <title>Other Incompatibilities</title> - - <itemizedlist> - - <listitem> - <para> - Deprecate use of <literal>=></literal> as an operator name (Robert Haas) - </para> - - <para> - Future versions of <productname>PostgreSQL</productname> will probably reject - this operator name entirely, in order to support the SQL-standard - notation for named function parameters. For the moment, it is - still allowed, but a warning is emitted when such an operator is - defined. - </para> - </listitem> - - <listitem> - <para> - Remove support for platforms that don't have a working 64-bit - integer data type (Tom Lane) - </para> - - <para> - It is believed all still-supported platforms have working 64-bit - integer data types. - </para> - </listitem> - - </itemizedlist> - </sect3> - </sect2> - - <sect2> - <title>Changes</title> - <para> - Version 9.0 has an unprecedented number of new major features, - and over 200 enhancements, improvements, new commands, - new functions, and other changes. - </para> - - <sect3> - <title>Server</title> - - <sect4> - <title>Continuous Archiving and Streaming Replication</title> - - <para> - PostgreSQL's existing standby-server capability has been expanded both to - support read-only queries on standby servers and to greatly reduce - the lag between master and standby servers. For many users, this - will be a useful and low-administration form of replication, either - for high availability or for horizontal scalability. - </para> - - <itemizedlist> - <listitem> - <para> - Allow a standby server to accept read-only queries - (Simon Riggs, Heikki Linnakangas) - </para> - - <para> - This feature is called Hot Standby. There are new - <filename>postgresql.conf</filename> and <filename>recovery.conf</filename> - settings to control this feature, as well as extensive - <link linkend="hot-standby">documentation</link>. - </para> - </listitem> - - <listitem> - <para> - Allow write-ahead log (<acronym>WAL</acronym>) data to be streamed to a - standby server (Fujii Masao, Heikki Linnakangas) - </para> - - <para> - This feature is called Streaming Replication. - Previously <acronym>WAL</acronym> data could be sent to standby servers only - in units of entire <acronym>WAL</acronym> files (normally 16 megabytes each). - Streaming Replication eliminates this inefficiency and allows updates - on the master to be propagated to standby servers with very little - delay. There are new <filename>postgresql.conf</filename> and - <filename>recovery.conf</filename> settings to control this feature, as well as - extensive <link linkend="streaming-replication">documentation</link>. - </para> - </listitem> - - <listitem> - <para> - Add <link - linkend="functions-recovery-info-table"><function>pg_last_xlog_receive_location()</function></link> - and <function>pg_last_xlog_replay_location()</function>, which - can be used to monitor standby server <acronym>WAL</acronym> - activity (Simon Riggs, Fujii Masao, Heikki Linnakangas) - </para> - </listitem> - - </itemizedlist> - - </sect4> - - <sect4> - <title>Performance</title> - - <itemizedlist> - - <listitem> - <para> - Allow per-tablespace values to be set for sequential and random page - cost estimates (<varname>seq_page_cost</varname>/<varname>random_page_cost</varname>) - via <link linkend="sql-altertablespace"><command>ALTER TABLESPACE - ... SET/RESET</command></link> (Robert Haas) - </para> - </listitem> - - <listitem> - <para> - Improve performance and reliability of EvalPlanQual rechecks in join - queries (Tom Lane) - </para> - - <para> - <command>UPDATE</command>, <command>DELETE</command>, and <command>SELECT FOR - UPDATE/SHARE</command> queries that involve joins will now behave much better - when encountering freshly-updated rows. - </para> - </listitem> - - <listitem> - <para> - Improve performance of <link - linkend="sql-truncate"><command>TRUNCATE</command></link> when - the table was created or truncated earlier in the same transaction - (Tom Lane) - </para> - </listitem> - - <listitem> - <para> - Improve performance of finding inheritance child tables (Tom Lane) - </para> - </listitem> - - </itemizedlist> - - </sect4> - - <sect4> - <title>Optimizer</title> - - <itemizedlist> - - <listitem> - <para> - Remove unnecessary <link linkend="queries-join">outer - joins</link> (Robert Haas) - </para> - - <para> - Outer joins where the inner side is unique and not referenced above - the join are unnecessary and are therefore now removed. This will - accelerate many automatically generated queries, such as those created - by object-relational mappers (ORMs). - </para> - </listitem> - - <listitem> - <para> - Allow <literal>IS NOT NULL</literal> restrictions to use indexes (Tom Lane) - </para> - - <para> - This is particularly useful for finding - <function>MAX()</function>/<function>MIN()</function> values in indexes that - contain many null values. - </para> - </listitem> - - <listitem> - <para> - Improve the optimizer's choices about when to use materialize nodes, - and when to use sorting versus hashing for <literal>DISTINCT</literal> - (Tom Lane) - </para> - </listitem> - - <listitem> - <para> - Improve the optimizer's equivalence detection for expressions involving - <type>boolean</type> <literal><></literal> operators (Tom Lane) - </para> - </listitem> - </itemizedlist> - </sect4> - - <sect4> - <title><link linkend="geqo">GEQO</link></title> - - <itemizedlist> - - <listitem> - <para> - Use the same random seed every time GEQO plans a query (Andres - Freund) - </para> - - <para> - While the Genetic Query Optimizer (GEQO) still selects - random plans, it now always selects the same random plans for identical - queries, thus giving more consistent performance. You can modify <link - linkend="guc-geqo-seed"><varname>geqo_seed</varname></link> to experiment with - alternative plans. - </para> - </listitem> - - <listitem> - <para> - Improve GEQO plan selection (Tom Lane) - </para> - - <para> - This avoids the rare error <quote>failed to make a valid plan</quote>, - and should also improve planning speed. - </para> - </listitem> - - </itemizedlist> - - </sect4> - - <sect4> - <title>Optimizer Statistics</title> - - <itemizedlist> - - <listitem> - <para> - Improve <link linkend="sql-analyze"><command>ANALYZE</command></link> - to support inheritance-tree statistics (Tom Lane) - </para> - - <para> - This is particularly useful for partitioned tables. However, - autovacuum does not yet automatically re-analyze parent tables - when child tables change. - </para> - </listitem> - - <listitem> - <para> - Improve <link linkend="routine-vacuuming">autovacuum</link>'s - detection of when re-analyze is necessary (Tom Lane) - </para> - </listitem> - - <listitem> - <para> - Improve optimizer's estimation for greater/less-than comparisons - (Tom Lane) - </para> - - <para> - When looking up statistics for greater/less-than comparisons, - if the comparison value is in the first or last histogram bucket, - use an index (if available) to fetch the current actual column - minimum or maximum. This greatly improves the accuracy of estimates - for comparison values near the ends of the data range, particularly - if the range is constantly changing due to addition of new data. - </para> - </listitem> - - <listitem> - <para> - Allow setting of number-of-distinct-values statistics using <link - linkend="sql-altertable"><command>ALTER TABLE</command></link> - (Robert Haas) - </para> - - <para> - This allows users to override the estimated number or percentage of - distinct values for a column. This statistic is normally computed by - <command>ANALYZE</command>, but the estimate can be poor, especially on tables - with very large numbers of rows. - </para> - </listitem> - - </itemizedlist> - - </sect4> - - <sect4> - <title>Authentication</title> - - <itemizedlist> - - <listitem> - <para> - Add support for <link - linkend="auth-radius"><acronym>RADIUS</acronym></link> (Remote - Authentication Dial In User Service) authentication - (Magnus Hagander) - </para> - </listitem> - - <listitem> - <para> - Allow <link linkend="auth-ldap"><acronym>LDAP</acronym></link> - (Lightweight Directory Access Protocol) authentication - to operate in <quote>search/bind</quote> mode - (Robert Fleming, Magnus Hagander) - </para> - - <para> - This allows the user to be looked up first, then the system uses - the <acronym>DN</acronym> (Distinguished Name) returned for that user. - </para> - </listitem> - - <listitem> - <para> - Add <link - linkend="auth-pg-hba-conf"><literal>samehost</literal></link> - and <literal>samenet</literal> designations to - <filename>pg_hba.conf</filename> (Stef Walter) - </para> - - <para> - These match the server's <acronym>IP</acronym> address and subnet address - respectively. - </para> - </listitem> - - <listitem> - <para> - Pass trusted SSL root certificate names to the client so the client - can return an appropriate client certificate (Craig Ringer) - </para> - </listitem> - - </itemizedlist> - - </sect4> - - <sect4> - <title>Monitoring</title> - - <itemizedlist> - - <listitem> - <para> - Add the ability for clients to set an <link - linkend="libpq-connect-application-name">application - name</link>, which is displayed in - <structname>pg_stat_activity</structname> (Dave Page) - </para> - - <para> - This allows administrators to characterize database traffic - and troubleshoot problems by source application. - </para> - </listitem> - - <listitem> - <para> - Add a SQLSTATE option (<literal>%e</literal>) to <link - linkend="guc-log-line-prefix"><varname>log_line_prefix</varname></link> - (Guillaume Smet) - </para> - - <para> - This allows users to compile statistics on errors and messages - by error code number. - </para> - - </listitem> - - <listitem> - <para> - Write to the Windows event log in <acronym>UTF16</acronym> encoding - (Itagaki Takahiro) - </para> - - <para> - Now there is true multilingual support for PostgreSQL log messages - on Windows. - </para> - </listitem> - - </itemizedlist> - - </sect4> - - <sect4> - <title>Statistics Counters</title> - - <itemizedlist> - - <listitem> - <para> - Add <link - linkend="monitoring-stats-funcs-table"><function>pg_stat_reset_shared('bgwriter')</function></link> - to reset the cluster-wide shared statistics for the - background writer (Greg Smith) - </para> - </listitem> - - <listitem> - <para> - Add <link - linkend="monitoring-stats-funcs-table"><function>pg_stat_reset_single_table_counters()</function></link> - and <function>pg_stat_reset_single_function_counters()</function> - to allow resetting the statistics counters for individual - tables and functions (Magnus Hagander) - </para> - </listitem> - - </itemizedlist> - - </sect4> - - <sect4> - <title>Server Settings</title> - - <itemizedlist> - - <listitem> - <para> - Allow setting of configuration parameters based on <link - linkend="sql-alterrole">database/role combinations</link> - (Alvaro Herrera) - </para> - - <para> - Previously only per-database and per-role settings were possible, - not combinations. All role and database settings are now stored - in the new <structname>pg_db_role_setting</structname> system catalog. A new - <application>psql</application> command <literal>\drds</literal> shows these settings. - The legacy system views <structname>pg_roles</structname>, - <structname>pg_shadow</structname>, and <structname>pg_user</structname> - do not show combination settings, and therefore no longer - completely represent the configuration for a user or database. - </para> - </listitem> - - <listitem> - <para> - Add server parameter <link - linkend="guc-bonjour"><varname>bonjour</varname></link>, which - controls whether a Bonjour-enabled server advertises - itself via <productname>Bonjour</productname> (Tom Lane) - </para> - - <para> - The default is off, meaning it does not advertise. This allows - packagers to distribute Bonjour-enabled builds without worrying - that individual users might not want the feature. - </para> - </listitem> - - <listitem> - <para> - Add server parameter <link - linkend="guc-enable-material"><varname>enable_material</varname></link>, which - controls the use of materialize nodes in the optimizer - (Robert Haas) - </para> - - <para> - The default is on. When off, the optimizer will not add - materialize nodes purely for performance reasons, though they - will still be used when necessary for correctness. - </para> - </listitem> - - <listitem> - <para> - Change server parameter <link - linkend="guc-log-temp-files"><varname>log_temp_files</varname></link> to - use default file size units of kilobytes (Robert Haas) - </para> - - <para> - Previously this setting was interpreted in bytes if no units were - specified. - </para> - </listitem> - - <listitem> - <para> - Log changes of parameter values when <filename>postgresql.conf</filename> is - reloaded (Peter Eisentraut) - </para> - - <para> - This lets administrators and security staff audit changes of database - settings, and is also very convenient for checking the effects of - <filename>postgresql.conf</filename> edits. - </para> - </listitem> - - <listitem> - <para> - Properly enforce superuser permissions for custom server parameters - (Tom Lane) - </para> - - <para> - Non-superusers can no longer issue <command>ALTER - ROLE</command>/<command>DATABASE SET</command> for parameters that are not currently - known to the server. This allows the server to correctly check that - superuser-only parameters are only set by superusers. Previously, - the <literal>SET</literal> would be allowed and then ignored at session start, - making superuser-only custom parameters much less useful than they - should be. - </para> - </listitem> - - </itemizedlist> - - </sect4> - - </sect3> - - <sect3> - <title>Queries</title> - - <itemizedlist> - - <listitem> - <para> - Perform <link linkend="sql-for-update-share"><command>SELECT - FOR UPDATE</command>/<literal>SHARE</literal></link> processing after - applying <literal>LIMIT</literal>, so the number of rows returned - is always predictable (Tom Lane) - </para> - - <para> - Previously, changes made by concurrent transactions could cause a - <command>SELECT FOR UPDATE</command> to unexpectedly return fewer rows than - specified by its <literal>LIMIT</literal>. <literal>FOR UPDATE</literal> in combination - with <literal>ORDER BY</literal> can still produce surprising results, but that - can be corrected by placing <literal>FOR UPDATE</literal> in a subquery. - </para> - </listitem> - - <listitem> - <para> - Allow mixing of traditional and SQL-standard <link - linkend="sql-limit"><literal>LIMIT</literal>/<literal>OFFSET</literal></link> - syntax (Tom Lane) - </para> - </listitem> - - <listitem> - <para> - Extend the supported frame options in <link - linkend="sql-window">window functions</link> (Hitoshi - Harada) - </para> - - <para> - Frames can now start with <literal>CURRENT ROW</literal>, and the <literal>ROWS - <replaceable>n</replaceable> PRECEDING</literal>/<literal>FOLLOWING</literal> options are now - supported. - </para> - </listitem> - - <listitem> - <para> - Make <command>SELECT INTO</command> and <command>CREATE TABLE AS</command> return - row counts to the client in their command tags - (Boszormenyi Zoltan) - </para> - - <para> - This can save an entire round-trip to the client, allowing result counts - and pagination to be calculated without an additional - <command>COUNT</command> query. - </para> - </listitem> - - </itemizedlist> - - <sect4> - <title>Unicode Strings</title> - - <itemizedlist> - - <listitem> - <para> - Support Unicode surrogate pairs (dual 16-bit representation) in - <link - linkend="sql-syntax-strings-uescape"><literal>U&</literal></link> - strings and identifiers (Peter Eisentraut) - </para> - </listitem> - - <listitem> - <para> - Support Unicode escapes in <link - linkend="sql-syntax-strings-escape"><literal>E'...'</literal></link> - strings (Marko Kreen) - </para> - </listitem> - - </itemizedlist> - - </sect4> - - </sect3> - - <sect3> - <title>Object Manipulation</title> - - <itemizedlist> - - <listitem> - <para> - Speed up <link linkend="sql-createdatabase"><command>CREATE - DATABASE</command></link> by deferring flushes to disk (Andres - Freund, Greg Stark) - </para> - </listitem> - - <listitem> - <para> - Allow <link linkend="sql-comment">comments</link> on - columns of tables, views, and composite types only, not other - relation types such as indexes and <acronym>TOAST</acronym> tables (Tom Lane) - </para> - </listitem> - - <listitem> - <para> - Allow the creation of <link - linkend="sql-createtype-enum">enumerated types</link> containing - no values (Bruce Momjian) - </para> - </listitem> - - <listitem> - <para> - Let values of columns having storage type <literal>MAIN</literal> remain on - the main heap page unless the row cannot fit on a page (Kevin Grittner) - </para> - - <para> - Previously <literal>MAIN</literal> values were forced out to <acronym>TOAST</acronym> - tables until the row size was less than one-quarter of the page size. - </para> - </listitem> - - </itemizedlist> - - <sect4> - <title><command>ALTER TABLE</command></title> - - <itemizedlist> - - <listitem> - <para> - Implement <literal>IF EXISTS</literal> for <literal>ALTER TABLE DROP COLUMN</literal> - and <literal>ALTER TABLE DROP CONSTRAINT </literal> (Andres Freund) - </para> - </listitem> - - <listitem> - <para> - Allow <command>ALTER TABLE</command> commands that rewrite tables to skip - <acronym>WAL</acronym> logging (Itagaki Takahiro) - </para> - - <para> - Such operations either produce a new copy of the table or are rolled - back, so <acronym>WAL</acronym> archiving can be skipped, unless running in - continuous archiving mode. This reduces I/O overhead and improves - performance. - </para> - </listitem> - - <listitem> - <para> - Fix failure of <literal>ALTER TABLE <replaceable>table</replaceable> ADD COLUMN - <replaceable>col</replaceable> serial</literal> when done by non-owner of table - (Tom Lane) - </para> - </listitem> - - </itemizedlist> - - </sect4> - - <sect4> - <title><link linkend="sql-createtable"><command>CREATE TABLE</command></link></title> - - <itemizedlist> - - <listitem> - <para> - Add support for copying <literal>COMMENTS</literal> and <literal>STORAGE</literal> - settings in <command>CREATE TABLE ... LIKE</command> commands - (Itagaki Takahiro) - </para> - </listitem> - - <listitem> - <para> - Add a shortcut for copying all properties in <command>CREATE - TABLE ... LIKE</command> commands (Itagaki Takahiro) - </para> - </listitem> - - <listitem> - <para> - Add the SQL-standard - <literal>CREATE TABLE ... OF <replaceable>type</replaceable></literal> command - (Peter Eisentraut) - </para> - - <para> - This allows creation of a table that matches an existing composite - type. Additional constraints and defaults can be specified in the - command. - </para> - </listitem> - - </itemizedlist> - - </sect4> - - <sect4> - <title>Constraints</title> - - <itemizedlist> - - <listitem> - <para> - Add <link linkend="sql-createtable-compatibility">deferrable - unique constraints</link> (Dean Rasheed) - </para> - - <para> - This allows mass updates, such as - <literal>UPDATE tab SET col = col + 1</literal>, - to work reliably - on columns that have unique indexes or are marked as primary keys. - If the constraint is specified as <literal>DEFERRABLE</literal> it will be - checked at the end of the statement, rather than after each row is - updated. The constraint check can also be deferred until the end of the - current transaction, allowing such updates to be spread over multiple - SQL commands. - </para> - </listitem> - - <listitem> - <para> - Add - <link linkend="ddl-constraints-exclusion">exclusion constraints</link> - (Jeff Davis) - </para> - - <para> - Exclusion constraints generalize uniqueness constraints by allowing - arbitrary comparison operators, not just equality. They are created - with the <link linkend="sql-createtable-exclude"><command>CREATE - TABLE CONSTRAINT ... EXCLUDE</command></link> clause. - The most common use of exclusion constraints is to specify that column - entries must not overlap, rather than simply not be equal. This is - useful for time periods and other ranges, as well as arrays. - This feature enhances checking of data integrity for many - calendaring, time-management, and scientific applications. - </para> - </listitem> - - <listitem> - <para> - Improve uniqueness-constraint violation error messages to - report the values causing the failure (Itagaki Takahiro) - </para> - - <para> - For example, a uniqueness constraint violation might now report - <literal>Key (x)=(2) already exists</literal>. - </para> - </listitem> - - </itemizedlist> - - </sect4> - - <sect4> - <title>Object Permissions</title> - - <itemizedlist> - - <listitem> - <para> - Add the ability to make mass permission changes across a whole - schema using the new <link - linkend="sql-grant"><command>GRANT</command>/<command>REVOKE - IN SCHEMA</command></link> clause (Petr Jelinek) - </para> - - <para> - This simplifies management of object permissions - and makes it easier to utilize database roles for application - data security. - </para> - </listitem> - - <listitem> - <para> - Add <link linkend="sql-alterdefaultprivileges"><command>ALTER - DEFAULT PRIVILEGES</command></link> command to control privileges - of objects created later (Petr Jelinek) - </para> - - <para> - This greatly simplifies the assignment of object privileges in a - complex database application. Default privileges can be set for - tables, views, sequences, and functions. Defaults may be assigned on a - per-schema basis, or database-wide. - </para> - </listitem> - - <listitem> - <para> - Add the ability to control large object (BLOB) permissions with - <command>GRANT</command>/<command>REVOKE</command> (KaiGai Kohei) - </para> - - <para> - Formerly, any database user could read or modify any large object. - Read and write permissions can now be granted and revoked per - large object, and the ownership of large objects is tracked. - </para> - </listitem> - - </itemizedlist> - - </sect4> - - </sect3> - - <sect3> - <title>Utility Operations</title> - - <itemizedlist> - - <listitem> - <para> - Make <link linkend="sql-listen"><command>LISTEN</command></link>/<link - linkend="sql-notify"><command>NOTIFY</command></link> store pending events - in a memory queue, rather than in a system table (Joachim - Wieland) - </para> - - <para> - This substantially improves performance, while retaining the existing - features of transactional support and guaranteed delivery. - </para> - </listitem> - - <listitem> - <para> - Allow <link linkend="sql-notify"><command>NOTIFY</command></link> - to pass an optional <quote>payload</quote> string to listeners - (Joachim Wieland) - </para> - - <para> - This greatly improves the usefulness of - <command>LISTEN</command>/<command>NOTIFY</command> as a - general-purpose event queue system. - </para> - </listitem> - - <listitem> - <para> - Allow <link linkend="sql-cluster"><command>CLUSTER</command></link> - on all per-database system catalogs (Tom Lane) - </para> - - <para> - Shared catalogs still cannot be clustered. - </para> - </listitem> - - </itemizedlist> - - <sect4> - <title><link linkend="sql-copy"><command>COPY</command></link></title> - - <itemizedlist> - - <listitem> - <para> - Accept <literal>COPY ... CSV FORCE QUOTE *</literal> - (Itagaki Takahiro) - </para> - - <para> - Now <literal>*</literal> can be used as shorthand for <quote>all columns</quote> - in the <literal>FORCE QUOTE</literal> clause. - </para> - </listitem> - - <listitem> - <para> - Add new <command>COPY</command> syntax that allows options to be - specified inside parentheses (Robert Haas, Emmanuel Cecchet) - </para> - - <para> - This allows greater flexibility for future <command>COPY</command> options. - The old syntax is still supported, but only for pre-existing options. - </para> - </listitem> - - </itemizedlist> - - </sect4> - - <sect4> - <title><link linkend="sql-explain"><command>EXPLAIN</command></link></title> - - <itemizedlist> - - <listitem> - <para> - Allow <command>EXPLAIN</command> to output in <acronym>XML</acronym>, - <acronym>JSON</acronym>, or <acronym>YAML</acronym> format (Robert Haas, Greg - Sabino Mullane) - </para> - - <para> - The new output formats are easily machine-readable, supporting the - development of new tools for analysis of <command>EXPLAIN</command> output. - </para> - </listitem> - - <listitem> - <para> - Add new <literal>BUFFERS</literal> option to report query - buffer usage during <command>EXPLAIN ANALYZE</command> (Itagaki Takahiro) - </para> - - <para> - This allows better query profiling for individual queries. - Buffer usage is no longer reported in the output for <link - linkend="runtime-config-statistics-monitor">log_statement_stats</link> - and related settings. - </para> - </listitem> - - <listitem> - <para> - Add hash usage information to <command>EXPLAIN</command> output (Robert - Haas) - </para> - </listitem> - - <listitem> - <para> - Add new <command>EXPLAIN</command> syntax that allows options to be - specified inside parentheses (Robert Haas) - </para> - - <para> - This allows greater flexibility for future <command>EXPLAIN</command> options. - The old syntax is still supported, but only for pre-existing options. - </para> - </listitem> - - </itemizedlist> - - </sect4> - - <sect4> - <title><link linkend="sql-vacuum"><command>VACUUM</command></link></title> - - <itemizedlist> - - <listitem> - <para> - Change <command>VACUUM FULL</command> to rewrite the entire table and - rebuild its indexes, rather than moving individual rows around to - compact space (Itagaki Takahiro, Tom Lane) - </para> - - <para> - The previous method was usually slower and caused index bloat. - Note that the new method will use more disk space transiently - during <command>VACUUM FULL</command>; potentially as much as twice - the space normally occupied by the table and its indexes. - </para> - - </listitem> - - <listitem> - <para> - Add new <command>VACUUM</command> syntax that allows options to be - specified inside parentheses (Itagaki Takahiro) - </para> - - <para> - This allows greater flexibility for future <command>VACUUM</command> options. - The old syntax is still supported, but only for pre-existing options. - </para> - </listitem> - - </itemizedlist> - - </sect4> - - <sect4> - <title>Indexes</title> - - <itemizedlist> - - <listitem> - <para> - Allow an index to be named automatically by omitting the index name in - <link linkend="sql-createindex"><command>CREATE INDEX</command></link> - (Tom Lane) - </para> - </listitem> - - <listitem> - <para> - By default, multicolumn indexes are now named after all their columns; - and index expression columns are now named based on their expressions - (Tom Lane) - </para> - </listitem> - - <listitem> - <para> - Reindexing shared system catalogs is now fully transactional - and crash-safe (Tom Lane) - </para> - - <para> - Formerly, reindexing a shared index was only allowed in standalone - mode, and a crash during the operation could leave the index in - worse condition than it was before. - </para> - </listitem> - - <listitem> - <para> - Add <literal>point_ops</literal> operator class for <acronym>GiST</acronym> - (Teodor Sigaev) - </para> - - <para> - This feature permits <acronym>GiST</acronym> indexing of <type>point</type> - columns. The index can be used for several types of queries - such as <replaceable>point</replaceable> <literal><@</literal> <replaceable>polygon</replaceable> - (point is in polygon). This should make many - <productname>PostGIS</productname> queries faster. - </para> - </listitem> - - <listitem> - <para> - Use red-black binary trees for <acronym>GIN</acronym> index creation - (Teodor Sigaev) - </para> - - <para> - Red-black trees are self-balancing. This avoids slowdowns in - cases where the input is in nonrandom order. - </para> - - </listitem> - - </itemizedlist> - - </sect4> - - </sect3> - - <sect3> - <title>Data Types</title> - - <itemizedlist> - - <listitem> - <para> - Allow <link linkend="datatype-binary"><type>bytea</type></link> values - to be written in hex notation (Peter Eisentraut) - </para> - - <para> - The server parameter <link - linkend="guc-bytea-output"><varname>bytea_output</varname></link> controls - whether hex or traditional format is used for <type>bytea</type> - output. Libpq's <function>PQescapeByteaConn()</function> function automatically - uses the hex format when connected to <productname>PostgreSQL</productname> 9.0 - or newer servers. However, pre-9.0 libpq versions will not - correctly process hex format from newer servers. - </para> - - <para> - The new hex format will be directly compatible with more applications - that use binary data, allowing them to store and retrieve it without - extra conversion. It is also significantly faster to read and write - than the traditional format. - </para> - </listitem> - - <listitem> - <para> - Allow server parameter <link - linkend="guc-extra-float-digits">extra_float_digits</link> - to be increased to <literal>3</literal> (Tom Lane) - </para> - - <para> - The previous maximum <varname>extra_float_digits</varname> setting was - <literal>2</literal>. There are cases where 3 digits are needed to dump and - restore <type>float4</type> values exactly. <application>pg_dump</application> will - now use the setting of 3 when dumping from a server that allows it. - </para> - </listitem> - - <listitem> - <para> - Tighten input checking for <type>int2vector</type> values (Caleb - Welton) - </para> - </listitem> - - </itemizedlist> - - <sect4> - <title><link linkend="textsearch">Full Text Search</link></title> - - <itemizedlist> - - <listitem> - <para> - Add prefix support in <literal>synonym</literal> dictionaries - (Teodor Sigaev) - </para> - </listitem> - - <listitem> - <para> - Add <firstterm>filtering</firstterm> dictionaries (Teodor Sigaev) - </para> - - <para> - Filtering dictionaries allow tokens to be modified then passed to - subsequent dictionaries. - </para> - </listitem> - - <listitem> - <para> - Allow underscores in email-address tokens (Teodor Sigaev) - </para> - </listitem> - - <listitem> - <para> - Use more standards-compliant rules for parsing <acronym>URL</acronym> tokens - (Tom Lane) - </para> - </listitem> - - </itemizedlist> - - </sect4> - - </sect3> - - <sect3> - <title>Functions</title> - - <itemizedlist> - - <listitem> - <para> - Allow function calls to supply parameter names and match them to named - parameters in the function definition (Pavel Stehule) - </para> - - <para> - For example, if a function is defined to take parameters <literal>a</literal> - and <literal>b</literal>, it can be called with <literal>func(a := 7, b - := 12)</literal> or <literal>func(b := 12, a := 7)</literal>. - </para> - </listitem> - - <listitem> - <para> - Support locale-specific <link - linkend="functions-posix-regexp">regular expression</link> - processing with <acronym>UTF-8</acronym> server encoding (Tom Lane) - </para> - - <para> - Locale-specific regular expression functionality includes - case-insensitive matching and locale-specific character classes. - Previously, these features worked correctly for non-<acronym>ASCII</acronym> - characters only if the database used a single-byte server encoding (such - as LATIN1). They will still misbehave in multi-byte encodings other - than <acronym>UTF-8</acronym>. - </para> - </listitem> - - <listitem> - <para> - Add support for scientific notation in <link - linkend="functions-formatting"><function>to_char()</function></link> - (<link linkend="functions-formatting-numeric-table"><literal>EEEE</literal> - specification</link>) - (Pavel Stehule, Brendan Jurd) - </para> - </listitem> - - <listitem> - <para> - Make <function>to_char()</function> honor <link - linkend="functions-formatting-datetimemod-table"><literal>FM</literal></link> - (fill mode) in <literal>Y</literal>, <literal>YY</literal>, and - <literal>YYY</literal> specifications (Bruce Momjian, Tom Lane) - </para> - - <para> - It was already honored by <literal>YYYY</literal>. - </para> - </listitem> - - <listitem> - <para> - Fix <function>to_char()</function> to output localized numeric and monetary - strings in the correct encoding on <productname>Windows</productname> - (Hiroshi Inoue, Itagaki Takahiro, Bruce Momjian) - </para> - </listitem> - - <listitem> - <para> - Correct calculations of <link - linkend="functions-geometry-op-table"><quote>overlaps</quote></link> - and <quote>contains</quote> operations for polygons (Teodor Sigaev) - </para> - - <para> - The polygon <literal>&&</literal> (overlaps) operator formerly just - checked to see if the two polygons' bounding boxes overlapped. It now - does a more correct check. The polygon <literal>@></literal> and - <literal><@</literal> (contains/contained by) operators formerly checked - to see if one polygon's vertexes were all contained in the other; - this can wrongly report <quote>true</quote> for some non-convex polygons. - Now they check that all line segments of one polygon are contained in - the other. - </para> - </listitem> - - </itemizedlist> - - <sect4> - <title>Aggregates</title> - - <itemizedlist> - - <listitem> - <para> - Allow aggregate functions to use <link - linkend="syntax-aggregates"><literal>ORDER BY</literal></link> (Andrew Gierth) - </para> - - <para> - For example, this is now supported: <literal>array_agg(a ORDER BY - b)</literal>. This is useful with aggregates for which the order of input - values is significant, and eliminates the need to use a nonstandard - subquery to determine the ordering. - </para> - </listitem> - - <listitem> - <para> - Multi-argument aggregate functions can now use <literal>DISTINCT</literal> - (Andrew Gierth) - </para> - </listitem> - - <listitem> - <para> - Add the <link - linkend="functions-aggregate-table"><function>string_agg()</function></link> - aggregate function to combine values into a single - string (Pavel Stehule) - </para> - </listitem> - - <listitem> - <para> - Aggregate functions that are called with <literal>DISTINCT</literal> are - now passed NULL values if the aggregate transition function is - not marked as <literal>STRICT</literal> (Andrew Gierth) - </para> - - <para> - For example, <literal>agg(DISTINCT x)</literal> might pass a NULL <literal>x</literal> - value to <function>agg()</function>. This is more consistent with the behavior - in non-<literal>DISTINCT</literal> cases. - </para> - </listitem> - - </itemizedlist> - - </sect4> - - <sect4> - <title>Bit Strings</title> - - <itemizedlist> - - <listitem> - <para> - Add <link - linkend="functions-binarystring-other"><function>get_bit()</function></link> - and <function>set_bit()</function> functions for <type>bit</type> - strings, mirroring those for <type>bytea</type> (Leonardo - F) - </para> - </listitem> - - <listitem> - <para> - Implement <link - linkend="functions-string-sql"><function>OVERLAY()</function></link> - (replace) for <type>bit</type> strings and <type>bytea</type> - (Leonardo F) - </para> - </listitem> - - </itemizedlist> - - </sect4> - - <sect4> - <title>Object Information Functions</title> - - <itemizedlist> - - <listitem> - <para> - Add <link - linkend="functions-admin-dbsize"><function>pg_table_size()</function></link> - and <function>pg_indexes_size()</function> to provide a more - user-friendly interface to the <function>pg_relation_size()</function> - function (Bernd Helmle) - </para> - </listitem> - - <listitem> - <para> - Add <link - linkend="functions-info-access-table"><function>has_sequence_privilege()</function></link> - for sequence permission checking (Abhijit Menon-Sen) - </para> - </listitem> - - <listitem> - <para> - Update the <link linkend="information-schema">information_schema</link> - views to conform to SQL:2008 - (Peter Eisentraut) - </para> - </listitem> - - <listitem> - <para> - Make the <literal>information_schema</literal> views correctly display maximum - octet lengths for <type>char</type> and <type>varchar</type> columns (Peter - Eisentraut) - </para> - </listitem> - - <listitem> - <para> - Speed up <literal>information_schema</literal> privilege views - (Joachim Wieland) - </para> - </listitem> - - </itemizedlist> - - </sect4> - - <sect4> - <title>Function and Trigger Creation</title> - - <itemizedlist> - - <listitem> - <para> - Support execution of anonymous code blocks using the <link - linkend="sql-do"><command>DO</command></link> statement - (Petr Jelinek, Joshua Tolley, Hannu Valtonen) - </para> - - <para> - This allows execution of server-side code without the need to create - and delete a temporary function definition. Code can be executed in - any language for which the user has permissions to define a function. - </para> - </listitem> - - <listitem> - <para> - Implement SQL-standard-compliant <link - linkend="sql-createtrigger">per-column triggers</link> - (Itagaki Takahiro) - </para> - - <para> - Such triggers are fired only when the specified column(s) are affected - by the query, e.g. appear in an <command>UPDATE</command>'s <literal>SET</literal> - list. - </para> - </listitem> - - <listitem> - <para> - Add the <literal>WHEN</literal> clause to <link - linkend="sql-createtrigger"><command>CREATE TRIGGER</command></link> - to allow control over whether a trigger is fired (Itagaki - Takahiro) - </para> - - <para> - While the same type of check can always be performed inside the - trigger, doing it in an external <literal>WHEN</literal> clause can have - performance benefits. - </para> - </listitem> - - </itemizedlist> - - </sect4> - - </sect3> - - <sect3> - <title>Server-Side Languages</title> - - <itemizedlist> - - <listitem> - <para> - Add the <literal>OR REPLACE</literal> clause to <link - linkend="sql-createlanguage"><command>CREATE LANGUAGE</command></link> - (Tom Lane) - </para> - - <para> - This is helpful to optionally install a language if it does not - already exist, and is particularly helpful now that PL/pgSQL is - installed by default. - </para> - </listitem> - - </itemizedlist> - - <sect4> - <title><link linkend="plpgsql">PL/pgSQL</link> Server-Side - Language</title> - - <itemizedlist> - - <listitem> - <para> - Install PL/pgSQL by default (Bruce Momjian) - </para> - - <para> - The language can still be removed from a particular database if the - administrator has security or performance concerns about making it - available. - </para> - </listitem> - - <listitem> - <para> - Improve handling of cases where PL/pgSQL variable names conflict with - identifiers used in queries within a function - (Tom Lane) - </para> - - <para> - The default behavior is now to throw an error when there is a conflict, - so as to avoid surprising behaviors. This can be modified, via the - configuration parameter <link - linkend="plpgsql-var-subst"><varname>plpgsql.variable_conflict</varname></link> - or the per-function option <literal>#variable_conflict</literal>, to allow - either the variable or the query-supplied column to be used. In any - case PL/pgSQL will no longer attempt to substitute variables in places - where they would not be syntactically valid. - </para> - </listitem> - - <listitem> - <para> - Make PL/pgSQL use the main lexer, rather than its own version - (Tom Lane) - </para> - - <para> - This ensures accurate tracking of the main system's behavior for details - such as string escaping. Some user-visible details, such as the set - of keywords considered reserved in PL/pgSQL, have changed in - consequence. - </para> - </listitem> - - <listitem> - <para> - Avoid throwing an unnecessary error for an invalid record reference - (Tom Lane) - </para> - - <para> - An error is now thrown only if the reference is actually fetched, - rather than whenever the enclosing expression is reached. For - example, many people have tried to do this in triggers: -<programlisting> -if TG_OP = 'INSERT' and NEW.col1 = ... then -</programlisting> - This will now actually work as expected. - </para> - </listitem> - - <listitem> - <para> - Improve PL/pgSQL's ability to handle row types with dropped columns - (Pavel Stehule) - </para> - </listitem> - - <listitem> - <para> - Allow input parameters to be assigned values within - PL/pgSQL functions (Steve Prentice) - </para> - - <para> - Formerly, input parameters were treated as being declared - <literal>CONST</literal>, so the function's code could not change their - values. This restriction has been removed to simplify - porting of functions from other DBMSes that do not impose the - equivalent restriction. An input parameter now acts like a local - variable initialized to the passed-in value. - </para> - </listitem> - - <listitem> - <para> - Improve error location reporting in PL/pgSQL (Tom Lane) - </para> - </listitem> - - <listitem> - <para> - Add <replaceable>count</replaceable> and <literal>ALL</literal> options to <command>MOVE - FORWARD</command>/<literal>BACKWARD</literal> in PL/pgSQL (Pavel Stehule) - </para> - </listitem> - - <listitem> - <para> - Allow PL/pgSQL's <literal>WHERE CURRENT OF</literal> to use a cursor - variable (Tom Lane) - </para> - </listitem> - - <listitem> - <para> - Allow PL/pgSQL's <command>OPEN <replaceable>cursor</replaceable> FOR EXECUTE</command> to - use parameters (Pavel Stehule, Itagaki Takahiro) - </para> - - <para> - This is accomplished with a new <literal>USING</literal> clause. - </para> - </listitem> - - </itemizedlist> - - </sect4> - - <sect4> - <title><link linkend="plperl">PL/Perl</link> Server-Side Language</title> - - <itemizedlist> - - <listitem> - <para> - Add new PL/Perl functions: <link - linkend="plperl-utility-functions"><function>quote_literal()</function></link>, - <function>quote_nullable()</function>, <function>quote_ident()</function>, - <function>encode_bytea()</function>, <function>decode_bytea()</function>, - <function>looks_like_number()</function>, - <function>encode_array_literal()</function>, - <function>encode_array_constructor()</function> (Tim Bunce) - </para> - </listitem> - - <listitem> - <para> - Add server parameter <link - linkend="guc-plperl-on-init"><varname>plperl.on_init</varname></link> to - specify a PL/Perl initialization function (Tim - Bunce) - </para> - - <para> - <link - linkend="guc-plperl-on-plperl-init"><varname>plperl.on_plperl_init</varname></link> - and <link - linkend="guc-plperl-on-plperl-init"><varname>plperl.on_plperlu_init</varname></link> - are also available for initialization that is specific to the trusted - or untrusted language respectively. - </para> - </listitem> - - <listitem> - <para> - Support <command>END</command> blocks in PL/Perl (Tim Bunce) - </para> - - <para> - <command>END</command> blocks do not currently allow database access. - </para> - </listitem> - - <listitem> - <para> - Allow <command>use strict</command> in PL/Perl (Tim Bunce) - </para> - - <para> - Perl <literal>strict</literal> checks can also be globally enabled with the - new server parameter <link - linkend="guc-plperl-use-strict"><varname>plperl.use_strict</varname></link>. - </para> - </listitem> - - <listitem> - <para> - Allow <command>require</command> in PL/Perl (Tim Bunce) - </para> - - <para> - This basically tests to see if the module is loaded, and if not, - generates an error. It will not allow loading of modules that - the administrator has not preloaded via the initialization parameters. - </para> - </listitem> - - <listitem> - <para> - Allow <command>use feature</command> in PL/Perl if Perl version 5.10 or - later is used (Tim Bunce) - </para> - </listitem> - - <listitem> - <para> - Verify that PL/Perl return values are valid in the server encoding - (Andrew Dunstan) - </para> - </listitem> - - </itemizedlist> - - </sect4> - - <sect4> - <title><link linkend="plpython">PL/Python</link> Server-Side Language</title> - - <itemizedlist> - - <listitem> - <para> - Add Unicode support in PL/Python (Peter Eisentraut) - </para> - - <para> - Strings are automatically converted from/to the server encoding as - necessary. - </para> - </listitem> - - <listitem> - <para> - Improve <type>bytea</type> support in PL/Python (Caleb Welton) - </para> - - <para> - <type>Bytea</type> values passed into PL/Python are now represented as - binary, rather than the PostgreSQL <type>bytea</type> text format. - <type>Bytea</type> values containing null bytes are now also output - properly from PL/Python. Passing of boolean, integer, and float - values was also improved. - </para> - </listitem> - - <listitem> - <para> - Support <link linkend="plpython-arrays">arrays</link> as parameters and - return values in PL/Python (Peter Eisentraut) - </para> - </listitem> - - <listitem> - <para> - Improve mapping of SQL domains to Python types (Peter Eisentraut) - </para> - </listitem> - - <listitem> - <para> - Add <application>Python</application> 3 support to PL/Python (Peter Eisentraut) - </para> - - <para> - The new server-side language is called <link - linkend="plpython-python23"><literal>plpython3u</literal></link>. This - cannot be used in the same session with the - <application>Python</application> 2 server-side language. - </para> - </listitem> - - <listitem> - <para> - Improve error location and exception reporting in PL/Python (Peter Eisentraut) - </para> - </listitem> - - </itemizedlist> - - </sect4> - - </sect3> - - <sect3> - <title>Client Applications</title> - - <itemizedlist> - - <listitem> - <para> - Add an <option>--analyze-only</option> option to <link - linkend="app-vacuumdb"><command>vacuumdb</command></link>, to analyze without - vacuuming (Bruce Momjian) - </para> - </listitem> - - </itemizedlist> - - <sect4> - <title><link linkend="app-psql"><application>psql</application></link></title> - - <itemizedlist> - - <listitem> - <para> - Add support for quoting/escaping the values of <application>psql</application> - <link linkend="app-psql-variables">variables</link> as SQL strings or - identifiers (Pavel Stehule, Robert Haas) - </para> - - <para> - For example, <literal>:'var'</literal> will produce the value of - <literal>var</literal> quoted and properly escaped as a literal string, while - <literal>:"var"</literal> will produce its value quoted and escaped as an - identifier. - </para> - </listitem> - - <listitem> - <para> - Ignore a leading UTF-8-encoded Unicode byte-order marker in - script files read by <application>psql</application> (Itagaki Takahiro) - </para> - - <para> - This is enabled when the client encoding is <acronym>UTF-8</acronym>. - It improves compatibility with certain editors, mostly on Windows, - that insist on inserting such markers. - </para> - </listitem> - - <listitem> - <para> - Fix <command>psql --file -</command> to properly honor <link - linkend="r1-app-psql-3"><option>--single-transaction</option></link> - (Bruce Momjian) - </para> - </listitem> - - <listitem> - <para> - Avoid overwriting of <application>psql</application>'s command-line history when - two <application>psql</application> sessions are run concurrently (Tom Lane) - </para> - </listitem> - - <listitem> - <para> - Improve <application>psql</application>'s tab completion support (Itagaki - Takahiro) - </para> - </listitem> - - <listitem> - <para> - Show <literal>\timing</literal> output when it is enabled, regardless of - <quote>quiet</quote> mode (Peter Eisentraut) - </para> - </listitem> - - </itemizedlist> - - <sect5> - <title><application>psql</application> Display</title> - - <itemizedlist> - - <listitem> - <para> - Improve display of wrapped columns in <application>psql</application> (Roger - Leigh) - </para> - - <para> - This behavior is now the default. - The previous formatting is available by using <command>\pset linestyle - old-ascii</command>. - </para> - </listitem> - - <listitem> - <para> - Allow <application>psql</application> to use fancy Unicode line-drawing - characters via <command>\pset linestyle unicode</command> (Roger Leigh) - </para> - </listitem> - - </itemizedlist> - - </sect5> - - <sect5> - <title><application>psql</application> <link - linkend="app-psql-meta-commands"><command>\d</command></link> - Commands</title> - - <itemizedlist> - - <listitem> - <para> - Make <command>\d</command> show child tables that inherit from the specified - parent (Damien Clochard) - </para> - - <para> - <command>\d</command> shows only the number of child tables, while - <command>\d+</command> shows the names of all child tables. - </para> - </listitem> - - <listitem> - <para> - Show definitions of index columns in <command>\d index_name</command> - (Khee Chin) - </para> - - <para> - The definition is useful for expression indexes. - </para> - </listitem> - - <listitem> - <para> - Show a view's defining query only in - <command>\d+</command>, not in <command>\d</command> (Peter Eisentraut) - </para> - - <para> - Always including the query was deemed overly verbose. - </para> - </listitem> - - </itemizedlist> - - </sect5> - </sect4> - - <sect4> - <title><link linkend="app-pgdump"><application>pg_dump</application></link></title> - - <itemizedlist> - - <listitem> - <para> - Make <application>pg_dump</application>/<application>pg_restore</application> - <link linkend="pg-dump-options"><option>--clean</option></link> - also remove large objects (Itagaki Takahiro) - </para> - </listitem> - - <listitem> - <para> - Fix <application>pg_dump</application> to properly dump large objects when - <literal>standard_conforming_strings</literal> is enabled (Tom Lane) - </para> - - <para> - The previous coding could fail when dumping to an archive file - and then generating script output from <application>pg_restore</application>. - </para> - </listitem> - - <listitem> - <para> - <application>pg_restore</application> now emits large-object data in hex format - when generating script output (Tom Lane) - </para> - - <para> - This could cause compatibility problems if the script is then - loaded into a pre-9.0 server. To work around that, restore - directly to the server, instead. - </para> - </listitem> - - <listitem> - <para> - Allow <application>pg_dump</application> to dump comments attached to columns - of composite types (Taro Minowa (Higepon)) - </para> - </listitem> - - <listitem> - <para> - Make <application>pg_dump</application> <link - linkend="pg-dump-options"><option>--verbose</option></link> - output the <application>pg_dump</application> and server versions - in text output mode (Jim Cox, Tom Lane) - </para> - - <para> - These were already provided in custom output mode. - </para> - </listitem> - - <listitem> - <para> - <application>pg_restore</application> now complains if any command-line arguments - remain after the switches and optional file name (Tom Lane) - </para> - - <para> - Previously, it silently ignored any such arguments. - </para> - </listitem> - - </itemizedlist> - - </sect4> - - <sect4> - <title><link - linkend="app-pg-ctl"><application>pg_ctl</application></link></title> - - <itemizedlist> - - <listitem> - <para> - Allow <application>pg_ctl</application> to be used safely to start the - <application>postmaster</application> during a system reboot (Tom Lane) - </para> - - <para> - Previously, <application>pg_ctl</application>'s parent process could have been - mistakenly identified as a running <application>postmaster</application> based on - a stale <application>postmaster</application> lock file, resulting in a transient - failure to start the database. - </para> - </listitem> - - <listitem> - <para> - Give <application>pg_ctl</application> the ability to initialize the database - (by invoking <application>initdb</application>) (Zdenek Kotala) - </para> - </listitem> - - </itemizedlist> - - </sect4> - - </sect3> - - <sect3> - <title><application>Development Tools</application></title> - - <sect4> - <title><link linkend="libpq"><application>libpq</application></link></title> - - <itemizedlist> - - <listitem> - <para> - Add new <application>libpq</application> functions - <link - linkend="libpq-connect"><function>PQconnectdbParams()</function></link> - and <function>PQconnectStartParams()</function> (Guillaume - Lelarge) - </para> - - <para> - These functions are similar to <function>PQconnectdb()</function> and - <function>PQconnectStart()</function> except that they accept a null-terminated - array of connection options, rather than requiring all options to - be provided in a single string. - </para> - </listitem> - - <listitem> - <para> - Add <application>libpq</application> functions <link - linkend="libpq-exec-escape-string"><function>PQescapeLiteral()</function></link> - and <function>PQescapeIdentifier()</function> (Robert Haas) - </para> - - <para> - These functions return appropriately quoted and escaped SQL string - literals and identifiers. The caller is not required to pre-allocate - the string result, as is required by <function>PQescapeStringConn()</function>. - </para> - </listitem> - - <listitem> - <para> - Add support for a per-user service file (<link - linkend="libpq-pgservice"><filename>.pg_service.conf</filename></link>), - which is checked before the site-wide service file - (Peter Eisentraut) - </para> - </listitem> - - <listitem> - <para> - Properly report an error if the specified <application>libpq</application> service - cannot be found (Peter Eisentraut) - </para> - </listitem> - - <listitem> - <para> - Add <link linkend="libpq-keepalives">TCP keepalive settings</link> - in libpq (Tollef Fog Heen, Fujii Masao, Robert Haas) - </para> - - <para> - Keepalive settings were already supported on the server end of - TCP connections. - </para> - </listitem> - - <listitem> - <para> - Avoid extra system calls to block and unblock <literal>SIGPIPE</literal> - in <application>libpq</application>, on platforms that offer alternative methods - (Jeremy Kerr) - </para> - </listitem> - - <listitem> - <para> - When a <link linkend="libpq-pgpass"><filename>.pgpass</filename></link>-supplied - password fails, mention where the password came from in the error - message (Bruce Momjian) - </para> - </listitem> - - <listitem> - <para> - Load all SSL certificates given in the client certificate file - (Tom Lane) - </para> - - <para> - This improves support for indirectly-signed SSL certificates. - </para> - </listitem> - - </itemizedlist> - - </sect4> - - <sect4> - <title><link linkend="ecpg"><application>ecpg</application></link></title> - - <itemizedlist> - - <listitem> - <para> - Add <link linkend="ecpg-descriptors"><acronym>SQLDA</acronym></link> - (SQL Descriptor Area) support to <application>ecpg</application> - (Boszormenyi Zoltan) - </para> - </listitem> - - <listitem> - <para> - Add the <link linkend="ecpg-descriptors"><command>DESCRIBE</command> - [ <literal>OUTPUT</literal> ]</link> statement to <application>ecpg</application> - (Boszormenyi Zoltan) - </para> - </listitem> - - <listitem> - <para> - Add an <link linkend="ecpg-library">ECPGtransactionStatus</link> - function to return the current transaction status (Bernd Helmle) - </para> - </listitem> - - <listitem> - <para> - Add the <literal>string</literal> data type in <application>ecpg</application> - Informix-compatibility mode (Boszormenyi Zoltan) - </para> - </listitem> - - <listitem> - <para> - Allow <application>ecpg</application> to use <literal>new</literal> and <literal>old</literal> - variable names without restriction (Michael Meskes) - </para> - </listitem> - - <listitem> - <para> - Allow <application>ecpg</application> to use variable names in - <function>free()</function> (Michael Meskes) - </para> - </listitem> - - <listitem> - <para> - Make <function>ecpg_dynamic_type()</function> return zero for non-SQL3 data - types (Michael Meskes) - </para> - - <para> - Previously it returned the negative of the data type OID. - This could be confused with valid type OIDs, however. - </para> - </listitem> - - <listitem> - <para> - Support <type>long long</type> types on platforms that already have 64-bit - <type>long</type> (Michael Meskes) - </para> - </listitem> - - </itemizedlist> - - <sect5> - <title><application>ecpg</application> Cursors</title> - - <itemizedlist> - - <listitem> - <para> - Add out-of-scope cursor support in <application>ecpg</application>'s native mode - (Boszormenyi Zoltan) - </para> - - <para> - This allows <command>DECLARE</command> to use variables that are not in - scope when <command>OPEN</command> is called. This facility already existed - in <application>ecpg</application>'s Informix-compatibility mode. - </para> - </listitem> - - <listitem> - <para> - Allow dynamic cursor names in <application>ecpg</application> (Boszormenyi Zoltan) - </para> - </listitem> - - <listitem> - <para> - Allow <application>ecpg</application> to use noise words <literal>FROM</literal> and - <literal>IN</literal> in <command>FETCH</command> and <command>MOVE</command> (Boszormenyi - Zoltan) - </para> - </listitem> - - </itemizedlist> - - </sect5> - - </sect4> - - </sect3> - - <sect3> - <title>Build Options</title> - - <itemizedlist> - - <listitem> - <para> - Enable client thread safety by default (Bruce Momjian) - </para> - - <para> - The thread-safety option can be disabled with <link - linkend="configure"><literal>configure</literal></link> - <option>--disable-thread-safety</option>. - </para> - </listitem> - - <listitem> - <para> - Add support for controlling the Linux out-of-memory killer - (Alex Hunsaker, Tom Lane) - </para> - - <para> - Now that <filename>/proc/self/oom_adj</filename> allows disabling - of the <productname>Linux</productname> out-of-memory (<acronym>OOM</acronym>) - killer, it's recommendable to disable OOM kills for the postmaster. - It may then be desirable to re-enable OOM kills for the postmaster's - child processes. The new compile-time option <link - linkend="linux-memory-overcommit"><literal>LINUX_OOM_ADJ</literal></link> - allows the killer to be reactivated for child processes. - </para> - </listitem> - - </itemizedlist> - - <sect4> - <title>Makefiles</title> - - <itemizedlist> - - <listitem> - <para> - New <filename>Makefile</filename> targets <link - linkend="build"><literal>world</literal></link>, - <literal>install-world</literal>, and <literal>installcheck-world</literal> - (Andrew Dunstan) - </para> - - <para> - These are similar to the existing <literal>all</literal>, <literal>install</literal>, - and <literal>installcheck</literal> targets, but they also build the - <acronym>HTML</acronym> documentation, build and test <filename>contrib</filename>, - and test server-side languages and <application>ecpg</application>. - </para> - </listitem> - - <listitem> - <para> - Add data and documentation installation location control to - <acronym>PGXS</acronym> Makefiles (Mark Cave-Ayland) - </para> - </listitem> - - <listitem> - <para> - Add Makefile rules to build the <productname>PostgreSQL</productname> documentation - as a single <acronym>HTML</acronym> file or as a single plain-text file - (Peter Eisentraut, Bruce Momjian) - </para> - </listitem> - - </itemizedlist> - - </sect4> - - <sect4> - <title>Windows</title> - - <itemizedlist> - - <listitem> - <para> - Support compiling on <link - linkend="install-windows">64-bit - <productname>Windows</productname></link> and running in 64-bit - mode (Tsutomu Yamada, Magnus Hagander) - </para> - - <para> - This allows for large shared memory sizes on <productname>Windows</productname>. - </para> - </listitem> - - <listitem> - <para> - Support server builds using <link - linkend="install-windows-full"><productname>Visual Studio - 2008</productname></link> (Magnus Hagander) - </para> - </listitem> - - </itemizedlist> - - </sect4> - - </sect3> - - <sect3> - <title>Source Code</title> - - <itemizedlist> - - <listitem> - <para> - Distribute prebuilt documentation in a subdirectory tree, rather than - as tar archive files inside the distribution tarball - (Peter Eisentraut) - </para> - - <para> - For example, the prebuilt <acronym>HTML</acronym> documentation is now in - <filename>doc/src/sgml/html/</filename>; the manual pages are packaged - similarly. - </para> - </listitem> - - <listitem> - <para> - Make the server's lexer reentrant (Tom Lane) - </para> - - <para> - This was needed for use of the lexer by PL/pgSQL. - </para> - </listitem> - - <listitem> - <para> - Improve speed of memory allocation (Tom Lane, Greg Stark) - </para> - </listitem> - - <listitem> - <para> - User-defined constraint triggers now have entries in - <structname>pg_constraint</structname> as well as <structname>pg_trigger</structname> - (Tom Lane) - </para> - - <para> - Because of this change, - <structname>pg_constraint</structname>.<structfield>pgconstrname</structfield> is now - redundant and has been removed. - </para> - </listitem> - - <listitem> - <para> - Add system catalog columns - <structname>pg_constraint</structname>.<structfield>conindid</structfield> and - <structname>pg_trigger</structname>.<structfield>tgconstrindid</structfield> - to better document the use of indexes for constraint - enforcement (Tom Lane) - </para> - </listitem> - - <listitem> - <para> - Allow multiple conditions to be communicated to backends using a single - operating system signal (Fujii Masao) - </para> - - <para> - This allows new features to be added without a platform-specific - constraint on the number of signal conditions. - </para> - </listitem> - - <listitem> - <para> - Improve source code test coverage, including <filename>contrib</filename>, PL/Python, - and PL/Perl (Peter Eisentraut, Andrew Dunstan) - </para> - </listitem> - - <listitem> - <para> - Remove the use of flat files for system table bootstrapping - (Tom Lane, Alvaro Herrera) - </para> - - <para> - This improves performance when using many roles or - databases, and eliminates some possible failure conditions. - </para> - </listitem> - - <listitem> - <para> - Automatically generate the initial contents of - <structname>pg_attribute</structname> for <quote>bootstrapped</quote> catalogs - (John Naylor) - </para> - - <para> - This greatly simplifies changes to these catalogs. - </para> - </listitem> - - <listitem> - <para> - Split the processing of - <command>INSERT</command>/<command>UPDATE</command>/<command>DELETE</command> operations out - of <filename>execMain.c</filename> (Marko Tiikkaja) - </para> - - <para> - Updates are now executed in a separate ModifyTable node. This change is - necessary infrastructure for future improvements. - </para> - </listitem> - - <listitem> - <para> - Simplify translation of <application>psql</application>'s SQL help text - (Peter Eisentraut) - </para> - </listitem> - - <listitem> - <para> - Reduce the lengths of some file names so that all file paths in the - distribution tarball are less than 100 characters (Tom Lane) - </para> - - <para> - Some decompression programs have problems with longer file paths. - </para> - </listitem> - - <listitem> - <para> - Add a new <link - linkend="errcodes-table"><literal>ERRCODE_INVALID_PASSWORD</literal></link> - <literal>SQLSTATE</literal> error code (Bruce Momjian) - </para> - </listitem> - - <listitem> - <para> - With authors' permissions, remove the few remaining personal source code - copyright notices (Bruce Momjian) - </para> - - <para> - The personal copyright notices were insignificant but the community - occasionally had to answer questions about them. - </para> - </listitem> - - <listitem> - <para> - Add new documentation <link linkend="non-durability">section</link> - about running <productname>PostgreSQL</productname> in non-durable mode - to improve performance (Bruce Momjian) - </para> - </listitem> - - <listitem> - <para> - Restructure the <acronym>HTML</acronym> documentation - <filename>Makefile</filename> rules to make their dependency checks work - correctly, avoiding unnecessary rebuilds (Peter Eisentraut) - </para> - </listitem> - - <listitem> - <para> - Use <productname>DocBook</productname> <acronym>XSL</acronym> stylesheets for man page - building, rather than <productname>Docbook2X</productname> (Peter Eisentraut) - </para> - - <para> - This changes the set of tools needed to build the man pages. - </para> - </listitem> - - <listitem> - <para> - Improve PL/Perl code structure (Tim Bunce) - </para> - </listitem> - - <listitem> - <para> - Improve error context reports in PL/Perl (Alexey Klyukin) - </para> - </listitem> - - </itemizedlist> - - <sect4> - <title>New Build Requirements</title> - - <para> - Note that these requirements do not apply when building from a - distribution tarball, since tarballs include the files that these - programs are used to build. - </para> - - <itemizedlist> - <listitem> - <para> - Require <application>Autoconf</application> 2.63 to build - <application>configure</application> (Peter Eisentraut) - </para> - </listitem> - - <listitem> - <para> - Require <application>Flex</application> 2.5.31 or later to build - from a <acronym>CVS</acronym> checkout (Tom Lane) - </para> - </listitem> - - <listitem> - <para> - Require <application>Perl</application> version 5.8 or later to build - from a <acronym>CVS</acronym> checkout (John Naylor, Andrew Dunstan) - </para> - </listitem> - - </itemizedlist> - - </sect4> - - <sect4> - <title>Portability</title> - - <itemizedlist> - - <listitem> - <para> - Use a more modern <acronym>API</acronym> for <application>Bonjour</application> (Tom Lane) - </para> - - <para> - Bonjour support now requires <productname>macOS</productname> 10.3 or later. - The older API has been deprecated by Apple. - </para> - </listitem> - - <listitem> - <para> - Add spinlock support for the <productname>SuperH</productname> - architecture (Nobuhiro Iwamatsu) - </para> - </listitem> - - <listitem> - <para> - Allow non-<application>GCC</application> compilers to use inline functions if - they support them (Kurt Harriman) - </para> - </listitem> - - <listitem> - <para> - Remove support for platforms that don't have a working 64-bit - integer data type (Tom Lane) - </para> - </listitem> - - <listitem> - <para> - Restructure use of <literal>LDFLAGS</literal> to be more consistent - across platforms (Tom Lane) - </para> - - <para> - <literal>LDFLAGS</literal> is now used for linking both executables and shared - libraries, and we add on <literal>LDFLAGS_EX</literal> when linking - executables, or <literal>LDFLAGS_SL</literal> when linking shared libraries. - </para> - </listitem> - - </itemizedlist> - - </sect4> - - <sect4> - <title>Server Programming</title> - - <itemizedlist> - - <listitem> - <para> - Make backend header files safe to include in <productname>C++</productname> - (Kurt Harriman, Peter Eisentraut) - </para> - - <para> - These changes remove keyword conflicts that previously made - <productname>C++</productname> usage difficult in backend code. However, there - are still other complexities when using <productname>C++</productname> for backend - functions. <literal>extern "C" { }</literal> is still necessary in - appropriate places, and memory management and error handling are - still problematic. - </para> - </listitem> - - <listitem> - <para> - Add <link - linkend="xaggr"><function>AggCheckCallContext()</function></link> - for use in detecting if a <productname>C</productname> function is - being called as an aggregate (Hitoshi Harada) - </para> - </listitem> - - <listitem> - <para> - Change calling convention for <function>SearchSysCache()</function> and related - functions to avoid hard-wiring the maximum number of cache keys - (Robert Haas) - </para> - - <para> - Existing calls will still work for the moment, but can be expected to - break in 9.1 or later if not converted to the new style. - </para> - </listitem> - - <listitem> - <para> - Require calls of <function>fastgetattr()</function> and - <function>heap_getattr()</function> backend macros to provide a non-NULL fourth - argument (Robert Haas) - </para> - </listitem> - - <listitem> - <para> - Custom typanalyze functions should no longer rely on - <structname>VacAttrStats</structname>.<structfield>attr</structfield> to determine the type - of data they will be passed (Tom Lane) - </para> - - <para> - This was changed to allow collection of statistics on index columns - for which the storage type is different from the underlying column - data type. There are new fields that tell the actual datatype being - analyzed. - </para> - </listitem> - - </itemizedlist> - - </sect4> - - <sect4> - <title>Server Hooks</title> - - <itemizedlist> - - <listitem> - <para> - Add parser hooks for processing ColumnRef and ParamRef nodes - (Tom Lane) - </para> - </listitem> - - <listitem> - <para> - Add a ProcessUtility hook so loadable modules can control utility - commands (Itagaki Takahiro) - </para> - </listitem> - - </itemizedlist> - - </sect4> - - <sect4> - <title>Binary Upgrade Support</title> - - <itemizedlist> - - <listitem> - <para> - Add <link linkend="pgupgrade"><filename>contrib/pg_upgrade</filename></link> - to support in-place upgrades (Bruce Momjian) - </para> - - <para> - This avoids the requirement of dumping/reloading the database when - upgrading to a new major release of PostgreSQL, thus reducing downtime - by orders of magnitude. It supports upgrades to 9.0 - from PostgreSQL 8.3 and 8.4. - </para> - </listitem> - - <listitem> - <para> - Add support for preserving relation <link - linkend="catalog-pg-class"><structname>relfilenode</structname></link> values - during binary upgrades (Bruce Momjian) - </para> - </listitem> - - <listitem> - <para> - Add support for preserving <structname>pg_type</structname> - and <structname>pg_enum</structname> OIDs during binary upgrades - (Bruce Momjian) - </para> - </listitem> - - <listitem> - <para> - Move data files within tablespaces into - <productname>PostgreSQL</productname>-version-specific subdirectories - (Bruce Momjian) - </para> - - <para> - This simplifies binary upgrades. - </para> - </listitem> - - </itemizedlist> - - </sect4> - - </sect3> - - <sect3> - <title>Contrib</title> - - <itemizedlist> - - <listitem> - <para> - Add multithreading option (<option>-j</option>) to <link - linkend="pgbench"><filename>contrib/pgbench</filename></link> - (Itagaki Takahiro) - </para> - - <para> - This allows multiple <acronym>CPU</acronym>s to be used by pgbench, - reducing the risk of pgbench itself becoming the test bottleneck. - </para> - </listitem> - - <listitem> - <para> - Add <command>\shell</command> and <command>\setshell</command> meta - commands to <link - linkend="pgbench"><filename>contrib/pgbench</filename></link> - (Michael Paquier) - </para> - </listitem> - - <listitem> - <para> - New features for <link - linkend="dict-xsyn"><filename>contrib/dict_xsyn</filename></link> - (Sergey Karpov) - </para> - - <para> - The new options are <literal>matchorig</literal>, <literal>matchsynonyms</literal>, - and <literal>keepsynonyms</literal>. - </para> - </listitem> - - <listitem> - <para> - Add full text dictionary <link - linkend="unaccent"><filename>contrib/unaccent</filename></link> - (Teodor Sigaev) - </para> - - <para> - This filtering dictionary removes accents from letters, which - makes full-text searches over multiple languages much easier. - </para> - </listitem> - - <listitem> - <para> - Add <link - linkend="contrib-dblink-get-notify"><function>dblink_get_notify()</function></link> - to <filename>contrib/dblink</filename> (Marcus Kempe) - </para> - - <para> - This allows asynchronous notifications in <productname>dblink</productname>. - </para> - </listitem> - - <listitem> - <para> - Improve <filename>contrib/dblink</filename>'s handling of dropped columns - (Tom Lane) - </para> - - <para> - This affects <link - linkend="contrib-dblink-build-sql-insert"><function>dblink_build_sql_insert()</function></link> - and related functions. These functions now number columns according - to logical not physical column numbers. - </para> - </listitem> - - <listitem> - <para> - Greatly increase <link - linkend="hstore"><filename>contrib/hstore</filename></link>'s data - length limit, and add B-tree and hash support so <literal>GROUP - BY</literal> and <literal>DISTINCT</literal> operations are possible on - <type>hstore</type> columns (Andrew Gierth) - </para> - - <para> - New functions and operators were also added. These improvements - make <type>hstore</type> a full-function key-value store embedded in - <productname>PostgreSQL</productname>. - </para> - </listitem> - - <listitem> - <para> - Add <link - linkend="passwordcheck"><filename>contrib/passwordcheck</filename></link> - to support site-specific password strength policies (Laurenz - Albe) - </para> - - <para> - The source code of this module should be modified to implement - site-specific password policies. - </para> - </listitem> - - <listitem> - <para> - Add <link - linkend="pgarchivecleanup"><filename>contrib/pg_archivecleanup</filename></link> - tool (Simon Riggs) - </para> - - <para> - This is designed to be used in the - <literal>archive_cleanup_command</literal> - server parameter, to remove no-longer-needed archive files. - </para> - </listitem> - - <listitem> - <para> - Add query text to <link - linkend="auto-explain"><filename>contrib/auto_explain</filename></link> - output (Andrew Dunstan) - </para> - </listitem> - - <listitem> - <para> - Add buffer access counters to <link - linkend="pgstatstatements"><filename>contrib/pg_stat_statements</filename></link> - (Itagaki Takahiro) - </para> - </listitem> - - <listitem> - <para> - Update <link - linkend="server-start"><filename>contrib/start-scripts/linux</filename></link> - to use <filename>/proc/self/oom_adj</filename> to disable the - <link linkend="linux-memory-overcommit"><productname>Linux</productname> - out-of-memory</link> (<acronym>OOM</acronym>) killer (Alex - Hunsaker, Tom Lane) - </para> - </listitem> - - </itemizedlist> - - </sect3> - </sect2> -</sect1> |