From 2ecea6f4503132950ef524db9ca5ee7f4e2d1aa6 Mon Sep 17 00:00:00 2001 From: Tom Lane Date: Wed, 10 Mar 2010 01:58:38 +0000 Subject: [PATCH] Preliminary release notes for releases 8.4.3, 8.3.10, 8.2.16, 8.1.20, 8.0.24, 7.4.28. --- doc/src/sgml/release-7.4.sgml | 121 ++++++++++++- doc/src/sgml/release-8.0.sgml | 179 +++++++++++++++++- doc/src/sgml/release-8.1.sgml | 192 +++++++++++++++++++- doc/src/sgml/release-8.2.sgml | 273 +++++++++++++++++++++++++++- doc/src/sgml/release-8.3.sgml | 329 +++++++++++++++++++++++++++++++++- 5 files changed, 1089 insertions(+), 5 deletions(-) diff --git a/doc/src/sgml/release-7.4.sgml b/doc/src/sgml/release-7.4.sgml index 2bc41377a21..ff5fa72f395 100644 --- a/doc/src/sgml/release-7.4.sgml +++ b/doc/src/sgml/release-7.4.sgml @@ -1,6 +1,125 @@ - + + + Release 7.4.28 + + + Release date + 2010-03-15 + + + + This release contains a variety of fixes from 7.4.27. + For information about new features in the 7.4 major release, see + . + + + + The PostgreSQL community will stop releasing updates + for the 7.4.X release series in July 2010. + Users are encouraged to update to a newer release branch soon. + + + + Migration to Version 7.4.28 + + + A dump/restore is not required for those running 7.4.X. + However, if you are upgrading from a version earlier than 7.4.26, + see the release notes for 7.4.26. + + + + + + Changes + + + + + + Add new configuration parameter ssl_renegotiation_limit to + control how often we do session key renegotiation for an SSL connection + (Magnus) + + + + This can be set to zero to disable renegotiation completely, which may + be required if a broken SSL library is used. In particular, some + vendors are shipping stopgap patches for CVE-2009-3555 that cause + renegotiation attempts to fail. + + + + + + Make substring() for bit types treat any negative + length as meaning all the rest of the string (Tom) + + + + The previous coding treated only -1 that way, and would produce an + invalid result value for other negative values, possibly leading to + a crash (CVE-2010-0442). + + + + + + Fix some cases of pathologically slow regular expression matching (Tom) + + + + + + When reading pg_hba.conf and related files, do not treat + @something as a file inclusion request if the @ + appears inside quote marks; also, never treat @ by itself + as a file inclusion request (Tom) + + + + This prevents erratic behavior if a role or database name starts with + @. If you need to include a file whose path name + contains spaces, you can still do so, but you must write + @"/path to/file" rather than putting the quotes around + the whole construct. + + + + + + Prevent infinite loop on some platforms if a directory is named as + an inclusion target in pg_hba.conf and related files + (Tom) + + + + + + Ensure PL/Tcl initializes the Tcl interpreter fully (Tom) + + + + The only known symptom of this oversight is that the Tcl + clock command misbehaves if using Tcl 8.5 or later. + + + + + + Prevent crash in contrib/dblink when too many key + columns are specified to a dblink_build_sql_* function + (Rushabh Lathia, Joe Conway) + + + + + + + + Release 7.4.27 diff --git a/doc/src/sgml/release-8.0.sgml b/doc/src/sgml/release-8.0.sgml index 13742959a74..a6e20e2f380 100644 --- a/doc/src/sgml/release-8.0.sgml +++ b/doc/src/sgml/release-8.0.sgml @@ -1,6 +1,183 @@ - + + + Release 8.0.24 + + + Release date + 2010-03-15 + + + + This release contains a variety of fixes from 8.0.23. + For information about new features in the 8.0 major release, see + . + + + + The PostgreSQL community will stop releasing updates + for the 8.0.X release series in July 2010. + Users are encouraged to update to a newer release branch soon. + + + + Migration to Version 8.0.24 + + + A dump/restore is not required for those running 8.0.X. + However, if you are upgrading from a version earlier than 8.0.22, + see the release notes for 8.0.22. + + + + + + Changes + + + + + + Add new configuration parameter ssl_renegotiation_limit to + control how often we do session key renegotiation for an SSL connection + (Magnus) + + + + This can be set to zero to disable renegotiation completely, which may + be required if a broken SSL library is used. In particular, some + vendors are shipping stopgap patches for CVE-2009-3555 that cause + renegotiation attempts to fail. + + + + + + Fix possible crashes when trying to recover from a failure in + subtransaction start (Tom) + + + + + + Fix server memory leak associated with use of savepoints and a client + encoding different from server's encoding (Tom) + + + + + + Make substring() for bit types treat any negative + length as meaning all the rest of the string (Tom) + + + + The previous coding treated only -1 that way, and would produce an + invalid result value for other negative values, possibly leading to + a crash (CVE-2010-0442). + + + + + + Fix integer-to-bit-string conversions to handle the first fractional + byte correctly when the output bit width is wider than the given + integer by something other than a multiple of 8 bits (Tom) + + + + + + Fix some cases of pathologically slow regular expression matching (Tom) + + + + + + Fix the STOP WAL LOCATION entry in backup history files to + report the next WAL segment's name when the end location is exactly at a + segment boundary (Itagaki Takahiro) + + + + + + When reading pg_hba.conf and related files, do not treat + @something as a file inclusion request if the @ + appears inside quote marks; also, never treat @ by itself + as a file inclusion request (Tom) + + + + This prevents erratic behavior if a role or database name starts with + @. If you need to include a file whose path name + contains spaces, you can still do so, but you must write + @"/path to/file" rather than putting the quotes around + the whole construct. + + + + + + Prevent infinite loop on some platforms if a directory is named as + an inclusion target in pg_hba.conf and related files + (Tom) + + + + + + Fix plpgsql failure in one case where a composite column is set to NULL + (Tom) + + + + + + Add volatile markings in PL/Python to avoid possible + compiler-specific misbehavior (Zdenek Kotala) + + + + + + Ensure PL/Tcl initializes the Tcl interpreter fully (Tom) + + + + The only known symptom of this oversight is that the Tcl + clock command misbehaves if using Tcl 8.5 or later. + + + + + + Prevent crash in contrib/dblink when too many key + columns are specified to a dblink_build_sql_* function + (Rushabh Lathia, Joe Conway) + + + + + + Fix assorted crashes in contrib/xml2 caused by sloppy + memory management (Tom) + + + + + + Update time zone data files to tzdata release 2010e + for DST law changes in Bangladesh, Chile, Fiji, Mexico, Paraguay, Samoa. + + + + + + + + Release 8.0.23 diff --git a/doc/src/sgml/release-8.1.sgml b/doc/src/sgml/release-8.1.sgml index d156ba0d794..30e8fc3a5f4 100644 --- a/doc/src/sgml/release-8.1.sgml +++ b/doc/src/sgml/release-8.1.sgml @@ -1,6 +1,196 @@ - + + + Release 8.1.20 + + + Release date + 2010-03-15 + + + + This release contains a variety of fixes from 8.1.19. + For information about new features in the 8.1 major release, see + . + + + + Migration to Version 8.1.20 + + + A dump/restore is not required for those running 8.1.X. + However, if you are upgrading from a version earlier than 8.1.18, + see the release notes for 8.1.18. + + + + + + Changes + + + + + + Add new configuration parameter ssl_renegotiation_limit to + control how often we do session key renegotiation for an SSL connection + (Magnus) + + + + This can be set to zero to disable renegotiation completely, which may + be required if a broken SSL library is used. In particular, some + vendors are shipping stopgap patches for CVE-2009-3555 that cause + renegotiation attempts to fail. + + + + + + Fix possible crashes when trying to recover from a failure in + subtransaction start (Tom) + + + + + + Fix server memory leak associated with use of savepoints and a client + encoding different from server's encoding (Tom) + + + + + + Make substring() for bit types treat any negative + length as meaning all the rest of the string (Tom) + + + + The previous coding treated only -1 that way, and would produce an + invalid result value for other negative values, possibly leading to + a crash (CVE-2010-0442). + + + + + + Fix integer-to-bit-string conversions to handle the first fractional + byte correctly when the output bit width is wider than the given + integer by something other than a multiple of 8 bits (Tom) + + + + + + Fix some cases of pathologically slow regular expression matching (Tom) + + + + + + Fix the STOP WAL LOCATION entry in backup history files to + report the next WAL segment's name when the end location is exactly at a + segment boundary (Itagaki Takahiro) + + + + + + Fix some more cases of temporary-file leakage (Heikki) + + + + This corrects a problem introduced in the previous minor release. + One case that failed is when a plpgsql function returning set is + called within another function's exception handler. + + + + + + When reading pg_hba.conf and related files, do not treat + @something as a file inclusion request if the @ + appears inside quote marks; also, never treat @ by itself + as a file inclusion request (Tom) + + + + This prevents erratic behavior if a role or database name starts with + @. If you need to include a file whose path name + contains spaces, you can still do so, but you must write + @"/path to/file" rather than putting the quotes around + the whole construct. + + + + + + Prevent infinite loop on some platforms if a directory is named as + an inclusion target in pg_hba.conf and related files + (Tom) + + + + + + Fix psql's numericlocale option to not + format strings it shouldn't in latex and troff output formats (Heikki) + + + + + + Fix plpgsql failure in one case where a composite column is set to NULL + (Tom) + + + + + + Add volatile markings in PL/Python to avoid possible + compiler-specific misbehavior (Zdenek Kotala) + + + + + + Ensure PL/Tcl initializes the Tcl interpreter fully (Tom) + + + + The only known symptom of this oversight is that the Tcl + clock command misbehaves if using Tcl 8.5 or later. + + + + + + Prevent crash in contrib/dblink when too many key + columns are specified to a dblink_build_sql_* function + (Rushabh Lathia, Joe Conway) + + + + + + Fix assorted crashes in contrib/xml2 caused by sloppy + memory management (Tom) + + + + + + Update time zone data files to tzdata release 2010e + for DST law changes in Bangladesh, Chile, Fiji, Mexico, Paraguay, Samoa. + + + + + + + + Release 8.1.19 diff --git a/doc/src/sgml/release-8.2.sgml b/doc/src/sgml/release-8.2.sgml index eddaf94e8b0..3551b27e0b7 100644 --- a/doc/src/sgml/release-8.2.sgml +++ b/doc/src/sgml/release-8.2.sgml @@ -1,6 +1,277 @@ - + + + Release 8.2.16 + + + Release date + 2010-03-15 + + + + This release contains a variety of fixes from 8.2.15. + For information about new features in the 8.2 major release, see + . + + + + Migration to Version 8.2.16 + + + A dump/restore is not required for those running 8.2.X. + However, if you are upgrading from a version earlier than 8.2.14, + see the release notes for 8.2.14. + + + + + + Changes + + + + + + Add new configuration parameter ssl_renegotiation_limit to + control how often we do session key renegotiation for an SSL connection + (Magnus) + + + + This can be set to zero to disable renegotiation completely, which may + be required if a broken SSL library is used. In particular, some + vendors are shipping stopgap patches for CVE-2009-3555 that cause + renegotiation attempts to fail. + + + + + + Fix possible deadlock during backend startup (Tom) + + + + + + Fix possible crashes due to not handling errors during relcache reload + cleanly (Tom) + + + + + + Fix possible crashes when trying to recover from a failure in + subtransaction start (Tom) + + + + + + Fix server memory leak associated with use of savepoints and a client + encoding different from server's encoding (Tom) + + + + + + Fix incorrect WAL data emitted during end-of-recovery cleanup of a GIST + index page split (Yoichi Hirai) + + + + This would result in index corruption, or even more likely an error + during WAL replay, if we were unlucky enough to crash during + end-of-recovery cleanup after having completed an incomplete GIST + insertion. + + + + + + Make substring() for bit types treat any negative + length as meaning all the rest of the string (Tom) + + + + The previous coding treated only -1 that way, and would produce an + invalid result value for other negative values, possibly leading to + a crash (CVE-2010-0442). + + + + + + Fix integer-to-bit-string conversions to handle the first fractional + byte correctly when the output bit width is wider than the given + integer by something other than a multiple of 8 bits (Tom) + + + + + + Fix some cases of pathologically slow regular expression matching (Tom) + + + + + + Fix the STOP WAL LOCATION entry in backup history files to + report the next WAL segment's name when the end location is exactly at a + segment boundary (Itagaki Takahiro) + + + + + + Fix some more cases of temporary-file leakage (Heikki) + + + + This corrects a problem introduced in the previous minor release. + One case that failed is when a plpgsql function returning set is + called within another function's exception handler. + + + + + + Improve constraint exclusion processing of boolean-variable cases, + in particular make it possible to exclude a partition that has a + bool_column = false constraint (Tom) + + + + + + When reading pg_hba.conf and related files, do not treat + @something as a file inclusion request if the @ + appears inside quote marks; also, never treat @ by itself + as a file inclusion request (Tom) + + + + This prevents erratic behavior if a role or database name starts with + @. If you need to include a file whose path name + contains spaces, you can still do so, but you must write + @"/path to/file" rather than putting the quotes around + the whole construct. + + + + + + Prevent infinite loop on some platforms if a directory is named as + an inclusion target in pg_hba.conf and related files + (Tom) + + + + + + Fix possible infinite loop if SSL_read or + SSL_write fails without setting errno (Tom) + + + + This is reportedly possible with some Windows versions of + openssl. + + + + + + Fix psql's numericlocale option to not + format strings it shouldn't in latex and troff output formats (Heikki) + + + + + + Make psql return the correct exit status (3) when + ON_ERROR_STOP and --single-transaction are + both specified and an error occurs during the implied COMMIT + (Bruce) + + + + + + Fix plpgsql failure in one case where a composite column is set to NULL + (Tom) + + + + + + Fix possible failure when calling PL/Perl functions from PL/PerlU + or vice versa (Tim Bunce) + + + + + + Add volatile markings in PL/Python to avoid possible + compiler-specific misbehavior (Zdenek Kotala) + + + + + + Ensure PL/Tcl initializes the Tcl interpreter fully (Tom) + + + + The only known symptom of this oversight is that the Tcl + clock command misbehaves if using Tcl 8.5 or later. + + + + + + Prevent crash in contrib/dblink when too many key + columns are specified to a dblink_build_sql_* function + (Rushabh Lathia, Joe Conway) + + + + + + Fix assorted crashes in contrib/xml2 caused by sloppy + memory management (Tom) + + + + + + Make building of contrib/xml2 more robust on Windows + (Andrew) + + + + + + Fix race condition in Windows signal handling (Radu Ilie) + + + + One known symptom of this bug is that rows in pg_listener + could be dropped under heavy load. + + + + + + Update time zone data files to tzdata release 2010e + for DST law changes in Bangladesh, Chile, Fiji, Mexico, Paraguay, Samoa. + + + + + + + + Release 8.2.15 diff --git a/doc/src/sgml/release-8.3.sgml b/doc/src/sgml/release-8.3.sgml index c59140d0538..fab67ede261 100644 --- a/doc/src/sgml/release-8.3.sgml +++ b/doc/src/sgml/release-8.3.sgml @@ -1,6 +1,333 @@ - + + + Release 8.3.10 + + + Release date + 2010-03-15 + + + + This release contains a variety of fixes from 8.3.9. + For information about new features in the 8.3 major release, see + . + + + + Migration to Version 8.3.10 + + + A dump/restore is not required for those running 8.3.X. + However, if you are upgrading from a version earlier than 8.3.8, + see the release notes for 8.3.8. + + + + + + Changes + + + + + + Add new configuration parameter ssl_renegotiation_limit to + control how often we do session key renegotiation for an SSL connection + (Magnus) + + + + This can be set to zero to disable renegotiation completely, which may + be required if a broken SSL library is used. In particular, some + vendors are shipping stopgap patches for CVE-2009-3555 that cause + renegotiation attempts to fail. + + + + + + Fix possible deadlock during backend startup (Tom) + + + + + + Fix possible crashes due to not handling errors during relcache reload + cleanly (Tom) + + + + + + Fix possible crash due to use of dangling pointer to a cached plan + (Tatsuo) + + + + + + Fix possible crashes when trying to recover from a failure in + subtransaction start (Tom) + + + + + + Fix server memory leak associated with use of savepoints and a client + encoding different from server's encoding (Tom) + + + + + + Fix incorrect WAL data emitted during end-of-recovery cleanup of a GIST + index page split (Yoichi Hirai) + + + + This would result in index corruption, or even more likely an error + during WAL replay, if we were unlucky enough to crash during + end-of-recovery cleanup after having completed an incomplete GIST + insertion. + + + + + + Make substring() for bit types treat any negative + length as meaning all the rest of the string (Tom) + + + + The previous coding treated only -1 that way, and would produce an + invalid result value for other negative values, possibly leading to + a crash (CVE-2010-0442). + + + + + + Fix integer-to-bit-string conversions to handle the first fractional + byte correctly when the output bit width is wider than the given + integer by something other than a multiple of 8 bits (Tom) + + + + + + Fix some cases of pathologically slow regular expression matching (Tom) + + + + + + Fix assorted crashes in xml processing caused by sloppy + memory management (Tom) + + + + This is a back-patch of changes first applied in 8.4. The 8.3 code + was known buggy, but the new code was sufficiently different to not + want to back-patch it until it had gotten some field testing. + + + + + + Fix bug with trying to update a field of an element of a + composite-type array column (Tom) + + + + + + Fix the STOP WAL LOCATION entry in backup history files to + report the next WAL segment's name when the end location is exactly at a + segment boundary (Itagaki Takahiro) + + + + + + Fix some more cases of temporary-file leakage (Heikki) + + + + This corrects a problem introduced in the previous minor release. + One case that failed is when a plpgsql function returning set is + called within another function's exception handler. + + + + + + Improve constraint exclusion processing of boolean-variable cases, + in particular make it possible to exclude a partition that has a + bool_column = false constraint (Tom) + + + + + + When reading pg_hba.conf and related files, do not treat + @something as a file inclusion request if the @ + appears inside quote marks; also, never treat @ by itself + as a file inclusion request (Tom) + + + + This prevents erratic behavior if a role or database name starts with + @. If you need to include a file whose path name + contains spaces, you can still do so, but you must write + @"/path to/file" rather than putting the quotes around + the whole construct. + + + + + + Prevent infinite loop on some platforms if a directory is named as + an inclusion target in pg_hba.conf and related files + (Tom) + + + + + + Fix possible infinite loop if SSL_read or + SSL_write fails without setting errno (Tom) + + + + This is reportedly possible with some Windows versions of + openssl. + + + + + + Disallow GSSAPI authentication on local connections, + since it requires a hostname to function correctly (Magnus) + + + + + + Make ecpg report the proper SQLSTATE if the connection + disappears (Michael) + + + + + + Fix psql's numericlocale option to not + format strings it shouldn't in latex and troff output formats (Heikki) + + + + + + Make psql return the correct exit status (3) when + ON_ERROR_STOP and --single-transaction are + both specified and an error occurs during the implied COMMIT + (Bruce) + + + + + + Fix plpgsql failure in one case where a composite column is set to NULL + (Tom) + + + + + + Fix possible failure when calling PL/Perl functions from PL/PerlU + or vice versa (Tim Bunce) + + + + + + Add volatile markings in PL/Python to avoid possible + compiler-specific misbehavior (Zdenek Kotala) + + + + + + Ensure PL/Tcl initializes the Tcl interpreter fully (Tom) + + + + The only known symptom of this oversight is that the Tcl + clock command misbehaves if using Tcl 8.5 or later. + + + + + + Prevent crash in contrib/dblink when too many key + columns are specified to a dblink_build_sql_* function + (Rushabh Lathia, Joe Conway) + + + + + + Allow zero-dimensional arrays in contrib/ltree operations + (Tom) + + + + This case was formerly rejected as an error, but it's more convenient to + treat it the same as a zero-element array. In particular this avoids + unnecessary failures when an ltree operation is applied to the + result of ARRAY(SELECT ...) and the sub-select returns no + rows. + + + + + + Fix assorted crashes in contrib/xml2 caused by sloppy + memory management (Tom) + + + + + + Make building of contrib/xml2 more robust on Windows + (Andrew) + + + + + + Fix race condition in Windows signal handling (Radu Ilie) + + + + One known symptom of this bug is that rows in pg_listener + could be dropped under heavy load. + + + + + + Update time zone data files to tzdata release 2010e + for DST law changes in Bangladesh, Chile, Fiji, Mexico, Paraguay, Samoa. + + + + + + + + Release 8.3.9