2010年10月 7日

[installer 2532] postgresql-9.0.1, 8.4.5, 8.3.12, 8.2.18, 8.1.22, 8.0.26, 7.4.30

postgresql-9.0.1, 8.4.5, 8.3.12, 8.2.18, 8.1.22, 8.0.26, 7.4.30
出ています。

複数のセキュリティホールの修正が含まれています。
http://www.postgresql.org/support/security
http://www.postgresql.org/about/news.1244
http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2010-3433
http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2010-3781

参照のこと。

☆ postgresql-9.0.1
http://www.postgresql.org/
ftp://ftp.postgresql.org/pub/source/v9.0.1/postgresql-9.0.1.tar.gz

Release 9.0.1

Release date: 2010-10-04

This release contains a variety of fixes from 9.0.0. For information
about new features in the 9.0 major release, see the Section called
Release 9.0.
__________________________________________________________________

Migration to Version 9.0.1

A dump/restore is not required for those running 9.0.X.
__________________________________________________________________

Changes

* Use a separate interpreter for each calling SQL userid in PL/Perl
and PL/Tcl (Tom Lane)
This change prevents security problems that can be caused by
subverting Perl or Tcl code that will be executed later in the same
session under another SQL user identity (for example, within a
SECURITY DEFINER function). Most scripting languages offer numerous
ways that that might be done, such as redefining standard functions
or operators called by the target function. Without this change,
any SQL user with Perl or Tcl language usage rights can do
essentially anything with the SQL privileges of the target
function's owner.
The cost of this change is that intentional communication among
Perl and Tcl functions becomes more difficult. To provide an escape
hatch, PL/PerlU and PL/TclU functions continue to use only one
interpreter per session. This is not considered a security issue
since all such functions execute at the trust level of a database
superuser already.
It is likely that third-party procedural languages that claim to
offer trusted execution have similar security issues. We advise
contacting the authors of any PL you are depending on for
security-critical purposes.
Our thanks to Tim Bunce for pointing out this issue
(CVE-2010-3433).
* Improve pg_get_expr() security fix so that the function can still
be used on the output of a sub-select (Tom Lane)
* Fix incorrect placement of placeholder evaluation (Tom Lane)
This bug could result in query outputs being non-null when they
should be null, in cases where the inner side of an outer join is a
sub-select with non-strict expressions in its output list.
* Fix join removal's handling of placeholder expressions (Tom Lane)
* Fix possible duplicate scans of UNION ALL member relations (Tom
Lane)
* Prevent infinite loop in ProcessIncomingNotify() after unlistening
(Jeff Davis)
* Prevent show_session_authorization() from crashing within
autovacuum processes (Tom Lane)
* Re-allow input of Julian dates prior to 0001-01-01 AD (Tom Lane)
Input such as 'J100000'::date worked before 8.4, but was
unintentionally broken by added error-checking.
* Make psql recognize "DISCARD ALL" as a command that should not be
encased in a transaction block in autocommit-off mode (Itagaki
Takahiro)
* Update build infrastructure and documentation to reflect the source
code repository's move from CVS to Git (Magnus Hagander and others)


☆ postgresql-8.4.5
http://www.postgresql.org/
ftp://ftp.postgresql.org/pub/source/v8.4.5/postgresql-8.4.5.tar.gz

Release 8.4.5

Release date: 2010-10-04

This release contains a variety of fixes from 8.4.4. For information
about new features in the 8.4 major release, see the Section called
Release 8.4.
__________________________________________________________________

Migration to Version 8.4.5

A dump/restore is not required for those running 8.4.X. However, if you
are upgrading from a version earlier than 8.4.2, see the release notes
for 8.4.2.
__________________________________________________________________

Changes

* Use a separate interpreter for each calling SQL userid in PL/Perl
and PL/Tcl (Tom Lane)
This change prevents security problems that can be caused by
subverting Perl or Tcl code that will be executed later in the same
session under another SQL user identity (for example, within a
SECURITY DEFINER function). Most scripting languages offer numerous
ways that that might be done, such as redefining standard functions
or operators called by the target function. Without this change,
any SQL user with Perl or Tcl language usage rights can do
essentially anything with the SQL privileges of the target
function's owner.
The cost of this change is that intentional communication among
Perl and Tcl functions becomes more difficult. To provide an escape
hatch, PL/PerlU and PL/TclU functions continue to use only one
interpreter per session. This is not considered a security issue
since all such functions execute at the trust level of a database
superuser already.
It is likely that third-party procedural languages that claim to
offer trusted execution have similar security issues. We advise
contacting the authors of any PL you are depending on for
security-critical purposes.
Our thanks to Tim Bunce for pointing out this issue
(CVE-2010-3433).
* Prevent possible crashes in pg_get_expr() by disallowing it from
being called with an argument that is not one of the system catalog
columns it's intended to be used with (Heikki Linnakangas, Tom
Lane)
* Treat exit code 128 (ERROR_WAIT_NO_CHILDREN) as non-fatal on
Windows (Magnus Hagander)
Under high load, Windows processes will sometimes fail at startup
with this error code. Formerly the postmaster treated this as a
panic condition and restarted the whole database, but that seems to
be an overreaction.
* Fix incorrect placement of placeholder evaluation (Tom Lane)
This bug could result in query outputs being non-null when they
should be null, in cases where the inner side of an outer join is a
sub-select with non-strict expressions in its output list.
* Fix possible duplicate scans of UNION ALL member relations (Tom
Lane)
* Fix "cannot handle unplanned sub-select" error (Tom Lane)
This occurred when a sub-select contains a join alias reference
that expands into an expression containing another sub-select.
* Fix mishandling of whole-row Vars that reference a view or
sub-select and appear within a nested sub-select (Tom Lane)
* Fix mishandling of cross-type IN comparisons (Tom Lane)
This could result in failures if the planner tried to implement an
IN join with a sort-then-unique-then-plain-join plan.
* Fix computation of "ANALYZE" statistics for tsvector columns (Jan
Urbanski)
The original coding could produce incorrect statistics, leading to
poor plan choices later.
* Improve planner's estimate of memory used by array_agg(),
string_agg(), and similar aggregate functions (Hitoshi Harada)
The previous drastic underestimate could lead to out-of-memory
failures due to inappropriate choice of a hash-aggregation plan.
* Fix failure to mark cached plans as transient (Tom Lane)
If a plan is prepared while "CREATE INDEX CONCURRENTLY" is in
progress for one of the referenced tables, it is supposed to be
re-planned once the index is ready for use. This was not happening
reliably.
* Reduce PANIC to ERROR in some occasionally-reported btree failure
cases, and provide additional detail in the resulting error
messages (Tom Lane)
This should improve the system's robustness with corrupted indexes.
* Fix incorrect search logic for partial-match queries with GIN
indexes (Tom Lane)
Cases involving AND/OR combination of several GIN index conditions
didn't always give the right answer, and were sometimes much slower
than necessary.
* Prevent show_session_authorization() from crashing within
autovacuum processes (Tom Lane)
* Defend against functions returning setof record where not all the
returned rows are actually of the same rowtype (Tom Lane)
* Fix possible corruption of pending trigger event lists during
subtransaction rollback (Tom Lane)
This could lead to a crash or incorrect firing of triggers.
* Fix possible failure when hashing a pass-by-reference function
result (Tao Ma, Tom Lane)
* Improve merge join's handling of NULLs in the join columns (Tom
Lane)
A merge join can now stop entirely upon reaching the first NULL, if
the sort order is such that NULLs sort high.
* Take care to fsync the contents of lockfiles (both "postmaster.pid"
and the socket lockfile) while writing them (Tom Lane)
This omission could result in corrupted lockfile contents if the
machine crashes shortly after postmaster start. That could in turn
prevent subsequent attempts to start the postmaster from
succeeding, until the lockfile is manually removed.
* Avoid recursion while assigning XIDs to heavily-nested
subtransactions (Andres Freund, Robert Haas)
The original coding could result in a crash if there was limited
stack space.
* Avoid holding open old WAL segments in the walwriter process
(Magnus Hagander, Heikki Linnakangas)
The previous coding would prevent removal of no-longer-needed
segments.
* Fix log_line_prefix's %i escape, which could produce junk early in
backend startup (Tom Lane)
* Prevent misinterpretation of partially-specified relation options
for TOAST tables (Itagaki Takahiro)
In particular, fillfactor would be read as zero if any other
reloption had been set for the table, leading to serious bloat.
* Fix inheritance count tracking in "ALTER TABLE ... ADD CONSTRAINT"
(Robert Haas)
* Fix possible data corruption in "ALTER TABLE ... SET TABLESPACE"
when archiving is enabled (Jeff Davis)
* Allow "CREATE DATABASE" and "ALTER DATABASE ... SET TABLESPACE" to
be interrupted by query-cancel (Guillaume Lelarge)
* Improve "CREATE INDEX"'s checking of whether proposed index
expressions are immutable (Tom Lane)
* Fix "REASSIGN OWNED" to handle operator classes and families (Asko
Tiidumaa)
* Fix possible core dump when comparing two empty tsquery values (Tom
Lane)
* Fix LIKE's handling of patterns containing % followed by _ (Tom
Lane)
We've fixed this before, but there were still some
incorrectly-handled cases.
* Re-allow input of Julian dates prior to 0001-01-01 AD (Tom Lane)
Input such as 'J100000'::date worked before 8.4, but was
unintentionally broken by added error-checking.
* Fix PL/pgSQL to throw an error, not crash, if a cursor is closed
within a FOR loop that is iterating over that cursor (Heikki
Linnakangas)
* In PL/Python, defend against null pointer results from
PyCObject_AsVoidPtr and PyCObject_FromVoidPtr (Peter Eisentraut)
* In libpq, fix full SSL certificate verification for the case where
both host and hostaddr are specified (Tom Lane)
* Make psql recognize "DISCARD ALL" as a command that should not be
encased in a transaction block in autocommit-off mode (Itagaki
Takahiro)
* Fix some issues in pg_dump's handling of SQL/MED objects (Tom Lane)
Notably, pg_dump would always fail if run by a non-superuser, which
was not intended.
* Improve pg_dump and pg_restore's handling of non-seekable archive
files (Tom Lane, Robert Haas)
This is important for proper functioning of parallel restore.
* Improve parallel pg_restore's ability to cope with selective
restore (-L option) (Tom Lane)
The original code tended to fail if the -L file commanded a
non-default restore ordering.
* Fix ecpg to process data from RETURNING clauses correctly (Michael
Meskes)
* Fix some memory leaks in ecpg (Zoltan Boszormenyi)
* Improve "contrib/dblink"'s handling of tables containing dropped
columns (Tom Lane)
* Fix connection leak after "duplicate connection name" errors in
"contrib/dblink" (Itagaki Takahiro)
* Fix "contrib/dblink" to handle connection names longer than 62
bytes correctly (Itagaki Takahiro)
* Add hstore(text, text) function to "contrib/hstore" (Robert Haas)
This function is the recommended substitute for the now-deprecated
=> operator. It was back-patched so that future-proofed code can be
used with older server versions. Note that the patch will be
effective only after "contrib/hstore" is installed or reinstalled
in a particular database. Users might prefer to execute the "CREATE
FUNCTION" command by hand, instead.
* Update build infrastructure and documentation to reflect the source
code repository's move from CVS to Git (Magnus Hagander and others)
* Update time zone data files to tzdata release 2010l for DST law
changes in Egypt and Palestine; also historical corrections for
Finland.
This change also adds new names for two Micronesian timezones:
Pacific/Chuuk is now preferred over Pacific/Truk (and the preferred
abbreviation is CHUT not TRUT) and Pacific/Pohnpei is preferred
over Pacific/Ponape.
* Make Windows' "N. Central Asia Standard Time" timezone map to
Asia/Novosibirsk, not Asia/Almaty (Magnus Hagander)
Microsoft changed the DST behavior of this zone in the timezone
update from KB976098. Asia/Novosibirsk is a better match to its new
behavior.


☆ postgresql-8.3.12
http://www.postgresql.org/
ftp://ftp.postgresql.org/pub/source/v8.3.12/postgresql-8.3.12.tar.gz

Release 8.3.12

Release date: 2010-10-04

This release contains a variety of fixes from 8.3.11. For information
about new features in the 8.3 major release, see the Section called
Release 8.3.
__________________________________________________________________

Migration to Version 8.3.12

A dump/restore is not required for those running 8.3.X. However, if you
are upgrading from a version earlier than 8.3.8, see the release notes
for 8.3.8.
__________________________________________________________________

Changes

* Use a separate interpreter for each calling SQL userid in PL/Perl
and PL/Tcl (Tom Lane)
This change prevents security problems that can be caused by
subverting Perl or Tcl code that will be executed later in the same
session under another SQL user identity (for example, within a
SECURITY DEFINER function). Most scripting languages offer numerous
ways that that might be done, such as redefining standard functions
or operators called by the target function. Without this change,
any SQL user with Perl or Tcl language usage rights can do
essentially anything with the SQL privileges of the target
function's owner.
The cost of this change is that intentional communication among
Perl and Tcl functions becomes more difficult. To provide an escape
hatch, PL/PerlU and PL/TclU functions continue to use only one
interpreter per session. This is not considered a security issue
since all such functions execute at the trust level of a database
superuser already.
It is likely that third-party procedural languages that claim to
offer trusted execution have similar security issues. We advise
contacting the authors of any PL you are depending on for
security-critical purposes.
Our thanks to Tim Bunce for pointing out this issue
(CVE-2010-3433).
* Prevent possible crashes in pg_get_expr() by disallowing it from
being called with an argument that is not one of the system catalog
columns it's intended to be used with (Heikki Linnakangas, Tom
Lane)
* Treat exit code 128 (ERROR_WAIT_NO_CHILDREN) as non-fatal on
Windows (Magnus Hagander)
Under high load, Windows processes will sometimes fail at startup
with this error code. Formerly the postmaster treated this as a
panic condition and restarted the whole database, but that seems to
be an overreaction.
* Fix incorrect usage of non-strict OR joinclauses in Append
indexscans (Tom Lane)
This is a back-patch of an 8.4 fix that was missed in the 8.3
branch. This corrects an error introduced in 8.3.8 that could cause
incorrect results for outer joins when the inner relation is an
inheritance tree or UNION ALL subquery.
* Fix possible duplicate scans of UNION ALL member relations (Tom
Lane)
* Fix "cannot handle unplanned sub-select" error (Tom Lane)
This occurred when a sub-select contains a join alias reference
that expands into an expression containing another sub-select.
* Fix failure to mark cached plans as transient (Tom Lane)
If a plan is prepared while "CREATE INDEX CONCURRENTLY" is in
progress for one of the referenced tables, it is supposed to be
re-planned once the index is ready for use. This was not happening
reliably.
* Reduce PANIC to ERROR in some occasionally-reported btree failure
cases, and provide additional detail in the resulting error
messages (Tom Lane)
This should improve the system's robustness with corrupted indexes.
* Prevent show_session_authorization() from crashing within
autovacuum processes (Tom Lane)
* Defend against functions returning setof record where not all the
returned rows are actually of the same rowtype (Tom Lane)
* Fix possible failure when hashing a pass-by-reference function
result (Tao Ma, Tom Lane)
* Improve merge join's handling of NULLs in the join columns (Tom
Lane)
A merge join can now stop entirely upon reaching the first NULL, if
the sort order is such that NULLs sort high.
* Take care to fsync the contents of lockfiles (both "postmaster.pid"
and the socket lockfile) while writing them (Tom Lane)
This omission could result in corrupted lockfile contents if the
machine crashes shortly after postmaster start. That could in turn
prevent subsequent attempts to start the postmaster from
succeeding, until the lockfile is manually removed.
* Avoid recursion while assigning XIDs to heavily-nested
subtransactions (Andres Freund, Robert Haas)
The original coding could result in a crash if there was limited
stack space.
* Avoid holding open old WAL segments in the walwriter process
(Magnus Hagander, Heikki Linnakangas)
The previous coding would prevent removal of no-longer-needed
segments.
* Fix log_line_prefix's %i escape, which could produce junk early in
backend startup (Tom Lane)
* Fix possible data corruption in "ALTER TABLE ... SET TABLESPACE"
when archiving is enabled (Jeff Davis)
* Allow "CREATE DATABASE" and "ALTER DATABASE ... SET TABLESPACE" to
be interrupted by query-cancel (Guillaume Lelarge)
* Fix "REASSIGN OWNED" to handle operator classes and families (Asko
Tiidumaa)
* Fix possible core dump when comparing two empty tsquery values (Tom
Lane)
* Fix LIKE's handling of patterns containing % followed by _ (Tom
Lane)
We've fixed this before, but there were still some
incorrectly-handled cases.
* In PL/Python, defend against null pointer results from
PyCObject_AsVoidPtr and PyCObject_FromVoidPtr (Peter Eisentraut)
* Make psql recognize "DISCARD ALL" as a command that should not be
encased in a transaction block in autocommit-off mode (Itagaki
Takahiro)
* Fix ecpg to process data from RETURNING clauses correctly (Michael
Meskes)
* Improve "contrib/dblink"'s handling of tables containing dropped
columns (Tom Lane)
* Fix connection leak after "duplicate connection name" errors in
"contrib/dblink" (Itagaki Takahiro)
* Fix "contrib/dblink" to handle connection names longer than 62
bytes correctly (Itagaki Takahiro)
* Add hstore(text, text) function to "contrib/hstore" (Robert Haas)
This function is the recommended substitute for the now-deprecated
=> operator. It was back-patched so that future-proofed code can be
used with older server versions. Note that the patch will be
effective only after "contrib/hstore" is installed or reinstalled
in a particular database. Users might prefer to execute the "CREATE
FUNCTION" command by hand, instead.
* Update build infrastructure and documentation to reflect the source
code repository's move from CVS to Git (Magnus Hagander and others)
* Update time zone data files to tzdata release 2010l for DST law
changes in Egypt and Palestine; also historical corrections for
Finland.
This change also adds new names for two Micronesian timezones:
Pacific/Chuuk is now preferred over Pacific/Truk (and the preferred
abbreviation is CHUT not TRUT) and Pacific/Pohnpei is preferred
over Pacific/Ponape.
* Make Windows' "N. Central Asia Standard Time" timezone map to
Asia/Novosibirsk, not Asia/Almaty (Magnus Hagander)
Microsoft changed the DST behavior of this zone in the timezone
update from KB976098. Asia/Novosibirsk is a better match to its new
behavior.


☆ postgresql-8.2.18
http://www.postgresql.org/
ftp://ftp.postgresql.org/pub/source/v8.2.18/postgresql-8.2.18.tar.gz

Release 8.2.18

Release date: 2010-10-04

This release contains a variety of fixes from 8.2.17. For information
about new features in the 8.2 major release, see the Section called
Release 8.2.
__________________________________________________________________

Migration to Version 8.2.18

A dump/restore is not required for those running 8.2.X. However, if you
are upgrading from a version earlier than 8.2.14, see the release notes
for 8.2.14.
__________________________________________________________________

Changes

* Use a separate interpreter for each calling SQL userid in PL/Perl
and PL/Tcl (Tom Lane)
This change prevents security problems that can be caused by
subverting Perl or Tcl code that will be executed later in the same
session under another SQL user identity (for example, within a
SECURITY DEFINER function). Most scripting languages offer numerous
ways that that might be done, such as redefining standard functions
or operators called by the target function. Without this change,
any SQL user with Perl or Tcl language usage rights can do
essentially anything with the SQL privileges of the target
function's owner.
The cost of this change is that intentional communication among
Perl and Tcl functions becomes more difficult. To provide an escape
hatch, PL/PerlU and PL/TclU functions continue to use only one
interpreter per session. This is not considered a security issue
since all such functions execute at the trust level of a database
superuser already.
It is likely that third-party procedural languages that claim to
offer trusted execution have similar security issues. We advise
contacting the authors of any PL you are depending on for
security-critical purposes.
Our thanks to Tim Bunce for pointing out this issue
(CVE-2010-3433).
* Prevent possible crashes in pg_get_expr() by disallowing it from
being called with an argument that is not one of the system catalog
columns it's intended to be used with (Heikki Linnakangas, Tom
Lane)
* Fix Windows shared-memory allocation code (Tsutomu Yamada, Magnus
Hagander)
This bug led to the often-reported "could not reattach to shared
memory" error message. This is a back-patch of a fix that was
applied to newer branches some time ago.
* Treat exit code 128 (ERROR_WAIT_NO_CHILDREN) as non-fatal on
Windows (Magnus Hagander)
Under high load, Windows processes will sometimes fail at startup
with this error code. Formerly the postmaster treated this as a
panic condition and restarted the whole database, but that seems to
be an overreaction.
* Fix possible duplicate scans of UNION ALL member relations (Tom
Lane)
* Fix "cannot handle unplanned sub-select" error (Tom Lane)
This occurred when a sub-select contains a join alias reference
that expands into an expression containing another sub-select.
* Reduce PANIC to ERROR in some occasionally-reported btree failure
cases, and provide additional detail in the resulting error
messages (Tom Lane)
This should improve the system's robustness with corrupted indexes.
* Prevent show_session_authorization() from crashing within
autovacuum processes (Tom Lane)
* Defend against functions returning setof record where not all the
returned rows are actually of the same rowtype (Tom Lane)
* Fix possible failure when hashing a pass-by-reference function
result (Tao Ma, Tom Lane)
* Take care to fsync the contents of lockfiles (both "postmaster.pid"
and the socket lockfile) while writing them (Tom Lane)
This omission could result in corrupted lockfile contents if the
machine crashes shortly after postmaster start. That could in turn
prevent subsequent attempts to start the postmaster from
succeeding, until the lockfile is manually removed.
* Avoid recursion while assigning XIDs to heavily-nested
subtransactions (Andres Freund, Robert Haas)
The original coding could result in a crash if there was limited
stack space.
* Fix log_line_prefix's %i escape, which could produce junk early in
backend startup (Tom Lane)
* Fix possible data corruption in "ALTER TABLE ... SET TABLESPACE"
when archiving is enabled (Jeff Davis)
* Allow "CREATE DATABASE" and "ALTER DATABASE ... SET TABLESPACE" to
be interrupted by query-cancel (Guillaume Lelarge)
* In PL/Python, defend against null pointer results from
PyCObject_AsVoidPtr and PyCObject_FromVoidPtr (Peter Eisentraut)
* Improve "contrib/dblink"'s handling of tables containing dropped
columns (Tom Lane)
* Fix connection leak after "duplicate connection name" errors in
"contrib/dblink" (Itagaki Takahiro)
* Fix "contrib/dblink" to handle connection names longer than 62
bytes correctly (Itagaki Takahiro)
* Add hstore(text, text) function to "contrib/hstore" (Robert Haas)
This function is the recommended substitute for the now-deprecated
=> operator. It was back-patched so that future-proofed code can be
used with older server versions. Note that the patch will be
effective only after "contrib/hstore" is installed or reinstalled
in a particular database. Users might prefer to execute the "CREATE
FUNCTION" command by hand, instead.
* Update build infrastructure and documentation to reflect the source
code repository's move from CVS to Git (Magnus Hagander and others)
* Update time zone data files to tzdata release 2010l for DST law
changes in Egypt and Palestine; also historical corrections for
Finland.
This change also adds new names for two Micronesian timezones:
Pacific/Chuuk is now preferred over Pacific/Truk (and the preferred
abbreviation is CHUT not TRUT) and Pacific/Pohnpei is preferred
over Pacific/Ponape.
* Make Windows' "N. Central Asia Standard Time" timezone map to
Asia/Novosibirsk, not Asia/Almaty (Magnus Hagander)
Microsoft changed the DST behavior of this zone in the timezone
update from KB976098. Asia/Novosibirsk is a better match to its new
behavior.


☆ postgresql-8.1.22
http://www.postgresql.org/
ftp://ftp.postgresql.org/pub/source/v8.1.22/postgresql-8.1.22.tar.gz

Release 8.1.22

Release date: 2010-10-04

This release contains a variety of fixes from 8.1.21. For information
about new features in the 8.1 major release, see the Section called
Release 8.1.

The PostgreSQL community will stop releasing updates for the 8.1.X
release series in November 2010. Users are encouraged to update to a
newer release branch soon.
__________________________________________________________________

Migration to Version 8.1.22

A dump/restore is not required for those running 8.1.X. However, if you
are upgrading from a version earlier than 8.1.18, see the release notes
for 8.1.18.
__________________________________________________________________

Changes

* Use a separate interpreter for each calling SQL userid in PL/Perl
and PL/Tcl (Tom Lane)
This change prevents security problems that can be caused by
subverting Perl or Tcl code that will be executed later in the same
session under another SQL user identity (for example, within a
SECURITY DEFINER function). Most scripting languages offer numerous
ways that that might be done, such as redefining standard functions
or operators called by the target function. Without this change,
any SQL user with Perl or Tcl language usage rights can do
essentially anything with the SQL privileges of the target
function's owner.
The cost of this change is that intentional communication among
Perl and Tcl functions becomes more difficult. To provide an escape
hatch, PL/PerlU and PL/TclU functions continue to use only one
interpreter per session. This is not considered a security issue
since all such functions execute at the trust level of a database
superuser already.
It is likely that third-party procedural languages that claim to
offer trusted execution have similar security issues. We advise
contacting the authors of any PL you are depending on for
security-critical purposes.
Our thanks to Tim Bunce for pointing out this issue
(CVE-2010-3433).
* Prevent possible crashes in pg_get_expr() by disallowing it from
being called with an argument that is not one of the system catalog
columns it's intended to be used with (Heikki Linnakangas, Tom
Lane)
* Fix "cannot handle unplanned sub-select" error (Tom Lane)
This occurred when a sub-select contains a join alias reference
that expands into an expression containing another sub-select.
* Prevent show_session_authorization() from crashing within
autovacuum processes (Tom Lane)
* Defend against functions returning setof record where not all the
returned rows are actually of the same rowtype (Tom Lane)
* Fix possible failure when hashing a pass-by-reference function
result (Tao Ma, Tom Lane)
* Take care to fsync the contents of lockfiles (both "postmaster.pid"
and the socket lockfile) while writing them (Tom Lane)
This omission could result in corrupted lockfile contents if the
machine crashes shortly after postmaster start. That could in turn
prevent subsequent attempts to start the postmaster from
succeeding, until the lockfile is manually removed.
* Avoid recursion while assigning XIDs to heavily-nested
subtransactions (Andres Freund, Robert Haas)
The original coding could result in a crash if there was limited
stack space.
* Fix log_line_prefix's %i escape, which could produce junk early in
backend startup (Tom Lane)
* Fix possible data corruption in "ALTER TABLE ... SET TABLESPACE"
when archiving is enabled (Jeff Davis)
* Allow "CREATE DATABASE" and "ALTER DATABASE ... SET TABLESPACE" to
be interrupted by query-cancel (Guillaume Lelarge)
* In PL/Python, defend against null pointer results from
PyCObject_AsVoidPtr and PyCObject_FromVoidPtr (Peter Eisentraut)
* Improve "contrib/dblink"'s handling of tables containing dropped
columns (Tom Lane)
* Fix connection leak after "duplicate connection name" errors in
"contrib/dblink" (Itagaki Takahiro)
* Fix "contrib/dblink" to handle connection names longer than 62
bytes correctly (Itagaki Takahiro)
* Update build infrastructure and documentation to reflect the source
code repository's move from CVS to Git (Magnus Hagander and others)
* Update time zone data files to tzdata release 2010l for DST law
changes in Egypt and Palestine; also historical corrections for
Finland.
This change also adds new names for two Micronesian timezones:
Pacific/Chuuk is now preferred over Pacific/Truk (and the preferred
abbreviation is CHUT not TRUT) and Pacific/Pohnpei is preferred
over Pacific/Ponape.


☆ postgresql-8.0.26
http://www.postgresql.org/
ftp://ftp.postgresql.org/pub/source/v8.0.26/postgresql-8.0.26.tar.gz

Release 8.0.26

Release date: 2010-10-04

This release contains a variety of fixes from 8.0.25. For information
about new features in the 8.0 major release, see the Section called
Release 8.0.

This is expected to be the last PostgreSQL release in the 8.0.X series.
Users are encouraged to update to a newer release branch soon.
__________________________________________________________________

Migration to Version 8.0.26

A dump/restore is not required for those running 8.0.X. However, if you
are upgrading from a version earlier than 8.0.22, see the release notes
for 8.0.22.
__________________________________________________________________

Changes

* Use a separate interpreter for each calling SQL userid in PL/Perl
and PL/Tcl (Tom Lane)
This change prevents security problems that can be caused by
subverting Perl or Tcl code that will be executed later in the same
session under another SQL user identity (for example, within a
SECURITY DEFINER function). Most scripting languages offer numerous
ways that that might be done, such as redefining standard functions
or operators called by the target function. Without this change,
any SQL user with Perl or Tcl language usage rights can do
essentially anything with the SQL privileges of the target
function's owner.
The cost of this change is that intentional communication among
Perl and Tcl functions becomes more difficult. To provide an escape
hatch, PL/PerlU and PL/TclU functions continue to use only one
interpreter per session. This is not considered a security issue
since all such functions execute at the trust level of a database
superuser already.
It is likely that third-party procedural languages that claim to
offer trusted execution have similar security issues. We advise
contacting the authors of any PL you are depending on for
security-critical purposes.
Our thanks to Tim Bunce for pointing out this issue
(CVE-2010-3433).
* Prevent possible crashes in pg_get_expr() by disallowing it from
being called with an argument that is not one of the system catalog
columns it's intended to be used with (Heikki Linnakangas, Tom
Lane)
* Fix "cannot handle unplanned sub-select" error (Tom Lane)
This occurred when a sub-select contains a join alias reference
that expands into an expression containing another sub-select.
* Defend against functions returning setof record where not all the
returned rows are actually of the same rowtype (Tom Lane)
* Take care to fsync the contents of lockfiles (both "postmaster.pid"
and the socket lockfile) while writing them (Tom Lane)
This omission could result in corrupted lockfile contents if the
machine crashes shortly after postmaster start. That could in turn
prevent subsequent attempts to start the postmaster from
succeeding, until the lockfile is manually removed.
* Avoid recursion while assigning XIDs to heavily-nested
subtransactions (Andres Freund, Robert Haas)
The original coding could result in a crash if there was limited
stack space.
* Fix log_line_prefix's %i escape, which could produce junk early in
backend startup (Tom Lane)
* Fix possible data corruption in "ALTER TABLE ... SET TABLESPACE"
when archiving is enabled (Jeff Davis)
* Allow "CREATE DATABASE" and "ALTER DATABASE ... SET TABLESPACE" to
be interrupted by query-cancel (Guillaume Lelarge)
* In PL/Python, defend against null pointer results from
PyCObject_AsVoidPtr and PyCObject_FromVoidPtr (Peter Eisentraut)
* Improve "contrib/dblink"'s handling of tables containing dropped
columns (Tom Lane)
* Fix connection leak after "duplicate connection name" errors in
"contrib/dblink" (Itagaki Takahiro)
* Fix "contrib/dblink" to handle connection names longer than 62
bytes correctly (Itagaki Takahiro)
* Update build infrastructure and documentation to reflect the source
code repository's move from CVS to Git (Magnus Hagander and others)
* Update time zone data files to tzdata release 2010l for DST law
changes in Egypt and Palestine; also historical corrections for
Finland.
This change also adds new names for two Micronesian timezones:
Pacific/Chuuk is now preferred over Pacific/Truk (and the preferred
abbreviation is CHUT not TRUT) and Pacific/Pohnpei is preferred
over Pacific/Ponape.


☆ postgresql-7.4.30
http://www.postgresql.org/
ftp://ftp.postgresql.org/pub/source/v7.4.30/postgresql-7.4.30.tar.gz

Release 7.4.30

Release date: 2010-10-04

This release contains a variety of fixes from 7.4.29. For information
about new features in the 7.4 major release, see the Section called
Release 7.4.

This is expected to be the last PostgreSQL release in the 7.4.X series.
Users are encouraged to update to a newer release branch soon.
__________________________________________________________________

Migration to Version 7.4.30

A dump/restore is not required for those running 7.4.X. However, if you
are upgrading from a version earlier than 7.4.26, see the release notes
for 7.4.26.
__________________________________________________________________

Changes

* Use a separate interpreter for each calling SQL userid in PL/Perl
and PL/Tcl (Tom Lane)
This change prevents security problems that can be caused by
subverting Perl or Tcl code that will be executed later in the same
session under another SQL user identity (for example, within a
SECURITY DEFINER function). Most scripting languages offer numerous
ways that that might be done, such as redefining standard functions
or operators called by the target function. Without this change,
any SQL user with Perl or Tcl language usage rights can do
essentially anything with the SQL privileges of the target
function's owner.
The cost of this change is that intentional communication among
Perl and Tcl functions becomes more difficult. To provide an escape
hatch, PL/PerlU and PL/TclU functions continue to use only one
interpreter per session. This is not considered a security issue
since all such functions execute at the trust level of a database
superuser already.
It is likely that third-party procedural languages that claim to
offer trusted execution have similar security issues. We advise
contacting the authors of any PL you are depending on for
security-critical purposes.
Our thanks to Tim Bunce for pointing out this issue
(CVE-2010-3433).
* Prevent possible crashes in pg_get_expr() by disallowing it from
being called with an argument that is not one of the system catalog
columns it's intended to be used with (Heikki Linnakangas, Tom
Lane)
* Fix "cannot handle unplanned sub-select" error (Tom Lane)
This occurred when a sub-select contains a join alias reference
that expands into an expression containing another sub-select.
* Take care to fsync the contents of lockfiles (both "postmaster.pid"
and the socket lockfile) while writing them (Tom Lane)
This omission could result in corrupted lockfile contents if the
machine crashes shortly after postmaster start. That could in turn
prevent subsequent attempts to start the postmaster from
succeeding, until the lockfile is manually removed.
* Improve "contrib/dblink"'s handling of tables containing dropped
columns (Tom Lane)
* Fix connection leak after "duplicate connection name" errors in
"contrib/dblink" (Itagaki Takahiro)
* Update build infrastructure and documentation to reflect the source
code repository's move from CVS to Git (Magnus Hagander and others)

----
こがよういちろう


投稿者 xml-rpc : 2010年10月 7日 20:12
役に立ちました?:
過去のフィードバック 平均:(0) 総合:(0) 投票回数:(0)
本記事へのTrackback: http://hoop.euqset.org/blog/mt-tb2006.cgi/98961
トラックバック
コメント
コメントする




画像の中に見える文字を入力してください。