|
1 | 1 | <!-- doc/src/sgml/release-8.3.sgml --> |
2 | 2 | <!-- See header comment in release.sgml about typical markup --> |
3 | 3 |
|
| 4 | + <sect1 id="release-8-3-20"> |
| 5 | + <title>Release 8.3.20</title> |
| 6 | + |
| 7 | + <note> |
| 8 | + <title>Release Date</title> |
| 9 | + <simpara>2012-08-17</simpara> |
| 10 | + </note> |
| 11 | + |
| 12 | + <para> |
| 13 | + This release contains a variety of fixes from 8.3.19. |
| 14 | + For information about new features in the 8.3 major release, see |
| 15 | + <xref linkend="release-8-3">. |
| 16 | + </para> |
| 17 | + |
| 18 | + <para> |
| 19 | + The <productname>PostgreSQL</> community will stop releasing updates |
| 20 | + for the 8.3.X release series in February 2013. |
| 21 | + Users are encouraged to update to a newer release branch soon. |
| 22 | + </para> |
| 23 | + |
| 24 | + <sect2> |
| 25 | + <title>Migration to Version 8.3.20</title> |
| 26 | + |
| 27 | + <para> |
| 28 | + A dump/restore is not required for those running 8.3.X. |
| 29 | + </para> |
| 30 | + |
| 31 | + <para> |
| 32 | + However, if you are upgrading from a version earlier than 8.3.17, |
| 33 | + see the release notes for 8.3.17. |
| 34 | + </para> |
| 35 | + |
| 36 | + </sect2> |
| 37 | + |
| 38 | + <sect2> |
| 39 | + <title>Changes</title> |
| 40 | + |
| 41 | + <itemizedlist> |
| 42 | + |
| 43 | + <listitem> |
| 44 | + <para> |
| 45 | + Prevent access to external files/URLs via XML entity references |
| 46 | + (Noah Misch, Tom Lane) |
| 47 | + </para> |
| 48 | + |
| 49 | + <para> |
| 50 | + <function>xml_parse()</> would attempt to fetch external files or |
| 51 | + URLs as needed to resolve DTD and entity references in an XML value, |
| 52 | + thus allowing unprivileged database users to attempt to fetch data |
| 53 | + with the privileges of the database server. While the external data |
| 54 | + wouldn't get returned directly to the user, portions of it could be |
| 55 | + exposed in error messages if the data didn't parse as valid XML; and |
| 56 | + in any case the mere ability to check existence of a file might be |
| 57 | + useful to an attacker. (CVE-2012-3489) |
| 58 | + </para> |
| 59 | + </listitem> |
| 60 | + |
| 61 | + <listitem> |
| 62 | + <para> |
| 63 | + Prevent access to external files/URLs via <filename>contrib/xml2</>'s |
| 64 | + <function>xslt_process()</> (Peter Eisentraut) |
| 65 | + </para> |
| 66 | + |
| 67 | + <para> |
| 68 | + <application>libxslt</> offers the ability to read and write both |
| 69 | + files and URLs through stylesheet commands, thus allowing |
| 70 | + unprivileged database users to both read and write data with the |
| 71 | + privileges of the database server. Disable that through proper use |
| 72 | + of <application>libxslt</>'s security options. (CVE-2012-3488) |
| 73 | + </para> |
| 74 | + |
| 75 | + <para> |
| 76 | + Also, remove <function>xslt_process()</>'s ability to fetch documents |
| 77 | + and stylesheets from external files/URLs. While this was a |
| 78 | + documented <quote>feature</>, it was long regarded as a bad idea. |
| 79 | + The fix for CVE-2012-3489 broke that capability, and rather than |
| 80 | + expend effort on trying to fix it, we're just going to summarily |
| 81 | + remove it. |
| 82 | + </para> |
| 83 | + </listitem> |
| 84 | + |
| 85 | + <listitem> |
| 86 | + <para> |
| 87 | + Prevent too-early recycling of btree index pages (Noah Misch) |
| 88 | + </para> |
| 89 | + |
| 90 | + <para> |
| 91 | + When we allowed read-only transactions to skip assigning XIDs, we |
| 92 | + introduced the possibility that a deleted btree page could be |
| 93 | + recycled while a read-only transaction was still in flight to it. |
| 94 | + This would result in incorrect index search results. The probability |
| 95 | + of such an error occurring in the field seems very low because of the |
| 96 | + timing requirements, but nonetheless it should be fixed. |
| 97 | + </para> |
| 98 | + </listitem> |
| 99 | + |
| 100 | + <listitem> |
| 101 | + <para> |
| 102 | + Fix crash-safety bug with newly-created-or-reset sequences (Tom Lane) |
| 103 | + </para> |
| 104 | + |
| 105 | + <para> |
| 106 | + If <command>ALTER SEQUENCE</> was executed on a freshly created or |
| 107 | + reset sequence, and then precisely one <function>nextval()</> call |
| 108 | + was made on it, and then the server crashed, WAL replay would restore |
| 109 | + the sequence to a state in which it appeared that no |
| 110 | + <function>nextval()</> had been done, thus allowing the first |
| 111 | + sequence value to be returned again by the next |
| 112 | + <function>nextval()</> call. In particular this could manifest for |
| 113 | + <type>serial</> columns, since creation of a serial column's sequence |
| 114 | + includes an <command>ALTER SEQUENCE OWNED BY</> step. |
| 115 | + </para> |
| 116 | + </listitem> |
| 117 | + |
| 118 | + <listitem> |
| 119 | + <para> |
| 120 | + Ensure the <filename>backup_label</> file is fsync'd after |
| 121 | + <function>pg_start_backup()</> (Dave Kerr) |
| 122 | + </para> |
| 123 | + </listitem> |
| 124 | + |
| 125 | + <listitem> |
| 126 | + <para> |
| 127 | + Back-patch 9.1 improvement to compress the fsync request queue |
| 128 | + (Robert Haas) |
| 129 | + </para> |
| 130 | + |
| 131 | + <para> |
| 132 | + This improves performance during checkpoints. The 9.1 change |
| 133 | + has now seen enough field testing to seem safe to back-patch. |
| 134 | + </para> |
| 135 | + </listitem> |
| 136 | + |
| 137 | + <listitem> |
| 138 | + <para> |
| 139 | + Only allow autovacuum to be auto-canceled by a directly blocked |
| 140 | + process (Tom Lane) |
| 141 | + </para> |
| 142 | + |
| 143 | + <para> |
| 144 | + The original coding could allow inconsistent behavior in some cases; |
| 145 | + in particular, an autovacuum could get canceled after less than |
| 146 | + <literal>deadlock_timeout</> grace period. |
| 147 | + </para> |
| 148 | + </listitem> |
| 149 | + |
| 150 | + <listitem> |
| 151 | + <para> |
| 152 | + Improve logging of autovacuum cancels (Robert Haas) |
| 153 | + </para> |
| 154 | + </listitem> |
| 155 | + |
| 156 | + <listitem> |
| 157 | + <para> |
| 158 | + Fix log collector so that <literal>log_truncate_on_rotation</> works |
| 159 | + during the very first log rotation after server start (Tom Lane) |
| 160 | + </para> |
| 161 | + </listitem> |
| 162 | + |
| 163 | + <listitem> |
| 164 | + <para> |
| 165 | + Ensure that a whole-row reference to a subquery doesn't include any |
| 166 | + extra <literal>GROUP BY</> or <literal>ORDER BY</> columns (Tom Lane) |
| 167 | + </para> |
| 168 | + </listitem> |
| 169 | + |
| 170 | + <listitem> |
| 171 | + <para> |
| 172 | + Disallow copying whole-row references in <literal>CHECK</> |
| 173 | + constraints and index definitions during <command>CREATE TABLE</> |
| 174 | + (Tom Lane) |
| 175 | + </para> |
| 176 | + |
| 177 | + <para> |
| 178 | + This situation can arise in <command>CREATE TABLE</> with |
| 179 | + <literal>LIKE</> or <literal>INHERITS</>. The copied whole-row |
| 180 | + variable was incorrectly labeled with the row type of the original |
| 181 | + table not the new one. Rejecting the case seems reasonable for |
| 182 | + <literal>LIKE</>, since the row types might well diverge later. For |
| 183 | + <literal>INHERITS</> we should ideally allow it, with an implicit |
| 184 | + coercion to the parent table's row type; but that will require more |
| 185 | + work than seems safe to back-patch. |
| 186 | + </para> |
| 187 | + </listitem> |
| 188 | + |
| 189 | + <listitem> |
| 190 | + <para> |
| 191 | + Fix memory leak in <literal>ARRAY(SELECT ...)</> subqueries (Heikki |
| 192 | + Linnakangas, Tom Lane) |
| 193 | + </para> |
| 194 | + </listitem> |
| 195 | + |
| 196 | + <listitem> |
| 197 | + <para> |
| 198 | + Fix extraction of common prefixes from regular expressions (Tom Lane) |
| 199 | + </para> |
| 200 | + |
| 201 | + <para> |
| 202 | + The code could get confused by quantified parenthesized |
| 203 | + subexpressions, such as <literal>^(foo)?bar</>. This would lead to |
| 204 | + incorrect index optimization of searches for such patterns. |
| 205 | + </para> |
| 206 | + </listitem> |
| 207 | + |
| 208 | + <listitem> |
| 209 | + <para> |
| 210 | + Report errors properly in <filename>contrib/xml2</>'s |
| 211 | + <function>xslt_process()</> (Tom Lane) |
| 212 | + </para> |
| 213 | + </listitem> |
| 214 | + |
| 215 | + <listitem> |
| 216 | + <para> |
| 217 | + Update time zone data files to <application>tzdata</> release 2012e |
| 218 | + for DST law changes in Morocco and Tokelau |
| 219 | + </para> |
| 220 | + </listitem> |
| 221 | + |
| 222 | + </itemizedlist> |
| 223 | + |
| 224 | + </sect2> |
| 225 | + </sect1> |
| 226 | + |
4 | 227 | <sect1 id="release-8-3-19"> |
5 | 228 | <title>Release 8.3.19</title> |
6 | 229 |
|
|