Movatterモバイル変換

[0]ホーム
URL:

Skip to content

Navigation Menu

Sign in
Appearance settings

Search code, repositories, users, issues, pull requests...

Provide feedback

We read every piece of feedback, and take your input very seriously.

Saved searches

Use saved searches to filter your results more quickly

 Sign up
Appearance settings

Commit47a048f

Browse files
committed
Update release notes.
1 parent226a980 commit47a048f

File tree

1 file changed

+144
-49
lines changed

1 file changed

+144
-49
lines changed

‎doc/src/sgml/release.sgml‎

Lines changed: 144 additions & 49 deletions
Original file line numberDiff line numberDiff line change
@@ -1,5 +1,5 @@
11
<!--
2-
$PostgreSQL: pgsql/doc/src/sgml/release.sgml,v 1.422 2006/02/1218:13:10 momjian Exp $
2+
$PostgreSQL: pgsql/doc/src/sgml/release.sgml,v 1.423 2006/02/1222:35:26 tgl Exp $
33

44
Typical markup:
55

@@ -28,7 +28,8 @@ For new features, add links to the documentation sections.
2828
</note>
2929

3030
<para>
31-
This release contains a variety of fixes from 8.1.2.
31+
This release contains a variety of fixes from 8.1.2,
32+
including one very serious security issue.
3233
</para>
3334

3435
<sect2>
@@ -46,26 +47,47 @@ For new features, add links to the documentation sections.
4647

4748
<itemizedlist>
4849

49-
<listitem><para>Fix rare bug with row visibility logic in self-inserted
50-
rows (Tom)</para></listitem>
50+
<listitem><para>Fix bug that allowed any logged-in user to <command>SET
51+
ROLE</> to any other database user id (CVE-2006-0553)</para>
52+
<para>Due to inadequate validity checking, a user could exploit the special
53+
case that <command>SET ROLE</> normally uses to restore the previous role
54+
setting after an error. This allowed ordinary users to acquire superuser
55+
status, for example.
56+
The escalation-of-privilege risk exists only in 8.1.0-8.1.2.
57+
However, in all releases back to 7.3 there is a related bug in <command>SET
58+
SESSION AUTHORIZATION</> that allows unprivileged users to crash the server,
59+
if it has been compiled with Asserts enabled (which is not the default).
60+
Thanks to Akio Ishida for reporting this problem.
61+
</para></listitem>
62+
63+
<listitem><para>Fix bug with row visibility logic in self-inserted
64+
rows (Tom)</para>
65+
<para>Under rare circumstances a row inserted by the current command
66+
could be seen as already valid, when it should not be. Repairs bug
67+
created in 8.0.4, 7.4.9, and 7.3.11 releases.
68+
</para></listitem>
5169

52-
<listitem><para>Fixes for relation cache management and WAL file creation
70+
<listitem><para>Fix race condition that could lead to <quote>file already
71+
exists</> errors during pg_clog and pg_subtrans file creation
5372
(Tom)</para></listitem>
5473

74+
<listitem><para>Fix cases that could lead to crashes if a cache-invalidation
75+
message arrives at just the wrong time (Tom)</para></listitem>
76+
5577
<listitem><para>Properly check <literal>DOMAIN</> constraints for
5678
<literal>UNKNOWN</> parameters in prepared statements
5779
(Neil)</para></listitem>
5880

59-
<listitem><para>Change <command>ALTER COLUMN TYPE</>to drop
60-
<literal>FOREIGN KEY</> constraints before<literal>UNIQUE</> or
61-
<literal>PRIMARY KEY</> constraints (Nakano Yoshihisa)</para></listitem>
81+
<listitem><para>Ensure <command>ALTER COLUMN TYPE</>will process
82+
<literal>FOREIGN KEY</>,<literal>UNIQUE</>, and <literal>PRIMARY KEY</>
83+
constraints in the proper order (Nakano Yoshihisa)</para></listitem>
6284

63-
<listitem><para>Fix <literal>CREATE OPERATOR</>dumps that have
64-
cross-schema definitions (Tom)</para></listitem>
85+
<listitem><para>Fixes to allow restoringdumps that have cross-schema
86+
references to custom operators or operator classes (Tom)</para></listitem>
6587

66-
<listitem><para>Allow <application>pg_restore</> to continue after a
67-
<command>COPY</> failure, rather than treatingthe remainingstatements
68-
as<command>COPY</> data (Stephen Frost)</para></listitem>
88+
<listitem><para>Allow <application>pg_restore</> to continueproperlyafter a
89+
<command>COPY</> failure; formerly it tried to treatthe remaining
90+
<command>COPY</> data as SQL commands (Stephen Frost)</para></listitem>
6991

7092
<listitem><para>Fix <application>pg_ctl</> <literal>unregister</> crash
7193
when the data directory is not specified (Magnus)</para></listitem>
@@ -76,29 +98,38 @@ when the data directory is not specified (Magnus)</para></listitem>
7698
<listitem><para>Fix <application>ecpg</> crash on AMD64 and PPC
7799
(Neil)</para></listitem>
78100

79-
<listitem><para>Fix problem with argument passing with error reporting
101+
<listitem><para>Allow <literal>SETOF</> and <literal>%TYPE</> to be used
102+
together in function result type declarations</para></listitem>
103+
104+
<listitem><para>Recover properly if error occurs during argument passing
80105
in <application>PL/python</> (Neil)</para></listitem>
81106

82-
<listitem><para>Fix memory leak in <application>PL/perl</>'s row
83-
returning code(Neil)</para></listitem>
107+
<listitem><para>Fix memory leak in <function>plperl_return_next</>
108+
(Neil)</para></listitem>
84109

85110
<listitem><para>Fix <application>PL/perl</>'s handling of locales on
86111
Win32 to match the backend (Andrew)</para></listitem>
87112

88-
<listitem><para>Various optimizerimprovements (Tom)</para></listitem>
113+
<listitem><para>Various optimizerfixes (Tom)</para></listitem>
89114

90-
<listitem><para>Fix crash when <literal>log_min_messages</> is setin
91-
<literal>postgresql.conf</>to <literal>DEBUG5</> on Win32
115+
<listitem><para>Fix crash when <literal>log_min_messages</> is setto
116+
<literal>DEBUG3</>or above in <filename>postgresql.conf</> on Win32
92117
(Bruce)</para></listitem>
93118

94119
<listitem><para>Fix <application>pgxs</> <literal>-L</> library path
95-
specification for Win32 andCygwin (Bruce)</para></listitem>
120+
specification for Win32,Cygwin, OS X, AIX (Bruce)</para></listitem>
96121

97122
<listitem><para>Check that SID is enabled while checking for Win32 admin
98123
privileges (Magnus)</para></listitem>
99124

100-
<listitem><para>Portability fix for <function>finite</> and
101-
<function>isinf</> (Tom)</para></listitem>
125+
<listitem><para>Properly reject out-of-range date inputs (Kris
126+
Jurka)</para></listitem>
127+
128+
<listitem><para>Portability fix for testing presence of <function>finite</>
129+
and <function>isinf</> during configure (Tom)</para></listitem>
130+
131+
<listitem><para>Improve speed of <command>COPY IN</> via libpq, by
132+
avoiding a kernel call per data line (Alon Goldshuv)</para></listitem>
102133

103134
<listitem><para>Improve speed of <filename>/contrib/tsearch2</> index
104135
creation (Teodor)</para></listitem>
@@ -2437,7 +2468,9 @@ psql -t -f fixseq.sql db1 | psql -e db1
24372468
<title>Migration to version 8.0.7</title>
24382469

24392470
<para>
2440-
A dump/restore is not required for those running 8.0.X.
2471+
A dump/restore is not required for those running 8.0.X. However,
2472+
if you are upgrading from a version earlier than 8.0.6, see the release
2473+
notes for 8.0.6.
24412474
</para>
24422475
</sect2>
24432476

@@ -2446,48 +2479,70 @@ psql -t -f fixseq.sql db1 | psql -e db1
24462479

24472480
<itemizedlist>
24482481

2449-
<listitem><para>Fixes for relation cache management and WAL file creation
2482+
<listitem><para>Fix potential crash in <command>SET
2483+
SESSION AUTHORIZATION</> (CVE-2006-0553)</para>
2484+
<para>An unprivileged user could crash the server process, resulting in
2485+
momentary denial of service to other users, if the server has been compiled
2486+
with Asserts enabled (which is not the default).
2487+
Thanks to Akio Ishida for reporting this problem.
2488+
</para></listitem>
2489+
2490+
<listitem><para>Fix bug with row visibility logic in self-inserted
2491+
rows (Tom)</para>
2492+
<para>Under rare circumstances a row inserted by the current command
2493+
could be seen as already valid, when it should not be. Repairs bug
2494+
created in 8.0.4, 7.4.9, and 7.3.11 releases.
2495+
</para></listitem>
2496+
2497+
<listitem><para>Fix race condition that could lead to <quote>file already
2498+
exists</> errors during pg_clog and pg_subtrans file creation
24502499
(Tom)</para></listitem>
24512500

2501+
<listitem><para>Fix cases that could lead to crashes if a cache-invalidation
2502+
message arrives at just the wrong time (Tom)</para></listitem>
2503+
24522504
<listitem><para>Properly check <literal>DOMAIN</> constraints for
24532505
<literal>UNKNOWN</> parameters in prepared statements
24542506
(Neil)</para></listitem>
24552507

2456-
<listitem><para>Change <command>ALTER COLUMN TYPE</>to drop
2457-
<literal>FOREIGN KEY</> constraints before<literal>UNIQUE</> or
2458-
<literal>PRIMARY KEY</> constraints (Nakano Yoshihisa)</para></listitem>
2508+
<listitem><para>Ensure <command>ALTER COLUMN TYPE</>will process
2509+
<literal>FOREIGN KEY</>,<literal>UNIQUE</>, and <literal>PRIMARY KEY</>
2510+
constraints in the proper order (Nakano Yoshihisa)</para></listitem>
24592511

2460-
<listitem><para>Fix <literal>CREATE OPERATOR</>dumps that have
2461-
cross-schema definitions (Tom)</para></listitem>
2512+
<listitem><para>Fixes to allow restoringdumps that have cross-schema
2513+
references to custom operators or operator classes (Tom)</para></listitem>
24622514

2463-
<listitem><para>Allow <application>pg_restore</> to continue after a
2464-
<command>COPY</> failure, rather than treatingthe remainingstatements
2465-
as<command>COPY</> data (Stephen Frost)</para></listitem>
2515+
<listitem><para>Allow <application>pg_restore</> to continueproperlyafter a
2516+
<command>COPY</> failure; formerly it tried to treatthe remaining
2517+
<command>COPY</> data as SQL commands (Stephen Frost)</para></listitem>
24662518

24672519
<listitem><para>Fix <application>pg_ctl</> <literal>unregister</> crash
24682520
when the data directory is not specified (Magnus)</para></listitem>
24692521

24702522
<listitem><para>Fix <application>ecpg</> crash on AMD64 and PPC
24712523
(Neil)</para></listitem>
24722524

2473-
<listitem><para>Fix problem with argument passing with error reporting
2525+
<listitem><para>Recover properly if error occurs during argument passing
24742526
in <application>PL/python</> (Neil)</para></listitem>
24752527

24762528
<listitem><para>Fix <application>PL/perl</>'s handling of locales on
24772529
Win32 to match the backend (Andrew)</para></listitem>
24782530

2479-
<listitem><para>Fix crash when <literal>log_min_messages</> is setin
2480-
<literal>postgresql.conf</>to <literal>DEBUG5</> on Win32
2531+
<listitem><para>Fix crash when <literal>log_min_messages</> is setto
2532+
<literal>DEBUG3</>or above in <filename>postgresql.conf</> on Win32
24812533
(Bruce)</para></listitem>
24822534

24832535
<listitem><para>Fix <application>pgxs</> <literal>-L</> library path
2484-
specification for Win32 andCygwin (Bruce)</para></listitem>
2536+
specification for Win32,Cygwin, OS X, AIX (Bruce)</para></listitem>
24852537

24862538
<listitem><para>Check that SID is enabled while checking for Win32 admin
24872539
privileges (Magnus)</para></listitem>
24882540

2489-
<listitem><para>Portability fix for <function>finite</> and
2490-
<function>isinf</> (Tom)</para></listitem>
2541+
<listitem><para>Properly reject out-of-range date inputs (Kris
2542+
Jurka)</para></listitem>
2543+
2544+
<listitem><para>Portability fix for testing presence of <function>finite</>
2545+
and <function>isinf</> during configure (Tom)</para></listitem>
24912546

24922547
</itemizedlist>
24932548

@@ -5454,7 +5509,9 @@ typedefs (Michael)</para></listitem>
54545509
<title>Migration to version 7.4.12</title>
54555510

54565511
<para>
5457-
A dump/restore is not required for those running 7.4.X.
5512+
A dump/restore is not required for those running 7.4.X. However,
5513+
if you are upgrading from a version earlier than 7.4.11, see the release
5514+
notes for 7.4.11.
54585515
</para>
54595516
</sect2>
54605517

@@ -5463,21 +5520,34 @@ typedefs (Michael)</para></listitem>
54635520

54645521
<itemizedlist>
54655522

5466-
<listitem><para>Fixes for relation cache management and WAL file creation
5467-
(Tom)</para></listitem>
5523+
<listitem><para>Fix potential crash in <command>SET
5524+
SESSION AUTHORIZATION</> (CVE-2006-0553)</para>
5525+
<para>An unprivileged user could crash the server process, resulting in
5526+
momentary denial of service to other users, if the server has been compiled
5527+
with Asserts enabled (which is not the default).
5528+
Thanks to Akio Ishida for reporting this problem.
5529+
</para></listitem>
54685530

5469-
<listitem><para>Fix rare bug with row visibility logic in self-inserted
5470-
rows (Tom)</para></listitem>
5531+
<listitem><para>Fix bug with row visibility logic in self-inserted
5532+
rows (Tom)</para>
5533+
<para>Under rare circumstances a row inserted by the current command
5534+
could be seen as already valid, when it should not be. Repairs bug
5535+
created in 7.4.9 and 7.3.11 releases.
5536+
</para></listitem>
5537+
5538+
<listitem><para>Fix race condition that could lead to <quote>file already
5539+
exists</> errors during pg_clog file creation
5540+
(Tom)</para></listitem>
54715541

54725542
<listitem><para>Properly check <literal>DOMAIN</> constraints for
54735543
<literal>UNKNOWN</> parameters in prepared statements
54745544
(Neil)</para></listitem>
54755545

5476-
<listitem><para>Fix<literal>CREATE OPERATOR</>dumps that have
5477-
cross-schema definitions (Tom)</para></listitem>
5546+
<listitem><para>Fixto allow restoringdumps that have cross-schema
5547+
references to custom operators (Tom)</para></listitem>
54785548

5479-
<listitem><para>Portability fix for <function>finite</> and
5480-
<function>isinf</> (Tom)</para></listitem>
5549+
<listitem><para>Portability fix fortesting presence of<function>finite</>
5550+
and<function>isinf</> during configure (Tom)</para></listitem>
54815551

54825552
</itemizedlist>
54835553

@@ -8248,7 +8318,9 @@ DROP SCHEMA information_schema CASCADE;
82488318
<title>Migration to version 7.3.14</title>
82498319

82508320
<para>
8251-
A dump/restore is not required for those running 7.3.X.
8321+
A dump/restore is not required for those running 7.3.X. However,
8322+
if you are upgrading from a version earlier than 7.3.13, see the release
8323+
notes for 7.3.13.
82528324
</para>
82538325
</sect2>
82548326

@@ -8257,7 +8329,30 @@ DROP SCHEMA information_schema CASCADE;
82578329

82588330
<itemizedlist>
82598331

8260-
<listitem><para>PLACE HOLDER</para></listitem>
8332+
<listitem><para>Fix potential crash in <command>SET
8333+
SESSION AUTHORIZATION</> (CVE-2006-0553)</para>
8334+
<para>An unprivileged user could crash the server process, resulting in
8335+
momentary denial of service to other users, if the server has been compiled
8336+
with Asserts enabled (which is not the default).
8337+
Thanks to Akio Ishida for reporting this problem.
8338+
</para></listitem>
8339+
8340+
<listitem><para>Fix bug with row visibility logic in self-inserted
8341+
rows (Tom)</para>
8342+
<para>Under rare circumstances a row inserted by the current command
8343+
could be seen as already valid, when it should not be. Repairs bug
8344+
created in 7.3.11 release.
8345+
</para></listitem>
8346+
8347+
<listitem><para>Fix race condition that could lead to <quote>file already
8348+
exists</> errors during pg_clog file creation
8349+
(Tom)</para></listitem>
8350+
8351+
<listitem><para>Fix to allow restoring dumps that have cross-schema
8352+
references to custom operators (Tom)</para></listitem>
8353+
8354+
<listitem><para>Portability fix for testing presence of <function>finite</>
8355+
and <function>isinf</> during configure (Tom)</para></listitem>
82618356

82628357
</itemizedlist>
82638358

0 commit comments

Comments
 (0)
[8]ページ先頭
©2009-2025 Movatter.jp