PostgreSQL 歷史版本列表 Page21

更新時間：2017-11-10
更新細節：

What's new in this version:

- Ensure that INSERT ..ON CONFLICT DO UPDATE checks table permissions and RLS policies in all cases (Dean Rasheed)
- The update path of INSERT ..ON CONFLICT DO UPDATE requires SELECT permission on the columns of the arbiter index, but it failed to check for that in the case of an arbiter specified by constraint nameIn addition, for a table with row level security enabled, it failed to check updated rows against the table's SELECT policies (regardless of how the arbiter index was specified)(CVE-2017-15099)
- Fix crash due to rowtype mismatch in json{b}_populate_recordset() (Michael Paquier, Tom Lane)
- These functions used the result rowtype specified in the FROM ..AS clause without checking that it matched the actual rowtype of the supplied tuple valueIf it didn't, that would usually result in a crash, though disclosure of server memory contents seems possible as well(CVE-2017-15098)
- Fix sample server-start scripts to become $PGUSER before opening $PGLOG (Noah Misch)
- Previously, the postmaster log file was opened while still running as rootThe database owner could therefore mount an attack against another system user by making $PGLOG be a symbolic link to some other file, which would then become corrupted by appending log messages.
- By default, these scripts are not installed anywhereUsers who have made use of them will need to manually recopy them, or apply the same changes to their modified versionsIf the existing $PGLOG file is root-owned, it will need to be removed or renamed out of the way before restarting the server with the corrected script(CVE-2017-12172)
- Fix BRIN index summarization to handle concurrent table extension correctly (Álvaro Herrera)
- Previously, a race condition allowed some table rows to be omitted from the indexIt may be necessary to reindex existing BRIN indexes to recover from past occurrences of this problem.
- Fix possible failures during concurrent updates of a BRIN index (Tom Lane)
- These race conditions could result in errors like “invalid index offnum” or “inconsistent range map”.
- Prevent logical replication from setting non-replicated columns to nulls when replicating an UPDATE (Petr Jelinek)
- Fix logical replication to fire BEFORE ROW DELETE triggers when expected (Masahiko Sawada)
- Previously, that failed to happen unless the table also had a BEFORE ROW UPDATE trigger.
- Fix crash when logical decoding is invoked from a SPI-using function, in particular any function written in a PL language (Tom Lane)
- Ignore CTEs when looking up the target table for INSERT/UPDATE/DELETE, and prevent matching schema-qualified target table names to trigger transition table names (Thomas Munro)
- This restores the pre-v10 behavior for CTEs attached to DML commands.
- Avoid evaluating an aggregate function's argument expression(s) at rows where its FILTER test fails (Tom Lane)
- This restores the pre-v10 (and SQL-standard) behavior.
- Fix incorrect query results when multiple GROUPING SETS columns contain the same simple variable (Tom Lane)
- Fix query-lifespan memory leakage while evaluating a set-returning function in a SELECT's target list (Tom Lane)
- Allow parallel execution of prepared statements with generic plans (Amit Kapila, Kuntal Ghosh)
- Fix incorrect parallelization decisions for nested queries (Amit Kapila, Kuntal Ghosh)
- Fix parallel query handling to not fail when a recently-used role is dropped (Amit Kapila)
- Fix crash in parallel execution of a bitmap scan having a BitmapAnd plan node below a BitmapOr node (Dilip Kumar)
- Fix json_build_array(), json_build_object(), and their jsonb equivalents to handle explicit VARIADIC arguments correctly (Michael Paquier)
- Fix autovacuum's “work item” logic to prevent possible crashes and silent loss of work items (Álvaro Herrera)
- Fix corner-case crashes when columns have been added to the end of a view (Tom Lane)
- Record proper dependencies when a view or rule contains FieldSelect or FieldStore expression nodes (Tom Lane)
- Lack of these dependencies could allow a column or data type DROP to go through when it ought to fail, thereby causing later uses of the view or rule to get errorsThis patch does not do anything to protect existing views/rules, only ones created in the future.
- Correctly detect hashability of range data types (Tom Lane)
- The planner mistakenly assumed that any range type could be hashed for use in hash joins or hash aggregation, but actually it must check whether the range's subtype has hash supportThis does not affect any of the built-in range types, since they're all hashable anyway.
- Correctly ignore RelabelType expression nodes when examining functional-dependency statistics (David Rowley)
- This allows, e.g., extended statistics on varchar columns to be used properly.
- Prevent sharing transition states between ordered-set aggregates (David Rowley)
- This causes a crash with the built-in ordered-set aggregates, and probably with user-written ones as wellv11 and later will include provisions for dealing with such cases safely, but in released branches, just disable the optimization.
- Prevent idle_in_transaction_session_timeout from being ignored when a statement_timeout occurred earlier (Lukas Fittl)
- Fix low-probability loss of NOTIFY messages due to XID wraparound (Marko Tiikkaja, Tom Lane)
- If a session executed no queries, but merely listened for notifications, for more than 2 billion transactions, it started to miss some notifications from concurrently-committing transactions.
- Reduce the frequency of data flush requests during bulk file copies to avoid performance problems on macOS, particularly with its new APFS file system (Tom Lane)
- Allow COPY's FREEZE option to work when the transaction isolation level is REPEATABLE READ or higher (Noah Misch)
- This case was unintentionally broken by a previous bug fix.
- Fix AggGetAggref() to return the correct Aggref nodes to aggregate final functions whose transition calculations have been merged (Tom Lane)
- Fix insufficient schema-qualification in some new queries in pg_dump and psql (Vitaly Burovoy, Tom Lane, Noah Misch)
- Avoid use of @> operator in psql's queries for d (Tom Lane)
- This prevents problems when the parray_gin extension is installed, since that defines a conflicting operator.
- Fix pg_basebackup's matching of tablespace paths to canonicalize both paths before comparing (Michael Paquier)
- This is particularly helpful on Windows.
- Fix libpq to not require user's home directory to exist (Tom Lane)
- In v10, failure to find the home directory while trying to read ~/.pgpass was treated as a hard error, but it should just cause that file to not be foundBoth v10 and previous release branches made the same mistake when reading ~/.pg_service.conf, though this was less obvious since that file is not sought unless a service name is specified.
- In ecpglib, correctly handle backslashes in string literals depending on whether standard_conforming_strings is set (Tsunakawa Takayuki)
- Make ecpglib's Informix-compatibility mode ignore fractional digits in integer input strings, as expected (Gao Zengqi, Michael Meskes)
- Fix missing temp-install prerequisites for check-like Make targets (Noah Misch)
- Some non-default test procedures that are meant to work like make check failed to ensure that the temporary installation was up to date.
- Update time zone data files to tzdata release 2017c for DST law changes in Fiji, Namibia, Northern Cyprus, Sudan, Tonga, and Turks & Caicos Islands, plus historical corrections for Alaska, Apia, Burma, Calcutta, Detroit, Ireland, Namibia, and Pago Pago.
- In the documentation, restore HTML anchors to being upper-case strings (Peter Eisentraut)
- Due to a toolchain change, the 10.0 user manual had lower-case strings for intrapage anchors, thus breaking some external links into our website documentationReturn to our previous convention of using upper-case strings

更新時間：2017-11-10
更新細節：

What's new in this version:

- Ensure that INSERT ..ON CONFLICT DO UPDATE checks table permissions and RLS policies in all cases (Dean Rasheed)
- The update path of INSERT ..ON CONFLICT DO UPDATE requires SELECT permission on the columns of the arbiter index, but it failed to check for that in the case of an arbiter specified by constraint nameIn addition, for a table with row level security enabled, it failed to check updated rows against the table's SELECT policies (regardless of how the arbiter index was specified)(CVE-2017-15099)
- Fix crash due to rowtype mismatch in json{b}_populate_recordset() (Michael Paquier, Tom Lane)
- These functions used the result rowtype specified in the FROM ..AS clause without checking that it matched the actual rowtype of the supplied tuple valueIf it didn't, that would usually result in a crash, though disclosure of server memory contents seems possible as well(CVE-2017-15098)
- Fix sample server-start scripts to become $PGUSER before opening $PGLOG (Noah Misch)
- Previously, the postmaster log file was opened while still running as rootThe database owner could therefore mount an attack against another system user by making $PGLOG be a symbolic link to some other file, which would then become corrupted by appending log messages.
- By default, these scripts are not installed anywhereUsers who have made use of them will need to manually recopy them, or apply the same changes to their modified versionsIf the existing $PGLOG file is root-owned, it will need to be removed or renamed out of the way before restarting the server with the corrected script(CVE-2017-12172)
- Fix BRIN index summarization to handle concurrent table extension correctly (Álvaro Herrera)
- Previously, a race condition allowed some table rows to be omitted from the indexIt may be necessary to reindex existing BRIN indexes to recover from past occurrences of this problem.
- Fix possible failures during concurrent updates of a BRIN index (Tom Lane)
- These race conditions could result in errors like “invalid index offnum” or “inconsistent range map”.
- Prevent logical replication from setting non-replicated columns to nulls when replicating an UPDATE (Petr Jelinek)
- Fix logical replication to fire BEFORE ROW DELETE triggers when expected (Masahiko Sawada)
- Previously, that failed to happen unless the table also had a BEFORE ROW UPDATE trigger.
- Fix crash when logical decoding is invoked from a SPI-using function, in particular any function written in a PL language (Tom Lane)
- Ignore CTEs when looking up the target table for INSERT/UPDATE/DELETE, and prevent matching schema-qualified target table names to trigger transition table names (Thomas Munro)
- This restores the pre-v10 behavior for CTEs attached to DML commands.
- Avoid evaluating an aggregate function's argument expression(s) at rows where its FILTER test fails (Tom Lane)
- This restores the pre-v10 (and SQL-standard) behavior.
- Fix incorrect query results when multiple GROUPING SETS columns contain the same simple variable (Tom Lane)
- Fix query-lifespan memory leakage while evaluating a set-returning function in a SELECT's target list (Tom Lane)
- Allow parallel execution of prepared statements with generic plans (Amit Kapila, Kuntal Ghosh)
- Fix incorrect parallelization decisions for nested queries (Amit Kapila, Kuntal Ghosh)
- Fix parallel query handling to not fail when a recently-used role is dropped (Amit Kapila)
- Fix crash in parallel execution of a bitmap scan having a BitmapAnd plan node below a BitmapOr node (Dilip Kumar)
- Fix json_build_array(), json_build_object(), and their jsonb equivalents to handle explicit VARIADIC arguments correctly (Michael Paquier)
- Fix autovacuum's “work item” logic to prevent possible crashes and silent loss of work items (Álvaro Herrera)
- Fix corner-case crashes when columns have been added to the end of a view (Tom Lane)
- Record proper dependencies when a view or rule contains FieldSelect or FieldStore expression nodes (Tom Lane)
- Lack of these dependencies could allow a column or data type DROP to go through when it ought to fail, thereby causing later uses of the view or rule to get errorsThis patch does not do anything to protect existing views/rules, only ones created in the future.
- Correctly detect hashability of range data types (Tom Lane)
- The planner mistakenly assumed that any range type could be hashed for use in hash joins or hash aggregation, but actually it must check whether the range's subtype has hash supportThis does not affect any of the built-in range types, since they're all hashable anyway.
- Correctly ignore RelabelType expression nodes when examining functional-dependency statistics (David Rowley)
- This allows, e.g., extended statistics on varchar columns to be used properly.
- Prevent sharing transition states between ordered-set aggregates (David Rowley)
- This causes a crash with the built-in ordered-set aggregates, and probably with user-written ones as wellv11 and later will include provisions for dealing with such cases safely, but in released branches, just disable the optimization.
- Prevent idle_in_transaction_session_timeout from being ignored when a statement_timeout occurred earlier (Lukas Fittl)
- Fix low-probability loss of NOTIFY messages due to XID wraparound (Marko Tiikkaja, Tom Lane)
- If a session executed no queries, but merely listened for notifications, for more than 2 billion transactions, it started to miss some notifications from concurrently-committing transactions.
- Reduce the frequency of data flush requests during bulk file copies to avoid performance problems on macOS, particularly with its new APFS file system (Tom Lane)
- Allow COPY's FREEZE option to work when the transaction isolation level is REPEATABLE READ or higher (Noah Misch)
- This case was unintentionally broken by a previous bug fix.
- Fix AggGetAggref() to return the correct Aggref nodes to aggregate final functions whose transition calculations have been merged (Tom Lane)
- Fix insufficient schema-qualification in some new queries in pg_dump and psql (Vitaly Burovoy, Tom Lane, Noah Misch)
- Avoid use of @> operator in psql's queries for d (Tom Lane)
- This prevents problems when the parray_gin extension is installed, since that defines a conflicting operator.
- Fix pg_basebackup's matching of tablespace paths to canonicalize both paths before comparing (Michael Paquier)
- This is particularly helpful on Windows.
- Fix libpq to not require user's home directory to exist (Tom Lane)
- In v10, failure to find the home directory while trying to read ~/.pgpass was treated as a hard error, but it should just cause that file to not be foundBoth v10 and previous release branches made the same mistake when reading ~/.pg_service.conf, though this was less obvious since that file is not sought unless a service name is specified.
- In ecpglib, correctly handle backslashes in string literals depending on whether standard_conforming_strings is set (Tsunakawa Takayuki)
- Make ecpglib's Informix-compatibility mode ignore fractional digits in integer input strings, as expected (Gao Zengqi, Michael Meskes)
- Fix missing temp-install prerequisites for check-like Make targets (Noah Misch)
- Some non-default test procedures that are meant to work like make check failed to ensure that the temporary installation was up to date.
- Update time zone data files to tzdata release 2017c for DST law changes in Fiji, Namibia, Northern Cyprus, Sudan, Tonga, and Turks & Caicos Islands, plus historical corrections for Alaska, Apia, Burma, Calcutta, Detroit, Ireland, Namibia, and Pago Pago.
- In the documentation, restore HTML anchors to being upper-case strings (Peter Eisentraut)
- Due to a toolchain change, the 10.0 user manual had lower-case strings for intrapage anchors, thus breaking some external links into our website documentationReturn to our previous convention of using upper-case strings

更新時間：2017-10-06
更新細節：

What's new in this version:

Logical Replication - A publish/subscribe framework for distributing data:
- Logical replication extends the current replication features of PostgreSQL with the ability to send modifications on a per-database and per-table level to different PostgreSQL databases. Users can now fine-tune the data replicated to various database clusters and will have the ability to perform zero-downtime upgrades to future major PostgreSQL versions

Declarative Table Partitioning - Convenience in dividing your data:
- Table partitioning has existed for years in PostgreSQL but required a user to maintain a nontrivial set of rules and triggers for the partitioning to work. PostgreSQL 10 introduces a table partitioning syntax that lets users easily create and maintain range and list partitioned tables. The addition of the partitioning syntax is the first step in a series of planned features to provide a robust partitioning framework within PostgreSQL

Improved Query Parallelism - Quickly conquer your analysis:
- PostgreSQL 10 provides better support for parallelized queries by allowing more parts of the query execution process to be parallelized. Improvements include additional types of data scans that are parallelized as well as optimizations when the data is recombined, such as pre-sorting. These enhancements allow results to be returned more quickly

Quorum Commit for Synchronous Replication - Distribute data with confidence:
- PostgreSQL 10 introduces quorum commit for synchronous replication, which allows for flexibility in how a primary database receives acknowledgement that changes were successfully written to remote replicas. An administrator can now specify that if any number of replicas has acknowledged that a change to the database has been made, then the data can be considered safely written

SCRAM-SHA-256 authentication - Secure your data access:
- The Salted Challenge Response Authentication Mechanism (SCRAM) defined in RFC5802 defines a protocol to improve upon the secure storage and transmission of passwords by providing a framework for strong password negotiation. PostgreSQL 10 introduces the SCRAM-SHA-256 authentication method, defined in RFC7677, to provide better security than the existing MD5-based password authentication method

更新時間：2017-10-06
更新細節：

What's new in this version:

Logical Replication - A publish/subscribe framework for distributing data:
- Logical replication extends the current replication features of PostgreSQL with the ability to send modifications on a per-database and per-table level to different PostgreSQL databases. Users can now fine-tune the data replicated to various database clusters and will have the ability to perform zero-downtime upgrades to future major PostgreSQL versions

Declarative Table Partitioning - Convenience in dividing your data:
- Table partitioning has existed for years in PostgreSQL but required a user to maintain a nontrivial set of rules and triggers for the partitioning to work. PostgreSQL 10 introduces a table partitioning syntax that lets users easily create and maintain range and list partitioned tables. The addition of the partitioning syntax is the first step in a series of planned features to provide a robust partitioning framework within PostgreSQL

Improved Query Parallelism - Quickly conquer your analysis:
- PostgreSQL 10 provides better support for parallelized queries by allowing more parts of the query execution process to be parallelized. Improvements include additional types of data scans that are parallelized as well as optimizations when the data is recombined, such as pre-sorting. These enhancements allow results to be returned more quickly

Quorum Commit for Synchronous Replication - Distribute data with confidence:
- PostgreSQL 10 introduces quorum commit for synchronous replication, which allows for flexibility in how a primary database receives acknowledgement that changes were successfully written to remote replicas. An administrator can now specify that if any number of replicas has acknowledged that a change to the database has been made, then the data can be considered safely written

SCRAM-SHA-256 authentication - Secure your data access:
- The Salted Challenge Response Authentication Mechanism (SCRAM) defined in RFC5802 defines a protocol to improve upon the secure storage and transmission of passwords by providing a framework for strong password negotiation. PostgreSQL 10 introduces the SCRAM-SHA-256 authentication method, defined in RFC7677, to provide better security than the existing MD5-based password authentication method

更新時間：2017-09-01
更新細節：

What's new in this version:

Bug Fixes and Improvements:
This update also fixes a number of bugs reported in the last few weeks. Some of these issues affect only version 9.6, but many affect all supported versions:
- Show foreign tables in information_schema.table_privileges view. This fix applies to new databases, see the release notes for the procedure to apply the fix to an existing database.
- Correctly identify columns that are of a range type or domain type over a composite type or domain type being searched for
- Prevent crash when passing fixed-length pass-by-reference data types to parallel worker processes
- Change ecpg’s parser to allow RETURNING clauses without attached C variables
- Change ecpg’s parser to recognize backslash continuation of C preprocessor command lines
- Improve selection of compiler flags for PL/Perl on Windows

更新時間：2017-09-01
更新細節：

What's new in this version:

Bug Fixes and Improvements:
This update also fixes a number of bugs reported in the last few weeks. Some of these issues affect only version 9.6, but many affect all supported versions:
- Show foreign tables in information_schema.table_privileges view. This fix applies to new databases, see the release notes for the procedure to apply the fix to an existing database.
- Correctly identify columns that are of a range type or domain type over a composite type or domain type being searched for
- Prevent crash when passing fixed-length pass-by-reference data types to parallel worker processes
- Change ecpg’s parser to allow RETURNING clauses without attached C variables
- Change ecpg’s parser to recognize backslash continuation of C preprocessor command lines
- Improve selection of compiler flags for PL/Perl on Windows

更新時間：2017-08-12
更新細節：

What's new in this version:

Three security vulnerabilities have been closed by this release:
- CVE-2017-7546: Empty password accepted in some authentication methods
- CVE-2017-7547: The "pg_user_mappings" catalog view discloses passwords to users lacking server privileges
- CVE-2017-7548: lo_put() function ignores ACLs

Bug Fixes and Improvements:
This update also fixes a number of bugs reported in the last few months. Some of these issues affect only version 9.6, but many affect all supported versions:
- pg_upgrade: corrected the documentation about the process for upgrading standby servers to ensure the primary and standbys synchronized safely. Also includes a fix to ensure the last WAL record does not have "wal_level = minimum" which would prevent standbys from connecting upon restart
- Fix for issue with a concurrent locking race condition that could cause some of the updates to fail
- Several fixes for low probability data corruption scenarios
- Fix to prevent crash when sorting more than one billion tuples in-memory
- Fix on Windows to retry creating a process if shared memory addresses could not be allocated, typically caused from antivirus software interference
- Fix in libpq to ensure that failed connection attempts using GSS/SASL and SSPI authentication are reset properly
- Fixes for SSL connection handling and logging
- Fix to allow window functions to be used in sub-SELECT statements that are within the arguments of an aggregate function
- Allow parallelism in the query plan when COPY when copying from a query
- Several fixes to ALTER TABLE
- Fix to ensure that ALTER USER ... SET and ALTER ROLE ... SET accepts the same syntax variants
- Fixes for the statistics collector, ensuring statistics requests made just after a postmaster shutdown request will be written to disk
- Fix possible creation of an invalid WAL segment during standby promotion
- Several walsender / walreceiver fixes, particularly around signal handling and shutdowns / restarts
- Several logic decoding fixes, including removing leakage of small subtransactions to disk
- Allow a CHECK constraints to be initially NOT VALID when executing CREATE FOREIGN TABLE
- Fixes to postgres_fdw for applying changes promptly after ALTER SERVER / ALTER USER MAPPING commands and improving ability to escape from an unresponsive server
- Several fixes for pg_dump and pg_restore, including a fix for pg_dump output to stdout on Windows
- Fix pg_basebackup output to stdout on Windows, similar to the fix for pg_dump
- Fix pg_rewind to correctly handle files exceeding 2GB, though files of such size should rarely appear in a data directory
- Several fixes for building PostgreSQL with Microsoft Visual C (MSVC), primarily around sourcing libraries

更新時間：2017-08-12
更新細節：

What's new in this version:

Three security vulnerabilities have been closed by this release:
- CVE-2017-7546: Empty password accepted in some authentication methods
- CVE-2017-7547: The "pg_user_mappings" catalog view discloses passwords to users lacking server privileges
- CVE-2017-7548: lo_put() function ignores ACLs

Bug Fixes and Improvements:
This update also fixes a number of bugs reported in the last few months. Some of these issues affect only version 9.6, but many affect all supported versions:
- pg_upgrade: corrected the documentation about the process for upgrading standby servers to ensure the primary and standbys synchronized safely. Also includes a fix to ensure the last WAL record does not have "wal_level = minimum" which would prevent standbys from connecting upon restart
- Fix for issue with a concurrent locking race condition that could cause some of the updates to fail
- Several fixes for low probability data corruption scenarios
- Fix to prevent crash when sorting more than one billion tuples in-memory
- Fix on Windows to retry creating a process if shared memory addresses could not be allocated, typically caused from antivirus software interference
- Fix in libpq to ensure that failed connection attempts using GSS/SASL and SSPI authentication are reset properly
- Fixes for SSL connection handling and logging
- Fix to allow window functions to be used in sub-SELECT statements that are within the arguments of an aggregate function
- Allow parallelism in the query plan when COPY when copying from a query
- Several fixes to ALTER TABLE
- Fix to ensure that ALTER USER ... SET and ALTER ROLE ... SET accepts the same syntax variants
- Fixes for the statistics collector, ensuring statistics requests made just after a postmaster shutdown request will be written to disk
- Fix possible creation of an invalid WAL segment during standby promotion
- Several walsender / walreceiver fixes, particularly around signal handling and shutdowns / restarts
- Several logic decoding fixes, including removing leakage of small subtransactions to disk
- Allow a CHECK constraints to be initially NOT VALID when executing CREATE FOREIGN TABLE
- Fixes to postgres_fdw for applying changes promptly after ALTER SERVER / ALTER USER MAPPING commands and improving ability to escape from an unresponsive server
- Several fixes for pg_dump and pg_restore, including a fix for pg_dump output to stdout on Windows
- Fix pg_basebackup output to stdout on Windows, similar to the fix for pg_dump
- Fix pg_rewind to correctly handle files exceeding 2GB, though files of such size should rarely appear in a data directory
- Several fixes for building PostgreSQL with Microsoft Visual C (MSVC), primarily around sourcing libraries

更新時間：2017-05-12
更新細節：

What's new in this version:

- Restrict visibility of pg_user_mappings.umoptions, to protect passwords stored as user mapping options
- Prevent exposure of statistical information via leaky operators
- Restore libpq's recognition of the PGREQUIRESSL environment variable
- Fix possibly-invalid initial snapshot during logical decoding
- Fix possible corruption of "init forks" of unlogged indexes
- Fix incorrect reconstruction of pg_subtrans entries when a standby server replays a prepared but uncommitted two-phase transaction
- Avoid possible crash in walsender due to failure to initialize a string buffer
- Fix possible crash when rescanning a nearest-neighbor index-only scan on a GiST index
- Prevent delays in postmaster's launching of multiple parallel worker processes
- Fix postmaster's handling of fork() failure for a background worker process
- Fix possible "no relation entry for relid 0" error when planning nested set operations
- Fix assorted minor issues in planning of parallel queries
- Avoid applying "physical targetlist" optimization to custom scans
- Use the correct sub-expression when applying a FOR ALL row-level-security policy
- Ensure parsing of queries in extension scripts sees the results of immediately-preceding DDL
- Skip tablespace privilege checks when ALTER TABLE ... ALTER COLUMN TYPE rebuilds an existing index
- Fix ALTER TABLE ... VALIDATE CONSTRAINT to not recurse to child tables when the constraint is marked NO INHERIT
- Avoid dangling pointer in COPY ... TO when row-level security is active for the source table
- Avoid accessing an already-closed relcache entry in CLUSTER and VACUUM FULL
- Fix VACUUM to account properly for pages that could not be scanned due to conflicting page pins
- Ensure that bulk-tuple-transfer loops within a hash join are interruptible by query cancel requests
- Fix incorrect support for certain box operators in SP-GiST
- Fix integer-overflow problems in interval comparison
- Fix cursor_to_xml() to produce valid output with tableforest = false
- Fix roundoff problems in float8_timestamptz() and make_interval()
- These functions truncated, rather than rounded, when converting a floating-point value to integer microseconds; that could cause unexpectedly off-by-one results.
- Fix pg_get_object_address() to handle members of operator families correctly
- Fix cancelling of pg_stop_backup() when attempting to stop a non-exclusive backup
- If pg_stop_backup() was cancelled while waiting for a non-exclusive backup to end, related state was left inconsistent; a new exclusive backup could not be started, and there were other minor problems.
- Improve performance of pg_timezone_names view
- Reduce memory management overhead for contexts containing many large blocks
- Fix sloppy handling of corner-case errors from lseek() and close()
- Neither of these system calls are likely to fail in typical situations, but if they did, fd.c could get quite confused.
- Fix incorrect check for whether postmaster is running as a Windows service
- This could result in attempting to write to the event log when that isn't accessible, so that no logging happens at all.
- Fix ecpg to support COMMIT PREPARED and ROLLBACK PREPARED
- Fix a double-free error when processing dollar-quoted string literals in ecpg
- Fix pgbench to handle the combination of --connect and --rate options correctly
- Fix pgbench to honor the long-form option spelling --builtin, as per its documentation
- Fix pg_dump/pg_restore to correctly handle privileges for the public schema when using --clean option
- Other schemas start out with no privileges granted, but public does not; this requires special-case treatment when it is dropped and restored due to the --clean option.
- In pg_dump, fix incorrect schema and owner marking for comments and security labels of some types of database objects
- In simple cases this caused no ill effects; but for example, a schema-selective restore might omit comments it should include, because they were not marked as belonging to the schema of their associated object.
- Fix typo in pg_dump's query for initial privileges of a procedural language
- This resulted in pg_dump always believing that the language had no initial privileges. Since that's true for most procedural languages, ill effects from this bug are probably rare.
- Avoid emitting an invalid list file in pg_restore -l when SQL object names contain newlines
- Replace newlines by spaces, which is sufficient to make the output valid for pg_restore -L's purposes
- Fix pg_upgrade to transfer comments and security labels attached to "large objects" (blobs)
- Previously, blobs were correctly transferred to the new database, but any comments or security labels attached to them were lost
- Improve error handling in contrib/adminpack's pg_file_write() function
- Notably, it failed to detect errors reported by fclose().
- In contrib/dblink, avoid leaking the previous unnamed connection when establishing a new unnamed connection
- Fix contrib/pg_trgm's extraction of trigrams from regular expressions
- In some cases it would produce a broken data structure that could never match anything, leading to GIN or GiST indexscans that use a trigram index not finding any matches to the regular expression.
- In contrib/postgres_fdw, allow join conditions that contain shippable extension-provided functions to be pushed to the remote server
- Support Tcl 8.6 in MSVC builds
- Sync our copy of the timezone library with IANA release tzcode2017b
- This fixes a bug affecting some DST transitions in January 2038.
- Update time zone data files to tzdata release 2017b for DST law changes in Chile, Haiti, and Mongolia, plus historical corrections for Ecuador, Kazakhstan, Liberia, and Spain. Switch to numeric abbreviations for numerous time zones in South America, the Pacific and Indian oceans, and some Asian and Middle Eastern countries.
- The IANA time zone database previously provided textual abbreviations for all time zones, sometimes making up abbreviations that have little or no currency among the local population. They are in process of reversing that policy in favor of using numeric UTC offsets in zones where there is no evidence of real-world use of an English abbreviation. At least for the time being, PostgreSQL will continue to accept such removed abbreviations for timestamp input. But they will not be shown in the pg_timezone_names view nor used for output.
- Use correct daylight-savings rules for POSIX-style time zone names in MSVC builds
- The Microsoft MSVC build scripts neglected to install the posixrules file in the timezone directory tree. This resulted in the timezone code falling back to its built-in rule about what DST behavior to assume for a POSIX-style time zone name. For historical reasons that still corresponds to the DST rules the USA was using before 2007 (i.e., change on first Sunday in April and last Sunday in October). With this fix, a POSIX-style zone name will use the current and historical DST transition dates of the US/Eastern zone. If you don't want that, remove the posixrules file, or replace it with a copy of some other zone file (see Section 8.5.3). Note that due to caching, you may need to restart the server to get such changes to take effect.

更新時間：2017-05-12
更新細節：

What's new in this version:

- Restrict visibility of pg_user_mappings.umoptions, to protect passwords stored as user mapping options
- Prevent exposure of statistical information via leaky operators
- Restore libpq's recognition of the PGREQUIRESSL environment variable
- Fix possibly-invalid initial snapshot during logical decoding
- Fix possible corruption of "init forks" of unlogged indexes
- Fix incorrect reconstruction of pg_subtrans entries when a standby server replays a prepared but uncommitted two-phase transaction
- Avoid possible crash in walsender due to failure to initialize a string buffer
- Fix possible crash when rescanning a nearest-neighbor index-only scan on a GiST index
- Prevent delays in postmaster's launching of multiple parallel worker processes
- Fix postmaster's handling of fork() failure for a background worker process
- Fix possible "no relation entry for relid 0" error when planning nested set operations
- Fix assorted minor issues in planning of parallel queries
- Avoid applying "physical targetlist" optimization to custom scans
- Use the correct sub-expression when applying a FOR ALL row-level-security policy
- Ensure parsing of queries in extension scripts sees the results of immediately-preceding DDL
- Skip tablespace privilege checks when ALTER TABLE ... ALTER COLUMN TYPE rebuilds an existing index
- Fix ALTER TABLE ... VALIDATE CONSTRAINT to not recurse to child tables when the constraint is marked NO INHERIT
- Avoid dangling pointer in COPY ... TO when row-level security is active for the source table
- Avoid accessing an already-closed relcache entry in CLUSTER and VACUUM FULL
- Fix VACUUM to account properly for pages that could not be scanned due to conflicting page pins
- Ensure that bulk-tuple-transfer loops within a hash join are interruptible by query cancel requests
- Fix incorrect support for certain box operators in SP-GiST
- Fix integer-overflow problems in interval comparison
- Fix cursor_to_xml() to produce valid output with tableforest = false
- Fix roundoff problems in float8_timestamptz() and make_interval()
- These functions truncated, rather than rounded, when converting a floating-point value to integer microseconds; that could cause unexpectedly off-by-one results.
- Fix pg_get_object_address() to handle members of operator families correctly
- Fix cancelling of pg_stop_backup() when attempting to stop a non-exclusive backup
- If pg_stop_backup() was cancelled while waiting for a non-exclusive backup to end, related state was left inconsistent; a new exclusive backup could not be started, and there were other minor problems.
- Improve performance of pg_timezone_names view
- Reduce memory management overhead for contexts containing many large blocks
- Fix sloppy handling of corner-case errors from lseek() and close()
- Neither of these system calls are likely to fail in typical situations, but if they did, fd.c could get quite confused.
- Fix incorrect check for whether postmaster is running as a Windows service
- This could result in attempting to write to the event log when that isn't accessible, so that no logging happens at all.
- Fix ecpg to support COMMIT PREPARED and ROLLBACK PREPARED
- Fix a double-free error when processing dollar-quoted string literals in ecpg
- Fix pgbench to handle the combination of --connect and --rate options correctly
- Fix pgbench to honor the long-form option spelling --builtin, as per its documentation
- Fix pg_dump/pg_restore to correctly handle privileges for the public schema when using --clean option
- Other schemas start out with no privileges granted, but public does not; this requires special-case treatment when it is dropped and restored due to the --clean option.
- In pg_dump, fix incorrect schema and owner marking for comments and security labels of some types of database objects
- In simple cases this caused no ill effects; but for example, a schema-selective restore might omit comments it should include, because they were not marked as belonging to the schema of their associated object.
- Fix typo in pg_dump's query for initial privileges of a procedural language
- This resulted in pg_dump always believing that the language had no initial privileges. Since that's true for most procedural languages, ill effects from this bug are probably rare.
- Avoid emitting an invalid list file in pg_restore -l when SQL object names contain newlines
- Replace newlines by spaces, which is sufficient to make the output valid for pg_restore -L's purposes
- Fix pg_upgrade to transfer comments and security labels attached to "large objects" (blobs)
- Previously, blobs were correctly transferred to the new database, but any comments or security labels attached to them were lost
- Improve error handling in contrib/adminpack's pg_file_write() function
- Notably, it failed to detect errors reported by fclose().
- In contrib/dblink, avoid leaking the previous unnamed connection when establishing a new unnamed connection
- Fix contrib/pg_trgm's extraction of trigrams from regular expressions
- In some cases it would produce a broken data structure that could never match anything, leading to GIN or GiST indexscans that use a trigram index not finding any matches to the regular expression.
- In contrib/postgres_fdw, allow join conditions that contain shippable extension-provided functions to be pushed to the remote server
- Support Tcl 8.6 in MSVC builds
- Sync our copy of the timezone library with IANA release tzcode2017b
- This fixes a bug affecting some DST transitions in January 2038.
- Update time zone data files to tzdata release 2017b for DST law changes in Chile, Haiti, and Mongolia, plus historical corrections for Ecuador, Kazakhstan, Liberia, and Spain. Switch to numeric abbreviations for numerous time zones in South America, the Pacific and Indian oceans, and some Asian and Middle Eastern countries.
- The IANA time zone database previously provided textual abbreviations for all time zones, sometimes making up abbreviations that have little or no currency among the local population. They are in process of reversing that policy in favor of using numeric UTC offsets in zones where there is no evidence of real-world use of an English abbreviation. At least for the time being, PostgreSQL will continue to accept such removed abbreviations for timestamp input. But they will not be shown in the pg_timezone_names view nor used for output.
- Use correct daylight-savings rules for POSIX-style time zone names in MSVC builds
- The Microsoft MSVC build scripts neglected to install the posixrules file in the timezone directory tree. This resulted in the timezone code falling back to its built-in rule about what DST behavior to assume for a POSIX-style time zone name. For historical reasons that still corresponds to the DST rules the USA was using before 2007 (i.e., change on first Sunday in April and last Sunday in October). With this fix, a POSIX-style zone name will use the current and historical DST transition dates of the US/Eastern zone. If you don't want that, remove the posixrules file, or replace it with a copy of some other zone file (see Section 8.5.3). Note that due to caching, you may need to restart the server to get such changes to take effect.