PostgreSQL 歷史版本列表
PostgreSQL (32-bit)PostgreSQL (64-bit)
更新時間:2016-05-12
更新細節:
What's new in this version:
- Clear the OpenSSL error queue before OpenSSL calls, rather than assuming it's clear already; and make sure we leave it clear afterwards (Peter Geoghegan, Dave Vitek, Peter Eisentraut)
- This change prevents problems when there are multiple connections using OpenSSL within a single process and not all the code involved follows the same rules for when to clear the error queue. Failures have been reported specifically when a client application uses SSL connections in libpq concurrently with SSL connections using the PHP, Python, or Ruby wrappers for OpenSSL. It's possible for similar problems to arise within the server as well, if an extension module establishes an outgoing SSL connection.
- Fix "failed to build any N-way joins" planner error with a full join enclosed in the right-hand side of a left join (Tom Lane)
- Fix incorrect handling of equivalence-class tests in multilevel nestloop plans (Tom Lane)
- Given a three-or-more-way equivalence class of variables, such as X.X = Y.Y = Z.Z, it was possible for the planner to omit some of the tests needed to enforce that all the variables are actually equal, leading to join rows being output that didn't satisfy the WHERE clauses. For various reasons, erroneous plans were seldom selected in practice, so that this bug has gone undetected for a long time.
- Fix corner-case parser failures occurring when operator_precedence_warning is turned on (Tom Lane)
- An example is that SELECT (ARRAY[])::text[] gave an error, though it worked without the parentheses.
- Fix query-lifespan memory leak in GIN index scans (Julien Rouhaud)
- Fix query-lifespan memory leak and potential index corruption hazard in GIN index insertion (Tom Lane)
- The memory leak would typically not amount to much in simple queries, but it could be very substantial during a large GIN index build with high maintenance_work_mem.
- Fix possible misbehavior of TH, th, and Y,YYY format codes in to_timestamp() (Tom Lane)
- These could advance off the end of the input string, causing subsequent format codes to read garbage.
- Fix dumping of rules and views in which the array argument of a value operator ANY (array) construct is a sub-SELECT (Tom Lane)
- Disallow newlines in ALTER SYSTEM parameter values (Tom Lane)
- The configuration-file parser doesn't support embedded newlines in string literals, so we mustn't allow them in values to be inserted by ALTER SYSTEM.
- Fix ALTER TABLE ... REPLICA IDENTITY USING INDEX to work properly if an index on OID is selected (David Rowley)
- Avoid possible misbehavior after failing to remove a tablespace symlink (Tom Lane)
- Fix crash in logical decoding on alignment-picky platforms (Tom Lane, Andres Freund)
- The failure occurred only with a transaction large enough to spill to disk and a primary-key change within that transaction.
- Avoid repeated requests for feedback from receiver while shutting down walsender (Nick Cleaton)
- Make pg_regress use a startup timeout from the PGCTLTIMEOUT environment variable, if that's set (Tom Lane)
- This is for consistency with a behavior recently added to pg_ctl; it eases automated testing on slow machines.
- Fix pg_upgrade to correctly restore extension membership for operator families containing only one operator class (Tom Lane)
- In such a case, the operator family was restored into the new database, but it was no longer marked as part of the extension. This had no immediate ill effects, but would cause later pg_dump runs to emit output that would cause (harmless) errors on restore.
- Fix pg_upgrade to not fail when new-cluster TOAST rules differ from old (Tom Lane)
- pg_upgrade had special-case code to handle the situation where the new PostgreSQL version thinks that a table should have a TOAST table while the old version did not. That code was broken, so remove it, and instead do nothing in such cases; there seems no reason to believe that we can't get along fine without a TOAST table if that was okay according to the old version's rules.
- Fix atomic operations for PPC when using IBM's XLC compiler (Noah Misch)
- Reduce the number of SysV semaphores used by a build configured with --disable-spinlocks (Tom Lane)
- Rename internal function strtoi() to strtoint() to avoid conflict with a NetBSD library function (Thomas Munro)
- Fix reporting of errors from bind() and listen() system calls on Windows (Tom Lane)
- Reduce verbosity of compiler output when building with Microsoft Visual Studio (Christian Ullrich)
- Support building with Visual Studio 2015 (Michael Paquier, Petr Jelínek)
- Fix putenv() to work properly with Visual Studio 2013 (Michael Paquier)
- Avoid possibly-unsafe use of Windows' FormatMessage() function (Christian Ullrich)
- Use the FORMAT_MESSAGE_IGNORE_INSERTS flag where appropriate. No live bug is known to exist here, but it seems like a good idea to be careful.
- Update time zone data files to tzdata release 2016d for DST law changes in Russia and Venezuela. There are new zone names Europe/Kirov and Asia/Tomsk to reflect the fact that these regions now have different time zone histories from adjacent regions.
更新時間:2016-04-01
更新細節:
What's new in this version:
- A dump/restore is not required for those running 9.5.X.
- However, you may need to REINDEX some indexes after applying the update, as per the first changelog entry below.
Changes:
- Disable abbreviated keys for string sorting in non-C locales (Robert Haas)
- PostgreSQL 9.5 introduced logic for speeding up comparisons of string data types by using the standard C library function strxfrm() as a substitute for strcoll(). It now emerges that most versions of glibc (Linux's implementation of the C library) have buggy implementations of strxfrm() that, in some locales, can produce string comparison results that do not match strcoll(). Until this problem can be better characterized, disable the optimization in all non-C locales. (C locale is safe since it uses neither strcoll() nor strxfrm().)
- Unfortunately, this problem affects not only sorting but also entry ordering in B-tree indexes, which means that B-tree indexes on text, varchar, or char columns may now be corrupt if they sort according to an affected locale and were built or modified under PostgreSQL 9.5.0 or 9.5.1. Users should REINDEX indexes that might be affected.
- It is not possible at this time to give an exhaustive list of known-affected locales. C locale is known safe, and there is no evidence of trouble in English-based locales such as en_US, but some other popular locales such as de_DE are affected in most glibc versions.
- Maintain row-security status properly in cached plans (Stephen Frost)
- In a session that performs queries as more than one role, the plan cache might incorrectly re-use a plan that was generated for another role ID, thus possibly applying the wrong set of policies when row-level security (RLS) is in use. (CVE-2016-2193)
- Add must-be-superuser checks to some new contrib/pageinspect functions (Andreas Seltenreich)
- Most functions in the pageinspect extension that inspect bytea values disallow calls by non-superusers, but brin_page_type() and brin_metapage_info() failed to do so. Passing contrived bytea values to them might crash the server or disclose a few bytes of server memory. Add the missing permissions checks to prevent misuse. (CVE-2016-3065)
- Fix incorrect handling of indexed ROW() comparisons (Simon Riggs)
- Flaws in a minor optimization introduced in 9.5 caused incorrect results if the ROW() comparison matches the index ordering partially but not exactly (for example, differing column order, or the index contains both ASC and DESC columns). Pending a better solution, the optimization has been removed.
- Fix incorrect handling of NULL index entries in indexed ROW() comparisons (Tom Lane)
- An index search using a row comparison such as ROW(a, b) > ROW('x', 'y') would stop upon reaching a NULL entry in the b column, ignoring the fact that there might be non-NULL b values associated with later values of a.
- Avoid unlikely data-loss scenarios due to renaming files without adequate fsync() calls before and after (Michael Paquier, Tomas Vondra, Andres Freund)
- Fix incorrect behavior when rechecking a just-modified row in a query that does SELECT FOR UPDATE/SHARE and contains some relations that need not be locked (Tom Lane)
- Rows from non-locked relations were incorrectly treated as containing all NULLs during the recheck, which could result in incorrectly deciding that the updated row no longer passes the WHERE condition, or in incorrectly outputting NULLs.
- Fix bug in json_to_record() when a field of its input object contains a sub-object with a field name matching one of the requested output column names (Tom Lane)
- Fix nonsense result from two-argument form of jsonb_object() when called with empty arrays (Michael Paquier, Andrew Dunstan)
- Fix misbehavior in jsonb_set() when converting a path array element into an integer for use as an array subscript (Michael Paquier)
- Fix misformatting of negative time zone offsets by to_char()'s OF format code (Thomas Munro, Tom Lane)
- Fix possible incorrect logging of waits done by INSERT ... ON CONFLICT (Peter Geoghegan)
- Log messages would sometimes claim that the wait was due to an exclusion constraint although no such constraint was responsible.
- Ignore recovery_min_apply_delay parameter until recovery has reached a consistent state (Michael Paquier)
- Previously, standby servers would delay application of WAL records in response to recovery_min_apply_delay even while replaying the initial portion of WAL needed to make their database state valid. Since the standby is useless until it's reached a consistent database state, this was deemed unhelpful.
- Correctly handle cases where pg_subtrans is close to XID wraparound during server startup (Jeff Janes)
- Fix assorted bugs in logical decoding (Andres Freund)
- Trouble cases included tuples larger than one page when replica identity is FULL, UPDATEs that change a primary key within a transaction large enough to be spooled to disk, incorrect reports of "subxact logged without previous toplevel record", and incorrect reporting of a transaction's commit time.
- Fix planner error with nested security barrier views when the outer view has a WHERE clause containing a correlated subquery (Dean Rasheed)
- Fix memory leak in GIN index searches (Tom Lane)
- Fix corner-case crash due to trying to free localeconv() output strings more than once (Tom Lane)
- Fix parsing of affix files for ispell dictionaries (Tom Lane)
- The code could go wrong if the affix file contained any characters whose byte length changes during case-folding, for example I in Turkish UTF8 locales.
- Avoid use of sscanf() to parse ispell dictionary files (Artur Zakirov)
- This dodges a portability problem on FreeBSD-derived platforms (including OS X).
- Fix atomic-operations code used on PPC with IBM's xlc compiler (Noah Misch)
- This error led to rare failures of concurrent operations on that platform.
- Avoid a crash on old Windows versions (before 7SP1/2008R2SP1) with an AVX2-capable CPU and a Postgres build done with Visual Studio 2013 (Christian Ullrich)
- This is a workaround for a bug in Visual Studio 2013's runtime library, which Microsoft have stated they will not fix in that version.
- Fix psql's tab completion logic to handle multibyte characters properly (Kyotaro Horiguchi, Robert Haas)
- Fix psql's tab completion for SECURITY LABEL (Tom Lane)
- Pressing TAB after SECURITY LABEL might cause a crash or offering of inappropriate keywords.
- Make pg_ctl accept a wait timeout from the PGCTLTIMEOUT environment variable, if none is specified on the command line (Noah Misch)
- This eases testing of slower buildfarm members by allowing them to globally specify a longer-than-normal timeout for postmaster startup and shutdown.
- Fix incorrect test for Windows service status in pg_ctl (Manuel Mathar)
- The previous set of minor releases attempted to fix pg_ctl to properly determine whether to send log messages to Window's Event Log, but got the test backwards.
- Fix pgbench to correctly handle the combination of -C and -M prepared options (Tom Lane)
- In pg_upgrade, skip creating a deletion script when the new data directory is inside the old data directory (Bruce Momjian)
- Blind application of the script in such cases would result in loss of the new data directory.
- In PL/Perl, properly translate empty Postgres arrays into empty Perl arrays (Alex Hunsaker)
- Make PL/Python cope with function names that aren't valid Python identifiers (Jim Nasby)
- Fix multiple mistakes in the statistics returned by contrib/pgstattuple's pgstatindex() function (Tom Lane)
- Remove dependency on psed in MSVC builds, since it's no longer provided by core Perl (Michael Paquier, Andrew Dunstan)
- Update time zone data files to tzdata release 2016c for DST law changes in Azerbaijan, Chile, Haiti, Palestine, and Russia (Altai, Astrakhan, Kirov, Sakhalin, Ulyanovsk regions), plus historical corrections for Lithuania, Moldova, and Russia (Kaliningrad, Samara, Volgograd).
更新時間:2016-04-01
更新細節:
What's new in this version:
- A dump/restore is not required for those running 9.5.X.
- However, you may need to REINDEX some indexes after applying the update, as per the first changelog entry below.
Changes:
- Disable abbreviated keys for string sorting in non-C locales (Robert Haas)
- PostgreSQL 9.5 introduced logic for speeding up comparisons of string data types by using the standard C library function strxfrm() as a substitute for strcoll(). It now emerges that most versions of glibc (Linux's implementation of the C library) have buggy implementations of strxfrm() that, in some locales, can produce string comparison results that do not match strcoll(). Until this problem can be better characterized, disable the optimization in all non-C locales. (C locale is safe since it uses neither strcoll() nor strxfrm().)
- Unfortunately, this problem affects not only sorting but also entry ordering in B-tree indexes, which means that B-tree indexes on text, varchar, or char columns may now be corrupt if they sort according to an affected locale and were built or modified under PostgreSQL 9.5.0 or 9.5.1. Users should REINDEX indexes that might be affected.
- It is not possible at this time to give an exhaustive list of known-affected locales. C locale is known safe, and there is no evidence of trouble in English-based locales such as en_US, but some other popular locales such as de_DE are affected in most glibc versions.
- Maintain row-security status properly in cached plans (Stephen Frost)
- In a session that performs queries as more than one role, the plan cache might incorrectly re-use a plan that was generated for another role ID, thus possibly applying the wrong set of policies when row-level security (RLS) is in use. (CVE-2016-2193)
- Add must-be-superuser checks to some new contrib/pageinspect functions (Andreas Seltenreich)
- Most functions in the pageinspect extension that inspect bytea values disallow calls by non-superusers, but brin_page_type() and brin_metapage_info() failed to do so. Passing contrived bytea values to them might crash the server or disclose a few bytes of server memory. Add the missing permissions checks to prevent misuse. (CVE-2016-3065)
- Fix incorrect handling of indexed ROW() comparisons (Simon Riggs)
- Flaws in a minor optimization introduced in 9.5 caused incorrect results if the ROW() comparison matches the index ordering partially but not exactly (for example, differing column order, or the index contains both ASC and DESC columns). Pending a better solution, the optimization has been removed.
- Fix incorrect handling of NULL index entries in indexed ROW() comparisons (Tom Lane)
- An index search using a row comparison such as ROW(a, b) > ROW('x', 'y') would stop upon reaching a NULL entry in the b column, ignoring the fact that there might be non-NULL b values associated with later values of a.
- Avoid unlikely data-loss scenarios due to renaming files without adequate fsync() calls before and after (Michael Paquier, Tomas Vondra, Andres Freund)
- Fix incorrect behavior when rechecking a just-modified row in a query that does SELECT FOR UPDATE/SHARE and contains some relations that need not be locked (Tom Lane)
- Rows from non-locked relations were incorrectly treated as containing all NULLs during the recheck, which could result in incorrectly deciding that the updated row no longer passes the WHERE condition, or in incorrectly outputting NULLs.
- Fix bug in json_to_record() when a field of its input object contains a sub-object with a field name matching one of the requested output column names (Tom Lane)
- Fix nonsense result from two-argument form of jsonb_object() when called with empty arrays (Michael Paquier, Andrew Dunstan)
- Fix misbehavior in jsonb_set() when converting a path array element into an integer for use as an array subscript (Michael Paquier)
- Fix misformatting of negative time zone offsets by to_char()'s OF format code (Thomas Munro, Tom Lane)
- Fix possible incorrect logging of waits done by INSERT ... ON CONFLICT (Peter Geoghegan)
- Log messages would sometimes claim that the wait was due to an exclusion constraint although no such constraint was responsible.
- Ignore recovery_min_apply_delay parameter until recovery has reached a consistent state (Michael Paquier)
- Previously, standby servers would delay application of WAL records in response to recovery_min_apply_delay even while replaying the initial portion of WAL needed to make their database state valid. Since the standby is useless until it's reached a consistent database state, this was deemed unhelpful.
- Correctly handle cases where pg_subtrans is close to XID wraparound during server startup (Jeff Janes)
- Fix assorted bugs in logical decoding (Andres Freund)
- Trouble cases included tuples larger than one page when replica identity is FULL, UPDATEs that change a primary key within a transaction large enough to be spooled to disk, incorrect reports of "subxact logged without previous toplevel record", and incorrect reporting of a transaction's commit time.
- Fix planner error with nested security barrier views when the outer view has a WHERE clause containing a correlated subquery (Dean Rasheed)
- Fix memory leak in GIN index searches (Tom Lane)
- Fix corner-case crash due to trying to free localeconv() output strings more than once (Tom Lane)
- Fix parsing of affix files for ispell dictionaries (Tom Lane)
- The code could go wrong if the affix file contained any characters whose byte length changes during case-folding, for example I in Turkish UTF8 locales.
- Avoid use of sscanf() to parse ispell dictionary files (Artur Zakirov)
- This dodges a portability problem on FreeBSD-derived platforms (including OS X).
- Fix atomic-operations code used on PPC with IBM's xlc compiler (Noah Misch)
- This error led to rare failures of concurrent operations on that platform.
- Avoid a crash on old Windows versions (before 7SP1/2008R2SP1) with an AVX2-capable CPU and a Postgres build done with Visual Studio 2013 (Christian Ullrich)
- This is a workaround for a bug in Visual Studio 2013's runtime library, which Microsoft have stated they will not fix in that version.
- Fix psql's tab completion logic to handle multibyte characters properly (Kyotaro Horiguchi, Robert Haas)
- Fix psql's tab completion for SECURITY LABEL (Tom Lane)
- Pressing TAB after SECURITY LABEL might cause a crash or offering of inappropriate keywords.
- Make pg_ctl accept a wait timeout from the PGCTLTIMEOUT environment variable, if none is specified on the command line (Noah Misch)
- This eases testing of slower buildfarm members by allowing them to globally specify a longer-than-normal timeout for postmaster startup and shutdown.
- Fix incorrect test for Windows service status in pg_ctl (Manuel Mathar)
- The previous set of minor releases attempted to fix pg_ctl to properly determine whether to send log messages to Window's Event Log, but got the test backwards.
- Fix pgbench to correctly handle the combination of -C and -M prepared options (Tom Lane)
- In pg_upgrade, skip creating a deletion script when the new data directory is inside the old data directory (Bruce Momjian)
- Blind application of the script in such cases would result in loss of the new data directory.
- In PL/Perl, properly translate empty Postgres arrays into empty Perl arrays (Alex Hunsaker)
- Make PL/Python cope with function names that aren't valid Python identifiers (Jim Nasby)
- Fix multiple mistakes in the statistics returned by contrib/pgstattuple's pgstatindex() function (Tom Lane)
- Remove dependency on psed in MSVC builds, since it's no longer provided by core Perl (Michael Paquier, Andrew Dunstan)
- Update time zone data files to tzdata release 2016c for DST law changes in Azerbaijan, Chile, Haiti, Palestine, and Russia (Altai, Astrakhan, Kirov, Sakhalin, Ulyanovsk regions), plus historical corrections for Lithuania, Moldova, and Russia (Kaliningrad, Samara, Volgograd).
更新時間:2016-02-11
更新細節:
What's new in this version:
- Fix infinite loops and buffer-overrun problems in regular expressions (Tom Lane)
- Very large character ranges in bracket expressions could cause infinite loops in some cases, and memory overwrites in other cases. (CVE-2016-0773)
- Fix an oversight that caused hash joins to miss joining to some tuples of the inner relation in rare cases (Tomas Vondra, Tom Lane)
- Avoid pushdown of HAVING clauses when grouping sets are used (Andrew Gierth)
- Fix deparsing of ON CONFLICT arbiter WHERE clauses (Peter Geoghegan)
- Make %h and %r escapes in log_line_prefix work for messages emitted due to log_connections (Tom Lane)
- Previously, %h/%r started to work just after a new session had emitted the "connection received" log message; now they work for that message too.
- Avoid leaking a token handle during SSPI authentication (Christian Ullrich)
- Fix psql's det command to interpret its pattern argument the same way as other d commands with potentially schema-qualified patterns do (Reece Hart)
- In pg_ctl on Windows, check service status to decide where to send output, rather than checking if standard output is a terminal (Michael Paquier)
- Fix assorted corner-case bugs in pg_dump's processing of extension member objects (Tom Lane)
- Fix improper quoting of domain constraint names in pg_dump (Elvis Pranskevichus)
- Make pg_dump mark a view's triggers as needing to be processed after its rule, to prevent possible failure during parallel pg_restore (Tom Lane)
- Install guards in pgbench against corner-case overflow conditions during evaluation of script-specified division or modulo operators (Fabien Coelho, Michael Paquier)
- Suppress useless warning message when pg_receivexlog connects to a pre-9.4 server (Marco Nenciarini)
- Avoid dump/reload problems when using both plpython2 and plpython3 (Tom Lane)
- In principle, both versions of PL/Python can be used in the same database, though not in the same session (because the two versions of libpython cannot safely be used concurrently). However, pg_restore and pg_upgrade both do things that can fall foul of the same-session restriction. Work around that by changing the timing of the check.
- Fix PL/Python regression tests to pass with Python 3.5 (Peter Eisentraut)
- Prevent certain PL/Java parameters from being set by non-superusers (Noah Misch)
- This change mitigates a PL/Java security bug (CVE-2016-0766), which was fixed in PL/Java by marking these parameters as superuser-only. To fix the security hazard for sites that update PostgreSQL more frequently than PL/Java, make the core code aware of them also.
- Fix ecpg-supplied header files to not contain comments continued from a preprocessor directive line onto the next line (Michael Meskes)
- Such a comment is rejected by ecpg. It's not yet clear whether ecpg itself should be changed.
- Fix hstore_to_json_loose()'s test for whether an hstore value can be converted to a JSON number (Tom Lane)
- Previously this function could be fooled by non-alphanumeric trailing characters, leading to emitting syntactically-invalid JSON.
- In contrib/postgres_fdw, fix bugs triggered by use of tableoid in data-modifying commands (Etsuro Fujita, Robert Haas)
- Fix ill-advised restriction of NAMEDATALEN to be less than 256 (Robert Haas, Tom Lane)
- Improve reproducibility of build output by ensuring filenames are given to the linker in a fixed order (Christoph Berg)
- This avoids possible bitwise differences in the produced executable files from one build to the next.
- Ensure that dynloader.h is included in the installed header files in MSVC builds (Bruce Momjian, Michael Paquier)
- Update time zone data files to tzdata release 2016a for DST law changes in Cayman Islands, Metlakatla, and Trans-Baikal Territory (Zabaykalsky Krai), plus historical corrections for Pakistan.
更新時間:2016-02-11
更新細節:
What's new in this version:
- Fix infinite loops and buffer-overrun problems in regular expressions (Tom Lane)
- Very large character ranges in bracket expressions could cause infinite loops in some cases, and memory overwrites in other cases. (CVE-2016-0773)
- Fix an oversight that caused hash joins to miss joining to some tuples of the inner relation in rare cases (Tomas Vondra, Tom Lane)
- Avoid pushdown of HAVING clauses when grouping sets are used (Andrew Gierth)
- Fix deparsing of ON CONFLICT arbiter WHERE clauses (Peter Geoghegan)
- Make %h and %r escapes in log_line_prefix work for messages emitted due to log_connections (Tom Lane)
- Previously, %h/%r started to work just after a new session had emitted the "connection received" log message; now they work for that message too.
- Avoid leaking a token handle during SSPI authentication (Christian Ullrich)
- Fix psql's det command to interpret its pattern argument the same way as other d commands with potentially schema-qualified patterns do (Reece Hart)
- In pg_ctl on Windows, check service status to decide where to send output, rather than checking if standard output is a terminal (Michael Paquier)
- Fix assorted corner-case bugs in pg_dump's processing of extension member objects (Tom Lane)
- Fix improper quoting of domain constraint names in pg_dump (Elvis Pranskevichus)
- Make pg_dump mark a view's triggers as needing to be processed after its rule, to prevent possible failure during parallel pg_restore (Tom Lane)
- Install guards in pgbench against corner-case overflow conditions during evaluation of script-specified division or modulo operators (Fabien Coelho, Michael Paquier)
- Suppress useless warning message when pg_receivexlog connects to a pre-9.4 server (Marco Nenciarini)
- Avoid dump/reload problems when using both plpython2 and plpython3 (Tom Lane)
- In principle, both versions of PL/Python can be used in the same database, though not in the same session (because the two versions of libpython cannot safely be used concurrently). However, pg_restore and pg_upgrade both do things that can fall foul of the same-session restriction. Work around that by changing the timing of the check.
- Fix PL/Python regression tests to pass with Python 3.5 (Peter Eisentraut)
- Prevent certain PL/Java parameters from being set by non-superusers (Noah Misch)
- This change mitigates a PL/Java security bug (CVE-2016-0766), which was fixed in PL/Java by marking these parameters as superuser-only. To fix the security hazard for sites that update PostgreSQL more frequently than PL/Java, make the core code aware of them also.
- Fix ecpg-supplied header files to not contain comments continued from a preprocessor directive line onto the next line (Michael Meskes)
- Such a comment is rejected by ecpg. It's not yet clear whether ecpg itself should be changed.
- Fix hstore_to_json_loose()'s test for whether an hstore value can be converted to a JSON number (Tom Lane)
- Previously this function could be fooled by non-alphanumeric trailing characters, leading to emitting syntactically-invalid JSON.
- In contrib/postgres_fdw, fix bugs triggered by use of tableoid in data-modifying commands (Etsuro Fujita, Robert Haas)
- Fix ill-advised restriction of NAMEDATALEN to be less than 256 (Robert Haas, Tom Lane)
- Improve reproducibility of build output by ensuring filenames are given to the linker in a fixed order (Christoph Berg)
- This avoids possible bitwise differences in the produced executable files from one build to the next.
- Ensure that dynloader.h is included in the installed header files in MSVC builds (Bruce Momjian, Michael Paquier)
- Update time zone data files to tzdata release 2016a for DST law changes in Cayman Islands, Metlakatla, and Trans-Baikal Territory (Zabaykalsky Krai), plus historical corrections for Pakistan.
更新時間:2016-01-08
更新細節:
What's new in this version:
- Allow INSERTs that would generate constraint conflicts to be turned into UPDATEs or ignored
- Add GROUP BY analysis features GROUPING SETS, CUBE and ROLLUP
- Add row-level security control
- Create mechanisms for tracking the progress of replication, including methods for identifying the origin of individual changes during logical replication
- Add Block Range Indexes (BRIN)
- Substantial performance improvements for sorting
- Substantial performance improvements for multi-CPU machines
更新時間:2016-01-08
更新細節:
What's new in this version:
- Allow INSERTs that would generate constraint conflicts to be turned into UPDATEs or ignored
- Add GROUP BY analysis features GROUPING SETS, CUBE and ROLLUP
- Add row-level security control
- Create mechanisms for tracking the progress of replication, including methods for identifying the origin of individual changes during logical replication
- Add Block Range Indexes (BRIN)
- Substantial performance improvements for sorting
- Substantial performance improvements for multi-CPU machines
更新時間:2015-10-08
更新細節:
What's new in this version:
- A dump/restore is not required for those running 9.4.X.
- However, if you are upgrading from a version earlier than 9.4.4, see Section E.2.
CHANGES:
- Guard against stack overflows in json parsing (Oskari Saarenmaa)
- If an application constructs PostgreSQL json or jsonb values from arbitrary user input, the application's users can reliably crash the PostgreSQL server, causing momentary denial of service. (CVE-2015-5289)
- Fix contrib/pgcrypto to detect and report too-short crypt() salts (Josh Kupershmidt)
- Certain invalid salt arguments crashed the server or disclosed a few bytes of server memory. We have not ruled out the viability of attacks that arrange for presence of confidential information in the disclosed bytes, but they seem unlikely. (CVE-2015-5288)
- Fix subtransaction cleanup after a portal (cursor) belonging to an outer subtransaction fails (Tom Lane, Michael Paquier)
- A function executed in an outer-subtransaction cursor could cause an assertion failure or crash by referencing a relation created within an inner subtransaction.
- Fix possible deadlock during WAL insertion when commit_delay is set (Heikki Linnakangas)
- Ensure all relations referred to by an updatable view are properly locked during an update statement (Dean Rasheed)
- Fix insertion of relations into the relation cache "init file" (Tom Lane)
- An oversight in a patch in the most recent minor releases caused pg_trigger_tgrelid_tgname_index to be omitted from the init file. Subsequent sessions detected this, then deemed the init file to be broken and silently ignored it, resulting in a significant degradation in session startup time. In addition to fixing the bug, install some guards so that any similar future mistake will be more obvious.
- Avoid O(N^2) behavior when inserting many tuples into a SPI query result (Neil Conway)
- Improve LISTEN startup time when there are many unread notifications (Matt Newell)
- Fix performance problem when a session alters large numbers of foreign key constraints (Jan Wieck, Tom Lane)
- This was seen primarily when restoring pg_dump output for databases with many thousands of tables.
- Disable SSL renegotiation by default (Michael Paquier, Andres Freund)
- While use of SSL renegotiation is a good idea in theory, we have seen too many bugs in practice, both in the underlying OpenSSL library and in our usage of it. Renegotiation will be removed entirely in 9.5 and later. In the older branches, just change the default value of ssl_renegotiation_limit to zero (disabled).
- Lower the minimum values of the *_freeze_max_age parameters (Andres Freund)
- This is mainly to make tests of related behavior less time-consuming, but it may also be of value for installations with limited disk space.
- Limit the maximum value of wal_buffers to 2GB to avoid server crashes (Josh Berkus)
- Avoid logging complaints when a parameter that can only be set at server start appears multiple times in postgresql.conf, and fix counting of line numbers after an include_dir directive (Tom Lane)
- Fix rare internal overflow in multiplication of numeric values (Dean Rasheed)
- Guard against hard-to-reach stack overflows involving record types, range types, json, jsonb, tsquery, ltxtquery and query_int (Noah Misch)
- Fix handling of DOW and DOY in datetime input (Greg Stark)
- These tokens aren't meant to be used in datetime values, but previously they resulted in opaque internal error messages rather than "invalid input syntax".
- Add more query-cancel checks to regular expression matching (Tom Lane)
- Add recursion depth protections to regular expression, SIMILAR TO, and LIKE matching (Tom Lane)
- Suitable search patterns and a low stack depth limit could lead to stack-overrun crashes.
- Fix potential infinite loop in regular expression execution (Tom Lane)
- A search pattern that can apparently match a zero-length string, but actually doesn't match because of a back reference, could lead to an infinite loop.
- In regular expression execution, correctly record match data for capturing parentheses within a quantifier even when the match is zero-length (Tom Lane)
- Fix low-memory failures in regular expression compilation (Andreas Seltenreich)
- Fix low-probability memory leak during regular expression execution (Tom Lane)
- Fix rare low-memory failure in lock cleanup during transaction abort (Tom Lane)
- Fix "unexpected out-of-memory situation during sort" errors when using tuplestores with small work_mem settings (Tom Lane)
- Fix very-low-probability stack overrun in qsort (Tom Lane)
- Fix "invalid memory alloc request size" failure in hash joins with large work_mem settings (Tomas Vondra, Tom Lane)
- Fix assorted planner bugs (Tom Lane)
- These mistakes could lead to incorrect query plans that would give wrong answers, or to assertion failures in assert-enabled builds, or to odd planner errors such as "could not devise a query plan for the given query", "could not find pathkey item to sort", "plan should not reference subplan's variable", or "failed to assign all NestLoopParams to plan nodes". Thanks are due to Andreas Seltenreich and Piotr Stefaniak for fuzz testing that exposed these problems.
- Improve planner's performance for UPDATE/DELETE on large inheritance sets (Tom Lane, Dean Rasheed)
- Ensure standby promotion trigger files are removed at postmaster startup (Michael Paquier, Fujii Masao)
- This prevents unwanted promotion from occurring if these files appear in a database backup that is used to initialize a new standby server.
- During postmaster shutdown, ensure that per-socket lock files are removed and listen sockets are closed before we remove the postmaster.pid file (Tom Lane)
- This avoids race-condition failures if an external script attempts to start a new postmaster as soon as pg_ctl stop returns.
- Ensure that the postmaster does not exit until all its child processes are gone, even in an immediate shutdown (Tom Lane)
- Like the previous item, this avoids possible race conditions against a subsequently-started postmaster.
- Fix postmaster's handling of a startup-process crash during crash recovery (Tom Lane)
- If, during a crash recovery cycle, the startup process crashes without having restored database consistency, we'd try to launch a new startup process, which typically would just crash again, leading to an infinite loop.
- Make emergency autovacuuming for multixact wraparound more robust (Andres Freund)
- Do not print a WARNING when an autovacuum worker is already gone when we attempt to signal it, and reduce log verbosity for such signals (Tom Lane)
- Prevent autovacuum launcher from sleeping unduly long if the server clock is moved backwards a large amount (Álvaro Herrera)
- Ensure that cleanup of a GIN index's pending-insertions list is interruptable by cancel requests (Jeff Janes)
- Allow all-zeroes pages in GIN indexes to be reused (Heikki Linnakangas)
- Such a page might be left behind after a crash.
- Fix handling of all-zeroes pages in SP-GiST indexes (Heikki Linnakangas)
- VACUUM attempted to recycle such pages, but did so in a way that wasn't crash-safe.
- Fix off-by-one error that led to otherwise-harmless warnings about "apparent wraparound" in subtrans/multixact truncation (Thomas Munro)
- Fix misreporting of CONTINUE and MOVE statement types in PL/pgSQL's error context messages (Pavel Stehule, Tom Lane)
- Fix PL/Perl to handle non-ASCII error message texts correctly (Alex Hunsaker)
- Fix PL/Python crash when returning the string representation of a record result (Tom Lane)
- Fix some places in PL/Tcl that neglected to check for failure of malloc() calls (Michael Paquier, Álvaro Herrera)
- In contrib/isn, fix output of ISBN-13 numbers that begin with 979 (Fabien Coelho)
- EANs beginning with 979 (but not 9790) are considered ISBNs, but they must be printed in the new 13-digit format, not the 10-digit format.
- Improve contrib/pg_stat_statements' handling of query-text garbage collection (Peter Geoghegan)
- The external file containing query texts could bloat to very large sizes; once it got past 1GB attempts to trim it would fail, soon leading to situations where the file could not be read at all.
- Improve contrib/postgres_fdw's handling of collation-related decisions (Tom Lane)
- The main user-visible effect is expected to be that comparisons involving varchar columns will be sent to the remote server for execution in more cases than before.
- Improve libpq's handling of out-of-memory conditions (Michael Paquier, Heikki Linnakangas)
- Fix memory leaks and missing out-of-memory checks in ecpg (Michael Paquier)
- Fix psql's code for locale-aware formatting of numeric output (Tom Lane)
- The formatting code invoked by pset numericlocale on did the wrong thing for some uncommon cases such as numbers with an exponent but no decimal point. It could also mangle already-localized output from the money data type.
- Prevent crash in psql's c command when there is no current connection (Noah Misch)
- Make pg_dump handle inherited NOT VALID check constraints correctly (Tom Lane)
- Fix selection of default zlib compression level in pg_dump's directory output format (Andrew Dunstan)
- Ensure that temporary files created during a pg_dump run with tar-format output are not world-readable (Michael Paquier)
- Fix pg_dump and pg_upgrade to support cases where the postgres or template1 database is in a non-default tablespace (Marti Raudsepp, Bruce Momjian)
- Fix pg_dump to handle object privileges sanely when dumping from a server too old to have a particular privilege type (Tom Lane)
- When dumping data types from pre-9.2 servers, and when dumping functions or procedural languages from pre-7.3 servers, pg_dump would produce GRANT/REVOKE commands that revoked the owner's grantable privileges and instead granted all privileges to PUBLIC. Since the privileges involved are just USAGE and EXECUTE, this isn't a security problem, but it's certainly a surprising representation of the older systems' behavior. Fix it to leave the default privilege state alone in these cases.
- Fix pg_dump to dump shell types (Tom Lane)
- Shell types (that is, not-yet-fully-defined types) aren't useful for much, but nonetheless pg_dump should dump them.
- Fix assorted minor memory leaks in pg_dump and other client-side programs (Michael Paquier)
- Fix pgbench's progress-report behavior when a query, or pgbench itself, gets stuck (Fabien Coelho)
- Fix spinlock assembly code for Alpha hardware (Tom Lane)
- Fix spinlock assembly code for PPC hardware to be compatible with AIX's native assembler (Tom Lane)
- Building with gcc didn't work if gcc had been configured to use the native assembler, which is becoming more common.
- On AIX, test the -qlonglong compiler option rather than just assuming it's safe to use (Noah Misch)
- On AIX, use -Wl,-brtllib link option to allow symbols to be resolved at runtime (Noah Misch)
- Perl relies on this ability in 5.8.0 and later.
- Avoid use of inline functions when compiling with 32-bit xlc, due to compiler bugs (Noah Misch)
- Use librt for sched_yield() when necessary, which it is on some Solaris versions (Oskari Saarenmaa)
- Translate encoding UHC as Windows code page 949 (Noah Misch)
- This fixes presentation of non-ASCII log messages from processes that are not attached to any particular database, such as the postmaster.
- On Windows, avoid failure when doing encoding conversion to UTF16 outside a transaction, such as for log messages (Noah Misch)
- Fix postmaster startup failure due to not copying setlocale()'s return value (Noah Misch)
- This has been reported on Windows systems with the ANSI code page set to CP936 ("Chinese (Simplified, PRC)"), and may occur with other multibyte code pages.
- Fix Windows install.bat script to handle target directory names that contain spaces (Heikki Linnakangas)
- Make the numeric form of the PostgreSQL version number (e.g., 90405) readily available to extension Makefiles, as a variable named VERSION_NUM (Michael Paquier)
- Update time zone data files to tzdata release 2015g for DST law changes in Cayman Islands, Fiji, Moldova, Morocco, Norfolk Island, North Korea, Turkey, and Uruguay. There is a new zone name America/Fort_Nelson for the Canadian Northern Rockies.
更新時間:2015-10-08
更新細節:
What's new in this version:
- A dump/restore is not required for those running 9.4.X.
- However, if you are upgrading from a version earlier than 9.4.4, see Section E.2.
CHANGES:
- Guard against stack overflows in json parsing (Oskari Saarenmaa)
- If an application constructs PostgreSQL json or jsonb values from arbitrary user input, the application's users can reliably crash the PostgreSQL server, causing momentary denial of service. (CVE-2015-5289)
- Fix contrib/pgcrypto to detect and report too-short crypt() salts (Josh Kupershmidt)
- Certain invalid salt arguments crashed the server or disclosed a few bytes of server memory. We have not ruled out the viability of attacks that arrange for presence of confidential information in the disclosed bytes, but they seem unlikely. (CVE-2015-5288)
- Fix subtransaction cleanup after a portal (cursor) belonging to an outer subtransaction fails (Tom Lane, Michael Paquier)
- A function executed in an outer-subtransaction cursor could cause an assertion failure or crash by referencing a relation created within an inner subtransaction.
- Fix possible deadlock during WAL insertion when commit_delay is set (Heikki Linnakangas)
- Ensure all relations referred to by an updatable view are properly locked during an update statement (Dean Rasheed)
- Fix insertion of relations into the relation cache "init file" (Tom Lane)
- An oversight in a patch in the most recent minor releases caused pg_trigger_tgrelid_tgname_index to be omitted from the init file. Subsequent sessions detected this, then deemed the init file to be broken and silently ignored it, resulting in a significant degradation in session startup time. In addition to fixing the bug, install some guards so that any similar future mistake will be more obvious.
- Avoid O(N^2) behavior when inserting many tuples into a SPI query result (Neil Conway)
- Improve LISTEN startup time when there are many unread notifications (Matt Newell)
- Fix performance problem when a session alters large numbers of foreign key constraints (Jan Wieck, Tom Lane)
- This was seen primarily when restoring pg_dump output for databases with many thousands of tables.
- Disable SSL renegotiation by default (Michael Paquier, Andres Freund)
- While use of SSL renegotiation is a good idea in theory, we have seen too many bugs in practice, both in the underlying OpenSSL library and in our usage of it. Renegotiation will be removed entirely in 9.5 and later. In the older branches, just change the default value of ssl_renegotiation_limit to zero (disabled).
- Lower the minimum values of the *_freeze_max_age parameters (Andres Freund)
- This is mainly to make tests of related behavior less time-consuming, but it may also be of value for installations with limited disk space.
- Limit the maximum value of wal_buffers to 2GB to avoid server crashes (Josh Berkus)
- Avoid logging complaints when a parameter that can only be set at server start appears multiple times in postgresql.conf, and fix counting of line numbers after an include_dir directive (Tom Lane)
- Fix rare internal overflow in multiplication of numeric values (Dean Rasheed)
- Guard against hard-to-reach stack overflows involving record types, range types, json, jsonb, tsquery, ltxtquery and query_int (Noah Misch)
- Fix handling of DOW and DOY in datetime input (Greg Stark)
- These tokens aren't meant to be used in datetime values, but previously they resulted in opaque internal error messages rather than "invalid input syntax".
- Add more query-cancel checks to regular expression matching (Tom Lane)
- Add recursion depth protections to regular expression, SIMILAR TO, and LIKE matching (Tom Lane)
- Suitable search patterns and a low stack depth limit could lead to stack-overrun crashes.
- Fix potential infinite loop in regular expression execution (Tom Lane)
- A search pattern that can apparently match a zero-length string, but actually doesn't match because of a back reference, could lead to an infinite loop.
- In regular expression execution, correctly record match data for capturing parentheses within a quantifier even when the match is zero-length (Tom Lane)
- Fix low-memory failures in regular expression compilation (Andreas Seltenreich)
- Fix low-probability memory leak during regular expression execution (Tom Lane)
- Fix rare low-memory failure in lock cleanup during transaction abort (Tom Lane)
- Fix "unexpected out-of-memory situation during sort" errors when using tuplestores with small work_mem settings (Tom Lane)
- Fix very-low-probability stack overrun in qsort (Tom Lane)
- Fix "invalid memory alloc request size" failure in hash joins with large work_mem settings (Tomas Vondra, Tom Lane)
- Fix assorted planner bugs (Tom Lane)
- These mistakes could lead to incorrect query plans that would give wrong answers, or to assertion failures in assert-enabled builds, or to odd planner errors such as "could not devise a query plan for the given query", "could not find pathkey item to sort", "plan should not reference subplan's variable", or "failed to assign all NestLoopParams to plan nodes". Thanks are due to Andreas Seltenreich and Piotr Stefaniak for fuzz testing that exposed these problems.
- Improve planner's performance for UPDATE/DELETE on large inheritance sets (Tom Lane, Dean Rasheed)
- Ensure standby promotion trigger files are removed at postmaster startup (Michael Paquier, Fujii Masao)
- This prevents unwanted promotion from occurring if these files appear in a database backup that is used to initialize a new standby server.
- During postmaster shutdown, ensure that per-socket lock files are removed and listen sockets are closed before we remove the postmaster.pid file (Tom Lane)
- This avoids race-condition failures if an external script attempts to start a new postmaster as soon as pg_ctl stop returns.
- Ensure that the postmaster does not exit until all its child processes are gone, even in an immediate shutdown (Tom Lane)
- Like the previous item, this avoids possible race conditions against a subsequently-started postmaster.
- Fix postmaster's handling of a startup-process crash during crash recovery (Tom Lane)
- If, during a crash recovery cycle, the startup process crashes without having restored database consistency, we'd try to launch a new startup process, which typically would just crash again, leading to an infinite loop.
- Make emergency autovacuuming for multixact wraparound more robust (Andres Freund)
- Do not print a WARNING when an autovacuum worker is already gone when we attempt to signal it, and reduce log verbosity for such signals (Tom Lane)
- Prevent autovacuum launcher from sleeping unduly long if the server clock is moved backwards a large amount (Álvaro Herrera)
- Ensure that cleanup of a GIN index's pending-insertions list is interruptable by cancel requests (Jeff Janes)
- Allow all-zeroes pages in GIN indexes to be reused (Heikki Linnakangas)
- Such a page might be left behind after a crash.
- Fix handling of all-zeroes pages in SP-GiST indexes (Heikki Linnakangas)
- VACUUM attempted to recycle such pages, but did so in a way that wasn't crash-safe.
- Fix off-by-one error that led to otherwise-harmless warnings about "apparent wraparound" in subtrans/multixact truncation (Thomas Munro)
- Fix misreporting of CONTINUE and MOVE statement types in PL/pgSQL's error context messages (Pavel Stehule, Tom Lane)
- Fix PL/Perl to handle non-ASCII error message texts correctly (Alex Hunsaker)
- Fix PL/Python crash when returning the string representation of a record result (Tom Lane)
- Fix some places in PL/Tcl that neglected to check for failure of malloc() calls (Michael Paquier, Álvaro Herrera)
- In contrib/isn, fix output of ISBN-13 numbers that begin with 979 (Fabien Coelho)
- EANs beginning with 979 (but not 9790) are considered ISBNs, but they must be printed in the new 13-digit format, not the 10-digit format.
- Improve contrib/pg_stat_statements' handling of query-text garbage collection (Peter Geoghegan)
- The external file containing query texts could bloat to very large sizes; once it got past 1GB attempts to trim it would fail, soon leading to situations where the file could not be read at all.
- Improve contrib/postgres_fdw's handling of collation-related decisions (Tom Lane)
- The main user-visible effect is expected to be that comparisons involving varchar columns will be sent to the remote server for execution in more cases than before.
- Improve libpq's handling of out-of-memory conditions (Michael Paquier, Heikki Linnakangas)
- Fix memory leaks and missing out-of-memory checks in ecpg (Michael Paquier)
- Fix psql's code for locale-aware formatting of numeric output (Tom Lane)
- The formatting code invoked by pset numericlocale on did the wrong thing for some uncommon cases such as numbers with an exponent but no decimal point. It could also mangle already-localized output from the money data type.
- Prevent crash in psql's c command when there is no current connection (Noah Misch)
- Make pg_dump handle inherited NOT VALID check constraints correctly (Tom Lane)
- Fix selection of default zlib compression level in pg_dump's directory output format (Andrew Dunstan)
- Ensure that temporary files created during a pg_dump run with tar-format output are not world-readable (Michael Paquier)
- Fix pg_dump and pg_upgrade to support cases where the postgres or template1 database is in a non-default tablespace (Marti Raudsepp, Bruce Momjian)
- Fix pg_dump to handle object privileges sanely when dumping from a server too old to have a particular privilege type (Tom Lane)
- When dumping data types from pre-9.2 servers, and when dumping functions or procedural languages from pre-7.3 servers, pg_dump would produce GRANT/REVOKE commands that revoked the owner's grantable privileges and instead granted all privileges to PUBLIC. Since the privileges involved are just USAGE and EXECUTE, this isn't a security problem, but it's certainly a surprising representation of the older systems' behavior. Fix it to leave the default privilege state alone in these cases.
- Fix pg_dump to dump shell types (Tom Lane)
- Shell types (that is, not-yet-fully-defined types) aren't useful for much, but nonetheless pg_dump should dump them.
- Fix assorted minor memory leaks in pg_dump and other client-side programs (Michael Paquier)
- Fix pgbench's progress-report behavior when a query, or pgbench itself, gets stuck (Fabien Coelho)
- Fix spinlock assembly code for Alpha hardware (Tom Lane)
- Fix spinlock assembly code for PPC hardware to be compatible with AIX's native assembler (Tom Lane)
- Building with gcc didn't work if gcc had been configured to use the native assembler, which is becoming more common.
- On AIX, test the -qlonglong compiler option rather than just assuming it's safe to use (Noah Misch)
- On AIX, use -Wl,-brtllib link option to allow symbols to be resolved at runtime (Noah Misch)
- Perl relies on this ability in 5.8.0 and later.
- Avoid use of inline functions when compiling with 32-bit xlc, due to compiler bugs (Noah Misch)
- Use librt for sched_yield() when necessary, which it is on some Solaris versions (Oskari Saarenmaa)
- Translate encoding UHC as Windows code page 949 (Noah Misch)
- This fixes presentation of non-ASCII log messages from processes that are not attached to any particular database, such as the postmaster.
- On Windows, avoid failure when doing encoding conversion to UTF16 outside a transaction, such as for log messages (Noah Misch)
- Fix postmaster startup failure due to not copying setlocale()'s return value (Noah Misch)
- This has been reported on Windows systems with the ANSI code page set to CP936 ("Chinese (Simplified, PRC)"), and may occur with other multibyte code pages.
- Fix Windows install.bat script to handle target directory names that contain spaces (Heikki Linnakangas)
- Make the numeric form of the PostgreSQL version number (e.g., 90405) readily available to extension Makefiles, as a variable named VERSION_NUM (Michael Paquier)
- Update time zone data files to tzdata release 2015g for DST law changes in Cayman Islands, Fiji, Moldova, Morocco, Norfolk Island, North Korea, Turkey, and Uruguay. There is a new zone name America/Fort_Nelson for the Canadian Northern Rockies.
更新時間:2015-06-13
更新細節:
What's new in this version:
Changes:
Fix possible failure to recover from an inconsistent database state:
- Recent PostgreSQL releases introduced mechanisms to protect against multixact wraparound, but some of that code did not account for the possibility that it would need to run during crash recovery, when the database may not be in a consistent state. This could result in failure to restart after a crash, or failure to start up a secondary server. The lingering effects of a previously-fixed bug in pg_upgrade could also cause such a failure, in installations that had used pg_upgrade versions between 9.3.0 and 9.3.4.
- The pg_upgrade bug in question was that it would set oldestMultiXid to 1 in pg_control even if the true value should be higher. With the fixes introduced in this release, such a situation will result in immediate emergency autovacuuming until a correct oldestMultiXid value can be determined. If that would pose a hardship, users can avoid it by doing manual vacuuming before upgrading to this release.
In detail:
- Check whether pg_controldata reports "Latest checkpoint's oldestMultiXid" to be 1. If not, there's nothing to do.
- Look in PGDATA/pg_multixact/offsets to see if there's a file named 0000. If there is, there's nothing to do.
- Otherwise, for each table that has pg_class.relminmxid equal to 1, VACUUM that table with both vacuum_multixact_freeze_min_age and vacuum_multixact_freeze_table_age set to zero. (You can use the vacuum cost delay parameters described in Section 18.4.4 to reduce the performance consequences for concurrent sessions.)
Fix rare failure to invalidate relation cache init file:
- With just the wrong timing of concurrent activity, a VACUUM FULL on a system catalog might fail to update the "init file" that's used to avoid cache-loading work for new sessions. This would result in later sessions being unable to access that catalog at all. This is a very ancient bug, but it's so hard to trigger that no reproducible case had been seen until recently.
Avoid deadlock between incoming sessions and CREATE/DROP DATABASE:
- A new session starting in a database that is the target of a DROP DATABASE command, or is the template for a CREATE DATABASE command, could cause the command to wait for five seconds and then fail, even if the new session would have exited before that.
Improve planner's cost estimates for semi-joins and anti-joins with inner indexscans:
- This type of plan is quite cheap when all the join clauses are used as index scan conditions, even if the inner scan would nominally fetch many rows, because the executor will stop after obtaining one row. The planner only partially accounted for that effect, and would therefore overestimate the cost, leading it to possibly choose some other much less efficient plan type.