release.sgml

PostgreSQL 8.1.4的源码 适用于Linux下的开源数据库系统

<!-- $PostgreSQL: pgsql/doc/src/sgml/release.sgml,v 1.400.2.27 2006/05/21 21:49:38 tgl Exp $ -->
<!--

Typical markup:

[A-Z][A-Z ]+[A-Z]               <command>
[A-Za-z_][A-Za-z0-9_]+()        <function>
[A-Za-z_]/[A-Za-z_]+            <filename>
PostgreSQL                      <productname>
pg_[A-Za-z0-9_]                 <application>
[A-Z][A-Z]                      <type>, <envar>, <literal>
&<>                             use &
non-ascii                       convert to & escapes

For new features, add links to the documentation sections.

-->

<appendix id="release">
 <title>Release Notes</title>

  <sect1 id="release-8-1-4">
   <title>Release 8.1.4</title>

   <note>
   <title>Release date</title>
   <simpara>2006-05-23</simpara>
   </note>

   <para>
    This release contains a variety of fixes from 8.1.3,
    including patches for extremely serious security issues.
   </para>

   <sect2>
    <title>Migration to version 8.1.4</title>

    <para>
     A dump/restore is not required for those running 8.1.X.
     However, if you are upgrading from a version earlier than 8.1.2,
     see the release notes for 8.1.2.
    </para>

    <para>
     Full security against the SQL-injection attacks described in
     CVE-2006-2313 and CVE-2006-2314 may require changes in application
     code.  If you have applications that embed untrustworthy strings
     into SQL commands, you should examine them as soon as possible to
     ensure that they are using recommended escaping techniques.  In
     most cases, applications should be using subroutines provided by
     libraries or drivers (such as <application>libpq</>'s
     <function>PQescapeStringConn()</>) to perform string escaping,
     rather than relying on <foreignphrase>ad hoc</> code to do it.
    </para>
   </sect2>

   <sect2>
    <title>Changes</title>

<itemizedlist>
<listitem><para>Change the server to reject invalidly-encoded multibyte
characters in all cases (Tatsuo, Tom)</para>
<para>While <productname>PostgreSQL</> has been moving in this direction for
some time, the checks are now applied uniformly to all encodings and all
textual input, and are now always errors not merely warnings.  This change
defends against SQL-injection attacks of the type described in CVE-2006-2313.
</para></listitem>

<listitem><para>Reject unsafe uses of <literal>\'</> in string literals</para>
<para>As a server-side defense against SQL-injection attacks of the type
described in CVE-2006-2314, the server now only accepts <literal>''</> and not
<literal>\'</> as a representation of ASCII single quote in SQL string
literals.  By default, <literal>\'</> is rejected only when
<varname>client_encoding</> is set to a client-only encoding (SJIS, BIG5, GBK,
GB18030, or UHC), which is the scenario in which SQL injection is possible.
A new configuration parameter <varname>backslash_quote</> is available to
adjust this behavior when needed.  Note that full security against
CVE-2006-2314 may require client-side changes; the purpose of
<varname>backslash_quote</> is in part to make it obvious that insecure
clients are insecure.
</para></listitem>

<listitem><para>Modify <application>libpq</>'s string-escaping routines to be
aware of encoding considerations and
<varname>standard_conforming_strings</></para>
<para>This fixes <application>libpq</>-using applications for the security
issues described in CVE-2006-2313 and CVE-2006-2314, and also future-proofs
them against the planned changeover to SQL-standard string literal syntax.
Applications that use multiple <productname>PostgreSQL</> connections
concurrently should migrate to <function>PQescapeStringConn()</> and
<function>PQescapeByteaConn()</> to ensure that escaping is done correctly
for the settings in use in each database connection.  Applications that
do string escaping <quote>by hand</> should be modified to rely on library
routines instead.
</para></listitem>

<listitem><para>Fix weak key selection in pgcrypto (Marko Kreen)</para>
<para>Errors in fortuna PRNG reseeding logic could cause a predictable
session key to be selected by <function>pgp_sym_encrypt()</> in some cases.
This only affects non-OpenSSL-using builds.
</para></listitem>

<listitem><para>Fix some incorrect encoding conversion functions</para>
<para><function>win1251_to_iso</>, <function>win866_to_iso</>,
<function>euc_tw_to_big5</>, <function>euc_tw_to_mic</>,
<function>mic_to_euc_tw</> were all broken to varying
extents.
</para></listitem>

<listitem><para>Clean up stray remaining uses of <literal>\'</> in strings
(Bruce, Jan)</para></listitem>

<listitem><para>Make autovacuum visible in <structname>pg_stat_activity</>
(Alvaro)</para></listitem>

<listitem><para>Disable <literal>full_page_writes</> (Tom)</para>
<para>In certain cases, having <literal>full_page_writes</> off would cause
crash recovery to fail.  A proper fix will appear in 8.2; for now it's just
disabled.
</para></listitem>

<listitem><para>Various planner fixes, particularly for bitmap index scans and
MIN/MAX optimization (Tom)</para></listitem>

<listitem><para>Fix incorrect optimization in merge join (Tom)</para>
<para>Outer joins could sometimes emit multiple copies of unmatched rows.
</para></listitem>

<listitem><para>Fix crash from using and modifying a plpgsql function in the
same transaction</para></listitem>

<listitem><para>Fix WAL replay for case where a btree index has been
truncated</para></listitem>

<listitem><para>Fix <literal>SIMILAR TO</> for patterns involving
<literal>|</> (Tom)</para></listitem>

<listitem><para>Fix <command>SELECT INTO</> and <command>CREATE TABLE AS</> to
create tables in the default tablespace, not the base directory (Kris
Jurka)</para></listitem>

<listitem><para>Fix server to use custom DH SSL parameters correctly (Michael
Fuhr)</para></listitem>

<listitem><para>Improve qsort performance (Dann Corbit)</para>
<para>Currently this code is only used on Solaris.
</para></listitem>

<listitem><para>Fix for Bonjour on Intel Macs (Ashley Clark)</para></listitem>

<listitem><para>Fix various minor memory leaks</para></listitem>

<listitem><para>Fix problem with password prompting on some Win32 systems
(Robert Kinberg)</para></listitem>

<listitem><para>Improve <application>pg_dump</>'s handling of default values
for domains</para></listitem>

<listitem><para>Fix <application>pg_dumpall</> to handle identically-named
users and groups reasonably (only possible when dumping from a pre-8.1 server)
(Tom)</para>
<para>The user and group will be merged into a single role with
<literal>LOGIN</> permission.  Formerly the merged role wouldn't have
<literal>LOGIN</> permission, making it unusable as a user.
</para></listitem>

<listitem><para>Fix <application>pg_restore</> <literal>-n</> to work as
documented (Tom)</para></listitem>
</itemizedlist>

   </sect2>
  </sect1>
 
  <sect1 id="release-8-1-3">
   <title>Release 8.1.3</title>

   <note>
   <title>Release date</title>
   <simpara>2006-02-14</simpara>
   </note>

   <para>
    This release contains a variety of fixes from 8.1.2,
    including one very serious security issue.
   </para>

   <sect2>
    <title>Migration to version 8.1.3</title>

    <para>
     A dump/restore is not required for those running 8.1.X.
     However, if you are upgrading from a version earlier than 8.1.2, 
     see the release notes for 8.1.2.
    </para>
   </sect2>

   <sect2>
    <title>Changes</title>

<itemizedlist>

<listitem><para>Fix bug that allowed any logged-in user to <command>SET
ROLE</> to any other database user id (CVE-2006-0553)</para>
<para>Due to inadequate validity checking, a user could exploit the special
case that <command>SET ROLE</> normally uses to restore the previous role
setting after an error.  This allowed ordinary users to acquire superuser
status, for example.
The escalation-of-privilege risk exists only in 8.1.0-8.1.2.
However, in all releases back to 7.3 there is a related bug in <command>SET
SESSION AUTHORIZATION</> that allows unprivileged users to crash the server,
if it has been compiled with Asserts enabled (which is not the default).
Thanks to Akio Ishida for reporting this problem.
</para></listitem>

<listitem><para>Fix bug with row visibility logic in self-inserted
rows (Tom)</para>
<para>Under rare circumstances a row inserted by the current command
could be seen as already valid, when it should not be.  Repairs bug
created in 8.0.4, 7.4.9, and 7.3.11 releases.
</para></listitem>

<listitem><para>Fix race condition that could lead to <quote>file already
exists</> errors during pg_clog and pg_subtrans file creation
(Tom)</para></listitem>

<listitem><para>Fix cases that could lead to crashes if a cache-invalidation
message arrives at just the wrong time (Tom)</para></listitem>

<listitem><para>Properly check <literal>DOMAIN</> constraints for
<literal>UNKNOWN</> parameters in prepared statements
(Neil)</para></listitem>

<listitem><para>Ensure <command>ALTER COLUMN TYPE</> will process
<literal>FOREIGN KEY</>, <literal>UNIQUE</>, and <literal>PRIMARY KEY</>
constraints in the proper order (Nakano Yoshihisa)</para></listitem>

<listitem><para>Fixes to allow restoring dumps that have cross-schema
references to custom operators or operator classes (Tom)</para></listitem>

<listitem><para>Allow <application>pg_restore</> to continue properly after a
<command>COPY</> failure; formerly it tried to treat the remaining 
<command>COPY</> data as SQL commands (Stephen Frost)</para></listitem>

<listitem><para>Fix <application>pg_ctl</> <literal>unregister</> crash
when the  data directory is not specified (Magnus)</para></listitem>

<listitem><para>Fix <application>libpq</> <function>PQprint</> HTML tags
(Christoph Zwerschke)</para></listitem>

<listitem><para>Fix <application>ecpg</> crash on AMD64 and PPC
(Neil)</para></listitem>

<listitem><para>Allow <literal>SETOF</> and <literal>%TYPE</> to be used
together in function result type declarations</para></listitem>

<listitem><para>Recover properly if error occurs during argument passing
in <application>PL/python</> (Neil)</para></listitem>

<listitem><para>Fix memory leak in <function>plperl_return_next</>
(Neil)</para></listitem>

<listitem><para>Fix <application>PL/perl</>'s handling of locales on
Win32 to match the backend (Andrew)</para></listitem>

<listitem><para>Various optimizer fixes (Tom)</para></listitem>

<listitem><para>Fix crash when <literal>log_min_messages</> is set to
<literal>DEBUG3</> or above in <filename>postgresql.conf</> on Win32
(Bruce)</para></listitem>

<listitem><para>Fix <application>pgxs</> <literal>-L</> library path
specification for Win32, Cygwin, OS X, AIX (Bruce)</para></listitem>

<listitem><para>Check that SID is enabled while checking for Win32 admin
privileges (Magnus)</para></listitem>

<listitem><para>Properly reject out-of-range date inputs (Kris
Jurka)</para></listitem>

<listitem><para>Portability fix for testing presence of <function>finite</>
and <function>isinf</> during configure (Tom)</para></listitem>

<listitem><para>Improve speed of <command>COPY IN</> via libpq, by
avoiding a kernel call per data line (Alon Goldshuv)</para></listitem>

<listitem><para>Improve speed of <filename>/contrib/tsearch2</> index
creation (Tom)</para></listitem>

</itemizedlist>

   </sect2>
  </sect1>
 
  <sect1 id="release-8-1-2">
   <title>Release 8.1.2</title>

   <note>
   <title>Release date</title>
   <simpara>2006-01-09</simpara>
   </note>

   <para>
    This release contains a variety of fixes from 8.1.1.
   </para>

   <sect2>
    <title>Migration to version 8.1.2</title>

    <para>
     A dump/restore is not required for those running 8.1.X.
     However, you might need to <command>REINDEX</> indexes on textual
     columns after updating, if you are affected by the locale or
     <application>plperl</> issues described below.
    </para>
   </sect2>

   <sect2>
    <title>Changes</title>

<itemizedlist>

<listitem><para>Fix Windows code so that postmaster will continue rather
than exit if there is no more room in ShmemBackendArray (Magnus)</para>
<para>The previous behavior could lead to a denial-of-service situation if too
many connection requests arrive close together.  This applies
<emphasis>only</> to the Windows port.</para></listitem>

<listitem><para>Fix bug introduced in 8.0 that could allow ReadBuffer
to return an already-used page as new, potentially causing loss of
recently-committed data (Tom)</para></listitem>

<listitem><para>Fix for protocol-level Describe messages issued
outside a transaction or in a failed transaction (Tom)</para></listitem>

<listitem><para>Fix character string comparison for locales that consider
different character combinations as equal, such as Hungarian (Tom)</para>
<para>This might require <command>REINDEX</> to fix existing indexes on
textual columns.</para></listitem>

<listitem><para>Set locale environment variables during postmaster startup
to ensure that <application>plperl</> won't change the locale later</para>
<para>This fixes a problem that occurred if the <application>postmaster</> was
started with environment variables specifying a different locale than what
<application>initdb</> had been told.  Under these conditions, any use of
<application>plperl</> was likely to lead to corrupt indexes.  You may need
<command>REINDEX</> to fix existing indexes on
textual columns if this has happened to you.</para></listitem>

<listitem><para>Allow more flexible relocation of installation
directories (Tom)</para>
<para>Previous releases supported relocation only if all installation
directory paths were the same except for the last component.</para></listitem>

<listitem><para>Prevent crashes caused by the use of
<literal>ISO-8859-5</> and <literal>ISO-8859-9</> encodings
(Tatsuo)</para></listitem>

<listitem><para>Fix longstanding bug in strpos() and regular expression
handling in certain rarely used Asian multi-byte character sets (Tatsuo)
</para></listitem>

<listitem><para>Fix bug where COPY CSV mode considered any
<literal>\.</> to terminate the copy data</para> <para>The new code
requires <literal>\.</> to appear alone on a line, as per
documentation.</para></listitem>

<listitem><para>Make COPY CSV mode quote a literal data value of
<literal>\.</> to ensure it cannot be interpreted as the
end-of-data marker (Bruce)</para></listitem>

<listitem><para>Various fixes for functions returning <literal>RECORD</>s
(Tom) </para></listitem>

<listitem><para>Fix processing of <filename>postgresql.conf</> so a
final line with no newline is processed properly (Tom)
</para></listitem>

<listitem><para>Fix bug in <filename>/contrib/pgcrypto</> gen_salt,
which caused it not to use all available salt space for MD5 and
XDES algorithms (Marko Kreen, Solar Designer)</para>
<para>Salts for Blowfish and standard DES are unaffected.</para></listitem>

<listitem><para>Fix autovacuum crash when processing expression indexes
</para></listitem>

<listitem><para>Fix <filename>/contrib/dblink</> to throw an error,
rather than crashing, when the number of columns specified is different from
what's actually returned by the query (Joe)</para></listitem>

</itemizedlist>

   </sect2>
  </sect1>