PostgreSQL 9.6.3, 9.5.7, 9.4.12, 9.3.17 和 9.2.21 发布

PostgreSQL 开发组发布了对数据库系统的所有支持版本的更新,包括 9.6.3、9.5.7、9.4.13、9.3.17 和 9.2.21。 此版本修复了三个重要安全问题,以及过去三个月报告的其他一些错误。

已关闭的三个安全漏洞:

  • CVE-2017-7484: selectivity estimators bypass SELECT privilege checks

  • CVE-2017-7485: libpq ignores PGREQUIRESSL environment variable

  • CVE-2017-7486: pg_user_mappings view discloses foreign server passwords

其他更新和修复:

  • Fix to ensure consistent behavior for RLS policies

  • Fix ALTER TABLE … VALIDATE CONSTRAINT to not recurse to child tables when the constraint is marked NO INHERIT

  • Fix incorrect support for certain box operators in SP-GiST which could yield incorrect results

  • Fixes for handling query cancellation

  • Skip tablespace privilege checks when ALTER TABLE … ALTER COLUMN TYPE rebuilds an existing index

  • Fix possibly-invalid initial snapshot during logical decoding

  • Fix possible corruption of init forks of unlogged indexes

  • Several fixes to postmaster, including checks for when running as a Windows service

  • Several planner fixes, among others assorted minor fixes in planning of parallel queries

  • Avoid possible crashes in walsender and some index-only scans on GiST index

  • Fix cancelling of pg_stop_backup() when attempting to stop a non-exclusive backup

  • Updates to ecpg to support COMMIT PREPARED and ROLLBACK PREPARED

  • Several fixes for pg_dump/pg_restore, among others to handle privileges for procedural languages and when using –clean option

  • Several fixes for contrib modules, such as dblink, pg_trgm and postgres_fdw

  • Fixes to MSVC builds, such as using correct daylight-savings rules for POSIX-style time zone names and supporting Tcl 8.6

  • Several performance improvements

  • Fix cursor_to_xml() to produce valid output with tableforest = false

  • Fix roundoff problems in float8_timestamptz() and make_interval()

  • Fix pgbench to handle the combination of –connect and –rate options correctly

  • Fixes to commandline tools such as pg_upgrade and pg_basebackup

  • Several fixes to VACUUM and CLUSTER

下载地址:

https://www.postgresql.org/download/

Continue reading: 

PostgreSQL 9.6.3, 9.5.7, 9.4.12, 9.3.17 和 9.2.21 发布