From: Tom Lane Date: Thu, 5 May 2005 20:07:36 +0000 (+0000) Subject: Stamp release 8.0.3. X-Git-Tag: REL8_0_3~7 X-Git-Url: http://git.ipfire.org/?a=commitdiff_plain;h=17eb867e984f30dc44e4879251c6c1a937958356;p=thirdparty%2Fpostgresql.git Stamp release 8.0.3. --- diff --git a/configure b/configure index b4c16cca901..dc965872e8d 100755 --- a/configure +++ b/configure @@ -1,6 +1,6 @@ #! /bin/sh # Guess values for system-dependent variables and create Makefiles. -# Generated by GNU Autoconf 2.53 for PostgreSQL 8.0.2. +# Generated by GNU Autoconf 2.53 for PostgreSQL 8.0.3. # # Report bugs to . # @@ -258,8 +258,8 @@ SHELL=${CONFIG_SHELL-/bin/sh} # Identity of this package. PACKAGE_NAME='PostgreSQL' PACKAGE_TARNAME='postgresql' -PACKAGE_VERSION='8.0.2' -PACKAGE_STRING='PostgreSQL 8.0.2' +PACKAGE_VERSION='8.0.3' +PACKAGE_STRING='PostgreSQL 8.0.3' PACKAGE_BUGREPORT='pgsql-bugs@postgresql.org' ac_unique_file="src/backend/access/common/heaptuple.c" @@ -773,7 +773,7 @@ if test "$ac_init_help" = "long"; then # Omit some internal or obsolete options to make the list less imposing. # This message is too long to be a string in the A/UX 3.1 sh. cat <<_ACEOF -\`configure' configures PostgreSQL 8.0.2 to adapt to many kinds of systems. +\`configure' configures PostgreSQL 8.0.3 to adapt to many kinds of systems. Usage: $0 [OPTION]... [VAR=VALUE]... @@ -834,7 +834,7 @@ fi if test -n "$ac_init_help"; then case $ac_init_help in - short | recursive ) echo "Configuration of PostgreSQL 8.0.2:";; + short | recursive ) echo "Configuration of PostgreSQL 8.0.3:";; esac cat <<\_ACEOF @@ -955,7 +955,7 @@ fi test -n "$ac_init_help" && exit 0 if $ac_init_version; then cat <<\_ACEOF -PostgreSQL configure 8.0.2 +PostgreSQL configure 8.0.3 generated by GNU Autoconf 2.53 Copyright 1992, 1993, 1994, 1995, 1996, 1998, 1999, 2000, 2001, 2002 @@ -972,7 +972,7 @@ cat >&5 <<_ACEOF This file contains any messages produced by compilers while running configure, to aid debugging if configure makes a mistake. -It was created by PostgreSQL $as_me 8.0.2, which was +It was created by PostgreSQL $as_me 8.0.3, which was generated by GNU Autoconf 2.53. Invocation command line was $ $0 $@ @@ -19356,7 +19356,7 @@ _ASBOX } >&5 cat >&5 <<_CSEOF -This file was extended by PostgreSQL $as_me 8.0.2, which was +This file was extended by PostgreSQL $as_me 8.0.3, which was generated by GNU Autoconf 2.53. Invocation command line was CONFIG_FILES = $CONFIG_FILES @@ -19421,7 +19421,7 @@ _ACEOF cat >>$CONFIG_STATUS <<_ACEOF ac_cs_version="\\ -PostgreSQL config.status 8.0.2 +PostgreSQL config.status 8.0.3 configured by $0, generated by GNU Autoconf 2.53, with options \\"`echo "$ac_configure_args" | sed 's/[\\""\`\$]/\\\\&/g'`\\" diff --git a/configure.in b/configure.in index 18b690c4982..1f092d7f86a 100644 --- a/configure.in +++ b/configure.in @@ -1,5 +1,5 @@ dnl Process this file with autoconf to produce a configure script. -dnl $PostgreSQL: pgsql/configure.in,v 1.398.4.4 2005/04/07 19:43:05 tgl Exp $ +dnl $PostgreSQL: pgsql/configure.in,v 1.398.4.5 2005/05/05 20:07:34 tgl Exp $ dnl dnl Developers, please strive to achieve this order: dnl @@ -17,7 +17,7 @@ dnl Read the Autoconf manual for details. dnl m4_pattern_forbid(^PGAC_)dnl to catch undefined macros -AC_INIT([PostgreSQL], [8.0.2], [pgsql-bugs@postgresql.org]) +AC_INIT([PostgreSQL], [8.0.3], [pgsql-bugs@postgresql.org]) AC_PREREQ(2.53) AC_COPYRIGHT([Copyright (c) 1996-2005, PostgreSQL Global Development Group]) diff --git a/doc/bug.template b/doc/bug.template index 3b480b26a8f..c56cca29f57 100644 --- a/doc/bug.template +++ b/doc/bug.template @@ -31,7 +31,7 @@ System Configuration: Operating System (example: Linux 2.4.18) : - PostgreSQL version (example: PostgreSQL 8.0.2): PostgreSQL 8.0.2 + PostgreSQL version (example: PostgreSQL 8.0.3): PostgreSQL 8.0.3 Compiler used (example: gcc 3.3.5) : diff --git a/doc/src/sgml/release.sgml b/doc/src/sgml/release.sgml index 9ec75f1b95d..f5d4c6e9e45 100644 --- a/doc/src/sgml/release.sgml +++ b/doc/src/sgml/release.sgml @@ -1,10 +1,117 @@ Release Notes + + Release 8.0.3 + + + Release date + 2005-05-05 + + + + This release contains a variety of fixes from 8.0.2, including several + security-related issues. + + + + Migration to version 8.0.3 + + + A dump/restore is not required for those running 8.0.X. However, + it is one possible way of handling two significant security problems + that have been found in the initial contents of 8.0.X system + catalogs. A dump/initdb/reload sequence using 8.0.3's initdb will + automatically correct these problems. + + + + The larger security problem is that the built-in character set encoding + conversion functions can be invoked from SQL commands by unprivileged + users, but the functions were not designed for such use and are not + secure against malicious choices of arguments. The fix involves changing + the declared parameter list of these functions so that they can no longer + be invoked from SQL commands. (This does not affect their normal use + by the encoding conversion machinery.) + + + + The lesser problem is that the contrib/tsearch2 module + creates several functions that are misdeclared to return + internal when they do not accept internal arguments. + This breaks type safety for all functions using internal + arguments. + + + + It is strongly recommended that all installations repair these errors, + either by initdb or by following the manual repair procedure given + below. The errors at least allow unprivileged database users to crash + their server process, and may allow unprivileged users to gain the + privileges of a database superuser. + + + + If you wish not to do an initdb, perform the same manual repair + procedures shown in the 7.4.8 release + notes. + + + + + Changes + + +Change encoding function signature to prevent +misuse +Change contrib/tsearch2 to avoid unsafe use of +INTERNAL function results +Guard against incorrect second parameter to +record_out +Fix comparisons of TIME WITH TIME ZONE values + +The comparison code was wrong in the case where the +--enable-integer-datetimes configuration switch had been used. +NOTE: if you have an index on a TIME WITH TIME ZONE column, +it will need to be REINDEXed after installing this update, because +the fix corrects the sort order of column values. + +Fix EXTRACT(EPOCH) for +TIME WITH TIME ZONE values +Fix mis-display of negative fractional seconds in +INTERVAL values + +This error only occurred when the +--enable-integer-datetimes configuration switch had been used. + +Fix pg_dump to dump trigger names containing % +correctly (Neil) +Still more 64-bit fixes for +contrib/intagg +Prevent incorrect optimization of functions returning +RECORD +Prevent crash on COALESCE(NULL,NULL) +Fix Borland makefile for libpq +Fix contrib/btree_gist for timetz type +(Teodor) +Make pg_ctl check the PID found in +postmaster.pid to see if it is still a live +process +Fix pg_dump/pg_restore problems caused +by addition of dump timestamps +Fix interaction between materializing holdable cursors and +firing deferred triggers during transaction commit +Fix memory leak in SQL functions returning pass-by-reference +data types + + + + + Release 8.0.2 @@ -2569,6 +2676,177 @@ typedefs (Michael) + + + + + Release 7.4.8 + + + Release date + 2005-05-05 + + + + This release contains a variety of fixes from 7.4.7, including several + security-related issues. + + + + Migration to version 7.4.8 + + + A dump/restore is not required for those running 7.4.X. However, + it is one possible way of handling two significant security problems + that have been found in the initial contents of 7.4.X system + catalogs. A dump/initdb/reload sequence using 7.4.8's initdb will + automatically correct these problems. + + + + The larger security problem is that the built-in character set encoding + conversion functions can be invoked from SQL commands by unprivileged + users, but the functions were not designed for such use and are not + secure against malicious choices of arguments. The fix involves changing + the declared parameter list of these functions so that they can no longer + be invoked from SQL commands. (This does not affect their normal use + by the encoding conversion machinery.) + + + + The lesser problem is that the contrib/tsearch2 module + creates several functions that are misdeclared to return + internal when they do not accept internal arguments. + This breaks type safety for all functions using internal + arguments. + + + + It is strongly recommended that all installations repair these errors, + either by initdb or by following the manual repair procedures given + below. The errors at least allow unprivileged database users to crash + their server process, and may allow unprivileged users to gain the + privileges of a database superuser. + + + + If you wish not to do an initdb, perform the following procedures instead. + As the database superuser, do: + + +BEGIN; +UPDATE pg_proc SET proargtypes[3] = 'internal'::regtype +WHERE pronamespace = 11 AND pronargs = 5 + AND proargtypes[2] = 'cstring'::regtype; +-- The command should report having updated 90 rows; +-- if not, rollback and investigate instead of committing! +COMMIT; + + + Next, if you have installed contrib/tsearch2, do + + +BEGIN; +UPDATE pg_proc SET proargtypes[0] = 'internal'::regtype +WHERE oid IN ( + 'dex_init(text)'::regprocedure, + 'snb_en_init(text)'::regprocedure, + 'snb_ru_init(text)'::regprocedure, + 'spell_init(text)'::regprocedure, + 'syn_init(text)'::regprocedure +); +-- The command should report having updated 5 rows; +-- if not, rollback and investigate instead of committing! +COMMIT; + + + If this command fails with a message like function + "dex_init(text)" does not exist, then either tsearch2 + is not installed in this database, or you already did the update. + + + + The above procedures must be carried out in each database + of an installation, including template1, and ideally + including template0 as well. If you do not fix the + template databases then any subsequently created databases will contain + the same errors. template1 can be fixed in the same way + as any other database, but fixing template0 requires + additional steps. First, from any database issue + +UPDATE pg_database SET datallowconn = true WHERE datname = 'template0'; + + Next connect to template0 and perform the above repair + procedures. Finally, do + +-- re-freeze template0: +VACUUM FREEZE; +-- and protect it against future alterations: +UPDATE pg_database SET datallowconn = false WHERE datname = 'template0'; + + + + + + Changes + + +Change encoding function signature to prevent +misuse +Change contrib/tsearch2 to avoid unsafe use of +INTERNAL function results +Fix comparisons of TIME WITH TIME ZONE values + +The comparison code was wrong in the case where the +--enable-integer-datetimes configuration switch had been used. +NOTE: if you have an index on a TIME WITH TIME ZONE column, +it will need to be REINDEXed after installing this update, because +the fix corrects the sort order of column values. + +Fix EXTRACT(EPOCH) for +TIME WITH TIME ZONE values +Fix mis-display of negative fractional seconds in +INTERVAL values + +This error only occurred when the +--enable-integer-datetimes configuration switch had been used. + +Ensure operations done during backend shutdown are counted by +statistics collector + + This is expected to resolve reports of pg_autovacuum + not vacuuming the system catalogs often enough — it was not being + told about catalog deletions caused by temporary table removal during + backend exit. + +Additional buffer overrun checks in plpgsql +(Neil) +Fix pg_dump to dump trigger names containing % +correctly (Neil) +Fix contrib/pgcrypto for newer OpenSSL builds +(Marko Kreen) +Still more 64-bit fixes for +contrib/intagg +Prevent incorrect optimization of functions returning +RECORD +Prevent to_char(interval) from dumping core for +month-related formats +Prevent crash on COALESCE(NULL,NULL) +Fix array_map to call PL functions correctly +Fix permission checking in ALTER DATABASE RENAME +Fix ALTER LANGUAGE RENAME +Make RemoveFromWaitQueue clean up after itself + +This fixes a lock management error that would only be visible if a transaction +was kicked out of a wait for a lock (typically by query cancel) and then the +holder of the lock released it within a very narrow window. + +Fix problem with untyped parameter appearing in +INSERT ... SELECT +Fix CLUSTER failure after +ALTER TABLE SET WITHOUT OIDS + + @@ -4953,6 +5231,121 @@ DROP SCHEMA information_schema CASCADE; + + Release 7.3.10 + + + Release date + 2005-05-05 + + + + This release contains a variety of fixes from 7.3.9, including several + security-related issues. + + + + Migration to version 7.3.10 + + + A dump/restore is not required for those running 7.3.X. However, + it is one possible way of handling a significant security problem + that has been found in the initial contents of 7.3.X system + catalogs. A dump/initdb/reload sequence using 7.3.10's initdb will + automatically correct this problem. + + + + The security problem is that the built-in character set encoding + conversion functions can be invoked from SQL commands by unprivileged + users, but the functions were not designed for such use and are not + secure against malicious choices of arguments. The fix involves changing + the declared parameter list of these functions so that they can no longer + be invoked from SQL commands. (This does not affect their normal use + by the encoding conversion machinery.) + It is strongly recommended that all installations repair this error, + either by initdb or by following the manual repair procedure given + below. The error at least allows unprivileged database users to crash + their server process, and may allow unprivileged users to gain the + privileges of a database superuser. + + + + If you wish not to do an initdb, perform the following procedure instead. + As the database superuser, do: + + +BEGIN; +UPDATE pg_proc SET proargtypes[3] = 'internal'::regtype +WHERE pronamespace = 11 AND pronargs = 5 + AND proargtypes[2] = 'cstring'::regtype; +-- The command should report having updated 90 rows; +-- if not, rollback and investigate instead of committing! +COMMIT; + + + + + The above procedure must be carried out in each database + of an installation, including template1, and ideally + including template0 as well. If you do not fix the + template databases then any subsequently created databases will contain + the same error. template1 can be fixed in the same way + as any other database, but fixing template0 requires + additional steps. First, from any database issue + +UPDATE pg_database SET datallowconn = true WHERE datname = 'template0'; + + Next connect to template0 and perform the above repair + procedure. Finally, do + +-- re-freeze template0: +VACUUM FREEZE; +-- and protect it against future alterations: +UPDATE pg_database SET datallowconn = false WHERE datname = 'template0'; + + + + + + Changes + + +Change encoding function signature to prevent +misuse +Fix comparisons of TIME WITH TIME ZONE values + +The comparison code was wrong in the case where the +--enable-integer-datetimes configuration switch had been used. +NOTE: if you have an index on a TIME WITH TIME ZONE column, +it will need to be REINDEXed after installing this update, because +the fix corrects the sort order of column values. + +Fix EXTRACT(EPOCH) for +TIME WITH TIME ZONE values +Fix mis-display of negative fractional seconds in +INTERVAL values + +This error only occurred when the +--enable-integer-datetimes configuration switch had been used. + +Additional buffer overrun checks in plpgsql +(Neil) +Fix pg_dump to dump trigger names containing % +correctly (Neil) +Prevent to_char(interval) from dumping core for +month-related formats +Fix contrib/pgcrypto for newer OpenSSL builds +(Marko Kreen) +Still more 64-bit fixes for +contrib/intagg +Prevent incorrect optimization of functions returning +RECORD + + + + + Release 7.3.9 @@ -6113,6 +6506,46 @@ operations on bytea columns (Joe) + + Release 7.2.8 + + + Release date + 2005-05-05 + + + + This release contains a variety of fixes from 7.2.7, including one + security-related issue. + + + + Migration to version 7.2.8 + + + A dump/restore is not required for those running 7.2.X. + + + + + Changes + + +Fix EXTRACT(EPOCH) for +TIME WITH TIME ZONE values +Additional buffer overrun checks in plpgsql +(Neil) +Fix pg_dump to dump index names and trigger names containing +% correctly (Neil) +Prevent to_char(interval) from dumping core for +month-related formats +Fix contrib/pgcrypto for newer OpenSSL builds +(Marko Kreen) + + + + + Release 7.2.7 diff --git a/src/include/pg_config.h.win32 b/src/include/pg_config.h.win32 index ca0f102750a..740c0bf549e 100644 --- a/src/include/pg_config.h.win32 +++ b/src/include/pg_config.h.win32 @@ -3,8 +3,8 @@ /* * Parts of pg_config.h that you get with autoconf on other systems */ -#define PG_VERSION "8.0.2" -#define PG_VERSION_STR "8.0.2 (win32)" +#define PG_VERSION "8.0.3" +#define PG_VERSION_STR "8.0.3 (win32)" #define DEF_PGPORT 5432 #define DEF_PGPORT_STR "5432" diff --git a/src/interfaces/libpq/libpq.rc.in b/src/interfaces/libpq/libpq.rc.in index 2b064b4f1a4..bc10bebf8a2 100644 --- a/src/interfaces/libpq/libpq.rc.in +++ b/src/interfaces/libpq/libpq.rc.in @@ -1,8 +1,8 @@ #include VS_VERSION_INFO VERSIONINFO - FILEVERSION 8,0,2,0 - PRODUCTVERSION 8,0,2,0 + FILEVERSION 8,0,3,0 + PRODUCTVERSION 8,0,3,0 FILEFLAGSMASK 0x3fL FILEFLAGS 0 FILEOS VOS__WINDOWS32 @@ -15,13 +15,13 @@ BEGIN BEGIN VALUE "CompanyName", "\0" VALUE "FileDescription", "PostgreSQL Access Library\0" - VALUE "FileVersion", "8.0.2\0" + VALUE "FileVersion", "8.0.3\0" VALUE "InternalName", "libpq\0" VALUE "LegalCopyright", "Copyright (C) 2005\0" VALUE "LegalTrademarks", "\0" VALUE "OriginalFilename", "libpq.dll\0" VALUE "ProductName", "PostgreSQL\0" - VALUE "ProductVersion", "8.0.2\0" + VALUE "ProductVersion", "8.0.3\0" END END BLOCK "VarFileInfo" diff --git a/src/port/win32ver.rc b/src/port/win32ver.rc index 1704c10f12a..f87af4484dc 100644 --- a/src/port/win32ver.rc +++ b/src/port/win32ver.rc @@ -2,8 +2,8 @@ #include "pg_config.h" VS_VERSION_INFO VERSIONINFO - FILEVERSION 8,0,2,0 - PRODUCTVERSION 8,0,2,0 + FILEVERSION 8,0,3,0 + PRODUCTVERSION 8,0,3,0 FILEFLAGSMASK 0x17L FILEFLAGS 0x0L FILEOS VOS_NT_WINDOWS32