3832212b4c
This update includes a security fix which prevents a buffer overrun in the contrib module intarray's input function for the query_int type. This bug is a security risk since the function's return address could be overwritten by malicious code. All supported versions of PostgreSQL are impacted. However, the affected contrib module is optional. Only users who have installed the intarray module in their database are affected. See the CVE Advisory at http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-4015 This release includes 63 bugfixes, including: - Avoid unexpected conversion overflow in planner for distant date values - Fix assignment to an array slice that is before the existing range of subscripts - Fix pg_restore to do the right thing when escaping large objects - Avoid failures when EXPLAIN tries to display a simple-form CASE expression - Improved build support for Windows version - Fix bug in contrib/seg's GiST picksplit algorithm which caused performance degredation The 9.0.3 update also contains several fixes for issues with features introduced or changed in version 9.0: - Ensure all the received WAL is fsync'd to disk before exiting walreceiver - Improve performance of walreceiver by avoiding excess fsync activity - Make ALTER TABLE revalidate uniqueness and exclusion constraints when needed - Fix EvalPlanQual for UPDATE of an inheritance tree when the tables are not all alike PR: ports/154436 Security: http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-4015 Feature safe: yes Approved by: portmgr |
||
---|---|---|
.. | ||
files | ||
distinfo | ||
Makefile | ||
pkg-descr | ||
pkg-install-server | ||
pkg-plist | ||
pkg-plist-client | ||
pkg-plist-contrib | ||
pkg-plist-plperl | ||
pkg-plist-plpython | ||
pkg-plist-pltcl | ||
pkg-plist-server |