4.3.1
Suppress message length log for in_hot_standby.
Change the default value for log_line_prefix.
Add validations of wd_lifecheck_password and recovery_password format.
Enhance parameter status handling.
Bug fixes
4.3.0
Many enhancements are added to this version for easier configuration and administration. A new cluster membership mechanism is introduced to dynamically adjust the Watchdog cluster size. This allows the leader Watchdog node to retain the quorum/VIP even when some of watchdog nodes get Shutdown or disconnected. New PostgreSQL 14 SQL parser is imported. The Snapshot Isolation Mode is now ready for production. New sample configuration for the mode is provided in the configuration example section.
================================================================================
Redis 6.2.7 Released Wed Apr 27 12:00:00 IDT 2022
================================================================================
Upgrade urgency: SECURITY, contains fixes to security issues.
Security Fixes:
* (CVE-2022-24736) An attacker attempting to load a specially crafted Lua script
can cause NULL pointer dereference which will result with a crash of the
redis-server process. This issue affects all versions of Redis.
[reported by Aviv Yahav].
* (CVE-2022-24735) By exploiting weaknesses in the Lua script execution
environment, an attacker with access to Redis can inject Lua code that will
execute with the (potentially higher) privileges of another Redis user.
[reported by Aviv Yahav].
Potentially Breaking Fixes
==========================
* LPOP/RPOP with count against non-existing list return null array (#10095)
* LPOP/RPOP used to produce wrong replies when count is 0 (#9692)
Performance and resource utilization improvements
=================================================
* Speed optimization in command execution pipeline (#10502)
* Fix regression in Z[REV]RANGE commands (by-rank) introduced in Redis 6.2 (#10337)
Platform / toolchain support related improvements
=================================================
* Fix RSS metrics on NetBSD and OpenBSD (#10116, #10149)
* Fix OpenSSL 3.0.x related issues (#10291)
Bug Fixes
=========
* Lua: Add checks for min-slave-* configs when evaluating Lua scripts (#10160)
* Lua: fix crash on a script call with many arguments, a regression in v6.2.6 (#9809)
* Tracking: Make invalidation messages always after command's reply (#9422)
* Fix excessive stream trimming due to an overflow (#10068)
* Add missed error counting for INFO errorstats (#9646)
* Fix geo search bounding box check causing missing results (#10018)
* Improve EXPIRE TTL overflow detection (#9839)
* Modules: Fix thread safety violation when a module thread adds an error reply, broken in 6.2 (#10278)
* Modules: Fix missing and duplicate error stats (#10278)
* Module APIs: release clients blocked on module commands in cluster resharding
and down state (#9483)
* Sentinel: Fix memory leak with TLS (#9753)
* Sentinel: Fix issues with hostname support (#10146)
* Sentinel: Fix election failures on certain container environments (#10197)
The PostgreSQL Global Development Group has released an update to all supported versions of PostgreSQL, including 14.3, 13.7, 12.11, 11.16, and 10.21. This release closes one security vulnerability and fixes over 50 bugs reported over the last three months.
CVE-2022-1552: Autovacuum, REINDEX, and others omit "security restricted operation" sandbox.
Versions Affected: 10 - 14. The security team typically does not test unsupported versions, but this problem is quite old.
Autovacuum, REINDEX, CREATE INDEX, REFRESH MATERIALIZED VIEW, CLUSTER, and pg_amcheck made incomplete efforts to operate safely when a privileged user is maintaining another user's objects. Those commands activated relevant protections too late or not at all. An attacker having permission to create non-temp objects in at least one schema could execute arbitrary SQL functions under a superuser identity.
While promptly updating PostgreSQL is the best remediation for most users, a user unable to do that can work around the vulnerability by disabling autovacuum, not manually running the above commands, and not restoring from output of the pg_dump command. Performance may degrade quickly under this workaround. VACUUM is safe, and all commands are fine when a trusted user owns the target object.
Bug Fixes and Improvements
This update fixes over 50 bugs that were reported in the last several months. The issues listed below affect PostgreSQL 14. Some of these issues may also affect other supported versions of PostgreSQL.
Included in this release:
Fix issue that could lead to corruption of GiST indexes on ltree columns. After upgrading, you will need to reindex any GiST indexes on ltree columns.
Column names in tuples produced by a whole-row variable (e.g. tbl.*) outside of a top-level of a SELECT list are now always associated with those of the associated named composite type, if there is one. The release notes detail a workaround if you depend on the previous behavior.
Fix incorrect rounding when extracting epoch values from interval types.
Prevent issues with calling pg_stat_get_replication_slot(NULL).
Fix incorrect output for types timestamptz and timetz in table_to_xmlschema().
Fix errors related to a planner issue that affected asynchronous remote queries.
Fix planner failure if a query using SEARCH or CYCLE features contains a duplicate common-table expression (WITH) name.
Fix ALTER FUNCTION to support changing a function's parallelism property and its SET-variable list in the same command.
Fix incorrect sorting of table rows when using CLUSTER on an index whose leading key is an expression.
Prevent data loss if a system crash occurs shortly after a sorted GiST index build.
Fix risk of deadlock failures while dropping a partitioned index.
Fix race condition between DROP TABLESPACE and checkpointing that could fail to remove all dead files from the tablespace directory.
Fix potential issue in crash recovery after a TRUNCATE command that overlaps with a checkpoint.
Re-allow _ as the first character in a custom configuration parameter name.
Fix PANIC: xlog flush request is not satisfied failure during standby promotion when there is a missing WAL continuation record.
Fix possibility of self-deadlock in hot standby conflict handling.
Ensure that logical replication apply workers can be restarted when the server is near the max_sync_workers_per_subscription limit.
Disallow execution of SPI functions during PL/Perl function compilation.
libpq now accepts root-owned SSL private key files, which matches the rules the server has used since the 9.6 release.
Re-allow database.schema.table patterns in psql, pg_dump, and pg_amcheck.
Several fixes for pageinspect to improve overall stability.
Disable batch insertion in postgres_fdw when BEFORE INSERT ... FOR EACH ROW triggers exist on the foreign table.
Update JIT code to work with LLVM 14.
Version 2.19 - 9 March 2022
- Change `barman diagnose` output date format to ISO8601.
- Add Google Cloud Storage (GCS) support to barman cloud.
- Support `current` and `latest` recovery targets for the `--target-tli`
option of `barman recover`.
- Add documentation for installation on SLES.
- Bug fixes:
- `barman-wal-archive --test` now returns a non-zero exit code when
an error occurs.
- Fix `barman-cloud-check-wal-archive` behaviour when `-t` option is
used so that it exits after connectivity test.
- `barman recover` now continues when `--no-get-wal` is used and
`"get-wal"` is not set in `recovery_options`.
- Fix `barman show-servers --format=json ${server}` output for
inactive server.
- Check for presence of `barman_home` in configuration file.
- Passive barman servers will no longer store two copies of the
tablespace data when syncing backups taken with
`backup_method = postgres`.
- We thank richyen for his contributions to this release.
Version 2.18 - 21 January 2022
- Add snappy compression algorithm support in barman cloud (requires the
optional python-snappy dependency).
- Allow Azure client concurrency parameters to be set when uploading
WALs with barman-cloud-wal-archive.
- Add `--tags` option in barman cloud so that backup files and archived
WALs can be tagged in cloud storage (aws and azure).
- Update the barman cloud exit status codes so that there is a dedicated
code (2) for connectivity errors.
- Add the commands `barman verify-backup` and `barman generate-manifest`
to check if a backup is valid.
- Add support for Azure Managed Identity auth in barman cloud which can
be enabled with the `--credential` option.
- Bug fixes:
- Change `barman-cloud-check-wal-archive` behavior when bucket does
not exist.
- Ensure `list-files` output is always sorted regardless of the
underlying filesystem.
- Man pages for barman-cloud-backup-keep, barman-cloud-backup-delete
and barman-cloud-check-wal-archive added to Python packaging.
- We thank richyen and stratakis for their contributions to this
release.
Version 2.17 - 1 December 2021
- Bug fixes:
- Resolves a performance regression introduced in version 2.14 which
increased copy times for `barman backup` or `barman recover` commands
when using the `--jobs` flag.
- Ignore rsync partial transfer errors for `sender` processes so that
such errors do not cause the backup to fail (thanks to barthisrael).
Version 2.16 - 17 November 2021
- Add the commands `barman-check-wal-archive` and `barman-cloud-check-wal-archive`
to validate if a proposed archive location is safe to use for a new PostgreSQL
server.
- Allow Barman to identify WAL that's already compressed using a custom
compression scheme to avoid compressing it again.
- Add `last_backup_minimum_size` and `last_wal_maximum_age` options to
`barman check`.
- Bug fixes:
- Use argparse for command line parsing instead of the unmaintained
argh module.
- Make timezones consistent for `begin_time` and `end_time`.
- We thank chtitux, George Hansper, stratakis, Thoro, and vrms for their
contributions to this release.
Version 2.15 - 12 October 2021
- Add plural forms for the `list-backup`, `list-server` and
`show-server` commands which are now `list-backups`, `list-servers`
and `show-servers`. The singular forms are retained for backward
compatibility.
- Add the `last-failed` backup shortcut which references the newest
failed backup in the catalog so that you can do:
- `barman delete <SERVER> last-failed`
- Bug fixes:
- Tablespaces will no longer be omitted from backups of EPAS
versions 9.6 and 10 due to an issue detecting the correct version
string on older versions of EPAS.
Version 2.14 - 22 September 2021
- Add the `barman-cloud-backup-delete` command which allows backups in
cloud storage to be deleted by specifying either a backup ID or a
retention policy.
- Allow backups to be retained beyond any retention policies in force by
introducing the ability to tag existing backups as archival backups
using `barman keep` and `barman-cloud-backup-keep`.
- Allow the use of SAS authentication tokens created at the restricted
blob container level (instead of the wider storage account level) for
Azure blob storage
- Significantly speed up `barman restore` into an empty directory for
backups that contain hundreds of thousands of files.
- Bug fixes:
- The backup privileges check will no longer fail if the user lacks
"userepl" permissions and will return better error messages if any
required permissions are missing
Version 2.13 - 26 July 2021
- Add Azure blob storage support to barman-cloud
- Support tablespace remapping in barman-cloud-restore via
`--tablespace name:location`
- Allow barman-cloud-backup and barman-cloud-wal-archive to run as
Barman hook scripts, to allow data to be relayed to cloud storage
from the Barman server
- Bug fixes:
- Stop backups failing due to idle_in_transaction_session_timeout
(https://github.com/EnterpriseDB/barman/issues/333)
- Fix a race condition between backup and archive-wal in updating
xlog.db entries
- Handle PGDATA being a symlink in barman-cloud-backup, which led to
"seeking backwards is not allowed" errors on restore
- Recreate pg_wal on restore if the original was a symlink
- Recreate pg_tblspc symlinks for tablespaces on restore
- Make barman-cloud-backup-list skip backups it cannot read, e.g.,
because they are in Glacier storage
- Add `-d database` option to barman-cloud-backup to specify which
database to connect to initially
- Fix "Backup failed uploading data" errors from barman-cloud-backup
on Python 3.8 and above, caused by attempting to pickle the boto3
client
- Correctly enable server-side encryption in S3 for buckets that do
not have encryption enabled by default.
In Barman 2.12, barman-cloud-backup's `--encryption` option did
not correctly enable encryption for the contents of the backup if
the backup was stored in an S3 bucket that did not have encryption
enabled. If this is the case for you, please consider deleting
your old backups and taking new backups with Barman 2.13.
If your S3 buckets already have encryption enabled by default
(which we recommend), this does not affect you.
Version 2.12.1 - 30 June 2021
- Bug fixes:
- Allow specifying target-tli with other target-* recovery options
- Fix incorrect NAME in barman-cloud-backup-list manpage
- Don't raise an error if SIGALRM is ignored
- Fetch wal_keep_size, not wal_keep_segments, from Postgres 13
Version 2.12 - 5 Nov 2020
- Introduce a new backup_method option called local-rsync which
targets those cases where Barman is installed on the same server
where PostgreSQL is and directly uses rsync to take base backups,
bypassing the SSH layer.
- Bug fixes:
- Avoid corrupting boto connection in worker processes
- Avoid connection attempts to PostgreSQL during tests
Released 3.4.0 2021-11-26
This release requires Python 3.6 or above,
and is tested with Python 3.6 to 3.10.
Python 2 is no longer supported.
New code in the python-ldap project is available under the MIT licence
(available in ``LICENCE.MIT`` in the source). Several contributors have agreed
to apply this licence their previous contributions as well.
See the ``README`` for details.
The following undocumented functions are deprecated and scheduled for removal:
- ``ldap.cidict.strlist_intersection``
- ``ldap.cidict.strlist_minus``
- ``ldap.cidict.strlist_union``
Security fixes:
* Fix inefficient regular expression which allows denial-of-service attacks
when parsing specially-crafted LDAP schema.
(GHSL-2021-117)
Changes:
* On MacOS, remove option to make LDAP connections from a file descriptor
when built with the system libldap (which lacks the underlying function,
``ldap_init_fd``)
* Attribute values of the post read control are now ``bytes``
instead of ISO8859-1 decoded ``str``
* ``LDAPUrl`` now treats urlscheme as case-insensitive
* Several OpenLDAP options are now supported:
* ``OPT_X_TLS_REQUIRE_SAN``
* ``OPT_X_SASL_SSF_EXTERNAL``
* ``OPT_X_TLS_PEERCERT``
Fixes:
* The ``copy()`` method of ``cidict`` was added back. It was unintentionally
removed in 3.3.0
* Fixed getting/setting ``SASL`` options on big endian platforms
* Unknown LDAP result code are now converted to ``LDAPexception``,
rather than raising a ``SystemError``.
slapdtest:
* Show stderr of slapd -Ttest
* ``SlapdObject`` uses directory-based configuration of ``slapd``
* ``SlapdObject`` startup is now faster
Infrastructure:
* CI now runs on GitHub Actions rather than Travis CI.
2.3.11
Add missing files
2.3.10
Add connection pooling via wide connection functions
Remove "#define VERSION" from unixodbc_conf.h
Call driver functions through prototypes
Add connection pool limit option
Add fseeko support in cursor lib
Try and prevent logging buffer overflow
Add 'echo' option to isql/iusql
Alter isql/iusql buffering
Alter unicode to ascii conversion in SQLGetDiagField
Fix pooling problem when user name and or password is not provided
Fix a couple of reported buffer overflow conditions
Fix iconv leak with timeout in pooled connection
Version 4.3.0
🔥 Breaking Changes
Replace OSError exceptions from can_read with redis.ConnectionError
Updated FUNCTION LOAD changes (from release 7.0 rc3 to support redis 7.0 final)
🚀 New Features
Get command keys for subcommands
Add support for CLUSTER SHARDS
Add support for COMMAND LIST
Add Async RedisCluster
ACL SETUSER - add selectors and key based permissions
Support for redis 7 streams features
Async Connection: Allow PubSub.run() without previous subscribe()
Implemented LATENCY HISTOGRAM by always throwing NotImplementedError
Add async supoort for SEARCH commands
Retry(): Support negative retries value
Add support for MODULE LOADEX
INFO - add support for taking multiple section arguments
CONFIG SET - add the ability to set multiple parameters in one call
CONFIG GET - add the ability to pass multiple pattern parameters in one call
Add support for COMMAND GETKEYSANDFLAGS
Support CASESENSITIVE for TAG fields
🐛 Bug Fixes
Rename 'update_supported_erros' to 'update_supported_errors' in Retry module
Fix execute_command() determining nodes error when no key command
Fix incorrect return statement in auth
🧰 Maintenance
Add unittest for PubSub.connect()
Fix incorrect return annotation in asyncio.lock
Minor cleanups in commands/cluster.py
Update xtrim type annotation
Async tests for redis commands, json, bloom, timeseries
Fixed typing in getex command
LuaLDAP is a simple interface from Lua to an LDAP client, in fact
it is a bind to OpenLDAP (https://www.openldap.org) client or ADSI
(https://docs.microsoft.com/en-us/windows/win32/adsi/about-adsi).
It enables a Lua program to:
* Connect to an LDAP server;
* Execute any operation (search, add, compare, delete, modify and rename);
* Retrieve entries and references of the search result.
3.38.4 (2022-05-04):
Fix a byte-code problem in the Bloom filter pull-down optimization added by release 3.38.0 in which an error in the byte code causes the byte code engine to enter an infinite loop when the pull-down optimization encounters a NULL key.
OpenLDAP 2.6.2
Added libldap support for OpenSSL 3.0
Added slapd support for OpenSSL 3.0
Fixed ldapdelete to prune LDAP subentries
Fixed libldap to drop connection when non-LDAP data is received
Fixed libldap to allow newlines at end of included file
Fixed slapd slaptest conversion of olcLastBind
Fixed slapd to correctly init global_host earlier
Fixed slapd bconfig locking for cn=config replication
Fixed slapd usage of thread local counters
Fixed slapd to clear runqueue task correctly
Fixed slapd idletimeout handling
Fixed slapd syncrepl handling of new sessions
Fixed slapd to clear connections on bind
Fixed slapd to correctly advance connections index
Fixed slapd syncrepl ODSEE replication of unknown attr
Fixed slapd-asyncmeta memory leak in keepalive setting
Fixed slapd-ldap memory leak in keepalive setting
Fixed slapd-meta SEGV on config rewrite
Fixed slapd-meta ordering on config rewrite
Fixed slapd-meta memory leak in keepalive setting
Fixed slapd-monitor SEGV on shutdown
Fixed slapd-monitor crash when hitting sizelimit
Fixed slapd-sql to properly escape filter value
Added slapo-autoca support for OpenSSL 3.0
Added slapo-otp support for OpenSSL 3.0
Fixed slapo-dynlist dynamic group regression
Fixed slapo-pcache SEGV on shutdown
Fixed slapo-ppolicy operation handling to be consistent
Fixed slapo-translucent to correctly duplicate substring filters
Build Environment
Add ability to override default compile time paths
Fix compiliation with certain versions of gcc
Fix compilation with openssl exclusions
Fix warnings from make jobserver
Contrib
Update ppm module to the 2.1 release
Documentation
admin26 Document new lloadd features
Fixed slapd.conf(5)/slapd-config(5) syncrepl sizelimit/timelimit documentation
Fixed slapd-sock(5) to clarify "sockresps result" behavior
## Rails 6.1.5.1 (April 26, 2022) ##
* No changes.
## Rails 6.1.5 (March 09, 2022) ##
* Fix `ActiveRecord::ConnectionAdapters::SchemaCache#deep_deduplicate` for Ruby 2.6.
Ruby 2.6 and 2.7 have slightly different implementations of the `String#@-` method.
In Ruby 2.6, the receiver of the `String#@-` method is modified under certain circumstances.
This was later identified as a bug (https://bugs.ruby-lang.org/issues/15926) and only
fixed in Ruby 2.7.
Before the changes in this commit, the
`ActiveRecord::ConnectionAdapters::SchemaCache#deep_deduplicate` method, which internally
calls the `String#@-` method, could also modify an input string argument in Ruby 2.6 --
changing a tainted, unfrozen string into a tainted, frozen string.
Fixes#43056
*Eric O'Hanlon*
* Fix migration compatibility to create SQLite references/belongs_to column as integer when
migration version is 6.0.
`reference`/`belongs_to` in migrations with version 6.0 were creating columns as
bigint instead of integer for the SQLite Adapter.
*Marcelo Lauxen*
* Fix dbconsole for 3-tier config.
*Eileen M. Uchitelle*
* Better handle SQL queries with invalid encoding.
```ruby
Post.create(name: "broken \xC8 UTF-8")
```
Would cause all adapters to fail in a non controlled way in the code
responsible to detect write queries.
The query is now properly passed to the database connection, which might or might
not be able to handle it, but will either succeed or failed in a more correct way.
*Jean Boussier*
* Ignore persisted in-memory records when merging target lists.
*Kevin Sjöberg*
* Fix regression bug that caused ignoring additional conditions for preloading
`has_many` through relations.
Fixes#43132
*Alexander Pauly*
* Fix `ActiveRecord::InternalMetadata` to not be broken by
`config.active_record.record_timestamps = false`
Since the model always create the timestamp columns, it has to set them, otherwise it breaks
various DB management tasks.
Fixes#42983
*Jean Boussier*
* Fix duplicate active record objects on `inverse_of`.
*Justin Carvalho*
* Fix duplicate objects stored in has many association after save.
Fixes#42549.
*Alex Ghiculescu*
* Fix performance regression in `CollectionAssocation#build`.
*Alex Ghiculescu*
* Fix retrieving default value for text column for MariaDB.
*fatkodima*
1.7.7
bug
[bug] [operations]
Fixed issue where using Operations.create_table() in conjunction with a CheckConstraint that referred to table-bound Column objects rather than string expressions would be added to the parent table potentially multiple times, resulting in an incorrect DDL sequence. Pull request courtesy Nicolas CANIART.
[bug] [environment]
The logging.fileConfig() line in env.py templates, which is used to setup Python logging for the migration run, is now conditional on Config.config_file_name not being None. Otherwise, the line is skipped as there is no default logging configuration present.
[bug] [mssql]
Fixed bug where an Operations.alter_column() operation would change a “NOT NULL” column to “NULL” by emitting an ALTER COLUMN statement that did not specify “NOT NULL”. (In the absence of “NOT NULL” T-SQL was implicitly assuming “NULL”). An Operations.alter_column() operation that specifies Operations.alter_column.type should also specify include either Operations.alter_column.nullable or Operations.alter_column.existing_nullable to inform Alembic as to whether the emitted DDL should include “NULL” or “NOT NULL”; a warning is now emitted if this is missing under this scenario.
1.7.6
usecase
[usecase] [commands]
Add a new command alembic ensure_version, which will ensure that the Alembic version table is present in the target database, but does not alter its contents. Pull request courtesy Kai Mueller.
bug
[bug] [batch] [regression]
Fixed regression where usage of a with_variant() datatype in conjunction with the existing_type option of op.alter_column() under batch mode would lead to an internal exception.
[bug] [autogenerate]
Implemented support for recognizing and rendering SQLAlchemy “variant” types going forward into SQLAlchemy 2.0, where the architecture of “variant” datatypes will be changing.
[bug] [autogenerate] [mysql]
Added a rule to the MySQL impl so that the translation between JSON / LONGTEXT is accommodated by autogenerate, treating LONGTEXT from the server as equivalent to an existing JSON in the model.
misc
[mssql]
Removed a warning raised by SQLAlchemy when dropping constraints on MSSQL regarding statement caching.
Changes in MySQL 5.7.38
SQL Function and Operator Notes
When the mysql client was started with --default-character-set=utf8mb4, successive calls to the UUID() function returned duplicate values.
Security Notes
The linked OpenSSL library for MySQL Server has been updated to version 1.1.1n from 1.1.1l. Issues fixed in OpenSSL are described at https://www.openssl.org/news/cl111.txt and at http://www.openssl.org/news/vulnerabilities.html.
Functionality Added or Changed
The default for the group_replication_transaction_size_limit system variable, which sets the maximum transaction size that a replication group accepts, is changed from zero (no limit) to 150000000 bytes (approximately 143 MB), which is the same as the default in MySQL 8.0. Setting a limit for this system variable by default helps to avoid delays or errors caused by excessively large transactions. Transactions above the limit are rolled back and are not sent to Group Replication's Group Communication System (GCS) for distribution to the group. If your Group Replication servers previously accepted transactions larger than the new default limit, and you were allowing group_replication_transaction_size_limit to default to the old zero limit, those transactions will start to fail after the upgrade to the new default. You must either specify an appropriate size limit that allows the maximum message size you need the group to tolerate (which is the recommended solution), or specify a zero setting to restore the previous behavior.
The myisam_repair_threads system variable and myisamchk --parallel-recover option are deprecated; expect support for both to be removed in a future release of MySQL.
Values other than 1 (the default) for myisam_repair_threads produce a warning.
Bugs Fixed
InnoDB: A missing null pointer check for an index instance caused a failure.
InnoDB: Purge threads processed undo records of an encrypted table for which the tablespace was not loaded, causing a failure.
InnoDB: Incorrect AUTO_INCREMENT values were generated when the maximum integer column value was exceeded. The error was due to the maximum column value not being considered. The previous valid AUTO_INCREMENT value should have been returned in this case, causing a duplicate key error.
Partitioning: In some cases, establishing a connection to MySQL server could fail if the .ibd file for a partition was missing.
Statements that cannot be parsed (due, for example, to syntax errors) are no longer written to the slow query log.
It was not possible to revoke the DROP privilege on the Performance Schema.
A page cleaner thread timed out as it waited for an exclusive lock on an index page held by a full-text index creation operation on a large table.
A memory leak occurred if mysqldump was used on more than one table with the --order-by-primary option. The memory allocated for sorting each table’s rows is now freed after every table, rather than only once.
mysqld_safe log message textual errors were corrected.
changes in version 3.38.3 (2022-04-27):
Fix a case of the query planner be overly aggressive with optimizing automatic-index and Bloom-filter construction, using inappropriate ON clause terms to restrict the size of the automatic-index or Bloom filter, and resulting in missing rows in the output. Forum thread 0d3200f4f3bcd3a3.
Other minor patches. See the timeline for details.
