* Enforce restrictions in plperl using an opmask applied to the whole
interpreter, instead of using "Safe.pm"
* Prevent PL/Tcl from executing untrustworthy code from pltcl_modules
* Fix possible crash if a cache reset message is received during
rebuild of a relcache entry
* Apply per-function GUC settings while running the language
validator for the function
* Do not allow an unprivileged user to reset superuser-only parameter
settings
* Avoid possible crash during backend shutdown if shutdown occurs
when a CONTEXT addition would be made to log entries
* Ensure the archiver process responds to changes in archive_command
as soon as possible
* Update pl/perl's "ppport.h" for modern Perl versions
* Fix assorted memory leaks in pl/python
* Prevent infinite recursion in psql when expanding a variable that
refers to itself
* Fix psql's \copy to not add spaces around a dot within \copy
(select ...)
* Fix unnecessary "GIN indexes do not support whole-index scans"
errors for unsatisfiable queries using "contrib/intarray" operators
* Ensure that "contrib/pgstattuple" functions respond to cancel
interrupts promptly
* Make server startup deal properly with the case that shmget()
returns EINVAL for an existing shared memory segment
* Avoid possible crashes in syslogger process on Windows
* Deal more robustly with incomplete time zone information in the
Windows registry
* Update the set of known Windows time zone names
* Update time zone data files to tzdata release 2010j for DST law
changes in Argentina, Australian Antarctic, Bangladesh, Mexico,
Morocco, Pakistan, Palestine, Russia, Syria, Tunisia; also
historical corrections for Taiwan.
Also, add PKST (Pakistan Summer Time) to the default set of
timezone abbreviations.
* Add new configuration parameter ssl_renegotiation_limit to control
how often we do session key renegotiation for an SSL connection
* Fix possible deadlock during backend startup
* Fix possible crashes due to not handling errors during relcache
reload cleanly
* Fix possible crash due to use of dangling pointer to a cached plan
* Fix possible crashes when trying to recover from a failure in
subtransaction start
* Fix server memory leak associated with use of savepoints and a
client encoding different from server's encoding
* Fix incorrect WAL data emitted during end-of-recovery cleanup of a
GIST index page split
* Make substring() for bit types treat any negative length as meaning
"all the rest of the string"
The previous coding treated only -1 that way, and would produce an
invalid result value for other negative values, possibly leading to
a crash (CVE-2010-0442).
* Fix integer-to-bit-string conversions to handle the first
fractional byte correctly when the output bit width is wider than
the given integer by something other than a multiple of 8 bits
* Fix some cases of pathologically slow regular expression matching
* Fix assorted crashes in xml processing caused by sloppy memory
management
* Fix bug with trying to update a field of an element of a
composite-type array column
* Fix the STOP WAL LOCATION entry in backup history files to report
the next WAL segment's name when the end location is exactly at a
segment boundary
* Fix some more cases of temporary-file leakage
This corrects a problem introduced in the previous minor release.
One case that failed is when a plpgsql function returning set is
called within another function's exception handler.
* Improve constraint exclusion processing of boolean-variable cases,
in particular make it possible to exclude a partition that has a
"bool_column = false" constraint
* When reading "pg_hba.conf" and related files, do not treat
@something as a file inclusion request if the @ appears inside
quote marks; also, never treat @ by itself as a file inclusion
request
* Prevent infinite loop on some platforms if a directory is named as
an inclusion target in "pg_hba.conf" and related files
* Fix possible infinite loop if SSL_read or SSL_write fails without
setting errno
This is reportedly possible with some Windows versions of openssl.
* Disallow GSSAPI authentication on local connections, since it
requires a hostname to function correctly
* Make ecpg report the proper SQLSTATE if the connection disappears
* Fix psql's numericlocale option to not format strings it shouldn't
in latex and troff output formats
* Make psql return the correct exit status (3) when ON_ERROR_STOP and
--single-transaction are both specified and an error occurs during
the implied "COMMIT"
* Fix plpgsql failure in one case where a composite column is set to NULL
* Fix possible failure when calling PL/Perl functions from PL/PerlU
or vice versa
* Add volatile markings in PL/Python to avoid possible
compiler-specific misbehavior
* Ensure PL/Tcl initializes the Tcl interpreter fully
The only known symptom of this oversight is that the Tcl clock
command misbehaves if using Tcl 8.5 or later.
* Prevent crash in "contrib/dblink" when too many key columns are
specified to a dblink_build_sql_* function
* Allow zero-dimensional arrays in "contrib/ltree" operations
* Fix assorted crashes in "contrib/xml2" caused by sloppy memory
management
* Make building of "contrib/xml2" more robust on Windows
* Fix race condition in Windows signal handling
One known symptom of this bug is that rows in pg_listener could be
dropped under heavy load.
* Update time zone data files to tzdata release 2010e for DST law
changes in Bangladesh, Chile, Fiji, Mexico, Paraguay, Samoa.
* Protect against indirect security threats caused by index functions
changing session-local state
* Reject SSL certificates containing an embedded null byte in the
common name (CN) field
* Fix possible crash during backend-startup-time cache initialization
* Avoid crash on empty thesaurus dictionary
* Prevent signals from interrupting VACUUM at unsafe times
* Fix possible crash due to integer overflow in hash table size
calculation
* Fix very rare crash in inet/cidr comparisons
* Ensure that shared tuple-level locks held by prepared transactions
are not ignored
* Fix premature drop of temporary files used for a cursor that is
accessed within a subtransaction
* Fix memory leak in syslogger process when rotating to a new CSV
logfile
* Fix Windows permission-downgrade logic
* Fix incorrect logic for GiST index page splits, when the split
depends on a non-first column of the index
* Don't error out if recycling or removing an old WAL file fails at
the end of checkpoint
* Ensure WAL files aren't repeatedly archived on Windows
* Fix PAM password processing to be more robust
* Raise the maximum authentication token (Kerberos ticket) size in
GSSAPI and SSPI authentication methods
* More...
* Fix Windows shared-memory allocation code
* Force WAL segment switch during pg_start_backup()
* Disallow "RESET ROLE" and "RESET SESSION AUTHORIZATION" inside
security-definer functions
* Make "LOAD" of an already-loaded loadable module into a no-op
* Disallow empty passwords during LDAP authentication
* Fix handling of sub-SELECTs appearing in the arguments of an
outer-level aggregate function
* Fix bugs associated with fetching a whole-row value from the output
of a Sort or Materialize plan node
* Prevent synchronize_seqscans from changing the results of
scrollable and WITH HOLD cursors
* Revert planner change that disabled partial-index and constraint
exclusion optimizations when there were more than 100 clauses in an
AND or OR list
* Fix hash calculation for data type interval
* Treat to_char(..., 'TH') as an uppercase ordinal suffix with 'HH'/'HH12'
* Fix overflow for INTERVAL 'x ms' when "x" is more than 2 million
and integer datetimes are in use
* Fix calculation of distance between a point and a line segment
* Fix money data type to work in locales where currency amounts have
no fractional digits, e.g. Japan
* Fix LIKE for case where pattern contains %_
* Properly round datetime input like 00:12:57.9999999999999999999999999999
* Fix memory leaks in XML operations
* Fix poor choice of page split point in GiST R-tree operator classes
* Ensure that a "fast shutdown" request will forcibly terminate open
sessions, even if a "smart shutdown" was already in progress
* Avoid performance degradation in bulk inserts into GIN indexes when
the input values are (nearly) in sorted order
* Correctly enforce NOT NULL domain constraints in some contexts in
PL/pgSQL
* Fix portability issues in plperl initialization
* Fix pg_ctl to not go into an infinite loop if "postgresql.conf" is
empty
* Improve pg_dump's efficiency when there are many large objects
* Use SIGUSR1, not SIGQUIT, as the failover signal for pg_standby
* Make pg_get_ruledef() parenthesize negative constants (Tom)
Before this fix, a negative constant in a view or rule might be
dumped as, say, -42::integer, which is subtly incorrect: it should
be (-42)::integer due to operator precedence rules. Usually this
would make little difference, but it could interact with another
recent patch to cause PostgreSQL to reject what had been a valid
"SELECT DISTINCT" view query. Since this could result in pg_dump
output failing to reload, it is being treated as a high-priority
fix. The only released versions in which dump output is actually
incorrect are 8.3.1 and 8.2.7.
* Make "ALTER AGGREGATE ... OWNER TO" update pg_shdepend (Tom)
This oversight could lead to problems if the aggregate was later
involved in a "DROP OWNED" or "REASSIGN OWNED" operation.
With significant new functionality and performance enhancements, this
release represents a major leap forward for PostgreSQL. This was made
possible by a growing community that has dramatically accelerated the
pace of development. This release adds the following major features:
* Full text search is integrated into the core database system
* Support for the SQL/XML standard, including new operators and an
XML data type
* Enumerated data types (ENUM)
* Arrays of composite types
* Universally Unique Identifier (UUID) data type
* Add control over whether NULLs sort first or last
* Updatable cursors
* Server configuration parameters can now be set on a per-function
basis
* User-defined types can now have type modifiers
* Automatically re-plan cached queries when table definitions change
or statistics are updated
* Numerous improvements in logging and statistics collection
* Support Security Service Provider Interface (SSPI) for
authentication on Windows
* Support multiple concurrent autovacuum processes, and other
autovacuum improvements
* Allow the whole PostgreSQL distribution to be compiled with
Microsoft Visual C++