403Webshell
Server IP : 103.119.228.120  /  Your IP : 18.117.105.230
Web Server : Apache
System : Linux v8.techscape8.com 3.10.0-1160.119.1.el7.tuxcare.els2.x86_64 #1 SMP Mon Jul 15 12:09:18 UTC 2024 x86_64
User : nobody ( 99)
PHP Version : 5.6.40
Disable Function : shell_exec,symlink,system,exec,proc_get_status,proc_nice,proc_terminate,define_syslog_variables,syslog,openlog,closelog,escapeshellcmd,passthru,ocinum cols,ini_alter,leak,listen,chgrp,apache_note,apache_setenv,debugger_on,debugger_off,ftp_exec,dl,dll,myshellexec,proc_open,socket_bind,proc_close,escapeshellarg,parse_ini_filepopen,fpassthru,exec,passthru,escapeshellarg,escapeshellcmd,proc_close,proc_open,ini_alter,popen,show_source,proc_nice,proc_terminate,proc_get_status,proc_close,pfsockopen,leak,apache_child_terminate,posix_kill,posix_mkfifo,posix_setpgid,posix_setsid,posix_setuid,dl,symlink,shell_exec,system,dl,passthru,escapeshellarg,escapeshellcmd,myshellexec,c99_buff_prepare,c99_sess_put,fpassthru,getdisfunc,fx29exec,fx29exec2,is_windows,disp_freespace,fx29sh_getupdate,fx29_buff_prepare,fx29_sess_put,fx29shexit,fx29fsearch,fx29ftpbrutecheck,fx29sh_tools,fx29sh_about,milw0rm,imagez,sh_name,myshellexec,checkproxyhost,dosyayicek,c99_buff_prepare,c99_sess_put,c99getsource,c99sh_getupdate,c99fsearch,c99shexit,view_perms,posix_getpwuid,posix_getgrgid,posix_kill,parse_perms,parsesort,view_perms_color,set_encoder_input,ls_setcheckboxall,ls_reverse_all,rsg_read,rsg_glob,selfURL,dispsecinfo,unix2DosTime,addFile,system,get_users,view_size,DirFiles,DirFilesWide,DirPrintHTMLHeaders,GetFilesTotal,GetTitles,GetTimeTotal,GetMatchesCount,GetFileMatchesCount,GetResultFiles,fs_copy_dir,fs_copy_obj,fs_move_dir,fs_move_obj,fs_rmdir,SearchText,getmicrotime
MySQL : ON |  cURL : ON |  WGET : ON |  Perl : ON |  Python : ON |  Sudo : ON |  Pkexec : ON
Directory :  /usr/local/ssl/local/ssl/share/doc/postgresql-9.2.24/html/

Upload File :
current_dir [ Writeable] document_root [ Writeable]

 

Command :


[ Back ]     

Current File : /usr/local/ssl/local/ssl/share/doc/postgresql-9.2.24/html/release-9-2-22.html
<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.01 Transitional//EN" "http://www.w3.org/TR/html4/loose.dtd">
<HTML
><HEAD
><TITLE
>Release 9.2.22</TITLE
><META
NAME="GENERATOR"
CONTENT="Modular DocBook HTML Stylesheet Version 1.79"><LINK
REV="MADE"
HREF="mailto:pgsql-docs@postgresql.org"><LINK
REL="HOME"
TITLE="PostgreSQL 9.2.24 Documentation"
HREF="index.html"><LINK
REL="UP"
TITLE="Release Notes"
HREF="release.html"><LINK
REL="PREVIOUS"
TITLE="Release 9.2.23"
HREF="release-9-2-23.html"><LINK
REL="NEXT"
TITLE="Release 9.2.21"
HREF="release-9-2-21.html"><LINK
REL="STYLESHEET"
TYPE="text/css"
HREF="stylesheet.css"><META
HTTP-EQUIV="Content-Type"
CONTENT="text/html; charset=ISO-8859-1"><META
NAME="creation"
CONTENT="2017-11-06T22:43:11"></HEAD
><BODY
CLASS="SECT1"
><DIV
CLASS="NAVHEADER"
><TABLE
SUMMARY="Header navigation table"
WIDTH="100%"
BORDER="0"
CELLPADDING="0"
CELLSPACING="0"
><TR
><TH
COLSPAN="5"
ALIGN="center"
VALIGN="bottom"
><A
HREF="index.html"
>PostgreSQL 9.2.24 Documentation</A
></TH
></TR
><TR
><TD
WIDTH="10%"
ALIGN="left"
VALIGN="top"
><A
TITLE="Release 9.2.23"
HREF="release-9-2-23.html"
ACCESSKEY="P"
>Prev</A
></TD
><TD
WIDTH="10%"
ALIGN="left"
VALIGN="top"
><A
HREF="release.html"
ACCESSKEY="U"
>Up</A
></TD
><TD
WIDTH="60%"
ALIGN="center"
VALIGN="bottom"
>Appendix E. Release Notes</TD
><TD
WIDTH="20%"
ALIGN="right"
VALIGN="top"
><A
TITLE="Release 9.2.21"
HREF="release-9-2-21.html"
ACCESSKEY="N"
>Next</A
></TD
></TR
></TABLE
><HR
ALIGN="LEFT"
WIDTH="100%"></DIV
><DIV
CLASS="SECT1"
><H1
CLASS="SECT1"
><A
NAME="RELEASE-9-2-22"
>E.3. Release 9.2.22</A
></H1
><DIV
CLASS="FORMALPARA"
><P
><B
>Release date: </B
>2017-08-10</P
></DIV
><P
>   This release contains a variety of fixes from 9.2.21.
   For information about new features in the 9.2 major release, see
   <A
HREF="release-9-2.html"
>Section E.25</A
>.
  </P
><P
>   The <SPAN
CLASS="PRODUCTNAME"
>PostgreSQL</SPAN
> community will stop releasing updates
   for the 9.2.X release series in September 2017.
   Users are encouraged to update to a newer release branch soon.
  </P
><DIV
CLASS="SECT2"
><H2
CLASS="SECT2"
><A
NAME="AEN110943"
>E.3.1. Migration to Version 9.2.22</A
></H2
><P
>    A dump/restore is not required for those running 9.2.X.
   </P
><P
>    However, if you use foreign data servers that make use of user
    passwords for authentication, see the first changelog entry below.
   </P
><P
>    Also, if you are upgrading from a version earlier than 9.2.20,
    see <A
HREF="release-9-2-20.html"
>Section E.5</A
>.
   </P
></DIV
><DIV
CLASS="SECT2"
><H2
CLASS="SECT2"
><A
NAME="AEN110949"
>E.3.2. Changes</A
></H2
><P
></P
><UL
><LI
><P
>      Further restrict visibility
      of <TT
CLASS="STRUCTNAME"
>pg_user_mappings</TT
>.<TT
CLASS="STRUCTFIELD"
>umoptions</TT
>, to
      protect passwords stored as user mapping options
      (Noah Misch)
     </P
><P
>      The fix for CVE-2017-7486 was incorrect: it allowed a user
      to see the options in her own user mapping, even if she did not
      have <TT
CLASS="LITERAL"
>USAGE</TT
> permission on the associated foreign server.
      Such options might include a password that had been provided by the
      server owner rather than the user herself.
      Since <TT
CLASS="STRUCTNAME"
>information_schema.user_mapping_options</TT
> does not
      show the options in such cases, <TT
CLASS="STRUCTNAME"
>pg_user_mappings</TT
>
      should not either.
      (CVE-2017-7547)
     </P
><P
>      By itself, this patch will only fix the behavior in newly initdb'd
      databases.  If you wish to apply this change in an existing database,
      you will need to do the following:
     </P
><DIV
CLASS="PROCEDURE"
><OL
TYPE="1"
><LI
CLASS="STEP"
><P
>        Restart the postmaster after adding <TT
CLASS="LITERAL"
>allow_system_table_mods
        = true</TT
> to <TT
CLASS="FILENAME"
>postgresql.conf</TT
>.  (In versions
        supporting <TT
CLASS="COMMAND"
>ALTER SYSTEM</TT
>, you can use that to make the
        configuration change, but you'll still need a restart.)
       </P
></LI
><LI
CLASS="STEP"
><P
>        In <SPAN
CLASS="emphasis"
><I
CLASS="EMPHASIS"
>each</I
></SPAN
> database of the cluster,
        run the following commands as superuser:
</P><PRE
CLASS="PROGRAMLISTING"
>SET search_path = pg_catalog;
CREATE OR REPLACE VIEW pg_user_mappings AS
    SELECT
        U.oid       AS umid,
        S.oid       AS srvid,
        S.srvname   AS srvname,
        U.umuser    AS umuser,
        CASE WHEN U.umuser = 0 THEN
            'public'
        ELSE
            A.rolname
        END AS usename,
        CASE WHEN (U.umuser &lt;&gt; 0 AND A.rolname = current_user
                     AND (pg_has_role(S.srvowner, 'USAGE')
                          OR has_server_privilege(S.oid, 'USAGE')))
                    OR (U.umuser = 0 AND pg_has_role(S.srvowner, 'USAGE'))
                    OR (SELECT rolsuper FROM pg_authid WHERE rolname = current_user)
                    THEN U.umoptions
                 ELSE NULL END AS umoptions
    FROM pg_user_mapping U
         LEFT JOIN pg_authid A ON (A.oid = U.umuser) JOIN
        pg_foreign_server S ON (U.umserver = S.oid);</PRE
><P>
       </P
></LI
><LI
CLASS="STEP"
><P
>        Do not forget to include the <TT
CLASS="LITERAL"
>template0</TT
>
        and <TT
CLASS="LITERAL"
>template1</TT
> databases, or the vulnerability will still
        exist in databases you create later.  To fix <TT
CLASS="LITERAL"
>template0</TT
>,
        you'll need to temporarily make it accept connections.
        In <SPAN
CLASS="PRODUCTNAME"
>PostgreSQL</SPAN
> 9.5 and later, you can use
</P><PRE
CLASS="PROGRAMLISTING"
>ALTER DATABASE template0 WITH ALLOW_CONNECTIONS true;</PRE
><P>
        and then after fixing <TT
CLASS="LITERAL"
>template0</TT
>, undo that with
</P><PRE
CLASS="PROGRAMLISTING"
>ALTER DATABASE template0 WITH ALLOW_CONNECTIONS false;</PRE
><P>
        In prior versions, instead use
</P><PRE
CLASS="PROGRAMLISTING"
>UPDATE pg_database SET datallowconn = true WHERE datname = 'template0';
UPDATE pg_database SET datallowconn = false WHERE datname = 'template0';</PRE
><P>
       </P
></LI
><LI
CLASS="STEP"
><P
>        Finally, remove the <TT
CLASS="LITERAL"
>allow_system_table_mods</TT
> configuration
        setting, and again restart the postmaster.
       </P
></LI
></OL
></DIV
></LI
><LI
><P
>      Disallow empty passwords in all password-based authentication methods
      (Heikki Linnakangas)
     </P
><P
>      <SPAN
CLASS="APPLICATION"
>libpq</SPAN
> ignores empty password specifications, and does
      not transmit them to the server.  So, if a user's password has been
      set to the empty string, it's impossible to log in with that password
      via <SPAN
CLASS="APPLICATION"
>psql</SPAN
> or other <SPAN
CLASS="APPLICATION"
>libpq</SPAN
>-based
      clients.  An administrator might therefore believe that setting the
      password to empty is equivalent to disabling password login.
      However, with a modified or non-<SPAN
CLASS="APPLICATION"
>libpq</SPAN
>-based client,
      logging in could be possible, depending on which authentication
      method is configured.  In particular the most common
      method, <TT
CLASS="LITERAL"
>md5</TT
>, accepted empty passwords.
      Change the server to reject empty passwords in all cases.
      (CVE-2017-7546)
     </P
></LI
><LI
><P
>      On Windows, retry process creation if we fail to reserve the address
      range for our shared memory in the new process (Tom Lane, Amit
      Kapila)
     </P
><P
>      This is expected to fix infrequent child-process-launch failures that
      are probably due to interference from antivirus products.
     </P
></LI
><LI
><P
>      Fix low-probability corruption of shared predicate-lock hash table
      in Windows builds (Thomas Munro, Tom Lane)
     </P
></LI
><LI
><P
>      Avoid logging clean closure of an SSL connection as though
      it were a connection reset (Michael Paquier)
     </P
></LI
><LI
><P
>      Prevent sending SSL session tickets to clients (Tom Lane)
     </P
><P
>      This fix prevents reconnection failures with ticket-aware client-side
      SSL code.
     </P
></LI
><LI
><P
>      Fix code for setting <A
HREF="runtime-config-connection.html#GUC-TCP-KEEPALIVES-IDLE"
>tcp_keepalives_idle</A
> on
      Solaris (Tom Lane)
     </P
></LI
><LI
><P
>      Fix statistics collector to honor inquiry messages issued just after
      a postmaster shutdown and immediate restart (Tom Lane)
     </P
><P
>      Statistics inquiries issued within half a second of the previous
      postmaster shutdown were effectively ignored.
     </P
></LI
><LI
><P
>      Ensure that the statistics collector's receive buffer size is at
      least 100KB (Tom Lane)
     </P
><P
>      This reduces the risk of dropped statistics data on older platforms
      whose default receive buffer size is less than that.
     </P
></LI
><LI
><P
>      Fix possible creation of an invalid WAL segment when a standby is
      promoted just after it processes an <TT
CLASS="LITERAL"
>XLOG_SWITCH</TT
> WAL
      record (Andres Freund)
     </P
></LI
><LI
><P
>      Fix <SPAN
CLASS="SYSTEMITEM"
>SIGHUP</SPAN
> and <SPAN
CLASS="SYSTEMITEM"
>SIGUSR1</SPAN
> handling in
      walsender processes (Petr Jelinek, Andres Freund)
     </P
></LI
><LI
><P
>      Fix unnecessarily slow restarts of <SPAN
CLASS="APPLICATION"
>walreceiver</SPAN
>
      processes due to race condition in postmaster (Tom Lane)
     </P
></LI
><LI
><P
>      Fix cases where an <TT
CLASS="COMMAND"
>INSERT</TT
> or <TT
CLASS="COMMAND"
>UPDATE</TT
> assigns
      to more than one element of a column that is of domain-over-array
      type (Tom Lane)
     </P
></LI
><LI
><P
>      Move autogenerated array types out of the way during
      <TT
CLASS="COMMAND"
>ALTER ... RENAME</TT
> (Vik Fearing)
     </P
><P
>      Previously, we would rename a conflicting autogenerated array type
      out of the way during <TT
CLASS="COMMAND"
>CREATE</TT
>; this fix extends that
      behavior to renaming operations.
     </P
></LI
><LI
><P
>      Ensure that <TT
CLASS="COMMAND"
>ALTER USER ... SET</TT
> accepts all the syntax
      variants that <TT
CLASS="COMMAND"
>ALTER ROLE ... SET</TT
> does (Peter Eisentraut)
     </P
></LI
><LI
><P
>      Properly update dependency info when changing a datatype I/O
      function's argument or return type from <TT
CLASS="TYPE"
>opaque</TT
> to the
      correct type (Heikki Linnakangas)
     </P
><P
>      <TT
CLASS="COMMAND"
>CREATE TYPE</TT
> updates I/O functions declared in this
      long-obsolete style, but it forgot to record a dependency on the
      type, allowing a subsequent <TT
CLASS="COMMAND"
>DROP TYPE</TT
> to leave broken
      function definitions behind.
     </P
></LI
><LI
><P
>      Reduce memory usage when <TT
CLASS="COMMAND"
>ANALYZE</TT
> processes
      a <TT
CLASS="TYPE"
>tsvector</TT
> column (Heikki Linnakangas)
     </P
></LI
><LI
><P
>      Fix unnecessary precision loss and sloppy rounding when multiplying
      or dividing <TT
CLASS="TYPE"
>money</TT
> values by integers or floats (Tom Lane)
     </P
></LI
><LI
><P
>      Tighten checks for whitespace in functions that parse identifiers,
      such as <CODE
CLASS="FUNCTION"
>regprocedurein()</CODE
> (Tom Lane)
     </P
><P
>      Depending on the prevailing locale, these functions could
      misinterpret fragments of multibyte characters as whitespace.
     </P
></LI
><LI
><P
>      Use relevant <TT
CLASS="LITERAL"
>#define</TT
> symbols from Perl while
      compiling <SPAN
CLASS="APPLICATION"
>PL/Perl</SPAN
> (Ashutosh Sharma, Tom Lane)
     </P
><P
>      This avoids portability problems, typically manifesting as
      a <SPAN
CLASS="QUOTE"
>"handshake"</SPAN
> mismatch during library load, when working with
      recent Perl versions.
     </P
></LI
><LI
><P
>      In <SPAN
CLASS="APPLICATION"
>psql</SPAN
>, fix failure when <TT
CLASS="COMMAND"
>COPY FROM STDIN</TT
>
      is ended with a keyboard EOF signal and then another <TT
CLASS="COMMAND"
>COPY
      FROM STDIN</TT
> is attempted (Thomas Munro)
     </P
><P
>      This misbehavior was observed on BSD-derived platforms (including
      macOS), but not on most others.
     </P
></LI
><LI
><P
>      Fix <SPAN
CLASS="APPLICATION"
>pg_dump</SPAN
> to not emit invalid SQL for an empty
      operator class (Daniel Gustafsson)
     </P
></LI
><LI
><P
>      Fix <SPAN
CLASS="APPLICATION"
>pg_dump</SPAN
> output to stdout on Windows (Kuntal Ghosh)
     </P
><P
>      A compressed plain-text dump written to stdout would contain corrupt
      data due to failure to put the file descriptor into binary mode.
     </P
></LI
><LI
><P
>      Fix <CODE
CLASS="FUNCTION"
>pg_get_ruledef()</CODE
> to print correct output for
      the <TT
CLASS="LITERAL"
>ON SELECT</TT
> rule of a view whose columns have been
      renamed (Tom Lane)
     </P
><P
>      In some corner cases, <SPAN
CLASS="APPLICATION"
>pg_dump</SPAN
> relies
      on <CODE
CLASS="FUNCTION"
>pg_get_ruledef()</CODE
> to dump views, so that this error
      could result in dump/reload failures.
     </P
></LI
><LI
><P
>      Fix dumping of function expressions in the <TT
CLASS="LITERAL"
>FROM</TT
> clause in
      cases where the expression does not deparse into something that looks
      like a function call (Tom Lane)
     </P
></LI
><LI
><P
>      Fix <SPAN
CLASS="APPLICATION"
>pg_basebackup</SPAN
> output to stdout on Windows
      (Haribabu Kommi)
     </P
><P
>      A backup written to stdout would contain corrupt data due to failure
      to put the file descriptor into binary mode.
     </P
></LI
><LI
><P
>      Fix <SPAN
CLASS="APPLICATION"
>pg_upgrade</SPAN
> to ensure that the ending WAL record
      does not have <A
HREF="runtime-config-wal.html#GUC-WAL-LEVEL"
>wal_level</A
> = <TT
CLASS="LITERAL"
>minimum</TT
>
      (Bruce Momjian)
     </P
><P
>      This condition could prevent upgraded standby servers from
      reconnecting.
     </P
></LI
><LI
><P
>      Always use <TT
CLASS="OPTION"
>-fPIC</TT
>, not <TT
CLASS="OPTION"
>-fpic</TT
>, when building
      shared libraries with gcc (Tom Lane)
     </P
><P
>      This supports larger extension libraries on platforms where it makes
      a difference.
     </P
></LI
><LI
><P
>      Fix unescaped-braces issue in our build scripts for Microsoft MSVC,
      to avoid a warning or error from recent Perl versions (Andrew
      Dunstan)
     </P
></LI
><LI
><P
>      In MSVC builds, handle the case where the <SPAN
CLASS="APPLICATION"
>openssl</SPAN
>
      library is not within a <TT
CLASS="FILENAME"
>VC</TT
> subdirectory (Andrew Dunstan)
     </P
></LI
><LI
><P
>      In MSVC builds, add proper include path for <SPAN
CLASS="APPLICATION"
>libxml2</SPAN
>
      header files (Andrew Dunstan)
     </P
><P
>      This fixes a former need to move things around in standard Windows
      installations of <SPAN
CLASS="APPLICATION"
>libxml2</SPAN
>.
     </P
></LI
><LI
><P
>      In MSVC builds, recognize a Tcl library that is
      named <TT
CLASS="FILENAME"
>tcl86.lib</TT
> (Noah Misch)
     </P
></LI
></UL
></DIV
></DIV
><DIV
CLASS="NAVFOOTER"
><HR
ALIGN="LEFT"
WIDTH="100%"><TABLE
SUMMARY="Footer navigation table"
WIDTH="100%"
BORDER="0"
CELLPADDING="0"
CELLSPACING="0"
><TR
><TD
WIDTH="33%"
ALIGN="left"
VALIGN="top"
><A
HREF="release-9-2-23.html"
ACCESSKEY="P"
>Prev</A
></TD
><TD
WIDTH="34%"
ALIGN="center"
VALIGN="top"
><A
HREF="index.html"
ACCESSKEY="H"
>Home</A
></TD
><TD
WIDTH="33%"
ALIGN="right"
VALIGN="top"
><A
HREF="release-9-2-21.html"
ACCESSKEY="N"
>Next</A
></TD
></TR
><TR
><TD
WIDTH="33%"
ALIGN="left"
VALIGN="top"
>Release 9.2.23</TD
><TD
WIDTH="34%"
ALIGN="center"
VALIGN="top"
><A
HREF="release.html"
ACCESSKEY="U"
>Up</A
></TD
><TD
WIDTH="33%"
ALIGN="right"
VALIGN="top"
>Release 9.2.21</TD
></TR
></TABLE
></DIV
></BODY
></HTML
>

Youez - 2016 - github.com/yon3zu
LinuXploit