Server IP : 103.119.228.120 / Your IP : 3.141.29.162 Web Server : Apache System : Linux v8.techscape8.com 3.10.0-1160.119.1.el7.tuxcare.els2.x86_64 #1 SMP Mon Jul 15 12:09:18 UTC 2024 x86_64 User : nobody ( 99) PHP Version : 5.6.40 Disable Function : shell_exec,symlink,system,exec,proc_get_status,proc_nice,proc_terminate,define_syslog_variables,syslog,openlog,closelog,escapeshellcmd,passthru,ocinum cols,ini_alter,leak,listen,chgrp,apache_note,apache_setenv,debugger_on,debugger_off,ftp_exec,dl,dll,myshellexec,proc_open,socket_bind,proc_close,escapeshellarg,parse_ini_filepopen,fpassthru,exec,passthru,escapeshellarg,escapeshellcmd,proc_close,proc_open,ini_alter,popen,show_source,proc_nice,proc_terminate,proc_get_status,proc_close,pfsockopen,leak,apache_child_terminate,posix_kill,posix_mkfifo,posix_setpgid,posix_setsid,posix_setuid,dl,symlink,shell_exec,system,dl,passthru,escapeshellarg,escapeshellcmd,myshellexec,c99_buff_prepare,c99_sess_put,fpassthru,getdisfunc,fx29exec,fx29exec2,is_windows,disp_freespace,fx29sh_getupdate,fx29_buff_prepare,fx29_sess_put,fx29shexit,fx29fsearch,fx29ftpbrutecheck,fx29sh_tools,fx29sh_about,milw0rm,imagez,sh_name,myshellexec,checkproxyhost,dosyayicek,c99_buff_prepare,c99_sess_put,c99getsource,c99sh_getupdate,c99fsearch,c99shexit,view_perms,posix_getpwuid,posix_getgrgid,posix_kill,parse_perms,parsesort,view_perms_color,set_encoder_input,ls_setcheckboxall,ls_reverse_all,rsg_read,rsg_glob,selfURL,dispsecinfo,unix2DosTime,addFile,system,get_users,view_size,DirFiles,DirFilesWide,DirPrintHTMLHeaders,GetFilesTotal,GetTitles,GetTimeTotal,GetMatchesCount,GetFileMatchesCount,GetResultFiles,fs_copy_dir,fs_copy_obj,fs_move_dir,fs_move_obj,fs_rmdir,SearchText,getmicrotime MySQL : ON | cURL : ON | WGET : ON | Perl : ON | Python : ON | Sudo : ON | Pkexec : ON Directory : /usr/share/doc/postgresql-9.2.24/html/ |
Upload File : |
<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.01 Transitional//EN" "http://www.w3.org/TR/html4/loose.dtd"> <HTML ><HEAD ><TITLE >Release 8.3.11</TITLE ><META NAME="GENERATOR" CONTENT="Modular DocBook HTML Stylesheet Version 1.79"><LINK REV="MADE" HREF="mailto:pgsql-docs@postgresql.org"><LINK REL="HOME" TITLE="PostgreSQL 9.2.24 Documentation" HREF="index.html"><LINK REL="UP" TITLE="Release Notes" HREF="release.html"><LINK REL="PREVIOUS" TITLE="Release 8.3.12" HREF="release-8-3-12.html"><LINK REL="NEXT" TITLE="Release 8.3.10" HREF="release-8-3-10.html"><LINK REL="STYLESHEET" TYPE="text/css" HREF="stylesheet.css"><META HTTP-EQUIV="Content-Type" CONTENT="text/html; charset=ISO-8859-1"><META NAME="creation" CONTENT="2017-11-06T22:43:11"></HEAD ><BODY CLASS="SECT1" ><DIV CLASS="NAVHEADER" ><TABLE SUMMARY="Header navigation table" WIDTH="100%" BORDER="0" CELLPADDING="0" CELLSPACING="0" ><TR ><TH COLSPAN="5" ALIGN="center" VALIGN="bottom" ><A HREF="index.html" >PostgreSQL 9.2.24 Documentation</A ></TH ></TR ><TR ><TD WIDTH="10%" ALIGN="left" VALIGN="top" ><A TITLE="Release 8.3.12" HREF="release-8-3-12.html" ACCESSKEY="P" >Prev</A ></TD ><TD WIDTH="10%" ALIGN="left" VALIGN="top" ><A HREF="release.html" ACCESSKEY="U" >Up</A ></TD ><TD WIDTH="60%" ALIGN="center" VALIGN="bottom" >Appendix E. Release Notes</TD ><TD WIDTH="20%" ALIGN="right" VALIGN="top" ><A TITLE="Release 8.3.10" HREF="release-8-3-10.html" ACCESSKEY="N" >Next</A ></TD ></TR ></TABLE ><HR ALIGN="LEFT" WIDTH="100%"></DIV ><DIV CLASS="SECT1" ><H1 CLASS="SECT1" ><A NAME="RELEASE-8-3-11" >E.110. Release 8.3.11</A ></H1 ><DIV CLASS="FORMALPARA" ><P ><B >Release date: </B >2010-05-17</P ></DIV ><P > This release contains a variety of fixes from 8.3.10. For information about new features in the 8.3 major release, see <A HREF="release-8-3.html" >Section E.121</A >. </P ><DIV CLASS="SECT2" ><H2 CLASS="SECT2" ><A NAME="AEN130124" >E.110.1. Migration to Version 8.3.11</A ></H2 ><P > A dump/restore is not required for those running 8.3.X. However, if you are upgrading from a version earlier than 8.3.8, see <A HREF="release-8-3-8.html" >Section E.113</A >. </P ></DIV ><DIV CLASS="SECT2" ><H2 CLASS="SECT2" ><A NAME="AEN130128" >E.110.2. Changes</A ></H2 ><P ></P ><UL ><LI ><P > Enforce restrictions in <TT CLASS="LITERAL" >plperl</TT > using an opmask applied to the whole interpreter, instead of using <TT CLASS="FILENAME" >Safe.pm</TT > (Tim Bunce, Andrew Dunstan) </P ><P > Recent developments have convinced us that <TT CLASS="FILENAME" >Safe.pm</TT > is too insecure to rely on for making <TT CLASS="LITERAL" >plperl</TT > trustable. This change removes use of <TT CLASS="FILENAME" >Safe.pm</TT > altogether, in favor of using a separate interpreter with an opcode mask that is always applied. Pleasant side effects of the change include that it is now possible to use Perl's <TT CLASS="LITERAL" >strict</TT > pragma in a natural way in <TT CLASS="LITERAL" >plperl</TT >, and that Perl's <TT CLASS="LITERAL" >$a</TT > and <TT CLASS="LITERAL" >$b</TT > variables work as expected in sort routines, and that function compilation is significantly faster. (CVE-2010-1169) </P ></LI ><LI ><P > Prevent PL/Tcl from executing untrustworthy code from <TT CLASS="STRUCTNAME" >pltcl_modules</TT > (Tom) </P ><P > PL/Tcl's feature for autoloading Tcl code from a database table could be exploited for trojan-horse attacks, because there was no restriction on who could create or insert into that table. This change disables the feature unless <TT CLASS="STRUCTNAME" >pltcl_modules</TT > is owned by a superuser. (However, the permissions on the table are not checked, so installations that really need a less-than-secure modules table can still grant suitable privileges to trusted non-superusers.) Also, prevent loading code into the unrestricted <SPAN CLASS="QUOTE" >"normal"</SPAN > Tcl interpreter unless we are really going to execute a <TT CLASS="LITERAL" >pltclu</TT > function. (CVE-2010-1170) </P ></LI ><LI ><P > Fix possible crash if a cache reset message is received during rebuild of a relcache entry (Heikki) </P ><P > This error was introduced in 8.3.10 while fixing a related failure. </P ></LI ><LI ><P > Apply per-function GUC settings while running the language validator for the function (Itagaki Takahiro) </P ><P > This avoids failures if the function's code is invalid without the setting; an example is that SQL functions may not parse if the <TT CLASS="VARNAME" >search_path</TT > is not correct. </P ></LI ><LI ><P > Do not allow an unprivileged user to reset superuser-only parameter settings (Alvaro) </P ><P > Previously, if an unprivileged user ran <TT CLASS="LITERAL" >ALTER USER ... RESET ALL</TT > for himself, or <TT CLASS="LITERAL" >ALTER DATABASE ... RESET ALL</TT > for a database he owns, this would remove all special parameter settings for the user or database, even ones that are only supposed to be changeable by a superuser. Now, the <TT CLASS="COMMAND" >ALTER</TT > will only remove the parameters that the user has permission to change. </P ></LI ><LI ><P > Avoid possible crash during backend shutdown if shutdown occurs when a <TT CLASS="LITERAL" >CONTEXT</TT > addition would be made to log entries (Tom) </P ><P > In some cases the context-printing function would fail because the current transaction had already been rolled back when it came time to print a log message. </P ></LI ><LI ><P > Ensure the archiver process responds to changes in <TT CLASS="VARNAME" >archive_command</TT > as soon as possible (Tom) </P ></LI ><LI ><P > Update pl/perl's <TT CLASS="FILENAME" >ppport.h</TT > for modern Perl versions (Andrew) </P ></LI ><LI ><P > Fix assorted memory leaks in pl/python (Andreas Freund, Tom) </P ></LI ><LI ><P > Prevent infinite recursion in <SPAN CLASS="APPLICATION" >psql</SPAN > when expanding a variable that refers to itself (Tom) </P ></LI ><LI ><P > Fix <SPAN CLASS="APPLICATION" >psql</SPAN >'s <TT CLASS="LITERAL" >\copy</TT > to not add spaces around a dot within <TT CLASS="LITERAL" >\copy (select ...)</TT > (Tom) </P ><P > Addition of spaces around the decimal point in a numeric literal would result in a syntax error. </P ></LI ><LI ><P > Fix unnecessary <SPAN CLASS="QUOTE" >"GIN indexes do not support whole-index scans"</SPAN > errors for unsatisfiable queries using <TT CLASS="FILENAME" >contrib/intarray</TT > operators (Tom) </P ></LI ><LI ><P > Ensure that <TT CLASS="FILENAME" >contrib/pgstattuple</TT > functions respond to cancel interrupts promptly (Tatsuhito Kasahara) </P ></LI ><LI ><P > Make server startup deal properly with the case that <CODE CLASS="FUNCTION" >shmget()</CODE > returns <TT CLASS="LITERAL" >EINVAL</TT > for an existing shared memory segment (Tom) </P ><P > This behavior has been observed on BSD-derived kernels including OS X. It resulted in an entirely-misleading startup failure complaining that the shared memory request size was too large. </P ></LI ><LI ><P > Avoid possible crashes in syslogger process on Windows (Heikki) </P ></LI ><LI ><P > Deal more robustly with incomplete time zone information in the Windows registry (Magnus) </P ></LI ><LI ><P > Update the set of known Windows time zone names (Magnus) </P ></LI ><LI ><P > Update time zone data files to <SPAN CLASS="APPLICATION" >tzdata</SPAN > release 2010j for DST law changes in Argentina, Australian Antarctic, Bangladesh, Mexico, Morocco, Pakistan, Palestine, Russia, Syria, Tunisia; also historical corrections for Taiwan. </P ><P > Also, add <TT CLASS="LITERAL" >PKST</TT > (Pakistan Summer Time) to the default set of timezone abbreviations. </P ></LI ></UL ></DIV ></DIV ><DIV CLASS="NAVFOOTER" ><HR ALIGN="LEFT" WIDTH="100%"><TABLE SUMMARY="Footer navigation table" WIDTH="100%" BORDER="0" CELLPADDING="0" CELLSPACING="0" ><TR ><TD WIDTH="33%" ALIGN="left" VALIGN="top" ><A HREF="release-8-3-12.html" ACCESSKEY="P" >Prev</A ></TD ><TD WIDTH="34%" ALIGN="center" VALIGN="top" ><A HREF="index.html" ACCESSKEY="H" >Home</A ></TD ><TD WIDTH="33%" ALIGN="right" VALIGN="top" ><A HREF="release-8-3-10.html" ACCESSKEY="N" >Next</A ></TD ></TR ><TR ><TD WIDTH="33%" ALIGN="left" VALIGN="top" >Release 8.3.12</TD ><TD WIDTH="34%" ALIGN="center" VALIGN="top" ><A HREF="release.html" ACCESSKEY="U" >Up</A ></TD ><TD WIDTH="33%" ALIGN="right" VALIGN="top" >Release 8.3.10</TD ></TR ></TABLE ></DIV ></BODY ></HTML >