<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.01 Transitional//EN" "http://www.w3.org/TR/html4/loose.dtd"> <HTML ><HEAD ><TITLE >Release 9.3.24</TITLE ><META NAME="GENERATOR" CONTENT="Modular DocBook HTML Stylesheet Version 1.79"><LINK REV="MADE" HREF="mailto:pgsql-docs@postgresql.org"><LINK REL="HOME" TITLE="PostgreSQL 9.4.19 Documentation" HREF="index.html"><LINK REL="UP" TITLE="Release Notes" HREF="release.html"><LINK REL="PREVIOUS" TITLE="Release 9.4" HREF="release-9-4.html"><LINK REL="NEXT" TITLE="Release 9.3.23" HREF="release-9-3-23.html"><LINK REL="STYLESHEET" TYPE="text/css" HREF="stylesheet.css"><META HTTP-EQUIV="Content-Type" CONTENT="text/html; charset=ISO-8859-1"><META NAME="creation" CONTENT="2018-10-19T13:41:12"></HEAD ><BODY CLASS="SECT1" ><DIV CLASS="NAVHEADER" ><TABLE SUMMARY="Header navigation table" WIDTH="100%" BORDER="0" CELLPADDING="0" CELLSPACING="0" ><TR ><TH COLSPAN="4" ALIGN="center" VALIGN="bottom" ><A HREF="index.html" >PostgreSQL 9.4.19 Documentation</A ></TH ></TR ><TR ><TD WIDTH="10%" ALIGN="left" VALIGN="top" ><A TITLE="Release 9.4" HREF="release-9-4.html" ACCESSKEY="P" >Prev</A ></TD ><TD WIDTH="10%" ALIGN="left" VALIGN="top" ><A HREF="release.html" ACCESSKEY="U" >Up</A ></TD ><TD WIDTH="60%" ALIGN="center" VALIGN="bottom" >Appendix E. Release Notes</TD ><TD WIDTH="20%" ALIGN="right" VALIGN="top" ><A TITLE="Release 9.3.23" HREF="release-9-3-23.html" ACCESSKEY="N" >Next</A ></TD ></TR ></TABLE ><HR ALIGN="LEFT" WIDTH="100%"></DIV ><DIV CLASS="SECT1" ><H1 CLASS="SECT1" ><A NAME="RELEASE-9-3-24" >E.21. Release 9.3.24</A ></H1 ><DIV CLASS="FORMALPARA" ><P ><B >Release date: </B >2018-08-09</P ></DIV ><P > This release contains a variety of fixes from 9.3.23. For information about new features in the 9.3 major release, see <A HREF="release-9-3.html" >Section E.45</A >. </P ><P > The <SPAN CLASS="PRODUCTNAME" >PostgreSQL</SPAN > community will stop releasing updates for the 9.3.X release series shortly after September 2018. Users are encouraged to update to a newer release branch soon. </P ><DIV CLASS="SECT2" ><H2 CLASS="SECT2" ><A NAME="AEN123703" >E.21.1. Migration to Version 9.3.24</A ></H2 ><P > A dump/restore is not required for those running 9.3.X. </P ><P > However, if you are upgrading from a version earlier than 9.3.23, see <A HREF="release-9-3-23.html" >Section E.22</A >. </P ></DIV ><DIV CLASS="SECT2" ><H2 CLASS="SECT2" ><A NAME="AEN123708" >E.21.2. Changes</A ></H2 ><P ></P ><UL ><LI ><P > Fix failure to reset <SPAN CLASS="APPLICATION" >libpq</SPAN >'s state fully between connection attempts (Tom Lane) </P ><P > An unprivileged user of <TT CLASS="FILENAME" >dblink</TT > or <TT CLASS="FILENAME" >postgres_fdw</TT > could bypass the checks intended to prevent use of server-side credentials, such as a <TT CLASS="FILENAME" >~/.pgpass</TT > file owned by the operating-system user running the server. Servers allowing peer authentication on local connections are particularly vulnerable. Other attacks such as SQL injection into a <TT CLASS="FILENAME" >postgres_fdw</TT > session are also possible. Attacking <TT CLASS="FILENAME" >postgres_fdw</TT > in this way requires the ability to create a foreign server object with selected connection parameters, but any user with access to <TT CLASS="FILENAME" >dblink</TT > could exploit the problem. In general, an attacker with the ability to select the connection parameters for a <SPAN CLASS="APPLICATION" >libpq</SPAN >-using application could cause mischief, though other plausible attack scenarios are harder to think of. Our thanks to Andrew Krasichkov for reporting this issue. (CVE-2018-10915) </P ></LI ><LI ><P > Ensure that updates to the <TT CLASS="STRUCTFIELD" >relfrozenxid</TT > and <TT CLASS="STRUCTFIELD" >relminmxid</TT > values for <SPAN CLASS="QUOTE" >"nailed"</SPAN > system catalogs are processed in a timely fashion (Andres Freund) </P ><P > Overoptimistic caching rules could prevent these updates from being seen by other sessions, leading to spurious errors and/or data corruption. The problem was significantly worse for shared catalogs, such as <TT CLASS="STRUCTNAME" >pg_authid</TT >, because the stale cache data could persist into new sessions as well as existing ones. </P ></LI ><LI ><P > Fix case where a freshly-promoted standby crashes before having completed its first post-recovery checkpoint (Michael Paquier, Kyotaro Horiguchi, Pavan Deolasee, Álvaro Herrera) </P ><P > This led to a situation where the server did not think it had reached a consistent database state during subsequent WAL replay, preventing restart. </P ></LI ><LI ><P > Avoid emitting a bogus WAL record when recycling an all-zero btree page (Amit Kapila) </P ><P > This mistake has been seen to cause assertion failures, and potentially it could result in unnecessary query cancellations on hot standby servers. </P ></LI ><LI ><P > Improve performance of WAL replay for transactions that drop many relations (Fujii Masao) </P ><P > This change reduces the number of times that shared buffers are scanned, so that it is of most benefit when that setting is large. </P ></LI ><LI ><P > Improve performance of lock releasing in standby server WAL replay (Thomas Munro) </P ></LI ><LI ><P > Ensure a table's cached index list is correctly rebuilt after an index creation fails partway through (Peter Geoghegan) </P ><P > Previously, the failed index's OID could remain in the list, causing problems later in the same session. </P ></LI ><LI ><P > Fix misoptimization of equivalence classes involving composite-type columns (Tom Lane) </P ><P > This resulted in failure to recognize that an index on a composite column could provide the sort order needed for a mergejoin on that column. </P ></LI ><LI ><P > Fix SQL-standard <TT CLASS="LITERAL" >FETCH FIRST</TT > syntax to allow parameters (<TT CLASS="LITERAL" >$<TT CLASS="REPLACEABLE" ><I >n</I ></TT ></TT >), as the standard expects (Andrew Gierth) </P ></LI ><LI ><P > Fix failure to schema-qualify some object names in <CODE CLASS="FUNCTION" >getObjectDescription</CODE > output (Kyotaro Horiguchi, Tom Lane) </P ><P > Names of collations, conversions, and text search objects were not schema-qualified when they should be. </P ></LI ><LI ><P > Widen <TT CLASS="COMMAND" >COPY FROM</TT >'s current-line-number counter from 32 to 64 bits (David Rowley) </P ><P > This avoids two problems with input exceeding 4G lines: <TT CLASS="LITERAL" >COPY FROM WITH HEADER</TT > would drop a line every 4G lines, not only the first line, and error reports could show a wrong line number. </P ></LI ><LI ><P > Add a string freeing function to <SPAN CLASS="APPLICATION" >ecpg</SPAN >'s <TT CLASS="FILENAME" >pgtypes</TT > library, so that cross-module memory management problems can be avoided on Windows (Takayuki Tsunakawa) </P ><P > On Windows, crashes can ensue if the <CODE CLASS="FUNCTION" >free</CODE > call for a given chunk of memory is not made from the same DLL that <CODE CLASS="FUNCTION" >malloc</CODE >'ed the memory. The <TT CLASS="FILENAME" >pgtypes</TT > library sometimes returns strings that it expects the caller to free, making it impossible to follow this rule. Add a <CODE CLASS="FUNCTION" >PGTYPESchar_free()</CODE > function that just wraps <CODE CLASS="FUNCTION" >free</CODE >, allowing applications to follow this rule. </P ></LI ><LI ><P > Fix <SPAN CLASS="APPLICATION" >ecpg</SPAN >'s support for <TT CLASS="TYPE" >long long</TT > variables on Windows, as well as other platforms that declare <CODE CLASS="FUNCTION" >strtoll</CODE >/<CODE CLASS="FUNCTION" >strtoull</CODE > nonstandardly or not at all (Dang Minh Huong, Tom Lane) </P ></LI ><LI ><P > Fix misidentification of SQL statement type in PL/pgSQL, when a rule change causes a change in the semantics of a statement intra-session (Tom Lane) </P ><P > This error led to assertion failures, or in rare cases, failure to enforce the <TT CLASS="LITERAL" >INTO STRICT</TT > option as expected. </P ></LI ><LI ><P > Fix password prompting in client programs so that echo is properly disabled on Windows when <TT CLASS="LITERAL" >stdin</TT > is not the terminal (Matthew Stickney) </P ></LI ><LI ><P > Further fix mis-quoting of values for list-valued GUC variables in dumps (Tom Lane) </P ><P > The previous fix for quoting of <TT CLASS="VARNAME" >search_path</TT > and other list-valued variables in <SPAN CLASS="APPLICATION" >pg_dump</SPAN > output turned out to misbehave for empty-string list elements, and it risked truncation of long file paths. </P ></LI ><LI ><P > Make <SPAN CLASS="APPLICATION" >pg_upgrade</SPAN > check that the old server was shut down cleanly (Bruce Momjian) </P ><P > The previous check could be fooled by an immediate-mode shutdown. </P ></LI ><LI ><P > Fix crash in <TT CLASS="FILENAME" >contrib/ltree</TT >'s <CODE CLASS="FUNCTION" >lca()</CODE > function when the input array is empty (Pierre Ducroquet) </P ></LI ><LI ><P > Fix various error-handling code paths in which an incorrect error code might be reported (Michael Paquier, Tom Lane, Magnus Hagander) </P ></LI ><LI ><P > Rearrange makefiles to ensure that programs link to freshly-built libraries (such as <TT CLASS="FILENAME" >libpq.so</TT >) rather than ones that might exist in the system library directories (Tom Lane) </P ><P > This avoids problems when building on platforms that supply old copies of <SPAN CLASS="PRODUCTNAME" >PostgreSQL</SPAN > libraries. </P ></LI ><LI ><P > Update time zone data files to <SPAN CLASS="APPLICATION" >tzdata</SPAN > release 2018e for DST law changes in North Korea, plus historical corrections for Czechoslovakia. </P ><P > This update includes a redefinition of <SPAN CLASS="QUOTE" >"daylight savings"</SPAN > in Ireland, as well as for some past years in Namibia and Czechoslovakia. In those jurisdictions, legally standard time is observed in summer, and daylight savings time in winter, so that the daylight savings offset is one hour behind standard time not one hour ahead. This does not affect either the actual UTC offset or the timezone abbreviations in use; the only known effect is that the <TT CLASS="STRUCTFIELD" >is_dst</TT > column in the <TT CLASS="STRUCTNAME" >pg_timezone_names</TT > view will now be true in winter and false in summer in these cases. </P ></LI ></UL ></DIV ></DIV ><DIV CLASS="NAVFOOTER" ><HR ALIGN="LEFT" WIDTH="100%"><TABLE SUMMARY="Footer navigation table" WIDTH="100%" BORDER="0" CELLPADDING="0" CELLSPACING="0" ><TR ><TD WIDTH="33%" ALIGN="left" VALIGN="top" ><A HREF="release-9-4.html" ACCESSKEY="P" >Prev</A ></TD ><TD WIDTH="34%" ALIGN="center" VALIGN="top" ><A HREF="index.html" ACCESSKEY="H" >Home</A ></TD ><TD WIDTH="33%" ALIGN="right" VALIGN="top" ><A HREF="release-9-3-23.html" ACCESSKEY="N" >Next</A ></TD ></TR ><TR ><TD WIDTH="33%" ALIGN="left" VALIGN="top" >Release 9.4</TD ><TD WIDTH="34%" ALIGN="center" VALIGN="top" ><A HREF="release.html" ACCESSKEY="U" >Up</A ></TD ><TD WIDTH="33%" ALIGN="right" VALIGN="top" >Release 9.3.23</TD ></TR ></TABLE ></DIV ></BODY ></HTML >