Release date: 2013-04-04
This release contains a variety of fixes from 9.0.12. For information about new features in the 9.0 major release, see Section E.152.
A dump/restore is not required for those running 9.0.X.
However, this release corrects several errors in management of GiST
indexes. After installing this update, it is advisable to
REINDEX
any GiST indexes that meet one or more of the
conditions described below.
Also, if you are upgrading from a version earlier than 9.0.6, see Section E.146.
Fix insecure parsing of server command-line switches (Mitsumasa Kondo, Kyotaro Horiguchi)
A connection request containing a database name that begins with
“-
” could be crafted to damage or destroy
files within the server's data directory, even if the request is
eventually rejected. (CVE-2013-1899)
Reset OpenSSL randomness state in each postmaster child process (Marko Kreen)
This avoids a scenario wherein random numbers generated by
contrib/pgcrypto
functions might be relatively easy for
another database user to guess. The risk is only significant when
the postmaster is configured with ssl
= on
but most connections don't use SSL encryption. (CVE-2013-1900)
Fix GiST indexes to not use “fuzzy” geometric comparisons when it's not appropriate to do so (Alexander Korotkov)
The core geometric types perform comparisons using “fuzzy”
equality, but gist_box_same
must do exact comparisons,
else GiST indexes using it might become inconsistent. After installing
this update, users should REINDEX
any GiST indexes on
box
, polygon
, circle
, or point
columns, since all of these use gist_box_same
.
Fix erroneous range-union and penalty logic in GiST indexes that use
contrib/btree_gist
for variable-width data types, that is
text
, bytea
, bit
, and numeric
columns (Tom Lane)
These errors could result in inconsistent indexes in which some keys
that are present would not be found by searches, and also in useless
index bloat. Users are advised to REINDEX
such indexes
after installing this update.
Fix bugs in GiST page splitting code for multi-column indexes (Tom Lane)
These errors could result in inconsistent indexes in which some keys
that are present would not be found by searches, and also in indexes
that are unnecessarily inefficient to search. Users are advised to
REINDEX
multi-column GiST indexes after installing this
update.
Fix gist_point_consistent
to handle fuzziness consistently (Alexander Korotkov)
Index scans on GiST indexes on point
columns would sometimes
yield results different from a sequential scan, because
gist_point_consistent
disagreed with the underlying
operator code about whether to do comparisons exactly or fuzzily.
Fix buffer leak in WAL replay (Heikki Linnakangas)
This bug could result in “incorrect local pin count” errors during replay, making recovery impossible.
Fix race condition in DELETE RETURNING
(Tom Lane)
Under the right circumstances, DELETE RETURNING
could
attempt to fetch data from a shared buffer that the current process
no longer has any pin on. If some other process changed the buffer
meanwhile, this would lead to garbage RETURNING
output, or
even a crash.
Fix infinite-loop risk in regular expression compilation (Tom Lane, Don Porter)
Fix potential null-pointer dereference in regular expression compilation (Tom Lane)
Fix to_char()
to use ASCII-only case-folding rules where
appropriate (Tom Lane)
This fixes misbehavior of some template patterns that should be
locale-independent, but mishandled “I
” and
“i
” in Turkish locales.
Fix unwanted rejection of timestamp 1999-12-31 24:00:00
(Tom Lane)
Fix logic error when a single transaction does UNLISTEN
then LISTEN
(Tom Lane)
The session wound up not listening for notify events at all, though it surely should listen in this case.
Remove useless “picksplit doesn't support secondary split” log messages (Josh Hansen, Tom Lane)
This message seems to have been added in expectation of code that was never written, and probably never will be, since GiST's default handling of secondary splits is actually pretty good. So stop nagging end users about it.
Fix possible failure to send a session's last few transaction commit/abort counts to the statistics collector (Tom Lane)
Eliminate memory leaks in PL/Perl's spi_prepare()
function
(Alex Hunsaker, Tom Lane)
Fix pg_dumpall to handle database names containing
“=
” correctly (Heikki Linnakangas)
Avoid crash in pg_dump when an incorrect connection string is given (Heikki Linnakangas)
Ignore invalid indexes in pg_dump and pg_upgrade (Michael Paquier, Bruce Momjian)
Dumping invalid indexes can cause problems at restore time, for example if the reason the index creation failed was because it tried to enforce a uniqueness condition not satisfied by the table's data. Also, if the index creation is in fact still in progress, it seems reasonable to consider it to be an uncommitted DDL change, which pg_dump wouldn't be expected to dump anyway. pg_upgrade now also skips invalid indexes rather than failing.
Fix contrib/pg_trgm
's similarity()
function
to return zero for trigram-less strings (Tom Lane)
Previously it returned NaN
due to internal division by zero.
Update time zone data files to tzdata release 2013b for DST law changes in Chile, Haiti, Morocco, Paraguay, and some Russian areas. Also, historical zone data corrections for numerous places.
Also, update the time zone abbreviation files for recent changes in
Russia and elsewhere: CHOT
, GET
,
IRKT
, KGT
, KRAT
, MAGT
,
MAWT
, MSK
, NOVT
, OMST
,
TKT
, VLAT
, WST
, YAKT
,
YEKT
now follow their current meanings, and
VOLT
(Europe/Volgograd) and MIST
(Antarctica/Macquarie) are added to the default abbreviations list.