PostgreSQL 10.3, 9.6.8, 9.5.12, 9.4.17 和 9.3.22
全系列更新发布。本次更新主要是解决 CVE-2018-1058 漏洞,对该漏洞的描述为,用户可在不同的 schema 中创建
like-named 对象,而这些 schema 会改变其他用户查询的行为并导致意外或恶意的行为发生,即我们常说的木马攻击。 其他 Bug 修复和改进:
Prevent
logical replication from trying to replicate changes for unpublishable
relations, such as materialized views and the "information_schema"
tables Fix for a common table expression (WITH clause)
returning correct results when being referenced in a subplan where there
are concurrent-update rechecks Fix for an unexpected query planner error in certain cases where there are overlapping merge join clauses in an OUTER JOIN. Fix
for potential data corruption with materialized views after running
pg_upgrade. If receiving errors such as "could not access status of
transaction" or "found xmin from before relfrozenxid" on materialized
views, please use "REFRESH MATERIALIZED VIEW" without "CONCURRENTLY" to
fix. Several fix for pg_dump, including a fix to help with the future work of cross-table statistics Fix for reporting a PL/Python stack trace relative to inner PL/Python functions Allow contrib/auto_explain to range up to INT_MAX, which is about 24 days Mark assorted configuration variables as PGDLLIMPORT, to ease porting extension modules to Windows
官方新闻:https://www.postgresql.org/about/news/1834/
下载地址:https://www.postgresql.org/download/ |