Release Notes The release notes contain the significant changes in each PostgreSQL release, with major features and migration issues listed at the top. The release notes do not contain changes that affect only a few users or changes that are internal and therefore not user-visible. For example, the optimizer is improved in almost every release, but the improvements are usually observed by users as simply faster queries. A complete list of changes for each release can be obtained by viewing the Git logs for each release. The pgsql-committers email list records all source code changes as well. There is also a web interface that shows changes to specific files. The name appearing next to each item represents the major developer for that item. Of course all changes involve community discussion and patch review, so each item is truly a community effort. __________________________________________________________________ Release 8.3.17 Release Date: 2011-12-05 This release contains a variety of fixes from 8.3.16. For information about new features in the 8.3 major release, see the Section called Release 8.3. __________________________________________________________________ Migration to Version 8.3.17 A dump/restore is not required for those running 8.3.X. However, a longstanding error was discovered in the definition of the information_schema.referential_constraints view. If you rely on correct results from that view, you should replace its definition as explained in the first changelog item below. Also, if you are upgrading from a version earlier than 8.3.8, see the release notes for 8.3.8. __________________________________________________________________ Changes * Fix bugs in information_schema.referential_constraints view (Tom Lane) This view was being insufficiently careful about matching the foreign-key constraint to the depended-on primary or unique key constraint. That could result in failure to show a foreign key constraint at all, or showing it multiple times, or claiming that it depends on a different constraint than the one it really does. Since the view definition is installed by initdb, merely upgrading will not fix the problem. If you need to fix this in an existing installation, you can (as a superuser) drop the information_schema schema then re-create it by sourcing "SHAREDIR/information_schema.sql". (Run pg_config --sharedir if you're uncertain where "SHAREDIR" is.) This must be repeated in each database to be fixed. * Fix TOAST-related data corruption during CREATE TABLE dest AS SELECT * FROM src or INSERT INTO dest SELECT * FROM src (Tom Lane) If a table has been modified by "ALTER TABLE ADD COLUMN", attempts to copy its data verbatim to another table could produce corrupt results in certain corner cases. The problem can only manifest in this precise form in 8.4 and later, but we patched earlier versions as well in case there are other code paths that could trigger the same bug. * Fix race condition during toast table access from stale syscache entries (Tom Lane) The typical symptom was transient errors like "missing chunk number 0 for toast value NNNNN in pg_toast_2619", where the cited toast table would always belong to a system catalog. * Make DatumGetInetP() unpack inet datums that have a 1-byte header, and add a new macro, DatumGetInetPP(), that does not (Heikki Linnakangas) This change affects no core code, but might prevent crashes in add-on code that expects DatumGetInetP() to produce an unpacked datum as per usual convention. * Improve locale support in money type's input and output (Tom Lane) Aside from not supporting all standard lc_monetary formatting options, the input and output functions were inconsistent, meaning there were locales in which dumped money values could not be re-read. * Don't let transform_null_equals affect CASE foo WHEN NULL ... constructs (Heikki Linnakangas) transform_null_equals is only supposed to affect foo = NULL expressions written directly by the user, not equality checks generated internally by this form of CASE. * Change foreign-key trigger creation order to better support self-referential foreign keys (Tom Lane) For a cascading foreign key that references its own table, a row update will fire both the ON UPDATE trigger and the CHECK trigger as one event. The ON UPDATE trigger must execute first, else the CHECK will check a non-final state of the row and possibly throw an inappropriate error. However, the firing order of these triggers is determined by their names, which generally sort in creation order since the triggers have auto-generated names following the convention "RI_ConstraintTrigger_NNNN". A proper fix would require modifying that convention, which we will do in 9.2, but it seems risky to change it in existing releases. So this patch just changes the creation order of the triggers. Users encountering this type of error should drop and re-create the foreign key constraint to get its triggers into the right order. * Avoid floating-point underflow while tracking buffer allocation rate (Greg Matthews) While harmless in itself, on certain platforms this would result in annoying kernel log messages. * Preserve blank lines within commands in psql's command history (Robert Haas) The former behavior could cause problems if an empty line was removed from within a string literal, for example. * Fix pg_dump to dump user-defined casts between auto-generated types, such as table rowtypes (Tom Lane) * Use the preferred version of xsubpp to build PL/Perl, not necessarily the operating system's main copy (David Wheeler and Alex Hunsaker) * Fix incorrect coding in "contrib/dict_int" and "contrib/dict_xsyn" (Tom Lane) Some functions incorrectly assumed that memory returned by palloc() is guaranteed zeroed. * Honor query cancel interrupts promptly in pgstatindex() (Robert Haas) * Ensure VPATH builds properly install all server header files (Peter Eisentraut) * Shorten file names reported in verbose error messages (Peter Eisentraut) Regular builds have always reported just the name of the C file containing the error message call, but VPATH builds formerly reported an absolute path name. * Fix interpretation of Windows timezone names for Central America (Tom Lane) Map "Central America Standard Time" to CST6, not CST6CDT, because DST is generally not observed anywhere in Central America. * Update time zone data files to tzdata release 2011n for DST law changes in Brazil, Cuba, Fiji, Palestine, Russia, and Samoa; also historical corrections for Alaska and British East Africa. __________________________________________________________________ Release 8.3.16 Release Date: 2011-09-26 This release contains a variety of fixes from 8.3.15. For information about new features in the 8.3 major release, see the Section called Release 8.3. __________________________________________________________________ Migration to Version 8.3.16 A dump/restore is not required for those running 8.3.X. However, if you are upgrading from a version earlier than 8.3.8, see the release notes for 8.3.8. __________________________________________________________________ Changes * Fix bugs in indexing of in-doubt HOT-updated tuples (Tom Lane) These bugs could result in index corruption after reindexing a system catalog. They are not believed to affect user indexes. * Fix multiple bugs in GiST index page split processing (Heikki Linnakangas) The probability of occurrence was low, but these could lead to index corruption. * Fix possible buffer overrun in tsvector_concat() (Tom Lane) The function could underestimate the amount of memory needed for its result, leading to server crashes. * Fix crash in xml_recv when processing a "standalone" parameter (Tom Lane) * Avoid possibly accessing off the end of memory in "ANALYZE" and in SJIS-2004 encoding conversion (Noah Misch) This fixes some very-low-probability server crash scenarios. * Fix race condition in relcache init file invalidation (Tom Lane) There was a window wherein a new backend process could read a stale init file but miss the inval messages that would tell it the data is stale. The result would be bizarre failures in catalog accesses, typically "could not read block 0 in file ..." later during startup. * Fix memory leak at end of a GiST index scan (Tom Lane) Commands that perform many separate GiST index scans, such as verification of a new GiST-based exclusion constraint on a table already containing many rows, could transiently require large amounts of memory due to this leak. * Fix performance problem when constructing a large, lossy bitmap (Tom Lane) * Fix array- and path-creating functions to ensure padding bytes are zeroes (Tom Lane) This avoids some situations where the planner will think that semantically-equal constants are not equal, resulting in poor optimization. * Work around gcc 4.6.0 bug that breaks WAL replay (Tom Lane) This could lead to loss of committed transactions after a server crash. * Fix dump bug for VALUES in a view (Tom Lane) * Disallow SELECT FOR UPDATE/SHARE on sequences (Tom Lane) This operation doesn't work as expected and can lead to failures. * Defend against integer overflow when computing size of a hash table (Tom Lane) * Fix cases where "CLUSTER" might attempt to access already-removed TOAST data (Tom Lane) * Fix portability bugs in use of credentials control messages for "peer" authentication (Tom Lane) * Fix SSPI login when multiple roundtrips are required (Ahmed Shinwari, Magnus Hagander) The typical symptom of this problem was "The function requested is not supported" errors during SSPI login. * Fix typo in pg_srand48 seed initialization (Andres Freund) This led to failure to use all bits of the provided seed. This function is not used on most platforms (only those without srandom), and the potential security exposure from a less-random-than-expected seed seems minimal in any case. * Avoid integer overflow when the sum of LIMIT and OFFSET values exceeds 2^63 (Heikki Linnakangas) * Add overflow checks to int4 and int8 versions of generate_series() (Robert Haas) * Fix trailing-zero removal in to_char() (Marti Raudsepp) In a format with FM and no digit positions after the decimal point, zeroes to the left of the decimal point could be removed incorrectly. * Fix pg_size_pretty() to avoid overflow for inputs close to 2^63 (Tom Lane) * In pg_ctl, support silent mode for service registrations on Windows (MauMau) * Fix psql's counting of script file line numbers during COPY from a different file (Tom Lane) * Fix pg_restore's direct-to-database mode for standard_conforming_strings (Tom Lane) pg_restore could emit incorrect commands when restoring directly to a database server from an archive file that had been made with standard_conforming_strings set to on. * Fix write-past-buffer-end and memory leak in libpq's LDAP service lookup code (Albe Laurenz) * In libpq, avoid failures when using nonblocking I/O and an SSL connection (Martin Pihlak, Tom Lane) * Improve libpq's handling of failures during connection startup (Tom Lane) In particular, the response to a server report of fork() failure during SSL connection startup is now saner. * Improve libpq's error reporting for SSL failures (Tom Lane) * Make ecpglib write double values with 15 digits precision (Akira Kurosawa) * In ecpglib, be sure LC_NUMERIC setting is restored after an error (Michael Meskes) * Apply upstream fix for blowfish signed-character bug (CVE-2011-2483) (Tom Lane) "contrib/pg_crypto"'s blowfish encryption code could give wrong results on platforms where char is signed (which is most), leading to encrypted passwords being weaker than they should be. * Fix memory leak in "contrib/seg" (Heikki Linnakangas) * Fix pgstatindex() to give consistent results for empty indexes (Tom Lane) * Allow building with perl 5.14 (Alex Hunsaker) * Update configure script's method for probing existence of system functions (Tom Lane) The version of autoconf we used in 8.3 and 8.2 could be fooled by compilers that perform link-time optimization. * Fix assorted issues with build and install file paths containing spaces (Tom Lane) * Update time zone data files to tzdata release 2011i for DST law changes in Canada, Egypt, Russia, Samoa, and South Sudan. __________________________________________________________________ Release 8.3.15 Release Date: 2011-04-18 This release contains a variety of fixes from 8.3.14. For information about new features in the 8.3 major release, see the Section called Release 8.3. __________________________________________________________________ Migration to Version 8.3.15 A dump/restore is not required for those running 8.3.X. However, if you are upgrading from a version earlier than 8.3.8, see the release notes for 8.3.8. __________________________________________________________________ Changes * Disallow including a composite type in itself (Tom Lane) This prevents scenarios wherein the server could recurse infinitely while processing the composite type. While there are some possible uses for such a structure, they don't seem compelling enough to justify the effort required to make sure it always works safely. * Avoid potential deadlock during catalog cache initialization (Nikhil Sontakke) In some cases the cache loading code would acquire share lock on a system index before locking the index's catalog. This could deadlock against processes trying to acquire exclusive locks in the other, more standard order. * Fix dangling-pointer problem in BEFORE ROW UPDATE trigger handling when there was a concurrent update to the target tuple (Tom Lane) This bug has been observed to result in intermittent "cannot extract system attribute from virtual tuple" failures while trying to do UPDATE RETURNING ctid. There is a very small probability of more serious errors, such as generating incorrect index entries for the updated tuple. * Disallow "DROP TABLE" when there are pending deferred trigger events for the table (Tom Lane) Formerly the "DROP" would go through, leading to "could not open relation with OID nnn" errors when the triggers were eventually fired. * Fix PL/Python memory leak involving array slices (Daniel Popowich) * Fix pg_restore to cope with long lines (over 1KB) in TOC files (Tom Lane) * Put in more safeguards against crashing due to division-by-zero with overly enthusiastic compiler optimization (Aurelien Jarno) * Support use of dlopen() in FreeBSD and OpenBSD on MIPS (Tom Lane) There was a hard-wired assumption that this system function was not available on MIPS hardware on these systems. Use a compile-time test instead, since more recent versions have it. * Fix compilation failures on HP-UX (Heikki Linnakangas) * Fix version-incompatibility problem with libintl on Windows (Hiroshi Inoue) * Fix usage of xcopy in Windows build scripts to work correctly under Windows 7 (Andrew Dunstan) This affects the build scripts only, not installation or usage. * Fix path separator used by pg_regress on Cygwin (Andrew Dunstan) * Update time zone data files to tzdata release 2011f for DST law changes in Chile, Cuba, Falkland Islands, Morocco, Samoa, and Turkey; also historical corrections for South Australia, Alaska, and Hawaii. __________________________________________________________________ Release 8.3.14 Release Date: 2011-01-31 This release contains a variety of fixes from 8.3.13. For information about new features in the 8.3 major release, see the Section called Release 8.3. __________________________________________________________________ Migration to Version 8.3.14 A dump/restore is not required for those running 8.3.X. However, if you are upgrading from a version earlier than 8.3.8, see the release notes for 8.3.8. __________________________________________________________________ Changes * Avoid failures when "EXPLAIN" tries to display a simple-form CASE expression (Tom Lane) If the CASE's test expression was a constant, the planner could simplify the CASE into a form that confused the expression-display code, resulting in "unexpected CASE WHEN clause" errors. * Fix assignment to an array slice that is before the existing range of subscripts (Tom Lane) If there was a gap between the newly added subscripts and the first pre-existing subscript, the code miscalculated how many entries needed to be copied from the old array's null bitmap, potentially leading to data corruption or crash. * Avoid unexpected conversion overflow in planner for very distant date values (Tom Lane) The date type supports a wider range of dates than can be represented by the timestamp types, but the planner assumed it could always convert a date to timestamp with impunity. * Fix pg_restore's text output for large objects (BLOBs) when standard_conforming_strings is on (Tom Lane) Although restoring directly to a database worked correctly, string escaping was incorrect if pg_restore was asked for SQL text output and standard_conforming_strings had been enabled in the source database. * Fix erroneous parsing of tsquery values containing ... & !(subexpression) | ... (Tom Lane) Queries containing this combination of operators were not executed correctly. The same error existed in "contrib/intarray"'s query_int type and "contrib/ltree"'s ltxtquery type. * Fix buffer overrun in "contrib/intarray"'s input function for the query_int type (Apple) This bug is a security risk since the function's return address could be overwritten. Thanks to Apple Inc's security team for reporting this issue and supplying the fix. (CVE-2010-4015) * Fix bug in "contrib/seg"'s GiST picksplit algorithm (Alexander Korotkov) This could result in considerable inefficiency, though not actually incorrect answers, in a GiST index on a seg column. If you have such an index, consider "REINDEX"ing it after installing this update. (This is identical to the bug that was fixed in "contrib/cube" in the previous update.) __________________________________________________________________ Release 8.3.13 Release Date: 2010-12-16 This release contains a variety of fixes from 8.3.12. For information about new features in the 8.3 major release, see the Section called Release 8.3. __________________________________________________________________ Migration to Version 8.3.13 A dump/restore is not required for those running 8.3.X. However, if you are upgrading from a version earlier than 8.3.8, see the release notes for 8.3.8. __________________________________________________________________ Changes * Force the default wal_sync_method to be fdatasync on Linux (Tom Lane, Marti Raudsepp) The default on Linux has actually been fdatasync for many years, but recent kernel changes caused PostgreSQL to choose open_datasync instead. This choice did not result in any performance improvement, and caused outright failures on certain filesystems, notably ext4 with the data=journal mount option. * Fix assorted bugs in WAL replay logic for GIN indexes (Tom Lane) This could result in "bad buffer id: 0" failures or corruption of index contents during replication. * Fix recovery from base backup when the starting checkpoint WAL record is not in the same WAL segment as its redo point (Jeff Davis) * Fix persistent slowdown of autovacuum workers when multiple workers remain active for a long time (Tom Lane) The effective vacuum_cost_limit for an autovacuum worker could drop to nearly zero if it processed enough tables, causing it to run extremely slowly. * Add support for detecting register-stack overrun on IA64 (Tom Lane) The IA64 architecture has two hardware stacks. Full prevention of stack-overrun failures requires checking both. * Add a check for stack overflow in copyObject() (Tom Lane) Certain code paths could crash due to stack overflow given a sufficiently complex query. * Fix detection of page splits in temporary GiST indexes (Heikki Linnakangas) It is possible to have a "concurrent" page split in a temporary index, if for example there is an open cursor scanning the index when an insertion is done. GiST failed to detect this case and hence could deliver wrong results when execution of the cursor continued. * Avoid memory leakage while "ANALYZE"'ing complex index expressions (Tom Lane) * Ensure an index that uses a whole-row Var still depends on its table (Tom Lane) An index declared like create index i on t (foo(t.*)) would not automatically get dropped when its table was dropped. * Do not "inline" a SQL function with multiple OUT parameters (Tom Lane) This avoids a possible crash due to loss of information about the expected result rowtype. * Behave correctly if ORDER BY, LIMIT, FOR UPDATE, or WITH is attached to the VALUES part of INSERT ... VALUES (Tom Lane) * Fix constant-folding of COALESCE() expressions (Tom Lane) The planner would sometimes attempt to evaluate sub-expressions that in fact could never be reached, possibly leading to unexpected errors. * Fix postmaster crash when connection acceptance (accept() or one of the calls made immediately after it) fails, and the postmaster was compiled with GSSAPI support (Alexander Chernikov) * Fix missed unlink of temporary files when log_temp_files is active (Tom Lane) If an error occurred while attempting to emit the log message, the unlink was not done, resulting in accumulation of temp files. * Add print functionality for InhRelation nodes (Tom Lane) This avoids a failure when debug_print_parse is enabled and certain types of query are executed. * Fix incorrect calculation of distance from a point to a horizontal line segment (Tom Lane) This bug affected several different geometric distance-measurement operators. * Fix PL/pgSQL's handling of "simple" expressions to not fail in recursion or error-recovery cases (Tom Lane) * Fix PL/Python's handling of set-returning functions (Jan Urbanski) Attempts to call SPI functions within the iterator generating a set result would fail. * Fix bug in "contrib/cube"'s GiST picksplit algorithm (Alexander Korotkov) This could result in considerable inefficiency, though not actually incorrect answers, in a GiST index on a cube column. If you have such an index, consider "REINDEX"ing it after installing this update. * Don't emit "identifier will be truncated" notices in "contrib/dblink" except when creating new connections (Itagaki Takahiro) * Fix potential coredump on missing public key in "contrib/pgcrypto" (Marti Raudsepp) * Fix memory leak in "contrib/xml2"'s XPath query functions (Tom Lane) * Update time zone data files to tzdata release 2010o for DST law changes in Fiji and Samoa; also historical corrections for Hong Kong. __________________________________________________________________ Release 8.3.12 Release Date: 2010-10-04 This release contains a variety of fixes from 8.3.11. For information about new features in the 8.3 major release, see the Section called Release 8.3. __________________________________________________________________ Migration to Version 8.3.12 A dump/restore is not required for those running 8.3.X. However, if you are upgrading from a version earlier than 8.3.8, see the release notes for 8.3.8. __________________________________________________________________ Changes * Use a separate interpreter for each calling SQL userid in PL/Perl and PL/Tcl (Tom Lane) This change prevents security problems that can be caused by subverting Perl or Tcl code that will be executed later in the same session under another SQL user identity (for example, within a SECURITY DEFINER function). Most scripting languages offer numerous ways that that might be done, such as redefining standard functions or operators called by the target function. Without this change, any SQL user with Perl or Tcl language usage rights can do essentially anything with the SQL privileges of the target function's owner. The cost of this change is that intentional communication among Perl and Tcl functions becomes more difficult. To provide an escape hatch, PL/PerlU and PL/TclU functions continue to use only one interpreter per session. This is not considered a security issue since all such functions execute at the trust level of a database superuser already. It is likely that third-party procedural languages that claim to offer trusted execution have similar security issues. We advise contacting the authors of any PL you are depending on for security-critical purposes. Our thanks to Tim Bunce for pointing out this issue (CVE-2010-3433). * Prevent possible crashes in pg_get_expr() by disallowing it from being called with an argument that is not one of the system catalog columns it's intended to be used with (Heikki Linnakangas, Tom Lane) * Treat exit code 128 (ERROR_WAIT_NO_CHILDREN) as non-fatal on Windows (Magnus Hagander) Under high load, Windows processes will sometimes fail at startup with this error code. Formerly the postmaster treated this as a panic condition and restarted the whole database, but that seems to be an overreaction. * Fix incorrect usage of non-strict OR joinclauses in Append indexscans (Tom Lane) This is a back-patch of an 8.4 fix that was missed in the 8.3 branch. This corrects an error introduced in 8.3.8 that could cause incorrect results for outer joins when the inner relation is an inheritance tree or UNION ALL subquery. * Fix possible duplicate scans of UNION ALL member relations (Tom Lane) * Fix "cannot handle unplanned sub-select" error (Tom Lane) This occurred when a sub-select contains a join alias reference that expands into an expression containing another sub-select. * Fix failure to mark cached plans as transient (Tom Lane) If a plan is prepared while "CREATE INDEX CONCURRENTLY" is in progress for one of the referenced tables, it is supposed to be re-planned once the index is ready for use. This was not happening reliably. * Reduce PANIC to ERROR in some occasionally-reported btree failure cases, and provide additional detail in the resulting error messages (Tom Lane) This should improve the system's robustness with corrupted indexes. * Prevent show_session_authorization() from crashing within autovacuum processes (Tom Lane) * Defend against functions returning setof record where not all the returned rows are actually of the same rowtype (Tom Lane) * Fix possible failure when hashing a pass-by-reference function result (Tao Ma, Tom Lane) * Improve merge join's handling of NULLs in the join columns (Tom Lane) A merge join can now stop entirely upon reaching the first NULL, if the sort order is such that NULLs sort high. * Take care to fsync the contents of lockfiles (both "postmaster.pid" and the socket lockfile) while writing them (Tom Lane) This omission could result in corrupted lockfile contents if the machine crashes shortly after postmaster start. That could in turn prevent subsequent attempts to start the postmaster from succeeding, until the lockfile is manually removed. * Avoid recursion while assigning XIDs to heavily-nested subtransactions (Andres Freund, Robert Haas) The original coding could result in a crash if there was limited stack space. * Avoid holding open old WAL segments in the walwriter process (Magnus Hagander, Heikki Linnakangas) The previous coding would prevent removal of no-longer-needed segments. * Fix log_line_prefix's %i escape, which could produce junk early in backend startup (Tom Lane) * Fix possible data corruption in "ALTER TABLE ... SET TABLESPACE" when archiving is enabled (Jeff Davis) * Allow "CREATE DATABASE" and "ALTER DATABASE ... SET TABLESPACE" to be interrupted by query-cancel (Guillaume Lelarge) * Fix "REASSIGN OWNED" to handle operator classes and families (Asko Tiidumaa) * Fix possible core dump when comparing two empty tsquery values (Tom Lane) * Fix LIKE's handling of patterns containing % followed by _ (Tom Lane) We've fixed this before, but there were still some incorrectly-handled cases. * In PL/Python, defend against null pointer results from PyCObject_AsVoidPtr and PyCObject_FromVoidPtr (Peter Eisentraut) * Make psql recognize "DISCARD ALL" as a command that should not be encased in a transaction block in autocommit-off mode (Itagaki Takahiro) * Fix ecpg to process data from RETURNING clauses correctly (Michael Meskes) * Improve "contrib/dblink"'s handling of tables containing dropped columns (Tom Lane) * Fix connection leak after "duplicate connection name" errors in "contrib/dblink" (Itagaki Takahiro) * Fix "contrib/dblink" to handle connection names longer than 62 bytes correctly (Itagaki Takahiro) * Add hstore(text, text) function to "contrib/hstore" (Robert Haas) This function is the recommended substitute for the now-deprecated => operator. It was back-patched so that future-proofed code can be used with older server versions. Note that the patch will be effective only after "contrib/hstore" is installed or reinstalled in a particular database. Users might prefer to execute the "CREATE FUNCTION" command by hand, instead. * Update build infrastructure and documentation to reflect the source code repository's move from CVS to Git (Magnus Hagander and others) * Update time zone data files to tzdata release 2010l for DST law changes in Egypt and Palestine; also historical corrections for Finland. This change also adds new names for two Micronesian timezones: Pacific/Chuuk is now preferred over Pacific/Truk (and the preferred abbreviation is CHUT not TRUT) and Pacific/Pohnpei is preferred over Pacific/Ponape. * Make Windows' "N. Central Asia Standard Time" timezone map to Asia/Novosibirsk, not Asia/Almaty (Magnus Hagander) Microsoft changed the DST behavior of this zone in the timezone update from KB976098. Asia/Novosibirsk is a better match to its new behavior. __________________________________________________________________ Release 8.3.11 Release Date: 2010-05-17 This release contains a variety of fixes from 8.3.10. For information about new features in the 8.3 major release, see the Section called Release 8.3. __________________________________________________________________ Migration to Version 8.3.11 A dump/restore is not required for those running 8.3.X. However, if you are upgrading from a version earlier than 8.3.8, see the release notes for 8.3.8. __________________________________________________________________ Changes * Enforce restrictions in plperl using an opmask applied to the whole interpreter, instead of using "Safe.pm" (Tim Bunce, Andrew Dunstan) Recent developments have convinced us that "Safe.pm" is too insecure to rely on for making plperl trustable. This change removes use of "Safe.pm" altogether, in favor of using a separate interpreter with an opcode mask that is always applied. Pleasant side effects of the change include that it is now possible to use Perl's strict pragma in a natural way in plperl, and that Perl's $a and $b variables work as expected in sort routines, and that function compilation is significantly faster. (CVE-2010-1169) * Prevent PL/Tcl from executing untrustworthy code from pltcl_modules (Tom) PL/Tcl's feature for autoloading Tcl code from a database table could be exploited for trojan-horse attacks, because there was no restriction on who could create or insert into that table. This change disables the feature unless pltcl_modules is owned by a superuser. (However, the permissions on the table are not checked, so installations that really need a less-than-secure modules table can still grant suitable privileges to trusted non-superusers.) Also, prevent loading code into the unrestricted "normal" Tcl interpreter unless we are really going to execute a pltclu function. (CVE-2010-1170) * Fix possible crash if a cache reset message is received during rebuild of a relcache entry (Heikki) This error was introduced in 8.3.10 while fixing a related failure. * Apply per-function GUC settings while running the language validator for the function (Itagaki Takahiro) This avoids failures if the function's code is invalid without the setting; an example is that SQL functions may not parse if the search_path is not correct. * Do not allow an unprivileged user to reset superuser-only parameter settings (Alvaro) Previously, if an unprivileged user ran ALTER USER ... RESET ALL for himself, or ALTER DATABASE ... RESET ALL for a database he owns, this would remove all special parameter settings for the user or database, even ones that are only supposed to be changeable by a superuser. Now, the "ALTER" will only remove the parameters that the user has permission to change. * Avoid possible crash during backend shutdown if shutdown occurs when a CONTEXT addition would be made to log entries (Tom) In some cases the context-printing function would fail because the current transaction had already been rolled back when it came time to print a log message. * Ensure the archiver process responds to changes in archive_command as soon as possible (Tom) * Update pl/perl's "ppport.h" for modern Perl versions (Andrew) * Fix assorted memory leaks in pl/python (Andreas Freund, Tom) * Prevent infinite recursion in psql when expanding a variable that refers to itself (Tom) * Fix psql's \copy to not add spaces around a dot within \copy (select ...) (Tom) Addition of spaces around the decimal point in a numeric literal would result in a syntax error. * Fix unnecessary "GIN indexes do not support whole-index scans" errors for unsatisfiable queries using "contrib/intarray" operators (Tom) * Ensure that "contrib/pgstattuple" functions respond to cancel interrupts promptly (Tatsuhito Kasahara) * Make server startup deal properly with the case that shmget() returns EINVAL for an existing shared memory segment (Tom) This behavior has been observed on BSD-derived kernels including OS X. It resulted in an entirely-misleading startup failure complaining that the shared memory request size was too large. * Avoid possible crashes in syslogger process on Windows (Heikki) * Deal more robustly with incomplete time zone information in the Windows registry (Magnus) * Update the set of known Windows time zone names (Magnus) * Update time zone data files to tzdata release 2010j for DST law changes in Argentina, Australian Antarctic, Bangladesh, Mexico, Morocco, Pakistan, Palestine, Russia, Syria, Tunisia; also historical corrections for Taiwan. Also, add PKST (Pakistan Summer Time) to the default set of timezone abbreviations. __________________________________________________________________ Release 8.3.10 Release Date: 2010-03-15 This release contains a variety of fixes from 8.3.9. For information about new features in the 8.3 major release, see the Section called Release 8.3. __________________________________________________________________ Migration to Version 8.3.10 A dump/restore is not required for those running 8.3.X. However, if you are upgrading from a version earlier than 8.3.8, see the release notes for 8.3.8. __________________________________________________________________ Changes * Add new configuration parameter ssl_renegotiation_limit to control how often we do session key renegotiation for an SSL connection (Magnus) This can be set to zero to disable renegotiation completely, which may be required if a broken SSL library is used. In particular, some vendors are shipping stopgap patches for CVE-2009-3555 that cause renegotiation attempts to fail. * Fix possible deadlock during backend startup (Tom) * Fix possible crashes due to not handling errors during relcache reload cleanly (Tom) * Fix possible crash due to use of dangling pointer to a cached plan (Tatsuo) * Fix possible crashes when trying to recover from a failure in subtransaction start (Tom) * Fix server memory leak associated with use of savepoints and a client encoding different from server's encoding (Tom) * Fix incorrect WAL data emitted during end-of-recovery cleanup of a GIST index page split (Yoichi Hirai) This would result in index corruption, or even more likely an error during WAL replay, if we were unlucky enough to crash during end-of-recovery cleanup after having completed an incomplete GIST insertion. * Make substring() for bit types treat any negative length as meaning "all the rest of the string" (Tom) The previous coding treated only -1 that way, and would produce an invalid result value for other negative values, possibly leading to a crash (CVE-2010-0442). * Fix integer-to-bit-string conversions to handle the first fractional byte correctly when the output bit width is wider than the given integer by something other than a multiple of 8 bits (Tom) * Fix some cases of pathologically slow regular expression matching (Tom) * Fix assorted crashes in xml processing caused by sloppy memory management (Tom) This is a back-patch of changes first applied in 8.4. The 8.3 code was known buggy, but the new code was sufficiently different to not want to back-patch it until it had gotten some field testing. * Fix bug with trying to update a field of an element of a composite-type array column (Tom) * Fix the STOP WAL LOCATION entry in backup history files to report the next WAL segment's name when the end location is exactly at a segment boundary (Itagaki Takahiro) * Fix some more cases of temporary-file leakage (Heikki) This corrects a problem introduced in the previous minor release. One case that failed is when a plpgsql function returning set is called within another function's exception handler. * Improve constraint exclusion processing of boolean-variable cases, in particular make it possible to exclude a partition that has a "bool_column = false" constraint (Tom) * When reading "pg_hba.conf" and related files, do not treat @something as a file inclusion request if the @ appears inside quote marks; also, never treat @ by itself as a file inclusion request (Tom) This prevents erratic behavior if a role or database name starts with @. If you need to include a file whose path name contains spaces, you can still do so, but you must write @"/path to/file" rather than putting the quotes around the whole construct. * Prevent infinite loop on some platforms if a directory is named as an inclusion target in "pg_hba.conf" and related files (Tom) * Fix possible infinite loop if SSL_read or SSL_write fails without setting errno (Tom) This is reportedly possible with some Windows versions of openssl. * Disallow GSSAPI authentication on local connections, since it requires a hostname to function correctly (Magnus) * Make ecpg report the proper SQLSTATE if the connection disappears (Michael) * Fix psql's numericlocale option to not format strings it shouldn't in latex and troff output formats (Heikki) * Make psql return the correct exit status (3) when ON_ERROR_STOP and --single-transaction are both specified and an error occurs during the implied "COMMIT" (Bruce) * Fix plpgsql failure in one case where a composite column is set to NULL (Tom) * Fix possible failure when calling PL/Perl functions from PL/PerlU or vice versa (Tim Bunce) * Add volatile markings in PL/Python to avoid possible compiler-specific misbehavior (Zdenek Kotala) * Ensure PL/Tcl initializes the Tcl interpreter fully (Tom) The only known symptom of this oversight is that the Tcl clock command misbehaves if using Tcl 8.5 or later. * Prevent crash in "contrib/dblink" when too many key columns are specified to a dblink_build_sql_* function (Rushabh Lathia, Joe Conway) * Allow zero-dimensional arrays in "contrib/ltree" operations (Tom) This case was formerly rejected as an error, but it's more convenient to treat it the same as a zero-element array. In particular this avoids unnecessary failures when an ltree operation is applied to the result of ARRAY(SELECT ...) and the sub-select returns no rows. * Fix assorted crashes in "contrib/xml2" caused by sloppy memory management (Tom) * Make building of "contrib/xml2" more robust on Windows (Andrew) * Fix race condition in Windows signal handling (Radu Ilie) One known symptom of this bug is that rows in pg_listener could be dropped under heavy load. * Update time zone data files to tzdata release 2010e for DST law changes in Bangladesh, Chile, Fiji, Mexico, Paraguay, Samoa. __________________________________________________________________ Release 8.3.9 Release Date: 2009-12-14 This release contains a variety of fixes from 8.3.8. For information about new features in the 8.3 major release, see the Section called Release 8.3. __________________________________________________________________ Migration to Version 8.3.9 A dump/restore is not required for those running 8.3.X. However, if you are upgrading from a version earlier than 8.3.8, see the release notes for 8.3.8. __________________________________________________________________ Changes * Protect against indirect security threats caused by index functions changing session-local state (Gurjeet Singh, Tom) This change prevents allegedly-immutable index functions from possibly subverting a superuser's session (CVE-2009-4136). * Reject SSL certificates containing an embedded null byte in the common name (CN) field (Magnus) This prevents unintended matching of a certificate to a server or client name during SSL validation (CVE-2009-4034). * Fix possible crash during backend-startup-time cache initialization (Tom) * Avoid crash on empty thesaurus dictionary (Tom) * Prevent signals from interrupting VACUUM at unsafe times (Alvaro) This fix prevents a PANIC if a VACUUM FULL is canceled after it's already committed its tuple movements, as well as transient errors if a plain VACUUM is interrupted after having truncated the table. * Fix possible crash due to integer overflow in hash table size calculation (Tom) This could occur with extremely large planner estimates for the size of a hashjoin's result. * Fix very rare crash in inet/cidr comparisons (Chris Mikkelson) * Ensure that shared tuple-level locks held by prepared transactions are not ignored (Heikki) * Fix premature drop of temporary files used for a cursor that is accessed within a subtransaction (Heikki) * Fix memory leak in syslogger process when rotating to a new CSV logfile (Tom) * Fix Windows permission-downgrade logic (Jesse Morris) This fixes some cases where the database failed to start on Windows, often with misleading error messages such as "could not locate matching postgres executable". * Fix incorrect logic for GiST index page splits, when the split depends on a non-first column of the index (Paul Ramsey) * Don't error out if recycling or removing an old WAL file fails at the end of checkpoint (Heikki) It's better to treat the problem as non-fatal and allow the checkpoint to complete. Future checkpoints will retry the removal. Such problems are not expected in normal operation, but have been seen to be caused by misdesigned Windows anti-virus and backup software. * Ensure WAL files aren't repeatedly archived on Windows (Heikki) This is another symptom that could happen if some other process interfered with deletion of a no-longer-needed file. * Fix PAM password processing to be more robust (Tom) The previous code is known to fail with the combination of the Linux pam_krb5 PAM module with Microsoft Active Directory as the domain controller. It might have problems elsewhere too, since it was making unjustified assumptions about what arguments the PAM stack would pass to it. * Raise the maximum authentication token (Kerberos ticket) size in GSSAPI and SSPI authentication methods (Ian Turner) While the old 2000-byte limit was more than enough for Unix Kerberos implementations, tickets issued by Windows Domain Controllers can be much larger. * Re-enable collection of access statistics for sequences (Akira Kurosawa) This used to work but was broken in 8.3. * Fix processing of ownership dependencies during CREATE OR REPLACE FUNCTION (Tom) * Fix incorrect handling of WHERE "x"="x" conditions (Tom) In some cases these could get ignored as redundant, but they aren't -- they're equivalent to "x" IS NOT NULL. * Make text search parser accept underscores in XML attributes (Peter) * Fix encoding handling in xml binary input (Heikki) If the XML header doesn't specify an encoding, we now assume UTF-8 by default; the previous handling was inconsistent. * Fix bug with calling plperl from plperlu or vice versa (Tom) An error exit from the inner function could result in crashes due to failure to re-select the correct Perl interpreter for the outer function. * Fix session-lifespan memory leak when a PL/Perl function is redefined (Tom) * Ensure that Perl arrays are properly converted to PostgreSQL arrays when returned by a set-returning PL/Perl function (Andrew Dunstan, Abhijit Menon-Sen) This worked correctly already for non-set-returning functions. * Fix rare crash in exception processing in PL/Python (Peter) * In "contrib/pg_standby", disable triggering failover with a signal on Windows (Fujii Masao) This never did anything useful, because Windows doesn't have Unix-style signals, but recent changes made it actually crash. * Ensure psql's flex module is compiled with the correct system header definitions (Tom) This fixes build failures on platforms where --enable-largefile causes incompatible changes in the generated code. * Make the postmaster ignore any application_name parameter in connection request packets, to improve compatibility with future libpq versions (Tom) * Update the timezone abbreviation files to match current reality (Joachim Wieland) This includes adding IDT and SGT to the default timezone abbreviation set. * Update time zone data files to tzdata release 2009s for DST law changes in Antarctica, Argentina, Bangladesh, Fiji, Novokuznetsk, Pakistan, Palestine, Samoa, Syria; also historical corrections for Hong Kong. __________________________________________________________________ Release 8.3.8 Release Date: 2009-09-09 This release contains a variety of fixes from 8.3.7. For information about new features in the 8.3 major release, see the Section called Release 8.3. __________________________________________________________________ Migration to Version 8.3.8 A dump/restore is not required for those running 8.3.X. However, if you have any hash indexes on interval columns, you must "REINDEX" them after updating to 8.3.8. Also, if you are upgrading from a version earlier than 8.3.5, see the release notes for 8.3.5. __________________________________________________________________ Changes * Fix Windows shared-memory allocation code (Tsutomu Yamada, Magnus) This bug led to the often-reported "could not reattach to shared memory" error message. * Force WAL segment switch during pg_start_backup() (Heikki) This avoids corner cases that could render a base backup unusable. * Disallow "RESET ROLE" and "RESET SESSION AUTHORIZATION" inside security-definer functions (Tom, Heikki) This covers a case that was missed in the previous patch that disallowed "SET ROLE" and "SET SESSION AUTHORIZATION" inside security-definer functions. (See CVE-2007-6600) * Make "LOAD" of an already-loaded loadable module into a no-op (Tom) Formerly, "LOAD" would attempt to unload and re-load the module, but this is unsafe and not all that useful. * Disallow empty passwords during LDAP authentication (Magnus) * Fix handling of sub-SELECTs appearing in the arguments of an outer-level aggregate function (Tom) * Fix bugs associated with fetching a whole-row value from the output of a Sort or Materialize plan node (Tom) * Prevent synchronize_seqscans from changing the results of scrollable and WITH HOLD cursors (Tom) * Revert planner change that disabled partial-index and constraint exclusion optimizations when there were more than 100 clauses in an AND or OR list (Tom) * Fix hash calculation for data type interval (Tom) This corrects wrong results for hash joins on interval values. It also changes the contents of hash indexes on interval columns. If you have any such indexes, you must "REINDEX" them after updating. * Treat to_char(..., 'TH') as an uppercase ordinal suffix with 'HH'/'HH12' (Heikki) It was previously handled as 'th' (lowercase). * Fix overflow for INTERVAL 'x ms' when "x" is more than 2 million and integer datetimes are in use (Alex Hunsaker) * Fix calculation of distance between a point and a line segment (Tom) This led to incorrect results from a number of geometric operators. * Fix money data type to work in locales where currency amounts have no fractional digits, e.g. Japan (Itagaki Takahiro) * Fix LIKE for case where pattern contains %_ (Tom) * Properly round datetime input like 00:12:57.9999999999999999999999999999 (Tom) * Fix memory leaks in XML operations (Tom) * Fix poor choice of page split point in GiST R-tree operator classes (Teodor) * Ensure that a "fast shutdown" request will forcibly terminate open sessions, even if a "smart shutdown" was already in progress (Fujii Masao) * Avoid performance degradation in bulk inserts into GIN indexes when the input values are (nearly) in sorted order (Tom) * Correctly enforce NOT NULL domain constraints in some contexts in PL/pgSQL (Tom) * Fix portability issues in plperl initialization (Andrew Dunstan) * Fix pg_ctl to not go into an infinite loop if "postgresql.conf" is empty (Jeff Davis) * Improve pg_dump's efficiency when there are many large objects (Tamas Vincze) * Use SIGUSR1, not SIGQUIT, as the failover signal for pg_standby (Heikki) * Make pg_standby's maxretries option behave as documented (Fujii Masao) * Make "contrib/hstore" throw an error when a key or value is too long to fit in its data structure, rather than silently truncating it (Andrew Gierth) * Fix "contrib/xml2"'s xslt_process() to properly handle the maximum number of parameters (twenty) (Tom) * Improve robustness of libpq's code to recover from errors during "COPY FROM STDIN" (Tom) * Avoid including conflicting readline and editline header files when both libraries are installed (Zdenek Kotala) * Update time zone data files to tzdata release 2009l for DST law changes in Bangladesh, Egypt, Jordan, Pakistan, Argentina/San_Luis, Cuba, Jordan (historical correction only), Mauritius, Morocco, Palestine, Syria, Tunisia. __________________________________________________________________ Release 8.3.7 Release Date: 2009-03-16 This release contains a variety of fixes from 8.3.6. For information about new features in the 8.3 major release, see the Section called Release 8.3. __________________________________________________________________ Migration to Version 8.3.7 A dump/restore is not required for those running 8.3.X. However, if you are upgrading from a version earlier than 8.3.5, see the release notes for 8.3.5. __________________________________________________________________ Changes * Prevent error recursion crashes when encoding conversion fails (Tom) This change extends fixes made in the last two minor releases for related failure scenarios. The previous fixes were narrowly tailored for the original problem reports, but we have now recognized that *any* error thrown by an encoding conversion function could potentially lead to infinite recursion while trying to report the error. The solution therefore is to disable translation and encoding conversion and report the plain-ASCII form of any error message, if we find we have gotten into a recursive error reporting situation. (CVE-2009-0922) * Disallow "CREATE CONVERSION" with the wrong encodings for the specified conversion function (Heikki) This prevents one possible scenario for encoding conversion failure. The previous change is a backstop to guard against other kinds of failures in the same area. * Fix xpath() to not modify the path expression unless necessary, and to make a saner attempt at it when necessary (Andrew) The SQL standard suggests that xpath should work on data that is a document fragment, but libxml doesn't support that, and indeed it's not clear that this is sensible according to the XPath standard. xpath attempted to work around this mismatch by modifying both the data and the path expression, but the modification was buggy and could cause valid searches to fail. Now, xpath checks whether the data is in fact a well-formed document, and if so invokes libxml with no change to the data or path expression. Otherwise, a different modification method that is somewhat less likely to fail is used. Note: The new modification method is still not 100% satisfactory, and it seems likely that no real solution is possible. This patch should therefore be viewed as a band-aid to keep from breaking existing applications unnecessarily. It is likely that PostgreSQL 8.4 will simply reject use of xpath on data that is not a well-formed document. * Fix core dump when to_char() is given format codes that are inappropriate for the type of the data argument (Tom) * Fix possible failure in text search when C locale is used with a multi-byte encoding (Teodor) Crashes were possible on platforms where wchar_t is narrower than int; Windows in particular. * Fix extreme inefficiency in text search parser's handling of an email-like string containing multiple @ characters (Heikki) * Fix planner problem with sub-"SELECT" in the output list of a larger subquery (Tom) The known symptom of this bug is a "failed to locate grouping columns" error that is dependent on the datatype involved; but there could be other issues as well. * Fix decompilation of CASE WHEN with an implicit coercion (Tom) This mistake could lead to Assert failures in an Assert-enabled build, or an "unexpected CASE WHEN clause" error message in other cases, when trying to examine or dump a view. * Fix possible misassignment of the owner of a TOAST table's rowtype (Tom) If "CLUSTER" or a rewriting variant of "ALTER TABLE" were executed by someone other than the table owner, the pg_type entry for the table's TOAST table would end up marked as owned by that someone. This caused no immediate problems, since the permissions on the TOAST rowtype aren't examined by any ordinary database operation. However, it could lead to unexpected failures if one later tried to drop the role that issued the command (in 8.1 or 8.2), or "owner of data type appears to be invalid" warnings from pg_dump after having done so (in 8.3). * Change "UNLISTEN" to exit quickly if the current session has never executed any "LISTEN" command (Tom) Most of the time this is not a particularly useful optimization, but since "DISCARD ALL" invokes "UNLISTEN", the previous coding caused a substantial performance problem for applications that made heavy use of "DISCARD ALL". * Fix PL/pgSQL to not treat INTO after "INSERT" as an INTO-variables clause anywhere in the string, not only at the start; in particular, don't fail for "INSERT INTO" within "CREATE RULE" (Tom) * Clean up PL/pgSQL error status variables fully at block exit (Ashesh Vashi and Dave Page) This is not a problem for PL/pgSQL itself, but the omission could cause the PL/pgSQL Debugger to crash while examining the state of a function. * Retry failed calls to CallNamedPipe() on Windows (Steve Marshall, Magnus) It appears that this function can sometimes fail transiently; we previously treated any failure as a hard error, which could confuse "LISTEN"/"NOTIFY" as well as other operations. * Add MUST (Mauritius Island Summer Time) to the default list of known timezone abbreviations (Xavier Bugaud) __________________________________________________________________ Release 8.3.6 Release Date: 2009-02-02 This release contains a variety of fixes from 8.3.5. For information about new features in the 8.3 major release, see the Section called Release 8.3. __________________________________________________________________ Migration to Version 8.3.6 A dump/restore is not required for those running 8.3.X. However, if you are upgrading from a version earlier than 8.3.5, see the release notes for 8.3.5. __________________________________________________________________ Changes * Make "DISCARD ALL" release advisory locks, in addition to everything it already did (Tom) This was decided to be the most appropriate behavior. This could affect existing applications, however. * Fix whole-index GiST scans to work correctly (Teodor) This error could cause rows to be lost if a table is clustered on a GiST index. * Fix crash of xmlconcat(NULL) (Peter) * Fix possible crash in ispell dictionary if high-bit-set characters are used as flags (Teodor) This is known to be done by one widely available Norwegian dictionary, and the same condition may exist in others. * Fix misordering of pg_dump output for composite types (Tom) The most likely problem was for user-defined operator classes to be dumped after indexes or views that needed them. * Improve handling of URLs in headline() function (Teodor) * Improve handling of overlength headlines in headline() function (Teodor) * Prevent possible Assert failure or misconversion if an encoding conversion is created with the wrong conversion function for the specified pair of encodings (Tom, Heikki) * Fix possible Assert failure if a statement executed in PL/pgSQL is rewritten into another kind of statement, for example if an "INSERT" is rewritten into an "UPDATE" (Heikki) * Ensure that a snapshot is available to datatype input functions (Tom) This primarily affects domains that are declared with CHECK constraints involving user-defined stable or immutable functions. Such functions typically fail if no snapshot has been set. * Make it safer for SPI-using functions to be used within datatype I/O; in particular, to be used in domain check constraints (Tom) * Avoid unnecessary locking of small tables in "VACUUM" (Heikki) * Fix a problem that sometimes kept "ALTER TABLE ENABLE/DISABLE RULE" from being recognized by active sessions (Tom) * Fix a problem that made UPDATE RETURNING tableoid return zero instead of the correct OID (Tom) * Allow functions declared as taking ANYARRAY to work on the pg_statistic columns of that type (Tom) This used to work, but was unintentionally broken in 8.3. * Fix planner misestimation of selectivity when transitive equality is applied to an outer-join clause (Tom) This could result in bad plans for queries like ... from a left join b on a.a1 = b.b1 where a.a1 = 42 ... * Improve optimizer's handling of long IN lists (Tom) This change avoids wasting large amounts of time on such lists when constraint exclusion is enabled. * Prevent synchronous scan during GIN index build (Tom) Because GIN is optimized for inserting tuples in increasing TID order, choosing to use a synchronous scan could slow the build by a factor of three or more. * Ensure that the contents of a holdable cursor don't depend on the contents of TOAST tables (Tom) Previously, large field values in a cursor result might be represented as TOAST pointers, which would fail if the referenced table got dropped before the cursor is read, or if the large value is deleted and then vacuumed away. This cannot happen with an ordinary cursor, but it could with a cursor that is held past its creating transaction. * Fix memory leak when a set-returning function is terminated without reading its whole result (Tom) * Fix encoding conversion problems in XML functions when the database encoding isn't UTF-8 (Tom) * Fix "contrib/dblink"'s dblink_get_result(text,bool) function (Joe) * Fix possible garbage output from "contrib/sslinfo" functions (Tom) * Fix incorrect behavior of "contrib/tsearch2" compatibility trigger when it's fired more than once in a command (Teodor) * Fix possible mis-signaling in autovacuum (Heikki) * Support running as a service on Windows 7 beta (Dave and Magnus) * Fix ecpg's handling of varchar structs (Michael) * Fix configure script to properly report failure when unable to obtain linkage information for PL/Perl (Andrew) * Make all documentation reference pgsql-bugs and/or pgsql-hackers as appropriate, instead of the now-decommissioned pgsql-ports and pgsql-patches mailing lists (Tom) * Update time zone data files to tzdata release 2009a (for Kathmandu and historical DST corrections in Switzerland, Cuba) __________________________________________________________________ Release 8.3.5 Release Date: 2008-11-03 This release contains a variety of fixes from 8.3.4. For information about new features in the 8.3 major release, see the Section called Release 8.3. __________________________________________________________________ Migration to Version 8.3.5 A dump/restore is not required for those running 8.3.X. However, if you are upgrading from a version earlier than 8.3.1, see the release notes for 8.3.1. Also, if you were running a previous 8.3.X release, it is recommended to "REINDEX" all GiST indexes after the upgrade. __________________________________________________________________ Changes * Fix GiST index corruption due to marking the wrong index entry "dead" after a deletion (Teodor) This would result in index searches failing to find rows they should have found. Corrupted indexes can be fixed with "REINDEX". * Fix backend crash when the client encoding cannot represent a localized error message (Tom) We have addressed similar issues before, but it would still fail if the "character has no equivalent" message itself couldn't be converted. The fix is to disable localization and send the plain ASCII error message when we detect such a situation. * Fix possible crash in bytea-to-XML mapping (Michael McMaster) * Fix possible crash when deeply nested functions are invoked from a trigger (Tom) * Improve optimization of "expression" IN ("expression-list") queries (Tom, per an idea from Robert Haas) Cases in which there are query variables on the right-hand side had been handled less efficiently in 8.2.x and 8.3.x than in prior versions. The fix restores 8.1 behavior for such cases. * Fix mis-expansion of rule queries when a sub-SELECT appears in a function call in FROM, a multi-row VALUES list, or a RETURNING list (Tom) The usual symptom of this problem is an "unrecognized node type" error. * Fix Assert failure during rescan of an IS NULL search of a GiST index (Teodor) * Fix memory leak during rescan of a hashed aggregation plan (Neil) * Ensure an error is reported when a newly-defined PL/pgSQL trigger function is invoked as a normal function (Tom) * Force a checkpoint before "CREATE DATABASE" starts to copy files (Heikki) This prevents a possible failure if files had recently been deleted in the source database. * Prevent possible collision of relfilenode numbers when moving a table to another tablespace with "ALTER SET TABLESPACE" (Heikki) The command tried to re-use the existing filename, instead of picking one that is known unused in the destination directory. * Fix incorrect text search headline generation when single query item matches first word of text (Sushant Sinha) * Fix improper display of fractional seconds in interval values when using a non-ISO datestyle in an "--enable-integer-datetimes" build (Ron Mayer) * Make ILIKE compare characters case-insensitively even when they're escaped (Andrew) * Ensure "DISCARD" is handled properly by statement logging (Tom) * Fix incorrect logging of last-completed-transaction time during PITR recovery (Tom) * Ensure SPI_getvalue and SPI_getbinval behave correctly when the passed tuple and tuple descriptor have different numbers of columns (Tom) This situation is normal when a table has had columns added or removed, but these two functions didn't handle it properly. The only likely consequence is an incorrect error indication. * Mark SessionReplicationRole as PGDLLIMPORT so it can be used by Slony on Windows (Magnus) * Fix small memory leak when using libpq's gsslib parameter (Magnus) The space used by the parameter string was not freed at connection close. * Ensure libgssapi is linked into libpq if needed (Markus Schaaf) * Fix ecpg's parsing of "CREATE ROLE" (Michael) * Fix recent breakage of pg_ctl restart (Tom) * Ensure "pg_control" is opened in binary mode (Itagaki Takahiro) pg_controldata and pg_resetxlog did this incorrectly, and so could fail on Windows. * Update time zone data files to tzdata release 2008i (for DST law changes in Argentina, Brazil, Mauritius, Syria) __________________________________________________________________ Release 8.3.4 Release Date: 2008-09-22 This release contains a variety of fixes from 8.3.3. For information about new features in the 8.3 major release, see the Section called Release 8.3. __________________________________________________________________ Migration to Version 8.3.4 A dump/restore is not required for those running 8.3.X. However, if you are upgrading from a version earlier than 8.3.1, see the release notes for 8.3.1. __________________________________________________________________ Changes * Fix bug in btree WAL recovery code (Heikki) Recovery failed if the WAL ended partway through a page split operation. * Fix potential use of wrong cutoff XID for HOT page pruning (Alvaro) This error created a risk of corruption in system catalogs that are consulted by "VACUUM": dead tuple versions might be removed too soon. The impact of this on actual database operations would be minimal, since the system doesn't follow MVCC rules while examining catalogs, but it might result in transiently wrong output from pg_dump or other client programs. * Fix potential miscalculation of datfrozenxid (Alvaro) This error may explain some recent reports of failure to remove old pg_clog data. * Fix incorrect HOT updates after pg_class is reindexed (Tom) Corruption of pg_class could occur if REINDEX TABLE pg_class was followed in the same session by an ALTER TABLE RENAME or ALTER TABLE SET SCHEMA command. * Fix missed "combo cid" case (Karl Schnaitter) This error made rows incorrectly invisible to a transaction in which they had been deleted by multiple subtransactions that all aborted. * Prevent autovacuum from crashing if the table it's currently checking is deleted at just the wrong time (Alvaro) * Widen local lock counters from 32 to 64 bits (Tom) This responds to reports that the counters could overflow in sufficiently long transactions, leading to unexpected "lock is already held" errors. * Fix possible duplicate output of tuples during a GiST index scan (Teodor) * Regenerate foreign key checking queries from scratch when either table is modified (Tom) Previously, 8.3 would attempt to replan the query, but would work from previously generated query text. This led to failures if a table or column was renamed. * Fix missed permissions checks when a view contains a simple UNION ALL construct (Heikki) Permissions for the referenced tables were checked properly, but not permissions for the view itself. * Add checks in executor startup to ensure that the tuples produced by an "INSERT" or "UPDATE" will match the target table's current rowtype (Tom) This situation is believed to be impossible in 8.3, but it can happen in prior releases, so a check seems prudent. * Fix possible repeated drops during "DROP OWNED" (Tom) This would typically result in strange errors such as "cache lookup failed for relation NNN". * Fix several memory leaks in XML operations (Kris Jurka, Tom) * Fix xmlserialize() to raise error properly for unacceptable target data type (Tom) * Fix a couple of places that mis-handled multibyte characters in text search configuration file parsing (Tom) Certain characters occurring in configuration files would always cause "invalid byte sequence for encoding" failures. * Provide file name and line number location for all errors reported in text search configuration files (Tom) * Fix AT TIME ZONE to first try to interpret its timezone argument as a timezone abbreviation, and only try it as a full timezone name if that fails, rather than the other way around as formerly (Tom) The timestamp input functions have always resolved ambiguous zone names in this order. Making AT TIME ZONE do so as well improves consistency, and fixes a compatibility bug introduced in 8.1: in ambiguous cases we now behave the same as 8.0 and before did, since in the older versions AT TIME ZONE accepted *only* abbreviations. * Fix datetime input functions to correctly detect integer overflow when running on a 64-bit platform (Tom) * Prevent integer overflows during units conversion when displaying a configuration parameter that has units (Tom) * Improve performance of writing very long log messages to syslog (Tom) * Allow spaces in the suffix part of an LDAP URL in "pg_hba.conf" (Tom) * Fix bug in backwards scanning of a cursor on a SELECT DISTINCT ON query (Tom) * Fix planner bug that could improperly push down IS NULL tests below an outer join (Tom) This was triggered by occurrence of IS NULL tests for the same relation in all arms of an upper OR clause. * Fix planner bug with nested sub-select expressions (Tom) If the outer sub-select has no direct dependency on the parent query, but the inner one does, the outer value might not get recalculated for new parent query rows. * Fix planner to estimate that GROUP BY expressions yielding boolean results always result in two groups, regardless of the expressions' contents (Tom) This is very substantially more accurate than the regular GROUP BY estimate for certain boolean tests like "col" IS NULL. * Fix PL/pgSQL to not fail when a FOR loop's target variable is a record containing composite-type fields (Tom) * Fix PL/Tcl to behave correctly with Tcl 8.5, and to be more careful about the encoding of data sent to or from Tcl (Tom) * Improve performance of PQescapeBytea() (Rudolf Leitgeb) * On Windows, work around a Microsoft bug by preventing libpq from trying to send more than 64kB per system call (Magnus) * Fix ecpg to handle variables properly in "SET" commands (Michael) * Improve pg_dump and pg_restore's error reporting after failure to send a SQL command (Tom) * Fix pg_ctl to properly preserve postmaster command-line arguments across a restart (Bruce) * Fix erroneous WAL file cutoff point calculation in pg_standby (Simon) * Update time zone data files to tzdata release 2008f (for DST law changes in Argentina, Bahamas, Brazil, Mauritius, Morocco, Pakistan, Palestine, and Paraguay) __________________________________________________________________ Release 8.3.3 Release Date: 2008-06-12 This release contains one serious and one minor bug fix over 8.3.2. For information about new features in the 8.3 major release, see the Section called Release 8.3. __________________________________________________________________ Migration to Version 8.3.3 A dump/restore is not required for those running 8.3.X. However, if you are upgrading from a version earlier than 8.3.1, see the release notes for 8.3.1. __________________________________________________________________ Changes * Make pg_get_ruledef() parenthesize negative constants (Tom) Before this fix, a negative constant in a view or rule might be dumped as, say, -42::integer, which is subtly incorrect: it should be (-42)::integer due to operator precedence rules. Usually this would make little difference, but it could interact with another recent patch to cause PostgreSQL to reject what had been a valid "SELECT DISTINCT" view query. Since this could result in pg_dump output failing to reload, it is being treated as a high-priority fix. The only released versions in which dump output is actually incorrect are 8.3.1 and 8.2.7. * Make "ALTER AGGREGATE ... OWNER TO" update pg_shdepend (Tom) This oversight could lead to problems if the aggregate was later involved in a "DROP OWNED" or "REASSIGN OWNED" operation. __________________________________________________________________ Release 8.3.2 Release Date: never released This release contains a variety of fixes from 8.3.1. For information about new features in the 8.3 major release, see the Section called Release 8.3. __________________________________________________________________ Migration to Version 8.3.2 A dump/restore is not required for those running 8.3.X. However, if you are upgrading from a version earlier than 8.3.1, see the release notes for 8.3.1. __________________________________________________________________ Changes * Fix ERRORDATA_STACK_SIZE exceeded crash that occurred on Windows when using UTF-8 database encoding and a different client encoding (Tom) * Fix incorrect archive truncation point calculation for the %r macro in recovery_command parameters (Simon) This could lead to data loss if a warm-standby script relied on %r to decide when to throw away WAL segment files. * Fix "ALTER TABLE ADD COLUMN ... PRIMARY KEY" so that the new column is correctly checked to see if it's been initialized to all non-nulls (Brendan Jurd) Previous versions neglected to check this requirement at all. * Fix "REASSIGN OWNED" so that it works on procedural languages too (Alvaro) * Fix problems with "SELECT FOR UPDATE/SHARE" occurring as a subquery in a query with a non-"SELECT" top-level operation (Tom) * Fix possible "CREATE TABLE" failure when inheriting the "same" constraint from multiple parent relations that inherited that constraint from a common ancestor (Tom) * Fix pg_get_ruledef() to show the alias, if any, attached to the target table of an "UPDATE" or "DELETE" (Tom) * Restore the pre-8.3 behavior that an out-of-range block number in a TID being used in a TidScan plan results in silently not matching any rows (Tom) 8.3.0 and 8.3.1 threw an error instead. * Fix GIN bug that could result in a too many LWLocks taken failure (Teodor) * Fix broken GiST comparison function for tsquery (Teodor) * Fix tsvector_update_trigger() and ts_stat() to accept domains over the types they expect to work with (Tom) * Fix failure to support enum data types as foreign keys (Tom) * Avoid possible crash when decompressing corrupted data (Zdenek Kotala) * Fix race conditions between delayed unlinks and "DROP DATABASE" (Heikki) In the worst case this could result in deleting a newly created table in a new database that happened to get the same OID as the recently-dropped one; but of course that is an extremely low-probability scenario. * Repair two places where SIGTERM exit of a backend could leave corrupted state in shared memory (Tom) Neither case is very important if SIGTERM is used to shut down the whole database cluster together, but there was a problem if someone tried to SIGTERM individual backends. * Fix possible crash due to incorrect plan generated for an x IN (SELECT y FROM ...) clause when "x" and "y" have different data types; and make sure the behavior is semantically correct when the conversion from "y"'s type to "x"'s type is lossy (Tom) * Fix oversight that prevented the planner from substituting known Param values as if they were constants (Tom) This mistake partially disabled optimization of unnamed extended-Query statements in 8.3.0 and 8.3.1: in particular the LIKE-to-indexscan optimization would never be applied if the LIKE pattern was passed as a parameter, and constraint exclusion depending on a parameter value didn't work either. * Fix planner failure when an indexable MIN or MAX aggregate is used with DISTINCT or ORDER BY (Tom) * Fix planner to ensure it never uses a "physical tlist" for a plan node that is feeding a Sort node (Tom) This led to the sort having to push around more data than it really needed to, since unused column values were included in the sorted data. * Avoid unnecessary copying of query strings (Tom) This fixes a performance problem introduced in 8.3.0 when a very large number of commands are submitted as a single query string. * Make TransactionIdIsCurrentTransactionId() use binary search instead of linear search when checking child-transaction XIDs (Heikki) This fixes some cases in which 8.3.0 was significantly slower than earlier releases. * Fix conversions between ISO-8859-5 and other encodings to handle Cyrillic "Yo" characters (e and E with two dots) (Sergey Burladyan) * Fix several datatype input functions, notably array_in(), that were allowing unused bytes in their results to contain uninitialized, unpredictable values (Tom) This could lead to failures in which two apparently identical literal values were not seen as equal, resulting in the parser complaining about unmatched ORDER BY and DISTINCT expressions. * Fix a corner case in regular-expression substring matching (substring(string from pattern)) (Tom) The problem occurs when there is a match to the pattern overall but the user has specified a parenthesized subexpression and that subexpression hasn't got a match. An example is substring('foo' from 'foo(bar)?'). This should return NULL, since (bar) isn't matched, but it was mistakenly returning the whole-pattern match instead (ie, foo). * Prevent cancellation of an auto-vacuum that was launched to prevent XID wraparound (Alvaro) * Improve "ANALYZE"'s handling of in-doubt tuples (those inserted or deleted by a not-yet-committed transaction) so that the counts it reports to the stats collector are more likely to be correct (Pavan Deolasee) * Fix initdb to reject a relative path for its --xlogdir (-X) option (Tom) * Make psql print tab characters as an appropriate number of spaces, rather than \x09 as was done in 8.3.0 and 8.3.1 (Bruce) * Update time zone data files to tzdata release 2008c (for DST law changes in Morocco, Iraq, Choibalsan, Pakistan, Syria, Cuba, and Argentina/San_Luis) * Add ECPGget_PGconn() function to ecpglib (Michael) * Fix incorrect result from ecpg's PGTYPEStimestamp_sub() function (Michael) * Fix handling of continuation line markers in ecpg (Michael) * Fix possible crashes in "contrib/cube" functions (Tom) * Fix core dump in "contrib/xml2"'s xpath_table() function when the input query returns a NULL value (Tom) * Fix "contrib/xml2"'s makefile to not override CFLAGS, and make it auto-configure properly for libxslt present or not (Tom) __________________________________________________________________ Release 8.3.1 Release Date: 2008-03-17 This release contains a variety of fixes from 8.3.0. For information about new features in the 8.3 major release, see the Section called Release 8.3. __________________________________________________________________ Migration to Version 8.3.1 A dump/restore is not required for those running 8.3.X. However, you might need to "REINDEX" indexes on textual columns after updating, if you are affected by the Windows locale issue described below. __________________________________________________________________ Changes * Fix character string comparison for Windows locales that consider different character combinations as equal (Tom) This fix applies only on Windows and only when using UTF-8 database encoding. The same fix was made for all other cases over two years ago, but Windows with UTF-8 uses a separate code path that was not updated. If you are using a locale that considers some non-identical strings as equal, you may need to "REINDEX" to fix existing indexes on textual columns. * Repair corner-case bugs in "VACUUM FULL" (Tom) A potential deadlock between concurrent "VACUUM FULL" operations on different system catalogs was introduced in 8.2. This has now been corrected. 8.3 made this worse because the deadlock could occur within a critical code section, making it a PANIC rather than just ERROR condition. Also, a "VACUUM FULL" that failed partway through vacuuming a system catalog could result in cache corruption in concurrent database sessions. Another "VACUUM FULL" bug introduced in 8.3 could result in a crash or out-of-memory report when dealing with pages containing no live tuples. * Fix misbehavior of foreign key checks involving character or bit columns (Tom) If the referencing column were of a different but compatible type (for instance varchar), the constraint was enforced incorrectly. * Avoid needless deadlock failures in no-op foreign-key checks (Stephan Szabo, Tom) * Fix possible core dump when re-planning a prepared query (Tom) This bug affected only protocol-level prepare operations, not SQL "PREPARE", and so tended to be seen only with JDBC, DBI, and other client-side drivers that use prepared statements heavily. * Fix possible failure when re-planning a query that calls an SPI-using function (Tom) * Fix failure in row-wise comparisons involving columns of different datatypes (Tom) * Fix longstanding "LISTEN"/"NOTIFY" race condition (Tom) In rare cases a session that had just executed a "LISTEN" might not get a notification, even though one would be expected because the concurrent transaction executing "NOTIFY" was observed to commit later. A side effect of the fix is that a transaction that has executed a not-yet-committed "LISTEN" command will not see any row in pg_listener for the "LISTEN", should it choose to look; formerly it would have. This behavior was never documented one way or the other, but it is possible that some applications depend on the old behavior. * Disallow "LISTEN" and "UNLISTEN" within a prepared transaction (Tom) This was formerly allowed but trying to do it had various unpleasant consequences, notably that the originating backend could not exit as long as an "UNLISTEN" remained uncommitted. * Disallow dropping a temporary table within a prepared transaction (Heikki) This was correctly disallowed by 8.1, but the check was inadvertently broken in 8.2 and 8.3. * Fix rare crash when an error occurs during a query using a hash index (Heikki) * Fix incorrect comparison of tsquery values (Teodor) * Fix incorrect behavior of LIKE with non-ASCII characters in single-byte encodings (Rolf Jentsch) * Disable xmlvalidate (Tom) This function should have been removed before 8.3 release, but was inadvertently left in the source code. It poses a small security risk since unprivileged users could use it to read the first few characters of any file accessible to the server. * Fix memory leaks in certain usages of set-returning functions (Neil) * Make encode(bytea, 'escape') convert all high-bit-set byte values into \"nnn" octal escape sequences (Tom) This is necessary to avoid encoding problems when the database encoding is multi-byte. This change could pose compatibility issues for applications that are expecting specific results from encode. * Fix input of datetime values for February 29 in years BC (Tom) The former coding was mistaken about which years were leap years. * Fix "unrecognized node type" error in some variants of "ALTER OWNER" (Tom) * Avoid tablespace permissions errors in "CREATE TABLE LIKE INCLUDING INDEXES" (Tom) * Ensure pg_stat_activity.waiting flag is cleared when a lock wait is aborted (Tom) * Fix handling of process permissions on Windows Vista (Dave, Magnus) In particular, this fix allows starting the server as the Administrator user. * Update time zone data files to tzdata release 2008a (in particular, recent Chile changes); adjust timezone abbreviation VET (Venezuela) to mean UTC-4:30, not UTC-4:00 (Tom) * Fix ecpg problems with arrays (Michael) * Fix pg_ctl to correctly extract the postmaster's port number from command-line options (Itagaki Takahiro, Tom) Previously, pg_ctl start -w could try to contact the postmaster on the wrong port, leading to bogus reports of startup failure. * Use "-fwrapv" to defend against possible misoptimization in recent gcc versions (Tom) This is known to be necessary when building PostgreSQL with gcc 4.3 or later. * Enable building "contrib/uuid-ossp" with MSVC (Hiroshi Saito) __________________________________________________________________ Release 8.3 Release Date: 2008-02-04 __________________________________________________________________ Overview With significant new functionality and performance enhancements, this release represents a major leap forward for PostgreSQL. This was made possible by a growing community that has dramatically accelerated the pace of development. This release adds the following major features: * Full text search is integrated into the core database system * Support for the SQL/XML standard, including new operators and an XML data type * Enumerated data types (ENUM) * Arrays of composite types * Universally Unique Identifier (UUID) data type * Add control over whether NULLs sort first or last * Updatable cursors * Server configuration parameters can now be set on a per-function basis * User-defined types can now have type modifiers * Automatically re-plan cached queries when table definitions change or statistics are updated * Numerous improvements in logging and statistics collection * Support Security Service Provider Interface (SSPI) for authentication on Windows * Support multiple concurrent autovacuum processes, and other autovacuum improvements * Allow the whole PostgreSQL distribution to be compiled with Microsoft Visual C++ Major performance improvements are listed below. Most of these enhancements are automatic and do not require user changes or tuning: * Asynchronous commit delays writes to WAL during transaction commit * Checkpoint writes can be spread over a longer time period to smooth the I/O spike during each checkpoint * Heap-Only Tuples (HOT) accelerate space reuse for most "UPDATE"s and "DELETE"s * Just-in-time background writer strategy improves disk write efficiency * Using non-persistent transaction IDs for read-only transactions reduces overhead and "VACUUM" requirements * Per-field and per-row storage overhead has been reduced * Large sequential scans no longer force out frequently used cached pages * Concurrent large sequential scans can now share disk reads * ORDER BY ... LIMIT can be done without sorting The above items are explained in more detail in the sections below. __________________________________________________________________ Migration to Version 8.3 A dump/restore using pg_dump is required for those wishing to migrate data from any previous release. Observe the following incompatibilities: __________________________________________________________________ General * Non-character data types are no longer automatically cast to TEXT (Peter, Tom) Previously, if a non-character value was supplied to an operator or function that requires text input, it was automatically cast to text, for most (though not all) built-in data types. This no longer happens: an explicit cast to text is now required for all non-character-string types. For example, these expressions formerly worked: substr(current_date, 1, 4) 23 LIKE '2%' but will now draw "function does not exist" and "operator does not exist" errors respectively. Use an explicit cast instead: substr(current_date::text, 1, 4) 23::text LIKE '2%' (Of course, you can use the more verbose CAST() syntax too.) The reason for the change is that these automatic casts too often caused surprising behavior. An example is that in previous releases, this expression was accepted but did not do what was expected: current_date < 2017-11-17 This is actually comparing a date to an integer, which should be (and now is) rejected -- but in the presence of automatic casts both sides were cast to text and a textual comparison was done, because the text < text operator was able to match the expression when no other < operator could. Types char(n) and varchar(n) still cast to text automatically. Also, automatic casting to text still works for inputs to the concatenation (||) operator, so long as least one input is a character-string type. * Full text search features from "contrib/tsearch2" have been moved into the core server, with some minor syntax changes "contrib/tsearch2" now contains a compatibility interface. * ARRAY(SELECT ...), where the "SELECT" returns no rows, now returns an empty array, rather than NULL (Tom) * The array type name for a base data type is no longer always the base type's name with an underscore prefix The old naming convention is still honored when possible, but application code should no longer depend on it. Instead use the new pg_type.typarray column to identify the array data type associated with a given type. * ORDER BY ... USING "operator" must now use a less-than or greater-than "operator" that is defined in a btree operator class This restriction was added to prevent inconsistent results. * "SET LOCAL" changes now persist until the end of the outermost transaction, unless rolled back (Tom) Previously "SET LOCAL"'s effects were lost after subtransaction commit ("RELEASE SAVEPOINT" or exit from a PL/pgSQL exception block). * Commands rejected in transaction blocks are now also rejected in multiple-statement query strings (Tom) For example, "BEGIN; DROP DATABASE; COMMIT" will now be rejected even if submitted as a single query message. * "ROLLBACK" outside a transaction block now issues NOTICE instead of WARNING (Bruce) * Prevent "NOTIFY"/"LISTEN"/"UNLISTEN" from accepting schema-qualified names (Bruce) Formerly, these commands accepted schema.relation but ignored the schema part, which was confusing. * "ALTER SEQUENCE" no longer affects the sequence's currval() state (Tom) * Foreign keys now must match indexable conditions for cross-data-type references (Tom) This improves semantic consistency and helps avoid performance problems. * Restrict object size functions to users who have reasonable permissions to view such information (Tom) For example, pg_database_size() now requires CONNECT permission, which is granted to everyone by default. pg_tablespace_size() requires CREATE permission in the tablespace, or is allowed if the tablespace is the default tablespace for the database. * Remove the undocumented !!= (not in) operator (Tom) NOT IN (SELECT ...) is the proper way to perform this operation. * Internal hashing functions are now more uniformly-distributed (Tom) If application code was computing and storing hash values using internal PostgreSQL hashing functions, the hash values must be regenerated. * C-code conventions for handling variable-length data values have changed (Greg Stark, Tom) The new SET_VARSIZE() macro *must* be used to set the length of generated varlena values. Also, it might be necessary to expand ("de-TOAST") input values in more cases. * Continuous archiving no longer reports each successful archive operation to the server logs unless DEBUG level is used (Simon) __________________________________________________________________ Configuration Parameters * Numerous changes in administrative server parameters bgwriter_lru_percent, bgwriter_all_percent, bgwriter_all_maxpages, stats_start_collector, and stats_reset_on_server_start are removed. redirect_stderr is renamed to logging_collector. stats_command_string is renamed to track_activities. stats_block_level and stats_row_level are merged into track_counts. A new boolean configuration parameter, archive_mode, controls archiving. Autovacuum's default settings have changed. * Remove stats_start_collector parameter (Tom) We now always start the collector process, unless UDP socket creation fails. * Remove stats_reset_on_server_start parameter (Tom) This was removed because pg_stat_reset() can be used for this purpose. * Commenting out a parameter in "postgresql.conf" now causes it to revert to its default value (Joachim Wieland) Previously, commenting out an entry left the parameter's value unchanged until the next server restart. __________________________________________________________________ Character Encodings * Add more checks for invalidly-encoded data (Andrew) This change plugs some holes that existed in literal backslash escape string processing and "COPY" escape processing. Now the de-escaped string is rechecked to see if the result created an invalid multi-byte character. * Disallow database encodings that are inconsistent with the server's locale setting (Tom) On most platforms, C locale is the only locale that will work with any database encoding. Other locale settings imply a specific encoding and will misbehave if the database encoding is something different. (Typical symptoms include bogus textual sort order and wrong results from upper() or lower().) The server now rejects attempts to create databases that have an incompatible encoding. * Ensure that chr() cannot create invalidly-encoded values (Andrew) In UTF8-encoded databases the argument of chr() is now treated as a Unicode code point. In other multi-byte encodings chr()'s argument must designate a 7-bit ASCII character. Zero is no longer accepted. ascii() has been adjusted to match. * Adjust convert() behavior to ensure encoding validity (Andrew) The two argument form of convert() has been removed. The three argument form now takes a bytea first argument and returns a bytea. To cover the loss of functionality, three new functions have been added: + convert_from(bytea, name) returns text -- converts the first argument from the named encoding to the database encoding + convert_to(text, name) returns bytea -- converts the first argument from the database encoding to the named encoding + length(bytea, name) returns integer -- gives the length of the first argument in characters in the named encoding * Remove convert(argument USING conversion_name) (Andrew) Its behavior did not match the SQL standard. * Make JOHAB encoding client-only (Tatsuo) JOHAB is not safe as a server-side encoding. __________________________________________________________________ Changes Below you will find a detailed account of the changes between PostgreSQL 8.3 and the previous major release. __________________________________________________________________ Performance * Asynchronous commit delays writes to WAL during transaction commit (Simon) This feature dramatically increases performance for short data-modifying transactions. The disadvantage is that because disk writes are delayed, if the database or operating system crashes before data is written to the disk, committed data will be lost. This feature is useful for applications that can accept some data loss. Unlike turning off fsync, using asynchronous commit does not put database consistency at risk; the worst case is that after a crash the last few reportedly-committed transactions might not be committed after all. This feature is enabled by turning off synchronous_commit (which can be done per-session or per-transaction, if some transactions are critical and others are not). wal_writer_delay can be adjusted to control the maximum delay before transactions actually reach disk. * Checkpoint writes can be spread over a longer time period to smooth the I/O spike during each checkpoint (Itagaki Takahiro and Heikki Linnakangas) Previously all modified buffers were forced to disk as quickly as possible during a checkpoint, causing an I/O spike that decreased server performance. This new approach spreads out disk writes during checkpoints, reducing peak I/O usage. (User-requested and shutdown checkpoints are still written as quickly as possible.) * Heap-Only Tuples (HOT) accelerate space reuse for most "UPDATE"s and "DELETE"s (Pavan Deolasee, with ideas from many others) "UPDATE"s and "DELETE"s leave dead tuples behind, as do failed "INSERT"s. Previously only "VACUUM" could reclaim space taken by dead tuples. With HOT dead tuple space can be automatically reclaimed at the time of "INSERT" or "UPDATE" if no changes are made to indexed columns. This allows for more consistent performance. Also, HOT avoids adding duplicate index entries. * Just-in-time background writer strategy improves disk write efficiency (Greg Smith, Itagaki Takahiro) This greatly reduces the need for manual tuning of the background writer. * Per-field and per-row storage overhead have been reduced (Greg Stark, Heikki Linnakangas) Variable-length data types with data values less than 128 bytes long will see a storage decrease of 3 to 6 bytes. For example, two adjacent char(1) fields now use 4 bytes instead of 16. Row headers are also 4 bytes shorter than before. * Using non-persistent transaction IDs for read-only transactions reduces overhead and "VACUUM" requirements (Florian Pflug) Non-persistent transaction IDs do not increment the global transaction counter. Therefore, they reduce the load on pg_clog and increase the time between forced vacuums to prevent transaction ID wraparound. Other performance improvements were also made that should improve concurrency. * Avoid incrementing the command counter after a read-only command (Tom) There was formerly a hard limit of 2^32 (4 billion) commands per transaction. Now only commands that actually changed the database count, so while this limit still exists, it should be significantly less annoying. * Create a dedicated WAL writer process to off-load work from backends (Simon) * Skip unnecessary WAL writes for "CLUSTER" and "COPY" (Simon) Unless WAL archiving is enabled, the system now avoids WAL writes for "CLUSTER" and just fsync()s the table at the end of the command. It also does the same for "COPY" if the table was created in the same transaction. * Large sequential scans no longer force out frequently used cached pages (Simon, Heikki, Tom) * Concurrent large sequential scans can now share disk reads (Jeff Davis) This is accomplished by starting the new sequential scan in the middle of the table (where another sequential scan is already in-progress) and wrapping around to the beginning to finish. This can affect the order of returned rows in a query that does not specify ORDER BY. The synchronize_seqscans configuration parameter can be used to disable this if necessary. * ORDER BY ... LIMIT can be done without sorting (Greg Stark) This is done by sequentially scanning the table and tracking just the "top N" candidate rows, rather than performing a full sort of the entire table. This is useful when there is no matching index and the LIMIT is not large. * Put a rate limit on messages sent to the statistics collector by backends (Tom) This reduces overhead for short transactions, but might sometimes increase the delay before statistics are tallied. * Improve hash join performance for cases with many NULLs (Tom) * Speed up operator lookup for cases with non-exact datatype matches (Tom) __________________________________________________________________ Server * Autovacuum is now enabled by default (Alvaro) Several changes were made to eliminate disadvantages of having autovacuum enabled, thereby justifying the change in default. Several other autovacuum parameter defaults were also modified. * Support multiple concurrent autovacuum processes (Alvaro, Itagaki Takahiro) This allows multiple vacuums to run concurrently. This prevents vacuuming of a large table from delaying vacuuming of smaller tables. * Automatically re-plan cached queries when table definitions change or statistics are updated (Tom) Previously PL/pgSQL functions that referenced temporary tables would fail if the temporary table was dropped and recreated between function invocations, unless EXECUTE was used. This improvement fixes that problem and many related issues. * Add a temp_tablespaces parameter to control the tablespaces for temporary tables and files (Jaime Casanova, Albert Cervera, Bernd Helmle) This parameter defines a list of tablespaces to be used. This enables spreading the I/O load across multiple tablespaces. A random tablespace is chosen each time a temporary object is created. Temporary files are no longer stored in per-database "pgsql_tmp/" directories but in per-tablespace directories. * Place temporary tables' TOAST tables in special schemas named pg_toast_temp_nnn (Tom) This allows low-level code to recognize these tables as temporary, which enables various optimizations such as not WAL-logging changes and using local rather than shared buffers for access. This also fixes a bug wherein backends unexpectedly held open file references to temporary TOAST tables. * Fix problem that a constant flow of new connection requests could indefinitely delay the postmaster from completing a shutdown or a crash restart (Tom) * Guard against a very-low-probability data loss scenario by preventing re-use of a deleted table's relfilenode until after the next checkpoint (Heikki) * Fix "CREATE CONSTRAINT TRIGGER" to convert old-style foreign key trigger definitions into regular foreign key constraints (Tom) This will ease porting of foreign key constraints carried forward from pre-7.3 databases, if they were never converted using "contrib/adddepend". * Fix DEFAULT NULL to override inherited defaults (Tom) DEFAULT NULL was formerly considered a noise phrase, but it should (and now does) override non-null defaults that would otherwise be inherited from a parent table or domain. * Add new encodings EUC_JIS_2004 and SHIFT_JIS_2004 (Tatsuo) These new encodings can be converted to and from UTF-8. * Change server startup log message from "database system is ready" to "database system is ready to accept connections", and adjust its timing The message now appears only when the postmaster is really ready to accept connections. __________________________________________________________________ Monitoring * Add log_autovacuum_min_duration parameter to support configurable logging of autovacuum activity (Simon, Alvaro) * Add log_lock_waits parameter to log lock waiting (Simon) * Add log_temp_files parameter to log temporary file usage (Bill Moran) * Add log_checkpoints parameter to improve logging of checkpoints (Greg Smith, Heikki) * log_line_prefix now supports %s and %c escapes in all processes (Andrew) Previously these escapes worked only for user sessions, not for background database processes. * Add log_restartpoints to control logging of point-in-time recovery restart points (Simon) * Last transaction end time is now logged at end of recovery and at each logged restart point (Simon) * Autovacuum now reports its activity start time in pg_stat_activity (Tom) * Allow server log output in comma-separated value (CSV) format (Arul Shaji, Greg Smith, Andrew Dunstan) CSV-format log files can easily be loaded into a database table for subsequent analysis. * Use PostgreSQL-supplied timezone support for formatting timestamps displayed in the server log (Tom) This avoids Windows-specific problems with localized time zone names that are in the wrong encoding. There is a new log_timezone parameter that controls the timezone used in log messages, independently of the client-visible timezone parameter. * New system view pg_stat_bgwriter displays statistics about background writer activity (Magnus) * Add new columns for database-wide tuple statistics to pg_stat_database (Magnus) * Add an xact_start (transaction start time) column to pg_stat_activity (Neil) This makes it easier to identify long-running transactions. * Add n_live_tuples and n_dead_tuples columns to pg_stat_all_tables and related views (Glen Parker) * Merge stats_block_level and stats_row_level parameters into a single parameter track_counts, which controls all messages sent to the statistics collector process (Tom) * Rename stats_command_string parameter to track_activities (Tom) * Fix statistical counting of live and dead tuples to recognize that committed and aborted transactions have different effects (Tom) __________________________________________________________________ Authentication * Support Security Service Provider Interface (SSPI) for authentication on Windows (Magnus) * Support GSSAPI authentication (Henry Hotz, Magnus) This should be preferred to native Kerberos authentication because GSSAPI is an industry standard. * Support a global SSL configuration file (Victor Wagner) * Add ssl_ciphers parameter to control accepted SSL ciphers (Victor Wagner) * Add a Kerberos realm parameter, krb_realm (Magnus) __________________________________________________________________ Write-Ahead Log (WAL) and Continuous Archiving * Change the timestamps recorded in transaction WAL records from time_t to TimestampTz representation (Tom) This provides sub-second resolution in WAL, which can be useful for point-in-time recovery. * Reduce WAL disk space needed by warm standby servers (Simon) This change allows a warm standby server to pass the name of the earliest still-needed WAL file to the recovery script, allowing automatic removal of no-longer-needed WAL files. This is done using %r in the restore_command parameter of "recovery.conf". * New boolean configuration parameter, archive_mode, controls archiving (Simon) Previously setting archive_command to an empty string turned off archiving. Now archive_mode turns archiving on and off, independently of archive_command. This is useful for stopping archiving temporarily. __________________________________________________________________ Queries * Full text search is integrated into the core database system (Teodor, Oleg) Text search has been improved, moved into the core code, and is now installed by default. "contrib/tsearch2" now contains a compatibility interface. * Add control over whether NULLs sort first or last (Teodor, Tom) The syntax is ORDER BY ... NULLS FIRST/LAST. * Allow per-column ascending/descending (ASC/DESC) ordering options for indexes (Teodor, Tom) Previously a query using ORDER BY with mixed ASC/DESC specifiers could not fully use an index. Now an index can be fully used in such cases if the index was created with matching ASC/DESC specifications. NULL sort order within an index can be controlled, too. * Allow col IS NULL to use an index (Teodor) * Updatable cursors (Arul Shaji, Tom) This eliminates the need to reference a primary key to "UPDATE" or "DELETE" rows returned by a cursor. The syntax is UPDATE/DELETE WHERE CURRENT OF. * Allow FOR UPDATE in cursors (Arul Shaji, Tom) * Create a general mechanism that supports casts to and from the standard string types (TEXT, VARCHAR, CHAR) for *every* datatype, by invoking the datatype's I/O functions (Tom) Previously, such casts were available only for types that had specialized function(s) for the purpose. These new casts are assignment-only in the to-string direction, explicit-only in the other direction, and therefore should create no surprising behavior. * Allow UNION and related constructs to return a domain type, when all inputs are of that domain type (Tom) Formerly, the output would be considered to be of the domain's base type. * Allow limited hashing when using two different data types (Tom) This allows hash joins, hash indexes, hashed subplans, and hash aggregation to be used in situations involving cross-data-type comparisons, if the data types have compatible hash functions. Currently, cross-data-type hashing support exists for smallint/integer/bigint, and for float4/float8. * Improve optimizer logic for detecting when variables are equal in a WHERE clause (Tom) This allows mergejoins to work with descending sort orders, and improves recognition of redundant sort columns. * Improve performance when planning large inheritance trees in cases where most tables are excluded by constraints (Tom) __________________________________________________________________ Object Manipulation * Arrays of composite types (David Fetter, Andrew, Tom) In addition to arrays of explicitly-declared composite types, arrays of the rowtypes of regular tables and views are now supported, except for rowtypes of system catalogs, sequences, and TOAST tables. * Server configuration parameters can now be set on a per-function basis (Tom) For example, functions can now set their own search_path to prevent unexpected behavior if a different search_path exists at run-time. Security definer functions should set search_path to avoid security loopholes. * "CREATE/ALTER FUNCTION" now supports COST and ROWS options (Tom) COST allows specification of the cost of a function call. ROWS allows specification of the average number or rows returned by a set-returning function. These values are used by the optimizer in choosing the best plan. * Implement "CREATE TABLE LIKE ... INCLUDING INDEXES" (Trevor Hardcastle, Nikhil Sontakke, Neil) * Allow "CREATE INDEX CONCURRENTLY" to ignore transactions in other databases (Simon) * Add "ALTER VIEW ... RENAME TO" and "ALTER SEQUENCE ... RENAME TO" (David Fetter, Neil) Previously this could only be done via "ALTER TABLE ... RENAME TO". * Make "CREATE/DROP/RENAME DATABASE" wait briefly for conflicting backends to exit before failing (Tom) This increases the likelihood that these commands will succeed. * Allow triggers and rules to be deactivated in groups using a configuration parameter, for replication purposes (Jan) This allows replication systems to disable triggers and rewrite rules as a group without modifying the system catalogs directly. The behavior is controlled by "ALTER TABLE" and a new parameter session_replication_role. * User-defined types can now have type modifiers (Teodor, Tom) This allows a user-defined type to take a modifier, like ssnum(7). Previously only built-in data types could have modifiers. __________________________________________________________________ Utility Commands * Non-superuser database owners now are able to add trusted procedural languages to their databases by default (Jeremy Drake) While this is reasonably safe, some administrators might wish to revoke the privilege. It is controlled by pg_pltemplate.tmpldbacreate. * Allow a session's current parameter setting to be used as the default for future sessions (Tom) This is done with SET ... FROM CURRENT in "CREATE/ALTER FUNCTION", "ALTER DATABASE", or "ALTER ROLE". * Implement new commands "DISCARD ALL", "DISCARD PLANS", "DISCARD TEMPORARY", "CLOSE ALL", and "DEALLOCATE ALL" (Marko Kreen, Neil) These commands simplify resetting a database session to its initial state, and are particularly useful for connection-pooling software. * Make "CLUSTER" MVCC-safe (Heikki Linnakangas) Formerly, "CLUSTER" would discard all tuples that were committed dead, even if there were still transactions that should be able to see them under MVCC visibility rules. * Add new "CLUSTER" syntax: CLUSTER table USING index (Holger Schurig) The old "CLUSTER" syntax is still supported, but the new form is considered more logical. * Fix "EXPLAIN" so it can show complex plans more accurately (Tom) References to subplan outputs are now always shown correctly, instead of using ?columnN? for complicated cases. * Limit the amount of information reported when a user is dropped (Alvaro) Previously, dropping (or attempting to drop) a user who owned many objects could result in large NOTICE or ERROR messages listing all these objects; this caused problems for some client applications. The length of the message is now limited, although a full list is still sent to the server log. __________________________________________________________________ Data Types * Support for the SQL/XML standard, including new operators and an XML data type (Nikolay Samokhvalov, Pavel Stehule, Peter) * Enumerated data types (ENUM) (Tom Dunstan) This feature provides convenient support for fields that have a small, fixed set of allowed values. An example of creating an ENUM type is CREATE TYPE mood AS ENUM ('sad', 'ok', 'happy'). * Universally Unique Identifier (UUID) data type (Gevik Babakhani, Neil) This closely matches RFC 4122. * Widen the MONEY data type to 64 bits (D'Arcy Cain) This greatly increases the range of supported MONEY values. * Fix float4/float8 to handle Infinity and NAN (Not A Number) consistently (Bruce) The code formerly was not consistent about distinguishing Infinity from overflow conditions. * Allow leading and trailing whitespace during input of boolean values (Neil) * Prevent "COPY" from using digits and lowercase letters as delimiters (Tom) __________________________________________________________________ Functions * Add new regular expression functions regexp_matches(), regexp_split_to_array(), and regexp_split_to_table() (Jeremy Drake, Neil) These functions provide extraction of regular expression subexpressions and allow splitting a string using a POSIX regular expression. * Add lo_truncate() for large object truncation (Kris Jurka) * Implement width_bucket() for the float8 data type (Neil) * Add pg_stat_clear_snapshot() to discard statistics snapshots collected during the current transaction (Tom) The first request for statistics in a transaction takes a statistics snapshot that does not change during the transaction. This function allows the snapshot to be discarded and a new snapshot loaded during the next statistics query. This is particularly useful for PL/pgSQL functions, which are confined to a single transaction. * Add isodow option to EXTRACT() and date_part() (Bruce) This returns the day of the week, with Sunday as seven. (dow returns Sunday as zero.) * Add ID (ISO day of week) and IDDD (ISO day of year) format codes for to_char(), to_date(), and to_timestamp() (Brendan Jurd) * Make to_timestamp() and to_date() assume TM (trim) option for potentially variable-width fields (Bruce) This matches Oracle's behavior. * Fix off-by-one conversion error in to_date()/to_timestamp() D (non-ISO day of week) fields (Bruce) * Make setseed() return void, rather than a useless integer value (Neil) * Add a hash function for NUMERIC (Neil) This allows hash indexes and hash-based plans to be used with NUMERIC columns. * Improve efficiency of LIKE/ILIKE, especially for multi-byte character sets like UTF-8 (Andrew, Itagaki Takahiro) * Make currtid() functions require SELECT privileges on the target table (Tom) * Add several txid_*() functions to query active transaction IDs (Jan) This is useful for various replication solutions. __________________________________________________________________ PL/pgSQL Server-Side Language * Add scrollable cursor support, including directional control in "FETCH" (Pavel Stehule) * Allow IN as an alternative to FROM in PL/pgSQL's "FETCH" statement, for consistency with the backend's "FETCH" command (Pavel Stehule) * Add "MOVE" to PL/pgSQL (Magnus, Pavel Stehule, Neil) * Implement "RETURN QUERY" (Pavel Stehule, Neil) This adds convenient syntax for PL/pgSQL set-returning functions that want to return the result of a query. "RETURN QUERY" is easier and more efficient than a loop around "RETURN NEXT". * Allow function parameter names to be qualified with the function's name (Tom) For example, myfunc.myvar. This is particularly useful for specifying variables in a query where the variable name might match a column name. * Make qualification of variables with block labels work properly (Tom) Formerly, outer-level block labels could unexpectedly interfere with recognition of inner-level record or row references. * Tighten requirements for FOR loop STEP values (Tom) Prevent non-positive STEP values, and handle loop overflows. * Improve accuracy when reporting syntax error locations (Tom) __________________________________________________________________ Other Server-Side Languages * Allow type-name arguments to PL/Perl spi_prepare() to be data type aliases in addition to names found in pg_type (Andrew) * Allow type-name arguments to PL/Python plpy.prepare() to be data type aliases in addition to names found in pg_type (Andrew) * Allow type-name arguments to PL/Tcl spi_prepare to be data type aliases in addition to names found in pg_type (Andrew) * Enable PL/PythonU to compile on Python 2.5 (Marko Kreen) * Support a true PL/Python boolean type in compatible Python versions (Python 2.3 and later) (Marko Kreen) * Fix PL/Tcl problems with thread-enabled "libtcl" spawning multiple threads within the backend (Steve Marshall, Paul Bayer, Doug Knight) This caused all sorts of unpleasantness. __________________________________________________________________ psql * List disabled triggers separately in \d output (Brendan Jurd) * In \d patterns, always match $ literally (Tom) * Show aggregate return types in \da output (Greg Sabino Mullane) * Add the function's volatility status to the output of \df+ (Neil) * Add \prompt capability (Chad Wagner) * Allow \pset, \t, and \x to specify on or off, rather than just toggling (Chad Wagner) * Add \sleep capability (Jan) * Enable \timing output for \copy (Andrew) * Improve \timing resolution on Windows (Itagaki Takahiro) * Flush \o output after each backslash command (Tom) * Correctly detect and report errors while reading a -f input file (Peter) * Remove -u option (this option has long been deprecated) (Tom) __________________________________________________________________ pg_dump * Add --tablespaces-only and --roles-only options to pg_dumpall (Dave Page) * Add an output file option to pg_dumpall (Dave Page) This is primarily useful on Windows, where output redirection of child pg_dump processes does not work. * Allow pg_dumpall to accept an initial-connection database name rather than the default template1 (Dave Page) * In -n and -t switches, always match $ literally (Tom) * Improve performance when a database has thousands of objects (Tom) * Remove -u option (this option has long been deprecated) (Tom) __________________________________________________________________ Other Client Applications * In initdb, allow the location of the "pg_xlog" directory to be specified (Euler Taveira de Oliveira) * Enable server core dump generation in pg_regress on supported operating systems (Andrew) * Add a -t (timeout) parameter to pg_ctl (Bruce) This controls how long pg_ctl will wait when waiting for server startup or shutdown. Formerly the timeout was hard-wired as 60 seconds. * Add a pg_ctl option to control generation of server core dumps (Andrew) * Allow Control-C to cancel clusterdb, reindexdb, and vacuumdb (Itagaki Takahiro, Magnus) * Suppress command tag output for createdb, createuser, dropdb, and dropuser (Peter) The --quiet option is ignored and will be removed in 8.4. Progress messages when acting on all databases now go to stdout instead of stderr because they are not actually errors. __________________________________________________________________ libpq * Interpret the dbName parameter of PQsetdbLogin() as a conninfo string if it contains an equals sign (Andrew) This allows use of conninfo strings in client programs that still use PQsetdbLogin(). * Support a global SSL configuration file (Victor Wagner) * Add environment variable PGSSLKEY to control SSL hardware keys (Victor Wagner) * Add lo_truncate() for large object truncation (Kris Jurka) * Add PQconnectionNeedsPassword() that returns true if the server required a password but none was supplied (Joe Conway, Tom) If this returns true after a failed connection attempt, a client application should prompt the user for a password. In the past applications have had to check for a specific error message string to decide whether a password is needed; that approach is now deprecated. * Add PQconnectionUsedPassword() that returns true if the supplied password was actually used (Joe Conway, Tom) This is useful in some security contexts where it is important to know whether a user-supplied password is actually valid. __________________________________________________________________ ecpg * Use V3 frontend/backend protocol (Michael) This adds support for server-side prepared statements. * Use native threads, instead of pthreads, on Windows (Magnus) * Improve thread-safety of ecpglib (Itagaki Takahiro) * Make the ecpg libraries export only necessary API symbols (Michael) __________________________________________________________________ Windows Port * Allow the whole PostgreSQL distribution to be compiled with Microsoft Visual C++ (Magnus and others) This allows Windows-based developers to use familiar development and debugging tools. Windows executables made with Visual C++ might also have better stability and performance than those made with other tool sets. The client-only Visual C++ build scripts have been removed. * Drastically reduce postmaster's memory usage when it has many child processes (Magnus) * Allow regression tests to be started by an administrative user (Magnus) * Add native shared memory implementation (Magnus) __________________________________________________________________ Server Programming Interface (SPI) * Add cursor-related functionality in SPI (Pavel Stehule) Allow access to the cursor-related planning options, and add "FETCH"/"MOVE" routines. * Allow execution of cursor commands through SPI_execute (Tom) The macro SPI_ERROR_CURSOR still exists but will never be returned. * SPI plan pointers are now declared as SPIPlanPtr instead of void * (Tom) This does not break application code, but switching is recommended to help catch simple programming mistakes. __________________________________________________________________ Build Options * Add configure option --enable-profiling to enable code profiling (works only with gcc) (Korry Douglas and Nikhil Sontakke) * Add configure option --with-system-tzdata to use the operating system's time zone database (Peter) * Fix PGXS so extensions can be built against PostgreSQL installations whose pg_config program does not appear first in the PATH (Tom) * Support "gmake draft" when building the SGML documentation (Bruce) Unless draft is used, the documentation build will now be repeated if necessary to ensure the index is up-to-date. __________________________________________________________________ Source Code * Rename macro DLLIMPORT to PGDLLIMPORT to avoid conflicting with third party includes (like Tcl) that define DLLIMPORT (Magnus) * Create "operator families" to improve planning of queries involving cross-data-type comparisons (Tom) * Update GIN extractQuery() API to allow signalling that nothing can satisfy the query (Teodor) * Move NAMEDATALEN definition from "postgres_ext.h" to "pg_config_manual.h" (Peter) * Provide strlcpy() and strlcat() on all platforms, and replace error-prone uses of strncpy(), strncat(), etc (Peter) * Create hooks to let an external plugin monitor (or even replace) the planner and create plans for hypothetical situations (Gurjeet Singh, Tom) * Create a function variable join_search_hook to let plugins override the join search order portion of the planner (Julius Stroffek) * Add tas() support for Renesas' M32R processor (Kazuhiro Inaoka) * quote_identifier() and pg_dump no longer quote keywords that are unreserved according to the grammar (Tom) * Change the on-disk representation of the NUMERIC data type so that the sign_dscale word comes before the weight (Tom) * Use SYSV semaphores rather than POSIX on Darwin >= 6.0, i.e., OS X 10.2 and up (Chris Marcellino) * Add acronym and NFS documentation sections (Bruce) * "Postgres" is now documented as an accepted alias for "PostgreSQL" (Peter) * Add documentation about preventing database server spoofing when the server is down (Bruce) __________________________________________________________________ Contrib * Move "contrib" "README" content into the main PostgreSQL documentation (Albert Cervera i Areny) * Add "contrib/pageinspect" module for low-level page inspection (Simon, Heikki) * Add "contrib/pg_standby" module for controlling warm standby operation (Simon) * Add "contrib/uuid-ossp" module for generating UUID values using the OSSP UUID library (Peter) Use configure --with-ossp-uuid to activate. This takes advantage of the new UUID builtin type. * Add "contrib/dict_int", "contrib/dict_xsyn", and "contrib/test_parser" modules to provide sample add-on text search dictionary templates and parsers (Sergey Karpov) * Allow contrib/pgbench to set the fillfactor (Pavan Deolasee) * Add timestamps to contrib/pgbench -l (Greg Smith) * Add usage count statistics to "contrib/pgbuffercache" (Greg Smith) * Add GIN support for "contrib/hstore" (Teodor) * Add GIN support for "contrib/pg_trgm" (Guillaume Smet, Teodor) * Update OS/X startup scripts in "contrib/start-scripts" (Mark Cotner, David Fetter) * Restrict pgrowlocks() and dblink_get_pkey() to users who have SELECT privilege on the target table (Tom) * Restrict "contrib/pgstattuple" functions to superusers (Tom) * "contrib/xml2" is deprecated and planned for removal in 8.4 (Peter) The new XML support in core PostgreSQL supersedes this module. __________________________________________________________________ Release 8.2.23 Release Date: 2011-12-05 This release contains a variety of fixes from 8.2.22. For information about new features in the 8.2 major release, see the Section called Release 8.2. This is expected to be the last PostgreSQL release in the 8.2.X series. Users are encouraged to update to a newer release branch soon. __________________________________________________________________ Migration to Version 8.2.23 A dump/restore is not required for those running 8.2.X. However, a longstanding error was discovered in the definition of the information_schema.referential_constraints view. If you rely on correct results from that view, you should replace its definition as explained in the first changelog item below. Also, if you are upgrading from a version earlier than 8.2.14, see the release notes for 8.2.14. __________________________________________________________________ Changes * Fix bugs in information_schema.referential_constraints view (Tom Lane) This view was being insufficiently careful about matching the foreign-key constraint to the depended-on primary or unique key constraint. That could result in failure to show a foreign key constraint at all, or showing it multiple times, or claiming that it depends on a different constraint than the one it really does. Since the view definition is installed by initdb, merely upgrading will not fix the problem. If you need to fix this in an existing installation, you can (as a superuser) drop the information_schema schema then re-create it by sourcing "SHAREDIR/information_schema.sql". (Run pg_config --sharedir if you're uncertain where "SHAREDIR" is.) This must be repeated in each database to be fixed. * Fix TOAST-related data corruption during CREATE TABLE dest AS SELECT * FROM src or INSERT INTO dest SELECT * FROM src (Tom Lane) If a table has been modified by "ALTER TABLE ADD COLUMN", attempts to copy its data verbatim to another table could produce corrupt results in certain corner cases. The problem can only manifest in this precise form in 8.4 and later, but we patched earlier versions as well in case there are other code paths that could trigger the same bug. * Fix race condition during toast table access from stale syscache entries (Tom Lane) The typical symptom was transient errors like "missing chunk number 0 for toast value NNNNN in pg_toast_2619", where the cited toast table would always belong to a system catalog. * Improve locale support in money type's input and output (Tom Lane) Aside from not supporting all standard lc_monetary formatting options, the input and output functions were inconsistent, meaning there were locales in which dumped money values could not be re-read. * Don't let transform_null_equals affect CASE foo WHEN NULL ... constructs (Heikki Linnakangas) transform_null_equals is only supposed to affect foo = NULL expressions written directly by the user, not equality checks generated internally by this form of CASE. * Change foreign-key trigger creation order to better support self-referential foreign keys (Tom Lane) For a cascading foreign key that references its own table, a row update will fire both the ON UPDATE trigger and the CHECK trigger as one event. The ON UPDATE trigger must execute first, else the CHECK will check a non-final state of the row and possibly throw an inappropriate error. However, the firing order of these triggers is determined by their names, which generally sort in creation order since the triggers have auto-generated names following the convention "RI_ConstraintTrigger_NNNN". A proper fix would require modifying that convention, which we will do in 9.2, but it seems risky to change it in existing releases. So this patch just changes the creation order of the triggers. Users encountering this type of error should drop and re-create the foreign key constraint to get its triggers into the right order. * Preserve blank lines within commands in psql's command history (Robert Haas) The former behavior could cause problems if an empty line was removed from within a string literal, for example. * Use the preferred version of xsubpp to build PL/Perl, not necessarily the operating system's main copy (David Wheeler and Alex Hunsaker) * Honor query cancel interrupts promptly in pgstatindex() (Robert Haas) * Ensure VPATH builds properly install all server header files (Peter Eisentraut) * Shorten file names reported in verbose error messages (Peter Eisentraut) Regular builds have always reported just the name of the C file containing the error message call, but VPATH builds formerly reported an absolute path name. * Fix interpretation of Windows timezone names for Central America (Tom Lane) Map "Central America Standard Time" to CST6, not CST6CDT, because DST is generally not observed anywhere in Central America. * Update time zone data files to tzdata release 2011n for DST law changes in Brazil, Cuba, Fiji, Palestine, Russia, and Samoa; also historical corrections for Alaska and British East Africa. __________________________________________________________________ Release 8.2.22 Release Date: 2011-09-26 This release contains a variety of fixes from 8.2.21. For information about new features in the 8.2 major release, see the Section called Release 8.2. The PostgreSQL community will stop releasing updates for the 8.2.X release series in December 2011. Users are encouraged to update to a newer release branch soon. __________________________________________________________________ Migration to Version 8.2.22 A dump/restore is not required for those running 8.2.X. However, if you are upgrading from a version earlier than 8.2.14, see the release notes for 8.2.14. __________________________________________________________________ Changes * Fix multiple bugs in GiST index page split processing (Heikki Linnakangas) The probability of occurrence was low, but these could lead to index corruption. * Avoid possibly accessing off the end of memory in "ANALYZE" (Noah Misch) This fixes a very-low-probability server crash scenario. * Fix race condition in relcache init file invalidation (Tom Lane) There was a window wherein a new backend process could read a stale init file but miss the inval messages that would tell it the data is stale. The result would be bizarre failures in catalog accesses, typically "could not read block 0 in file ..." later during startup. * Fix memory leak at end of a GiST index scan (Tom Lane) Commands that perform many separate GiST index scans, such as verification of a new GiST-based exclusion constraint on a table already containing many rows, could transiently require large amounts of memory due to this leak. * Fix performance problem when constructing a large, lossy bitmap (Tom Lane) * Fix array- and path-creating functions to ensure padding bytes are zeroes (Tom Lane) This avoids some situations where the planner will think that semantically-equal constants are not equal, resulting in poor optimization. * Work around gcc 4.6.0 bug that breaks WAL replay (Tom Lane) This could lead to loss of committed transactions after a server crash. * Fix dump bug for VALUES in a view (Tom Lane) * Disallow SELECT FOR UPDATE/SHARE on sequences (Tom Lane) This operation doesn't work as expected and can lead to failures. * Defend against integer overflow when computing size of a hash table (Tom Lane) * Fix portability bugs in use of credentials control messages for "peer" authentication (Tom Lane) * Fix typo in pg_srand48 seed initialization (Andres Freund) This led to failure to use all bits of the provided seed. This function is not used on most platforms (only those without srandom), and the potential security exposure from a less-random-than-expected seed seems minimal in any case. * Avoid integer overflow when the sum of LIMIT and OFFSET values exceeds 2^63 (Heikki Linnakangas) * Add overflow checks to int4 and int8 versions of generate_series() (Robert Haas) * Fix trailing-zero removal in to_char() (Marti Raudsepp) In a format with FM and no digit positions after the decimal point, zeroes to the left of the decimal point could be removed incorrectly. * Fix pg_size_pretty() to avoid overflow for inputs close to 2^63 (Tom Lane) * Fix psql's counting of script file line numbers during COPY from a different file (Tom Lane) * Fix pg_restore's direct-to-database mode for standard_conforming_strings (Tom Lane) pg_restore could emit incorrect commands when restoring directly to a database server from an archive file that had been made with standard_conforming_strings set to on. * Fix write-past-buffer-end and memory leak in libpq's LDAP service lookup code (Albe Laurenz) * In libpq, avoid failures when using nonblocking I/O and an SSL connection (Martin Pihlak, Tom Lane) * Improve libpq's handling of failures during connection startup (Tom Lane) In particular, the response to a server report of fork() failure during SSL connection startup is now saner. * Make ecpglib write double values with 15 digits precision (Akira Kurosawa) * Apply upstream fix for blowfish signed-character bug (CVE-2011-2483) (Tom Lane) "contrib/pg_crypto"'s blowfish encryption code could give wrong results on platforms where char is signed (which is most), leading to encrypted passwords being weaker than they should be. * Fix memory leak in "contrib/seg" (Heikki Linnakangas) * Fix pgstatindex() to give consistent results for empty indexes (Tom Lane) * Allow building with perl 5.14 (Alex Hunsaker) * Update configure script's method for probing existence of system functions (Tom Lane) The version of autoconf we used in 8.3 and 8.2 could be fooled by compilers that perform link-time optimization. * Fix assorted issues with build and install file paths containing spaces (Tom Lane) * Update time zone data files to tzdata release 2011i for DST law changes in Canada, Egypt, Russia, Samoa, and South Sudan. __________________________________________________________________ Release 8.2.21 Release Date: 2011-04-18 This release contains a variety of fixes from 8.2.20. For information about new features in the 8.2 major release, see the Section called Release 8.2. __________________________________________________________________ Migration to Version 8.2.21 A dump/restore is not required for those running 8.2.X. However, if you are upgrading from a version earlier than 8.2.14, see the release notes for 8.2.14. __________________________________________________________________ Changes * Avoid potential deadlock during catalog cache initialization (Nikhil Sontakke) In some cases the cache loading code would acquire share lock on a system index before locking the index's catalog. This could deadlock against processes trying to acquire exclusive locks in the other, more standard order. * Fix dangling-pointer problem in BEFORE ROW UPDATE trigger handling when there was a concurrent update to the target tuple (Tom Lane) This bug has been observed to result in intermittent "cannot extract system attribute from virtual tuple" failures while trying to do UPDATE RETURNING ctid. There is a very small probability of more serious errors, such as generating incorrect index entries for the updated tuple. * Disallow "DROP TABLE" when there are pending deferred trigger events for the table (Tom Lane) Formerly the "DROP" would go through, leading to "could not open relation with OID nnn" errors when the triggers were eventually fired. * Fix PL/Python memory leak involving array slices (Daniel Popowich) * Fix pg_restore to cope with long lines (over 1KB) in TOC files (Tom Lane) * Put in more safeguards against crashing due to division-by-zero with overly enthusiastic compiler optimization (Aurelien Jarno) * Support use of dlopen() in FreeBSD and OpenBSD on MIPS (Tom Lane) There was a hard-wired assumption that this system function was not available on MIPS hardware on these systems. Use a compile-time test instead, since more recent versions have it. * Fix compilation failures on HP-UX (Heikki Linnakangas) * Fix path separator used by pg_regress on Cygwin (Andrew Dunstan) * Update time zone data files to tzdata release 2011f for DST law changes in Chile, Cuba, Falkland Islands, Morocco, Samoa, and Turkey; also historical corrections for South Australia, Alaska, and Hawaii. __________________________________________________________________ Release 8.2.20 Release Date: 2011-01-31 This release contains a variety of fixes from 8.2.19. For information about new features in the 8.2 major release, see the Section called Release 8.2. __________________________________________________________________ Migration to Version 8.2.20 A dump/restore is not required for those running 8.2.X. However, if you are upgrading from a version earlier than 8.2.14, see the release notes for 8.2.14. __________________________________________________________________ Changes * Avoid failures when "EXPLAIN" tries to display a simple-form CASE expression (Tom Lane) If the CASE's test expression was a constant, the planner could simplify the CASE into a form that confused the expression-display code, resulting in "unexpected CASE WHEN clause" errors. * Fix assignment to an array slice that is before the existing range of subscripts (Tom Lane) If there was a gap between the newly added subscripts and the first pre-existing subscript, the code miscalculated how many entries needed to be copied from the old array's null bitmap, potentially leading to data corruption or crash. * Avoid unexpected conversion overflow in planner for very distant date values (Tom Lane) The date type supports a wider range of dates than can be represented by the timestamp types, but the planner assumed it could always convert a date to timestamp with impunity. * Fix pg_restore's text output for large objects (BLOBs) when standard_conforming_strings is on (Tom Lane) Although restoring directly to a database worked correctly, string escaping was incorrect if pg_restore was asked for SQL text output and standard_conforming_strings had been enabled in the source database. * Fix erroneous parsing of tsquery values containing ... & !(subexpression) | ... (Tom Lane) Queries containing this combination of operators were not executed correctly. The same error existed in "contrib/intarray"'s query_int type and "contrib/ltree"'s ltxtquery type. * Fix buffer overrun in "contrib/intarray"'s input function for the query_int type (Apple) This bug is a security risk since the function's return address could be overwritten. Thanks to Apple Inc's security team for reporting this issue and supplying the fix. (CVE-2010-4015) * Fix bug in "contrib/seg"'s GiST picksplit algorithm (Alexander Korotkov) This could result in considerable inefficiency, though not actually incorrect answers, in a GiST index on a seg column. If you have such an index, consider "REINDEX"ing it after installing this update. (This is identical to the bug that was fixed in "contrib/cube" in the previous update.) __________________________________________________________________ Release 8.2.19 Release Date: 2010-12-16 This release contains a variety of fixes from 8.2.18. For information about new features in the 8.2 major release, see the Section called Release 8.2. __________________________________________________________________ Migration to Version 8.2.19 A dump/restore is not required for those running 8.2.X. However, if you are upgrading from a version earlier than 8.2.14, see the release notes for 8.2.14. __________________________________________________________________ Changes * Force the default wal_sync_method to be fdatasync on Linux (Tom Lane, Marti Raudsepp) The default on Linux has actually been fdatasync for many years, but recent kernel changes caused PostgreSQL to choose open_datasync instead. This choice did not result in any performance improvement, and caused outright failures on certain filesystems, notably ext4 with the data=journal mount option. * Fix assorted bugs in WAL replay logic for GIN indexes (Tom Lane) This could result in "bad buffer id: 0" failures or corruption of index contents during replication. * Fix recovery from base backup when the starting checkpoint WAL record is not in the same WAL segment as its redo point (Jeff Davis) * Add support for detecting register-stack overrun on IA64 (Tom Lane) The IA64 architecture has two hardware stacks. Full prevention of stack-overrun failures requires checking both. * Add a check for stack overflow in copyObject() (Tom Lane) Certain code paths could crash due to stack overflow given a sufficiently complex query. * Fix detection of page splits in temporary GiST indexes (Heikki Linnakangas) It is possible to have a "concurrent" page split in a temporary index, if for example there is an open cursor scanning the index when an insertion is done. GiST failed to detect this case and hence could deliver wrong results when execution of the cursor continued. * Avoid memory leakage while "ANALYZE"'ing complex index expressions (Tom Lane) * Ensure an index that uses a whole-row Var still depends on its table (Tom Lane) An index declared like create index i on t (foo(t.*)) would not automatically get dropped when its table was dropped. * Do not "inline" a SQL function with multiple OUT parameters (Tom Lane) This avoids a possible crash due to loss of information about the expected result rowtype. * Behave correctly if ORDER BY, LIMIT, FOR UPDATE, or WITH is attached to the VALUES part of INSERT ... VALUES (Tom Lane) * Fix constant-folding of COALESCE() expressions (Tom Lane) The planner would sometimes attempt to evaluate sub-expressions that in fact could never be reached, possibly leading to unexpected errors. * Add print functionality for InhRelation nodes (Tom Lane) This avoids a failure when debug_print_parse is enabled and certain types of query are executed. * Fix incorrect calculation of distance from a point to a horizontal line segment (Tom Lane) This bug affected several different geometric distance-measurement operators. * Fix PL/pgSQL's handling of "simple" expressions to not fail in recursion or error-recovery cases (Tom Lane) * Fix PL/Python's handling of set-returning functions (Jan Urbanski) Attempts to call SPI functions within the iterator generating a set result would fail. * Fix bug in "contrib/cube"'s GiST picksplit algorithm (Alexander Korotkov) This could result in considerable inefficiency, though not actually incorrect answers, in a GiST index on a cube column. If you have such an index, consider "REINDEX"ing it after installing this update. * Don't emit "identifier will be truncated" notices in "contrib/dblink" except when creating new connections (Itagaki Takahiro) * Fix potential coredump on missing public key in "contrib/pgcrypto" (Marti Raudsepp) * Fix memory leak in "contrib/xml2"'s XPath query functions (Tom Lane) * Update time zone data files to tzdata release 2010o for DST law changes in Fiji and Samoa; also historical corrections for Hong Kong. __________________________________________________________________ Release 8.2.18 Release Date: 2010-10-04 This release contains a variety of fixes from 8.2.17. For information about new features in the 8.2 major release, see the Section called Release 8.2. __________________________________________________________________ Migration to Version 8.2.18 A dump/restore is not required for those running 8.2.X. However, if you are upgrading from a version earlier than 8.2.14, see the release notes for 8.2.14. __________________________________________________________________ Changes * Use a separate interpreter for each calling SQL userid in PL/Perl and PL/Tcl (Tom Lane) This change prevents security problems that can be caused by subverting Perl or Tcl code that will be executed later in the same session under another SQL user identity (for example, within a SECURITY DEFINER function). Most scripting languages offer numerous ways that that might be done, such as redefining standard functions or operators called by the target function. Without this change, any SQL user with Perl or Tcl language usage rights can do essentially anything with the SQL privileges of the target function's owner. The cost of this change is that intentional communication among Perl and Tcl functions becomes more difficult. To provide an escape hatch, PL/PerlU and PL/TclU functions continue to use only one interpreter per session. This is not considered a security issue since all such functions execute at the trust level of a database superuser already. It is likely that third-party procedural languages that claim to offer trusted execution have similar security issues. We advise contacting the authors of any PL you are depending on for security-critical purposes. Our thanks to Tim Bunce for pointing out this issue (CVE-2010-3433). * Prevent possible crashes in pg_get_expr() by disallowing it from being called with an argument that is not one of the system catalog columns it's intended to be used with (Heikki Linnakangas, Tom Lane) * Fix Windows shared-memory allocation code (Tsutomu Yamada, Magnus Hagander) This bug led to the often-reported "could not reattach to shared memory" error message. This is a back-patch of a fix that was applied to newer branches some time ago. * Treat exit code 128 (ERROR_WAIT_NO_CHILDREN) as non-fatal on Windows (Magnus Hagander) Under high load, Windows processes will sometimes fail at startup with this error code. Formerly the postmaster treated this as a panic condition and restarted the whole database, but that seems to be an overreaction. * Fix possible duplicate scans of UNION ALL member relations (Tom Lane) * Fix "cannot handle unplanned sub-select" error (Tom Lane) This occurred when a sub-select contains a join alias reference that expands into an expression containing another sub-select. * Reduce PANIC to ERROR in some occasionally-reported btree failure cases, and provide additional detail in the resulting error messages (Tom Lane) This should improve the system's robustness with corrupted indexes. * Prevent show_session_authorization() from crashing within autovacuum processes (Tom Lane) * Defend against functions returning setof record where not all the returned rows are actually of the same rowtype (Tom Lane) * Fix possible failure when hashing a pass-by-reference function result (Tao Ma, Tom Lane) * Take care to fsync the contents of lockfiles (both "postmaster.pid" and the socket lockfile) while writing them (Tom Lane) This omission could result in corrupted lockfile contents if the machine crashes shortly after postmaster start. That could in turn prevent subsequent attempts to start the postmaster from succeeding, until the lockfile is manually removed. * Avoid recursion while assigning XIDs to heavily-nested subtransactions (Andres Freund, Robert Haas) The original coding could result in a crash if there was limited stack space. * Fix log_line_prefix's %i escape, which could produce junk early in backend startup (Tom Lane) * Fix possible data corruption in "ALTER TABLE ... SET TABLESPACE" when archiving is enabled (Jeff Davis) * Allow "CREATE DATABASE" and "ALTER DATABASE ... SET TABLESPACE" to be interrupted by query-cancel (Guillaume Lelarge) * In PL/Python, defend against null pointer results from PyCObject_AsVoidPtr and PyCObject_FromVoidPtr (Peter Eisentraut) * Improve "contrib/dblink"'s handling of tables containing dropped columns (Tom Lane) * Fix connection leak after "duplicate connection name" errors in "contrib/dblink" (Itagaki Takahiro) * Fix "contrib/dblink" to handle connection names longer than 62 bytes correctly (Itagaki Takahiro) * Add hstore(text, text) function to "contrib/hstore" (Robert Haas) This function is the recommended substitute for the now-deprecated => operator. It was back-patched so that future-proofed code can be used with older server versions. Note that the patch will be effective only after "contrib/hstore" is installed or reinstalled in a particular database. Users might prefer to execute the "CREATE FUNCTION" command by hand, instead. * Update build infrastructure and documentation to reflect the source code repository's move from CVS to Git (Magnus Hagander and others) * Update time zone data files to tzdata release 2010l for DST law changes in Egypt and Palestine; also historical corrections for Finland. This change also adds new names for two Micronesian timezones: Pacific/Chuuk is now preferred over Pacific/Truk (and the preferred abbreviation is CHUT not TRUT) and Pacific/Pohnpei is preferred over Pacific/Ponape. * Make Windows' "N. Central Asia Standard Time" timezone map to Asia/Novosibirsk, not Asia/Almaty (Magnus Hagander) Microsoft changed the DST behavior of this zone in the timezone update from KB976098. Asia/Novosibirsk is a better match to its new behavior. __________________________________________________________________ Release 8.2.17 Release Date: 2010-05-17 This release contains a variety of fixes from 8.2.16. For information about new features in the 8.2 major release, see the Section called Release 8.2. __________________________________________________________________ Migration to Version 8.2.17 A dump/restore is not required for those running 8.2.X. However, if you are upgrading from a version earlier than 8.2.14, see the release notes for 8.2.14. __________________________________________________________________ Changes * Enforce restrictions in plperl using an opmask applied to the whole interpreter, instead of using "Safe.pm" (Tim Bunce, Andrew Dunstan) Recent developments have convinced us that "Safe.pm" is too insecure to rely on for making plperl trustable. This change removes use of "Safe.pm" altogether, in favor of using a separate interpreter with an opcode mask that is always applied. Pleasant side effects of the change include that it is now possible to use Perl's strict pragma in a natural way in plperl, and that Perl's $a and $b variables work as expected in sort routines, and that function compilation is significantly faster. (CVE-2010-1169) * Prevent PL/Tcl from executing untrustworthy code from pltcl_modules (Tom) PL/Tcl's feature for autoloading Tcl code from a database table could be exploited for trojan-horse attacks, because there was no restriction on who could create or insert into that table. This change disables the feature unless pltcl_modules is owned by a superuser. (However, the permissions on the table are not checked, so installations that really need a less-than-secure modules table can still grant suitable privileges to trusted non-superusers.) Also, prevent loading code into the unrestricted "normal" Tcl interpreter unless we are really going to execute a pltclu function. (CVE-2010-1170) * Fix possible crash if a cache reset message is received during rebuild of a relcache entry (Heikki) This error was introduced in 8.2.16 while fixing a related failure. * Do not allow an unprivileged user to reset superuser-only parameter settings (Alvaro) Previously, if an unprivileged user ran ALTER USER ... RESET ALL for himself, or ALTER DATABASE ... RESET ALL for a database he owns, this would remove all special parameter settings for the user or database, even ones that are only supposed to be changeable by a superuser. Now, the "ALTER" will only remove the parameters that the user has permission to change. * Avoid possible crash during backend shutdown if shutdown occurs when a CONTEXT addition would be made to log entries (Tom) In some cases the context-printing function would fail because the current transaction had already been rolled back when it came time to print a log message. * Update pl/perl's "ppport.h" for modern Perl versions (Andrew) * Fix assorted memory leaks in pl/python (Andreas Freund, Tom) * Prevent infinite recursion in psql when expanding a variable that refers to itself (Tom) * Fix psql's \copy to not add spaces around a dot within \copy (select ...) (Tom) Addition of spaces around the decimal point in a numeric literal would result in a syntax error. * Ensure that "contrib/pgstattuple" functions respond to cancel interrupts promptly (Tatsuhito Kasahara) * Make server startup deal properly with the case that shmget() returns EINVAL for an existing shared memory segment (Tom) This behavior has been observed on BSD-derived kernels including OS X. It resulted in an entirely-misleading startup failure complaining that the shared memory request size was too large. * Avoid possible crashes in syslogger process on Windows (Heikki) * Deal more robustly with incomplete time zone information in the Windows registry (Magnus) * Update the set of known Windows time zone names (Magnus) * Update time zone data files to tzdata release 2010j for DST law changes in Argentina, Australian Antarctic, Bangladesh, Mexico, Morocco, Pakistan, Palestine, Russia, Syria, Tunisia; also historical corrections for Taiwan. Also, add PKST (Pakistan Summer Time) to the default set of timezone abbreviations. __________________________________________________________________ Release 8.2.16 Release Date: 2010-03-15 This release contains a variety of fixes from 8.2.15. For information about new features in the 8.2 major release, see the Section called Release 8.2. __________________________________________________________________ Migration to Version 8.2.16 A dump/restore is not required for those running 8.2.X. However, if you are upgrading from a version earlier than 8.2.14, see the release notes for 8.2.14. __________________________________________________________________ Changes * Add new configuration parameter ssl_renegotiation_limit to control how often we do session key renegotiation for an SSL connection (Magnus) This can be set to zero to disable renegotiation completely, which may be required if a broken SSL library is used. In particular, some vendors are shipping stopgap patches for CVE-2009-3555 that cause renegotiation attempts to fail. * Fix possible deadlock during backend startup (Tom) * Fix possible crashes due to not handling errors during relcache reload cleanly (Tom) * Fix possible crashes when trying to recover from a failure in subtransaction start (Tom) * Fix server memory leak associated with use of savepoints and a client encoding different from server's encoding (Tom) * Fix incorrect WAL data emitted during end-of-recovery cleanup of a GIST index page split (Yoichi Hirai) This would result in index corruption, or even more likely an error during WAL replay, if we were unlucky enough to crash during end-of-recovery cleanup after having completed an incomplete GIST insertion. * Make substring() for bit types treat any negative length as meaning "all the rest of the string" (Tom) The previous coding treated only -1 that way, and would produce an invalid result value for other negative values, possibly leading to a crash (CVE-2010-0442). * Fix integer-to-bit-string conversions to handle the first fractional byte correctly when the output bit width is wider than the given integer by something other than a multiple of 8 bits (Tom) * Fix some cases of pathologically slow regular expression matching (Tom) * Fix the STOP WAL LOCATION entry in backup history files to report the next WAL segment's name when the end location is exactly at a segment boundary (Itagaki Takahiro) * Fix some more cases of temporary-file leakage (Heikki) This corrects a problem introduced in the previous minor release. One case that failed is when a plpgsql function returning set is called within another function's exception handler. * Improve constraint exclusion processing of boolean-variable cases, in particular make it possible to exclude a partition that has a "bool_column = false" constraint (Tom) * When reading "pg_hba.conf" and related files, do not treat @something as a file inclusion request if the @ appears inside quote marks; also, never treat @ by itself as a file inclusion request (Tom) This prevents erratic behavior if a role or database name starts with @. If you need to include a file whose path name contains spaces, you can still do so, but you must write @"/path to/file" rather than putting the quotes around the whole construct. * Prevent infinite loop on some platforms if a directory is named as an inclusion target in "pg_hba.conf" and related files (Tom) * Fix possible infinite loop if SSL_read or SSL_write fails without setting errno (Tom) This is reportedly possible with some Windows versions of openssl. * Fix psql's numericlocale option to not format strings it shouldn't in latex and troff output formats (Heikki) * Make psql return the correct exit status (3) when ON_ERROR_STOP and --single-transaction are both specified and an error occurs during the implied "COMMIT" (Bruce) * Fix plpgsql failure in one case where a composite column is set to NULL (Tom) * Fix possible failure when calling PL/Perl functions from PL/PerlU or vice versa (Tim Bunce) * Add volatile markings in PL/Python to avoid possible compiler-specific misbehavior (Zdenek Kotala) * Ensure PL/Tcl initializes the Tcl interpreter fully (Tom) The only known symptom of this oversight is that the Tcl clock command misbehaves if using Tcl 8.5 or later. * Prevent crash in "contrib/dblink" when too many key columns are specified to a dblink_build_sql_* function (Rushabh Lathia, Joe Conway) * Fix assorted crashes in "contrib/xml2" caused by sloppy memory management (Tom) * Make building of "contrib/xml2" more robust on Windows (Andrew) * Fix race condition in Windows signal handling (Radu Ilie) One known symptom of this bug is that rows in pg_listener could be dropped under heavy load. * Update time zone data files to tzdata release 2010e for DST law changes in Bangladesh, Chile, Fiji, Mexico, Paraguay, Samoa. __________________________________________________________________ Release 8.2.15 Release Date: 2009-12-14 This release contains a variety of fixes from 8.2.14. For information about new features in the 8.2 major release, see the Section called Release 8.2. __________________________________________________________________ Migration to Version 8.2.15 A dump/restore is not required for those running 8.2.X. However, if you are upgrading from a version earlier than 8.2.14, see the release notes for 8.2.14. __________________________________________________________________ Changes * Protect against indirect security threats caused by index functions changing session-local state (Gurjeet Singh, Tom) This change prevents allegedly-immutable index functions from possibly subverting a superuser's session (CVE-2009-4136). * Reject SSL certificates containing an embedded null byte in the common name (CN) field (Magnus) This prevents unintended matching of a certificate to a server or client name during SSL validation (CVE-2009-4034). * Fix possible crash during backend-startup-time cache initialization (Tom) * Prevent signals from interrupting VACUUM at unsafe times (Alvaro) This fix prevents a PANIC if a VACUUM FULL is canceled after it's already committed its tuple movements, as well as transient errors if a plain VACUUM is interrupted after having truncated the table. * Fix possible crash due to integer overflow in hash table size calculation (Tom) This could occur with extremely large planner estimates for the size of a hashjoin's result. * Fix very rare crash in inet/cidr comparisons (Chris Mikkelson) * Ensure that shared tuple-level locks held by prepared transactions are not ignored (Heikki) * Fix premature drop of temporary files used for a cursor that is accessed within a subtransaction (Heikki) * Fix incorrect logic for GiST index page splits, when the split depends on a non-first column of the index (Paul Ramsey) * Don't error out if recycling or removing an old WAL file fails at the end of checkpoint (Heikki) It's better to treat the problem as non-fatal and allow the checkpoint to complete. Future checkpoints will retry the removal. Such problems are not expected in normal operation, but have been seen to be caused by misdesigned Windows anti-virus and backup software. * Ensure WAL files aren't repeatedly archived on Windows (Heikki) This is another symptom that could happen if some other process interfered with deletion of a no-longer-needed file. * Fix PAM password processing to be more robust (Tom) The previous code is known to fail with the combination of the Linux pam_krb5 PAM module with Microsoft Active Directory as the domain controller. It might have problems elsewhere too, since it was making unjustified assumptions about what arguments the PAM stack would pass to it. * Fix processing of ownership dependencies during CREATE OR REPLACE FUNCTION (Tom) * Fix bug with calling plperl from plperlu or vice versa (Tom) An error exit from the inner function could result in crashes due to failure to re-select the correct Perl interpreter for the outer function. * Fix session-lifespan memory leak when a PL/Perl function is redefined (Tom) * Ensure that Perl arrays are properly converted to PostgreSQL arrays when returned by a set-returning PL/Perl function (Andrew Dunstan, Abhijit Menon-Sen) This worked correctly already for non-set-returning functions. * Fix rare crash in exception processing in PL/Python (Peter) * Ensure psql's flex module is compiled with the correct system header definitions (Tom) This fixes build failures on platforms where --enable-largefile causes incompatible changes in the generated code. * Make the postmaster ignore any application_name parameter in connection request packets, to improve compatibility with future libpq versions (Tom) * Update the timezone abbreviation files to match current reality (Joachim Wieland) This includes adding IDT and SGT to the default timezone abbreviation set. * Update time zone data files to tzdata release 2009s for DST law changes in Antarctica, Argentina, Bangladesh, Fiji, Novokuznetsk, Pakistan, Palestine, Samoa, Syria; also historical corrections for Hong Kong. __________________________________________________________________ Release 8.2.14 Release Date: 2009-09-09 This release contains a variety of fixes from 8.2.13. For information about new features in the 8.2 major release, see the Section called Release 8.2. __________________________________________________________________ Migration to Version 8.2.14 A dump/restore is not required for those running 8.2.X. However, if you have any hash indexes on interval columns, you must "REINDEX" them after updating to 8.2.14. Also, if you are upgrading from a version earlier than 8.2.11, see the release notes for 8.2.11. __________________________________________________________________ Changes * Force WAL segment switch during pg_start_backup() (Heikki) This avoids corner cases that could render a base backup unusable. * Disallow "RESET ROLE" and "RESET SESSION AUTHORIZATION" inside security-definer functions (Tom, Heikki) This covers a case that was missed in the previous patch that disallowed "SET ROLE" and "SET SESSION AUTHORIZATION" inside security-definer functions. (See CVE-2007-6600) * Make "LOAD" of an already-loaded loadable module into a no-op (Tom) Formerly, "LOAD" would attempt to unload and re-load the module, but this is unsafe and not all that useful. * Disallow empty passwords during LDAP authentication (Magnus) * Fix handling of sub-SELECTs appearing in the arguments of an outer-level aggregate function (Tom) * Fix bugs associated with fetching a whole-row value from the output of a Sort or Materialize plan node (Tom) * Revert planner change that disabled partial-index and constraint exclusion optimizations when there were more than 100 clauses in an AND or OR list (Tom) * Fix hash calculation for data type interval (Tom) This corrects wrong results for hash joins on interval values. It also changes the contents of hash indexes on interval columns. If you have any such indexes, you must "REINDEX" them after updating. * Treat to_char(..., 'TH') as an uppercase ordinal suffix with 'HH'/'HH12' (Heikki) It was previously handled as 'th' (lowercase). * Fix overflow for INTERVAL 'x ms' when "x" is more than 2 million and integer datetimes are in use (Alex Hunsaker) * Fix calculation of distance between a point and a line segment (Tom) This led to incorrect results from a number of geometric operators. * Fix money data type to work in locales where currency amounts have no fractional digits, e.g. Japan (Itagaki Takahiro) * Properly round datetime input like 00:12:57.9999999999999999999999999999 (Tom) * Fix poor choice of page split point in GiST R-tree operator classes (Teodor) * Avoid performance degradation in bulk inserts into GIN indexes when the input values are (nearly) in sorted order (Tom) * Correctly enforce NOT NULL domain constraints in some contexts in PL/pgSQL (Tom) * Fix portability issues in plperl initialization (Andrew Dunstan) * Fix pg_ctl to not go into an infinite loop if "postgresql.conf" is empty (Jeff Davis) * Make "contrib/hstore" throw an error when a key or value is too long to fit in its data structure, rather than silently truncating it (Andrew Gierth) * Fix "contrib/xml2"'s xslt_process() to properly handle the maximum number of parameters (twenty) (Tom) * Improve robustness of libpq's code to recover from errors during "COPY FROM STDIN" (Tom) * Avoid including conflicting readline and editline header files when both libraries are installed (Zdenek Kotala) * Update time zone data files to tzdata release 2009l for DST law changes in Bangladesh, Egypt, Jordan, Pakistan, Argentina/San_Luis, Cuba, Jordan (historical correction only), Mauritius, Morocco, Palestine, Syria, Tunisia. __________________________________________________________________ Release 8.2.13 Release Date: 2009-03-16 This release contains a variety of fixes from 8.2.12. For information about new features in the 8.2 major release, see the Section called Release 8.2. __________________________________________________________________ Migration to Version 8.2.13 A dump/restore is not required for those running 8.2.X. However, if you are upgrading from a version earlier than 8.2.11, see the release notes for 8.2.11. __________________________________________________________________ Changes * Prevent error recursion crashes when encoding conversion fails (Tom) This change extends fixes made in the last two minor releases for related failure scenarios. The previous fixes were narrowly tailored for the original problem reports, but we have now recognized that *any* error thrown by an encoding conversion function could potentially lead to infinite recursion while trying to report the error. The solution therefore is to disable translation and encoding conversion and report the plain-ASCII form of any error message, if we find we have gotten into a recursive error reporting situation. (CVE-2009-0922) * Disallow "CREATE CONVERSION" with the wrong encodings for the specified conversion function (Heikki) This prevents one possible scenario for encoding conversion failure. The previous change is a backstop to guard against other kinds of failures in the same area. * Fix core dump when to_char() is given format codes that are inappropriate for the type of the data argument (Tom) * Fix possible failure in "contrib/tsearch2" when C locale is used with a multi-byte encoding (Teodor) Crashes were possible on platforms where wchar_t is narrower than int; Windows in particular. * Fix extreme inefficiency in "contrib/tsearch2" parser's handling of an email-like string containing multiple @ characters (Heikki) * Fix decompilation of CASE WHEN with an implicit coercion (Tom) This mistake could lead to Assert failures in an Assert-enabled build, or an "unexpected CASE WHEN clause" error message in other cases, when trying to examine or dump a view. * Fix possible misassignment of the owner of a TOAST table's rowtype (Tom) If "CLUSTER" or a rewriting variant of "ALTER TABLE" were executed by someone other than the table owner, the pg_type entry for the table's TOAST table would end up marked as owned by that someone. This caused no immediate problems, since the permissions on the TOAST rowtype aren't examined by any ordinary database operation. However, it could lead to unexpected failures if one later tried to drop the role that issued the command (in 8.1 or 8.2), or "owner of data type appears to be invalid" warnings from pg_dump after having done so (in 8.3). * Fix PL/pgSQL to not treat INTO after "INSERT" as an INTO-variables clause anywhere in the string, not only at the start; in particular, don't fail for "INSERT INTO" within "CREATE RULE" (Tom) * Clean up PL/pgSQL error status variables fully at block exit (Ashesh Vashi and Dave Page) This is not a problem for PL/pgSQL itself, but the omission could cause the PL/pgSQL Debugger to crash while examining the state of a function. * Retry failed calls to CallNamedPipe() on Windows (Steve Marshall, Magnus) It appears that this function can sometimes fail transiently; we previously treated any failure as a hard error, which could confuse "LISTEN"/"NOTIFY" as well as other operations. * Add MUST (Mauritius Island Summer Time) to the default list of known timezone abbreviations (Xavier Bugaud) __________________________________________________________________ Release 8.2.12 Release Date: 2009-02-02 This release contains a variety of fixes from 8.2.11. For information about new features in the 8.2 major release, see the Section called Release 8.2. __________________________________________________________________ Migration to Version 8.2.12 A dump/restore is not required for those running 8.2.X. However, if you are upgrading from a version earlier than 8.2.11, see the release notes for 8.2.11. __________________________________________________________________ Changes * Improve handling of URLs in headline() function (Teodor) * Improve handling of overlength headlines in headline() function (Teodor) * Prevent possible Assert failure or misconversion if an encoding conversion is created with the wrong conversion function for the specified pair of encodings (Tom, Heikki) * Fix possible Assert failure if a statement executed in PL/pgSQL is rewritten into another kind of statement, for example if an "INSERT" is rewritten into an "UPDATE" (Heikki) * Ensure that a snapshot is available to datatype input functions (Tom) This primarily affects domains that are declared with CHECK constraints involving user-defined stable or immutable functions. Such functions typically fail if no snapshot has been set. * Make it safer for SPI-using functions to be used within datatype I/O; in particular, to be used in domain check constraints (Tom) * Avoid unnecessary locking of small tables in "VACUUM" (Heikki) * Fix a problem that made UPDATE RETURNING tableoid return zero instead of the correct OID (Tom) * Fix planner misestimation of selectivity when transitive equality is applied to an outer-join clause (Tom) This could result in bad plans for queries like ... from a left join b on a.a1 = b.b1 where a.a1 = 42 ... * Improve optimizer's handling of long IN lists (Tom) This change avoids wasting large amounts of time on such lists when constraint exclusion is enabled. * Ensure that the contents of a holdable cursor don't depend on the contents of TOAST tables (Tom) Previously, large field values in a cursor result might be represented as TOAST pointers, which would fail if the referenced table got dropped before the cursor is read, or if the large value is deleted and then vacuumed away. This cannot happen with an ordinary cursor, but it could with a cursor that is held past its creating transaction. * Fix memory leak when a set-returning function is terminated without reading its whole result (Tom) * Fix "contrib/dblink"'s dblink_get_result(text,bool) function (Joe) * Fix possible garbage output from "contrib/sslinfo" functions (Tom) * Fix configure script to properly report failure when unable to obtain linkage information for PL/Perl (Andrew) * Make all documentation reference pgsql-bugs and/or pgsql-hackers as appropriate, instead of the now-decommissioned pgsql-ports and pgsql-patches mailing lists (Tom) * Update time zone data files to tzdata release 2009a (for Kathmandu and historical DST corrections in Switzerland, Cuba) __________________________________________________________________ Release 8.2.11 Release Date: 2008-11-03 This release contains a variety of fixes from 8.2.10. For information about new features in the 8.2 major release, see the Section called Release 8.2. __________________________________________________________________ Migration to Version 8.2.11 A dump/restore is not required for those running 8.2.X. However, if you are upgrading from a version earlier than 8.2.7, see the release notes for 8.2.7. Also, if you were running a previous 8.2.X release, it is recommended to "REINDEX" all GiST indexes after the upgrade. __________________________________________________________________ Changes * Fix GiST index corruption due to marking the wrong index entry "dead" after a deletion (Teodor) This would result in index searches failing to find rows they should have found. Corrupted indexes can be fixed with "REINDEX". * Fix backend crash when the client encoding cannot represent a localized error message (Tom) We have addressed similar issues before, but it would still fail if the "character has no equivalent" message itself couldn't be converted. The fix is to disable localization and send the plain ASCII error message when we detect such a situation. * Fix possible crash when deeply nested functions are invoked from a trigger (Tom) * Improve optimization of "expression" IN ("expression-list") queries (Tom, per an idea from Robert Haas) Cases in which there are query variables on the right-hand side had been handled less efficiently in 8.2.x and 8.3.x than in prior versions. The fix restores 8.1 behavior for such cases. * Fix mis-expansion of rule queries when a sub-SELECT appears in a function call in FROM, a multi-row VALUES list, or a RETURNING list (Tom) The usual symptom of this problem is an "unrecognized node type" error. * Fix memory leak during rescan of a hashed aggregation plan (Neil) * Ensure an error is reported when a newly-defined PL/pgSQL trigger function is invoked as a normal function (Tom) * Prevent possible collision of relfilenode numbers when moving a table to another tablespace with "ALTER SET TABLESPACE" (Heikki) The command tried to re-use the existing filename, instead of picking one that is known unused in the destination directory. * Fix incorrect tsearch2 headline generation when single query item matches first word of text (Sushant Sinha) * Fix improper display of fractional seconds in interval values when using a non-ISO datestyle in an "--enable-integer-datetimes" build (Ron Mayer) * Ensure SPI_getvalue and SPI_getbinval behave correctly when the passed tuple and tuple descriptor have different numbers of columns (Tom) This situation is normal when a table has had columns added or removed, but these two functions didn't handle it properly. The only likely consequence is an incorrect error indication. * Fix ecpg's parsing of "CREATE ROLE" (Michael) * Fix recent breakage of pg_ctl restart (Tom) * Ensure "pg_control" is opened in binary mode (Itagaki Takahiro) pg_controldata and pg_resetxlog did this incorrectly, and so could fail on Windows. * Update time zone data files to tzdata release 2008i (for DST law changes in Argentina, Brazil, Mauritius, Syria) __________________________________________________________________ Release 8.2.10 Release Date: 2008-09-22 This release contains a variety of fixes from 8.2.9. For information about new features in the 8.2 major release, see the Section called Release 8.2. __________________________________________________________________ Migration to Version 8.2.10 A dump/restore is not required for those running 8.2.X. However, if you are upgrading from a version earlier than 8.2.7, see the release notes for 8.2.7. __________________________________________________________________ Changes * Fix bug in btree WAL recovery code (Heikki) Recovery failed if the WAL ended partway through a page split operation. * Fix potential miscalculation of datfrozenxid (Alvaro) This error may explain some recent reports of failure to remove old pg_clog data. * Widen local lock counters from 32 to 64 bits (Tom) This responds to reports that the counters could overflow in sufficiently long transactions, leading to unexpected "lock is already held" errors. * Fix possible duplicate output of tuples during a GiST index scan (Teodor) * Fix missed permissions checks when a view contains a simple UNION ALL construct (Heikki) Permissions for the referenced tables were checked properly, but not permissions for the view itself. * Add checks in executor startup to ensure that the tuples produced by an "INSERT" or "UPDATE" will match the target table's current rowtype (Tom) "ALTER COLUMN TYPE", followed by re-use of a previously cached plan, could produce this type of situation. The check protects against data corruption and/or crashes that could ensue. * Fix possible repeated drops during "DROP OWNED" (Tom) This would typically result in strange errors such as "cache lookup failed for relation NNN". * Fix AT TIME ZONE to first try to interpret its timezone argument as a timezone abbreviation, and only try it as a full timezone name if that fails, rather than the other way around as formerly (Tom) The timestamp input functions have always resolved ambiguous zone names in this order. Making AT TIME ZONE do so as well improves consistency, and fixes a compatibility bug introduced in 8.1: in ambiguous cases we now behave the same as 8.0 and before did, since in the older versions AT TIME ZONE accepted *only* abbreviations. * Fix datetime input functions to correctly detect integer overflow when running on a 64-bit platform (Tom) * Prevent integer overflows during units conversion when displaying a configuration parameter that has units (Tom) * Improve performance of writing very long log messages to syslog (Tom) * Allow spaces in the suffix part of an LDAP URL in "pg_hba.conf" (Tom) * Fix bug in backwards scanning of a cursor on a SELECT DISTINCT ON query (Tom) * Fix planner bug with nested sub-select expressions (Tom) If the outer sub-select has no direct dependency on the parent query, but the inner one does, the outer value might not get recalculated for new parent query rows. * Fix planner to estimate that GROUP BY expressions yielding boolean results always result in two groups, regardless of the expressions' contents (Tom) This is very substantially more accurate than the regular GROUP BY estimate for certain boolean tests like "col" IS NULL. * Fix PL/pgSQL to not fail when a FOR loop's target variable is a record containing composite-type fields (Tom) * Fix PL/Tcl to behave correctly with Tcl 8.5, and to be more careful about the encoding of data sent to or from Tcl (Tom) * On Windows, work around a Microsoft bug by preventing libpq from trying to send more than 64kB per system call (Magnus) * Improve pg_dump and pg_restore's error reporting after failure to send a SQL command (Tom) * Fix pg_ctl to properly preserve postmaster command-line arguments across a restart (Bruce) * Update time zone data files to tzdata release 2008f (for DST law changes in Argentina, Bahamas, Brazil, Mauritius, Morocco, Pakistan, Palestine, and Paraguay) __________________________________________________________________ Release 8.2.9 Release Date: 2008-06-12 This release contains one serious and one minor bug fix over 8.2.8. For information about new features in the 8.2 major release, see the Section called Release 8.2. __________________________________________________________________ Migration to Version 8.2.9 A dump/restore is not required for those running 8.2.X. However, if you are upgrading from a version earlier than 8.2.7, see the release notes for 8.2.7. __________________________________________________________________ Changes * Make pg_get_ruledef() parenthesize negative constants (Tom) Before this fix, a negative constant in a view or rule might be dumped as, say, -42::integer, which is subtly incorrect: it should be (-42)::integer due to operator precedence rules. Usually this would make little difference, but it could interact with another recent patch to cause PostgreSQL to reject what had been a valid "SELECT DISTINCT" view query. Since this could result in pg_dump output failing to reload, it is being treated as a high-priority fix. The only released versions in which dump output is actually incorrect are 8.3.1 and 8.2.7. * Make "ALTER AGGREGATE ... OWNER TO" update pg_shdepend (Tom) This oversight could lead to problems if the aggregate was later involved in a "DROP OWNED" or "REASSIGN OWNED" operation. __________________________________________________________________ Release 8.2.8 Release Date: never released This release contains a variety of fixes from 8.2.7. For information about new features in the 8.2 major release, see the Section called Release 8.2. __________________________________________________________________ Migration to Version 8.2.8 A dump/restore is not required for those running 8.2.X. However, if you are upgrading from a version earlier than 8.2.7, see the release notes for 8.2.7. __________________________________________________________________ Changes * Fix ERRORDATA_STACK_SIZE exceeded crash that occurred on Windows when using UTF-8 database encoding and a different client encoding (Tom) * Fix "ALTER TABLE ADD COLUMN ... PRIMARY KEY" so that the new column is correctly checked to see if it's been initialized to all non-nulls (Brendan Jurd) Previous versions neglected to check this requirement at all. * Fix possible "CREATE TABLE" failure when inheriting the "same" constraint from multiple parent relations that inherited that constraint from a common ancestor (Tom) * Fix pg_get_ruledef() to show the alias, if any, attached to the target table of an "UPDATE" or "DELETE" (Tom) * Fix GIN bug that could result in a too many LWLocks taken failure (Teodor) * Avoid possible crash when decompressing corrupted data (Zdenek Kotala) * Repair two places where SIGTERM exit of a backend could leave corrupted state in shared memory (Tom) Neither case is very important if SIGTERM is used to shut down the whole database cluster together, but there was a problem if someone tried to SIGTERM individual backends. * Fix conversions between ISO-8859-5 and other encodings to handle Cyrillic "Yo" characters (e and E with two dots) (Sergey Burladyan) * Fix several datatype input functions, notably array_in(), that were allowing unused bytes in their results to contain uninitialized, unpredictable values (Tom) This could lead to failures in which two apparently identical literal values were not seen as equal, resulting in the parser complaining about unmatched ORDER BY and DISTINCT expressions. * Fix a corner case in regular-expression substring matching (substring(string from pattern)) (Tom) The problem occurs when there is a match to the pattern overall but the user has specified a parenthesized subexpression and that subexpression hasn't got a match. An example is substring('foo' from 'foo(bar)?'). This should return NULL, since (bar) isn't matched, but it was mistakenly returning the whole-pattern match instead (ie, foo). * Update time zone data files to tzdata release 2008c (for DST law changes in Morocco, Iraq, Choibalsan, Pakistan, Syria, Cuba, and Argentina/San_Luis) * Fix incorrect result from ecpg's PGTYPEStimestamp_sub() function (Michael) * Fix broken GiST comparison function for "contrib/tsearch2"'s tsquery type (Teodor) * Fix possible crashes in "contrib/cube" functions (Tom) * Fix core dump in "contrib/xml2"'s xpath_table() function when the input query returns a NULL value (Tom) * Fix "contrib/xml2"'s makefile to not override CFLAGS (Tom) * Fix DatumGetBool macro to not fail with gcc 4.3 (Tom) This problem affects "old style" (V0) C functions that return boolean. The fix is already in 8.3, but the need to back-patch it was not realized at the time. __________________________________________________________________ Release 8.2.7 Release Date: 2008-03-17 This release contains a variety of fixes from 8.2.6. For information about new features in the 8.2 major release, see the Section called Release 8.2. __________________________________________________________________ Migration to Version 8.2.7 A dump/restore is not required for those running 8.2.X. However, you might need to "REINDEX" indexes on textual columns after updating, if you are affected by the Windows locale issue described below. __________________________________________________________________ Changes * Fix character string comparison for Windows locales that consider different character combinations as equal (Tom) This fix applies only on Windows and only when using UTF-8 database encoding. The same fix was made for all other cases over two years ago, but Windows with UTF-8 uses a separate code path that was not updated. If you are using a locale that considers some non-identical strings as equal, you may need to "REINDEX" to fix existing indexes on textual columns. * Repair potential deadlock between concurrent "VACUUM FULL" operations on different system catalogs (Tom) * Fix longstanding "LISTEN"/"NOTIFY" race condition (Tom) In rare cases a session that had just executed a "LISTEN" might not get a notification, even though one would be expected because the concurrent transaction executing "NOTIFY" was observed to commit later. A side effect of the fix is that a transaction that has executed a not-yet-committed "LISTEN" command will not see any row in pg_listener for the "LISTEN", should it choose to look; formerly it would have. This behavior was never documented one way or the other, but it is possible that some applications depend on the old behavior. * Disallow "LISTEN" and "UNLISTEN" within a prepared transaction (Tom) This was formerly allowed but trying to do it had various unpleasant consequences, notably that the originating backend could not exit as long as an "UNLISTEN" remained uncommitted. * Disallow dropping a temporary table within a prepared transaction (Heikki) This was correctly disallowed by 8.1, but the check was inadvertently broken in 8.2. * Fix rare crash when an error occurs during a query using a hash index (Heikki) * Fix memory leaks in certain usages of set-returning functions (Neil) * Fix input of datetime values for February 29 in years BC (Tom) The former coding was mistaken about which years were leap years. * Fix "unrecognized node type" error in some variants of "ALTER OWNER" (Tom) * Ensure pg_stat_activity.waiting flag is cleared when a lock wait is aborted (Tom) * Fix handling of process permissions on Windows Vista (Dave, Magnus) In particular, this fix allows starting the server as the Administrator user. * Update time zone data files to tzdata release 2008a (in particular, recent Chile changes); adjust timezone abbreviation VET (Venezuela) to mean UTC-4:30, not UTC-4:00 (Tom) * Fix pg_ctl to correctly extract the postmaster's port number from command-line options (Itagaki Takahiro, Tom) Previously, pg_ctl start -w could try to contact the postmaster on the wrong port, leading to bogus reports of startup failure. * Use "-fwrapv" to defend against possible misoptimization in recent gcc versions (Tom) This is known to be necessary when building PostgreSQL with gcc 4.3 or later. * Correctly enforce statement_timeout values longer than INT_MAX microseconds (about 35 minutes) (Tom) This bug affects only builds with "--enable-integer-datetimes". * Fix "unexpected PARAM_SUBLINK ID" planner error when constant-folding simplifies a sub-select (Tom) * Fix logical errors in constraint-exclusion handling of IS NULL and NOT expressions (Tom) The planner would sometimes exclude partitions that should not have been excluded because of the possibility of NULL results. * Fix another cause of "failed to build any N-way joins" planner errors (Tom) This could happen in cases where a clauseless join needed to be forced before a join clause could be exploited. * Fix incorrect constant propagation in outer-join planning (Tom) The planner could sometimes incorrectly conclude that a variable could be constrained to be equal to a constant, leading to wrong query results. * Fix display of constant expressions in ORDER BY and GROUP BY (Tom) An explictly casted constant would be shown incorrectly. This could for example lead to corruption of a view definition during dump and reload. * Fix libpq to handle NOTICE messages correctly during COPY OUT (Tom) This failure has only been observed to occur when a user-defined datatype's output routine issues a NOTICE, but there is no guarantee it couldn't happen due to other causes. __________________________________________________________________ Release 8.2.6 Release Date: 2008-01-07 This release contains a variety of fixes from 8.2.5, including fixes for significant security issues. For information about new features in the 8.2 major release, see the Section called Release 8.2. __________________________________________________________________ Migration to Version 8.2.6 A dump/restore is not required for those running 8.2.X. __________________________________________________________________ Changes * Prevent functions in indexes from executing with the privileges of the user running "VACUUM", "ANALYZE", etc (Tom) Functions used in index expressions and partial-index predicates are evaluated whenever a new table entry is made. It has long been understood that this poses a risk of trojan-horse code execution if one modifies a table owned by an untrustworthy user. (Note that triggers, defaults, check constraints, etc. pose the same type of risk.) But functions in indexes pose extra danger because they will be executed by routine maintenance operations such as "VACUUM FULL", which are commonly performed automatically under a superuser account. For example, a nefarious user can execute code with superuser privileges by setting up a trojan-horse index definition and waiting for the next routine vacuum. The fix arranges for standard maintenance operations (including "VACUUM", "ANALYZE", "REINDEX", and "CLUSTER") to execute as the table owner rather than the calling user, using the same privilege-switching mechanism already used for SECURITY DEFINER functions. To prevent bypassing this security measure, execution of "SET SESSION AUTHORIZATION" and "SET ROLE" is now forbidden within a SECURITY DEFINER context. (CVE-2007-6600) * Repair assorted bugs in the regular-expression package (Tom, Will Drewry) Suitably crafted regular-expression patterns could cause crashes, infinite or near-infinite looping, and/or massive memory consumption, all of which pose denial-of-service hazards for applications that accept regex search patterns from untrustworthy sources. (CVE-2007-4769, CVE-2007-4772, CVE-2007-6067) * Require non-superusers who use "/contrib/dblink" to use only password authentication, as a security measure (Joe) The fix that appeared for this in 8.2.5 was incomplete, as it plugged the hole for only some "dblink" functions. (CVE-2007-6601, CVE-2007-3278) * Fix bugs in WAL replay for GIN indexes (Teodor) * Fix GIN index build to work properly when maintenance_work_mem is 4GB or more (Tom) * Update time zone data files to tzdata release 2007k (in particular, recent Argentina changes) (Tom) * Improve planner's handling of LIKE/regex estimation in non-C locales (Tom) * Fix planning-speed problem for deep outer-join nests, as well as possible poor choice of join order (Tom) * Fix planner failure in some cases of WHERE false AND var IN (SELECT ...) (Tom) * Make "CREATE TABLE ... SERIAL" and "ALTER SEQUENCE ... OWNED BY" not change the currval() state of the sequence (Tom) * Preserve the tablespace and storage parameters of indexes that are rebuilt by "ALTER TABLE ... ALTER COLUMN TYPE" (Tom) * Make archive recovery always start a new WAL timeline, rather than only when a recovery stop time was used (Simon) This avoids a corner-case risk of trying to overwrite an existing archived copy of the last WAL segment, and seems simpler and cleaner than the original definition. * Make "VACUUM" not use all of maintenance_work_mem when the table is too small for it to be useful (Alvaro) * Fix potential crash in translate() when using a multibyte database encoding (Tom) * Make corr() return the correct result for negative correlation values (Neil) * Fix overflow in extract(epoch from interval) for intervals exceeding 68 years (Tom) * Fix PL/Perl to not fail when a UTF-8 regular expression is used in a trusted function (Andrew) * Fix PL/Perl to cope when platform's Perl defines type bool as int rather than char (Tom) While this could theoretically happen anywhere, no standard build of Perl did things this way ... until Mac OS X 10.5. * Fix PL/Python to work correctly with Python 2.5 on 64-bit machines (Marko Kreen) * Fix PL/Python to not crash on long exception messages (Alvaro) * Fix pg_dump to correctly handle inheritance child tables that have default expressions different from their parent's (Tom) * Fix libpq crash when PGPASSFILE refers to a file that is not a plain file (Martin Pitt) * ecpg parser fixes (Michael) * Make "contrib/pgcrypto" defend against OpenSSL libraries that fail on keys longer than 128 bits; which is the case at least on some Solaris versions (Marko Kreen) * Make "contrib/tablefunc"'s crosstab() handle NULL rowid as a category in its own right, rather than crashing (Joe) * Fix tsvector and tsquery output routines to escape backslashes correctly (Teodor, Bruce) * Fix crash of to_tsvector() on huge input strings (Teodor) * Require a specific version of Autoconf to be used when re-generating the "configure" script (Peter) This affects developers and packagers only. The change was made to prevent accidental use of untested combinations of Autoconf and PostgreSQL versions. You can remove the version check if you really want to use a different Autoconf version, but it's your responsibility whether the result works or not. * Update gettimeofday configuration check so that PostgreSQL can be built on newer versions of MinGW (Magnus) __________________________________________________________________ Release 8.2.5 Release Date: 2007-09-17 This release contains a variety of fixes from 8.2.4. For information about new features in the 8.2 major release, see the Section called Release 8.2. __________________________________________________________________ Migration to Version 8.2.5 A dump/restore is not required for those running 8.2.X. __________________________________________________________________ Changes * Prevent index corruption when a transaction inserts rows and then aborts close to the end of a concurrent "VACUUM" on the same table (Tom) * Fix ALTER DOMAIN ADD CONSTRAINT for cases involving domains over domains (Tom) * Make "CREATE DOMAIN ... DEFAULT NULL" work properly (Tom) * Fix some planner problems with outer joins, notably poor size estimation for t1 LEFT JOIN t2 WHERE t2.col IS NULL (Tom) * Allow the interval data type to accept input consisting only of milliseconds or microseconds (Neil) * Allow timezone name to appear before the year in timestamp input (Tom) * Fixes for GIN indexes used by "/contrib/tsearch2" (Teodor) * Speed up rtree index insertion (Teodor) * Fix excessive logging of SSL error messages (Tom) * Fix logging so that log messages are never interleaved when using the syslogger process (Andrew) * Fix crash when log_min_error_statement logging runs out of memory (Tom) * Fix incorrect handling of some foreign-key corner cases (Tom) * Fix stddev_pop(numeric) and var_pop(numeric) (Tom) * Prevent "REINDEX" and "CLUSTER" from failing due to attempting to process temporary tables of other sessions (Alvaro) * Update the time zone database rules, particularly New Zealand's upcoming changes (Tom) * Windows socket and semaphore improvements (Magnus) * Make "pg_ctl -w" work properly in Windows service mode (Dave Page) * Fix memory allocation bug when using MIT Kerberos on Windows (Magnus) * Suppress timezone name (%Z) in log timestamps on Windows because of possible encoding mismatches (Tom) * Require non-superusers who use "/contrib/dblink" to use only password authentication, as a security measure (Joe) * Restrict "/contrib/pgstattuple" functions to superusers, for security reasons (Tom) * Do not let "/contrib/intarray" try to make its GIN opclass the default (this caused problems at dump/restore) (Tom) __________________________________________________________________ Release 8.2.4 Release Date: 2007-04-23 This release contains a variety of fixes from 8.2.3, including a security fix. For information about new features in the 8.2 major release, see the Section called Release 8.2. __________________________________________________________________ Migration to Version 8.2.4 A dump/restore is not required for those running 8.2.X. __________________________________________________________________ Changes * Support explicit placement of the temporary-table schema within search_path, and disable searching it for functions and operators (Tom) This is needed to allow a security-definer function to set a truly secure value of search_path. Without it, an unprivileged SQL user can use temporary objects to execute code with the privileges of the security-definer function (CVE-2007-2138). See "CREATE FUNCTION" for more information. * Fix shared_preload_libraries for Windows by forcing reload in each backend (Korry Douglas) * Fix to_char() so it properly upper/lower cases localized day or month names (Pavel Stehule) * "/contrib/tsearch2" crash fixes (Teodor) * Require "COMMIT PREPARED" to be executed in the same database as the transaction was prepared in (Heikki) * Allow "pg_dump" to do binary backups larger than two gigabytes on Windows (Magnus) * New traditional (Taiwan) Chinese FAQ (Zhou Daojing) * Prevent the statistics collector from writing to disk too frequently (Tom) * Fix potential-data-corruption bug in how "VACUUM FULL" handles "UPDATE" chains (Tom, Pavan Deolasee) * Fix bug in domains that use array types (Tom) * Fix "pg_dump" so it can dump a serial column's sequence using "-t" when not also dumping the owning table (Tom) * Planner fixes, including improving outer join and bitmap scan selection logic (Tom) * Fix possible wrong answers or crash when a PL/pgSQL function tries to RETURN from within an EXCEPTION block (Tom) * Fix PANIC during enlargement of a hash index (Tom) * Fix POSIX-style timezone specs to follow new USA DST rules (Tom) __________________________________________________________________ Release 8.2.3 Release Date: 2007-02-07 This release contains two fixes from 8.2.2. For information about new features in the 8.2 major release, see the Section called Release 8.2. __________________________________________________________________ Migration to Version 8.2.3 A dump/restore is not required for those running 8.2.X. __________________________________________________________________ Changes * Remove overly-restrictive check for type length in constraints and functional indexes(Tom) * Fix optimization so MIN/MAX in subqueries can again use indexes (Tom) __________________________________________________________________ Release 8.2.2 Release Date: 2007-02-05 This release contains a variety of fixes from 8.2.1, including a security fix. For information about new features in the 8.2 major release, see the Section called Release 8.2. __________________________________________________________________ Migration to Version 8.2.2 A dump/restore is not required for those running 8.2.X. __________________________________________________________________ Changes * Remove security vulnerabilities that allowed connected users to read backend memory (Tom) The vulnerabilities involve suppressing the normal check that a SQL function returns the data type it's declared to, and changing the data type of a table column (CVE-2007-0555, CVE-2007-0556). These errors can easily be exploited to cause a backend crash, and in principle might be used to read database content that the user should not be able to access. * Fix not-so-rare-anymore bug wherein btree index page splits could fail due to choosing an infeasible split point (Heikki Linnakangas) * Fix Borland C compile scripts (L Bayuk) * Properly handle to_char('CC') for years ending in 00 (Tom) Year 2000 is in the twentieth century, not the twenty-first. * "/contrib/tsearch2" localization improvements (Tatsuo, Teodor) * Fix incorrect permission check in information_schema.key_column_usage view (Tom) The symptom is "relation with OID nnnnn does not exist" errors. To get this fix without using "initdb", use "CREATE OR REPLACE VIEW" to install the corrected definition found in "share/information_schema.sql". Note you will need to do this in each database. * Improve "VACUUM" performance for databases with many tables (Tom) * Fix for rare Assert() crash triggered by UNION (Tom) * Fix potentially incorrect results from index searches using ROW inequality conditions (Tom) * Tighten security of multi-byte character processing for UTF8 sequences over three bytes long (Tom) * Fix bogus "permission denied" failures occurring on Windows due to attempts to fsync already-deleted files (Magnus, Tom) * Fix bug that could cause the statistics collector to hang on Windows (Magnus) This would in turn lead to autovacuum not working. * Fix possible crashes when an already-in-use PL/pgSQL function is updated (Tom) * Improve PL/pgSQL handling of domain types (Sergiy Vyshnevetskiy, Tom) * Fix possible errors in processing PL/pgSQL exception blocks (Tom) __________________________________________________________________ Release 8.2.1 Release Date: 2007-01-08 This release contains a variety of fixes from 8.2. For information about new features in the 8.2 major release, see the Section called Release 8.2. __________________________________________________________________ Migration to Version 8.2.1 A dump/restore is not required for those running 8.2. __________________________________________________________________ Changes * Fix crash with SELECT ... LIMIT ALL (also LIMIT NULL) (Tom) * "Several /contrib/tsearch2" fixes (Teodor) * On Windows, make log messages coming from the operating system use ASCII encoding (Hiroshi Saito) This fixes a conversion problem when there is a mismatch between the encoding of the operating system and database server. * Fix Windows linking of pg_dump using "win32.mak" (Hiroshi Saito) * Fix planner mistakes for outer join queries (Tom) * Fix several problems in queries involving sub-SELECTs (Tom) * Fix potential crash in SPI during subtransaction abort (Tom) This affects all PL functions since they all use SPI. * Improve build speed of PDF documentation (Peter) * Re-add JST (Japan) timezone abbreviation (Tom) * Improve optimization decisions related to index scans (Tom) * Have psql print multi-byte combining characters as before, rather than output as \u (Tom) * Improve index usage of regular expressions that use parentheses (Tom) This improves psql \d performance also. * Make pg_dumpall assume that databases have public CONNECT privilege, when dumping from a pre-8.2 server (Tom) This preserves the previous behavior that anyone can connect to a database if allowed by "pg_hba.conf". __________________________________________________________________ Release 8.2 Release Date: 2006-12-05 __________________________________________________________________ Overview This release adds many functionality and performance improvements that were requested by users, including: * Query language enhancements including "INSERT/UPDATE/DELETE RETURNING", multirow VALUES lists, and optional target-table alias in "UPDATE"/"DELETE" * Index creation without blocking concurrent "INSERT"/"UPDATE"/"DELETE" operations * Many query optimization improvements, including support for reordering outer joins * Improved sorting performance with lower memory usage * More efficient locking with better concurrency * More efficient vacuuming * Easier administration of warm standby servers * New FILLFACTOR support for tables and indexes * Monitoring, logging, and performance tuning additions * More control over creating and dropping objects * Table inheritance relationships can be defined for and removed from pre-existing tables * "COPY TO" can copy the output of an arbitrary "SELECT" statement * Array improvements, including nulls in arrays * Aggregate-function improvements, including multiple-input aggregates and SQL:2003 statistical functions * Many "contrib/" improvements __________________________________________________________________ Migration to Version 8.2 A dump/restore using pg_dump is required for those wishing to migrate data from any previous release. Observe the following incompatibilities: * Set escape_string_warning to on by default (Bruce) This issues a warning if backslash escapes are used in non-escape (non-E'') strings. * Change the row constructor syntax (ROW(...)) so that list elements foo.* will be expanded to a list of their member fields, rather than creating a nested row type field as formerly (Tom) The new behavior is substantially more useful since it allows, for example, triggers to check for data changes with IF row(new.*) IS DISTINCT FROM row(old.*). The old behavior is still available by omitting .*. * Make row comparisons follow SQL standard semantics and allow them to be used in index scans (Tom) Previously, row = and <> comparisons followed the standard but < <= > >= did not. A row comparison can now be used as an index constraint for a multicolumn index matching the row value. * Make row IS [NOT] NULL tests follow SQL standard semantics (Tom) The former behavior conformed to the standard for simple cases with IS NULL, but IS NOT NULL would return true if any row field was non-null, whereas the standard says it should return true only when all fields are non-null. * Make "SET CONSTRAINT" affect only one constraint (Kris Jurka) In previous releases, "SET CONSTRAINT" modified all constraints with a matching name. In this release, the schema search path is used to modify only the first matching constraint. A schema specification is also supported. This more nearly conforms to the SQL standard. * Remove RULE permission for tables, for security reasons (Tom) As of this release, only a table's owner can create or modify rules for the table. For backwards compatibility, "GRANT"/"REVOKE RULE" is still accepted, but it does nothing. * Array comparison improvements (Tom) Now array dimensions are also compared. * Change array concatenation to match documented behavior (Tom) This changes the previous behavior where concatenation would modify the array lower bound. * Make command-line options of postmaster and postgres identical (Peter) This allows the postmaster to pass arguments to each backend without using -o. Note that some options are now only available as long-form options, because there were conflicting single-letter options. * Deprecate use of postmaster symbolic link (Peter) postmaster and postgres commands now act identically, with the behavior determined by command-line options. The postmaster symbolic link is kept for compatibility, but is not really needed. * Change log_duration to output even if the query is not output (Tom) In prior releases, log_duration only printed if the query appeared earlier in the log. * Make to_char(time) and to_char(interval) treat HH and HH12 as 12-hour intervals Most applications should use HH24 unless they want a 12-hour display. * Zero unmasked bits in conversion from INET to CIDR (Tom) This ensures that the converted value is actually valid for CIDR. * Remove australian_timezones configuration variable (Joachim Wieland) This variable has been superseded by a more general facility for configuring timezone abbreviations. * Improve cost estimation for nested-loop index scans (Tom) This might eliminate the need to set unrealistically small values of random_page_cost. If you have been using a very small random_page_cost, please recheck your test cases. * Change behavior of "pg_dump" -n and -t options. (Greg Sabino Mullane) See the "pg_dump" manual page for details. * Change libpq PQdsplen() to return a useful value (Martijn van Oosterhout) * Declare libpq PQgetssl() as returning void *, rather than SSL * (Martijn van Oosterhout) This allows applications to use the function without including the OpenSSL headers. * C-language loadable modules must now include a PG_MODULE_MAGIC macro call for version compatibility checking (Martijn van Oosterhout) * For security's sake, modules used by a PL/PerlU function are no longer available to PL/Perl functions (Andrew) Note: This also implies that data can no longer be shared between a PL/Perl function and a PL/PerlU function. Some Perl installations have not been compiled with the correct flags to allow multiple interpreters to exist within a single process. In this situation PL/Perl and PL/PerlU cannot both be used in a single backend. The solution is to get a Perl installation which supports multiple interpreters. * In "contrib/xml2/", rename xml_valid() to xml_is_well_formed() (Tom) xml_valid() will remain for backward compatibility, but its behavior will change to do schema checking in a future release. * Remove "contrib/ora2pg/", now at http://www.samse.fr/GPL/ora2pg * Remove contrib modules that have been migrated to PgFoundry: "adddepend", "dbase", "dbmirror", "fulltextindex", "mac", "userlock" * Remove abandoned contrib modules: "mSQL-interface", "tips" * Remove QNX and BEOS ports (Bruce) These ports no longer had active maintainers. __________________________________________________________________ Changes Below you will find a detailed account of the changes between PostgreSQL 8.2 and the previous major release. __________________________________________________________________ Performance Improvements * Allow the planner to reorder outer joins in some circumstances (Tom) In previous releases, outer joins would always be evaluated in the order written in the query. This change allows the query optimizer to consider reordering outer joins, in cases where it can determine that the join order can be changed without altering the meaning of the query. This can make a considerable performance difference for queries involving multiple outer joins or mixed inner and outer joins. * Improve efficiency of IN (list-of-expressions) clauses (Tom) * Improve sorting speed and reduce memory usage (Simon, Tom) * Improve subtransaction performance (Alvaro, Itagaki Takahiro, Tom) * Add FILLFACTOR to table and index creation (ITAGAKI Takahiro) This leaves extra free space in each table or index page, allowing improved performance as the database grows. This is particularly valuable to maintain clustering. * Increase default values for shared_buffers and max_fsm_pages (Andrew) * Improve locking performance by breaking the lock manager tables into sections (Tom) This allows locking to be more fine-grained, reducing contention. * Reduce locking requirements of sequential scans (Qingqing Zhou) * Reduce locking required for database creation and destruction (Tom) * Improve the optimizer's selectivity estimates for LIKE, ILIKE, and regular expression operations (Tom) * Improve planning of joins to inherited tables and UNION ALL views (Tom) * Allow constraint exclusion to be applied to inherited "UPDATE" and "DELETE" queries (Tom) "SELECT" already honored constraint exclusion. * Improve planning of constant WHERE clauses, such as a condition that depends only on variables inherited from an outer query level (Tom) * Protocol-level unnamed prepared statements are re-planned for each set of BIND values (Tom) This improves performance because the exact parameter values can be used in the plan. * Speed up vacuuming of B-Tree indexes (Heikki Linnakangas, Tom) * Avoid extra scan of tables without indexes during "VACUUM" (Greg Stark) * Improve multicolumn GiST indexing (Oleg, Teodor) * Remove dead index entries before B-Tree page split (Junji Teramoto) __________________________________________________________________ Server Changes * Allow a forced switch to a new transaction log file (Simon, Tom) This is valuable for keeping warm standby slave servers in sync with the master. Transaction log file switching now also happens automatically during pg_stop_backup(). This ensures that all transaction log files needed for recovery can be archived immediately. * Add WAL informational functions (Simon) Add functions for interrogating the current transaction log insertion point and determining WAL filenames from the hex WAL locations displayed by pg_stop_backup() and related functions. * Improve recovery from a crash during WAL replay (Simon) The server now does periodic checkpoints during WAL recovery, so if there is a crash, future WAL recovery is shortened. This also eliminates the need for warm standby servers to replay the entire log since the base backup if they crash. * Improve reliability of long-term WAL replay (Heikki, Simon, Tom) Formerly, trying to roll forward through more than 2 billion transactions would not work due to XID wraparound. This meant warm standby servers had to be reloaded from fresh base backups periodically. * Add archive_timeout to force transaction log file switches at a given interval (Simon) This enforces a maximum replication delay for warm standby servers. * Add native LDAP authentication (Magnus Hagander) This is particularly useful for platforms that do not support PAM, such as Windows. * Add GRANT CONNECT ON DATABASE (Gevik Babakhani) This gives SQL-level control over database access. It works as an additional filter on top of the existing "pg_hba.conf" controls. * Add support for SSL Certificate Revocation List (CRL) files (Libor Hohos) The server and libpq both recognize CRL files now. * GiST indexes are now clusterable (Teodor) * Remove routine autovacuum server log entries (Bruce) pg_stat_activity now shows autovacuum activity. * Track maximum XID age within individual tables, instead of whole databases (Alvaro) This reduces the overhead involved in preventing transaction ID wraparound, by avoiding unnecessary VACUUMs. * Add last vacuum and analyze timestamp columns to the stats collector (Larry Rosenman) These values now appear in the pg_stat_*_tables system views. * Improve performance of statistics monitoring, especially stats_command_string (Tom, Bruce) This release enables stats_command_string by default, now that its overhead is minimal. This means pg_stat_activity will now show all active queries by default. * Add a waiting column to pg_stat_activity (Tom) This allows pg_stat_activity to show all the information included in the ps display. * Add configuration parameter update_process_title to control whether the ps display is updated for every command (Bruce) On platforms where it is expensive to update the ps display, it might be worthwhile to turn this off and rely solely on pg_stat_activity for status information. * Allow units to be specified in configuration settings (Peter) For example, you can now set shared_buffers to 32MB rather than mentally converting sizes. * Add support for include directives in "postgresql.conf" (Joachim Wieland) * Improve logging of protocol-level prepare/bind/execute messages (Bruce, Tom) Such logging now shows statement names, bind parameter values, and the text of the query being executed. Also, the query text is properly included in logged error messages when enabled by log_min_error_statement. * Prevent max_stack_depth from being set to unsafe values On platforms where we can determine the actual kernel stack depth limit (which is most), make sure that the initial default value of max_stack_depth is safe, and reject attempts to set it to unsafely large values. * Enable highlighting of error location in query in more cases (Tom) The server is now able to report a specific error location for some semantic errors (such as unrecognized column name), rather than just for basic syntax errors as before. * Fix "failed to re-find parent key" errors in "VACUUM" (Tom) * Clean out "pg_internal.init" cache files during server restart (Simon) This avoids a hazard that the cache files might contain stale data after PITR recovery. * Fix race condition for truncation of a large relation across a gigabyte boundary by "VACUUM" (Tom) * Fix bug causing needless deadlock errors on row-level locks (Tom) * Fix bugs affecting multi-gigabyte hash indexes (Tom) * Each backend process is now its own process group leader (Tom) This allows query cancel to abort subprocesses invoked from a backend or archive/recovery process. __________________________________________________________________ Query Changes * Add "INSERT"/"UPDATE"/"DELETE" RETURNING (Jonah Harris, Tom) This allows these commands to return values, such as the computed serial key for a new row. In the "UPDATE" case, values from the updated version of the row are returned. * Add support for multiple-row VALUES clauses, per SQL standard (Joe, Tom) This allows "INSERT" to insert multiple rows of constants, or queries to generate result sets using constants. For example, INSERT ... VALUES (...), (...), ...., and SELECT * FROM (VALUES (...), (...), ....) AS alias(f1, ...). * Allow "UPDATE" and "DELETE" to use an alias for the target table (Atsushi Ogawa) The SQL standard does not permit an alias in these commands, but many database systems allow one anyway for notational convenience. * Allow "UPDATE" to set multiple columns with a list of values (Susanne Ebrecht) This is basically a short-hand for assigning the columns and values in pairs. The syntax is UPDATE tab SET (column, ...) = (val, ...). * Make row comparisons work per standard (Tom) The forms <, <=, >, >= now compare rows lexicographically, that is, compare the first elements, if equal compare the second elements, and so on. Formerly they expanded to an AND condition across all the elements, which was neither standard nor very useful. * Add CASCADE option to "TRUNCATE" (Joachim Wieland) This causes "TRUNCATE" to automatically include all tables that reference the specified table(s) via foreign keys. While convenient, this is a dangerous tool -- use with caution! * Support FOR UPDATE and FOR SHARE in the same SELECT command (Tom) * Add IS NOT DISTINCT FROM (Pavel Stehule) This operator is similar to equality (=), but evaluates to true when both left and right operands are NULL, and to false when just one is, rather than yielding NULL in these cases. * Improve the length output used by UNION/INTERSECT/EXCEPT (Tom) When all corresponding columns are of the same defined length, that length is used for the result, rather than a generic length. * Allow ILIKE to work for multi-byte encodings (Tom) Internally, ILIKE now calls lower() and then uses LIKE. Locale-specific regular expression patterns still do not work in these encodings. * Enable standard_conforming_strings to be turned on (Kevin Grittner) This allows backslash escaping in strings to be disabled, making PostgreSQL more standards-compliant. The default is off for backwards compatibility, but future releases will default this to on. * Do not flatten subqueries that contain volatile functions in their target lists (Jaime Casanova) This prevents surprising behavior due to multiple evaluation of a volatile function (such as random() or nextval()). It might cause performance degradation in the presence of functions that are unnecessarily marked as volatile. * Add system views pg_prepared_statements and pg_cursors to show prepared statements and open cursors (Joachim Wieland, Neil) These are very useful in pooled connection setups. * Support portal parameters in "EXPLAIN" and "EXECUTE" (Tom) This allows, for example, JDBC ? parameters to work in these commands. * If SQL-level "PREPARE" parameters are unspecified, infer their types from the content of the query (Neil) Protocol-level "PREPARE" already did this. * Allow LIMIT and OFFSET to exceed two billion (Dhanaraj M) __________________________________________________________________ Object Manipulation Changes * Add TABLESPACE clause to "CREATE TABLE AS" (Neil) This allows a tablespace to be specified for the new table. * Add ON COMMIT clause to "CREATE TABLE AS" (Neil) This allows temporary tables to be truncated or dropped on transaction commit. The default behavior is for the table to remain until the session ends. * Add INCLUDING CONSTRAINTS to "CREATE TABLE LIKE" (Greg Stark) This allows easy copying of CHECK constraints to a new table. * Allow the creation of placeholder (shell) types (Martijn van Oosterhout) A shell type declaration creates a type name, without specifying any of the details of the type. Making a shell type is useful because it allows cleaner declaration of the type's input/output functions, which must exist before the type can be defined "for real". The syntax is "CREATE TYPE typename". * Aggregate functions now support multiple input parameters (Sergey Koposov, Tom) * Add new aggregate creation syntax (Tom) The new syntax is "CREATE AGGREGATE aggname (input_type) (parameter_list)". This more naturally supports the new multi-parameter aggregate functionality. The previous syntax is still supported. * Add "ALTER ROLE PASSWORD NULL" to remove a previously set role password (Peter) * Add "DROP" object IF EXISTS for many object types (Andrew) This allows "DROP" operations on non-existent objects without generating an error. * Add DROP OWNED to drop all objects owned by a role (Alvaro) * Add REASSIGN OWNED to reassign ownership of all objects owned by a role (Alvaro) This, and DROP OWNED above, facilitate dropping roles. * Add "GRANT ON SEQUENCE" syntax (Bruce) This was added for setting sequence-specific permissions. GRANT ON TABLE for sequences is still supported for backward compatibility. * Add USAGE permission for sequences that allows only currval() and nextval(), not setval() (Bruce) USAGE permission allows more fine-grained control over sequence access. Granting USAGE allows users to increment a sequence, but prevents them from setting the sequence to an arbitrary value using setval(). * Add ALTER TABLE [ NO ] INHERIT (Greg Stark) This allows inheritance to be adjusted dynamically, rather than just at table creation and destruction. This is very valuable when using inheritance to implement table partitioning. * Allow comments on global objects to be stored globally (Kris Jurka) Previously, comments attached to databases were stored in individual databases, making them ineffective, and there was no provision at all for comments on roles or tablespaces. This change adds a new shared catalog pg_shdescription and stores comments on databases, roles, and tablespaces therein. __________________________________________________________________ Utility Command Changes * Add option to allow indexes to be created without blocking concurrent writes to the table (Greg Stark, Tom) The new syntax is "CREATE INDEX CONCURRENTLY". The default behavior is still to block table modification while a index is being created. * Provide advisory locking functionality (Abhijit Menon-Sen, Tom) This is a new locking API designed to replace what used to be in /contrib/userlock. The userlock code is now on pgfoundry. * Allow "COPY" to dump a "SELECT" query (Zoltan Boszormenyi, Karel Zak) This allows "COPY" to dump arbitrary SQL queries. The syntax is COPY (SELECT ...) TO. * Make the "COPY" command return a command tag that includes the number of rows copied (Volkan YAZICI) * Allow "VACUUM" to expire rows without being affected by other concurrent "VACUUM" operations (Hannu Krossing, Alvaro, Tom) * Make initdb detect the operating system locale and set the default DateStyle accordingly (Peter) This makes it more likely that the installed "postgresql.conf" DateStyle value will be as desired. * Reduce number of progress messages displayed by initdb (Tom) __________________________________________________________________ Date/Time Changes * Allow full timezone names in timestamp input values (Joachim Wieland) For example, '2006-05-24 21:11 America/New_York'::timestamptz. * Support configurable timezone abbreviations (Joachim Wieland) A desired set of timezone abbreviations can be chosen via the configuration parameter timezone_abbreviations. * Add pg_timezone_abbrevs and pg_timezone_names views to show supported timezones (Magnus Hagander) * Add clock_timestamp(), statement_timestamp(), and transaction_timestamp() (Bruce) clock_timestamp() is the current wall-clock time, statement_timestamp() is the time the current statement arrived at the server, and transaction_timestamp() is an alias for now(). * Allow to_char() to print localized month and day names (Euler Taveira de Oliveira) * Allow to_char(time) and to_char(interval) to output AM/PM specifications (Bruce) Intervals and times are treated as 24-hour periods, e.g. 25 hours is considered AM. * Add new function justify_interval() to adjust interval units (Mark Dilger) * Allow timezone offsets up to 14:59 away from GMT Kiribati uses GMT+14, so we'd better accept that. * Interval computation improvements (Michael Glaesemann, Bruce) __________________________________________________________________ Other Data Type and Function Changes * Allow arrays to contain NULL elements (Tom) * Allow assignment to array elements not contiguous with the existing entries (Tom) The intervening array positions will be filled with nulls. This is per SQL standard. * New built-in operators for array-subset comparisons (@>, <@, &&) (Teodor, Tom) These operators can be indexed for many data types using GiST or GIN indexes. * Add convenient arithmetic operations on INET/CIDR values (Stephen R. van den Berg) The new operators are & (and), | (or), ~ (not), inet + int8, inet - int8, and inet - inet. * Add new aggregate functions from SQL:2003 (Neil) The new functions are var_pop(), var_samp(), stddev_pop(), and stddev_samp(). var_samp() and stddev_samp() are merely renamings of the existing aggregates variance() and stddev(). The latter names remain available for backward compatibility. * Add SQL:2003 statistical aggregates (Sergey Koposov) New functions: regr_intercept(), regr_slope(), regr_r2(), corr(), covar_samp(), covar_pop(), regr_avgx(), regr_avgy(), regr_sxy(), regr_sxx(), regr_syy(), regr_count(). * Allow domains to be based on other domains (Tom) * Properly enforce domain CHECK constraints everywhere (Neil, Tom) For example, the result of a user-defined function that is declared to return a domain type is now checked against the domain's constraints. This closes a significant hole in the domain implementation. * Fix problems with dumping renamed SERIAL columns (Tom) The fix is to dump a SERIAL column by explicitly specifying its DEFAULT and sequence elements, and reconstructing the SERIAL column on reload using a new "ALTER SEQUENCE OWNED BY" command. This also allows dropping a SERIAL column specification. * Add a server-side sleep function pg_sleep() (Joachim Wieland) * Add all comparison operators for the tid (tuple id) data type (Mark Kirkwood, Greg Stark, Tom) __________________________________________________________________ PL/pgSQL Server-Side Language Changes * Add TG_table_name and TG_table_schema to trigger parameters (Andrew) TG_relname is now deprecated. Comparable changes have been made in the trigger parameters for the other PLs as well. * Allow FOR statements to return values to scalars as well as records and row types (Pavel Stehule) * Add a BY clause to the FOR loop, to control the iteration increment (Jaime Casanova) * Add STRICT to "SELECT INTO" (Matt Miller) STRICT mode throws an exception if more or less than one row is returned by the "SELECT", for Oracle PL/SQL compatibility. __________________________________________________________________ PL/Perl Server-Side Language Changes * Add table_name and table_schema to trigger parameters (Adam Sjøgren) * Add prepared queries (Dmitry Karasik) * Make $_TD trigger data a global variable (Andrew) Previously, it was lexical, which caused unexpected sharing violations. * Run PL/Perl and PL/PerlU in separate interpreters, for security reasons (Andrew) In consequence, they can no longer share data nor loaded modules. Also, if Perl has not been compiled with the requisite flags to allow multiple interpreters, only one of these languages can be used in any given backend process. __________________________________________________________________ PL/Python Server-Side Language Changes * Named parameters are passed as ordinary variables, as well as in the args[] array (Sven Suursoho) * Add table_name and table_schema to trigger parameters (Andrew) * Allow returning of composite types and result sets (Sven Suursoho) * Return result-set as list, iterator, or generator (Sven Suursoho) * Allow functions to return void (Neil) * Python 2.5 is now supported (Tom) __________________________________________________________________ psql Changes * Add new command \password for changing role password with client-side password encryption (Peter) * Allow \c to connect to a new host and port number (David, Volkan YAZICI) * Add tablespace display to \l+ (Philip Yarra) * Improve \df slash command to include the argument names and modes (OUT or INOUT) of the function (David Fetter) * Support binary "COPY" (Andreas Pflug) * Add option to run the entire session in a single transaction (Simon) Use option -1 or --single-transaction. * Support for automatically retrieving "SELECT" results in batches using a cursor (Chris Mair) This is enabled using "\set FETCH_COUNT n". This feature allows large result sets to be retrieved in psql without attempting to buffer the entire result set in memory. * Make multi-line values align in the proper column (Martijn van Oosterhout) Field values containing newlines are now displayed in a more readable fashion. * Save multi-line statements as a single entry, rather than one line at a time (Sergey E. Koposov) This makes up-arrow recall of queries easier. (This is not available on Windows, because that platform uses the native command-line editing present in the operating system.) * Make the line counter 64-bit so it can handle files with more than two billion lines (David Fetter) * Report both the returned data and the command status tag for "INSERT"/"UPDATE"/"DELETE RETURNING" (Tom) __________________________________________________________________ pg_dump Changes * Allow complex selection of objects to be included or excluded by pg_dump (Greg Sabino Mullane) pg_dump now supports multiple -n (schema) and -t (table) options, and adds -N and -T options to exclude objects. Also, the arguments of these switches can now be wild-card expressions rather than single object names, for example -t 'foo*', and a schema can be part of a -t or -T switch, for example -t schema1.table1. * Add pg_restore --no-data-for-failed-tables option to suppress loading data if table creation failed (i.e., the table already exists) (Martin Pitt) * Add pg_restore option to run the entire session in a single transaction (Simon) Use option -1 or --single-transaction. __________________________________________________________________ libpq Changes * Add PQencryptPassword() to encrypt passwords (Tom) This allows passwords to be sent pre-encrypted for commands like "ALTER ROLE ... PASSWORD". * Add function PQisthreadsafe() (Bruce) This allows applications to query the thread-safety status of the library. * Add PQdescribePrepared(), PQdescribePortal(), and related functions to return information about previously prepared statements and open cursors (Volkan YAZICI) * Allow LDAP lookups from "pg_service.conf" (Laurenz Albe) * Allow a hostname in "~/.pgpass" to match the default socket directory (Bruce) A blank hostname continues to match any Unix-socket connection, but this addition allows entries that are specific to one of several postmasters on the machine. __________________________________________________________________ ecpg Changes * Allow "SHOW" to put its result into a variable (Joachim Wieland) * Add "COPY TO STDOUT" (Joachim Wieland) * Add regression tests (Joachim Wieland, Michael) * Major source code cleanups (Joachim Wieland, Michael) __________________________________________________________________ Windows Port * Allow MSVC to compile the PostgreSQL server (Magnus, Hiroshi Saito) * Add MSVC support for utility commands and pg_dump (Hiroshi Saito) * Add support for Windows code pages 1253, 1254, 1255, and 1257 (Kris Jurka) * Drop privileges on startup, so that the server can be started from an administrative account (Magnus) * Stability fixes (Qingqing Zhou, Magnus) * Add native semaphore implementation (Qingqing Zhou) The previous code mimicked SysV semaphores. __________________________________________________________________ Source Code Changes * Add GIN (Generalized Inverted iNdex) index access method (Teodor, Oleg) * Remove R-tree indexing (Tom) Rtree has been re-implemented using GiST. Among other differences, this means that rtree indexes now have support for crash recovery via write-ahead logging (WAL). * Reduce libraries needlessly linked into the backend (Martijn van Oosterhout, Tom) * Add a configure flag to allow libedit to be preferred over GNU readline (Bruce) Use configure --with-libedit-preferred. * Allow installation into directories containing spaces (Peter) * Improve ability to relocate installation directories (Tom) * Add support for Solaris x86_64 using the Solaris compiler (Pierre Girard, Theo Schlossnagle, Bruce) * Add DTrace support (Robert Lor) * Add PG_VERSION_NUM for use by third-party applications wanting to test the backend version in C using > and < comparisons (Bruce) * Add XLOG_BLCKSZ as independent from BLCKSZ (Mark Wong) * Add LWLOCK_STATS define to report locking activity (Tom) * Emit warnings for unknown configure options (Martijn van Oosterhout) * Add server support for "plugin" libraries that can be used for add-on tasks such as debugging and performance measurement (Korry Douglas) This consists of two features: a table of "rendezvous variables" that allows separately-loaded shared libraries to communicate, and a new configuration parameter local_preload_libraries that allows libraries to be loaded into specific sessions without explicit cooperation from the client application. This allows external add-ons to implement features such as a PL/pgSQL debugger. * Rename existing configuration parameter preload_libraries to shared_preload_libraries (Tom) This was done for clarity in comparison to local_preload_libraries. * Add new configuration parameter server_version_num (Greg Sabino Mullane) This is like server_version, but is an integer, e.g. 80200. This allows applications to make version checks more easily. * Add a configuration parameter seq_page_cost (Tom) * Re-implement the regression test script as a C program (Magnus, Tom) * Allow loadable modules to allocate shared memory and lightweight locks (Marc Munro) * Add automatic initialization and finalization of dynamically loaded libraries (Ralf Engelschall, Tom) New functions _PG_init() and _PG_fini() are called if the library defines such symbols. Hence we no longer need to specify an initialization function in shared_preload_libraries; we can assume that the library used the _PG_init() convention instead. * Add PG_MODULE_MAGIC header block to all shared object files (Martijn van Oosterhout) The magic block prevents version mismatches between loadable object files and servers. * Add shared library support for AIX (Laurenz Albe) * New XML documentation section (Bruce) __________________________________________________________________ Contrib Changes * Major tsearch2 improvements (Oleg, Teodor) + multibyte encoding support, including UTF8 + query rewriting support + improved ranking functions + thesaurus dictionary support + Ispell dictionaries now recognize MySpell format, used by OpenOffice + GIN support * Add adminpack module containing Pgadmin administration functions (Dave) These functions provide additional file system access routines not present in the default PostgreSQL server. * Add sslinfo module (Victor Wagner) Reports information about the current connection's SSL certificate. * Add pgrowlocks module (Tatsuo) This shows row locking information for a specified table. * Add hstore module (Oleg, Teodor) * Add isn module, replacing isbn_issn (Jeremy Kronuz) This new implementation supports EAN13, UPC, ISBN (books), ISMN (music), and ISSN (serials). * Add index information functions to pgstattuple (ITAGAKI Takahiro, Satoshi Nagayasu) * Add pg_freespacemap module to display free space map information (Mark Kirkwood) * pgcrypto now has all planned functionality (Marko Kreen) + Include iMath library in pgcrypto to have the public-key encryption functions always available. + Add SHA224 algorithm that was missing in OpenBSD code. + Activate builtin code for SHA224/256/384/512 hashes on older OpenSSL to have those algorithms always available. + New function gen_random_bytes() that returns cryptographically strong randomness. Useful for generating encryption keys. + Remove digest_exists(), hmac_exists() and cipher_exists() functions. * Improvements to cube module (Joshua Reich) New functions are cube(float[]), cube(float[], float[]), and cube_subset(cube, int4[]). * Add async query capability to dblink (Kai Londenberg, Joe Conway) * New operators for array-subset comparisons (@>, <@, &&) (Tom) Various contrib packages already had these operators for their datatypes, but the naming wasn't consistent. We have now added consistently named array-subset comparison operators to the core code and all the contrib packages that have such functionality. (The old names remain available, but are deprecated.) * Add uninstall scripts for all contrib packages that have install scripts (David, Josh Drake) __________________________________________________________________ Release 8.1.23 Release date: 2010-12-16 This release contains a variety of fixes from 8.1.22. For information about new features in the 8.1 major release, see the Section called Release 8.1. This is expected to be the last PostgreSQL release in the 8.1.X series. Users are encouraged to update to a newer release branch soon. __________________________________________________________________ Migration to Version 8.1.23 A dump/restore is not required for those running 8.1.X. However, if you are upgrading from a version earlier than 8.1.18, see the release notes for 8.1.18. __________________________________________________________________ Changes * Force the default wal_sync_method to be fdatasync on Linux (Tom Lane, Marti Raudsepp) The default on Linux has actually been fdatasync for many years, but recent kernel changes caused PostgreSQL to choose open_datasync instead. This choice did not result in any performance improvement, and caused outright failures on certain filesystems, notably ext4 with the data=journal mount option. * Fix recovery from base backup when the starting checkpoint WAL record is not in the same WAL segment as its redo point (Jeff Davis) * Add support for detecting register-stack overrun on IA64 (Tom Lane) The IA64 architecture has two hardware stacks. Full prevention of stack-overrun failures requires checking both. * Add a check for stack overflow in copyObject() (Tom Lane) Certain code paths could crash due to stack overflow given a sufficiently complex query. * Fix detection of page splits in temporary GiST indexes (Heikki Linnakangas) It is possible to have a "concurrent" page split in a temporary index, if for example there is an open cursor scanning the index when an insertion is done. GiST failed to detect this case and hence could deliver wrong results when execution of the cursor continued. * Avoid memory leakage while "ANALYZE"'ing complex index expressions (Tom Lane) * Ensure an index that uses a whole-row Var still depends on its table (Tom Lane) An index declared like create index i on t (foo(t.*)) would not automatically get dropped when its table was dropped. * Do not "inline" a SQL function with multiple OUT parameters (Tom Lane) This avoids a possible crash due to loss of information about the expected result rowtype. * Fix constant-folding of COALESCE() expressions (Tom Lane) The planner would sometimes attempt to evaluate sub-expressions that in fact could never be reached, possibly leading to unexpected errors. * Add print functionality for InhRelation nodes (Tom Lane) This avoids a failure when debug_print_parse is enabled and certain types of query are executed. * Fix incorrect calculation of distance from a point to a horizontal line segment (Tom Lane) This bug affected several different geometric distance-measurement operators. * Fix PL/pgSQL's handling of "simple" expressions to not fail in recursion or error-recovery cases (Tom Lane) * Fix bug in "contrib/cube"'s GiST picksplit algorithm (Alexander Korotkov) This could result in considerable inefficiency, though not actually incorrect answers, in a GiST index on a cube column. If you have such an index, consider "REINDEX"ing it after installing this update. * Don't emit "identifier will be truncated" notices in "contrib/dblink" except when creating new connections (Itagaki Takahiro) * Fix potential coredump on missing public key in "contrib/pgcrypto" (Marti Raudsepp) * Fix memory leak in "contrib/xml2"'s XPath query functions (Tom Lane) * Update time zone data files to tzdata release 2010o for DST law changes in Fiji and Samoa; also historical corrections for Hong Kong. __________________________________________________________________ Release 8.1.22 Release date: 2010-10-04 This release contains a variety of fixes from 8.1.21. For information about new features in the 8.1 major release, see the Section called Release 8.1. The PostgreSQL community will stop releasing updates for the 8.1.X release series in November 2010. Users are encouraged to update to a newer release branch soon. __________________________________________________________________ Migration to Version 8.1.22 A dump/restore is not required for those running 8.1.X. However, if you are upgrading from a version earlier than 8.1.18, see the release notes for 8.1.18. __________________________________________________________________ Changes * Use a separate interpreter for each calling SQL userid in PL/Perl and PL/Tcl (Tom Lane) This change prevents security problems that can be caused by subverting Perl or Tcl code that will be executed later in the same session under another SQL user identity (for example, within a SECURITY DEFINER function). Most scripting languages offer numerous ways that that might be done, such as redefining standard functions or operators called by the target function. Without this change, any SQL user with Perl or Tcl language usage rights can do essentially anything with the SQL privileges of the target function's owner. The cost of this change is that intentional communication among Perl and Tcl functions becomes more difficult. To provide an escape hatch, PL/PerlU and PL/TclU functions continue to use only one interpreter per session. This is not considered a security issue since all such functions execute at the trust level of a database superuser already. It is likely that third-party procedural languages that claim to offer trusted execution have similar security issues. We advise contacting the authors of any PL you are depending on for security-critical purposes. Our thanks to Tim Bunce for pointing out this issue (CVE-2010-3433). * Prevent possible crashes in pg_get_expr() by disallowing it from being called with an argument that is not one of the system catalog columns it's intended to be used with (Heikki Linnakangas, Tom Lane) * Fix "cannot handle unplanned sub-select" error (Tom Lane) This occurred when a sub-select contains a join alias reference that expands into an expression containing another sub-select. * Prevent show_session_authorization() from crashing within autovacuum processes (Tom Lane) * Defend against functions returning setof record where not all the returned rows are actually of the same rowtype (Tom Lane) * Fix possible failure when hashing a pass-by-reference function result (Tao Ma, Tom Lane) * Take care to fsync the contents of lockfiles (both "postmaster.pid" and the socket lockfile) while writing them (Tom Lane) This omission could result in corrupted lockfile contents if the machine crashes shortly after postmaster start. That could in turn prevent subsequent attempts to start the postmaster from succeeding, until the lockfile is manually removed. * Avoid recursion while assigning XIDs to heavily-nested subtransactions (Andres Freund, Robert Haas) The original coding could result in a crash if there was limited stack space. * Fix log_line_prefix's %i escape, which could produce junk early in backend startup (Tom Lane) * Fix possible data corruption in "ALTER TABLE ... SET TABLESPACE" when archiving is enabled (Jeff Davis) * Allow "CREATE DATABASE" and "ALTER DATABASE ... SET TABLESPACE" to be interrupted by query-cancel (Guillaume Lelarge) * In PL/Python, defend against null pointer results from PyCObject_AsVoidPtr and PyCObject_FromVoidPtr (Peter Eisentraut) * Improve "contrib/dblink"'s handling of tables containing dropped columns (Tom Lane) * Fix connection leak after "duplicate connection name" errors in "contrib/dblink" (Itagaki Takahiro) * Fix "contrib/dblink" to handle connection names longer than 62 bytes correctly (Itagaki Takahiro) * Update build infrastructure and documentation to reflect the source code repository's move from CVS to Git (Magnus Hagander and others) * Update time zone data files to tzdata release 2010l for DST law changes in Egypt and Palestine; also historical corrections for Finland. This change also adds new names for two Micronesian timezones: Pacific/Chuuk is now preferred over Pacific/Truk (and the preferred abbreviation is CHUT not TRUT) and Pacific/Pohnpei is preferred over Pacific/Ponape. __________________________________________________________________ Release 8.1.21 Release date: 2010-05-17 This release contains a variety of fixes from 8.1.20. For information about new features in the 8.1 major release, see the Section called Release 8.1. __________________________________________________________________ Migration to Version 8.1.21 A dump/restore is not required for those running 8.1.X. However, if you are upgrading from a version earlier than 8.1.18, see the release notes for 8.1.18. __________________________________________________________________ Changes * Enforce restrictions in plperl using an opmask applied to the whole interpreter, instead of using "Safe.pm" (Tim Bunce, Andrew Dunstan) Recent developments have convinced us that "Safe.pm" is too insecure to rely on for making plperl trustable. This change removes use of "Safe.pm" altogether, in favor of using a separate interpreter with an opcode mask that is always applied. Pleasant side effects of the change include that it is now possible to use Perl's strict pragma in a natural way in plperl, and that Perl's $a and $b variables work as expected in sort routines, and that function compilation is significantly faster. (CVE-2010-1169) * Prevent PL/Tcl from executing untrustworthy code from pltcl_modules (Tom) PL/Tcl's feature for autoloading Tcl code from a database table could be exploited for trojan-horse attacks, because there was no restriction on who could create or insert into that table. This change disables the feature unless pltcl_modules is owned by a superuser. (However, the permissions on the table are not checked, so installations that really need a less-than-secure modules table can still grant suitable privileges to trusted non-superusers.) Also, prevent loading code into the unrestricted "normal" Tcl interpreter unless we are really going to execute a pltclu function. (CVE-2010-1170) * Do not allow an unprivileged user to reset superuser-only parameter settings (Alvaro) Previously, if an unprivileged user ran ALTER USER ... RESET ALL for himself, or ALTER DATABASE ... RESET ALL for a database he owns, this would remove all special parameter settings for the user or database, even ones that are only supposed to be changeable by a superuser. Now, the "ALTER" will only remove the parameters that the user has permission to change. * Avoid possible crash during backend shutdown if shutdown occurs when a CONTEXT addition would be made to log entries (Tom) In some cases the context-printing function would fail because the current transaction had already been rolled back when it came time to print a log message. * Update pl/perl's "ppport.h" for modern Perl versions (Andrew) * Fix assorted memory leaks in pl/python (Andreas Freund, Tom) * Prevent infinite recursion in psql when expanding a variable that refers to itself (Tom) * Ensure that "contrib/pgstattuple" functions respond to cancel interrupts promptly (Tatsuhito Kasahara) * Make server startup deal properly with the case that shmget() returns EINVAL for an existing shared memory segment (Tom) This behavior has been observed on BSD-derived kernels including OS X. It resulted in an entirely-misleading startup failure complaining that the shared memory request size was too large. * Update time zone data files to tzdata release 2010j for DST law changes in Argentina, Australian Antarctic, Bangladesh, Mexico, Morocco, Pakistan, Palestine, Russia, Syria, Tunisia; also historical corrections for Taiwan. __________________________________________________________________ Release 8.1.20 Release date: 2010-03-15 This release contains a variety of fixes from 8.1.19. For information about new features in the 8.1 major release, see the Section called Release 8.1. __________________________________________________________________ Migration to Version 8.1.20 A dump/restore is not required for those running 8.1.X. However, if you are upgrading from a version earlier than 8.1.18, see the release notes for 8.1.18. __________________________________________________________________ Changes * Add new configuration parameter ssl_renegotiation_limit to control how often we do session key renegotiation for an SSL connection (Magnus) This can be set to zero to disable renegotiation completely, which may be required if a broken SSL library is used. In particular, some vendors are shipping stopgap patches for CVE-2009-3555 that cause renegotiation attempts to fail. * Fix possible crashes when trying to recover from a failure in subtransaction start (Tom) * Fix server memory leak associated with use of savepoints and a client encoding different from server's encoding (Tom) * Make substring() for bit types treat any negative length as meaning "all the rest of the string" (Tom) The previous coding treated only -1 that way, and would produce an invalid result value for other negative values, possibly leading to a crash (CVE-2010-0442). * Fix integer-to-bit-string conversions to handle the first fractional byte correctly when the output bit width is wider than the given integer by something other than a multiple of 8 bits (Tom) * Fix some cases of pathologically slow regular expression matching (Tom) * Fix the STOP WAL LOCATION entry in backup history files to report the next WAL segment's name when the end location is exactly at a segment boundary (Itagaki Takahiro) * Fix some more cases of temporary-file leakage (Heikki) This corrects a problem introduced in the previous minor release. One case that failed is when a plpgsql function returning set is called within another function's exception handler. * When reading "pg_hba.conf" and related files, do not treat @something as a file inclusion request if the @ appears inside quote marks; also, never treat @ by itself as a file inclusion request (Tom) This prevents erratic behavior if a role or database name starts with @. If you need to include a file whose path name contains spaces, you can still do so, but you must write @"/path to/file" rather than putting the quotes around the whole construct. * Prevent infinite loop on some platforms if a directory is named as an inclusion target in "pg_hba.conf" and related files (Tom) * Fix psql's numericlocale option to not format strings it shouldn't in latex and troff output formats (Heikki) * Fix plpgsql failure in one case where a composite column is set to NULL (Tom) * Add volatile markings in PL/Python to avoid possible compiler-specific misbehavior (Zdenek Kotala) * Ensure PL/Tcl initializes the Tcl interpreter fully (Tom) The only known symptom of this oversight is that the Tcl clock command misbehaves if using Tcl 8.5 or later. * Prevent crash in "contrib/dblink" when too many key columns are specified to a dblink_build_sql_* function (Rushabh Lathia, Joe Conway) * Fix assorted crashes in "contrib/xml2" caused by sloppy memory management (Tom) * Update time zone data files to tzdata release 2010e for DST law changes in Bangladesh, Chile, Fiji, Mexico, Paraguay, Samoa. __________________________________________________________________ Release 8.1.19 Release date: 2009-12-14 This release contains a variety of fixes from 8.1.18. For information about new features in the 8.1 major release, see the Section called Release 8.1. __________________________________________________________________ Migration to Version 8.1.19 A dump/restore is not required for those running 8.1.X. However, if you are upgrading from a version earlier than 8.1.18, see the release notes for 8.1.18. __________________________________________________________________ Changes * Protect against indirect security threats caused by index functions changing session-local state (Gurjeet Singh, Tom) This change prevents allegedly-immutable index functions from possibly subverting a superuser's session (CVE-2009-4136). * Reject SSL certificates containing an embedded null byte in the common name (CN) field (Magnus) This prevents unintended matching of a certificate to a server or client name during SSL validation (CVE-2009-4034). * Fix possible crash during backend-startup-time cache initialization (Tom) * Prevent signals from interrupting VACUUM at unsafe times (Alvaro) This fix prevents a PANIC if a VACUUM FULL is cancelled after it's already committed its tuple movements, as well as transient errors if a plain VACUUM is interrupted after having truncated the table. * Fix possible crash due to integer overflow in hash table size calculation (Tom) This could occur with extremely large planner estimates for the size of a hashjoin's result. * Fix very rare crash in inet/cidr comparisons (Chris Mikkelson) * Ensure that shared tuple-level locks held by prepared transactions are not ignored (Heikki) * Fix premature drop of temporary files used for a cursor that is accessed within a subtransaction (Heikki) * Fix PAM password processing to be more robust (Tom) The previous code is known to fail with the combination of the Linux pam_krb5 PAM module with Microsoft Active Directory as the domain controller. It might have problems elsewhere too, since it was making unjustified assumptions about what arguments the PAM stack would pass to it. * Fix processing of ownership dependencies during CREATE OR REPLACE FUNCTION (Tom) * Ensure that Perl arrays are properly converted to PostgreSQL arrays when returned by a set-returning PL/Perl function (Andrew Dunstan, Abhijit Menon-Sen) This worked correctly already for non-set-returning functions. * Fix rare crash in exception processing in PL/Python (Peter) * Ensure psql's flex module is compiled with the correct system header definitions (Tom) This fixes build failures on platforms where --enable-largefile causes incompatible changes in the generated code. * Make the postmaster ignore any application_name parameter in connection request packets, to improve compatibility with future libpq versions (Tom) * Update time zone data files to tzdata release 2009s for DST law changes in Antarctica, Argentina, Bangladesh, Fiji, Novokuznetsk, Pakistan, Palestine, Samoa, Syria; also historical corrections for Hong Kong. __________________________________________________________________ Release 8.1.18 Release date: 2009-09-09 This release contains a variety of fixes from 8.1.17. For information about new features in the 8.1 major release, see the Section called Release 8.1. __________________________________________________________________ Migration to Version 8.1.18 A dump/restore is not required for those running 8.1.X. However, if you have any hash indexes on interval columns, you must "REINDEX" them after updating to 8.1.18. Also, if you are upgrading from a version earlier than 8.1.15, see the release notes for 8.1.15. __________________________________________________________________ Changes * Disallow "RESET ROLE" and "RESET SESSION AUTHORIZATION" inside security-definer functions (Tom, Heikki) This covers a case that was missed in the previous patch that disallowed "SET ROLE" and "SET SESSION AUTHORIZATION" inside security-definer functions. (See CVE-2007-6600) * Fix handling of sub-SELECTs appearing in the arguments of an outer-level aggregate function (Tom) * Fix hash calculation for data type interval (Tom) This corrects wrong results for hash joins on interval values. It also changes the contents of hash indexes on interval columns. If you have any such indexes, you must "REINDEX" them after updating. * Treat to_char(..., 'TH') as an uppercase ordinal suffix with 'HH'/'HH12' (Heikki) It was previously handled as 'th' (lowercase). * Fix overflow for INTERVAL 'x ms' when "x" is more than 2 million and integer datetimes are in use (Alex Hunsaker) * Fix calculation of distance between a point and a line segment (Tom) This led to incorrect results from a number of geometric operators. * Fix money data type to work in locales where currency amounts have no fractional digits, e.g. Japan (Itagaki Takahiro) * Properly round datetime input like 00:12:57.9999999999999999999999999999 (Tom) * Fix poor choice of page split point in GiST R-tree operator classes (Teodor) * Fix portability issues in plperl initialization (Andrew Dunstan) * Fix pg_ctl to not go into an infinite loop if "postgresql.conf" is empty (Jeff Davis) * Fix "contrib/xml2"'s xslt_process() to properly handle the maximum number of parameters (twenty) (Tom) * Improve robustness of libpq's code to recover from errors during "COPY FROM STDIN" (Tom) * Avoid including conflicting readline and editline header files when both libraries are installed (Zdenek Kotala) * Update time zone data files to tzdata release 2009l for DST law changes in Bangladesh, Egypt, Jordan, Pakistan, Argentina/San_Luis, Cuba, Jordan (historical correction only), Mauritius, Morocco, Palestine, Syria, Tunisia. __________________________________________________________________ Release 8.1.17 Release date: 2009-03-16 This release contains a variety of fixes from 8.1.16. For information about new features in the 8.1 major release, see the Section called Release 8.1. __________________________________________________________________ Migration to Version 8.1.17 A dump/restore is not required for those running 8.1.X. However, if you are upgrading from a version earlier than 8.1.15, see the release notes for 8.1.15. __________________________________________________________________ Changes * Prevent error recursion crashes when encoding conversion fails (Tom) This change extends fixes made in the last two minor releases for related failure scenarios. The previous fixes were narrowly tailored for the original problem reports, but we have now recognized that *any* error thrown by an encoding conversion function could potentially lead to infinite recursion while trying to report the error. The solution therefore is to disable translation and encoding conversion and report the plain-ASCII form of any error message, if we find we have gotten into a recursive error reporting situation. (CVE-2009-0922) * Disallow "CREATE CONVERSION" with the wrong encodings for the specified conversion function (Heikki) This prevents one possible scenario for encoding conversion failure. The previous change is a backstop to guard against other kinds of failures in the same area. * Fix core dump when to_char() is given format codes that are inappropriate for the type of the data argument (Tom) * Fix decompilation of CASE WHEN with an implicit coercion (Tom) This mistake could lead to Assert failures in an Assert-enabled build, or an "unexpected CASE WHEN clause" error message in other cases, when trying to examine or dump a view. * Fix possible misassignment of the owner of a TOAST table's rowtype (Tom) If "CLUSTER" or a rewriting variant of "ALTER TABLE" were executed by someone other than the table owner, the pg_type entry for the table's TOAST table would end up marked as owned by that someone. This caused no immediate problems, since the permissions on the TOAST rowtype aren't examined by any ordinary database operation. However, it could lead to unexpected failures if one later tried to drop the role that issued the command (in 8.1 or 8.2), or "owner of data type appears to be invalid" warnings from pg_dump after having done so (in 8.3). * Clean up PL/pgSQL error status variables fully at block exit (Ashesh Vashi and Dave Page) This is not a problem for PL/pgSQL itself, but the omission could cause the PL/pgSQL Debugger to crash while examining the state of a function. * Add MUST (Mauritius Island Summer Time) to the default list of known timezone abbreviations (Xavier Bugaud) __________________________________________________________________ Release 8.1.16 Release date: 2009-02-02 This release contains a variety of fixes from 8.1.15. For information about new features in the 8.1 major release, see the Section called Release 8.1. __________________________________________________________________ Migration to Version 8.1.16 A dump/restore is not required for those running 8.1.X. However, if you are upgrading from a version earlier than 8.1.15, see the release notes for 8.1.15. __________________________________________________________________ Changes * Fix crash in autovacuum (Alvaro) The crash occurs only after vacuuming a whole database for anti-transaction-wraparound purposes, which means that it occurs infrequently and is hard to track down. * Improve handling of URLs in headline() function (Teodor) * Improve handling of overlength headlines in headline() function (Teodor) * Prevent possible Assert failure or misconversion if an encoding conversion is created with the wrong conversion function for the specified pair of encodings (Tom, Heikki) * Avoid unnecessary locking of small tables in "VACUUM" (Heikki) * Ensure that the contents of a holdable cursor don't depend on the contents of TOAST tables (Tom) Previously, large field values in a cursor result might be represented as TOAST pointers, which would fail if the referenced table got dropped before the cursor is read, or if the large value is deleted and then vacuumed away. This cannot happen with an ordinary cursor, but it could with a cursor that is held past its creating transaction. * Fix uninitialized variables in "contrib/tsearch2"'s get_covers() function (Teodor) * Fix configure script to properly report failure when unable to obtain linkage information for PL/Perl (Andrew) * Make all documentation reference pgsql-bugs and/or pgsql-hackers as appropriate, instead of the now-decommissioned pgsql-ports and pgsql-patches mailing lists (Tom) * Update time zone data files to tzdata release 2009a (for Kathmandu and historical DST corrections in Switzerland, Cuba) __________________________________________________________________ Release 8.1.15 Release date: 2008-11-03 This release contains a variety of fixes from 8.1.14. For information about new features in the 8.1 major release, see the Section called Release 8.1. __________________________________________________________________ Migration to Version 8.1.15 A dump/restore is not required for those running 8.1.X. However, if you are upgrading from a version earlier than 8.1.2, see the release notes for 8.1.2. Also, if you were running a previous 8.1.X release, it is recommended to "REINDEX" all GiST indexes after the upgrade. __________________________________________________________________ Changes * Fix GiST index corruption due to marking the wrong index entry "dead" after a deletion (Teodor) This would result in index searches failing to find rows they should have found. Corrupted indexes can be fixed with "REINDEX". * Fix backend crash when the client encoding cannot represent a localized error message (Tom) We have addressed similar issues before, but it would still fail if the "character has no equivalent" message itself couldn't be converted. The fix is to disable localization and send the plain ASCII error message when we detect such a situation. * Fix possible crash when deeply nested functions are invoked from a trigger (Tom) * Fix mis-expansion of rule queries when a sub-SELECT appears in a function call in FROM, a multi-row VALUES list, or a RETURNING list (Tom) The usual symptom of this problem is an "unrecognized node type" error. * Ensure an error is reported when a newly-defined PL/pgSQL trigger function is invoked as a normal function (Tom) * Prevent possible collision of relfilenode numbers when moving a table to another tablespace with "ALTER SET TABLESPACE" (Heikki) The command tried to re-use the existing filename, instead of picking one that is known unused in the destination directory. * Fix incorrect tsearch2 headline generation when single query item matches first word of text (Sushant Sinha) * Fix improper display of fractional seconds in interval values when using a non-ISO datestyle in an "--enable-integer-datetimes" build (Ron Mayer) * Ensure SPI_getvalue and SPI_getbinval behave correctly when the passed tuple and tuple descriptor have different numbers of columns (Tom) This situation is normal when a table has had columns added or removed, but these two functions didn't handle it properly. The only likely consequence is an incorrect error indication. * Fix ecpg's parsing of "CREATE ROLE" (Michael) * Fix recent breakage of pg_ctl restart (Tom) * Update time zone data files to tzdata release 2008i (for DST law changes in Argentina, Brazil, Mauritius, Syria) __________________________________________________________________ Release 8.1.14 Release date: 2008-09-22 This release contains a variety of fixes from 8.1.13. For information about new features in the 8.1 major release, see the Section called Release 8.1. __________________________________________________________________ Migration to Version 8.1.14 A dump/restore is not required for those running 8.1.X. However, if you are upgrading from a version earlier than 8.1.2, see the release notes for 8.1.2. __________________________________________________________________ Changes * Widen local lock counters from 32 to 64 bits (Tom) This responds to reports that the counters could overflow in sufficiently long transactions, leading to unexpected "lock is already held" errors. * Fix possible duplicate output of tuples during a GiST index scan (Teodor) * Add checks in executor startup to ensure that the tuples produced by an "INSERT" or "UPDATE" will match the target table's current rowtype (Tom) "ALTER COLUMN TYPE", followed by re-use of a previously cached plan, could produce this type of situation. The check protects against data corruption and/or crashes that could ensue. * Fix AT TIME ZONE to first try to interpret its timezone argument as a timezone abbreviation, and only try it as a full timezone name if that fails, rather than the other way around as formerly (Tom) The timestamp input functions have always resolved ambiguous zone names in this order. Making AT TIME ZONE do so as well improves consistency, and fixes a compatibility bug introduced in 8.1: in ambiguous cases we now behave the same as 8.0 and before did, since in the older versions AT TIME ZONE accepted *only* abbreviations. * Fix datetime input functions to correctly detect integer overflow when running on a 64-bit platform (Tom) * Improve performance of writing very long log messages to syslog (Tom) * Fix bug in backwards scanning of a cursor on a SELECT DISTINCT ON query (Tom) * Fix planner bug with nested sub-select expressions (Tom) If the outer sub-select has no direct dependency on the parent query, but the inner one does, the outer value might not get recalculated for new parent query rows. * Fix planner to estimate that GROUP BY expressions yielding boolean results always result in two groups, regardless of the expressions' contents (Tom) This is very substantially more accurate than the regular GROUP BY estimate for certain boolean tests like "col" IS NULL. * Fix PL/pgSQL to not fail when a FOR loop's target variable is a record containing composite-type fields (Tom) * Fix PL/Tcl to behave correctly with Tcl 8.5, and to be more careful about the encoding of data sent to or from Tcl (Tom) * Fix PL/Python to work with Python 2.5 This is a back-port of fixes made during the 8.2 development cycle. * Improve pg_dump and pg_restore's error reporting after failure to send a SQL command (Tom) * Fix pg_ctl to properly preserve postmaster command-line arguments across a restart (Bruce) * Update time zone data files to tzdata release 2008f (for DST law changes in Argentina, Bahamas, Brazil, Mauritius, Morocco, Pakistan, Palestine, and Paraguay) __________________________________________________________________ Release 8.1.13 Release date: 2008-06-12 This release contains one serious and one minor bug fix over 8.1.12. For information about new features in the 8.1 major release, see the Section called Release 8.1. __________________________________________________________________ Migration to Version 8.1.13 A dump/restore is not required for those running 8.1.X. However, if you are upgrading from a version earlier than 8.1.2, see the release notes for 8.1.2. __________________________________________________________________ Changes * Make pg_get_ruledef() parenthesize negative constants (Tom) Before this fix, a negative constant in a view or rule might be dumped as, say, -42::integer, which is subtly incorrect: it should be (-42)::integer due to operator precedence rules. Usually this would make little difference, but it could interact with another recent patch to cause PostgreSQL to reject what had been a valid "SELECT DISTINCT" view query. Since this could result in pg_dump output failing to reload, it is being treated as a high-priority fix. The only released versions in which dump output is actually incorrect are 8.3.1 and 8.2.7. * Make "ALTER AGGREGATE ... OWNER TO" update pg_shdepend (Tom) This oversight could lead to problems if the aggregate was later involved in a "DROP OWNED" or "REASSIGN OWNED" operation. __________________________________________________________________ Release 8.1.12 Release date: never released This release contains a variety of fixes from 8.1.11. For information about new features in the 8.1 major release, see the Section called Release 8.1. __________________________________________________________________ Migration to Version 8.1.12 A dump/restore is not required for those running 8.1.X. However, if you are upgrading from a version earlier than 8.1.2, see the release notes for 8.1.2. __________________________________________________________________ Changes * Fix "ALTER TABLE ADD COLUMN ... PRIMARY KEY" so that the new column is correctly checked to see if it's been initialized to all non-nulls (Brendan Jurd) Previous versions neglected to check this requirement at all. * Fix possible "CREATE TABLE" failure when inheriting the "same" constraint from multiple parent relations that inherited that constraint from a common ancestor (Tom) * Fix conversions between ISO-8859-5 and other encodings to handle Cyrillic "Yo" characters (e and E with two dots) (Sergey Burladyan) * Fix a few datatype input functions that were allowing unused bytes in their results to contain uninitialized, unpredictable values (Tom) This could lead to failures in which two apparently identical literal values were not seen as equal, resulting in the parser complaining about unmatched ORDER BY and DISTINCT expressions. * Fix a corner case in regular-expression substring matching (substring(string from pattern)) (Tom) The problem occurs when there is a match to the pattern overall but the user has specified a parenthesized subexpression and that subexpression hasn't got a match. An example is substring('foo' from 'foo(bar)?'). This should return NULL, since (bar) isn't matched, but it was mistakenly returning the whole-pattern match instead (ie, foo). * Update time zone data files to tzdata release 2008c (for DST law changes in Morocco, Iraq, Choibalsan, Pakistan, Syria, Cuba, Argentina/San_Luis, and Chile) * Fix incorrect result from ecpg's PGTYPEStimestamp_sub() function (Michael) * Fix core dump in "contrib/xml2"'s xpath_table() function when the input query returns a NULL value (Tom) * Fix "contrib/xml2"'s makefile to not override CFLAGS (Tom) * Fix DatumGetBool macro to not fail with gcc 4.3 (Tom) This problem affects "old style" (V0) C functions that return boolean. The fix is already in 8.3, but the need to back-patch it was not realized at the time. * Fix longstanding "LISTEN"/"NOTIFY" race condition (Tom) In rare cases a session that had just executed a "LISTEN" might not get a notification, even though one would be expected because the concurrent transaction executing "NOTIFY" was observed to commit later. A side effect of the fix is that a transaction that has executed a not-yet-committed "LISTEN" command will not see any row in pg_listener for the "LISTEN", should it choose to look; formerly it would have. This behavior was never documented one way or the other, but it is possible that some applications depend on the old behavior. * Disallow "LISTEN" and "UNLISTEN" within a prepared transaction (Tom) This was formerly allowed but trying to do it had various unpleasant consequences, notably that the originating backend could not exit as long as an "UNLISTEN" remained uncommitted. * Fix rare crash when an error occurs during a query using a hash index (Heikki) * Fix input of datetime values for February 29 in years BC (Tom) The former coding was mistaken about which years were leap years. * Fix "unrecognized node type" error in some variants of "ALTER OWNER" (Tom) * Fix pg_ctl to correctly extract the postmaster's port number from command-line options (Itagaki Takahiro, Tom) Previously, pg_ctl start -w could try to contact the postmaster on the wrong port, leading to bogus reports of startup failure. * Use "-fwrapv" to defend against possible misoptimization in recent gcc versions (Tom) This is known to be necessary when building PostgreSQL with gcc 4.3 or later. * Fix display of constant expressions in ORDER BY and GROUP BY (Tom) An explictly casted constant would be shown incorrectly. This could for example lead to corruption of a view definition during dump and reload. * Fix libpq to handle NOTICE messages correctly during COPY OUT (Tom) This failure has only been observed to occur when a user-defined datatype's output routine issues a NOTICE, but there is no guarantee it couldn't happen due to other causes. __________________________________________________________________ Release 8.1.11 Release date: 2008-01-07 This release contains a variety of fixes from 8.1.10, including fixes for significant security issues. For information about new features in the 8.1 major release, see the Section called Release 8.1. This is the last 8.1.X release for which the PostgreSQL community will produce binary packages for Windows. Windows users are encouraged to move to 8.2.X or later, since there are Windows-specific fixes in 8.2.X that are impractical to back-port. 8.1.X will continue to be supported on other platforms. __________________________________________________________________ Migration to Version 8.1.11 A dump/restore is not required for those running 8.1.X. However, if you are upgrading from a version earlier than 8.1.2, see the release notes for 8.1.2. __________________________________________________________________ Changes * Prevent functions in indexes from executing with the privileges of the user running "VACUUM", "ANALYZE", etc (Tom) Functions used in index expressions and partial-index predicates are evaluated whenever a new table entry is made. It has long been understood that this poses a risk of trojan-horse code execution if one modifies a table owned by an untrustworthy user. (Note that triggers, defaults, check constraints, etc. pose the same type of risk.) But functions in indexes pose extra danger because they will be executed by routine maintenance operations such as "VACUUM FULL", which are commonly performed automatically under a superuser account. For example, a nefarious user can execute code with superuser privileges by setting up a trojan-horse index definition and waiting for the next routine vacuum. The fix arranges for standard maintenance operations (including "VACUUM", "ANALYZE", "REINDEX", and "CLUSTER") to execute as the table owner rather than the calling user, using the same privilege-switching mechanism already used for SECURITY DEFINER functions. To prevent bypassing this security measure, execution of "SET SESSION AUTHORIZATION" and "SET ROLE" is now forbidden within a SECURITY DEFINER context. (CVE-2007-6600) * Repair assorted bugs in the regular-expression package (Tom, Will Drewry) Suitably crafted regular-expression patterns could cause crashes, infinite or near-infinite looping, and/or massive memory consumption, all of which pose denial-of-service hazards for applications that accept regex search patterns from untrustworthy sources. (CVE-2007-4769, CVE-2007-4772, CVE-2007-6067) * Require non-superusers who use "/contrib/dblink" to use only password authentication, as a security measure (Joe) The fix that appeared for this in 8.1.10 was incomplete, as it plugged the hole for only some "dblink" functions. (CVE-2007-6601, CVE-2007-3278) * Update time zone data files to tzdata release 2007k (in particular, recent Argentina changes) (Tom) * Improve planner's handling of LIKE/regex estimation in non-C locales (Tom) * Fix planner failure in some cases of WHERE false AND var IN (SELECT ...) (Tom) * Preserve the tablespace of indexes that are rebuilt by "ALTER TABLE ... ALTER COLUMN TYPE" (Tom) * Make archive recovery always start a new WAL timeline, rather than only when a recovery stop time was used (Simon) This avoids a corner-case risk of trying to overwrite an existing archived copy of the last WAL segment, and seems simpler and cleaner than the original definition. * Make "VACUUM" not use all of maintenance_work_mem when the table is too small for it to be useful (Alvaro) * Fix potential crash in translate() when using a multibyte database encoding (Tom) * Fix overflow in extract(epoch from interval) for intervals exceeding 68 years (Tom) * Fix PL/Perl to not fail when a UTF-8 regular expression is used in a trusted function (Andrew) * Fix PL/Perl to cope when platform's Perl defines type bool as int rather than char (Tom) While this could theoretically happen anywhere, no standard build of Perl did things this way ... until Mac OS X 10.5. * Fix PL/Python to not crash on long exception messages (Alvaro) * Fix pg_dump to correctly handle inheritance child tables that have default expressions different from their parent's (Tom) * Fix libpq crash when PGPASSFILE refers to a file that is not a plain file (Martin Pitt) * ecpg parser fixes (Michael) * Make "contrib/pgcrypto" defend against OpenSSL libraries that fail on keys longer than 128 bits; which is the case at least on some Solaris versions (Marko Kreen) * Make "contrib/tablefunc"'s crosstab() handle NULL rowid as a category in its own right, rather than crashing (Joe) * Fix tsvector and tsquery output routines to escape backslashes correctly (Teodor, Bruce) * Fix crash of to_tsvector() on huge input strings (Teodor) * Require a specific version of Autoconf to be used when re-generating the "configure" script (Peter) This affects developers and packagers only. The change was made to prevent accidental use of untested combinations of Autoconf and PostgreSQL versions. You can remove the version check if you really want to use a different Autoconf version, but it's your responsibility whether the result works or not. __________________________________________________________________ Release 8.1.10 Release date: 2007-09-17 This release contains a variety of fixes from 8.1.9. For information about new features in the 8.1 major release, see the Section called Release 8.1. __________________________________________________________________ Migration to Version 8.1.10 A dump/restore is not required for those running 8.1.X. However, if you are upgrading from a version earlier than 8.1.2, see the release notes for 8.1.2. __________________________________________________________________ Changes * Prevent index corruption when a transaction inserts rows and then aborts close to the end of a concurrent "VACUUM" on the same table (Tom) * Make "CREATE DOMAIN ... DEFAULT NULL" work properly (Tom) * Allow the interval data type to accept input consisting only of milliseconds or microseconds (Neil) * Speed up rtree index insertion (Teodor) * Fix excessive logging of SSL error messages (Tom) * Fix logging so that log messages are never interleaved when using the syslogger process (Andrew) * Fix crash when log_min_error_statement logging runs out of memory (Tom) * Fix incorrect handling of some foreign-key corner cases (Tom) * Prevent "REINDEX" and "CLUSTER" from failing due to attempting to process temporary tables of other sessions (Alvaro) * Update the time zone database rules, particularly New Zealand's upcoming changes (Tom) * Windows socket improvements (Magnus) * Suppress timezone name (%Z) in log timestamps on Windows because of possible encoding mismatches (Tom) * Require non-superusers who use "/contrib/dblink" to use only password authentication, as a security measure (Joe) __________________________________________________________________ Release 8.1.9 Release date: 2007-04-23 This release contains a variety of fixes from 8.1.8, including a security fix. For information about new features in the 8.1 major release, see the Section called Release 8.1. __________________________________________________________________ Migration to Version 8.1.9 A dump/restore is not required for those running 8.1.X. However, if you are upgrading from a version earlier than 8.1.2, see the release notes for 8.1.2. __________________________________________________________________ Changes * Support explicit placement of the temporary-table schema within search_path, and disable searching it for functions and operators (Tom) This is needed to allow a security-definer function to set a truly secure value of search_path. Without it, an unprivileged SQL user can use temporary objects to execute code with the privileges of the security-definer function (CVE-2007-2138). See "CREATE FUNCTION" for more information. * "/contrib/tsearch2" crash fixes (Teodor) * Require "COMMIT PREPARED" to be executed in the same database as the transaction was prepared in (Heikki) * Fix potential-data-corruption bug in how "VACUUM FULL" handles "UPDATE" chains (Tom, Pavan Deolasee) * Planner fixes, including improving outer join and bitmap scan selection logic (Tom) * Fix PANIC during enlargement of a hash index (bug introduced in 8.1.6) (Tom) * Fix POSIX-style timezone specs to follow new USA DST rules (Tom) __________________________________________________________________ Release 8.1.8 Release date: 2007-02-07 This release contains one fix from 8.1.7. For information about new features in the 8.1 major release, see the Section called Release 8.1. __________________________________________________________________ Migration to Version 8.1.8 A dump/restore is not required for those running 8.1.X. However, if you are upgrading from a version earlier than 8.1.2, see the release notes for 8.1.2. __________________________________________________________________ Changes * Remove overly-restrictive check for type length in constraints and functional indexes(Tom) __________________________________________________________________ Release 8.1.7 Release date: 2007-02-05 This release contains a variety of fixes from 8.1.6, including a security fix. For information about new features in the 8.1 major release, see the Section called Release 8.1. __________________________________________________________________ Migration to Version 8.1.7 A dump/restore is not required for those running 8.1.X. However, if you are upgrading from a version earlier than 8.1.2, see the release notes for 8.1.2. __________________________________________________________________ Changes * Remove security vulnerabilities that allowed connected users to read backend memory (Tom) The vulnerabilities involve suppressing the normal check that a SQL function returns the data type it's declared to, and changing the data type of a table column (CVE-2007-0555, CVE-2007-0556). These errors can easily be exploited to cause a backend crash, and in principle might be used to read database content that the user should not be able to access. * Fix rare bug wherein btree index page splits could fail due to choosing an infeasible split point (Heikki Linnakangas) * Improve "VACUUM" performance for databases with many tables (Tom) * Fix autovacuum to avoid leaving non-permanent transaction IDs in non-connectable databases (Alvaro) This bug affects the 8.1 branch only. * Fix for rare Assert() crash triggered by UNION (Tom) * Tighten security of multi-byte character processing for UTF8 sequences over three bytes long (Tom) * Fix bogus "permission denied" failures occurring on Windows due to attempts to fsync already-deleted files (Magnus, Tom) * Fix possible crashes when an already-in-use PL/pgSQL function is updated (Tom) __________________________________________________________________ Release 8.1.6 Release date: 2007-01-08 This release contains a variety of fixes from 8.1.5. For information about new features in the 8.1 major release, see the Section called Release 8.1. __________________________________________________________________ Migration to Version 8.1.6 A dump/restore is not required for those running 8.1.X. However, if you are upgrading from a version earlier than 8.1.2, see the release notes for 8.1.2. __________________________________________________________________ Changes * Improve handling of getaddrinfo() on AIX (Tom) This fixes a problem with starting the statistics collector, among other things. * Fix pg_restore to handle a tar-format backup that contains large objects (blobs) with comments (Tom) * Fix "failed to re-find parent key" errors in "VACUUM" (Tom) * Clean out "pg_internal.init" cache files during server restart (Simon) This avoids a hazard that the cache files might contain stale data after PITR recovery. * Fix race condition for truncation of a large relation across a gigabyte boundary by "VACUUM" (Tom) * Fix bug causing needless deadlock errors on row-level locks (Tom) * Fix bugs affecting multi-gigabyte hash indexes (Tom) * Fix possible deadlock in Windows signal handling (Teodor) * Fix error when constructing an ARRAY[] made up of multiple empty elements (Tom) * Fix ecpg memory leak during connection (Michael) * Fix for Darwin (OS X) compilation (Tom) * to_number() and to_char(numeric) are now STABLE, not IMMUTABLE, for new initdb installs (Tom) This is because lc_numeric can potentially change the output of these functions. * Improve index usage of regular expressions that use parentheses (Tom) This improves psql \d performance also. * Update timezone database This affects Australian and Canadian daylight-savings rules in particular. __________________________________________________________________ Release 8.1.5 Release date: 2006-10-16 This release contains a variety of fixes from 8.1.4. For information about new features in the 8.1 major release, see the Section called Release 8.1. __________________________________________________________________ Migration to Version 8.1.5 A dump/restore is not required for those running 8.1.X. However, if you are upgrading from a version earlier than 8.1.2, see the release notes for 8.1.2. __________________________________________________________________ Changes * Disallow aggregate functions in "UPDATE" commands, except within sub-SELECTs (Tom) The behavior of such an aggregate was unpredictable, and in 8.1.X could cause a crash, so it has been disabled. The SQL standard does not allow this either. * Fix core dump when an untyped literal is taken as ANYARRAY * Fix core dump in duration logging for extended query protocol when a "COMMIT" or "ROLLBACK" is executed * Fix mishandling of AFTER triggers when query contains a SQL function returning multiple rows (Tom) * Fix "ALTER TABLE ... TYPE" to recheck NOT NULL for USING clause (Tom) * Fix string_to_array() to handle overlapping matches for the separator string For example, string_to_array('123xx456xxx789', 'xx'). * Fix to_timestamp() for AM/PM formats (Bruce) * Fix autovacuum's calculation that decides whether "ANALYZE" is needed (Alvaro) * Fix corner cases in pattern matching for psql's \d commands * Fix index-corrupting bugs in /contrib/ltree (Teodor) * Numerous robustness fixes in ecpg (Joachim Wieland) * Fix backslash escaping in /contrib/dbmirror * Minor fixes in /contrib/dblink and /contrib/tsearch2 * Efficiency improvements in hash tables and bitmap index scans (Tom) * Fix instability of statistics collection on Windows (Tom, Andrew) * Fix statement_timeout to use the proper units on Win32 (Bruce) In previous Win32 8.1.X versions, the delay was off by a factor of 100. * Fixes for MSVC and Borland C++ compilers (Hiroshi Saito) * Fixes for AIX and Intel compilers (Tom) * Fix rare bug in continuous archiving (Tom) __________________________________________________________________ Release 8.1.4 Release date: 2006-05-23 This release contains a variety of fixes from 8.1.3, including patches for extremely serious security issues. For information about new features in the 8.1 major release, see the Section called Release 8.1. __________________________________________________________________ Migration to Version 8.1.4 A dump/restore is not required for those running 8.1.X. However, if you are upgrading from a version earlier than 8.1.2, see the release notes for 8.1.2. Full security against the SQL-injection attacks described in CVE-2006-2313 and CVE-2006-2314 might require changes in application code. If you have applications that embed untrustworthy strings into SQL commands, you should examine them as soon as possible to ensure that they are using recommended escaping techniques. In most cases, applications should be using subroutines provided by libraries or drivers (such as libpq's PQescapeStringConn()) to perform string escaping, rather than relying on ad hoc code to do it. __________________________________________________________________ Changes * Change the server to reject invalidly-encoded multibyte characters in all cases (Tatsuo, Tom) While PostgreSQL has been moving in this direction for some time, the checks are now applied uniformly to all encodings and all textual input, and are now always errors not merely warnings. This change defends against SQL-injection attacks of the type described in CVE-2006-2313. * Reject unsafe uses of \' in string literals As a server-side defense against SQL-injection attacks of the type described in CVE-2006-2314, the server now only accepts '' and not \' as a representation of ASCII single quote in SQL string literals. By default, \' is rejected only when client_encoding is set to a client-only encoding (SJIS, BIG5, GBK, GB18030, or UHC), which is the scenario in which SQL injection is possible. A new configuration parameter backslash_quote is available to adjust this behavior when needed. Note that full security against CVE-2006-2314 might require client-side changes; the purpose of backslash_quote is in part to make it obvious that insecure clients are insecure. * Modify libpq's string-escaping routines to be aware of encoding considerations and standard_conforming_strings This fixes libpq-using applications for the security issues described in CVE-2006-2313 and CVE-2006-2314, and also future-proofs them against the planned changeover to SQL-standard string literal syntax. Applications that use multiple PostgreSQL connections concurrently should migrate to PQescapeStringConn() and PQescapeByteaConn() to ensure that escaping is done correctly for the settings in use in each database connection. Applications that do string escaping "by hand" should be modified to rely on library routines instead. * Fix weak key selection in pgcrypto (Marko Kreen) Errors in fortuna PRNG reseeding logic could cause a predictable session key to be selected by pgp_sym_encrypt() in some cases. This only affects non-OpenSSL-using builds. * Fix some incorrect encoding conversion functions win1251_to_iso, win866_to_iso, euc_tw_to_big5, euc_tw_to_mic, mic_to_euc_tw were all broken to varying extents. * Clean up stray remaining uses of \' in strings (Bruce, Jan) * Make autovacuum visible in pg_stat_activity (Alvaro) * Disable full_page_writes (Tom) In certain cases, having full_page_writes off would cause crash recovery to fail. A proper fix will appear in 8.2; for now it's just disabled. * Various planner fixes, particularly for bitmap index scans and MIN/MAX optimization (Tom) * Fix incorrect optimization in merge join (Tom) Outer joins could sometimes emit multiple copies of unmatched rows. * Fix crash from using and modifying a plpgsql function in the same transaction * Fix WAL replay for case where a B-Tree index has been truncated * Fix SIMILAR TO for patterns involving | (Tom) * Fix "SELECT INTO" and "CREATE TABLE AS" to create tables in the default tablespace, not the base directory (Kris Jurka) * Fix server to use custom DH SSL parameters correctly (Michael Fuhr) * Improve qsort performance (Dann Corbit) Currently this code is only used on Solaris. * Fix for OS/X Bonjour on x86 systems (Ashley Clark) * Fix various minor memory leaks * Fix problem with password prompting on some Win32 systems (Robert Kinberg) * Improve pg_dump's handling of default values for domains * Fix pg_dumpall to handle identically-named users and groups reasonably (only possible when dumping from a pre-8.1 server) (Tom) The user and group will be merged into a single role with LOGIN permission. Formerly the merged role wouldn't have LOGIN permission, making it unusable as a user. * Fix pg_restore -n to work as documented (Tom) __________________________________________________________________ Release 8.1.3 Release date: 2006-02-14 This release contains a variety of fixes from 8.1.2, including one very serious security issue. For information about new features in the 8.1 major release, see the Section called Release 8.1. __________________________________________________________________ Migration to Version 8.1.3 A dump/restore is not required for those running 8.1.X. However, if you are upgrading from a version earlier than 8.1.2, see the release notes for 8.1.2. __________________________________________________________________ Changes * Fix bug that allowed any logged-in user to "SET ROLE" to any other database user id (CVE-2006-0553) Due to inadequate validity checking, a user could exploit the special case that "SET ROLE" normally uses to restore the previous role setting after an error. This allowed ordinary users to acquire superuser status, for example. The escalation-of-privilege risk exists only in 8.1.0-8.1.2. However, in all releases back to 7.3 there is a related bug in "SET SESSION AUTHORIZATION" that allows unprivileged users to crash the server, if it has been compiled with Asserts enabled (which is not the default). Thanks to Akio Ishida for reporting this problem. * Fix bug with row visibility logic in self-inserted rows (Tom) Under rare circumstances a row inserted by the current command could be seen as already valid, when it should not be. Repairs bug created in 8.0.4, 7.4.9, and 7.3.11 releases. * Fix race condition that could lead to "file already exists" errors during pg_clog and pg_subtrans file creation (Tom) * Fix cases that could lead to crashes if a cache-invalidation message arrives at just the wrong time (Tom) * Properly check DOMAIN constraints for UNKNOWN parameters in prepared statements (Neil) * Ensure "ALTER COLUMN TYPE" will process FOREIGN KEY, UNIQUE, and PRIMARY KEY constraints in the proper order (Nakano Yoshihisa) * Fixes to allow restoring dumps that have cross-schema references to custom operators or operator classes (Tom) * Allow pg_restore to continue properly after a "COPY" failure; formerly it tried to treat the remaining "COPY" data as SQL commands (Stephen Frost) * Fix pg_ctl unregister crash when the data directory is not specified (Magnus) * Fix libpq PQprint HTML tags (Christoph Zwerschke) * Fix ecpg crash on AMD64 and PPC (Neil) * Allow SETOF and %TYPE to be used together in function result type declarations * Recover properly if error occurs during argument passing in PL/python (Neil) * Fix memory leak in plperl_return_next (Neil) * Fix PL/perl's handling of locales on Win32 to match the backend (Andrew) * Various optimizer fixes (Tom) * Fix crash when log_min_messages is set to DEBUG3 or above in "postgresql.conf" on Win32 (Bruce) * Fix pgxs -L library path specification for Win32, Cygwin, OS X, AIX (Bruce) * Check that SID is enabled while checking for Win32 admin privileges (Magnus) * Properly reject out-of-range date inputs (Kris Jurka) * Portability fix for testing presence of finite and isinf during configure (Tom) * Improve speed of "COPY IN" via libpq, by avoiding a kernel call per data line (Alon Goldshuv) * Improve speed of "/contrib/tsearch2" index creation (Tom) __________________________________________________________________ Release 8.1.2 Release date: 2006-01-09 This release contains a variety of fixes from 8.1.1. For information about new features in the 8.1 major release, see the Section called Release 8.1. __________________________________________________________________ Migration to Version 8.1.2 A dump/restore is not required for those running 8.1.X. However, you might need to "REINDEX" indexes on textual columns after updating, if you are affected by the locale or plperl issues described below. __________________________________________________________________ Changes * Fix Windows code so that postmaster will continue rather than exit if there is no more room in ShmemBackendArray (Magnus) The previous behavior could lead to a denial-of-service situation if too many connection requests arrive close together. This applies *only* to the Windows port. * Fix bug introduced in 8.0 that could allow ReadBuffer to return an already-used page as new, potentially causing loss of recently-committed data (Tom) * Fix for protocol-level Describe messages issued outside a transaction or in a failed transaction (Tom) * Fix character string comparison for locales that consider different character combinations as equal, such as Hungarian (Tom) This might require "REINDEX" to fix existing indexes on textual columns. * Set locale environment variables during postmaster startup to ensure that plperl won't change the locale later This fixes a problem that occurred if the postmaster was started with environment variables specifying a different locale than what initdb had been told. Under these conditions, any use of plperl was likely to lead to corrupt indexes. You might need "REINDEX" to fix existing indexes on textual columns if this has happened to you. * Allow more flexible relocation of installation directories (Tom) Previous releases supported relocation only if all installation directory paths were the same except for the last component. * Prevent crashes caused by the use of ISO-8859-5 and ISO-8859-9 encodings (Tatsuo) * Fix longstanding bug in strpos() and regular expression handling in certain rarely used Asian multi-byte character sets (Tatsuo) * Fix bug where COPY CSV mode considered any \. to terminate the copy data The new code requires \. to appear alone on a line, as per documentation. * Make COPY CSV mode quote a literal data value of \. to ensure it cannot be interpreted as the end-of-data marker (Bruce) * Various fixes for functions returning RECORDs (Tom) * Fix processing of "postgresql.conf" so a final line with no newline is processed properly (Tom) * Fix bug in "/contrib/pgcrypto" gen_salt, which caused it not to use all available salt space for MD5 and XDES algorithms (Marko Kreen, Solar Designer) Salts for Blowfish and standard DES are unaffected. * Fix autovacuum crash when processing expression indexes * Fix "/contrib/dblink" to throw an error, rather than crashing, when the number of columns specified is different from what's actually returned by the query (Joe) __________________________________________________________________ Release 8.1.1 Release date: 2005-12-12 This release contains a variety of fixes from 8.1.0. For information about new features in the 8.1 major release, see the Section called Release 8.1. __________________________________________________________________ Migration to Version 8.1.1 A dump/restore is not required for those running 8.1.X. __________________________________________________________________ Changes * Fix incorrect optimizations of outer-join conditions (Tom) * Fix problems with wrong reported column names in cases involving sub-selects flattened by the optimizer (Tom) * Fix update failures in scenarios involving CHECK constraints, toasted columns, *and* indexes (Tom) * Fix bgwriter problems after recovering from errors (Tom) The background writer was found to leak buffer pins after write errors. While not fatal in itself, this might lead to mysterious blockages of later VACUUM commands. * Prevent failure if client sends Bind protocol message when current transaction is already aborted * "/contrib/tsearch2" and "/contrib/ltree" fixes (Teodor) * Fix problems with translated error messages in languages that require word reordering, such as Turkish; also problems with unexpected truncation of output strings and wrong display of the smallest possible bigint value (Andrew, Tom) These problems only appeared on platforms that were using our "port/snprintf.c" code, which includes BSD variants if --enable-nls was given, and perhaps others. In addition, a different form of the translated-error-message problem could appear on Windows depending on which version of "libintl" was used. * Re-allow AM/PM, HH, HH12, and D format specifiers for to_char(time) and to_char(interval). (to_char(interval) should probably use HH24.) (Bruce) * AIX, HPUX, and MSVC compile fixes (Tom, Hiroshi Saito) * Optimizer improvements (Tom) * Retry file reads and writes after Windows NO_SYSTEM_RESOURCES error (Qingqing Zhou) * Prevent autovacuum from crashing during ANALYZE of expression index (Alvaro) * Fix problems with ON COMMIT DELETE ROWS temp tables * Fix problems when a trigger alters the output of a SELECT DISTINCT query * Add 8.1.0 release note item on how to migrate invalid UTF-8 byte sequences (Paul Lindner) __________________________________________________________________ Release 8.1 Release date: 2005-11-08 __________________________________________________________________ Overview Major changes in this release: Improve concurrent access to the shared buffer cache (Tom) Access to the shared buffer cache was identified as a significant scalability problem, particularly on multi-CPU systems. In this release, the way that locking is done in the buffer manager has been overhauled to reduce lock contention and improve scalability. The buffer manager has also been changed to use a "clock sweep" replacement policy. Allow index scans to use an intermediate in-memory bitmap (Tom) In previous releases, only a single index could be used to do lookups on a table. With this feature, if a query has "WHERE tab.col1 = 4 and tab.col2 = 9", and there is no multicolumn index on col1 and col2, but there is an index on col1 and another on col2, it is possible to search both indexes and combine the results in memory, then do heap fetches for only the rows matching both the col1 and col2 restrictions. This is very useful in environments that have a lot of unstructured queries where it is impossible to create indexes that match all possible access conditions. Bitmap scans are useful even with a single index, as they reduce the amount of random access needed; a bitmap index scan is efficient for retrieving fairly large fractions of the complete table, whereas plain index scans are not. Add two-phase commit (Heikki Linnakangas, Alvaro, Tom) Two-phase commit allows transactions to be "prepared" on several computers, and once all computers have successfully prepared their transactions (none failed), all transactions can be committed. Even if a machine crashes after a prepare, the prepared transaction can be committed after the machine is restarted. New syntax includes "PREPARE TRANSACTION" and "COMMIT/ROLLBACK PREPARED". A new system view pg_prepared_xacts has also been added. Create a new role system that replaces users and groups (Stephen Frost) Roles are a combination of users and groups. Like users, they can have login capability, and like groups, a role can have other roles as members. Roles basically remove the distinction between users and groups. For example, a role can: + Have login capability (optionally) + Own objects + Hold access permissions for database objects + Inherit permissions from other roles it is a member of Once a user logs into a role, she obtains capabilities of the login role plus any inherited roles, and can use "SET ROLE" to switch to other roles she is a member of. This feature is a generalization of the SQL standard's concept of roles. This change also replaces pg_shadow and pg_group by new role-capable catalogs pg_authid and pg_auth_members. The old tables are redefined as read-only views on the new role tables. Automatically use indexes for MIN() and MAX() (Tom) In previous releases, the only way to use an index for MIN() or MAX() was to rewrite the query as "SELECT col FROM tab ORDER BY col LIMIT 1". Index usage now happens automatically. Move /contrib/pg_autovacuum into the main server (Alvaro) Integrating autovacuum into the server allows it to be automatically started and stopped in sync with the database server, and allows autovacuum to be configured from "postgresql.conf". Add shared row level locks using SELECT ... FOR SHARE (Alvaro) While PostgreSQL's MVCC locking allows "SELECT" to never be blocked by writers and therefore does not need shared row locks for typical operations, shared locks are useful for applications that require shared row locking. In particular this reduces the locking requirements imposed by referential integrity checks. Add dependencies on shared objects, specifically roles (Alvaro) This extension of the dependency mechanism prevents roles from being dropped while there are still database objects they own. Formerly it was possible to accidentally "orphan" objects by deleting their owner. While this could be recovered from, it was messy and unpleasant. Improve performance for partitioned tables (Simon) The new constraint_exclusion configuration parameter avoids lookups on child tables where constraints indicate that no matching rows exist in the child table. This allows for a basic type of table partitioning. If child tables store separate key ranges and this is enforced using appropriate "CHECK" constraints, the optimizer will skip child table accesses when the constraint guarantees no matching rows exist in the child table. __________________________________________________________________ Migration to Version 8.1 A dump/restore using pg_dump is required for those wishing to migrate data from any previous release. The 8.0 release announced that the to_char() function for intervals would be removed in 8.1. However, since no better API has been suggested, to_char(interval) has been enhanced in 8.1 and will remain in the server. Observe the following incompatibilities: * add_missing_from is now false by default (Neil) By default, we now generate an error if a table is used in a query without a FROM reference. The old behavior is still available, but the parameter must be set to 'true' to obtain it. It might be necessary to set add_missing_from to true in order to load an existing dump file, if the dump contains any views or rules created using the implicit-FROM syntax. This should be a one-time annoyance, because PostgreSQL 8.1 will convert such views and rules to standard explicit-FROM syntax. Subsequent dumps will therefore not have the problem. * Cause input of a zero-length string ('') for float4/float8/oid to throw an error, rather than treating it as a zero (Neil) This change is consistent with the current handling of zero-length strings for integers. The schedule for this change was announced in 8.0. * default_with_oids is now false by default (Neil) With this option set to false, user-created tables no longer have an OID column unless "WITH OIDS" is specified in "CREATE TABLE". Though OIDs have existed in all releases of PostgreSQL, their use is limited because they are only four bytes long and the counter is shared across all installed databases. The preferred way of uniquely identifying rows is via sequences and the SERIAL type, which have been supported since PostgreSQL 6.4. * Add E'' syntax so eventually ordinary strings can treat backslashes literally (Bruce) Currently PostgreSQL processes a backslash in a string literal as introducing a special escape sequence, e.g. \n or \010. While this allows easy entry of special values, it is nonstandard and makes porting of applications from other databases more difficult. For this reason, the PostgreSQL project is planning to remove the special meaning of backslashes in strings. For backward compatibility and for users who want special backslash processing, a new string syntax has been created. This new string syntax is formed by writing an E immediately preceding the single quote that starts the string, e.g. E'hi\n'. While this release does not change the handling of backslashes in strings, it does add new configuration parameters to help users migrate applications for future releases: + standard_conforming_strings -- does this release treat backslashes literally in ordinary strings? + escape_string_warning -- warn about backslashes in ordinary (non-E) strings The standard_conforming_strings value is read-only. Applications can retrieve the value to know how backslashes are processed. (Presence of the parameter can also be taken as an indication that E'' string syntax is supported.) In a future release, standard_conforming_strings will be true, meaning backslashes will be treated literally in non-E strings. To prepare for this change, use E'' strings in places that need special backslash processing, and turn on escape_string_warning to find additional strings that need to be converted to use E''. Also, use two single-quotes ('') to embed a literal single-quote in a string, rather than the PostgreSQL-supported syntax of backslash single-quote (\'). The former is standards-conforming and does not require the use of the E'' string syntax. You can also use the $$ string syntax, which does not treat backslashes specially. * Make "REINDEX DATABASE" reindex all indexes in the database (Tom) Formerly, "REINDEX DATABASE" reindexed only system tables. This new behavior seems more intuitive. A new command "REINDEX SYSTEM" provides the old functionality of reindexing just the system tables. * Read-only large object descriptors now obey MVCC snapshot semantics When a large object is opened with INV_READ (and not INV_WRITE), the data read from the descriptor will now reflect a "snapshot" of the large object's state at the time of the transaction snapshot in use by the query that called lo_open(). To obtain the old behavior of always returning the latest committed data, include INV_WRITE in the mode flags for lo_open(). * Add proper dependencies for arguments of sequence functions (Tom) In previous releases, sequence names passed to nextval(), currval(), and setval() were stored as simple text strings, meaning that renaming or dropping a sequence used in a DEFAULT clause made the clause invalid. This release stores all newly-created sequence function arguments as internal OIDs, allowing them to track sequence renaming, and adding dependency information that prevents improper sequence removal. It also makes such DEFAULT clauses immune to schema renaming and search path changes. Some applications might rely on the old behavior of run-time lookup for sequence names. This can still be done by explicitly casting the argument to text, for example nextval('myseq'::text). Pre-8.1 database dumps loaded into 8.1 will use the old text-based representation and therefore will not have the features of OID-stored arguments. However, it is possible to update a database containing text-based DEFAULT clauses. First, save this query into a file, such as "fixseq.sql": SELECT 'ALTER TABLE ' || pg_catalog.quote_ident(n.nspname) || '.' || pg_catalog.quote_ident(c.relname) || ' ALTER COLUMN ' || pg_catalog.quote_ident(a.attname) || ' SET DEFAULT ' || regexp_replace(d.adsrc, $$val\(\(('[^']*')::text\)::regclass$$, $$val(\1$$, 'g') || ';' FROM pg_namespace n, pg_class c, pg_attribute a, pg_attrdef d WHERE n.oid = c.relnamespace AND c.oid = a.attrelid AND a.attrelid = d.adrelid AND a.attnum = d.adnum AND d.adsrc ~ $$val\(\('[^']*'::text\)::regclass$$; Next, run the query against a database to find what adjustments are required, like this for database db1: psql -t -f fixseq.sql db1 This will show the "ALTER TABLE" commands needed to convert the database to the newer OID-based representation. If the commands look reasonable, run this to update the database: psql -t -f fixseq.sql db1 | psql -e db1 This process must be repeated in each database to be updated. * In psql, treat unquoted \{digit}+ sequences as octal (Bruce) In previous releases, \{digit}+ sequences were treated as decimal, and only \0{digit}+ were treated as octal. This change was made for consistency. * Remove grammar productions for prefix and postfix % and ^ operators (Tom) These have never been documented and complicated the use of the modulus operator (%) with negative numbers. * Make &< and &> for polygons consistent with the box "over" operators (Tom) * "CREATE LANGUAGE" can ignore the provided arguments in favor of information from pg_pltemplate (Tom) A new system catalog pg_pltemplate has been defined to carry information about the preferred definitions of procedural languages (such as whether they have validator functions). When an entry exists in this catalog for the language being created, "CREATE LANGUAGE" will ignore all its parameters except the language name and instead use the catalog information. This measure was taken because of increasing problems with obsolete language definitions being loaded by old dump files. As of 8.1, pg_dump will dump procedural language definitions as just "CREATE LANGUAGE name", relying on a template entry to exist at load time. We expect this will be a more future-proof representation. * Make pg_cancel_backend(int) return a boolean rather than an integer (Neil) * Some users are having problems loading UTF-8 data into 8.1.X. This is because previous versions allowed invalid UTF-8 byte sequences to be entered into the database, and this release properly accepts only valid UTF-8 sequences. One way to correct a dumpfile is to run the command "iconv -c -f UTF-8 -t UTF-8 -o cleanfile.sql dumpfile.sql". The -c option removes invalid character sequences. A diff of the two files will show the sequences that are invalid. "iconv" reads the entire input file into memory so it might be necessary to use split to break up the dump into multiple smaller files for processing. __________________________________________________________________ Additional Changes Below you will find a detailed account of the additional changes between PostgreSQL 8.1 and the previous major release. __________________________________________________________________ Performance Improvements * Improve GiST and R-tree index performance (Neil) * Improve the optimizer, including auto-resizing of hash joins (Tom) * Overhaul internal API in several areas * Change WAL record CRCs from 64-bit to 32-bit (Tom) We determined that the extra cost of computing 64-bit CRCs was significant, and the gain in reliability too marginal to justify it. * Prevent writing large empty gaps in WAL pages (Tom) * Improve spinlock behavior on SMP machines, particularly Opterons (Tom) * Allow nonconsecutive index columns to be used in a multicolumn index (Tom) For example, this allows an index on columns a,b,c to be used in a query with "WHERE a = 4 and c = 10". * Skip WAL logging for "CREATE TABLE AS" / "SELECT INTO" (Simon) Since a crash during "CREATE TABLE AS" would cause the table to be dropped during recovery, there is no reason to WAL log as the table is loaded. (Logging still happens if WAL archiving is enabled, however.) * Allow concurrent GiST index access (Teodor, Oleg) * Add configuration parameter full_page_writes to control writing full pages to WAL (Bruce) To prevent partial disk writes from corrupting the database, PostgreSQL writes a complete copy of each database disk page to WAL the first time it is modified after a checkpoint. This option turns off that functionality for more speed. This is safe to use with battery-backed disk caches where partial page writes cannot happen. * Use O_DIRECT if available when using O_SYNC for wal_sync_method (Itagaki Takahiro) O_DIRECT causes disk writes to bypass the kernel cache, and for WAL writes, this improves performance. * Improve "COPY FROM" performance (Alon Goldshuv) This was accomplished by reading "COPY" input in larger chunks, rather than character by character. * Improve the performance of COUNT(), SUM, AVG(), STDDEV(), and VARIANCE() (Neil, Tom) __________________________________________________________________ Server Changes * Prevent problems due to transaction ID (XID) wraparound (Tom) The server will now warn when the transaction counter approaches the wraparound point. If the counter becomes too close to wraparound, the server will stop accepting queries. This ensures that data is not lost before needed vacuuming is performed. * Fix problems with object IDs (OIDs) conflicting with existing system objects after the OID counter has wrapped around (Tom) * Add warning about the need to increase max_fsm_relations and max_fsm_pages during "VACUUM" (Ron Mayer) * Add temp_buffers configuration parameter to allow users to determine the size of the local buffer area for temporary table access (Tom) * Add session start time and client IP address to pg_stat_activity (Magnus) * Adjust pg_stat views for bitmap scans (Tom) The meanings of some of the fields have changed slightly. * Enhance pg_locks view (Tom) * Log queries for client-side "PREPARE" and "EXECUTE" (Simon) * Allow Kerberos name and user name case sensitivity to be specified in "postgresql.conf" (Magnus) * Add configuration parameter krb_server_hostname so that the server host name can be specified as part of service principal (Todd Kover) If not set, any service principal matching an entry in the keytab can be used. This is new Kerberos matching behavior in this release. * Add log_line_prefix options for millisecond timestamps (%m) and remote host (%h) (Ed L.) * Add WAL logging for GiST indexes (Teodor, Oleg) GiST indexes are now safe for crash and point-in-time recovery. * Remove old "*.backup" files when we do pg_stop_backup() (Bruce) This prevents a large number of "*.backup" files from existing in "pg_xlog/". * Add configuration parameters to control TCP/IP keep-alive times for idle, interval, and count (Oliver Jowett) These values can be changed to allow more rapid detection of lost client connections. * Add per-user and per-database connection limits (Petr Jelinek) Using "ALTER USER" and "ALTER DATABASE", limits can now be enforced on the maximum number of sessions that can concurrently connect as a specific user or to a specific database. Setting the limit to zero disables user or database connections. * Allow more than two gigabytes of shared memory and per-backend work memory on 64-bit machines (Koichi Suzuki) * New system catalog pg_pltemplate allows overriding obsolete procedural-language definitions in dump files (Tom) __________________________________________________________________ Query Changes * Add temporary views (Koju Iijima, Neil) * Fix "HAVING" without any aggregate functions or "GROUP BY" so that the query returns a single group (Tom) Previously, such a case would treat the "HAVING" clause the same as a "WHERE" clause. This was not per spec. * Add "USING" clause to allow additional tables to be specified to "DELETE" (Euler Taveira de Oliveira, Neil) In prior releases, there was no clear method for specifying additional tables to be used for joins in a "DELETE" statement. "UPDATE" already has a FROM clause for this purpose. * Add support for \x hex escapes in backend and ecpg strings (Bruce) This is just like the standard C \x escape syntax. Octal escapes were already supported. * Add "BETWEEN SYMMETRIC" query syntax (Pavel Stehule) This feature allows "BETWEEN" comparisons without requiring the first value to be less than the second. For example, "2 BETWEEN [ASYMMETRIC] 3 AND 1" returns false, while "2 BETWEEN SYMMETRIC 3 AND 1" returns true. "BETWEEN ASYMMETRIC" was already supported. * Add "NOWAIT" option to "SELECT ... FOR UPDATE/SHARE" (Hans-Juergen Schoenig) While the statement_timeout configuration parameter allows a query taking more than a certain amount of time to be cancelled, the "NOWAIT" option allows a query to be canceled as soon as a "SELECT ... FOR UPDATE/SHARE" command cannot immediately acquire a row lock. __________________________________________________________________ Object Manipulation Changes * Track dependencies of shared objects (Alvaro) PostgreSQL allows global tables (users, databases, tablespaces) to reference information in multiple databases. This addition adds dependency information for global tables, so, for example, user ownership can be tracked across databases, so a user who owns something in any database can no longer be removed. Dependency tracking already existed for database-local objects. * Allow limited "ALTER OWNER" commands to be performed by the object owner (Stephen Frost) Prior releases allowed only superusers to change object owners. Now, ownership can be transferred if the user executing the command owns the object and would be able to create it as the new owner (that is, the user is a member of the new owning role and that role has the CREATE permission that would be needed to create the object afresh). * Add "ALTER" object "SET SCHEMA" capability for some object types (tables, functions, types) (Bernd Helmle) This allows objects to be moved to different schemas. * Add "ALTER TABLE ENABLE/DISABLE TRIGGER" to disable triggers (Satoshi Nagayasu) __________________________________________________________________ Utility Command Changes * Allow "TRUNCATE" to truncate multiple tables in a single command (Alvaro) Because of referential integrity checks, it is not allowed to truncate a table that is part of a referential integrity constraint. Using this new functionality, "TRUNCATE" can be used to truncate such tables, if both tables involved in a referential integrity constraint are truncated in a single "TRUNCATE" command. * Properly process carriage returns and line feeds in "COPY CSV" mode (Andrew) In release 8.0, carriage returns and line feeds in "CSV COPY TO" were processed in an inconsistent manner. (This was documented on the TODO list.) * Add "COPY WITH CSV HEADER" to allow a header line as the first line in "COPY" (Andrew) This allows handling of the common "CSV" usage of placing the column names on the first line of the data file. For "COPY TO", the first line contains the column names, and for "COPY FROM", the first line is ignored. * On Windows, display better sub-second precision in "EXPLAIN ANALYZE" (Magnus) * Add trigger duration display to "EXPLAIN ANALYZE" (Tom) Prior releases included trigger execution time as part of the total execution time, but did not show it separately. It is now possible to see how much time is spent in each trigger. * Add support for \x hex escapes in "COPY" (Sergey Ten) Previous releases only supported octal escapes. * Make "SHOW ALL" include variable descriptions (Matthias Schmidt) "SHOW" varname still only displays the variable's value and does not include the description. * Make initdb create a new standard database called postgres, and convert utilities to use postgres rather than template1 for standard lookups (Dave) In prior releases, template1 was used both as a default connection for utilities like createuser, and as a template for new databases. This caused "CREATE DATABASE" to sometimes fail, because a new database cannot be created if anyone else is in the template database. With this change, the default connection database is now postgres, meaning it is much less likely someone will be using template1 during "CREATE DATABASE". * Create new reindexdb command-line utility by moving "/contrib/reindexdb" into the server (Euler Taveira de Oliveira) __________________________________________________________________ Data Type and Function Changes * Add MAX() and MIN() aggregates for array types (Koju Iijima) * Fix to_date() and to_timestamp() to behave reasonably when CC and YY fields are both used (Karel Zak) If the format specification contains CC and a year specification is YYY or longer, ignore the CC. If the year specification is YY or shorter, interpret CC as the previous century. * Add md5(bytea) (Abhijit Menon-Sen) md5(text) already existed. * Add support for "numeric ^ numeric" based on power(numeric, numeric) The function already existed, but there was no operator assigned to it. * Fix NUMERIC modulus by properly truncating the quotient during computation (Bruce) In previous releases, modulus for large values sometimes returned negative results due to rounding of the quotient. * Add a function lastval() (Dennis Björklund) lastval() is a simplified version of currval(). It automatically determines the proper sequence name based on the most recent nextval() or setval() call performed by the current session. * Add to_timestamp(DOUBLE PRECISION) (Michael Glaesemann) Converts Unix seconds since 1970 to a TIMESTAMP WITH TIMEZONE. * Add pg_postmaster_start_time() function (Euler Taveira de Oliveira, Matthias Schmidt) * Allow the full use of time zone names in "AT TIME ZONE", not just the short list previously available (Magnus) Previously, only a predefined list of time zone names were supported by "AT TIME ZONE". Now any supported time zone name can be used, e.g.: SELECT CURRENT_TIMESTAMP AT TIME ZONE 'Europe/London'; In the above query, the time zone used is adjusted based on the daylight saving time rules that were in effect on the supplied date. * Add GREATEST() and LEAST() variadic functions (Pavel Stehule) These functions take a variable number of arguments and return the greatest or least value among the arguments. * Add pg_column_size() (Mark Kirkwood) This returns storage size of a column, which might be compressed. * Add regexp_replace() (Atsushi Ogawa) This allows regular expression replacement, like sed. An optional flag argument allows selection of global (replace all) and case-insensitive modes. * Fix interval division and multiplication (Bruce) Previous versions sometimes returned unjustified results, like "'4 months'::interval / 5" returning "'1 mon -6 days'". * Fix roundoff behavior in timestamp, time, and interval output (Tom) This fixes some cases in which the seconds field would be shown as 60 instead of incrementing the higher-order fields. * Add a separate day field to type interval so a one day interval can be distinguished from a 24 hour interval (Michael Glaesemann) Days that contain a daylight saving time adjustment are not 24 hours long, but typically 23 or 25 hours. This change creates a conceptual distinction between intervals of "so many days" and intervals of "so many hours". Adding 1 day to a timestamp now gives the same local time on the next day even if a daylight saving time adjustment occurs between, whereas adding 24 hours will give a different local time when this happens. For example, under US DST rules: '2005-04-03 00:00:00-05' + '1 day' = '2005-04-04 00:00:00-04' '2005-04-03 00:00:00-05' + '24 hours' = '2005-04-04 01:00:00-04' * Add justify_days() and justify_hours() (Michael Glaesemann) These functions, respectively, adjust days to an appropriate number of full months and days, and adjust hours to an appropriate number of full days and hours. * Move "/contrib/dbsize" into the backend, and rename some of the functions (Dave Page, Andreas Pflug) + pg_tablespace_size() + pg_database_size() + pg_relation_size() + pg_total_relation_size() + pg_size_pretty() pg_total_relation_size() includes indexes and TOAST tables. * Add functions for read-only file access to the cluster directory (Dave Page, Andreas Pflug) + pg_stat_file() + pg_read_file() + pg_ls_dir() * Add pg_reload_conf() to force reloading of the configuration files (Dave Page, Andreas Pflug) * Add pg_rotate_logfile() to force rotation of the server log file (Dave Page, Andreas Pflug) * Change pg_stat_* views to include TOAST tables (Tom) __________________________________________________________________ Encoding and Locale Changes * Rename some encodings to be more consistent and to follow international standards (Bruce) + UNICODE is now UTF8 + ALT is now WIN866 + WIN is now WIN1251 + TCVN is now WIN1258 The original names still work. * Add support for WIN1252 encoding (Roland Volkmann) * Add support for four-byte UTF8 characters (John Hansen) Previously only one, two, and three-byte UTF8 characters were supported. This is particularly important for support for some Chinese character sets. * Allow direct conversion between EUC_JP and SJIS to improve performance (Atsushi Ogawa) * Allow the UTF8 encoding to work on Windows (Magnus) This is done by mapping UTF8 to the Windows-native UTF16 implementation. __________________________________________________________________ General Server-Side Language Changes * Fix "ALTER LANGUAGE RENAME" (Sergey Yatskevich) * Allow function characteristics, like strictness and volatility, to be modified via "ALTER FUNCTION" (Neil) * Increase the maximum number of function arguments to 100 (Tom) * Allow SQL and PL/pgSQL functions to use "OUT" and "INOUT" parameters (Tom) "OUT" is an alternate way for a function to return values. Instead of using "RETURN", values can be returned by assigning to parameters declared as "OUT" or "INOUT". This is notationally simpler in some cases, particularly so when multiple values need to be returned. While returning multiple values from a function was possible in previous releases, this greatly simplifies the process. (The feature will be extended to other server-side languages in future releases.) * Move language handler functions into the pg_catalog schema This makes it easier to drop the public schema if desired. * Add SPI_getnspname() to SPI (Neil) __________________________________________________________________ PL/pgSQL Server-Side Language Changes * Overhaul the memory management of PL/pgSQL functions (Neil) The parsetree of each function is now stored in a separate memory context. This allows this memory to be easily reclaimed when it is no longer needed. * Check function syntax at "CREATE FUNCTION" time, rather than at runtime (Neil) Previously, most syntax errors were reported only when the function was executed. * Allow "OPEN" to open non-"SELECT" queries like "EXPLAIN" and "SHOW" (Tom) * No longer require functions to issue a "RETURN" statement (Tom) This is a byproduct of the newly added "OUT" and "INOUT" functionality. "RETURN" can be omitted when it is not needed to provide the function's return value. * Add support for an optional "INTO" clause to PL/pgSQL's "EXECUTE" statement (Pavel Stehule, Neil) * Make "CREATE TABLE AS" set "ROW_COUNT" (Tom) * Define SQLSTATE and SQLERRM to return the SQLSTATE and error message of the current exception (Pavel Stehule, Neil) These variables are only defined inside exception blocks. * Allow the parameters to the "RAISE" statement to be expressions (Pavel Stehule, Neil) * Add a loop "CONTINUE" statement (Pavel Stehule, Neil) * Allow block and loop labels (Pavel Stehule) __________________________________________________________________ PL/Perl Server-Side Language Changes * Allow large result sets to be returned efficiently (Abhijit Menon-Sen) This allows functions to use return_next() to avoid building the entire result set in memory. * Allow one-row-at-a-time retrieval of query results (Abhijit Menon-Sen) This allows functions to use spi_query() and spi_fetchrow() to avoid accumulating the entire result set in memory. * Force PL/Perl to handle strings as UTF8 if the server encoding is UTF8 (David Kamholz) * Add a validator function for PL/Perl (Andrew) This allows syntax errors to be reported at definition time, rather than execution time. * Allow PL/Perl to return a Perl array when the function returns an array type (Andrew) This basically maps PostgreSQL arrays to Perl arrays. * Allow Perl nonfatal warnings to generate "NOTICE" messages (Andrew) * Allow Perl's strict mode to be enabled (Andrew) __________________________________________________________________ psql Changes * Add "\set ON_ERROR_ROLLBACK" to allow statements in a transaction to error without affecting the rest of the transaction (Greg Sabino Mullane) This is basically implemented by wrapping every statement in a sub-transaction. * Add support for \x hex strings in psql variables (Bruce) Octal escapes were already supported. * Add support for "troff -ms" output format (Roger Leigh) * Allow the history file location to be controlled by HISTFILE (Andreas Seltenreich) This allows configuration of per-database history storage. * Prevent "\x" (expanded mode) from affecting the output of "\d tablename" (Neil) * Add "-L" option to psql to log sessions (Lorne Sunley) This option was added because some operating systems do not have simple command-line activity logging functionality. * Make "\d" show the tablespaces of indexes (Qingqing Zhou) * Allow psql help ("\h") to make a best guess on the proper help information (Greg Sabino Mullane) This allows the user to just add "\h" to the front of the syntax error query and get help on the supported syntax. Previously any additional query text beyond the command name had to be removed to use "\h". * Add "\pset numericlocale" to allow numbers to be output in a locale-aware format (Eugen Nedelcu) For example, using C locale 100000 would be output as 100,000.0 while a European locale might output this value as 100.000,0. * Make startup banner show both server version number and psql's version number, when they are different (Bruce) Also, a warning will be shown if the server and psql are from different major releases. __________________________________________________________________ pg_dump Changes * Add "-n" / "--schema" switch to pg_restore (Richard van den Berg) This allows just the objects in a specified schema to be restored. * Allow pg_dump to dump large objects even in text mode (Tom) With this change, large objects are now always dumped; the former "-b" switch is a no-op. * Allow pg_dump to dump a consistent snapshot of large objects (Tom) * Dump comments for large objects (Tom) * Add "--encoding" to pg_dump (Magnus Hagander) This allows a database to be dumped in an encoding that is different from the server's encoding. This is valuable when transferring the dump to a machine with a different encoding. * Rely on pg_pltemplate for procedural languages (Tom) If the call handler for a procedural language is in the pg_catalog schema, pg_dump does not dump the handler. Instead, it dumps the language using just "CREATE LANGUAGE name", relying on the pg_pltemplate catalog to provide the language's creation parameters at load time. __________________________________________________________________ libpq Changes * Add a PGPASSFILE environment variable to specify the password file's filename (Andrew) * Add lo_create(), that is similar to lo_creat() but allows the OID of the large object to be specified (Tom) * Make libpq consistently return an error to the client application on malloc() failure (Neil) __________________________________________________________________ Source Code Changes * Fix pgxs to support building against a relocated installation * Add spinlock support for the Itanium processor using Intel compiler (Vikram Kalsi) * Add Kerberos 5 support for Windows (Magnus) * Add Chinese FAQ (laser@pgsqldb.com) * Rename Rendezvous to Bonjour to match OS/X feature renaming (Bruce) * Add support for fsync_writethrough on Darwin (Chris Campbell) * Streamline the passing of information within the server, the optimizer, and the lock system (Tom) * Allow pg_config to be compiled using MSVC (Andrew) This is required to build DBD::Pg using MSVC. * Remove support for Kerberos V4 (Magnus) Kerberos 4 had security vulnerabilities and is no longer maintained. * Code cleanups (Coverity static analysis performed by EnterpriseDB) * Modify "postgresql.conf" to use documentation defaults on/off rather than true/false (Bruce) * Enhance pg_config to be able to report more build-time values (Tom) * Allow libpq to be built thread-safe on Windows (Dave Page) * Allow IPv6 connections to be used on Windows (Andrew) * Add Server Administration documentation about I/O subsystem reliability (Bruce) * Move private declarations from "gist.h" to "gist_private.h" (Neil) In previous releases, "gist.h" contained both the public GiST API (intended for use by authors of GiST index implementations) as well as some private declarations used by the implementation of GiST itself. The latter have been moved to a separate file, "gist_private.h". Most GiST index implementations should be unaffected. * Overhaul GiST memory management (Neil) GiST methods are now always invoked in a short-lived memory context. Therefore, memory allocated via palloc() will be reclaimed automatically, so GiST index implementations do not need to manually release allocated memory via pfree(). __________________________________________________________________ Contrib Changes * Add "/contrib/pg_buffercache" contrib module (Mark Kirkwood) This displays the contents of the buffer cache, for debugging and performance tuning purposes. * Remove "/contrib/array" because it is obsolete (Tom) * Clean up the "/contrib/lo" module (Tom) * Move "/contrib/findoidjoins" to "/src/tools" (Tom) * Remove the <<, >>, &<, and &> operators from "/contrib/cube" These operators were not useful. * Improve "/contrib/btree_gist" (Janko Richter) * Improve "/contrib/pgbench" (Tomoaki Sato, Tatsuo) There is now a facility for testing with SQL command scripts given by the user, instead of only a hard-wired command sequence. * Improve "/contrib/pgcrypto" (Marko Kreen) + Implementation of OpenPGP symmetric-key and public-key encryption Both RSA and Elgamal public-key algorithms are supported. + Stand alone build: include SHA256/384/512 hashes, Fortuna PRNG + OpenSSL build: support 3DES, use internal AES with OpenSSL < 0.9.7 + Take build parameters (OpenSSL, zlib) from "configure" result There is no need to edit the "Makefile" anymore. + Remove support for "libmhash" and "libmcrypt" __________________________________________________________________ Release 8.0.26 Release date: 2010-10-04 This release contains a variety of fixes from 8.0.25. For information about new features in the 8.0 major release, see the Section called Release 8.0. This is expected to be the last PostgreSQL release in the 8.0.X series. Users are encouraged to update to a newer release branch soon. __________________________________________________________________ Migration to Version 8.0.26 A dump/restore is not required for those running 8.0.X. However, if you are upgrading from a version earlier than 8.0.22, see the release notes for 8.0.22. __________________________________________________________________ Changes * Use a separate interpreter for each calling SQL userid in PL/Perl and PL/Tcl (Tom Lane) This change prevents security problems that can be caused by subverting Perl or Tcl code that will be executed later in the same session under another SQL user identity (for example, within a SECURITY DEFINER function). Most scripting languages offer numerous ways that that might be done, such as redefining standard functions or operators called by the target function. Without this change, any SQL user with Perl or Tcl language usage rights can do essentially anything with the SQL privileges of the target function's owner. The cost of this change is that intentional communication among Perl and Tcl functions becomes more difficult. To provide an escape hatch, PL/PerlU and PL/TclU functions continue to use only one interpreter per session. This is not considered a security issue since all such functions execute at the trust level of a database superuser already. It is likely that third-party procedural languages that claim to offer trusted execution have similar security issues. We advise contacting the authors of any PL you are depending on for security-critical purposes. Our thanks to Tim Bunce for pointing out this issue (CVE-2010-3433). * Prevent possible crashes in pg_get_expr() by disallowing it from being called with an argument that is not one of the system catalog columns it's intended to be used with (Heikki Linnakangas, Tom Lane) * Fix "cannot handle unplanned sub-select" error (Tom Lane) This occurred when a sub-select contains a join alias reference that expands into an expression containing another sub-select. * Defend against functions returning setof record where not all the returned rows are actually of the same rowtype (Tom Lane) * Take care to fsync the contents of lockfiles (both "postmaster.pid" and the socket lockfile) while writing them (Tom Lane) This omission could result in corrupted lockfile contents if the machine crashes shortly after postmaster start. That could in turn prevent subsequent attempts to start the postmaster from succeeding, until the lockfile is manually removed. * Avoid recursion while assigning XIDs to heavily-nested subtransactions (Andres Freund, Robert Haas) The original coding could result in a crash if there was limited stack space. * Fix log_line_prefix's %i escape, which could produce junk early in backend startup (Tom Lane) * Fix possible data corruption in "ALTER TABLE ... SET TABLESPACE" when archiving is enabled (Jeff Davis) * Allow "CREATE DATABASE" and "ALTER DATABASE ... SET TABLESPACE" to be interrupted by query-cancel (Guillaume Lelarge) * In PL/Python, defend against null pointer results from PyCObject_AsVoidPtr and PyCObject_FromVoidPtr (Peter Eisentraut) * Improve "contrib/dblink"'s handling of tables containing dropped columns (Tom Lane) * Fix connection leak after "duplicate connection name" errors in "contrib/dblink" (Itagaki Takahiro) * Fix "contrib/dblink" to handle connection names longer than 62 bytes correctly (Itagaki Takahiro) * Update build infrastructure and documentation to reflect the source code repository's move from CVS to Git (Magnus Hagander and others) * Update time zone data files to tzdata release 2010l for DST law changes in Egypt and Palestine; also historical corrections for Finland. This change also adds new names for two Micronesian timezones: Pacific/Chuuk is now preferred over Pacific/Truk (and the preferred abbreviation is CHUT not TRUT) and Pacific/Pohnpei is preferred over Pacific/Ponape. __________________________________________________________________ Release 8.0.25 Release date: 2010-05-17 This release contains a variety of fixes from 8.0.24. For information about new features in the 8.0 major release, see the Section called Release 8.0. The PostgreSQL community will stop releasing updates for the 8.0.X release series in July 2010. Users are encouraged to update to a newer release branch soon. __________________________________________________________________ Migration to Version 8.0.25 A dump/restore is not required for those running 8.0.X. However, if you are upgrading from a version earlier than 8.0.22, see the release notes for 8.0.22. __________________________________________________________________ Changes * Enforce restrictions in plperl using an opmask applied to the whole interpreter, instead of using "Safe.pm" (Tim Bunce, Andrew Dunstan) Recent developments have convinced us that "Safe.pm" is too insecure to rely on for making plperl trustable. This change removes use of "Safe.pm" altogether, in favor of using a separate interpreter with an opcode mask that is always applied. Pleasant side effects of the change include that it is now possible to use Perl's strict pragma in a natural way in plperl, and that Perl's $a and $b variables work as expected in sort routines, and that function compilation is significantly faster. (CVE-2010-1169) * Prevent PL/Tcl from executing untrustworthy code from pltcl_modules (Tom) PL/Tcl's feature for autoloading Tcl code from a database table could be exploited for trojan-horse attacks, because there was no restriction on who could create or insert into that table. This change disables the feature unless pltcl_modules is owned by a superuser. (However, the permissions on the table are not checked, so installations that really need a less-than-secure modules table can still grant suitable privileges to trusted non-superusers.) Also, prevent loading code into the unrestricted "normal" Tcl interpreter unless we are really going to execute a pltclu function. (CVE-2010-1170) * Do not allow an unprivileged user to reset superuser-only parameter settings (Alvaro) Previously, if an unprivileged user ran ALTER USER ... RESET ALL for himself, or ALTER DATABASE ... RESET ALL for a database he owns, this would remove all special parameter settings for the user or database, even ones that are only supposed to be changeable by a superuser. Now, the "ALTER" will only remove the parameters that the user has permission to change. * Avoid possible crash during backend shutdown if shutdown occurs when a CONTEXT addition would be made to log entries (Tom) In some cases the context-printing function would fail because the current transaction had already been rolled back when it came time to print a log message. * Update pl/perl's "ppport.h" for modern Perl versions (Andrew) * Fix assorted memory leaks in pl/python (Andreas Freund, Tom) * Prevent infinite recursion in psql when expanding a variable that refers to itself (Tom) * Ensure that "contrib/pgstattuple" functions respond to cancel interrupts promptly (Tatsuhito Kasahara) * Make server startup deal properly with the case that shmget() returns EINVAL for an existing shared memory segment (Tom) This behavior has been observed on BSD-derived kernels including OS X. It resulted in an entirely-misleading startup failure complaining that the shared memory request size was too large. * Update time zone data files to tzdata release 2010j for DST law changes in Argentina, Australian Antarctic, Bangladesh, Mexico, Morocco, Pakistan, Palestine, Russia, Syria, Tunisia; also historical corrections for Taiwan. __________________________________________________________________ Release 8.0.24 Release date: 2010-03-15 This release contains a variety of fixes from 8.0.23. For information about new features in the 8.0 major release, see the Section called Release 8.0. The PostgreSQL community will stop releasing updates for the 8.0.X release series in July 2010. Users are encouraged to update to a newer release branch soon. __________________________________________________________________ Migration to Version 8.0.24 A dump/restore is not required for those running 8.0.X. However, if you are upgrading from a version earlier than 8.0.22, see the release notes for 8.0.22. __________________________________________________________________ Changes * Add new configuration parameter ssl_renegotiation_limit to control how often we do session key renegotiation for an SSL connection (Magnus) This can be set to zero to disable renegotiation completely, which may be required if a broken SSL library is used. In particular, some vendors are shipping stopgap patches for CVE-2009-3555 that cause renegotiation attempts to fail. * Fix possible crashes when trying to recover from a failure in subtransaction start (Tom) * Fix server memory leak associated with use of savepoints and a client encoding different from server's encoding (Tom) * Make substring() for bit types treat any negative length as meaning "all the rest of the string" (Tom) The previous coding treated only -1 that way, and would produce an invalid result value for other negative values, possibly leading to a crash (CVE-2010-0442). * Fix integer-to-bit-string conversions to handle the first fractional byte correctly when the output bit width is wider than the given integer by something other than a multiple of 8 bits (Tom) * Fix some cases of pathologically slow regular expression matching (Tom) * Fix the STOP WAL LOCATION entry in backup history files to report the next WAL segment's name when the end location is exactly at a segment boundary (Itagaki Takahiro) * When reading "pg_hba.conf" and related files, do not treat @something as a file inclusion request if the @ appears inside quote marks; also, never treat @ by itself as a file inclusion request (Tom) This prevents erratic behavior if a role or database name starts with @. If you need to include a file whose path name contains spaces, you can still do so, but you must write @"/path to/file" rather than putting the quotes around the whole construct. * Prevent infinite loop on some platforms if a directory is named as an inclusion target in "pg_hba.conf" and related files (Tom) * Fix plpgsql failure in one case where a composite column is set to NULL (Tom) * Add volatile markings in PL/Python to avoid possible compiler-specific misbehavior (Zdenek Kotala) * Ensure PL/Tcl initializes the Tcl interpreter fully (Tom) The only known symptom of this oversight is that the Tcl clock command misbehaves if using Tcl 8.5 or later. * Prevent crash in "contrib/dblink" when too many key columns are specified to a dblink_build_sql_* function (Rushabh Lathia, Joe Conway) * Fix assorted crashes in "contrib/xml2" caused by sloppy memory management (Tom) * Update time zone data files to tzdata release 2010e for DST law changes in Bangladesh, Chile, Fiji, Mexico, Paraguay, Samoa. __________________________________________________________________ Release 8.0.23 Release date: 2009-12-14 This release contains a variety of fixes from 8.0.22. For information about new features in the 8.0 major release, see the Section called Release 8.0. __________________________________________________________________ Migration to Version 8.0.23 A dump/restore is not required for those running 8.0.X. However, if you are upgrading from a version earlier than 8.0.22, see the release notes for 8.0.22. __________________________________________________________________ Changes * Protect against indirect security threats caused by index functions changing session-local state (Gurjeet Singh, Tom) This change prevents allegedly-immutable index functions from possibly subverting a superuser's session (CVE-2009-4136). * Reject SSL certificates containing an embedded null byte in the common name (CN) field (Magnus) This prevents unintended matching of a certificate to a server or client name during SSL validation (CVE-2009-4034). * Fix possible crash during backend-startup-time cache initialization (Tom) * Prevent signals from interrupting VACUUM at unsafe times (Alvaro) This fix prevents a PANIC if a VACUUM FULL is cancelled after it's already committed its tuple movements, as well as transient errors if a plain VACUUM is interrupted after having truncated the table. * Fix possible crash due to integer overflow in hash table size calculation (Tom) This could occur with extremely large planner estimates for the size of a hashjoin's result. * Fix very rare crash in inet/cidr comparisons (Chris Mikkelson) * Fix premature drop of temporary files used for a cursor that is accessed within a subtransaction (Heikki) * Fix PAM password processing to be more robust (Tom) The previous code is known to fail with the combination of the Linux pam_krb5 PAM module with Microsoft Active Directory as the domain controller. It might have problems elsewhere too, since it was making unjustified assumptions about what arguments the PAM stack would pass to it. * Fix rare crash in exception processing in PL/Python (Peter) * Ensure psql's flex module is compiled with the correct system header definitions (Tom) This fixes build failures on platforms where --enable-largefile causes incompatible changes in the generated code. * Make the postmaster ignore any application_name parameter in connection request packets, to improve compatibility with future libpq versions (Tom) * Update time zone data files to tzdata release 2009s for DST law changes in Antarctica, Argentina, Bangladesh, Fiji, Novokuznetsk, Pakistan, Palestine, Samoa, Syria; also historical corrections for Hong Kong. __________________________________________________________________ Release 8.0.22 Release date: 2009-09-09 This release contains a variety of fixes from 8.0.21. For information about new features in the 8.0 major release, see the Section called Release 8.0. __________________________________________________________________ Migration to Version 8.0.22 A dump/restore is not required for those running 8.0.X. However, if you have any hash indexes on interval columns, you must "REINDEX" them after updating to 8.0.22. Also, if you are upgrading from a version earlier than 8.0.6, see the release notes for 8.0.6. __________________________________________________________________ Changes * Disallow "RESET ROLE" and "RESET SESSION AUTHORIZATION" inside security-definer functions (Tom, Heikki) This covers a case that was missed in the previous patch that disallowed "SET ROLE" and "SET SESSION AUTHORIZATION" inside security-definer functions. (See CVE-2007-6600) * Fix handling of sub-SELECTs appearing in the arguments of an outer-level aggregate function (Tom) * Fix hash calculation for data type interval (Tom) This corrects wrong results for hash joins on interval values. It also changes the contents of hash indexes on interval columns. If you have any such indexes, you must "REINDEX" them after updating. * Treat to_char(..., 'TH') as an uppercase ordinal suffix with 'HH'/'HH12' (Heikki) It was previously handled as 'th' (lowercase). * Fix overflow for INTERVAL 'x ms' when "x" is more than 2 million and integer datetimes are in use (Alex Hunsaker) * Fix calculation of distance between a point and a line segment (Tom) This led to incorrect results from a number of geometric operators. * Fix money data type to work in locales where currency amounts have no fractional digits, e.g. Japan (Itagaki Takahiro) * Properly round datetime input like 00:12:57.9999999999999999999999999999 (Tom) * Fix poor choice of page split point in GiST R-tree operator classes (Teodor) * Fix portability issues in plperl initialization (Andrew Dunstan) * Fix pg_ctl to not go into an infinite loop if "postgresql.conf" is empty (Jeff Davis) * Fix "contrib/xml2"'s xslt_process() to properly handle the maximum number of parameters (twenty) (Tom) * Improve robustness of libpq's code to recover from errors during "COPY FROM STDIN" (Tom) * Avoid including conflicting readline and editline header files when both libraries are installed (Zdenek Kotala) * Update time zone data files to tzdata release 2009l for DST law changes in Bangladesh, Egypt, Jordan, Pakistan, Argentina/San_Luis, Cuba, Jordan (historical correction only), Mauritius, Morocco, Palestine, Syria, Tunisia. __________________________________________________________________ Release 8.0.21 Release date: 2009-03-16 This release contains a variety of fixes from 8.0.20. For information about new features in the 8.0 major release, see the Section called Release 8.0. __________________________________________________________________ Migration to Version 8.0.21 A dump/restore is not required for those running 8.0.X. However, if you are upgrading from a version earlier than 8.0.6, see the release notes for 8.0.6. __________________________________________________________________ Changes * Prevent error recursion crashes when encoding conversion fails (Tom) This change extends fixes made in the last two minor releases for related failure scenarios. The previous fixes were narrowly tailored for the original problem reports, but we have now recognized that *any* error thrown by an encoding conversion function could potentially lead to infinite recursion while trying to report the error. The solution therefore is to disable translation and encoding conversion and report the plain-ASCII form of any error message, if we find we have gotten into a recursive error reporting situation. (CVE-2009-0922) * Disallow "CREATE CONVERSION" with the wrong encodings for the specified conversion function (Heikki) This prevents one possible scenario for encoding conversion failure. The previous change is a backstop to guard against other kinds of failures in the same area. * Fix core dump when to_char() is given format codes that are inappropriate for the type of the data argument (Tom) * Add MUST (Mauritius Island Summer Time) to the default list of known timezone abbreviations (Xavier Bugaud) __________________________________________________________________ Release 8.0.20 Release date: 2009-02-02 This release contains a variety of fixes from 8.0.19. For information about new features in the 8.0 major release, see the Section called Release 8.0. __________________________________________________________________ Migration to Version 8.0.20 A dump/restore is not required for those running 8.0.X. However, if you are upgrading from a version earlier than 8.0.6, see the release notes for 8.0.6. __________________________________________________________________ Changes * Improve handling of URLs in headline() function (Teodor) * Improve handling of overlength headlines in headline() function (Teodor) * Prevent possible Assert failure or misconversion if an encoding conversion is created with the wrong conversion function for the specified pair of encodings (Tom, Heikki) * Avoid unnecessary locking of small tables in "VACUUM" (Heikki) * Fix uninitialized variables in "contrib/tsearch2"'s get_covers() function (Teodor) * Make all documentation reference pgsql-bugs and/or pgsql-hackers as appropriate, instead of the now-decommissioned pgsql-ports and pgsql-patches mailing lists (Tom) * Update time zone data files to tzdata release 2009a (for Kathmandu and historical DST corrections in Switzerland, Cuba) __________________________________________________________________ Release 8.0.19 Release date: 2008-11-03 This release contains a variety of fixes from 8.0.18. For information about new features in the 8.0 major release, see the Section called Release 8.0. __________________________________________________________________ Migration to Version 8.0.19 A dump/restore is not required for those running 8.0.X. However, if you are upgrading from a version earlier than 8.0.6, see the release notes for 8.0.6. __________________________________________________________________ Changes * Fix backend crash when the client encoding cannot represent a localized error message (Tom) We have addressed similar issues before, but it would still fail if the "character has no equivalent" message itself couldn't be converted. The fix is to disable localization and send the plain ASCII error message when we detect such a situation. * Fix possible crash when deeply nested functions are invoked from a trigger (Tom) * Ensure an error is reported when a newly-defined PL/pgSQL trigger function is invoked as a normal function (Tom) * Fix incorrect tsearch2 headline generation when single query item matches first word of text (Sushant Sinha) * Fix improper display of fractional seconds in interval values when using a non-ISO datestyle in an "--enable-integer-datetimes" build (Ron Mayer) * Ensure SPI_getvalue and SPI_getbinval behave correctly when the passed tuple and tuple descriptor have different numbers of columns (Tom) This situation is normal when a table has had columns added or removed, but these two functions didn't handle it properly. The only likely consequence is an incorrect error indication. * Fix ecpg's parsing of "CREATE USER" (Michael) * Fix recent breakage of pg_ctl restart (Tom) * Update time zone data files to tzdata release 2008i (for DST law changes in Argentina, Brazil, Mauritius, Syria) __________________________________________________________________ Release 8.0.18 Release date: 2008-09-22 This release contains a variety of fixes from 8.0.17. For information about new features in the 8.0 major release, see the Section called Release 8.0. __________________________________________________________________ Migration to Version 8.0.18 A dump/restore is not required for those running 8.0.X. However, if you are upgrading from a version earlier than 8.0.6, see the release notes for 8.0.6. __________________________________________________________________ Changes * Widen local lock counters from 32 to 64 bits (Tom) This responds to reports that the counters could overflow in sufficiently long transactions, leading to unexpected "lock is already held" errors. * Add checks in executor startup to ensure that the tuples produced by an "INSERT" or "UPDATE" will match the target table's current rowtype (Tom) "ALTER COLUMN TYPE", followed by re-use of a previously cached plan, could produce this type of situation. The check protects against data corruption and/or crashes that could ensue. * Fix datetime input functions to correctly detect integer overflow when running on a 64-bit platform (Tom) * Improve performance of writing very long log messages to syslog (Tom) * Fix bug in backwards scanning of a cursor on a SELECT DISTINCT ON query (Tom) * Fix planner to estimate that GROUP BY expressions yielding boolean results always result in two groups, regardless of the expressions' contents (Tom) This is very substantially more accurate than the regular GROUP BY estimate for certain boolean tests like "col" IS NULL. * Fix PL/Tcl to behave correctly with Tcl 8.5, and to be more careful about the encoding of data sent to or from Tcl (Tom) * Fix PL/Python to work with Python 2.5 This is a back-port of fixes made during the 8.2 development cycle. * Improve pg_dump and pg_restore's error reporting after failure to send a SQL command (Tom) * Fix pg_ctl to properly preserve postmaster command-line arguments across a restart (Bruce) * Update time zone data files to tzdata release 2008f (for DST law changes in Argentina, Bahamas, Brazil, Mauritius, Morocco, Pakistan, Palestine, and Paraguay) __________________________________________________________________ Release 8.0.17 Release date: 2008-06-12 This release contains one serious bug fix over 8.0.16. For information about new features in the 8.0 major release, see the Section called Release 8.0. __________________________________________________________________ Migration to Version 8.0.17 A dump/restore is not required for those running 8.0.X. However, if you are upgrading from a version earlier than 8.0.6, see the release notes for 8.0.6. __________________________________________________________________ Changes * Make pg_get_ruledef() parenthesize negative constants (Tom) Before this fix, a negative constant in a view or rule might be dumped as, say, -42::integer, which is subtly incorrect: it should be (-42)::integer due to operator precedence rules. Usually this would make little difference, but it could interact with another recent patch to cause PostgreSQL to reject what had been a valid "SELECT DISTINCT" view query. Since this could result in pg_dump output failing to reload, it is being treated as a high-priority fix. The only released versions in which dump output is actually incorrect are 8.3.1 and 8.2.7. __________________________________________________________________ Release 8.0.16 Release date: never released This release contains a variety of fixes from 8.0.15. For information about new features in the 8.0 major release, see the Section called Release 8.0. __________________________________________________________________ Migration to Version 8.0.16 A dump/restore is not required for those running 8.0.X. However, if you are upgrading from a version earlier than 8.0.6, see the release notes for 8.0.6. __________________________________________________________________ Changes * Fix "ALTER TABLE ADD COLUMN ... PRIMARY KEY" so that the new column is correctly checked to see if it's been initialized to all non-nulls (Brendan Jurd) Previous versions neglected to check this requirement at all. * Fix possible "CREATE TABLE" failure when inheriting the "same" constraint from multiple parent relations that inherited that constraint from a common ancestor (Tom) * Fix conversions between ISO-8859-5 and other encodings to handle Cyrillic "Yo" characters (e and E with two dots) (Sergey Burladyan) * Fix a few datatype input functions that were allowing unused bytes in their results to contain uninitialized, unpredictable values (Tom) This could lead to failures in which two apparently identical literal values were not seen as equal, resulting in the parser complaining about unmatched ORDER BY and DISTINCT expressions. * Fix a corner case in regular-expression substring matching (substring(string from pattern)) (Tom) The problem occurs when there is a match to the pattern overall but the user has specified a parenthesized subexpression and that subexpression hasn't got a match. An example is substring('foo' from 'foo(bar)?'). This should return NULL, since (bar) isn't matched, but it was mistakenly returning the whole-pattern match instead (ie, foo). * Update time zone data files to tzdata release 2008c (for DST law changes in Morocco, Iraq, Choibalsan, Pakistan, Syria, Cuba, Argentina/San_Luis, and Chile) * Fix incorrect result from ecpg's PGTYPEStimestamp_sub() function (Michael) * Fix core dump in "contrib/xml2"'s xpath_table() function when the input query returns a NULL value (Tom) * Fix "contrib/xml2"'s makefile to not override CFLAGS (Tom) * Fix DatumGetBool macro to not fail with gcc 4.3 (Tom) This problem affects "old style" (V0) C functions that return boolean. The fix is already in 8.3, but the need to back-patch it was not realized at the time. * Fix longstanding "LISTEN"/"NOTIFY" race condition (Tom) In rare cases a session that had just executed a "LISTEN" might not get a notification, even though one would be expected because the concurrent transaction executing "NOTIFY" was observed to commit later. A side effect of the fix is that a transaction that has executed a not-yet-committed "LISTEN" command will not see any row in pg_listener for the "LISTEN", should it choose to look; formerly it would have. This behavior was never documented one way or the other, but it is possible that some applications depend on the old behavior. * Fix rare crash when an error occurs during a query using a hash index (Heikki) * Fix input of datetime values for February 29 in years BC (Tom) The former coding was mistaken about which years were leap years. * Fix "unrecognized node type" error in some variants of "ALTER OWNER" (Tom) * Fix pg_ctl to correctly extract the postmaster's port number from command-line options (Itagaki Takahiro, Tom) Previously, pg_ctl start -w could try to contact the postmaster on the wrong port, leading to bogus reports of startup failure. * Use "-fwrapv" to defend against possible misoptimization in recent gcc versions (Tom) This is known to be necessary when building PostgreSQL with gcc 4.3 or later. * Fix display of constant expressions in ORDER BY and GROUP BY (Tom) An explictly casted constant would be shown incorrectly. This could for example lead to corruption of a view definition during dump and reload. * Fix libpq to handle NOTICE messages correctly during COPY OUT (Tom) This failure has only been observed to occur when a user-defined datatype's output routine issues a NOTICE, but there is no guarantee it couldn't happen due to other causes. __________________________________________________________________ Release 8.0.15 Release date: 2008-01-07 This release contains a variety of fixes from 8.0.14, including fixes for significant security issues. For information about new features in the 8.0 major release, see the Section called Release 8.0. This is the last 8.0.X release for which the PostgreSQL community will produce binary packages for Windows. Windows users are encouraged to move to 8.2.X or later, since there are Windows-specific fixes in 8.2.X that are impractical to back-port. 8.0.X will continue to be supported on other platforms. __________________________________________________________________ Migration to Version 8.0.15 A dump/restore is not required for those running 8.0.X. However, if you are upgrading from a version earlier than 8.0.6, see the release notes for 8.0.6. __________________________________________________________________ Changes * Prevent functions in indexes from executing with the privileges of the user running "VACUUM", "ANALYZE", etc (Tom) Functions used in index expressions and partial-index predicates are evaluated whenever a new table entry is made. It has long been understood that this poses a risk of trojan-horse code execution if one modifies a table owned by an untrustworthy user. (Note that triggers, defaults, check constraints, etc. pose the same type of risk.) But functions in indexes pose extra danger because they will be executed by routine maintenance operations such as "VACUUM FULL", which are commonly performed automatically under a superuser account. For example, a nefarious user can execute code with superuser privileges by setting up a trojan-horse index definition and waiting for the next routine vacuum. The fix arranges for standard maintenance operations (including "VACUUM", "ANALYZE", "REINDEX", and "CLUSTER") to execute as the table owner rather than the calling user, using the same privilege-switching mechanism already used for SECURITY DEFINER functions. To prevent bypassing this security measure, execution of "SET SESSION AUTHORIZATION" and "SET ROLE" is now forbidden within a SECURITY DEFINER context. (CVE-2007-6600) * Repair assorted bugs in the regular-expression package (Tom, Will Drewry) Suitably crafted regular-expression patterns could cause crashes, infinite or near-infinite looping, and/or massive memory consumption, all of which pose denial-of-service hazards for applications that accept regex search patterns from untrustworthy sources. (CVE-2007-4769, CVE-2007-4772, CVE-2007-6067) * Require non-superusers who use "/contrib/dblink" to use only password authentication, as a security measure (Joe) The fix that appeared for this in 8.0.14 was incomplete, as it plugged the hole for only some "dblink" functions. (CVE-2007-6601, CVE-2007-3278) * Update time zone data files to tzdata release 2007k (in particular, recent Argentina changes) (Tom) * Fix planner failure in some cases of WHERE false AND var IN (SELECT ...) (Tom) * Preserve the tablespace of indexes that are rebuilt by "ALTER TABLE ... ALTER COLUMN TYPE" (Tom) * Make archive recovery always start a new WAL timeline, rather than only when a recovery stop time was used (Simon) This avoids a corner-case risk of trying to overwrite an existing archived copy of the last WAL segment, and seems simpler and cleaner than the original definition. * Make "VACUUM" not use all of maintenance_work_mem when the table is too small for it to be useful (Alvaro) * Fix potential crash in translate() when using a multibyte database encoding (Tom) * Fix PL/Perl to cope when platform's Perl defines type bool as int rather than char (Tom) While this could theoretically happen anywhere, no standard build of Perl did things this way ... until Mac OS X 10.5. * Fix PL/Python to not crash on long exception messages (Alvaro) * Fix pg_dump to correctly handle inheritance child tables that have default expressions different from their parent's (Tom) * ecpg parser fixes (Michael) * Make "contrib/tablefunc"'s crosstab() handle NULL rowid as a category in its own right, rather than crashing (Joe) * Fix tsvector and tsquery output routines to escape backslashes correctly (Teodor, Bruce) * Fix crash of to_tsvector() on huge input strings (Teodor) * Require a specific version of Autoconf to be used when re-generating the "configure" script (Peter) This affects developers and packagers only. The change was made to prevent accidental use of untested combinations of Autoconf and PostgreSQL versions. You can remove the version check if you really want to use a different Autoconf version, but it's your responsibility whether the result works or not. __________________________________________________________________ Release 8.0.14 Release date: 2007-09-17 This release contains a variety of fixes from 8.0.13. For information about new features in the 8.0 major release, see the Section called Release 8.0. __________________________________________________________________ Migration to Version 8.0.14 A dump/restore is not required for those running 8.0.X. However, if you are upgrading from a version earlier than 8.0.6, see the release notes for 8.0.6. __________________________________________________________________ Changes * Prevent index corruption when a transaction inserts rows and then aborts close to the end of a concurrent "VACUUM" on the same table (Tom) * Make "CREATE DOMAIN ... DEFAULT NULL" work properly (Tom) * Fix excessive logging of SSL error messages (Tom) * Fix logging so that log messages are never interleaved when using the syslogger process (Andrew) * Fix crash when log_min_error_statement logging runs out of memory (Tom) * Fix incorrect handling of some foreign-key corner cases (Tom) * Prevent "CLUSTER" from failing due to attempting to process temporary tables of other sessions (Alvaro) * Update the time zone database rules, particularly New Zealand's upcoming changes (Tom) * Windows socket improvements (Magnus) * Suppress timezone name (%Z) in log timestamps on Windows because of possible encoding mismatches (Tom) * Require non-superusers who use "/contrib/dblink" to use only password authentication, as a security measure (Joe) __________________________________________________________________ Release 8.0.13 Release date: 2007-04-23 This release contains a variety of fixes from 8.0.12, including a security fix. For information about new features in the 8.0 major release, see the Section called Release 8.0. __________________________________________________________________ Migration to Version 8.0.13 A dump/restore is not required for those running 8.0.X. However, if you are upgrading from a version earlier than 8.0.6, see the release notes for 8.0.6. __________________________________________________________________ Changes * Support explicit placement of the temporary-table schema within search_path, and disable searching it for functions and operators (Tom) This is needed to allow a security-definer function to set a truly secure value of search_path. Without it, an unprivileged SQL user can use temporary objects to execute code with the privileges of the security-definer function (CVE-2007-2138). See "CREATE FUNCTION" for more information. * "/contrib/tsearch2" crash fixes (Teodor) * Fix potential-data-corruption bug in how "VACUUM FULL" handles "UPDATE" chains (Tom, Pavan Deolasee) * Fix PANIC during enlargement of a hash index (bug introduced in 8.0.10) (Tom) * Fix POSIX-style timezone specs to follow new USA DST rules (Tom) __________________________________________________________________ Release 8.0.12 Release date: 2007-02-07 This release contains one fix from 8.0.11. For information about new features in the 8.0 major release, see the Section called Release 8.0. __________________________________________________________________ Migration to Version 8.0.12 A dump/restore is not required for those running 8.0.X. However, if you are upgrading from a version earlier than 8.0.6, see the release notes for 8.0.6. __________________________________________________________________ Changes * Remove overly-restrictive check for type length in constraints and functional indexes(Tom) __________________________________________________________________ Release 8.0.11 Release date: 2007-02-05 This release contains a variety of fixes from 8.0.10, including a security fix. For information about new features in the 8.0 major release, see the Section called Release 8.0. __________________________________________________________________ Migration to Version 8.0.11 A dump/restore is not required for those running 8.0.X. However, if you are upgrading from a version earlier than 8.0.6, see the release notes for 8.0.6. __________________________________________________________________ Changes * Remove security vulnerabilities that allowed connected users to read backend memory (Tom) The vulnerabilities involve suppressing the normal check that a SQL function returns the data type it's declared to, and changing the data type of a table column (CVE-2007-0555, CVE-2007-0556). These errors can easily be exploited to cause a backend crash, and in principle might be used to read database content that the user should not be able to access. * Fix rare bug wherein btree index page splits could fail due to choosing an infeasible split point (Heikki Linnakangas) * Fix for rare Assert() crash triggered by UNION (Tom) * Tighten security of multi-byte character processing for UTF8 sequences over three bytes long (Tom) __________________________________________________________________ Release 8.0.10 Release date: 2007-01-08 This release contains a variety of fixes from 8.0.9. For information about new features in the 8.0 major release, see the Section called Release 8.0. __________________________________________________________________ Migration to Version 8.0.10 A dump/restore is not required for those running 8.0.X. However, if you are upgrading from a version earlier than 8.0.6, see the release notes for 8.0.6. __________________________________________________________________ Changes * Improve handling of getaddrinfo() on AIX (Tom) This fixes a problem with starting the statistics collector, among other things. * Fix "failed to re-find parent key" errors in "VACUUM" (Tom) * Fix race condition for truncation of a large relation across a gigabyte boundary by "VACUUM" (Tom) * Fix bugs affecting multi-gigabyte hash indexes (Tom) * Fix possible deadlock in Windows signal handling (Teodor) * Fix error when constructing an ARRAY[] made up of multiple empty elements (Tom) * Fix ecpg memory leak during connection (Michael) * to_number() and to_char(numeric) are now STABLE, not IMMUTABLE, for new initdb installs (Tom) This is because lc_numeric can potentially change the output of these functions. * Improve index usage of regular expressions that use parentheses (Tom) This improves psql \d performance also. * Update timezone database This affects Australian and Canadian daylight-savings rules in particular. __________________________________________________________________ Release 8.0.9 Release date: 2006-10-16 This release contains a variety of fixes from 8.0.8. For information about new features in the 8.0 major release, see the Section called Release 8.0. __________________________________________________________________ Migration to Version 8.0.9 A dump/restore is not required for those running 8.0.X. However, if you are upgrading from a version earlier than 8.0.6, see the release notes for 8.0.6. __________________________________________________________________ Changes * Fix crash when referencing NEW row values in rule WHERE expressions (Tom) * Fix core dump when an untyped literal is taken as ANYARRAY * Fix mishandling of AFTER triggers when query contains a SQL function returning multiple rows (Tom) * Fix "ALTER TABLE ... TYPE" to recheck NOT NULL for USING clause (Tom) * Fix string_to_array() to handle overlapping matches for the separator string For example, string_to_array('123xx456xxx789', 'xx'). * Fix corner cases in pattern matching for psql's \d commands * Fix index-corrupting bugs in /contrib/ltree (Teodor) * Numerous robustness fixes in ecpg (Joachim Wieland) * Fix backslash escaping in /contrib/dbmirror * Fix instability of statistics collection on Win32 (Tom, Andrew) * Fixes for AIX and Intel compilers (Tom) __________________________________________________________________ Release 8.0.8 Release date: 2006-05-23 This release contains a variety of fixes from 8.0.7, including patches for extremely serious security issues. For information about new features in the 8.0 major release, see the Section called Release 8.0. __________________________________________________________________ Migration to Version 8.0.8 A dump/restore is not required for those running 8.0.X. However, if you are upgrading from a version earlier than 8.0.6, see the release notes for 8.0.6. Full security against the SQL-injection attacks described in CVE-2006-2313 and CVE-2006-2314 might require changes in application code. If you have applications that embed untrustworthy strings into SQL commands, you should examine them as soon as possible to ensure that they are using recommended escaping techniques. In most cases, applications should be using subroutines provided by libraries or drivers (such as libpq's PQescapeStringConn()) to perform string escaping, rather than relying on ad hoc code to do it. __________________________________________________________________ Changes * Change the server to reject invalidly-encoded multibyte characters in all cases (Tatsuo, Tom) While PostgreSQL has been moving in this direction for some time, the checks are now applied uniformly to all encodings and all textual input, and are now always errors not merely warnings. This change defends against SQL-injection attacks of the type described in CVE-2006-2313. * Reject unsafe uses of \' in string literals As a server-side defense against SQL-injection attacks of the type described in CVE-2006-2314, the server now only accepts '' and not \' as a representation of ASCII single quote in SQL string literals. By default, \' is rejected only when client_encoding is set to a client-only encoding (SJIS, BIG5, GBK, GB18030, or UHC), which is the scenario in which SQL injection is possible. A new configuration parameter backslash_quote is available to adjust this behavior when needed. Note that full security against CVE-2006-2314 might require client-side changes; the purpose of backslash_quote is in part to make it obvious that insecure clients are insecure. * Modify libpq's string-escaping routines to be aware of encoding considerations and standard_conforming_strings This fixes libpq-using applications for the security issues described in CVE-2006-2313 and CVE-2006-2314, and also future-proofs them against the planned changeover to SQL-standard string literal syntax. Applications that use multiple PostgreSQL connections concurrently should migrate to PQescapeStringConn() and PQescapeByteaConn() to ensure that escaping is done correctly for the settings in use in each database connection. Applications that do string escaping "by hand" should be modified to rely on library routines instead. * Fix some incorrect encoding conversion functions win1251_to_iso, alt_to_iso, euc_tw_to_big5, euc_tw_to_mic, mic_to_euc_tw were all broken to varying extents. * Clean up stray remaining uses of \' in strings (Bruce, Jan) * Fix bug that sometimes caused OR'd index scans to miss rows they should have returned * Fix WAL replay for case where a btree index has been truncated * Fix SIMILAR TO for patterns involving | (Tom) * Fix "SELECT INTO" and "CREATE TABLE AS" to create tables in the default tablespace, not the base directory (Kris Jurka) * Fix server to use custom DH SSL parameters correctly (Michael Fuhr) * Fix for Bonjour on Intel Macs (Ashley Clark) * Fix various minor memory leaks * Fix problem with password prompting on some Win32 systems (Robert Kinberg) __________________________________________________________________ Release 8.0.7 Release date: 2006-02-14 This release contains a variety of fixes from 8.0.6. For information about new features in the 8.0 major release, see the Section called Release 8.0. __________________________________________________________________ Migration to Version 8.0.7 A dump/restore is not required for those running 8.0.X. However, if you are upgrading from a version earlier than 8.0.6, see the release notes for 8.0.6. __________________________________________________________________ Changes * Fix potential crash in "SET SESSION AUTHORIZATION" (CVE-2006-0553) An unprivileged user could crash the server process, resulting in momentary denial of service to other users, if the server has been compiled with Asserts enabled (which is not the default). Thanks to Akio Ishida for reporting this problem. * Fix bug with row visibility logic in self-inserted rows (Tom) Under rare circumstances a row inserted by the current command could be seen as already valid, when it should not be. Repairs bug created in 8.0.4, 7.4.9, and 7.3.11 releases. * Fix race condition that could lead to "file already exists" errors during pg_clog and pg_subtrans file creation (Tom) * Fix cases that could lead to crashes if a cache-invalidation message arrives at just the wrong time (Tom) * Properly check DOMAIN constraints for UNKNOWN parameters in prepared statements (Neil) * Ensure "ALTER COLUMN TYPE" will process FOREIGN KEY, UNIQUE, and PRIMARY KEY constraints in the proper order (Nakano Yoshihisa) * Fixes to allow restoring dumps that have cross-schema references to custom operators or operator classes (Tom) * Allow pg_restore to continue properly after a "COPY" failure; formerly it tried to treat the remaining "COPY" data as SQL commands (Stephen Frost) * Fix pg_ctl unregister crash when the data directory is not specified (Magnus) * Fix ecpg crash on AMD64 and PPC (Neil) * Recover properly if error occurs during argument passing in PL/python (Neil) * Fix PL/perl's handling of locales on Win32 to match the backend (Andrew) * Fix crash when log_min_messages is set to DEBUG3 or above in "postgresql.conf" on Win32 (Bruce) * Fix pgxs -L library path specification for Win32, Cygwin, OS X, AIX (Bruce) * Check that SID is enabled while checking for Win32 admin privileges (Magnus) * Properly reject out-of-range date inputs (Kris Jurka) * Portability fix for testing presence of finite and isinf during configure (Tom) __________________________________________________________________ Release 8.0.6 Release date: 2006-01-09 This release contains a variety of fixes from 8.0.5. For information about new features in the 8.0 major release, see the Section called Release 8.0. __________________________________________________________________ Migration to Version 8.0.6 A dump/restore is not required for those running 8.0.X. However, if you are upgrading from a version earlier than 8.0.3, see the release notes for 8.0.3. Also, you might need to "REINDEX" indexes on textual columns after updating, if you are affected by the locale or plperl issues described below. __________________________________________________________________ Changes * Fix Windows code so that postmaster will continue rather than exit if there is no more room in ShmemBackendArray (Magnus) The previous behavior could lead to a denial-of-service situation if too many connection requests arrive close together. This applies *only* to the Windows port. * Fix bug introduced in 8.0 that could allow ReadBuffer to return an already-used page as new, potentially causing loss of recently-committed data (Tom) * Fix for protocol-level Describe messages issued outside a transaction or in a failed transaction (Tom) * Fix character string comparison for locales that consider different character combinations as equal, such as Hungarian (Tom) This might require "REINDEX" to fix existing indexes on textual columns. * Set locale environment variables during postmaster startup to ensure that plperl won't change the locale later This fixes a problem that occurred if the postmaster was started with environment variables specifying a different locale than what initdb had been told. Under these conditions, any use of plperl was likely to lead to corrupt indexes. You might need "REINDEX" to fix existing indexes on textual columns if this has happened to you. * Allow more flexible relocation of installation directories (Tom) Previous releases supported relocation only if all installation directory paths were the same except for the last component. * Fix longstanding bug in strpos() and regular expression handling in certain rarely used Asian multi-byte character sets (Tatsuo) * Various fixes for functions returning RECORDs (Tom) * Fix bug in "/contrib/pgcrypto" gen_salt, which caused it not to use all available salt space for MD5 and XDES algorithms (Marko Kreen, Solar Designer) Salts for Blowfish and standard DES are unaffected. * Fix "/contrib/dblink" to throw an error, rather than crashing, when the number of columns specified is different from what's actually returned by the query (Joe) __________________________________________________________________ Release 8.0.5 Release date: 2005-12-12 This release contains a variety of fixes from 8.0.4. For information about new features in the 8.0 major release, see the Section called Release 8.0. __________________________________________________________________ Migration to Version 8.0.5 A dump/restore is not required for those running 8.0.X. However, if you are upgrading from a version earlier than 8.0.3, see the release notes for 8.0.3. __________________________________________________________________ Changes * Fix race condition in transaction log management There was a narrow window in which an I/O operation could be initiated for the wrong page, leading to an Assert failure or data corruption. * Fix bgwriter problems after recovering from errors (Tom) The background writer was found to leak buffer pins after write errors. While not fatal in itself, this might lead to mysterious blockages of later VACUUM commands. * Prevent failure if client sends Bind protocol message when current transaction is already aborted * "/contrib/ltree" fixes (Teodor) * AIX and HPUX compile fixes (Tom) * Retry file reads and writes after Windows NO_SYSTEM_RESOURCES error (Qingqing Zhou) * Fix intermittent failure when log_line_prefix includes %i * Fix psql performance issue with long scripts on Windows (Merlin Moncure) * Fix missing updates of "pg_group" flat file * Fix longstanding planning error for outer joins This bug sometimes caused a bogus error "RIGHT JOIN is only supported with merge-joinable join conditions". * Postpone timezone initialization until after "postmaster.pid" is created This avoids confusing startup scripts that expect the pid file to appear quickly. * Prevent core dump in pg_autovacuum when a table has been dropped * Fix problems with whole-row references (foo.*) to subquery results __________________________________________________________________ Release 8.0.4 Release date: 2005-10-04 This release contains a variety of fixes from 8.0.3. For information about new features in the 8.0 major release, see the Section called Release 8.0. __________________________________________________________________ Migration to Version 8.0.4 A dump/restore is not required for those running 8.0.X. However, if you are upgrading from a version earlier than 8.0.3, see the release notes for 8.0.3. __________________________________________________________________ Changes * Fix error that allowed "VACUUM" to remove ctid chains too soon, and add more checking in code that follows ctid links This fixes a long-standing problem that could cause crashes in very rare circumstances. * Fix CHAR() to properly pad spaces to the specified length when using a multiple-byte character set (Yoshiyuki Asaba) In prior releases, the padding of CHAR() was incorrect because it only padded to the specified number of bytes without considering how many characters were stored. * Force a checkpoint before committing "CREATE DATABASE" This should fix recent reports of "index is not a btree" failures when a crash occurs shortly after "CREATE DATABASE". * Fix the sense of the test for read-only transaction in "COPY" The code formerly prohibited "COPY TO", where it should prohibit "COPY FROM". * Handle consecutive embedded newlines in "COPY" CSV-mode input * Fix date_trunc(week) for dates near year end * Fix planning problem with outer-join ON clauses that reference only the inner-side relation * Further fixes for x FULL JOIN y ON true corner cases * Fix overenthusiastic optimization of x IN (SELECT DISTINCT ...) and related cases * Fix mis-planning of queries with small LIMIT values due to poorly thought out "fuzzy" cost comparison * Make array_in and array_recv more paranoid about validating their OID parameter * Fix missing rows in queries like UPDATE a=... WHERE a... with GiST index on column a * Improve robustness of datetime parsing * Improve checking for partially-written WAL pages * Improve robustness of signal handling when SSL is enabled * Improve MIPS and M68K spinlock code * Don't try to open more than max_files_per_process files during postmaster startup * Various memory leakage fixes * Various portability improvements * Update timezone data files * Improve handling of DLL load failures on Windows * Improve random-number generation on Windows * Make psql -f filename return a nonzero exit code when opening the file fails * Change pg_dump to handle inherited check constraints more reliably * Fix password prompting in pg_restore on Windows * Fix PL/pgSQL to handle var := var correctly when the variable is of pass-by-reference type * Fix PL/Perl %_SHARED so it's actually shared * Fix "contrib/pg_autovacuum" to allow sleep intervals over 2000 sec * Update "contrib/tsearch2" to use current Snowball code __________________________________________________________________ Release 8.0.3 Release date: 2005-05-09 This release contains a variety of fixes from 8.0.2, including several security-related issues. For information about new features in the 8.0 major release, see the Section called Release 8.0. __________________________________________________________________ Migration to Version 8.0.3 A dump/restore is not required for those running 8.0.X. However, it is one possible way of handling two significant security problems that have been found in the initial contents of 8.0.X system catalogs. A dump/initdb/reload sequence using 8.0.3's initdb will automatically correct these problems. The larger security problem is that the built-in character set encoding conversion functions can be invoked from SQL commands by unprivileged users, but the functions were not designed for such use and are not secure against malicious choices of arguments. The fix involves changing the declared parameter list of these functions so that they can no longer be invoked from SQL commands. (This does not affect their normal use by the encoding conversion machinery.) The lesser problem is that the "contrib/tsearch2" module creates several functions that are improperly declared to return internal when they do not accept internal arguments. This breaks type safety for all functions using internal arguments. It is strongly recommended that all installations repair these errors, either by initdb or by following the manual repair procedure given below. The errors at least allow unprivileged database users to crash their server process, and might allow unprivileged users to gain the privileges of a database superuser. If you wish not to do an initdb, perform the same manual repair procedures shown in the 7.4.8 release notes. __________________________________________________________________ Changes * Change encoding function signature to prevent misuse * Change "contrib/tsearch2" to avoid unsafe use of INTERNAL function results * Guard against incorrect second parameter to record_out * Repair ancient race condition that allowed a transaction to be seen as committed for some purposes (eg SELECT FOR UPDATE) slightly sooner than for other purposes This is an extremely serious bug since it could lead to apparent data inconsistencies being briefly visible to applications. * Repair race condition between relation extension and VACUUM This could theoretically have caused loss of a page's worth of freshly-inserted data, although the scenario seems of very low probability. There are no known cases of it having caused more than an Assert failure. * Fix comparisons of TIME WITH TIME ZONE values The comparison code was wrong in the case where the --enable-integer-datetimes configuration switch had been used. NOTE: if you have an index on a TIME WITH TIME ZONE column, it will need to be "REINDEX"ed after installing this update, because the fix corrects the sort order of column values. * Fix EXTRACT(EPOCH) for TIME WITH TIME ZONE values * Fix mis-display of negative fractional seconds in INTERVAL values This error only occurred when the --enable-integer-datetimes configuration switch had been used. * Fix pg_dump to dump trigger names containing % correctly (Neil) * Still more 64-bit fixes for "contrib/intagg" * Prevent incorrect optimization of functions returning RECORD * Prevent crash on COALESCE(NULL,NULL) * Fix Borland makefile for libpq * Fix "contrib/btree_gist" for timetz type (Teodor) * Make "pg_ctl" check the PID found in "postmaster.pid" to see if it is still a live process * Fix "pg_dump"/"pg_restore" problems caused by addition of dump timestamps * Fix interaction between materializing holdable cursors and firing deferred triggers during transaction commit * Fix memory leak in SQL functions returning pass-by-reference data types __________________________________________________________________ Release 8.0.2 Release date: 2005-04-07 This release contains a variety of fixes from 8.0.1. For information about new features in the 8.0 major release, see the Section called Release 8.0. __________________________________________________________________ Migration to Version 8.0.2 A dump/restore is not required for those running 8.0.*. This release updates the major version number of the PostgreSQL libraries, so it might be necessary to re-link some user applications if they cannot find the properly-numbered shared library. __________________________________________________________________ Changes * Increment the major version number of all interface libraries (Bruce) This should have been done in 8.0.0. It is required so 7.4.X versions of PostgreSQL client applications, like psql, can be used on the same machine as 8.0.X applications. This might require re-linking user applications that use these libraries. * Add Windows-only wal_sync_method setting of "fsync_writethrough" (Magnus, Bruce) This setting causes PostgreSQL to write through any disk-drive write cache when writing to WAL. This behavior was formerly called "fsync", but was renamed because it acts quite differently from "fsync" on other platforms. * Enable the wal_sync_method setting of "open_datasync" on Windows, and make it the default for that platform (Magnus, Bruce) Because the default is no longer "fsync_writethrough", data loss is possible during a power failure if the disk drive has write caching enabled. To turn off the write cache on Windows, from the Device Manager, choose the drive properties, then Policies. * New cache management algorithm 2Q replaces ARC (Tom) This was done to avoid a pending US patent on ARC. The 2Q code might be a few percentage points slower than ARC for some work loads. A better cache management algorithm will appear in 8.1. * Planner adjustments to improve behavior on freshly-created tables (Tom) * Allow plpgsql to assign to an element of an array that is initially NULL (Tom) Formerly the array would remain NULL, but now it becomes a single-element array. The main SQL engine was changed to handle "UPDATE" of a null array value this way in 8.0, but the similar case in plpgsql was overlooked. * Convert \r\n and \r to \n in plpython function bodies (Michael Fuhr) This prevents syntax errors when plpython code is written on a Windows or Mac client. * Allow SPI cursors to handle utility commands that return rows, such as "EXPLAIN" (Tom) * Fix "CLUSTER" failure after "ALTER TABLE SET WITHOUT OIDS" (Tom) * Reduce memory usage of "ALTER TABLE ADD COLUMN" (Neil) * Fix "ALTER LANGUAGE RENAME" (Tom) * Document the Windows-only register and unregister options of pg_ctl (Magnus) * Ensure operations done during backend shutdown are counted by statistics collector This is expected to resolve reports of pg_autovacuum not vacuuming the system catalogs often enough -- it was not being told about catalog deletions caused by temporary table removal during backend exit. * Change the Windows default for configuration parameter log_destination to "eventlog" (Magnus) By default, a server running on Windows will now send log output to the Windows event logger rather than standard error. * Make Kerberos authentication work on Windows (Magnus) * Allow "ALTER DATABASE RENAME" by superusers who aren't flagged as having CREATEDB privilege (Tom) * Modify WAL log entries for "CREATE" and "DROP DATABASE" to not specify absolute paths (Tom) This allows point-in-time recovery on a different machine with possibly different database location. Note that "CREATE TABLESPACE" still poses a hazard in such situations. * Fix crash from a backend exiting with an open transaction that created a table and opened a cursor on it (Tom) * Fix array_map() so it can call PL functions (Tom) * Several "contrib/tsearch2" and "contrib/btree_gist" fixes (Teodor) * Fix crash of some "contrib/pgcrypto" functions on some platforms (Marko Kreen) * Fix "contrib/intagg" for 64-bit platforms (Tom) * Fix ecpg bugs in parsing of "CREATE" statement (Michael) * Work around gcc bug on powerpc and amd64 causing problems in ecpg (Christof Petig) * Do not use locale-aware versions of upper(), lower(), and initcap() when the locale is C (Bruce) This allows these functions to work on platforms that generate errors for non-7-bit data when the locale is C. * Fix quote_ident() to quote names that match keywords (Tom) * Fix to_date() to behave reasonably when CC and YY fields are both used (Karel) * Prevent to_char(interval) from failing when given a zero-month interval (Tom) * Fix wrong week returned by date_trunc('week') (Bruce) date_trunc('week') returned the wrong year for the first few days of January in some years. * Use the correct default mask length for class D addresses in INET data types (Tom) __________________________________________________________________ Release 8.0.1 Release date: 2005-01-31 This release contains a variety of fixes from 8.0.0, including several security-related issues. For information about new features in the 8.0 major release, see the Section called Release 8.0. __________________________________________________________________ Migration to Version 8.0.1 A dump/restore is not required for those running 8.0.0. __________________________________________________________________ Changes * Disallow "LOAD" to non-superusers On platforms that will automatically execute initialization functions of a shared library (this includes at least Windows and ELF-based Unixen), "LOAD" can be used to make the server execute arbitrary code. Thanks to NGS Software for reporting this. * Check that creator of an aggregate function has the right to execute the specified transition functions This oversight made it possible to bypass denial of EXECUTE permission on a function. * Fix security and 64-bit issues in contrib/intagg * Add needed STRICT marking to some contrib functions (Kris Jurka) * Avoid buffer overrun when plpgsql cursor declaration has too many parameters (Neil) * Make "ALTER TABLE ADD COLUMN" enforce domain constraints in all cases * Fix planning error for FULL and RIGHT outer joins The result of the join was mistakenly supposed to be sorted the same as the left input. This could not only deliver mis-sorted output to the user, but in case of nested merge joins could give outright wrong answers. * Improve planning of grouped aggregate queries * "ROLLBACK TO savepoint" closes cursors created since the savepoint * Fix inadequate backend stack size on Windows * Avoid SHGetSpecialFolderPath() on Windows (Magnus) * Fix some problems in running pg_autovacuum as a Windows service (Dave Page) * Multiple minor bug fixes in pg_dump/pg_restore * Fix ecpg segfault with named structs used in typedefs (Michael) __________________________________________________________________ Release 8.0 Release date: 2005-01-19 __________________________________________________________________ Overview Major changes in this release: Microsoft Windows Native Server This is the first PostgreSQL release to run natively on Microsoft Windows® as a server. It can run as a Windows service. This release supports NT-based Windows releases like Windows 2000 SP4, Windows XP, and Windows 2003. Older releases like Windows 95, Windows 98, and Windows ME are not supported because these operating systems do not have the infrastructure to support PostgreSQL. A separate installer project has been created to ease installation on Windows -- see http://www.postgresql.org/ftp/win32/. Although tested throughout our release cycle, the Windows port does not have the benefit of years of use in production environments that PostgreSQL has on Unix platforms. Therefore it should be treated with the same level of caution as you would a new product. Previous releases required the Unix emulation toolkit Cygwin in order to run the server on Windows operating systems. PostgreSQL has supported native clients on Windows for many years. Savepoints Savepoints allow specific parts of a transaction to be aborted without affecting the remainder of the transaction. Prior releases had no such capability; there was no way to recover from a statement failure within a transaction except by aborting the whole transaction. This feature is valuable for application writers who require error recovery within a complex transaction. Point-In-Time Recovery In previous releases there was no way to recover from disk drive failure except to restore from a previous backup or use a standby replication server. Point-in-time recovery allows continuous backup of the server. You can recover either to the point of failure or to some transaction in the past. Tablespaces Tablespaces allow administrators to select different file systems for storage of individual tables, indexes, and databases. This improves performance and control over disk space usage. Prior releases used initlocation and manual symlink management for such tasks. Improved Buffer Management, CHECKPOINT, VACUUM This release has a more intelligent buffer replacement strategy, which will make better use of available shared buffers and improve performance. The performance impact of vacuum and checkpoints is also lessened. Change Column Types A column's data type can now be changed with "ALTER TABLE". New Perl Server-Side Language A new version of the plperl server-side language now supports a persistent shared storage area, triggers, returning records and arrays of records, and SPI calls to access the database. Comma-separated-value (CSV) support in COPY "COPY" can now read and write comma-separated-value files. It has the flexibility to interpret nonstandard quoting and separation characters too. __________________________________________________________________ Migration to Version 8.0 A dump/restore using pg_dump is required for those wishing to migrate data from any previous release. Observe the following incompatibilities: * In "READ COMMITTED" serialization mode, volatile functions now see the results of concurrent transactions committed up to the beginning of each statement within the function, rather than up to the beginning of the interactive command that called the function. * Functions declared "STABLE" or "IMMUTABLE" always use the snapshot of the calling query, and therefore do not see the effects of actions taken after the calling query starts, whether in their own transaction or other transactions. Such a function must be read-only, too, meaning that it cannot use any SQL commands other than "SELECT". * Nondeferred "AFTER" triggers are now fired immediately after completion of the triggering query, rather than upon finishing the current interactive command. This makes a difference when the triggering query occurred within a function: the trigger is invoked before the function proceeds to its next operation. * Server configuration parameters virtual_host and tcpip_socket have been replaced with a more general parameter listen_addresses. Also, the server now listens on localhost by default, which eliminates the need for the -i postmaster switch in many scenarios. * Server configuration parameters SortMem and VacuumMem have been renamed to work_mem and maintenance_work_mem to better reflect their use. The original names are still supported in "SET" and "SHOW". * Server configuration parameters log_pid, log_timestamp, and log_source_port have been replaced with a more general parameter log_line_prefix. * Server configuration parameter syslog has been replaced with a more logical log_destination variable to control the log output destination. * Server configuration parameter log_statement has been changed so it can selectively log just database modification or data definition statements. Server configuration parameter log_duration now prints only when log_statement prints the query. * Server configuration parameter max_expr_depth parameter has been replaced with max_stack_depth which measures the physical stack size rather than the expression nesting depth. This helps prevent session termination due to stack overflow caused by recursive functions. * The length() function no longer counts trailing spaces in CHAR(n) values. * Casting an integer to BIT(N) selects the rightmost N bits of the integer, not the leftmost N bits as before. * Updating an element or slice of a NULL array value now produces a nonnull array result, namely an array containing just the assigned-to positions. * Syntax checking of array input values has been tightened up considerably. Junk that was previously allowed in odd places with odd results now causes an error. Empty-string element values must now be written as "", rather than writing nothing. Also changed behavior with respect to whitespace surrounding array elements: trailing whitespace is now ignored, for symmetry with leading whitespace (which has always been ignored). * Overflow in integer arithmetic operations is now detected and reported as an error. * The arithmetic operators associated with the single-byte "char" data type have been removed. * The extract() function (also called date_part) now returns the proper year for BC dates. It previously returned one less than the correct year. The function now also returns the proper values for millennium and century. * CIDR values now must have their nonmasked bits be zero. For example, we no longer allow 204.248.199.1/31 as a CIDR value. Such values should never have been accepted by PostgreSQL and will now be rejected. * "EXECUTE" now returns a completion tag that matches the executed statement. * psql's "\copy" command now reads or writes to the query's stdin/stdout, rather than psql's stdin/stdout. The previous behavior can be accessed via new "pstdin"/"pstdout" parameters. * The JDBC client interface has been removed from the core distribution, and is now hosted at http://jdbc.postgresql.org. * The Tcl client interface has also been removed. There are several Tcl interfaces now hosted at http://gborg.postgresql.org. * The server now uses its own time zone database, rather than the one supplied by the operating system. This will provide consistent behavior across all platforms. In most cases, there should be little noticeable difference in time zone behavior, except that the time zone names used by "SET"/"SHOW" TimeZone might be different from what your platform provides. * Configure's threading option no longer requires users to run tests or edit configuration files; threading options are now detected automatically. * Now that tablespaces have been implemented, initlocation has been removed. * The API for user-defined GiST indexes has been changed. The Union and PickSplit methods are now passed a pointer to a special GistEntryVector structure, rather than a bytea. __________________________________________________________________ Deprecated Features Some aspects of PostgreSQL's behavior have been determined to be suboptimal. For the sake of backward compatibility these have not been removed in 8.0, but they are considered deprecated and will be removed in the next major release. * The 8.1 release will remove the to_char() function for intervals. * The server now warns of empty strings passed to oid/float4/float8 data types, but continues to interpret them as zeroes as before. In the next major release, empty strings will be considered invalid input for these data types. * By default, tables in PostgreSQL 8.0 and earlier are created with OIDs. In the next release, this will *not* be the case: to create a table that contains OIDs, the "WITH OIDS" clause must be specified or the default_with_oids configuration parameter must be set. Users are encouraged to explicitly specify "WITH OIDS" if their tables require OIDs for compatibility with future releases of PostgreSQL. __________________________________________________________________ Changes Below you will find a detailed account of the changes between release 8.0 and the previous major release. __________________________________________________________________ Performance Improvements * Support cross-data-type index usage (Tom) Before this change, many queries would not use an index if the data types did not match exactly. This improvement makes index usage more intuitive and consistent. * New buffer replacement strategy that improves caching (Jan) Prior releases used a least-recently-used (LRU) cache to keep recently referenced pages in memory. The LRU algorithm did not consider the number of times a specific cache entry was accessed, so large table scans could force out useful cache pages. The new cache algorithm uses four separate lists to track most recently used and most frequently used cache pages and dynamically optimize their replacement based on the work load. This should lead to much more efficient use of the shared buffer cache. Administrators who have tested shared buffer sizes in the past should retest with this new cache replacement policy. * Add subprocess to write dirty buffers periodically to reduce checkpoint writes (Jan) In previous releases, the checkpoint process, which runs every few minutes, would write all dirty buffers to the operating system's buffer cache then flush all dirty operating system buffers to disk. This resulted in a periodic spike in disk usage that often hurt performance. The new code uses a background writer to trickle disk writes at a steady pace so checkpoints have far fewer dirty pages to write to disk. Also, the new code does not issue a global sync() call, but instead fsync()s just the files written since the last checkpoint. This should improve performance and minimize degradation during checkpoints. * Add ability to prolong vacuum to reduce performance impact (Jan) On busy systems, "VACUUM" performs many I/O requests which can hurt performance for other users. This release allows you to slow down "VACUUM" to reduce its impact on other users, though this increases the total duration of "VACUUM". * Improve B-tree index performance for duplicate keys (Dmitry Tkach, Tom) This improves the way indexes are scanned when many duplicate values exist in the index. * Use dynamically-generated table size estimates while planning (Tom) Formerly the planner estimated table sizes using the values seen by the last "VACUUM" or "ANALYZE", both as to physical table size (number of pages) and number of rows. Now, the current physical table size is obtained from the kernel, and the number of rows is estimated by multiplying the table size by the row density (rows per page) seen by the last "VACUUM" or "ANALYZE". This should produce more reliable estimates in cases where the table size has changed significantly since the last housekeeping command. * Improved index usage with OR clauses (Tom) This allows the optimizer to use indexes in statements with many OR clauses that would not have been indexed in the past. It can also use multi-column indexes where the first column is specified and the second column is part of an OR clause. * Improve matching of partial index clauses (Tom) The server is now smarter about using partial indexes in queries involving complex "WHERE" clauses. * Improve performance of the GEQO optimizer (Tom) The GEQO optimizer is used to plan queries involving many tables (by default, twelve or more). This release speeds up the way queries are analyzed to decrease time spent in optimization. * Miscellaneous optimizer improvements There is not room here to list all the minor improvements made, but numerous special cases work better than in prior releases. * Improve lookup speed for C functions (Tom) This release uses a hash table to lookup information for dynamically loaded C functions. This improves their speed so they perform nearly as quickly as functions that are built into the server executable. * Add type-specific "ANALYZE" statistics capability (Mark Cave-Ayland) This feature allows more flexibility in generating statistics for nonstandard data types. * "ANALYZE" now collects statistics for expression indexes (Tom) Expression indexes (also called functional indexes) allow users to index not just columns but the results of expressions and function calls. With this release, the optimizer can gather and use statistics about the contents of expression indexes. This will greatly improve the quality of planning for queries in which an expression index is relevant. * New two-stage sampling method for "ANALYZE" (Manfred Koizar) This gives better statistics when the density of valid rows is very different in different regions of a table. * Speed up "TRUNCATE" (Tom) This buys back some of the performance loss observed in 7.4, while still keeping "TRUNCATE" transaction-safe. __________________________________________________________________ Server Changes * Add WAL file archiving and point-in-time recovery (Simon Riggs) * Add tablespaces so admins can control disk layout (Gavin) * Add a built-in log rotation program (Andreas Pflug) It is now possible to log server messages conveniently without relying on either syslog or an external log rotation program. * Add new read-only server configuration parameters to show server compile-time settings: block_size, integer_datetimes, max_function_args, max_identifier_length, max_index_keys (Joe) * Make quoting of sameuser, samegroup, and all remove special meaning of these terms in "pg_hba.conf" (Andrew) * Use clearer IPv6 name ::1/128 for localhost in default "pg_hba.conf" (Andrew) * Use CIDR format in "pg_hba.conf" examples (Andrew) * Rename server configuration parameters SortMem and VacuumMem to work_mem and maintenance_work_mem (Old names still supported) (Tom) This change was made to clarify that bulk operations such as index and foreign key creation use maintenance_work_mem, while work_mem is for workspaces used during query execution. * Allow logging of session disconnections using server configuration log_disconnections (Andrew) * Add new server configuration parameter log_line_prefix to allow control of information emitted in each log line (Andrew) Available information includes user name, database name, remote IP address, and session start time. * Remove server configuration parameters log_pid, log_timestamp, log_source_port; functionality superseded by log_line_prefix (Andrew) * Replace the virtual_host and tcpip_socket parameters with a unified listen_addresses parameter (Andrew, Tom) virtual_host could only specify a single IP address to listen on. listen_addresses allows multiple addresses to be specified. * Listen on localhost by default, which eliminates the need for the "-i" postmaster switch in many scenarios (Andrew) Listening on localhost (127.0.0.1) opens no new security holes but allows configurations like Windows and JDBC, which do not support local sockets, to work without special adjustments. * Remove syslog server configuration parameter, and add more logical log_destination variable to control log output location (Magnus) * Change server configuration parameter log_statement to take values all, mod, ddl, or none to select which queries are logged (Bruce) This allows administrators to log only data definition changes or only data modification statements. * Some logging-related configuration parameters could formerly be adjusted by ordinary users, but only in the "more verbose" direction. They are now treated more strictly: only superusers can set them. However, a superuser can use "ALTER USER" to provide per-user settings of these values for non-superusers. Also, it is now possible for superusers to set values of superuser-only configuration parameters via PGOPTIONS. * Allow configuration files to be placed outside the data directory (mlw) By default, configuration files are kept in the cluster's top directory. With this addition, configuration files can be placed outside the data directory, easing administration. * Plan prepared queries only when first executed so constants can be used for statistics (Oliver Jowett) Prepared statements plan queries once and execute them many times. While prepared queries avoid the overhead of re-planning on each use, the quality of the plan suffers from not knowing the exact parameters to be used in the query. In this release, planning of unnamed prepared statements is delayed until the first execution, and the actual parameter values of that execution are used as optimization hints. This allows use of out-of-line parameter passing without incurring a performance penalty. * Allow "DECLARE CURSOR" to take parameters (Oliver Jowett) It is now useful to issue "DECLARE CURSOR" in a Parse message with parameters. The parameter values sent at Bind time will be substituted into the execution of the cursor's query. * Fix hash joins and aggregates of inet and cidr data types (Tom) Release 7.4 handled hashing of mixed inet and cidr values incorrectly. (This bug did not exist in prior releases because they wouldn't try to hash either data type.) * Make log_duration print only when log_statement prints the query (Ed L.) __________________________________________________________________ Query Changes * Add savepoints (nested transactions) (Alvaro) * Unsupported isolation levels are now accepted and promoted to the nearest supported level (Peter) The SQL specification states that if a database doesn't support a specific isolation level, it should use the next more restrictive level. This change complies with that recommendation. * Allow "BEGIN WORK" to specify transaction isolation levels like "START TRANSACTION" does (Bruce) * Fix table permission checking for cases in which rules generate a query type different from the originally submitted query (Tom) * Implement dollar quoting to simplify single-quote usage (Andrew, Tom, David Fetter) In previous releases, because single quotes had to be used to quote a function's body, the use of single quotes inside the function text required use of two single quotes or other error-prone notations. With this release we add the ability to use "dollar quoting" to quote a block of text. The ability to use different quoting delimiters at different nesting levels greatly simplifies the task of quoting correctly, especially in complex functions. Dollar quoting can be used anywhere quoted text is needed. * Make CASE val WHEN compval1 THEN ... evaluate val only once (Tom) "CASE" no longer evaluates the tested expression multiple times. This has benefits when the expression is complex or is volatile. * Test "HAVING" before computing target list of an aggregate query (Tom) Fixes improper failure of cases such as SELECT SUM(win)/SUM(lose) ... GROUP BY ... HAVING SUM(lose) > 0. This should work but formerly could fail with divide-by-zero. * Replace max_expr_depth parameter with max_stack_depth parameter, measured in kilobytes of stack size (Tom) This gives us a fairly bulletproof defense against crashing due to runaway recursive functions. Instead of measuring the depth of expression nesting, we now directly measure the size of the execution stack. * Allow arbitrary row expressions (Tom) This release allows SQL expressions to contain arbitrary composite types, that is, row values. It also allows functions to more easily take rows as arguments and return row values. * Allow "LIKE"/"ILIKE" to be used as the operator in row and subselect comparisons (Fabien Coelho) * Avoid locale-specific case conversion of basic ASCII letters in identifiers and keywords (Tom) This solves the "Turkish problem" with mangling of words containing I and i. Folding of characters outside the 7-bit-ASCII set is still locale-aware. * Improve syntax error reporting (Fabien, Tom) Syntax error reports are more useful than before. * Change "EXECUTE" to return a completion tag matching the executed statement (Kris Jurka) Previous releases return an "EXECUTE" tag for any "EXECUTE" call. In this release, the tag returned will reflect the command executed. * Avoid emitting "NATURAL CROSS JOIN" in rule listings (Tom) Such a clause makes no logical sense, but in some cases the rule decompiler formerly produced this syntax. __________________________________________________________________ Object Manipulation Changes * Add "COMMENT ON" for casts, conversions, languages, operator classes, and large objects (Christopher) * Add new server configuration parameter default_with_oids to control whether tables are created with OIDs by default (Neil) This allows administrators to control whether "CREATE TABLE" commands create tables with or without OID columns by default. (Note: the current factory default setting for default_with_oids is TRUE, but the default will become FALSE in future releases.) * Add "WITH" / "WITHOUT OIDS" clause to "CREATE TABLE AS" (Neil) * Allow "ALTER TABLE DROP COLUMN" to drop an OID column ("ALTER TABLE SET WITHOUT OIDS" still works) (Tom) * Allow composite types as table columns (Tom) * Allow "ALTER ... ADD COLUMN" with defaults and "NOT NULL" constraints; works per SQL spec (Rod) It is now possible for "ADD COLUMN" to create a column that is not initially filled with NULLs, but with a specified default value. * Add "ALTER COLUMN TYPE" to change column's type (Rod) It is now possible to alter a column's data type without dropping and re-adding the column. * Allow multiple "ALTER" actions in a single "ALTER TABLE" command (Rod) This is particularly useful for "ALTER" commands that rewrite the table (which include "ALTER COLUMN TYPE" and "ADD COLUMN" with a default). By grouping "ALTER" commands together, the table need be rewritten only once. * Allow "ALTER TABLE" to add SERIAL columns (Tom) This falls out from the new capability of specifying defaults for new columns. * Allow changing the owners of aggregates, conversions, databases, functions, operators, operator classes, schemas, types, and tablespaces (Christopher, Euler Taveira de Oliveira) Previously this required modifying the system tables directly. * Allow temporary object creation to be limited to "SECURITY DEFINER" functions (Sean Chittenden) * Add "ALTER TABLE ... SET WITHOUT CLUSTER" (Christopher) Prior to this release, there was no way to clear an auto-cluster specification except to modify the system tables. * Constraint/Index/SERIAL names are now "table_column_type" with numbers appended to guarantee uniqueness within the schema (Tom) The SQL specification states that such names should be unique within a schema. * Add pg_get_serial_sequence() to return a SERIAL column's sequence name (Christopher) This allows automated scripts to reliably find the SERIAL sequence name. * Warn when primary/foreign key data type mismatch requires costly lookup * New "ALTER INDEX" command to allow moving of indexes between tablespaces (Gavin) * Make "ALTER TABLE OWNER" change dependent sequence ownership too (Alvaro) __________________________________________________________________ Utility Command Changes * Allow "CREATE SCHEMA" to create triggers, indexes, and sequences (Neil) * Add "ALSO" keyword to "CREATE RULE" (Fabien Coelho) This allows "ALSO" to be added to rule creation to contrast it with "INSTEAD" rules. * Add "NOWAIT" option to "LOCK" (Tatsuo) This allows the "LOCK" command to fail if it would have to wait for the requested lock. * Allow "COPY" to read and write comma-separated-value (CSV) files (Andrew, Bruce) * Generate error if the "COPY" delimiter and NULL string conflict (Bruce) * "GRANT"/"REVOKE" behavior follows the SQL spec more closely * Avoid locking conflict between "CREATE INDEX" and "CHECKPOINT" (Tom) In 7.3 and 7.4, a long-running B-tree index build could block concurrent "CHECKPOINT"s from completing, thereby causing WAL bloat because the WAL log could not be recycled. * Database-wide "ANALYZE" does not hold locks across tables (Tom) This reduces the potential for deadlocks against other backends that want exclusive locks on tables. To get the benefit of this change, do not execute database-wide "ANALYZE" inside a transaction block ("BEGIN" block); it must be able to commit and start a new transaction for each table. * "REINDEX" does not exclusively lock the index's parent table anymore The index itself is still exclusively locked, but readers of the table can continue if they are not using the particular index being rebuilt. * Erase MD5 user passwords when a user is renamed (Bruce) PostgreSQL uses the user name as salt when encrypting passwords via MD5. When a user's name is changed, the salt will no longer match the stored MD5 password, so the stored password becomes useless. In this release a notice is generated and the password is cleared. A new password must then be assigned if the user is to be able to log in with a password. * New pg_ctl "kill" option for Windows (Andrew) Windows does not have a kill command to send signals to backends so this capability was added to pg_ctl. * Information schema improvements * Add "--pwfile" option to initdb so the initial password can be set by GUI tools (Magnus) * Detect locale/encoding mismatch in initdb (Peter) * Add "register" command to pg_ctl to register Windows operating system service (Dave Page) __________________________________________________________________ Data Type and Function Changes * More complete support for composite types (row types) (Tom) Composite values can be used in many places where only scalar values worked before. * Reject nonrectangular array values as erroneous (Joe) Formerly, array_in would silently build a surprising result. * Overflow in integer arithmetic operations is now detected (Tom) * The arithmetic operators associated with the single-byte "char" data type have been removed. Formerly, the parser would select these operators in many situations where an "unable to select an operator" error would be more appropriate, such as null * null. If you actually want to do arithmetic on a "char" column, you can cast it to integer explicitly. * Syntax checking of array input values considerably tightened up (Joe) Junk that was previously allowed in odd places with odd results now causes an ERROR, for example, non-whitespace after the closing right brace. * Empty-string array element values must now be written as "", rather than writing nothing (Joe) Formerly, both ways of writing an empty-string element value were allowed, but now a quoted empty string is required. The case where nothing at all appears will probably be considered to be a NULL element value in some future release. * Array element trailing whitespace is now ignored (Joe) Formerly leading whitespace was ignored, but trailing whitespace between an element value and the delimiter or right brace was significant. Now trailing whitespace is also ignored. * Emit array values with explicit array bounds when lower bound is not one (Joe) * Accept YYYY-monthname-DD as a date string (Tom) * Make netmask and hostmask functions return maximum-length mask length (Tom) * Change factorial function to return numeric (Gavin) Returning numeric allows the factorial function to work for a wider range of input values. * to_char/to_date() date conversion improvements (Kurt Roeckx, Fabien Coelho) * Make length() disregard trailing spaces in CHAR(n) (Gavin) This change was made to improve consistency: trailing spaces are semantically insignificant in CHAR(n) data, so they should not be counted by length(). * Warn about empty string being passed to OID/float4/float8 data types (Neil) 8.1 will throw an error instead. * Allow leading or trailing whitespace in int2/int4/int8/float4/float8 input routines (Neil) * Better support for IEEE Infinity and NaN values in float4/float8 (Neil) These should now work on all platforms that support IEEE-compliant floating point arithmetic. * Add "week" option to date_trunc() (Robert Creager) * Fix to_char for 1 BC (previously it returned 1 AD) (Bruce) * Fix date_part(year) for BC dates (previously it returned one less than the correct year) (Bruce) * Fix date_part() to return the proper millennium and century (Fabien Coelho) In previous versions, the century and millennium results had a wrong number and started in the wrong year, as compared to standard reckoning of such things. * Add ceiling() as an alias for ceil(), and power() as an alias for pow() for standards compliance (Neil) * Change ln(), log(), power(), and sqrt() to emit the correct SQLSTATE error codes for certain error conditions, as specified by SQL:2003 (Neil) * Add width_bucket() function as defined by SQL:2003 (Neil) * Add generate_series() functions to simplify working with numeric sets (Joe) * Fix upper/lower/initcap() functions to work with multibyte encodings (Tom) * Add boolean and bitwise integer "AND"/"OR" aggregates (Fabien Coelho) * New session information functions to return network addresses for client and server (Sean Chittenden) * Add function to determine the area of a closed path (Sean Chittenden) * Add function to send cancel request to other backends (Magnus) * Add interval plus datetime operators (Tom) The reverse ordering, datetime plus interval, was already supported, but both are required by the SQL standard. * Casting an integer to BIT(N) selects the rightmost N bits of the integer (Tom) In prior releases, the leftmost N bits were selected, but this was deemed unhelpful, not to mention inconsistent with casting from bit to int. * Require CIDR values to have all nonmasked bits be zero (Kevin Brintnall) __________________________________________________________________ Server-Side Language Changes * In READ COMMITTED serialization mode, volatile functions now see the results of concurrent transactions committed up to the beginning of each statement within the function, rather than up to the beginning of the interactive command that called the function. * Functions declared STABLE or IMMUTABLE always use the snapshot of the calling query, and therefore do not see the effects of actions taken after the calling query starts, whether in their own transaction or other transactions. Such a function must be read-only, too, meaning that it cannot use any SQL commands other than "SELECT". There is a considerable performance gain from declaring a function STABLE or IMMUTABLE rather than VOLATILE. * Nondeferred "AFTER" triggers are now fired immediately after completion of the triggering query, rather than upon finishing the current interactive command. This makes a difference when the triggering query occurred within a function: the trigger is invoked before the function proceeds to its next operation. For example, if a function inserts a new row into a table, any nondeferred foreign key checks occur before proceeding with the function. * Allow function parameters to be declared with names (Dennis Björklund) This allows better documentation of functions. Whether the names actually do anything depends on the specific function language being used. * Allow PL/pgSQL parameter names to be referenced in the function (Dennis Björklund) This basically creates an automatic alias for each named parameter. * Do minimal syntax checking of PL/pgSQL functions at creation time (Tom) This allows us to catch simple syntax errors sooner. * More support for composite types (row and record variables) in PL/pgSQL For example, it now works to pass a rowtype variable to another function as a single variable. * Default values for PL/pgSQL variables can now reference previously declared variables * Improve parsing of PL/pgSQL FOR loops (Tom) Parsing is now driven by presence of ".." rather than data type of "FOR" variable. This makes no difference for correct functions, but should result in more understandable error messages when a mistake is made. * Major overhaul of PL/Perl server-side language (Command Prompt, Andrew Dunstan) * In PL/Tcl, SPI commands are now run in subtransactions. If an error occurs, the subtransaction is cleaned up and the error is reported as an ordinary Tcl error, which can be trapped with catch. Formerly, it was not possible to catch such errors. * Accept "ELSEIF" in PL/pgSQL (Neil) Previously PL/pgSQL only allowed "ELSIF", but many people are accustomed to spelling this keyword "ELSEIF". __________________________________________________________________ psql Changes * Improve psql information display about database objects (Christopher) * Allow psql to display group membership in "\du" and "\dg" (Markus Bertheau) * Prevent psql "\dn" from showing temporary schemas (Bruce) * Allow psql to handle tilde user expansion for file names (Zach Irmen) * Allow psql to display fancy prompts, including color, via readline (Reece Hart, Chet Ramey) * Make psql "\copy" match "COPY" command syntax fully (Tom) * Show the location of syntax errors (Fabien Coelho, Tom) * Add "CLUSTER" information to psql "\d" display (Bruce) * Change psql "\copy stdin/stdout" to read from command input/output (Bruce) * Add "pstdin"/"pstdout" to read from psql's stdin/stdout (Mark Feit) * Add global psql configuration file, "psqlrc.sample" (Bruce) This allows a central file where global psql startup commands can be stored. * Have psql "\d+" indicate if the table has an OID column (Neil) * On Windows, use binary mode in psql when reading files so control-Z is not seen as end-of-file * Have "\dn+" show permissions and description for schemas (Dennis Björklund) * Improve tab completion support (Stefan Kaltenbrunn, Greg Sabino Mullane) * Allow boolean settings to be set using upper or lower case (Michael Paesold) __________________________________________________________________ pg_dump Changes * Use dependency information to improve the reliability of pg_dump (Tom) This should solve the longstanding problems with related objects sometimes being dumped in the wrong order. * Have pg_dump output objects in alphabetical order if possible (Tom) This should make it easier to identify changes between dump files. * Allow pg_restore to ignore some SQL errors (Fabien Coelho) This makes pg_restore's behavior similar to the results of feeding a pg_dump output script to psql. In most cases, ignoring errors and plowing ahead is the most useful thing to do. Also added was a pg_restore option to give the old behavior of exiting on an error. * pg_restore "-l" display now includes objects' schema names * New begin/end markers in pg_dump text output (Bruce) * Add start/stop times for pg_dump/pg_dumpall in verbose mode (Bruce) * Allow most pg_dump options in pg_dumpall (Christopher) * Have pg_dump use "ALTER OWNER" rather than "SET SESSION AUTHORIZATION" by default (Christopher) __________________________________________________________________ libpq Changes * Make libpq's "SIGPIPE" handling thread-safe (Bruce) * Add PQmbdsplen() which returns the display length of a character (Tatsuo) * Add thread locking to SSL and Kerberos connections (Manfred Spraul) * Allow PQoidValue(), PQcmdTuples(), and PQoidStatus() to work on "EXECUTE" commands (Neil) * Add PQserverVersion() to provide more convenient access to the server version number (Greg Sabino Mullane) * Add PQprepare/PQsendPrepared() functions to support preparing statements without necessarily specifying the data types of their parameters (Abhijit Menon-Sen) * Many ECPG improvements, including "SET DESCRIPTOR" (Michael) __________________________________________________________________ Source Code Changes * Allow the database server to run natively on Windows (Claudio, Magnus, Andrew) * Shell script commands converted to C versions for Windows support (Andrew) * Create an extension makefile framework (Fabien Coelho, Peter) This simplifies the task of building extensions outside the original source tree. * Support relocatable installations (Bruce) Directory paths for installed files (such as the "/share" directory) are now computed relative to the actual location of the executables, so that an installation tree can be moved to another place without reconfiguring and rebuilding. * Use "--with-docdir" to choose installation location of documentation; also allow "--infodir" (Peter) * Add "--without-docdir" to prevent installation of documentation (Peter) * Upgrade to DocBook V4.2 SGML (Peter) * New PostgreSQL CVS tag (Marc) This was done to make it easier for organizations to manage their own copies of the PostgreSQL CVS repository. File version stamps from the master repository will not get munged by checking into or out of a copied repository. * Clarify locking code (Manfred Koizar) * Buffer manager cleanup (Neil) * Decouple platform tests from CPU spinlock code (Bruce, Tom) * Add inlined test-and-set code on PA-RISC for gcc (ViSolve, Tom) * Improve i386 spinlock code (Manfred Spraul) * Clean up spinlock assembly code to avoid warnings from newer gcc releases (Tom) * Remove JDBC from source tree; now a separate project * Remove the libpgtcl client interface; now a separate project * More accurately estimate memory and file descriptor usage (Tom) * Improvements to the Mac OS X startup scripts (Ray A.) * New fsync() test program (Bruce) * Major documentation improvements (Neil, Peter) * Remove pg_encoding; not needed anymore * Remove pg_id; not needed anymore * Remove initlocation; not needed anymore * Auto-detect thread flags (no more manual testing) (Bruce) * Use Olson's public domain timezone library (Magnus) * With threading enabled, use thread flags on Unixware for backend executables too (Bruce) Unixware cannot mix threaded and nonthreaded object files in the same executable, so everything must be compiled as threaded. * psql now uses a flex-generated lexical analyzer to process command strings * Reimplement the linked list data structure used throughout the backend (Neil) This improves performance by allowing list append and length operations to be more efficient. * Allow dynamically loaded modules to create their own server configuration parameters (Thomas Hallgren) * New Brazilian version of FAQ (Euler Taveira de Oliveira) * Add French FAQ (Guillaume Lelarge) * New pgevent for Windows logging * Make libpq and ECPG build as proper shared libraries on OS X (Tom) __________________________________________________________________ Contrib Changes * Overhaul of "contrib/dblink" (Joe) * "contrib/dbmirror" improvements (Steven Singer) * New "contrib/xml2" (John Gray, Torchbox) * Updated "contrib/mysql" * New version of "contrib/btree_gist" (Teodor) * New "contrib/trgm", trigram matching for PostgreSQL (Teodor) * Many "contrib/tsearch2" improvements (Teodor) * Add double metaphone to "contrib/fuzzystrmatch" (Andrew) * Allow "contrib/pg_autovacuum" to run as a Windows service (Dave Page) * Add functions to "contrib/dbsize" (Andreas Pflug) * Removed "contrib/pg_logger": obsoleted by integrated logging subprocess * Removed "contrib/rserv": obsoleted by various separate projects __________________________________________________________________ Release 7.4.30 Release date: 2010-10-04 This release contains a variety of fixes from 7.4.29. For information about new features in the 7.4 major release, see the Section called Release 7.4. This is expected to be the last PostgreSQL release in the 7.4.X series. Users are encouraged to update to a newer release branch soon. __________________________________________________________________ Migration to Version 7.4.30 A dump/restore is not required for those running 7.4.X. However, if you are upgrading from a version earlier than 7.4.26, see the release notes for 7.4.26. __________________________________________________________________ Changes * Use a separate interpreter for each calling SQL userid in PL/Perl and PL/Tcl (Tom Lane) This change prevents security problems that can be caused by subverting Perl or Tcl code that will be executed later in the same session under another SQL user identity (for example, within a SECURITY DEFINER function). Most scripting languages offer numerous ways that that might be done, such as redefining standard functions or operators called by the target function. Without this change, any SQL user with Perl or Tcl language usage rights can do essentially anything with the SQL privileges of the target function's owner. The cost of this change is that intentional communication among Perl and Tcl functions becomes more difficult. To provide an escape hatch, PL/PerlU and PL/TclU functions continue to use only one interpreter per session. This is not considered a security issue since all such functions execute at the trust level of a database superuser already. It is likely that third-party procedural languages that claim to offer trusted execution have similar security issues. We advise contacting the authors of any PL you are depending on for security-critical purposes. Our thanks to Tim Bunce for pointing out this issue (CVE-2010-3433). * Prevent possible crashes in pg_get_expr() by disallowing it from being called with an argument that is not one of the system catalog columns it's intended to be used with (Heikki Linnakangas, Tom Lane) * Fix "cannot handle unplanned sub-select" error (Tom Lane) This occurred when a sub-select contains a join alias reference that expands into an expression containing another sub-select. * Take care to fsync the contents of lockfiles (both "postmaster.pid" and the socket lockfile) while writing them (Tom Lane) This omission could result in corrupted lockfile contents if the machine crashes shortly after postmaster start. That could in turn prevent subsequent attempts to start the postmaster from succeeding, until the lockfile is manually removed. * Improve "contrib/dblink"'s handling of tables containing dropped columns (Tom Lane) * Fix connection leak after "duplicate connection name" errors in "contrib/dblink" (Itagaki Takahiro) * Update build infrastructure and documentation to reflect the source code repository's move from CVS to Git (Magnus Hagander and others) __________________________________________________________________ Release 7.4.29 Release date: 2010-05-17 This release contains a variety of fixes from 7.4.28. For information about new features in the 7.4 major release, see the Section called Release 7.4. The PostgreSQL community will stop releasing updates for the 7.4.X release series in July 2010. Users are encouraged to update to a newer release branch soon. __________________________________________________________________ Migration to Version 7.4.29 A dump/restore is not required for those running 7.4.X. However, if you are upgrading from a version earlier than 7.4.26, see the release notes for 7.4.26. __________________________________________________________________ Changes * Enforce restrictions in plperl using an opmask applied to the whole interpreter, instead of using "Safe.pm" (Tim Bunce, Andrew Dunstan) Recent developments have convinced us that "Safe.pm" is too insecure to rely on for making plperl trustable. This change removes use of "Safe.pm" altogether, in favor of using a separate interpreter with an opcode mask that is always applied. Pleasant side effects of the change include that it is now possible to use Perl's strict pragma in a natural way in plperl, and that Perl's $a and $b variables work as expected in sort routines, and that function compilation is significantly faster. (CVE-2010-1169) * Prevent PL/Tcl from executing untrustworthy code from pltcl_modules (Tom) PL/Tcl's feature for autoloading Tcl code from a database table could be exploited for trojan-horse attacks, because there was no restriction on who could create or insert into that table. This change disables the feature unless pltcl_modules is owned by a superuser. (However, the permissions on the table are not checked, so installations that really need a less-than-secure modules table can still grant suitable privileges to trusted non-superusers.) Also, prevent loading code into the unrestricted "normal" Tcl interpreter unless we are really going to execute a pltclu function. (CVE-2010-1170) * Do not allow an unprivileged user to reset superuser-only parameter settings (Alvaro) Previously, if an unprivileged user ran ALTER USER ... RESET ALL for himself, or ALTER DATABASE ... RESET ALL for a database he owns, this would remove all special parameter settings for the user or database, even ones that are only supposed to be changeable by a superuser. Now, the "ALTER" will only remove the parameters that the user has permission to change. * Avoid possible crash during backend shutdown if shutdown occurs when a CONTEXT addition would be made to log entries (Tom) In some cases the context-printing function would fail because the current transaction had already been rolled back when it came time to print a log message. * Update pl/perl's "ppport.h" for modern Perl versions (Andrew) * Fix assorted memory leaks in pl/python (Andreas Freund, Tom) * Ensure that "contrib/pgstattuple" functions respond to cancel interrupts promptly (Tatsuhito Kasahara) * Make server startup deal properly with the case that shmget() returns EINVAL for an existing shared memory segment (Tom) This behavior has been observed on BSD-derived kernels including OS X. It resulted in an entirely-misleading startup failure complaining that the shared memory request size was too large. __________________________________________________________________ Release 7.4.28 Release date: 2010-03-15 This release contains a variety of fixes from 7.4.27. For information about new features in the 7.4 major release, see the Section called Release 7.4. The PostgreSQL community will stop releasing updates for the 7.4.X release series in July 2010. Users are encouraged to update to a newer release branch soon. __________________________________________________________________ Migration to Version 7.4.28 A dump/restore is not required for those running 7.4.X. However, if you are upgrading from a version earlier than 7.4.26, see the release notes for 7.4.26. __________________________________________________________________ Changes * Add new configuration parameter ssl_renegotiation_limit to control how often we do session key renegotiation for an SSL connection (Magnus) This can be set to zero to disable renegotiation completely, which may be required if a broken SSL library is used. In particular, some vendors are shipping stopgap patches for CVE-2009-3555 that cause renegotiation attempts to fail. * Make substring() for bit types treat any negative length as meaning "all the rest of the string" (Tom) The previous coding treated only -1 that way, and would produce an invalid result value for other negative values, possibly leading to a crash (CVE-2010-0442). * Fix some cases of pathologically slow regular expression matching (Tom) * When reading "pg_hba.conf" and related files, do not treat @something as a file inclusion request if the @ appears inside quote marks; also, never treat @ by itself as a file inclusion request (Tom) This prevents erratic behavior if a role or database name starts with @. If you need to include a file whose path name contains spaces, you can still do so, but you must write @"/path to/file" rather than putting the quotes around the whole construct. * Prevent infinite loop on some platforms if a directory is named as an inclusion target in "pg_hba.conf" and related files (Tom) * Ensure PL/Tcl initializes the Tcl interpreter fully (Tom) The only known symptom of this oversight is that the Tcl clock command misbehaves if using Tcl 8.5 or later. * Prevent crash in "contrib/dblink" when too many key columns are specified to a dblink_build_sql_* function (Rushabh Lathia, Joe Conway) __________________________________________________________________ Release 7.4.27 Release date: 2009-12-14 This release contains a variety of fixes from 7.4.26. For information about new features in the 7.4 major release, see the Section called Release 7.4. __________________________________________________________________ Migration to Version 7.4.27 A dump/restore is not required for those running 7.4.X. However, if you are upgrading from a version earlier than 7.4.26, see the release notes for 7.4.26. __________________________________________________________________ Changes * Protect against indirect security threats caused by index functions changing session-local state (Gurjeet Singh, Tom) This change prevents allegedly-immutable index functions from possibly subverting a superuser's session (CVE-2009-4136). * Reject SSL certificates containing an embedded null byte in the common name (CN) field (Magnus) This prevents unintended matching of a certificate to a server or client name during SSL validation (CVE-2009-4034). * Fix possible crash during backend-startup-time cache initialization (Tom) * Prevent signals from interrupting VACUUM at unsafe times (Alvaro) This fix prevents a PANIC if a VACUUM FULL is cancelled after it's already committed its tuple movements, as well as transient errors if a plain VACUUM is interrupted after having truncated the table. * Fix possible crash due to integer overflow in hash table size calculation (Tom) This could occur with extremely large planner estimates for the size of a hashjoin's result. * Fix very rare crash in inet/cidr comparisons (Chris Mikkelson) * Fix PAM password processing to be more robust (Tom) The previous code is known to fail with the combination of the Linux pam_krb5 PAM module with Microsoft Active Directory as the domain controller. It might have problems elsewhere too, since it was making unjustified assumptions about what arguments the PAM stack would pass to it. * Make the postmaster ignore any application_name parameter in connection request packets, to improve compatibility with future libpq versions (Tom) __________________________________________________________________ Release 7.4.26 Release date: 2009-09-09 This release contains a variety of fixes from 7.4.25. For information about new features in the 7.4 major release, see the Section called Release 7.4. __________________________________________________________________ Migration to Version 7.4.26 A dump/restore is not required for those running 7.4.X. However, if you have any hash indexes on interval columns, you must "REINDEX" them after updating to 7.4.26. Also, if you are upgrading from a version earlier than 7.4.11, see the release notes for 7.4.11. __________________________________________________________________ Changes * Disallow "RESET ROLE" and "RESET SESSION AUTHORIZATION" inside security-definer functions (Tom, Heikki) This covers a case that was missed in the previous patch that disallowed "SET ROLE" and "SET SESSION AUTHORIZATION" inside security-definer functions. (See CVE-2007-6600) * Fix handling of sub-SELECTs appearing in the arguments of an outer-level aggregate function (Tom) * Fix hash calculation for data type interval (Tom) This corrects wrong results for hash joins on interval values. It also changes the contents of hash indexes on interval columns. If you have any such indexes, you must "REINDEX" them after updating. * Fix overflow for INTERVAL 'x ms' when "x" is more than 2 million and integer datetimes are in use (Alex Hunsaker) * Fix calculation of distance between a point and a line segment (Tom) This led to incorrect results from a number of geometric operators. * Fix money data type to work in locales where currency amounts have no fractional digits, e.g. Japan (Itagaki Takahiro) * Properly round datetime input like 00:12:57.9999999999999999999999999999 (Tom) * Fix poor choice of page split point in GiST R-tree operator classes (Teodor) * Fix portability issues in plperl initialization (Andrew Dunstan) * Improve robustness of libpq's code to recover from errors during "COPY FROM STDIN" (Tom) * Avoid including conflicting readline and editline header files when both libraries are installed (Zdenek Kotala) __________________________________________________________________ Release 7.4.25 Release date: 2009-03-16 This release contains a variety of fixes from 7.4.24. For information about new features in the 7.4 major release, see the Section called Release 7.4. __________________________________________________________________ Migration to Version 7.4.25 A dump/restore is not required for those running 7.4.X. However, if you are upgrading from a version earlier than 7.4.11, see the release notes for 7.4.11. __________________________________________________________________ Changes * Prevent error recursion crashes when encoding conversion fails (Tom) This change extends fixes made in the last two minor releases for related failure scenarios. The previous fixes were narrowly tailored for the original problem reports, but we have now recognized that *any* error thrown by an encoding conversion function could potentially lead to infinite recursion while trying to report the error. The solution therefore is to disable translation and encoding conversion and report the plain-ASCII form of any error message, if we find we have gotten into a recursive error reporting situation. (CVE-2009-0922) * Disallow "CREATE CONVERSION" with the wrong encodings for the specified conversion function (Heikki) This prevents one possible scenario for encoding conversion failure. The previous change is a backstop to guard against other kinds of failures in the same area. * Fix core dump when to_char() is given format codes that are inappropriate for the type of the data argument (Tom) * Add MUST (Mauritius Island Summer Time) to the default list of known timezone abbreviations (Xavier Bugaud) __________________________________________________________________ Release 7.4.24 Release date: 2009-02-02 This release contains a variety of fixes from 7.4.23. For information about new features in the 7.4 major release, see the Section called Release 7.4. __________________________________________________________________ Migration to Version 7.4.24 A dump/restore is not required for those running 7.4.X. However, if you are upgrading from a version earlier than 7.4.11, see the release notes for 7.4.11. __________________________________________________________________ Changes * Improve handling of URLs in headline() function (Teodor) * Improve handling of overlength headlines in headline() function (Teodor) * Prevent possible Assert failure or misconversion if an encoding conversion is created with the wrong conversion function for the specified pair of encodings (Tom, Heikki) * Avoid unnecessary locking of small tables in "VACUUM" (Heikki) * Fix uninitialized variables in "contrib/tsearch2"'s get_covers() function (Teodor) * Fix bug in to_char()'s handling of TH format codes (Andreas Scherbaum) * Make all documentation reference pgsql-bugs and/or pgsql-hackers as appropriate, instead of the now-decommissioned pgsql-ports and pgsql-patches mailing lists (Tom) __________________________________________________________________ Release 7.4.23 Release date: 2008-11-03 This release contains a variety of fixes from 7.4.22. For information about new features in the 7.4 major release, see the Section called Release 7.4. __________________________________________________________________ Migration to Version 7.4.23 A dump/restore is not required for those running 7.4.X. However, if you are upgrading from a version earlier than 7.4.11, see the release notes for 7.4.11. __________________________________________________________________ Changes * Fix backend crash when the client encoding cannot represent a localized error message (Tom) We have addressed similar issues before, but it would still fail if the "character has no equivalent" message itself couldn't be converted. The fix is to disable localization and send the plain ASCII error message when we detect such a situation. * Fix incorrect tsearch2 headline generation when single query item matches first word of text (Sushant Sinha) * Fix improper display of fractional seconds in interval values when using a non-ISO datestyle in an "--enable-integer-datetimes" build (Ron Mayer) * Ensure SPI_getvalue and SPI_getbinval behave correctly when the passed tuple and tuple descriptor have different numbers of columns (Tom) This situation is normal when a table has had columns added or removed, but these two functions didn't handle it properly. The only likely consequence is an incorrect error indication. * Fix ecpg's parsing of "CREATE USER" (Michael) __________________________________________________________________ Release 7.4.22 Release date: 2008-09-22 This release contains a variety of fixes from 7.4.21. For information about new features in the 7.4 major release, see the Section called Release 7.4. __________________________________________________________________ Migration to Version 7.4.22 A dump/restore is not required for those running 7.4.X. However, if you are upgrading from a version earlier than 7.4.11, see the release notes for 7.4.11. __________________________________________________________________ Changes * Fix datetime input functions to correctly detect integer overflow when running on a 64-bit platform (Tom) * Improve performance of writing very long log messages to syslog (Tom) * Fix bug in backwards scanning of a cursor on a SELECT DISTINCT ON query (Tom) * Fix planner to estimate that GROUP BY expressions yielding boolean results always result in two groups, regardless of the expressions' contents (Tom) This is very substantially more accurate than the regular GROUP BY estimate for certain boolean tests like "col" IS NULL. * Improve pg_dump and pg_restore's error reporting after failure to send a SQL command (Tom) __________________________________________________________________ Release 7.4.21 Release date: 2008-06-12 This release contains one serious bug fix over 7.4.20. For information about new features in the 7.4 major release, see the Section called Release 7.4. __________________________________________________________________ Migration to Version 7.4.21 A dump/restore is not required for those running 7.4.X. However, if you are upgrading from a version earlier than 7.4.11, see the release notes for 7.4.11. __________________________________________________________________ Changes * Make pg_get_ruledef() parenthesize negative constants (Tom) Before this fix, a negative constant in a view or rule might be dumped as, say, -42::integer, which is subtly incorrect: it should be (-42)::integer due to operator precedence rules. Usually this would make little difference, but it could interact with another recent patch to cause PostgreSQL to reject what had been a valid "SELECT DISTINCT" view query. Since this could result in pg_dump output failing to reload, it is being treated as a high-priority fix. The only released versions in which dump output is actually incorrect are 8.3.1 and 8.2.7. __________________________________________________________________ Release 7.4.20 Release date: never released This release contains a variety of fixes from 7.4.19. For information about new features in the 7.4 major release, see the Section called Release 7.4. __________________________________________________________________ Migration to Version 7.4.20 A dump/restore is not required for those running 7.4.X. However, if you are upgrading from a version earlier than 7.4.11, see the release notes for 7.4.11. __________________________________________________________________ Changes * Fix conversions between ISO-8859-5 and other encodings to handle Cyrillic "Yo" characters (e and E with two dots) (Sergey Burladyan) * Fix a few datatype input functions that were allowing unused bytes in their results to contain uninitialized, unpredictable values (Tom) This could lead to failures in which two apparently identical literal values were not seen as equal, resulting in the parser complaining about unmatched ORDER BY and DISTINCT expressions. * Fix a corner case in regular-expression substring matching (substring(string from pattern)) (Tom) The problem occurs when there is a match to the pattern overall but the user has specified a parenthesized subexpression and that subexpression hasn't got a match. An example is substring('foo' from 'foo(bar)?'). This should return NULL, since (bar) isn't matched, but it was mistakenly returning the whole-pattern match instead (ie, foo). * Fix incorrect result from ecpg's PGTYPEStimestamp_sub() function (Michael) * Fix DatumGetBool macro to not fail with gcc 4.3 (Tom) This problem affects "old style" (V0) C functions that return boolean. The fix is already in 8.3, but the need to back-patch it was not realized at the time. * Fix longstanding "LISTEN"/"NOTIFY" race condition (Tom) In rare cases a session that had just executed a "LISTEN" might not get a notification, even though one would be expected because the concurrent transaction executing "NOTIFY" was observed to commit later. A side effect of the fix is that a transaction that has executed a not-yet-committed "LISTEN" command will not see any row in pg_listener for the "LISTEN", should it choose to look; formerly it would have. This behavior was never documented one way or the other, but it is possible that some applications depend on the old behavior. * Fix display of constant expressions in ORDER BY and GROUP BY (Tom) An explictly casted constant would be shown incorrectly. This could for example lead to corruption of a view definition during dump and reload. * Fix libpq to handle NOTICE messages correctly during COPY OUT (Tom) This failure has only been observed to occur when a user-defined datatype's output routine issues a NOTICE, but there is no guarantee it couldn't happen due to other causes. __________________________________________________________________ Release 7.4.19 Release date: 2008-01-07 This release contains a variety of fixes from 7.4.18, including fixes for significant security issues. For information about new features in the 7.4 major release, see the Section called Release 7.4. __________________________________________________________________ Migration to Version 7.4.19 A dump/restore is not required for those running 7.4.X. However, if you are upgrading from a version earlier than 7.4.11, see the release notes for 7.4.11. __________________________________________________________________ Changes * Prevent functions in indexes from executing with the privileges of the user running "VACUUM", "ANALYZE", etc (Tom) Functions used in index expressions and partial-index predicates are evaluated whenever a new table entry is made. It has long been understood that this poses a risk of trojan-horse code execution if one modifies a table owned by an untrustworthy user. (Note that triggers, defaults, check constraints, etc. pose the same type of risk.) But functions in indexes pose extra danger because they will be executed by routine maintenance operations such as "VACUUM FULL", which are commonly performed automatically under a superuser account. For example, a nefarious user can execute code with superuser privileges by setting up a trojan-horse index definition and waiting for the next routine vacuum. The fix arranges for standard maintenance operations (including "VACUUM", "ANALYZE", "REINDEX", and "CLUSTER") to execute as the table owner rather than the calling user, using the same privilege-switching mechanism already used for SECURITY DEFINER functions. To prevent bypassing this security measure, execution of "SET SESSION AUTHORIZATION" and "SET ROLE" is now forbidden within a SECURITY DEFINER context. (CVE-2007-6600) * Repair assorted bugs in the regular-expression package (Tom, Will Drewry) Suitably crafted regular-expression patterns could cause crashes, infinite or near-infinite looping, and/or massive memory consumption, all of which pose denial-of-service hazards for applications that accept regex search patterns from untrustworthy sources. (CVE-2007-4769, CVE-2007-4772, CVE-2007-6067) * Require non-superusers who use "/contrib/dblink" to use only password authentication, as a security measure (Joe) The fix that appeared for this in 7.4.18 was incomplete, as it plugged the hole for only some "dblink" functions. (CVE-2007-6601, CVE-2007-3278) * Fix planner failure in some cases of WHERE false AND var IN (SELECT ...) (Tom) * Fix potential crash in translate() when using a multibyte database encoding (Tom) * Fix PL/Python to not crash on long exception messages (Alvaro) * ecpg parser fixes (Michael) * Make "contrib/tablefunc"'s crosstab() handle NULL rowid as a category in its own right, rather than crashing (Joe) * Fix tsvector and tsquery output routines to escape backslashes correctly (Teodor, Bruce) * Fix crash of to_tsvector() on huge input strings (Teodor) * Require a specific version of Autoconf to be used when re-generating the "configure" script (Peter) This affects developers and packagers only. The change was made to prevent accidental use of untested combinations of Autoconf and PostgreSQL versions. You can remove the version check if you really want to use a different Autoconf version, but it's your responsibility whether the result works or not. __________________________________________________________________ Release 7.4.18 Release date: 2007-09-17 This release contains fixes from 7.4.17. For information about new features in the 7.4 major release, see the Section called Release 7.4. __________________________________________________________________ Migration to Version 7.4.18 A dump/restore is not required for those running 7.4.X. However, if you are upgrading from a version earlier than 7.4.11, see the release notes for 7.4.11. __________________________________________________________________ Changes * Prevent index corruption when a transaction inserts rows and then aborts close to the end of a concurrent "VACUUM" on the same table (Tom) * Make "CREATE DOMAIN ... DEFAULT NULL" work properly (Tom) * Fix excessive logging of SSL error messages (Tom) * Fix crash when log_min_error_statement logging runs out of memory (Tom) * Prevent "CLUSTER" from failing due to attempting to process temporary tables of other sessions (Alvaro) * Require non-superusers who use "/contrib/dblink" to use only password authentication, as a security measure (Joe) __________________________________________________________________ Release 7.4.17 Release date: 2007-04-23 This release contains fixes from 7.4.16, including a security fix. For information about new features in the 7.4 major release, see the Section called Release 7.4. __________________________________________________________________ Migration to Version 7.4.17 A dump/restore is not required for those running 7.4.X. However, if you are upgrading from a version earlier than 7.4.11, see the release notes for 7.4.11. __________________________________________________________________ Changes * Support explicit placement of the temporary-table schema within search_path, and disable searching it for functions and operators (Tom) This is needed to allow a security-definer function to set a truly secure value of search_path. Without it, an unprivileged SQL user can use temporary objects to execute code with the privileges of the security-definer function (CVE-2007-2138). See "CREATE FUNCTION" for more information. * "/contrib/tsearch2" crash fixes (Teodor) * Fix potential-data-corruption bug in how "VACUUM FULL" handles "UPDATE" chains (Tom, Pavan Deolasee) * Fix PANIC during enlargement of a hash index (bug introduced in 7.4.15) (Tom) __________________________________________________________________ Release 7.4.16 Release date: 2007-02-05 This release contains a variety of fixes from 7.4.15, including a security fix. For information about new features in the 7.4 major release, see the Section called Release 7.4. __________________________________________________________________ Migration to Version 7.4.16 A dump/restore is not required for those running 7.4.X. However, if you are upgrading from a version earlier than 7.4.11, see the release notes for 7.4.11. __________________________________________________________________ Changes * Remove security vulnerability that allowed connected users to read backend memory (Tom) The vulnerability involves suppressing the normal check that a SQL function returns the data type it's declared to, or changing the data type of a table column used in a SQL function (CVE-2007-0555). This error can easily be exploited to cause a backend crash, and in principle might be used to read database content that the user should not be able to access. * Fix rare bug wherein btree index page splits could fail due to choosing an infeasible split point (Heikki Linnakangas) * Fix for rare Assert() crash triggered by UNION (Tom) * Tighten security of multi-byte character processing for UTF8 sequences over three bytes long (Tom) __________________________________________________________________ Release 7.4.15 Release date: 2007-01-08 This release contains a variety of fixes from 7.4.14. For information about new features in the 7.4 major release, see the Section called Release 7.4. __________________________________________________________________ Migration to Version 7.4.15 A dump/restore is not required for those running 7.4.X. However, if you are upgrading from a version earlier than 7.4.11, see the release notes for 7.4.11. __________________________________________________________________ Changes * Improve handling of getaddrinfo() on AIX (Tom) This fixes a problem with starting the statistics collector, among other things. * Fix "failed to re-find parent key" errors in "VACUUM" (Tom) * Fix bugs affecting multi-gigabyte hash indexes (Tom) * Fix error when constructing an ARRAY[] made up of multiple empty elements (Tom) * to_number() and to_char(numeric) are now STABLE, not IMMUTABLE, for new initdb installs (Tom) This is because lc_numeric can potentially change the output of these functions. * Improve index usage of regular expressions that use parentheses (Tom) This improves psql \d performance also. __________________________________________________________________ Release 7.4.14 Release date: 2006-10-16 This release contains a variety of fixes from 7.4.13. For information about new features in the 7.4 major release, see the Section called Release 7.4. __________________________________________________________________ Migration to Version 7.4.14 A dump/restore is not required for those running 7.4.X. However, if you are upgrading from a version earlier than 7.4.11, see the release notes for 7.4.11. __________________________________________________________________ Changes * Fix core dump when an untyped literal is taken as ANYARRAY * Fix string_to_array() to handle overlapping matches for the separator string For example, string_to_array('123xx456xxx789', 'xx'). * Fix corner cases in pattern matching for psql's \d commands * Fix index-corrupting bugs in /contrib/ltree (Teodor) * Fix backslash escaping in /contrib/dbmirror * Adjust regression tests for recent changes in US DST laws __________________________________________________________________ Release 7.4.13 Release date: 2006-05-23 This release contains a variety of fixes from 7.4.12, including patches for extremely serious security issues. For information about new features in the 7.4 major release, see the Section called Release 7.4. __________________________________________________________________ Migration to Version 7.4.13 A dump/restore is not required for those running 7.4.X. However, if you are upgrading from a version earlier than 7.4.11, see the release notes for 7.4.11. Full security against the SQL-injection attacks described in CVE-2006-2313 and CVE-2006-2314 might require changes in application code. If you have applications that embed untrustworthy strings into SQL commands, you should examine them as soon as possible to ensure that they are using recommended escaping techniques. In most cases, applications should be using subroutines provided by libraries or drivers (such as libpq's PQescapeStringConn()) to perform string escaping, rather than relying on ad hoc code to do it. __________________________________________________________________ Changes * Change the server to reject invalidly-encoded multibyte characters in all cases (Tatsuo, Tom) While PostgreSQL has been moving in this direction for some time, the checks are now applied uniformly to all encodings and all textual input, and are now always errors not merely warnings. This change defends against SQL-injection attacks of the type described in CVE-2006-2313. * Reject unsafe uses of \' in string literals As a server-side defense against SQL-injection attacks of the type described in CVE-2006-2314, the server now only accepts '' and not \' as a representation of ASCII single quote in SQL string literals. By default, \' is rejected only when client_encoding is set to a client-only encoding (SJIS, BIG5, GBK, GB18030, or UHC), which is the scenario in which SQL injection is possible. A new configuration parameter backslash_quote is available to adjust this behavior when needed. Note that full security against CVE-2006-2314 might require client-side changes; the purpose of backslash_quote is in part to make it obvious that insecure clients are insecure. * Modify libpq's string-escaping routines to be aware of encoding considerations and standard_conforming_strings This fixes libpq-using applications for the security issues described in CVE-2006-2313 and CVE-2006-2314, and also future-proofs them against the planned changeover to SQL-standard string literal syntax. Applications that use multiple PostgreSQL connections concurrently should migrate to PQescapeStringConn() and PQescapeByteaConn() to ensure that escaping is done correctly for the settings in use in each database connection. Applications that do string escaping "by hand" should be modified to rely on library routines instead. * Fix some incorrect encoding conversion functions win1251_to_iso, alt_to_iso, euc_tw_to_big5, euc_tw_to_mic, mic_to_euc_tw were all broken to varying extents. * Clean up stray remaining uses of \' in strings (Bruce, Jan) * Fix bug that sometimes caused OR'd index scans to miss rows they should have returned * Fix WAL replay for case where a btree index has been truncated * Fix SIMILAR TO for patterns involving | (Tom) * Fix server to use custom DH SSL parameters correctly (Michael Fuhr) * Fix for Bonjour on Intel Macs (Ashley Clark) * Fix various minor memory leaks __________________________________________________________________ Release 7.4.12 Release date: 2006-02-14 This release contains a variety of fixes from 7.4.11. For information about new features in the 7.4 major release, see the Section called Release 7.4. __________________________________________________________________ Migration to Version 7.4.12 A dump/restore is not required for those running 7.4.X. However, if you are upgrading from a version earlier than 7.4.11, see the release notes for 7.4.11. __________________________________________________________________ Changes * Fix potential crash in "SET SESSION AUTHORIZATION" (CVE-2006-0553) An unprivileged user could crash the server process, resulting in momentary denial of service to other users, if the server has been compiled with Asserts enabled (which is not the default). Thanks to Akio Ishida for reporting this problem. * Fix bug with row visibility logic in self-inserted rows (Tom) Under rare circumstances a row inserted by the current command could be seen as already valid, when it should not be. Repairs bug created in 7.4.9 and 7.3.11 releases. * Fix race condition that could lead to "file already exists" errors during pg_clog file creation (Tom) * Properly check DOMAIN constraints for UNKNOWN parameters in prepared statements (Neil) * Fix to allow restoring dumps that have cross-schema references to custom operators (Tom) * Portability fix for testing presence of finite and isinf during configure (Tom) __________________________________________________________________ Release 7.4.11 Release date: 2006-01-09 This release contains a variety of fixes from 7.4.10. For information about new features in the 7.4 major release, see the Section called Release 7.4. __________________________________________________________________ Migration to Version 7.4.11 A dump/restore is not required for those running 7.4.X. However, if you are upgrading from a version earlier than 7.4.8, see the release notes for 7.4.8. Also, you might need to "REINDEX" indexes on textual columns after updating, if you are affected by the locale or plperl issues described below. __________________________________________________________________ Changes * Fix for protocol-level Describe messages issued outside a transaction or in a failed transaction (Tom) * Fix character string comparison for locales that consider different character combinations as equal, such as Hungarian (Tom) This might require "REINDEX" to fix existing indexes on textual columns. * Set locale environment variables during postmaster startup to ensure that plperl won't change the locale later This fixes a problem that occurred if the postmaster was started with environment variables specifying a different locale than what initdb had been told. Under these conditions, any use of plperl was likely to lead to corrupt indexes. You might need "REINDEX" to fix existing indexes on textual columns if this has happened to you. * Fix longstanding bug in strpos() and regular expression handling in certain rarely used Asian multi-byte character sets (Tatsuo) * Fix bug in "/contrib/pgcrypto" gen_salt, which caused it not to use all available salt space for MD5 and XDES algorithms (Marko Kreen, Solar Designer) Salts for Blowfish and standard DES are unaffected. * Fix "/contrib/dblink" to throw an error, rather than crashing, when the number of columns specified is different from what's actually returned by the query (Joe) __________________________________________________________________ Release 7.4.10 Release date: 2005-12-12 This release contains a variety of fixes from 7.4.9. For information about new features in the 7.4 major release, see the Section called Release 7.4. __________________________________________________________________ Migration to Version 7.4.10 A dump/restore is not required for those running 7.4.X. However, if you are upgrading from a version earlier than 7.4.8, see the release notes for 7.4.8. __________________________________________________________________ Changes * Fix race condition in transaction log management There was a narrow window in which an I/O operation could be initiated for the wrong page, leading to an Assert failure or data corruption. * Prevent failure if client sends Bind protocol message when current transaction is already aborted * "/contrib/ltree" fixes (Teodor) * AIX and HPUX compile fixes (Tom) * Fix longstanding planning error for outer joins This bug sometimes caused a bogus error "RIGHT JOIN is only supported with merge-joinable join conditions". * Prevent core dump in pg_autovacuum when a table has been dropped __________________________________________________________________ Release 7.4.9 Release date: 2005-10-04 This release contains a variety of fixes from 7.4.8. For information about new features in the 7.4 major release, see the Section called Release 7.4. __________________________________________________________________ Migration to Version 7.4.9 A dump/restore is not required for those running 7.4.X. However, if you are upgrading from a version earlier than 7.4.8, see the release notes for 7.4.8. __________________________________________________________________ Changes * Fix error that allowed "VACUUM" to remove ctid chains too soon, and add more checking in code that follows ctid links This fixes a long-standing problem that could cause crashes in very rare circumstances. * Fix CHAR() to properly pad spaces to the specified length when using a multiple-byte character set (Yoshiyuki Asaba) In prior releases, the padding of CHAR() was incorrect because it only padded to the specified number of bytes without considering how many characters were stored. * Fix the sense of the test for read-only transaction in "COPY" The code formerly prohibited "COPY TO", where it should prohibit "COPY FROM". * Fix planning problem with outer-join ON clauses that reference only the inner-side relation * Further fixes for x FULL JOIN y ON true corner cases * Make array_in and array_recv more paranoid about validating their OID parameter * Fix missing rows in queries like UPDATE a=... WHERE a... with GiST index on column a * Improve robustness of datetime parsing * Improve checking for partially-written WAL pages * Improve robustness of signal handling when SSL is enabled * Don't try to open more than max_files_per_process files during postmaster startup * Various memory leakage fixes * Various portability improvements * Fix PL/pgSQL to handle var := var correctly when the variable is of pass-by-reference type * Update "contrib/tsearch2" to use current Snowball code __________________________________________________________________ Release 7.4.8 Release date: 2005-05-09 This release contains a variety of fixes from 7.4.7, including several security-related issues. For information about new features in the 7.4 major release, see the Section called Release 7.4. __________________________________________________________________ Migration to Version 7.4.8 A dump/restore is not required for those running 7.4.X. However, it is one possible way of handling two significant security problems that have been found in the initial contents of 7.4.X system catalogs. A dump/initdb/reload sequence using 7.4.8's initdb will automatically correct these problems. The larger security problem is that the built-in character set encoding conversion functions can be invoked from SQL commands by unprivileged users, but the functions were not designed for such use and are not secure against malicious choices of arguments. The fix involves changing the declared parameter list of these functions so that they can no longer be invoked from SQL commands. (This does not affect their normal use by the encoding conversion machinery.) The lesser problem is that the "contrib/tsearch2" module creates several functions that are misdeclared to return internal when they do not accept internal arguments. This breaks type safety for all functions using internal arguments. It is strongly recommended that all installations repair these errors, either by initdb or by following the manual repair procedures given below. The errors at least allow unprivileged database users to crash their server process, and might allow unprivileged users to gain the privileges of a database superuser. If you wish not to do an initdb, perform the following procedures instead. As the database superuser, do: BEGIN; UPDATE pg_proc SET proargtypes[3] = 'internal'::regtype WHERE pronamespace = 11 AND pronargs = 5 AND proargtypes[2] = 'cstring'::regtype; -- The command should report having updated 90 rows; -- if not, rollback and investigate instead of committing! COMMIT; Next, if you have installed "contrib/tsearch2", do: BEGIN; UPDATE pg_proc SET proargtypes[0] = 'internal'::regtype WHERE oid IN ( 'dex_init(text)'::regprocedure, 'snb_en_init(text)'::regprocedure, 'snb_ru_init(text)'::regprocedure, 'spell_init(text)'::regprocedure, 'syn_init(text)'::regprocedure ); -- The command should report having updated 5 rows; -- if not, rollback and investigate instead of committing! COMMIT; If this command fails with a message like "function "dex_init(text)" does not exist", then either "tsearch2" is not installed in this database, or you already did the update. The above procedures must be carried out in *each* database of an installation, including template1, and ideally including template0 as well. If you do not fix the template databases then any subsequently created databases will contain the same errors. template1 can be fixed in the same way as any other database, but fixing template0 requires additional steps. First, from any database issue: UPDATE pg_database SET datallowconn = true WHERE datname = 'template0'; Next connect to template0 and perform the above repair procedures. Finally, do: -- re-freeze template0: VACUUM FREEZE; -- and protect it against future alterations: UPDATE pg_database SET datallowconn = false WHERE datname = 'template0'; __________________________________________________________________ Changes * Change encoding function signature to prevent misuse * Change "contrib/tsearch2" to avoid unsafe use of INTERNAL function results * Repair ancient race condition that allowed a transaction to be seen as committed for some purposes (eg SELECT FOR UPDATE) slightly sooner than for other purposes This is an extremely serious bug since it could lead to apparent data inconsistencies being briefly visible to applications. * Repair race condition between relation extension and VACUUM This could theoretically have caused loss of a page's worth of freshly-inserted data, although the scenario seems of very low probability. There are no known cases of it having caused more than an Assert failure. * Fix comparisons of TIME WITH TIME ZONE values The comparison code was wrong in the case where the --enable-integer-datetimes configuration switch had been used. NOTE: if you have an index on a TIME WITH TIME ZONE column, it will need to be "REINDEX"ed after installing this update, because the fix corrects the sort order of column values. * Fix EXTRACT(EPOCH) for TIME WITH TIME ZONE values * Fix mis-display of negative fractional seconds in INTERVAL values This error only occurred when the --enable-integer-datetimes configuration switch had been used. * Ensure operations done during backend shutdown are counted by statistics collector This is expected to resolve reports of pg_autovacuum not vacuuming the system catalogs often enough -- it was not being told about catalog deletions caused by temporary table removal during backend exit. * Additional buffer overrun checks in plpgsql (Neil) * Fix pg_dump to dump trigger names containing % correctly (Neil) * Fix "contrib/pgcrypto" for newer OpenSSL builds (Marko Kreen) * Still more 64-bit fixes for "contrib/intagg" * Prevent incorrect optimization of functions returning RECORD * Prevent to_char(interval) from dumping core for month-related formats * Prevent crash on COALESCE(NULL,NULL) * Fix array_map to call PL functions correctly * Fix permission checking in "ALTER DATABASE RENAME" * Fix "ALTER LANGUAGE RENAME" * Make RemoveFromWaitQueue clean up after itself This fixes a lock management error that would only be visible if a transaction was kicked out of a wait for a lock (typically by query cancel) and then the holder of the lock released it within a very narrow window. * Fix problem with untyped parameter appearing in "INSERT ... SELECT" * Fix "CLUSTER" failure after "ALTER TABLE SET WITHOUT OIDS" __________________________________________________________________ Release 7.4.7 Release date: 2005-01-31 This release contains a variety of fixes from 7.4.6, including several security-related issues. For information about new features in the 7.4 major release, see the Section called Release 7.4. __________________________________________________________________ Migration to Version 7.4.7 A dump/restore is not required for those running 7.4.X. __________________________________________________________________ Changes * Disallow "LOAD" to non-superusers On platforms that will automatically execute initialization functions of a shared library (this includes at least Windows and ELF-based Unixen), "LOAD" can be used to make the server execute arbitrary code. Thanks to NGS Software for reporting this. * Check that creator of an aggregate function has the right to execute the specified transition functions This oversight made it possible to bypass denial of EXECUTE permission on a function. * Fix security and 64-bit issues in contrib/intagg * Add needed STRICT marking to some contrib functions (Kris Jurka) * Avoid buffer overrun when plpgsql cursor declaration has too many parameters (Neil) * Fix planning error for FULL and RIGHT outer joins The result of the join was mistakenly supposed to be sorted the same as the left input. This could not only deliver mis-sorted output to the user, but in case of nested merge joins could give outright wrong answers. * Fix plperl for quote marks in tuple fields * Fix display of negative intervals in SQL and GERMAN datestyles * Make age(timestamptz) do calculation in local timezone not GMT __________________________________________________________________ Release 7.4.6 Release date: 2004-10-22 This release contains a variety of fixes from 7.4.5. For information about new features in the 7.4 major release, see the Section called Release 7.4. __________________________________________________________________ Migration to Version 7.4.6 A dump/restore is not required for those running 7.4.X. __________________________________________________________________ Changes * Repair possible failure to update hint bits on disk Under rare circumstances this oversight could lead to "could not access transaction status" failures, which qualifies it as a potential-data-loss bug. * Ensure that hashed outer join does not miss tuples Very large left joins using a hash join plan could fail to output unmatched left-side rows given just the right data distribution. * Disallow running pg_ctl as root This is to guard against any possible security issues. * Avoid using temp files in "/tmp" in "make_oidjoins_check" This has been reported as a security issue, though it's hardly worthy of concern since there is no reason for non-developers to use this script anyway. * Prevent forced backend shutdown from re-emitting prior command result In rare cases, a client might think that its last command had succeeded when it really had been aborted by forced database shutdown. * Repair bug in pg_stat_get_backend_idset This could lead to misbehavior in some of the system-statistics views. * Fix small memory leak in postmaster * Fix "expected both swapped tables to have TOAST tables" bug This could arise in cases such as CLUSTER after ALTER TABLE DROP COLUMN. * Prevent pg_ctl restart from adding -D multiple times * Fix problem with NULL values in GiST indexes * :: is no longer interpreted as a variable in an ECPG prepare statement __________________________________________________________________ Release 7.4.5 Release date: 2004-08-18 This release contains one serious bug fix over 7.4.4. For information about new features in the 7.4 major release, see the Section called Release 7.4. __________________________________________________________________ Migration to Version 7.4.5 A dump/restore is not required for those running 7.4.X. __________________________________________________________________ Changes * Repair possible crash during concurrent B-tree index insertions This patch fixes a rare case in which concurrent insertions into a B-tree index could result in a server panic. No permanent damage would result, but it's still worth a re-release. The bug does not exist in pre-7.4 releases. __________________________________________________________________ Release 7.4.4 Release date: 2004-08-16 This release contains a variety of fixes from 7.4.3. For information about new features in the 7.4 major release, see the Section called Release 7.4. __________________________________________________________________ Migration to Version 7.4.4 A dump/restore is not required for those running 7.4.X. __________________________________________________________________ Changes * Prevent possible loss of committed transactions during crash Due to insufficient interlocking between transaction commit and checkpointing, it was possible for transactions committed just before the most recent checkpoint to be lost, in whole or in part, following a database crash and restart. This is a serious bug that has existed since PostgreSQL 7.1. * Check HAVING restriction before evaluating result list of an aggregate plan * Avoid crash when session's current user ID is deleted * Fix hashed crosstab for zero-rows case (Joe) * Force cache update after renaming a column in a foreign key * Pretty-print UNION queries correctly * Make psql handle \r\n newlines properly in COPY IN * pg_dump handled ACLs with grant options incorrectly * Fix thread support for OS X and Solaris * Updated JDBC driver (build 215) with various fixes * ECPG fixes * Translation updates (various contributors) __________________________________________________________________ Release 7.4.3 Release date: 2004-06-14 This release contains a variety of fixes from 7.4.2. For information about new features in the 7.4 major release, see the Section called Release 7.4. __________________________________________________________________ Migration to Version 7.4.3 A dump/restore is not required for those running 7.4.X. __________________________________________________________________ Changes * Fix temporary memory leak when using non-hashed aggregates (Tom) * ECPG fixes, including some for Informix compatibility (Michael) * Fixes for compiling with thread-safety, particularly Solaris (Bruce) * Fix error in COPY IN termination when using the old network protocol (ljb) * Several important fixes in pg_autovacuum, including fixes for large tables, unsigned oids, stability, temp tables, and debug mode (Matthew T. O'Connor) * Fix problem with reading tar-format dumps on NetBSD and BSD/OS (Bruce) * Several JDBC fixes * Fix ALTER SEQUENCE RESTART where last_value equals the restart value (Tom) * Repair failure to recalculate nested sub-selects (Tom) * Fix problems with non-constant expressions in LIMIT/OFFSET * Support FULL JOIN with no join clause, such as X FULL JOIN Y ON TRUE (Tom) * Fix another zero-column table bug (Tom) * Improve handling of non-qualified identifiers in GROUP BY clauses in sub-selects (Tom) Select-list aliases within the sub-select will now take precedence over names from outer query levels. * Do not generate "NATURAL CROSS JOIN" when decompiling rules (Tom) * Add checks for invalid field length in binary COPY (Tom) This fixes a difficult-to-exploit security hole. * Avoid locking conflict between "ANALYZE" and "LISTEN"/"NOTIFY" * Numerous translation updates (various contributors) __________________________________________________________________ Release 7.4.2 Release date: 2004-03-08 This release contains a variety of fixes from 7.4.1. For information about new features in the 7.4 major release, see the Section called Release 7.4. __________________________________________________________________ Migration to Version 7.4.2 A dump/restore is not required for those running 7.4.X. However, it might be advisable as the easiest method of incorporating fixes for two errors that have been found in the initial contents of 7.4.X system catalogs. A dump/initdb/reload sequence using 7.4.2's initdb will automatically correct these problems. The more severe of the two errors is that data type anyarray has the wrong alignment label; this is a problem because the pg_statistic system catalog uses anyarray columns. The mislabeling can cause planner misestimations and even crashes when planning queries that involve WHERE clauses on double-aligned columns (such as float8 and timestamp). It is strongly recommended that all installations repair this error, either by initdb or by following the manual repair procedure given below. The lesser error is that the system view pg_settings ought to be marked as having public update access, to allow UPDATE pg_settings to be used as a substitute for "SET". This can also be fixed either by initdb or manually, but it is not necessary to fix unless you want to use UPDATE pg_settings. If you wish not to do an initdb, the following procedure will work for fixing pg_statistic. As the database superuser, do: -- clear out old data in pg_statistic: DELETE FROM pg_statistic; VACUUM pg_statistic; -- this should update 1 row: UPDATE pg_type SET typalign = 'd' WHERE oid = 2277; -- this should update 6 rows: UPDATE pg_attribute SET attalign = 'd' WHERE atttypid = 2277; -- -- At this point you MUST start a fresh backend to avoid a crash! -- -- repopulate pg_statistic: ANALYZE; This can be done in a live database, but beware that all backends running in the altered database must be restarted before it is safe to repopulate pg_statistic. To repair the pg_settings error, simply do: GRANT SELECT, UPDATE ON pg_settings TO PUBLIC; The above procedures must be carried out in *each* database of an installation, including template1, and ideally including template0 as well. If you do not fix the template databases then any subsequently created databases will contain the same errors. template1 can be fixed in the same way as any other database, but fixing template0 requires additional steps. First, from any database issue: UPDATE pg_database SET datallowconn = true WHERE datname = 'template0'; Next connect to template0 and perform the above repair procedures. Finally, do: -- re-freeze template0: VACUUM FREEZE; -- and protect it against future alterations: UPDATE pg_database SET datallowconn = false WHERE datname = 'template0'; __________________________________________________________________ Changes Release 7.4.2 incorporates all the fixes included in release 7.3.6, plus the following fixes: * Fix pg_statistics alignment bug that could crash optimizer See above for details about this problem. * Allow non-super users to update pg_settings * Fix several optimizer bugs, most of which led to "variable not found in subplan target lists" errors * Avoid out-of-memory failure during startup of large multiple index scan * Fix multibyte problem that could lead to "out of memory" error during "COPY IN" * Fix problems with "SELECT INTO" / "CREATE TABLE AS" from tables without OIDs * Fix problems with "alter_table" regression test during parallel testing * Fix problems with hitting open file limit, especially on OS X (Tom) * Partial fix for Turkish-locale issues initdb will succeed now in Turkish locale, but there are still some inconveniences associated with the i/I problem. * Make pg_dump set client encoding on restore * Other minor pg_dump fixes * Allow ecpg to again use C keywords as column names (Michael) * Added ecpg WHENEVER NOT_FOUND to SELECT/INSERT/UPDATE/DELETE (Michael) * Fix ecpg crash for queries calling set-returning functions (Michael) * Various other ecpg fixes (Michael) * Fixes for Borland compiler * Thread build improvements (Bruce) * Various other build fixes * Various JDBC fixes __________________________________________________________________ Release 7.4.1 Release date: 2003-12-22 This release contains a variety of fixes from 7.4. For information about new features in the 7.4 major release, see the Section called Release 7.4. __________________________________________________________________ Migration to Version 7.4.1 A dump/restore is *not* required for those running 7.4. If you want to install the fixes in the information schema you need to reload it into the database. This is either accomplished by initializing a new cluster by running "initdb", or by running the following sequence of SQL commands in each database (ideally including template1) as a superuser in psql, after installing the new release: DROP SCHEMA information_schema CASCADE; \i /usr/local/pgsql/share/information_schema.sql Substitute your installation path in the second command. __________________________________________________________________ Changes * Fixed bug in "CREATE SCHEMA" parsing in ECPG (Michael) * Fix compile error when "--enable-thread-safety" and "--with-perl" are used together (Peter) * Fix for subqueries that used hash joins (Tom) Certain subqueries that used hash joins would crash because of improperly shared structures. * Fix free space map compaction bug (Tom) This fixes a bug where compaction of the free space map could lead to a database server shutdown. * Fix for Borland compiler build of libpq (Bruce) * Fix netmask() and hostmask() to return the maximum-length masklen (Tom) Fix these functions to return values consistent with pre-7.4 releases. * Several "contrib/pg_autovacuum" fixes Fixes include improper variable initialization, missing vacuum after "TRUNCATE", and duration computation overflow for long vacuums. * Allow compile of "contrib/cube" under Cygwin (Jason Tishler) * Fix Solaris use of password file when no passwords are defined (Tom) Fix crash on Solaris caused by use of any type of password authentication when no passwords were defined. * JDBC fix for thread problems, other fixes * Fix for bytea index lookups (Joe) * Fix information schema for bit data types (Peter) * Force zero_damaged_pages to be on during recovery from WAL * Prevent some obscure cases of "variable not in subplan target lists" * Make PQescapeBytea and byteaout consistent with each other (Joe) * Escape bytea output for bytes > 0x7e(Joe) If different client encodings are used for bytea output and input, it is possible for bytea values to be corrupted by the differing encodings. This fix escapes all bytes that might be affected. * Added missing SPI_finish() calls to dblink's get_tuple_of_interest() (Joe) * New Czech FAQ * Fix information schema view constraint_column_usage for foreign keys (Peter) * ECPG fixes (Michael) * Fix bug with multiple IN subqueries and joins in the subqueries (Tom) * Allow COUNT('x') to work (Tom) * Install ECPG include files for Informix compatibility into separate directory (Peter) Some names of ECPG include files for Informix compatibility conflicted with operating system include files. By installing them in their own directory, name conflicts have been reduced. * Fix SSL memory leak (Neil) This release fixes a bug in 7.4 where SSL didn't free all memory it allocated. * Prevent "pg_service.conf" from using service name as default dbname (Bruce) * Fix local ident authentication on FreeBSD (Tom) __________________________________________________________________ Release 7.4 Release date: 2003-11-17 __________________________________________________________________ Overview Major changes in this release: IN / NOT IN subqueries are now much more efficient In previous releases, IN/NOT IN subqueries were joined to the upper query by sequentially scanning the subquery looking for a match. The 7.4 code uses the same sophisticated techniques used by ordinary joins and so is much faster. An IN will now usually be as fast as or faster than an equivalent EXISTS subquery; this reverses the conventional wisdom that applied to previous releases. Improved GROUP BY processing by using hash buckets In previous releases, rows to be grouped had to be sorted first. The 7.4 code can do GROUP BY without sorting, by accumulating results into a hash table with one entry per group. It will still use the sort technique, however, if the hash table is estimated to be too large to fit in sort_mem. New multikey hash join capability In previous releases, hash joins could only occur on single keys. This release allows multicolumn hash joins. Queries using the explicit JOIN syntax are now better optimized Prior releases evaluated queries using the explicit JOIN syntax only in the order implied by the syntax. 7.4 allows full optimization of these queries, meaning the optimizer considers all possible join orderings and chooses the most efficient. Outer joins, however, must still follow the declared ordering. Faster and more powerful regular expression code The entire regular expression module has been replaced with a new version by Henry Spencer, originally written for Tcl. The code greatly improves performance and supports several flavors of regular expressions. Function-inlining for simple SQL functions Simple SQL functions can now be inlined by including their SQL in the main query. This improves performance by eliminating per-call overhead. That means simple SQL functions now behave like macros. Full support for IPv6 connections and IPv6 address data types Previous releases allowed only IPv4 connections, and the IP data types only supported IPv4 addresses. This release adds full IPv6 support in both of these areas. Major improvements in SSL performance and reliability Several people very familiar with the SSL API have overhauled our SSL code to improve SSL key negotiation and error recovery. Make free space map efficiently reuse empty index pages, and other free space management improvements In previous releases, B-tree index pages that were left empty because of deleted rows could only be reused by rows with index values similar to the rows originally indexed on that page. In 7.4, "VACUUM" records empty index pages and allows them to be reused for any future index rows. SQL-standard information schema The information schema provides a standardized and stable way to access information about the schema objects defined in a database. Cursors conform more closely to the SQL standard The commands "FETCH" and "MOVE" have been overhauled to conform more closely to the SQL standard. Cursors can exist outside transactions These cursors are also called holdable cursors. New client-to-server protocol The new protocol adds error codes, more status information, faster startup, better support for binary data transmission, parameter values separated from SQL commands, prepared statements available at the protocol level, and cleaner recovery from "COPY" failures. The older protocol is still supported by both server and clients. libpq and ECPG applications are now fully thread-safe While previous libpq releases already supported threads, this release improves thread safety by fixing some non-thread-safe code that was used during database connection startup. The "configure" option "--enable-thread-safety" must be used to enable this feature. New version of full-text indexing A new full-text indexing suite is available in "contrib/tsearch2". New autovacuum tool The new autovacuum tool in "contrib/autovacuum" monitors the database statistics tables for "INSERT"/"UPDATE"/"DELETE" activity and automatically vacuums tables when needed. Array handling has been improved and moved into the server core Many array limitations have been removed, and arrays behave more like fully-supported data types. __________________________________________________________________ Migration to Version 7.4 A dump/restore using pg_dump is required for those wishing to migrate data from any previous release. Observe the following incompatibilities: * The server-side autocommit setting was removed and reimplemented in client applications and languages. Server-side autocommit was causing too many problems with languages and applications that wanted to control their own autocommit behavior, so autocommit was removed from the server and added to individual client APIs as appropriate. * Error message wording has changed substantially in this release. Significant effort was invested to make the messages more consistent and user-oriented. If your applications try to detect different error conditions by parsing the error message, you are strongly encouraged to use the new error code facility instead. * Inner joins using the explicit JOIN syntax might behave differently because they are now better optimized. * A number of server configuration parameters have been renamed for clarity, primarily those related to logging. * FETCH 0 or MOVE 0 now does nothing. In prior releases, FETCH 0 would fetch all remaining rows, and MOVE 0 would move to the end of the cursor. * "FETCH" and "MOVE" now return the actual number of rows fetched/moved, or zero if at the beginning/end of the cursor. Prior releases would return the row count passed to the command, not the number of rows actually fetched or moved. * "COPY" now can process files that use carriage-return or carriage-return/line-feed end-of-line sequences. Literal carriage-returns and line-feeds are no longer accepted in data values; use \r and \n instead. * Trailing spaces are now trimmed when converting from type char(n) to varchar(n) or text. This is what most people always expected to happen anyway. * The data type float(p) now measures "p" in binary digits, not decimal digits. The new behavior follows the SQL standard. * Ambiguous date values now must match the ordering specified by the datestyle setting. In prior releases, a date specification of 10/20/03 was interpreted as a date in October even if datestyle specified that the day should be first. 7.4 will throw an error if a date specification is invalid for the current setting of datestyle. * The functions oidrand, oidsrand, and userfntest have been removed. These functions were determined to be no longer useful. * String literals specifying time-varying date/time values, such as 'now' or 'today' will no longer work as expected in column default expressions; they now cause the time of the table creation to be the default, not the time of the insertion. Functions such as now(), current_timestamp, or current_date should be used instead. In previous releases, there was special code so that strings such as 'now' were interpreted at "INSERT" time and not at table creation time, but this work around didn't cover all cases. Release 7.4 now requires that defaults be defined properly using functions such as now() or current_timestamp. These will work in all situations. * The dollar sign ($) is no longer allowed in operator names. It can instead be a non-first character in identifiers. This was done to improve compatibility with other database systems, and to avoid syntax problems when parameter placeholders ($n) are written adjacent to operators. __________________________________________________________________ Changes Below you will find a detailed account of the changes between release 7.4 and the previous major release. __________________________________________________________________ Server Operation Changes * Allow IPv6 server connections (Nigel Kukard, Johan Jordaan, Bruce, Tom, Kurt Roeckx, Andrew Dunstan) * Fix SSL to handle errors cleanly (Nathan Mueller) In prior releases, certain SSL API error reports were not handled correctly. This release fixes those problems. * SSL protocol security and performance improvements (Sean Chittenden) SSL key renegotiation was happening too frequently, causing poor SSL performance. Also, initial key handling was improved. * Print lock information when a deadlock is detected (Tom) This allows easier debugging of deadlock situations. * Update "/tmp" socket modification times regularly to avoid their removal (Tom) This should help prevent "/tmp" directory cleaner administration scripts from removing server socket files. * Enable PAM for Mac OS X (Aaron Hillegass) * Make B-tree indexes fully WAL-safe (Tom) In prior releases, under certain rare cases, a server crash could cause B-tree indexes to become corrupt. This release removes those last few rare cases. * Allow B-tree index compaction and empty page reuse (Tom) * Fix inconsistent index lookups during split of first root page (Tom) In prior releases, when a single-page index split into two pages, there was a brief period when another database session could miss seeing an index entry. This release fixes that rare failure case. * Improve free space map allocation logic (Tom) * Preserve free space information between server restarts (Tom) In prior releases, the free space map was not saved when the postmaster was stopped, so newly started servers had no free space information. This release saves the free space map, and reloads it when the server is restarted. * Add start time to pg_stat_activity (Neil) * New code to detect corrupt disk pages; erase with zero_damaged_pages (Tom) * New client/server protocol: faster, no username length limit, allow clean exit from "COPY" (Tom) * Add transaction status, table ID, column ID to client/server protocol (Tom) * Add binary I/O to client/server protocol (Tom) * Remove autocommit server setting; move to client applications (Tom) * New error message wording, error codes, and three levels of error detail (Tom, Joe, Peter) __________________________________________________________________ Performance Improvements * Add hashing for GROUP BY aggregates (Tom) * Make nested-loop joins be smarter about multicolumn indexes (Tom) * Allow multikey hash joins (Tom) * Improve constant folding (Tom) * Add ability to inline simple SQL functions (Tom) * Reduce memory usage for queries using complex functions (Tom) In prior releases, functions returning allocated memory would not free it until the query completed. This release allows the freeing of function-allocated memory when the function call completes, reducing the total memory used by functions. * Improve GEQO optimizer performance (Tom) This release fixes several inefficiencies in the way the GEQO optimizer manages potential query paths. * Allow IN/NOT IN to be handled via hash tables (Tom) * Improve NOT IN (subquery) performance (Tom) * Allow most IN subqueries to be processed as joins (Tom) * Pattern matching operations can use indexes regardless of locale (Peter) There is no way for non-ASCII locales to use the standard indexes for LIKE comparisons. This release adds a way to create a special index for LIKE. * Allow the postmaster to preload libraries using preload_libraries (Joe) For shared libraries that require a long time to load, this option is available so the library can be preloaded in the postmaster and inherited by all database sessions. * Improve optimizer cost computations, particularly for subqueries (Tom) * Avoid sort when subquery ORDER BY matches upper query (Tom) * Deduce that WHERE a.x = b.y AND b.y = 42 also means a.x = 42 (Tom) * Allow hash/merge joins on complex joins (Tom) * Allow hash joins for more data types (Tom) * Allow join optimization of explicit inner joins, disable with join_collapse_limit (Tom) * Add parameter from_collapse_limit to control conversion of subqueries to joins (Tom) * Use faster and more powerful regular expression code from Tcl (Henry Spencer, Tom) * Use bit-mapped relation sets in the optimizer (Tom) * Improve connection startup time (Tom) The new client/server protocol requires fewer network packets to start a database session. * Improve trigger/constraint performance (Stephan) * Improve speed of col IN (const, const, const, ...) (Tom) * Fix hash indexes which were broken in rare cases (Tom) * Improve hash index concurrency and speed (Tom) Prior releases suffered from poor hash index performance, particularly for high concurrency situations. This release fixes that, and the development group is interested in reports comparing B-tree and hash index performance. * Align shared buffers on 32-byte boundary for copy speed improvement (Manfred Spraul) Certain CPU's perform faster data copies when addresses are 32-byte aligned. * Data type numeric reimplemented for better performance (Tom) numeric used to be stored in base 100. The new code uses base 10000, for significantly better performance. __________________________________________________________________ Server Configuration Changes * Rename server parameter server_min_messages to log_min_messages (Bruce) This was done so most parameters that control the server logs begin with log_. * Rename show_*_stats to log_*_stats (Bruce) * Rename show_source_port to log_source_port (Bruce) * Rename hostname_lookup to log_hostname (Bruce) * Add checkpoint_warning to warn of excessive checkpointing (Bruce) In prior releases, it was difficult to determine if checkpoint was happening too frequently. This feature adds a warning to the server logs when excessive checkpointing happens. * New read-only server parameters for localization (Tom) * Change debug server log messages to output as DEBUG rather than LOG (Bruce) * Prevent server log variables from being turned off by non-superusers (Bruce) This is a security feature so non-superusers cannot disable logging that was enabled by the administrator. * log_min_messages/client_min_messages now controls debug_* output (Bruce) This centralizes client debug information so all debug output can be sent to either the client or server logs. * Add Mac OS X Rendezvous server support (Chris Campbell) This allows Mac OS X hosts to query the network for available PostgreSQL servers. * Add ability to print only slow statements using log_min_duration_statement (Christopher) This is an often requested debugging feature that allows administrators to see only slow queries in their server logs. * Allow "pg_hba.conf" to accept netmasks in CIDR format (Andrew Dunstan) This allows administrators to merge the host IP address and netmask fields into a single CIDR field in "pg_hba.conf". * New read-only parameter is_superuser (Tom) * New parameter log_error_verbosity to control error detail (Tom) This works with the new error reporting feature to supply additional error information like hints, file names and line numbers. * postgres --describe-config now dumps server config variables (Aizaz Ahmed, Peter) This option is useful for administration tools that need to know the configuration variable names and their minimums, maximums, defaults, and descriptions. * Add new columns in pg_settings: context, type, source, min_val, max_val (Joe) * Make default shared_buffers 1000 and max_connections 100, if possible (Tom) Prior versions defaulted to 64 shared buffers so PostgreSQL would start on even very old systems. This release tests the amount of shared memory allowed by the platform and selects more reasonable default values if possible. Of course, users are still encouraged to evaluate their resource load and size shared_buffers accordingly. * New "pg_hba.conf" record type hostnossl to prevent SSL connections (Jon Jensen) In prior releases, there was no way to prevent SSL connections if both the client and server supported SSL. This option allows that capability. * Remove parameter geqo_random_seed (Tom) * Add server parameter regex_flavor to control regular expression processing (Tom) * Make "pg_ctl" better handle nonstandard ports (Greg) __________________________________________________________________ Query Changes * New SQL-standard information schema (Peter) * Add read-only transactions (Peter) * Print key name and value in foreign-key violation messages (Dmitry Tkach) * Allow users to see their own queries in pg_stat_activity (Kevin Brown) In prior releases, only the superuser could see query strings using pg_stat_activity. Now ordinary users can see their own query strings. * Fix aggregates in subqueries to match SQL standard (Tom) The SQL standard says that an aggregate function appearing within a nested subquery belongs to the outer query if its argument contains only outer-query variables. Prior PostgreSQL releases did not handle this fine point correctly. * Add option to prevent auto-addition of tables referenced in query (Nigel J. Andrews) By default, tables mentioned in the query are automatically added to the FROM clause if they are not already there. This is compatible with historic POSTGRES behavior but is contrary to the SQL standard. This option allows selecting standard-compatible behavior. * Allow UPDATE ... SET col = DEFAULT (Rod) This allows "UPDATE" to set a column to its declared default value. * Allow expressions to be used in LIMIT/OFFSET (Tom) In prior releases, LIMIT/OFFSET could only use constants, not expressions. * Implement CREATE TABLE AS EXECUTE (Neil, Peter) __________________________________________________________________ Object Manipulation Changes * Make "CREATE SEQUENCE" grammar more conforming to SQL:2003 (Neil) * Add statement-level triggers (Neil) While this allows a trigger to fire at the end of a statement, it does not allow the trigger to access all rows modified by the statement. This capability is planned for a future release. * Add check constraints for domains (Rod) This greatly increases the usefulness of domains by allowing them to use check constraints. * Add "ALTER DOMAIN" (Rod) This allows manipulation of existing domains. * Fix several zero-column table bugs (Tom) PostgreSQL supports zero-column tables. This fixes various bugs that occur when using such tables. * Have ALTER TABLE ... ADD PRIMARY KEY add not-null constraint (Rod) In prior releases, ALTER TABLE ... ADD PRIMARY would add a unique index, but not a not-null constraint. That is fixed in this release. * Add ALTER TABLE ... WITHOUT OIDS (Rod) This allows control over whether new and updated rows will have an OID column. This is most useful for saving storage space. * Add ALTER SEQUENCE to modify minimum, maximum, increment, cache, cycle values (Rod) * Add ALTER TABLE ... CLUSTER ON (Alvaro Herrera) This command is used by "pg_dump" to record the cluster column for each table previously clustered. This information is used by database-wide cluster to cluster all previously clustered tables. * Improve automatic type casting for domains (Rod, Tom) * Allow dollar signs in identifiers, except as first character (Tom) * Disallow dollar signs in operator names, so x=$1 works (Tom) * Allow copying table schema using LIKE subtable, also SQL:2003 feature INCLUDING DEFAULTS (Rod) * Add WITH GRANT OPTION clause to "GRANT" (Peter) This enabled "GRANT" to give other users the ability to grant privileges on a object. __________________________________________________________________ Utility Command Changes * Add ON COMMIT clause to "CREATE TABLE" for temporary tables (Gavin) This adds the ability for a table to be dropped or all rows deleted on transaction commit. * Allow cursors outside transactions using WITH HOLD (Neil) In previous releases, cursors were removed at the end of the transaction that created them. Cursors can now be created with the WITH HOLD option, which allows them to continue to be accessed after the creating transaction has committed. * FETCH 0 and MOVE 0 now do nothing (Bruce) In previous releases, FETCH 0 fetched all remaining rows, and MOVE 0 moved to the end of the cursor. * Cause "FETCH" and "MOVE" to return the number of rows fetched/moved, or zero if at the beginning/end of cursor, per SQL standard (Bruce) In prior releases, the row count returned by "FETCH" and "MOVE" did not accurately reflect the number of rows processed. * Properly handle SCROLL with cursors, or report an error (Neil) Allowing random access (both forward and backward scrolling) to some kinds of queries cannot be done without some additional work. If SCROLL is specified when the cursor is created, this additional work will be performed. Furthermore, if the cursor has been created with NO SCROLL, no random access is allowed. * Implement SQL-compatible options FIRST, LAST, ABSOLUTE n, RELATIVE n for "FETCH" and "MOVE" (Tom) * Allow "EXPLAIN" on "DECLARE CURSOR" (Tom) * Allow "CLUSTER" to use index marked as pre-clustered by default (Alvaro Herrera) * Allow "CLUSTER" to cluster all tables (Alvaro Herrera) This allows all previously clustered tables in a database to be reclustered with a single command. * Prevent "CLUSTER" on partial indexes (Tom) * Allow DOS and Mac line-endings in "COPY" files (Bruce) * Disallow literal carriage return as a data value, backslash-carriage-return and \r are still allowed (Bruce) * "COPY" changes (binary, \.) (Tom) * Recover from "COPY" failure cleanly (Tom) * Prevent possible memory leaks in "COPY" (Tom) * Make "TRUNCATE" transaction-safe (Rod) "TRUNCATE" can now be used inside a transaction. If the transaction aborts, the changes made by the "TRUNCATE" are automatically rolled back. * Allow prepare/bind of utility commands like "FETCH" and "EXPLAIN" (Tom) * Add "EXPLAIN EXECUTE" (Neil) * Improve "VACUUM" performance on indexes by reducing WAL traffic (Tom) * Functional indexes have been generalized into indexes on expressions (Tom) In prior releases, functional indexes only supported a simple function applied to one or more column names. This release allows any type of scalar expression. * Have "SHOW TRANSACTION ISOLATION" match input to "SET TRANSACTION ISOLATION" (Tom) * Have "COMMENT ON DATABASE" on nonlocal database generate a warning, rather than an error (Rod) Database comments are stored in database-local tables so comments on a database have to be stored in each database. * Improve reliability of "LISTEN"/"NOTIFY" (Tom) * Allow "REINDEX" to reliably reindex nonshared system catalog indexes (Tom) This allows system tables to be reindexed without the requirement of a standalone session, which was necessary in previous releases. The only tables that now require a standalone session for reindexing are the global system tables pg_database, pg_shadow, and pg_group. __________________________________________________________________ Data Type and Function Changes * New server parameter extra_float_digits to control precision display of floating-point numbers (Pedro Ferreira, Tom) This controls output precision which was causing regression testing problems. * Allow +1300 as a numeric time-zone specifier, for FJST (Tom) * Remove rarely used functions oidrand, oidsrand, and userfntest functions (Neil) * Add md5() function to main server, already in "contrib/pgcrypto" (Joe) An MD5 function was frequently requested. For more complex encryption capabilities, use "contrib/pgcrypto". * Increase date range of timestamp (John Cochran) * Change EXTRACT(EPOCH FROM timestamp) so timestamp without time zone is assumed to be in local time, not GMT (Tom) * Trap division by zero in case the operating system doesn't prevent it (Tom) * Change the numeric data type internally to base 10000 (Tom) * New hostmask() function (Greg Wickham) * Fixes for to_char() and to_timestamp() (Karel) * Allow functions that can take any argument data type and return any data type, using anyelement and anyarray (Joe) This allows the creation of functions that can work with any data type. * Arrays can now be specified as ARRAY[1,2,3], ARRAY[['a','b'],['c','d']], or ARRAY[ARRAY[ARRAY[2]]] (Joe) * Allow proper comparisons for arrays, including ORDER BY and DISTINCT support (Joe) * Allow indexes on array columns (Joe) * Allow array concatenation with || (Joe) * Allow WHERE qualification expr op ANY/SOME/ALL (array_expr) (Joe) This allows arrays to behave like a list of values, for purposes like SELECT * FROM tab WHERE col IN (array_val). * New array functions array_append, array_cat, array_lower, array_prepend, array_to_string, array_upper, string_to_array (Joe) * Allow user defined aggregates to use polymorphic functions (Joe) * Allow assignments to empty arrays (Joe) * Allow 60 in seconds fields of time, timestamp, and interval input values (Tom) Sixty-second values are needed for leap seconds. * Allow cidr data type to be cast to text (Tom) * Disallow invalid time zone names in SET TIMEZONE * Trim trailing spaces when char is cast to varchar or text (Tom) * Make float(p) measure the precision "p" in binary digits, not decimal digits (Tom) * Add IPv6 support to the inet and cidr data types (Michael Graff) * Add family() function to report whether address is IPv4 or IPv6 (Michael Graff) * Have SHOW datestyle generate output similar to that used by SET datestyle (Tom) * Make EXTRACT(TIMEZONE) and SET/SHOW TIME ZONE follow the SQL convention for the sign of time zone offsets, i.e., positive is east from UTC (Tom) * Fix date_trunc('quarter', ...) (Böjthe Zoltán) Prior releases returned an incorrect value for this function call. * Make initcap() more compatible with Oracle (Mike Nolan) initcap() now uppercases a letter appearing after any non-alphanumeric character, rather than only after whitespace. * Allow only datestyle field order for date values not in ISO-8601 format (Greg) * Add new datestyle values MDY, DMY, and YMD to set input field order; honor US and European for backward compatibility (Tom) * String literals like 'now' or 'today' will no longer work as a column default. Use functions such as now(), current_timestamp instead. (change required for prepared statements) (Tom) * Treat NaN as larger than any other value in min()/max() (Tom) NaN was already sorted after ordinary numeric values for most purposes, but min() and max() didn't get this right. * Prevent interval from suppressing :00 seconds display * New functions pg_get_triggerdef(prettyprint) and pg_conversion_is_visible() (Christopher) * Allow time to be specified as 040506 or 0405 (Tom) * Input date order must now be YYYY-MM-DD (with 4-digit year) or match datestyle * Make pg_get_constraintdef support unique, primary-key, and check constraints (Christopher) __________________________________________________________________ Server-Side Language Changes * Prevent PL/pgSQL crash when RETURN NEXT is used on a zero-row record variable (Tom) * Make PL/Python's spi_execute interface handle null values properly (Andrew Bosma) * Allow PL/pgSQL to declare variables of composite types without %ROWTYPE (Tom) * Fix PL/Python's _quote() function to handle big integers * Make PL/Python an untrusted language, now called plpythonu (Kevin Jacobs, Tom) The Python language no longer supports a restricted execution environment, so the trusted version of PL/Python was removed. If this situation changes, a version of PL/Python that can be used by non-superusers will be readded. * Allow polymorphic PL/pgSQL functions (Joe, Tom) * Allow polymorphic SQL functions (Joe) * Improved compiled function caching mechanism in PL/pgSQL with full support for polymorphism (Joe) * Add new parameter $0 in PL/pgSQL representing the function's actual return type (Joe) * Allow PL/Tcl and PL/Python to use the same trigger on multiple tables (Tom) * Fixed PL/Tcl's spi_prepare to accept fully qualified type names in the parameter type list (Jan) __________________________________________________________________ psql Changes * Add \pset pager always to always use pager (Greg) This forces the pager to be used even if the number of rows is less than the screen height. This is valuable for rows that wrap across several screen rows. * Improve tab completion (Rod, Ross Reedstrom, Ian Barwick) * Reorder \? help into groupings (Harald Armin Massa, Bruce) * Add backslash commands for listing schemas, casts, and conversions (Christopher) * "\encoding" now changes based on the server parameter client_encoding (Tom) In previous versions, "\encoding" was not aware of encoding changes made using SET client_encoding. * Save editor buffer into readline history (Ross) When "\e" is used to edit a query, the result is saved in the readline history for retrieval using the up arrow. * Improve "\d" display (Christopher) * Enhance HTML mode to be more standards-conforming (Greg) * New "\set AUTOCOMMIT off" capability (Tom) This takes the place of the removed server parameter autocommit. * New "\set VERBOSITY" to control error detail (Tom) This controls the new error reporting details. * New prompt escape sequence %x to show transaction status (Tom) * Long options for psql are now available on all platforms __________________________________________________________________ pg_dump Changes * Multiple pg_dump fixes, including tar format and large objects * Allow pg_dump to dump specific schemas (Neil) * Make pg_dump preserve column storage characteristics (Christopher) This preserves ALTER TABLE ... SET STORAGE information. * Make pg_dump preserve "CLUSTER" characteristics (Christopher) * Have pg_dumpall use "GRANT"/"REVOKE" to dump database-level privileges (Tom) * Allow pg_dumpall to support the options "-a", "-s", "-x" of pg_dump (Tom) * Prevent pg_dump from lowercasing identifiers specified on the command line (Tom) * pg_dump options "--use-set-session-authorization" and "--no-reconnect" now do nothing, all dumps use "SET SESSION AUTHORIZATION" pg_dump no longer reconnects to switch users, but instead always uses "SET SESSION AUTHORIZATION". This will reduce password prompting during restores. * Long options for pg_dump are now available on all platforms PostgreSQL now includes its own long-option processing routines. __________________________________________________________________ libpq Changes * Add function PQfreemem for freeing memory on Windows, suggested for "NOTIFY" (Bruce) Windows requires that memory allocated in a library be freed by a function in the same library, hence free() doesn't work for freeing memory allocated by libpq. PQfreemem is the proper way to free libpq memory, especially on Windows, and is recommended for other platforms as well. * Document service capability, and add sample file (Bruce) This allows clients to look up connection information in a central file on the client machine. * Make PQsetdbLogin have the same defaults as PQconnectdb (Tom) * Allow libpq to cleanly fail when result sets are too large (Tom) * Improve performance of function PQunescapeBytea (Ben Lamb) * Allow thread-safe libpq with "configure" option "--enable-thread-safety" (Lee Kindness, Philip Yarra) * Allow function pqInternalNotice to accept a format string and arguments instead of just a preformatted message (Tom, Sean Chittenden) * Control SSL negotiation with sslmode values disable, allow, prefer, and require (Jon Jensen) * Allow new error codes and levels of text (Tom) * Allow access to the underlying table and column of a query result (Tom) This is helpful for query-builder applications that want to know the underlying table and column names associated with a specific result set. * Allow access to the current transaction status (Tom) * Add ability to pass binary data directly to the server (Tom) * Add function PQexecPrepared and PQsendQueryPrepared functions which perform bind/execute of previously prepared statements (Tom) __________________________________________________________________ JDBC Changes * Allow setNull on updateable result sets * Allow executeBatch on a prepared statement (Barry) * Support SSL connections (Barry) * Handle schema names in result sets (Paul Sorenson) * Add refcursor support (Nic Ferrier) __________________________________________________________________ Miscellaneous Interface Changes * Prevent possible memory leak or core dump during libpgtcl shutdown (Tom) * Add Informix compatibility to ECPG (Michael) This allows ECPG to process embedded C programs that were written using certain Informix extensions. * Add type decimal to ECPG that is fixed length, for Informix (Michael) * Allow thread-safe embedded SQL programs with "configure" option "--enable-thread-safety" (Lee Kindness, Bruce) This allows multiple threads to access the database at the same time. * Moved Python client PyGreSQL to http://www.pygresql.org (Marc) __________________________________________________________________ Source Code Changes * Prevent need for separate platform geometry regression result files (Tom) * Improved PPC locking primitive (Reinhard Max) * New function palloc0 to allocate and clear memory (Bruce) * Fix locking code for s390x CPU (64-bit) (Tom) * Allow OpenBSD to use local ident credentials (William Ahern) * Make query plan trees read-only to executor (Tom) * Add Darwin startup scripts (David Wheeler) * Allow libpq to compile with Borland C++ compiler (Lester Godwin, Karl Waclawek) * Use our own version of getopt_long() if needed (Peter) * Convert administration scripts to C (Peter) * Bison >= 1.85 is now required to build the PostgreSQL grammar, if building from CVS * Merge documentation into one book (Peter) * Add Windows compatibility functions (Bruce) * Allow client interfaces to compile under MinGW (Bruce) * New ereport() function for error reporting (Tom) * Support Intel compiler on Linux (Peter) * Improve Linux startup scripts (Slawomir Sudnik, Darko Prenosil) * Add support for AMD Opteron and Itanium (Jeffrey W. Baker, Bruce) * Remove "--enable-recode" option from "configure" This was no longer needed now that we have "CREATE CONVERSION". * Generate a compile error if spinlock code is not found (Bruce) Platforms without spinlock code will now fail to compile, rather than silently using semaphores. This failure can be disabled with a new "configure" option. __________________________________________________________________ Contrib Changes * Change dbmirror license to BSD * Improve earthdistance (Bruno Wolff III) * Portability improvements to pgcrypto (Marko Kreen) * Prevent crash in xml (John Gray, Michael Richards) * Update oracle * Update mysql * Update cube (Bruno Wolff III) * Update earthdistance to use cube (Bruno Wolff III) * Update btree_gist (Oleg) * New tsearch2 full-text search module (Oleg, Teodor) * Add hash-based crosstab function to tablefuncs (Joe) * Add serial column to order connectby() siblings in tablefuncs (Nabil Sayegh,Joe) * Add named persistent connections to dblink (Shridhar Daithanka) * New pg_autovacuum allows automatic "VACUUM" (Matthew T. O'Connor) * Make pgbench honor environment variables PGHOST, PGPORT, PGUSER (Tatsuo) * Improve intarray (Teodor Sigaev) * Improve pgstattuple (Rod) * Fix bug in metaphone() in fuzzystrmatch * Improve adddepend (Rod) * Update spi/timetravel (Böjthe Zoltán) * Fix dbase "-s" option and improve non-ASCII handling (Thomas Behr, Márcio Smiderle) * Remove array module because features now included by default (Joe) __________________________________________________________________ Release 7.3.21 Release date: 2008-01-07 This release contains a variety of fixes from 7.3.20, including fixes for significant security issues. This is expected to be the last PostgreSQL release in the 7.3.X series. Users are encouraged to update to a newer release branch soon. __________________________________________________________________ Migration to Version 7.3.21 A dump/restore is not required for those running 7.3.X. However, if you are upgrading from a version earlier than 7.3.13, see the release notes for 7.3.13. __________________________________________________________________ Changes * Prevent functions in indexes from executing with the privileges of the user running "VACUUM", "ANALYZE", etc (Tom) Functions used in index expressions and partial-index predicates are evaluated whenever a new table entry is made. It has long been understood that this poses a risk of trojan-horse code execution if one modifies a table owned by an untrustworthy user. (Note that triggers, defaults, check constraints, etc. pose the same type of risk.) But functions in indexes pose extra danger because they will be executed by routine maintenance operations such as "VACUUM FULL", which are commonly performed automatically under a superuser account. For example, a nefarious user can execute code with superuser privileges by setting up a trojan-horse index definition and waiting for the next routine vacuum. The fix arranges for standard maintenance operations (including "VACUUM", "ANALYZE", "REINDEX", and "CLUSTER") to execute as the table owner rather than the calling user, using the same privilege-switching mechanism already used for SECURITY DEFINER functions. To prevent bypassing this security measure, execution of "SET SESSION AUTHORIZATION" and "SET ROLE" is now forbidden within a SECURITY DEFINER context. (CVE-2007-6600) * Require non-superusers who use "/contrib/dblink" to use only password authentication, as a security measure (Joe) The fix that appeared for this in 7.3.20 was incomplete, as it plugged the hole for only some "dblink" functions. (CVE-2007-6601, CVE-2007-3278) * Fix potential crash in translate() when using a multibyte database encoding (Tom) * Make "contrib/tablefunc"'s crosstab() handle NULL rowid as a category in its own right, rather than crashing (Joe) * Require a specific version of Autoconf to be used when re-generating the "configure" script (Peter) This affects developers and packagers only. The change was made to prevent accidental use of untested combinations of Autoconf and PostgreSQL versions. You can remove the version check if you really want to use a different Autoconf version, but it's your responsibility whether the result works or not. __________________________________________________________________ Release 7.3.20 Release date: 2007-09-17 This release contains fixes from 7.3.19. __________________________________________________________________ Migration to Version 7.3.20 A dump/restore is not required for those running 7.3.X. However, if you are upgrading from a version earlier than 7.3.13, see the release notes for 7.3.13. __________________________________________________________________ Changes * Prevent index corruption when a transaction inserts rows and then aborts close to the end of a concurrent "VACUUM" on the same table (Tom) * Make "CREATE DOMAIN ... DEFAULT NULL" work properly (Tom) * Fix crash when log_min_error_statement logging runs out of memory (Tom) * Require non-superusers who use "/contrib/dblink" to use only password authentication, as a security measure (Joe) __________________________________________________________________ Release 7.3.19 Release date: 2007-04-23 This release contains fixes from 7.3.18, including a security fix. __________________________________________________________________ Migration to Version 7.3.19 A dump/restore is not required for those running 7.3.X. However, if you are upgrading from a version earlier than 7.3.13, see the release notes for 7.3.13. __________________________________________________________________ Changes * Support explicit placement of the temporary-table schema within search_path, and disable searching it for functions and operators (Tom) This is needed to allow a security-definer function to set a truly secure value of search_path. Without it, an unprivileged SQL user can use temporary objects to execute code with the privileges of the security-definer function (CVE-2007-2138). See "CREATE FUNCTION" for more information. * Fix potential-data-corruption bug in how "VACUUM FULL" handles "UPDATE" chains (Tom, Pavan Deolasee) __________________________________________________________________ Release 7.3.18 Release date: 2007-02-05 This release contains a variety of fixes from 7.3.17, including a security fix. __________________________________________________________________ Migration to Version 7.3.18 A dump/restore is not required for those running 7.3.X. However, if you are upgrading from a version earlier than 7.3.13, see the release notes for 7.3.13. __________________________________________________________________ Changes * Remove security vulnerability that allowed connected users to read backend memory (Tom) The vulnerability involves changing the data type of a table column used in a SQL function (CVE-2007-0555). This error can easily be exploited to cause a backend crash, and in principle might be used to read database content that the user should not be able to access. * Fix rare bug wherein btree index page splits could fail due to choosing an infeasible split point (Heikki Linnakangas) * Tighten security of multi-byte character processing for UTF8 sequences over three bytes long (Tom) __________________________________________________________________ Release 7.3.17 Release date: 2007-01-08 This release contains a variety of fixes from 7.3.16. __________________________________________________________________ Migration to Version 7.3.17 A dump/restore is not required for those running 7.3.X. However, if you are upgrading from a version earlier than 7.3.13, see the release notes for 7.3.13. __________________________________________________________________ Changes * to_number() and to_char(numeric) are now STABLE, not IMMUTABLE, for new initdb installs (Tom) This is because lc_numeric can potentially change the output of these functions. * Improve index usage of regular expressions that use parentheses (Tom) This improves psql \d performance also. __________________________________________________________________ Release 7.3.16 Release date: 2006-10-16 This release contains a variety of fixes from 7.3.15. __________________________________________________________________ Migration to Version 7.3.16 A dump/restore is not required for those running 7.3.X. However, if you are upgrading from a version earlier than 7.3.13, see the release notes for 7.3.13. __________________________________________________________________ Changes * Fix corner cases in pattern matching for psql's \d commands * Fix index-corrupting bugs in /contrib/ltree (Teodor) * Back-port 7.4 spinlock code to improve performance and support 64-bit architectures better * Fix SSL-related memory leak in libpq * Fix backslash escaping in /contrib/dbmirror * Adjust regression tests for recent changes in US DST laws __________________________________________________________________ Release 7.3.15 Release date: 2006-05-23 This release contains a variety of fixes from 7.3.14, including patches for extremely serious security issues. __________________________________________________________________ Migration to Version 7.3.15 A dump/restore is not required for those running 7.3.X. However, if you are upgrading from a version earlier than 7.3.13, see the release notes for 7.3.13. Full security against the SQL-injection attacks described in CVE-2006-2313 and CVE-2006-2314 might require changes in application code. If you have applications that embed untrustworthy strings into SQL commands, you should examine them as soon as possible to ensure that they are using recommended escaping techniques. In most cases, applications should be using subroutines provided by libraries or drivers (such as libpq's PQescapeStringConn()) to perform string escaping, rather than relying on ad hoc code to do it. __________________________________________________________________ Changes * Change the server to reject invalidly-encoded multibyte characters in all cases (Tatsuo, Tom) While PostgreSQL has been moving in this direction for some time, the checks are now applied uniformly to all encodings and all textual input, and are now always errors not merely warnings. This change defends against SQL-injection attacks of the type described in CVE-2006-2313. * Reject unsafe uses of \' in string literals As a server-side defense against SQL-injection attacks of the type described in CVE-2006-2314, the server now only accepts '' and not \' as a representation of ASCII single quote in SQL string literals. By default, \' is rejected only when client_encoding is set to a client-only encoding (SJIS, BIG5, GBK, GB18030, or UHC), which is the scenario in which SQL injection is possible. A new configuration parameter backslash_quote is available to adjust this behavior when needed. Note that full security against CVE-2006-2314 might require client-side changes; the purpose of backslash_quote is in part to make it obvious that insecure clients are insecure. * Modify libpq's string-escaping routines to be aware of encoding considerations This fixes libpq-using applications for the security issues described in CVE-2006-2313 and CVE-2006-2314. Applications that use multiple PostgreSQL connections concurrently should migrate to PQescapeStringConn() and PQescapeByteaConn() to ensure that escaping is done correctly for the settings in use in each database connection. Applications that do string escaping "by hand" should be modified to rely on library routines instead. * Fix some incorrect encoding conversion functions win1251_to_iso, alt_to_iso, euc_tw_to_big5, euc_tw_to_mic, mic_to_euc_tw were all broken to varying extents. * Clean up stray remaining uses of \' in strings (Bruce, Jan) * Fix server to use custom DH SSL parameters correctly (Michael Fuhr) * Fix various minor memory leaks __________________________________________________________________ Release 7.3.14 Release date: 2006-02-14 This release contains a variety of fixes from 7.3.13. __________________________________________________________________ Migration to Version 7.3.14 A dump/restore is not required for those running 7.3.X. However, if you are upgrading from a version earlier than 7.3.13, see the release notes for 7.3.13. __________________________________________________________________ Changes * Fix potential crash in "SET SESSION AUTHORIZATION" (CVE-2006-0553) An unprivileged user could crash the server process, resulting in momentary denial of service to other users, if the server has been compiled with Asserts enabled (which is not the default). Thanks to Akio Ishida for reporting this problem. * Fix bug with row visibility logic in self-inserted rows (Tom) Under rare circumstances a row inserted by the current command could be seen as already valid, when it should not be. Repairs bug created in 7.3.11 release. * Fix race condition that could lead to "file already exists" errors during pg_clog file creation (Tom) * Fix to allow restoring dumps that have cross-schema references to custom operators (Tom) * Portability fix for testing presence of finite and isinf during configure (Tom) __________________________________________________________________ Release 7.3.13 Release date: 2006-01-09 This release contains a variety of fixes from 7.3.12. __________________________________________________________________ Migration to Version 7.3.13 A dump/restore is not required for those running 7.3.X. However, if you are upgrading from a version earlier than 7.3.10, see the release notes for 7.3.10. Also, you might need to "REINDEX" indexes on textual columns after updating, if you are affected by the locale or plperl issues described below. __________________________________________________________________ Changes * Fix character string comparison for locales that consider different character combinations as equal, such as Hungarian (Tom) This might require "REINDEX" to fix existing indexes on textual columns. * Set locale environment variables during postmaster startup to ensure that plperl won't change the locale later This fixes a problem that occurred if the postmaster was started with environment variables specifying a different locale than what initdb had been told. Under these conditions, any use of plperl was likely to lead to corrupt indexes. You might need "REINDEX" to fix existing indexes on textual columns if this has happened to you. * Fix longstanding bug in strpos() and regular expression handling in certain rarely used Asian multi-byte character sets (Tatsuo) * Fix bug in "/contrib/pgcrypto" gen_salt, which caused it not to use all available salt space for MD5 and XDES algorithms (Marko Kreen, Solar Designer) Salts for Blowfish and standard DES are unaffected. * Fix "/contrib/dblink" to throw an error, rather than crashing, when the number of columns specified is different from what's actually returned by the query (Joe) __________________________________________________________________ Release 7.3.12 Release date: 2005-12-12 This release contains a variety of fixes from 7.3.11. __________________________________________________________________ Migration to Version 7.3.12 A dump/restore is not required for those running 7.3.X. However, if you are upgrading from a version earlier than 7.3.10, see the release notes for 7.3.10. __________________________________________________________________ Changes * Fix race condition in transaction log management There was a narrow window in which an I/O operation could be initiated for the wrong page, leading to an Assert failure or data corruption. * "/contrib/ltree" fixes (Teodor) * Fix longstanding planning error for outer joins This bug sometimes caused a bogus error "RIGHT JOIN is only supported with merge-joinable join conditions". * Prevent core dump in pg_autovacuum when a table has been dropped __________________________________________________________________ Release 7.3.11 Release date: 2005-10-04 This release contains a variety of fixes from 7.3.10. __________________________________________________________________ Migration to Version 7.3.11 A dump/restore is not required for those running 7.3.X. However, if you are upgrading from a version earlier than 7.3.10, see the release notes for 7.3.10. __________________________________________________________________ Changes * Fix error that allowed "VACUUM" to remove ctid chains too soon, and add more checking in code that follows ctid links This fixes a long-standing problem that could cause crashes in very rare circumstances. * Fix CHAR() to properly pad spaces to the specified length when using a multiple-byte character set (Yoshiyuki Asaba) In prior releases, the padding of CHAR() was incorrect because it only padded to the specified number of bytes without considering how many characters were stored. * Fix missing rows in queries like UPDATE a=... WHERE a... with GiST index on column a * Improve checking for partially-written WAL pages * Improve robustness of signal handling when SSL is enabled * Various memory leakage fixes * Various portability improvements * Fix PL/PgSQL to handle var := var correctly when the variable is of pass-by-reference type __________________________________________________________________ Release 7.3.10 Release date: 2005-05-09 This release contains a variety of fixes from 7.3.9, including several security-related issues. __________________________________________________________________ Migration to Version 7.3.10 A dump/restore is not required for those running 7.3.X. However, it is one possible way of handling a significant security problem that has been found in the initial contents of 7.3.X system catalogs. A dump/initdb/reload sequence using 7.3.10's initdb will automatically correct this problem. The security problem is that the built-in character set encoding conversion functions can be invoked from SQL commands by unprivileged users, but the functions were not designed for such use and are not secure against malicious choices of arguments. The fix involves changing the declared parameter list of these functions so that they can no longer be invoked from SQL commands. (This does not affect their normal use by the encoding conversion machinery.) It is strongly recommended that all installations repair this error, either by initdb or by following the manual repair procedure given below. The error at least allows unprivileged database users to crash their server process, and might allow unprivileged users to gain the privileges of a database superuser. If you wish not to do an initdb, perform the following procedure instead. As the database superuser, do: BEGIN; UPDATE pg_proc SET proargtypes[3] = 'internal'::regtype WHERE pronamespace = 11 AND pronargs = 5 AND proargtypes[2] = 'cstring'::regtype; -- The command should report having updated 90 rows; -- if not, rollback and investigate instead of committing! COMMIT; The above procedure must be carried out in *each* database of an installation, including template1, and ideally including template0 as well. If you do not fix the template databases then any subsequently created databases will contain the same error. template1 can be fixed in the same way as any other database, but fixing template0 requires additional steps. First, from any database issue: UPDATE pg_database SET datallowconn = true WHERE datname = 'template0'; Next connect to template0 and perform the above repair procedure. Finally, do: -- re-freeze template0: VACUUM FREEZE; -- and protect it against future alterations: UPDATE pg_database SET datallowconn = false WHERE datname = 'template0'; __________________________________________________________________ Changes * Change encoding function signature to prevent misuse * Repair ancient race condition that allowed a transaction to be seen as committed for some purposes (eg SELECT FOR UPDATE) slightly sooner than for other purposes This is an extremely serious bug since it could lead to apparent data inconsistencies being briefly visible to applications. * Repair race condition between relation extension and VACUUM This could theoretically have caused loss of a page's worth of freshly-inserted data, although the scenario seems of very low probability. There are no known cases of it having caused more than an Assert failure. * Fix comparisons of TIME WITH TIME ZONE values The comparison code was wrong in the case where the --enable-integer-datetimes configuration switch had been used. NOTE: if you have an index on a TIME WITH TIME ZONE column, it will need to be "REINDEX"ed after installing this update, because the fix corrects the sort order of column values. * Fix EXTRACT(EPOCH) for TIME WITH TIME ZONE values * Fix mis-display of negative fractional seconds in INTERVAL values This error only occurred when the --enable-integer-datetimes configuration switch had been used. * Additional buffer overrun checks in plpgsql (Neil) * Fix pg_dump to dump trigger names containing % correctly (Neil) * Prevent to_char(interval) from dumping core for month-related formats * Fix "contrib/pgcrypto" for newer OpenSSL builds (Marko Kreen) * Still more 64-bit fixes for "contrib/intagg" * Prevent incorrect optimization of functions returning RECORD __________________________________________________________________ Release 7.3.9 Release date: 2005-01-31 This release contains a variety of fixes from 7.3.8, including several security-related issues. __________________________________________________________________ Migration to Version 7.3.9 A dump/restore is not required for those running 7.3.X. __________________________________________________________________ Changes * Disallow "LOAD" to non-superusers On platforms that will automatically execute initialization functions of a shared library (this includes at least Windows and ELF-based Unixen), "LOAD" can be used to make the server execute arbitrary code. Thanks to NGS Software for reporting this. * Check that creator of an aggregate function has the right to execute the specified transition functions This oversight made it possible to bypass denial of EXECUTE permission on a function. * Fix security and 64-bit issues in contrib/intagg * Add needed STRICT marking to some contrib functions (Kris Jurka) * Avoid buffer overrun when plpgsql cursor declaration has too many parameters (Neil) * Fix planning error for FULL and RIGHT outer joins The result of the join was mistakenly supposed to be sorted the same as the left input. This could not only deliver mis-sorted output to the user, but in case of nested merge joins could give outright wrong answers. * Fix plperl for quote marks in tuple fields * Fix display of negative intervals in SQL and GERMAN datestyles __________________________________________________________________ Release 7.3.8 Release date: 2004-10-22 This release contains a variety of fixes from 7.3.7. __________________________________________________________________ Migration to Version 7.3.8 A dump/restore is not required for those running 7.3.X. __________________________________________________________________ Changes * Repair possible failure to update hint bits on disk Under rare circumstances this oversight could lead to "could not access transaction status" failures, which qualifies it as a potential-data-loss bug. * Ensure that hashed outer join does not miss tuples Very large left joins using a hash join plan could fail to output unmatched left-side rows given just the right data distribution. * Disallow running pg_ctl as root This is to guard against any possible security issues. * Avoid using temp files in /tmp in make_oidjoins_check This has been reported as a security issue, though it's hardly worthy of concern since there is no reason for non-developers to use this script anyway. __________________________________________________________________ Release 7.3.7 Release date: 2004-08-16 This release contains one critical fix over 7.3.6, and some minor items. __________________________________________________________________ Migration to Version 7.3.7 A dump/restore is not required for those running 7.3.X. __________________________________________________________________ Changes * Prevent possible loss of committed transactions during crash Due to insufficient interlocking between transaction commit and checkpointing, it was possible for transactions committed just before the most recent checkpoint to be lost, in whole or in part, following a database crash and restart. This is a serious bug that has existed since PostgreSQL 7.1. * Remove asymmetrical word processing in tsearch (Teodor) * Properly schema-qualify function names when pg_dump'ing a CAST __________________________________________________________________ Release 7.3.6 Release date: 2004-03-02 This release contains a variety of fixes from 7.3.5. __________________________________________________________________ Migration to Version 7.3.6 A dump/restore is *not* required for those running 7.3.*. __________________________________________________________________ Changes * Revert erroneous changes in rule permissions checking A patch applied in 7.3.3 to fix a corner case in rule permissions checks turns out to have disabled rule-related permissions checks in many not-so-corner cases. This would for example allow users to insert into views they weren't supposed to have permission to insert into. We have therefore reverted the 7.3.3 patch. The original bug will be fixed in 8.0. * Repair incorrect order of operations in GetNewTransactionId() This bug could result in failure under out-of-disk-space conditions, including inability to restart even after disk space is freed. * Ensure configure selects -fno-strict-aliasing even when an external value for CFLAGS is supplied On some platforms, building with -fstrict-aliasing causes bugs. * Make pg_restore handle 64-bit off_t correctly This bug prevented proper restoration from archive files exceeding 4 GB. * Make contrib/dblink not assume that local and remote type OIDs match (Joe) * Quote connectby()'s start_with argument properly (Joe) * Don't crash when a rowtype argument to a plpgsql function is NULL * Avoid generating invalid character encoding sequences in corner cases when planning LIKE operations * Ensure text_position() cannot scan past end of source string in multibyte cases (Korea PostgreSQL Users' Group) * Fix index optimization and selectivity estimates for LIKE operations on bytea columns (Joe) __________________________________________________________________ Release 7.3.5 Release date: 2003-12-03 This has a variety of fixes from 7.3.4. __________________________________________________________________ Migration to Version 7.3.5 A dump/restore is *not* required for those running 7.3.*. __________________________________________________________________ Changes * Force zero_damaged_pages to be on during recovery from WAL * Prevent some obscure cases of "variable not in subplan target lists" * Force stats processes to detach from shared memory, ensuring cleaner shutdown * Make PQescapeBytea and byteaout consistent with each other (Joe) * Added missing SPI_finish() calls to dblink's get_tuple_of_interest() (Joe) * Fix for possible foreign key violation when rule rewrites INSERT (Jan) * Support qualified type names in PL/Tcl's spi_prepare command (Jan) * Make pg_dump handle a procedural language handler located in pg_catalog * Make pg_dump handle cases where a custom opclass is in another schema * Make pg_dump dump binary-compatible casts correctly (Jan) * Fix insertion of expressions containing subqueries into rule bodies * Fix incorrect argument processing in clusterdb script (Anand Ranganathan) * Fix problems with dropped columns in plpython triggers * Repair problems with to_char() reading past end of its input string (Karel) * Fix GB18030 mapping errors (Tatsuo) * Fix several problems with SSL error handling and asynchronous SSL I/O * Remove ability to bind a list of values to a single parameter in JDBC (prevents possible SQL-injection attacks) * Fix some errors in HAVE_INT64_TIMESTAMP code paths * Fix corner case for btree search in parallel with first root page split __________________________________________________________________ Release 7.3.4 Release date: 2003-07-24 This has a variety of fixes from 7.3.3. __________________________________________________________________ Migration to Version 7.3.4 A dump/restore is *not* required for those running 7.3.*. __________________________________________________________________ Changes * Repair breakage in timestamp-to-date conversion for dates before 2000 * Prevent rare possibility of server startup failure (Tom) * Fix bugs in interval-to-time conversion (Tom) * Add constraint names in a few places in pg_dump (Rod) * Improve performance of functions with many parameters (Tom) * Fix to_ascii() buffer overruns (Tom) * Prevent restore of database comments from throwing an error (Tom) * Work around buggy strxfrm() present in some Solaris releases (Tom) * Properly escape jdbc setObject() strings to improve security (Barry) __________________________________________________________________ Release 7.3.3 Release date: 2003-05-22 This release contains a variety of fixes for version 7.3.2. __________________________________________________________________ Migration to Version 7.3.3 A dump/restore is *not* required for those running version 7.3.*. __________________________________________________________________ Changes * Repair sometimes-incorrect computation of StartUpID after a crash * Avoid slowness with lots of deferred triggers in one transaction (Stephan) * Don't lock referenced row when "UPDATE" doesn't change foreign key's value (Jan) * Use "-fPIC" not "-fpic" on Sparc (Tom Callaway) * Repair lack of schema-awareness in contrib/reindexdb * Fix contrib/intarray error for zero-element result array (Teodor) * Ensure createuser script will exit on control-C (Oliver) * Fix errors when the type of a dropped column has itself been dropped * "CHECKPOINT" does not cause database panic on failure in noncritical steps * Accept 60 in seconds fields of timestamp, time, interval input values * Issue notice, not error, if TIMESTAMP, TIME, or INTERVAL precision too large * Fix abstime-to-time cast function (fix is not applied unless you initdb) * Fix pg_proc entry for timestampt_izone (fix is not applied unless you initdb) * Make EXTRACT(EPOCH FROM timestamp without time zone) treat input as local time * "'now'::timestamptz" gave wrong answer if timezone changed earlier in transaction * HAVE_INT64_TIMESTAMP code for time with timezone overwrote its input * Accept "GLOBAL TEMP/TEMPORARY" as a synonym for "TEMPORARY" * Avoid improper schema-privilege-check failure in foreign-key triggers * Fix bugs in foreign-key triggers for "SET DEFAULT" action * Fix incorrect time-qual check in row fetch for "UPDATE" and "DELETE" triggers * Foreign-key clauses were parsed but ignored in "ALTER TABLE ADD COLUMN" * Fix createlang script breakage for case where handler function already exists * Fix misbehavior on zero-column tables in pg_dump, COPY, ANALYZE, other places * Fix misbehavior of func_error() on type names containing '%' * Fix misbehavior of replace() on strings containing '%' * Regular-expression patterns containing certain multibyte characters failed * Account correctly for "NULL"s in more cases in join size estimation * Avoid conflict with system definition of isblank() function or macro * Fix failure to convert large code point values in EUC_TW conversions (Tatsuo) * Fix error recovery for SSL_read/SSL_write calls * Don't do early constant-folding of type coercion expressions * Validate page header fields immediately after reading in any page * Repair incorrect check for ungrouped variables in unnamed joins * Fix buffer overrun in to_ascii (Guido Notari) * contrib/ltree fixes (Teodor) * Fix core dump in deadlock detection on machines where char is unsigned * Avoid running out of buffers in many-way indexscan (bug introduced in 7.3) * Fix planner's selectivity estimation functions to handle domains properly * Fix dbmirror memory-allocation bug (Steven Singer) * Prevent infinite loop in ln(numeric) due to roundoff error * "GROUP BY" got confused if there were multiple equal GROUP BY items * Fix bad plan when inherited "UPDATE"/"DELETE" references another inherited table * Prevent clustering on incomplete (partial or non-NULL-storing) indexes * Service shutdown request at proper time if it arrives while still starting up * Fix left-links in temporary indexes (could make backwards scans miss entries) * Fix incorrect handling of client_encoding setting in postgresql.conf (Tatsuo) * Fix failure to respond to "pg_ctl stop -m fast" after Async_NotifyHandler runs * Fix SPI for case where rule contains multiple statements of the same type * Fix problem with checking for wrong type of access privilege in rule query * Fix problem with "EXCEPT" in "CREATE RULE" * Prevent problem with dropping temp tables having serial columns * Fix replace_vars_with_subplan_refs failure in complex views * Fix regexp slowness in single-byte encodings (Tatsuo) * Allow qualified type names in "CREATE CAST" and " DROP CAST" * Accept SETOF type[], which formerly had to be written SETOF _type * Fix pg_dump core dump in some cases with procedural languages * Force ISO datestyle in pg_dump output, for portability (Oliver) * pg_dump failed to handle error return from lo_read (Oleg Drokin) * pg_dumpall failed with groups having no members (Nick Eskelinen) * pg_dumpall failed to recognize --globals-only switch * pg_restore failed to restore blobs if -X disable-triggers is specified * Repair intrafunction memory leak in plpgsql * pltcl's "elog" command dumped core if given wrong parameters (Ian Harding) * plpython used wrong value of atttypmod (Brad McLean) * Fix improper quoting of boolean values in Python interface (D'Arcy) * Added addDataType() method to PGConnection interface for JDBC * Fixed various problems with updateable ResultSets for JDBC (Shawn Green) * Fixed various problems with DatabaseMetaData for JDBC (Kris Jurka, Peter Royal) * Fixed problem with parsing table ACLs in JDBC * Better error message for character set conversion problems in JDBC __________________________________________________________________ Release 7.3.2 Release date: 2003-02-04 This release contains a variety of fixes for version 7.3.1. __________________________________________________________________ Migration to Version 7.3.2 A dump/restore is *not* required for those running version 7.3.*. __________________________________________________________________ Changes * Restore creation of OID column in CREATE TABLE AS / SELECT INTO * Fix pg_dump core dump when dumping views having comments * Dump DEFERRABLE/INITIALLY DEFERRED constraints properly * Fix UPDATE when child table's column numbering differs from parent * Increase default value of max_fsm_relations * Fix problem when fetching backwards in a cursor for a single-row query * Make backward fetch work properly with cursor on SELECT DISTINCT query * Fix problems with loading pg_dump files containing contrib/lo usage * Fix problem with all-numeric user names * Fix possible memory leak and core dump during disconnect in libpgtcl * Make plpython's spi_execute command handle nulls properly (Andrew Bosma) * Adjust plpython error reporting so that its regression test passes again * Work with bison 1.875 * Handle mixed-case names properly in plpgsql's %type (Neil) * Fix core dump in pltcl when executing a query rewritten by a rule * Repair array subscript overruns (per report from Yichen Xie) * Reduce MAX_TIME_PRECISION from 13 to 10 in floating-point case * Correctly case-fold variable names in per-database and per-user settings * Fix coredump in plpgsql's RETURN NEXT when SELECT into record returns no rows * Fix outdated use of pg_type.typprtlen in python client interface * Correctly handle fractional seconds in timestamps in JDBC driver * Improve performance of getImportedKeys() in JDBC * Make shared-library symlinks work standardly on HPUX (Giles) * Repair inconsistent rounding behavior for timestamp, time, interval * SSL negotiation fixes (Nathan Mueller) * Make libpq's ~/.pgpass feature work when connecting with PQconnectDB * Update my2pg, ora2pg * Translation updates * Add casts between types lo and oid in contrib/lo * fastpath code now checks for privilege to call function __________________________________________________________________ Release 7.3.1 Release date: 2002-12-18 This release contains a variety of fixes for version 7.3. __________________________________________________________________ Migration to Version 7.3.1 A dump/restore is *not* required for those running version 7.3. However, it should be noted that the main PostgreSQL interface library, libpq, has a new major version number for this release, which might require recompilation of client code in certain cases. __________________________________________________________________ Changes * Fix a core dump of COPY TO when client/server encodings don't match (Tom) * Allow pg_dump to work with pre-7.2 servers (Philip) * contrib/adddepend fixes (Tom) * Fix problem with deletion of per-user/per-database config settings (Tom) * contrib/vacuumlo fix (Tom) * Allow 'password' encryption even when pg_shadow contains MD5 passwords (Bruce) * contrib/dbmirror fix (Steven Singer) * Optimizer fixes (Tom) * contrib/tsearch fixes (Teodor Sigaev, Magnus) * Allow locale names to be mixed case (Nicolai Tufar) * Increment libpq library's major version number (Bruce) * pg_hba.conf error reporting fixes (Bruce, Neil) * Add SCO Openserver 5.0.4 as a supported platform (Bruce) * Prevent EXPLAIN from crashing server (Tom) * SSL fixes (Nathan Mueller) * Prevent composite column creation via ALTER TABLE (Tom) __________________________________________________________________ Release 7.3 Release date: 2002-11-27 __________________________________________________________________ Overview Major changes in this release: Schemas Schemas allow users to create objects in separate namespaces, so two people or applications can have tables with the same name. There is also a public schema for shared tables. Table/index creation can be restricted by removing privileges on the public schema. Drop Column PostgreSQL now supports the ALTER TABLE ... DROP COLUMN functionality. Table Functions Functions returning multiple rows and/or multiple columns are now much easier to use than before. You can call such a "table function" in the SELECT FROM clause, treating its output like a table. Also, PL/pgSQL functions can now return sets. Prepared Queries PostgreSQL now supports prepared queries, for improved performance. Dependency Tracking PostgreSQL now records object dependencies, which allows improvements in many areas. "DROP" statements now take either CASCADE or RESTRICT to control whether dependent objects are also dropped. Privileges Functions and procedural languages now have privileges, and functions can be defined to run with the privileges of their creator. Internationalization Both multibyte and locale support are now always enabled. Logging A variety of logging options have been enhanced. Interfaces A large number of interfaces have been moved to http://gborg.postgresql.org where they can be developed and released independently. Functions/Identifiers By default, functions can now take up to 32 parameters, and identifiers can be up to 63 bytes long. Also, OPAQUE is now deprecated: there are specific "pseudo-datatypes" to represent each of the former meanings of OPAQUE in function argument and result types. __________________________________________________________________ Migration to Version 7.3 A dump/restore using pg_dump is required for those wishing to migrate data from any previous release. If your application examines the system catalogs, additional changes will be required due to the introduction of schemas in 7.3; for more information, see: http://developer.postgresql.org/~momjian/upgrade_tips_7.3. Observe the following incompatibilities: * Pre-6.3 clients are no longer supported. * "pg_hba.conf" now has a column for the user name and additional features. Existing files need to be adjusted. * Several "postgresql.conf" logging parameters have been renamed. * LIMIT #,# has been disabled; use LIMIT # OFFSET #. * "INSERT" statements with column lists must specify a value for each specified column. For example, INSERT INTO tab (col1, col2) VALUES ('val1') is now invalid. It's still allowed to supply fewer columns than expected if the "INSERT" does not have a column list. * serial columns are no longer automatically UNIQUE; thus, an index will not automatically be created. * A "SET" command inside an aborted transaction is now rolled back. * "COPY" no longer considers missing trailing columns to be null. All columns need to be specified. (However, one can achieve a similar effect by specifying a column list in the "COPY" command.) * The data type timestamp is now equivalent to timestamp without time zone, instead of timestamp with time zone. * Pre-7.3 databases loaded into 7.3 will not have the new object dependencies for serial columns, unique constraints, and foreign keys. See the directory "contrib/adddepend/" for a detailed description and a script that will add such dependencies. * An empty string ('') is no longer allowed as the input into an integer field. Formerly, it was silently interpreted as 0. __________________________________________________________________ Changes Server Operation * Add pg_locks view to show locks (Neil) * Security fixes for password negotiation memory allocation (Neil) * Remove support for version 0 FE/BE protocol (PostgreSQL 6.2 and earlier) (Tom) * Reserve the last few backend slots for superusers, add parameter superuser_reserved_connections to control this (Nigel J. Andrews) __________________________________________________________________ Performance * Improve startup by calling localtime() only once (Tom) * Cache system catalog information in flat files for faster startup (Tom) * Improve caching of index information (Tom) * Optimizer improvements (Tom, Fernando Nasser) * Catalog caches now store failed lookups (Tom) * Hash function improvements (Neil) * Improve performance of query tokenization and network handling (Peter) * Speed improvement for large object restore (Mario Weilguni) * Mark expired index entries on first lookup, saving later heap fetches (Tom) * Avoid excessive NULL bitmap padding (Manfred Koizar) * Add BSD-licensed qsort() for Solaris, for performance (Bruce) * Reduce per-row overhead by four bytes (Manfred Koizar) * Fix GEQO optimizer bug (Neil Conway) * Make WITHOUT OID actually save four bytes per row (Manfred Koizar) * Add default_statistics_target variable to specify ANALYZE buckets (Neil) * Use local buffer cache for temporary tables so no WAL overhead (Tom) * Improve free space map performance on large tables (Stephen Marshall, Tom) * Improved WAL write concurrency (Tom) __________________________________________________________________ Privileges * Add privileges on functions and procedural languages (Peter) * Add OWNER to CREATE DATABASE so superusers can create databases on behalf of unprivileged users (Gavin Sherry, Tom) * Add new object privilege bits EXECUTE and USAGE (Tom) * Add SET SESSION AUTHORIZATION DEFAULT and RESET SESSION AUTHORIZATION (Tom) * Allow functions to be executed with the privilege of the function owner (Peter) __________________________________________________________________ Server Configuration * Server log messages now tagged with LOG, not DEBUG (Bruce) * Add user column to pg_hba.conf (Bruce) * Have log_connections output two lines in log file (Tom) * Remove debug_level from postgresql.conf, now server_min_messages (Bruce) * New ALTER DATABASE/USER ... SET command for per-user/database initialization (Peter) * New parameters server_min_messages and client_min_messages to control which messages are sent to the server logs or client applications (Bruce) * Allow pg_hba.conf to specify lists of users/databases separated by commas, group names prepended with +, and file names prepended with @ (Bruce) * Remove secondary password file capability and pg_password utility (Bruce) * Add variable db_user_namespace for database-local user names (Bruce) * SSL improvements (Bear Giles) * Make encryption of stored passwords the default (Bruce) * Allow pg_statistics to be reset by calling pg_stat_reset() (Christopher) * Add log_duration parameter (Bruce) * Rename debug_print_query to log_statement (Bruce) * Rename show_query_stats to show_statement_stats (Bruce) * Add param log_min_error_statement to print commands to logs on error (Gavin) __________________________________________________________________ Queries * Make cursors insensitive, meaning their contents do not change (Tom) * Disable LIMIT #,# syntax; now only LIMIT # OFFSET # supported (Bruce) * Increase identifier length to 63 (Neil, Bruce) * UNION fixes for merging >= 3 columns of different lengths (Tom) * Add DEFAULT key word to INSERT, e.g., INSERT ... (..., DEFAULT, ...) (Rod) * Allow views to have default values using ALTER COLUMN ... SET DEFAULT (Neil) * Fail on INSERTs with column lists that don't supply all column values, e.g., INSERT INTO tab (col1, col2) VALUES ('val1'); (Rod) * Fix for join aliases (Tom) * Fix for FULL OUTER JOINs (Tom) * Improve reporting of invalid identifier and location (Tom, Gavin) * Fix OPEN cursor(args) (Tom) * Allow 'ctid' to be used in a view and currtid(viewname) (Hiroshi) * Fix for CREATE TABLE AS with UNION (Tom) * SQL99 syntax improvements (Thomas) * Add statement_timeout variable to cancel queries (Bruce) * Allow prepared queries with PREPARE/EXECUTE (Neil) * Allow FOR UPDATE to appear after LIMIT/OFFSET (Bruce) * Add variable autocommit (Tom, David Van Wie) __________________________________________________________________ Object Manipulation * Make equals signs optional in CREATE DATABASE (Gavin Sherry) * Make ALTER TABLE OWNER change index ownership too (Neil) * New ALTER TABLE tabname ALTER COLUMN colname SET STORAGE controls TOAST storage, compression (John Gray) * Add schema support, CREATE/DROP SCHEMA (Tom) * Create schema for temporary tables (Tom) * Add variable search_path for schema search (Tom) * Add ALTER TABLE SET/DROP NOT NULL (Christopher) * New CREATE FUNCTION volatility levels (Tom) * Make rule names unique only per table (Tom) * Add 'ON tablename' clause to DROP RULE and COMMENT ON RULE (Tom) * Add ALTER TRIGGER RENAME (Joe) * New current_schema() and current_schemas() inquiry functions (Tom) * Allow functions to return multiple rows (table functions) (Joe) * Make WITH optional in CREATE DATABASE, for consistency (Bruce) * Add object dependency tracking (Rod, Tom) * Add RESTRICT/CASCADE to DROP commands (Rod) * Add ALTER TABLE DROP for non-CHECK CONSTRAINT (Rod) * Autodestroy sequence on DROP of table with SERIAL (Rod) * Prevent column dropping if column is used by foreign key (Rod) * Automatically drop constraints/functions when object is dropped (Rod) * Add CREATE/DROP OPERATOR CLASS (Bill Studenmund, Tom) * Add ALTER TABLE DROP COLUMN (Christopher, Tom, Hiroshi) * Prevent inherited columns from being removed or renamed (Alvaro Herrera) * Fix foreign key constraints to not error on intermediate database states (Stephan) * Propagate column or table renaming to foreign key constraints * Add CREATE OR REPLACE VIEW (Gavin, Neil, Tom) * Add CREATE OR REPLACE RULE (Gavin, Neil, Tom) * Have rules execute alphabetically, returning more predictable values (Tom) * Triggers are now fired in alphabetical order (Tom) * Add /contrib/adddepend to handle pre-7.3 object dependencies (Rod) * Allow better casting when inserting/updating values (Tom) __________________________________________________________________ Utility Commands * Have COPY TO output embedded carriage returns and newlines as \r and \n (Tom) * Allow DELIMITER in COPY FROM to be 8-bit clean (Tatsuo) * Make pg_dump use ALTER TABLE ADD PRIMARY KEY, for performance (Neil) * Disable brackets in multistatement rules (Bruce) * Disable VACUUM from being called inside a function (Bruce) * Allow dropdb and other scripts to use identifiers with spaces (Bruce) * Restrict database comment changes to the current database * Allow comments on operators, independent of the underlying function (Rod) * Rollback SET commands in aborted transactions (Tom) * EXPLAIN now outputs as a query (Tom) * Display condition expressions and sort keys in EXPLAIN (Tom) * Add 'SET LOCAL var = value' to set configuration variables for a single transaction (Tom) * Allow ANALYZE to run in a transaction (Bruce) * Improve COPY syntax using new WITH clauses, keep backward compatibility (Bruce) * Fix pg_dump to consistently output tags in non-ASCII dumps (Bruce) * Make foreign key constraints clearer in dump file (Rod) * Add COMMENT ON CONSTRAINT (Rod) * Allow COPY TO/FROM to specify column names (Brent Verner) * Dump UNIQUE and PRIMARY KEY constraints as ALTER TABLE (Rod) * Have SHOW output a query result (Joe) * Generate failure on short COPY lines rather than pad NULLs (Neil) * Fix CLUSTER to preserve all table attributes (Alvaro Herrera) * New pg_settings table to view/modify GUC settings (Joe) * Add smart quoting, portability improvements to pg_dump output (Peter) * Dump serial columns out as SERIAL (Tom) * Enable large file support, >2G for pg_dump (Peter, Philip Warner, Bruce) * Disallow TRUNCATE on tables that are involved in referential constraints (Rod) * Have TRUNCATE also auto-truncate the toast table of the relation (Tom) * Add clusterdb utility that will auto-cluster an entire database based on previous CLUSTER operations (Alvaro Herrera) * Overhaul pg_dumpall (Peter) * Allow REINDEX of TOAST tables (Tom) * Implemented START TRANSACTION, per SQL99 (Neil) * Fix rare index corruption when a page split affects bulk delete (Tom) * Fix ALTER TABLE ... ADD COLUMN for inheritance (Alvaro Herrera) __________________________________________________________________ Data Types and Functions * Fix factorial(0) to return 1 (Bruce) * Date/time/timezone improvements (Thomas) * Fix for array slice extraction (Tom) * Fix extract/date_part to report proper microseconds for timestamp (Tatsuo) * Allow text_substr() and bytea_substr() to read TOAST values more efficiently (John Gray) * Add domain support (Rod) * Make WITHOUT TIME ZONE the default for TIMESTAMP and TIME data types (Thomas) * Allow alternate storage scheme of 64-bit integers for date/time types using --enable-integer-datetimes in configure (Thomas) * Make timezone(timestamptz) return timestamp rather than a string (Thomas) * Allow fractional seconds in date/time types for dates prior to 1BC (Thomas) * Limit timestamp data types to 6 decimal places of precision (Thomas) * Change timezone conversion functions from timetz() to timezone() (Thomas) * Add configuration variables datestyle and timezone (Tom) * Add OVERLAY(), which allows substitution of a substring in a string (Thomas) * Add SIMILAR TO (Thomas, Tom) * Add regular expression SUBSTRING(string FROM pat FOR escape) (Thomas) * Add LOCALTIME and LOCALTIMESTAMP functions (Thomas) * Add named composite types using CREATE TYPE typename AS (column) (Joe) * Allow composite type definition in the table alias clause (Joe) * Add new API to simplify creation of C language table functions (Joe) * Remove ODBC-compatible empty parentheses from calls to SQL99 functions for which these parentheses do not match the standard (Thomas) * Allow macaddr data type to accept 12 hex digits with no separators (Mike Wyer) * Add CREATE/DROP CAST (Peter) * Add IS DISTINCT FROM operator (Thomas) * Add SQL99 TREAT() function, synonym for CAST() (Thomas) * Add pg_backend_pid() to output backend pid (Bruce) * Add IS OF / IS NOT OF type predicate (Thomas) * Allow bit string constants without fully-specified length (Thomas) * Allow conversion between 8-byte integers and bit strings (Thomas) * Implement hex literal conversion to bit string literal (Thomas) * Allow table functions to appear in the FROM clause (Joe) * Increase maximum number of function parameters to 32 (Bruce) * No longer automatically create index for SERIAL column (Tom) * Add current_database() (Rod) * Fix cash_words() to not overflow buffer (Tom) * Add functions replace(), split_part(), to_hex() (Joe) * Fix LIKE for bytea as a right-hand argument (Joe) * Prevent crashes caused by SELECT cash_out(2) (Tom) * Fix to_char(1,'FM999.99') to return a period (Karel) * Fix trigger/type/language functions returning OPAQUE to return proper type (Tom) __________________________________________________________________ Internationalization * Add additional encodings: Korean (JOHAB), Thai (WIN874), Vietnamese (TCVN), Arabic (WIN1256), Simplified Chinese (GBK), Korean (UHC) (Eiji Tokuya) * Enable locale support by default (Peter) * Add locale variables (Peter) * Escape byes >= 0x7f for multibyte in PQescapeBytea/PQunescapeBytea (Tatsuo) * Add locale awareness to regular expression character classes * Enable multibyte support by default (Tatsuo) * Add GB18030 multibyte support (Bill Huang) * Add CREATE/DROP CONVERSION, allowing loadable encodings (Tatsuo, Kaori) * Add pg_conversion table (Tatsuo) * Add SQL99 CONVERT() function (Tatsuo) * pg_dumpall, pg_controldata, and pg_resetxlog now national-language aware (Peter) * New and updated translations __________________________________________________________________ Server-side Languages * Allow recursive SQL function (Peter) * Change PL/Tcl build to use configured compiler and Makefile.shlib (Peter) * Overhaul the PL/pgSQL FOUND variable to be more Oracle-compatible (Neil, Tom) * Allow PL/pgSQL to handle quoted identifiers (Tom) * Allow set-returning PL/pgSQL functions (Neil) * Make PL/pgSQL schema-aware (Joe) * Remove some memory leaks (Nigel J. Andrews, Tom) __________________________________________________________________ psql * Don't lowercase psql \connect database name for 7.2.0 compatibility (Tom) * Add psql \timing to time user queries (Greg Sabino Mullane) * Have psql \d show index information (Greg Sabino Mullane) * New psql \dD shows domains (Jonathan Eisler) * Allow psql to show rules on views (Paul ?) * Fix for psql variable substitution (Tom) * Allow psql \d to show temporary table structure (Tom) * Allow psql \d to show foreign keys (Rod) * Fix \? to honor \pset pager (Bruce) * Have psql reports its version number on startup (Tom) * Allow \copy to specify column names (Tom) __________________________________________________________________ libpq * Add ~/.pgpass to store host/user password combinations (Alvaro Herrera) * Add PQunescapeBytea() function to libpq (Patrick Welche) * Fix for sending large queries over non-blocking connections (Bernhard Herzog) * Fix for libpq using timers on Win9X (David Ford) * Allow libpq notify to handle servers with different-length identifiers (Tom) * Add libpq PQescapeString() and PQescapeBytea() to Windows (Bruce) * Fix for SSL with non-blocking connections (Jack Bates) * Add libpq connection timeout parameter (Denis A Ustimenko) __________________________________________________________________ JDBC * Allow JDBC to compile with JDK 1.4 (Dave) * Add JDBC 3 support (Barry) * Allows JDBC to set loglevel by adding ?loglevel=X to the connection URL (Barry) * Add Driver.info() message that prints out the version number (Barry) * Add updateable result sets (Raghu Nidagal, Dave) * Add support for callable statements (Paul Bethe) * Add query cancel capability * Add refresh row (Dave) * Fix MD5 encryption handling for multibyte servers (Jun Kawai) * Add support for prepared statements (Barry) __________________________________________________________________ Miscellaneous Interfaces * Fixed ECPG bug concerning octal numbers in single quotes (Michael) * Move src/interfaces/libpgeasy to http://gborg.postgresql.org (Marc, Bruce) * Improve Python interface (Elliot Lee, Andrew Johnson, Greg Copeland) * Add libpgtcl connection close event (Gerhard Hintermayer) * Move src/interfaces/libpq++ to http://gborg.postgresql.org (Marc, Bruce) * Move src/interfaces/odbc to http://gborg.postgresql.org (Marc) * Move src/interfaces/libpgeasy to http://gborg.postgresql.org (Marc, Bruce) * Move src/interfaces/perl5 to http://gborg.postgresql.org (Marc, Bruce) * Remove src/bin/pgaccess from main tree, now at http://www.pgaccess.org (Bruce) * Add pg_on_connection_loss command to libpgtcl (Gerhard Hintermayer, Tom) __________________________________________________________________ Source Code * Fix for parallel make (Peter) * AIX fixes for linking Tcl (Andreas Zeugswetter) * Allow PL/Perl to build under Cygwin (Jason Tishler) * Improve MIPS compiles (Peter, Oliver Elphick) * Require Autoconf version 2.53 (Peter) * Require readline and zlib by default in configure (Peter) * Allow Solaris to use Intimate Shared Memory (ISM), for performance (Scott Brunza, P.J. Josh Rovero) * Always enable syslog in compile, remove --enable-syslog option (Tatsuo) * Always enable multibyte in compile, remove --enable-multibyte option (Tatsuo) * Always enable locale in compile, remove --enable-locale option (Peter) * Fix for Win9x DLL creation (Magnus Naeslund) * Fix for link() usage by WAL code on Windows, BeOS (Jason Tishler) * Add sys/types.h to c.h, remove from main files (Peter, Bruce) * Fix AIX hang on SMP machines (Tomoyuki Niijima) * AIX SMP hang fix (Tomoyuki Niijima) * Fix pre-1970 date handling on newer glibc libraries (Tom) * Fix PowerPC SMP locking (Tom) * Prevent gcc -ffast-math from being used (Peter, Tom) * Bison >= 1.50 now required for developer builds * Kerberos 5 support now builds with Heimdal (Peter) * Add appendix in the User's Guide which lists SQL features (Thomas) * Improve loadable module linking to use RTLD_NOW (Tom) * New error levels WARNING, INFO, LOG, DEBUG[1-5] (Bruce) * New src/port directory holds replaced libc functions (Peter, Bruce) * New pg_namespace system catalog for schemas (Tom) * Add pg_class.relnamespace for schemas (Tom) * Add pg_type.typnamespace for schemas (Tom) * Add pg_proc.pronamespace for schemas (Tom) * Restructure aggregates to have pg_proc entries (Tom) * System relations now have their own namespace, pg_* test not required (Fernando Nasser) * Rename TOAST index names to be *_index rather than *_idx (Neil) * Add namespaces for operators, opclasses (Tom) * Add additional checks to server control file (Thomas) * New Polish FAQ (Marcin Mazurek) * Add Posix semaphore support (Tom) * Document need for reindex (Bruce) * Rename some internal identifiers to simplify Windows compile (Jan, Katherine Ward) * Add documentation on computing disk space (Bruce) * Remove KSQO from GUC (Bruce) * Fix memory leak in rtree (Kenneth Been) * Modify a few error messages for consistency (Bruce) * Remove unused system table columns (Peter) * Make system columns NOT NULL where appropriate (Tom) * Clean up use of sprintf in favor of snprintf() (Neil, Jukka Holappa) * Remove OPAQUE and create specific subtypes (Tom) * Cleanups in array internal handling (Joe, Tom) * Disallow pg_atoi('') (Bruce) * Remove parameter wal_files because WAL files are now recycled (Bruce) * Add version numbers to heap pages (Tom) __________________________________________________________________ Contrib * Allow inet arrays in /contrib/array (Neil) * GiST fixes (Teodor Sigaev, Neil) * Upgrade /contrib/mysql * Add /contrib/dbsize which shows table sizes without vacuum (Peter) * Add /contrib/intagg, integer aggregator routines (mlw) * Improve /contrib/oid2name (Neil, Bruce) * Improve /contrib/tsearch (Oleg, Teodor Sigaev) * Cleanups of /contrib/rserver (Alexey V. Borzov) * Update /contrib/oracle conversion utility (Gilles Darold) * Update /contrib/dblink (Joe) * Improve options supported by /contrib/vacuumlo (Mario Weilguni) * Improvements to /contrib/intarray (Oleg, Teodor Sigaev, Andrey Oktyabrski) * Add /contrib/reindexdb utility (Shaun Thomas) * Add indexing to /contrib/isbn_issn (Dan Weston) * Add /contrib/dbmirror (Steven Singer) * Improve /contrib/pgbench (Neil) * Add /contrib/tablefunc table function examples (Joe) * Add /contrib/ltree data type for tree structures (Teodor Sigaev, Oleg Bartunov) * Move /contrib/pg_controldata, pg_resetxlog into main tree (Bruce) * Fixes to /contrib/cube (Bruno Wolff) * Improve /contrib/fulltextindex (Christopher) __________________________________________________________________ Release 7.2.8 Release date: 2005-05-09 This release contains a variety of fixes from 7.2.7, including one security-related issue. __________________________________________________________________ Migration to Version 7.2.8 A dump/restore is not required for those running 7.2.X. __________________________________________________________________ Changes * Repair ancient race condition that allowed a transaction to be seen as committed for some purposes (eg SELECT FOR UPDATE) slightly sooner than for other purposes This is an extremely serious bug since it could lead to apparent data inconsistencies being briefly visible to applications. * Repair race condition between relation extension and VACUUM This could theoretically have caused loss of a page's worth of freshly-inserted data, although the scenario seems of very low probability. There are no known cases of it having caused more than an Assert failure. * Fix EXTRACT(EPOCH) for TIME WITH TIME ZONE values * Additional buffer overrun checks in plpgsql (Neil) * Fix pg_dump to dump index names and trigger names containing % correctly (Neil) * Prevent to_char(interval) from dumping core for month-related formats * Fix "contrib/pgcrypto" for newer OpenSSL builds (Marko Kreen) __________________________________________________________________ Release 7.2.7 Release date: 2005-01-31 This release contains a variety of fixes from 7.2.6, including several security-related issues. __________________________________________________________________ Migration to Version 7.2.7 A dump/restore is not required for those running 7.2.X. __________________________________________________________________ Changes * Disallow "LOAD" to non-superusers On platforms that will automatically execute initialization functions of a shared library (this includes at least Windows and ELF-based Unixen), "LOAD" can be used to make the server execute arbitrary code. Thanks to NGS Software for reporting this. * Add needed STRICT marking to some contrib functions (Kris Jurka) * Avoid buffer overrun when plpgsql cursor declaration has too many parameters (Neil) * Fix planning error for FULL and RIGHT outer joins The result of the join was mistakenly supposed to be sorted the same as the left input. This could not only deliver mis-sorted output to the user, but in case of nested merge joins could give outright wrong answers. * Fix display of negative intervals in SQL and GERMAN datestyles __________________________________________________________________ Release 7.2.6 Release date: 2004-10-22 This release contains a variety of fixes from 7.2.5. __________________________________________________________________ Migration to Version 7.2.6 A dump/restore is not required for those running 7.2.X. __________________________________________________________________ Changes * Repair possible failure to update hint bits on disk Under rare circumstances this oversight could lead to "could not access transaction status" failures, which qualifies it as a potential-data-loss bug. * Ensure that hashed outer join does not miss tuples Very large left joins using a hash join plan could fail to output unmatched left-side rows given just the right data distribution. * Disallow running pg_ctl as root This is to guard against any possible security issues. * Avoid using temp files in /tmp in make_oidjoins_check This has been reported as a security issue, though it's hardly worthy of concern since there is no reason for non-developers to use this script anyway. * Update to newer versions of Bison __________________________________________________________________ Release 7.2.5 Release date: 2004-08-16 This release contains a variety of fixes from 7.2.4. __________________________________________________________________ Migration to Version 7.2.5 A dump/restore is not required for those running 7.2.X. __________________________________________________________________ Changes * Prevent possible loss of committed transactions during crash Due to insufficient interlocking between transaction commit and checkpointing, it was possible for transactions committed just before the most recent checkpoint to be lost, in whole or in part, following a database crash and restart. This is a serious bug that has existed since PostgreSQL 7.1. * Fix corner case for btree search in parallel with first root page split * Fix buffer overrun in to_ascii (Guido Notari) * Fix core dump in deadlock detection on machines where char is unsigned * Fix failure to respond to "pg_ctl stop -m fast" after Async_NotifyHandler runs * Repair memory leaks in pg_dump * Avoid conflict with system definition of isblank() function or macro __________________________________________________________________ Release 7.2.4 Release date: 2003-01-30 This release contains a variety of fixes for version 7.2.3, including fixes to prevent possible data loss. __________________________________________________________________ Migration to Version 7.2.4 A dump/restore is *not* required for those running version 7.2.*. __________________________________________________________________ Changes * Fix some additional cases of VACUUM "No one parent tuple was found" error * Prevent VACUUM from being called inside a function (Bruce) * Ensure pg_clog updates are sync'd to disk before marking checkpoint complete * Avoid integer overflow during large hash joins * Make GROUP commands work when pg_group.grolist is large enough to be toasted * Fix errors in datetime tables; some timezone names weren't being recognized * Fix integer overflows in circle_poly(), path_encode(), path_add() (Neil) * Repair long-standing logic errors in lseg_eq(), lseg_ne(), lseg_center() __________________________________________________________________ Release 7.2.3 Release date: 2002-10-01 This release contains a variety of fixes for version 7.2.2, including fixes to prevent possible data loss. __________________________________________________________________ Migration to Version 7.2.3 A dump/restore is *not* required for those running version 7.2.*. __________________________________________________________________ Changes * Prevent possible compressed transaction log loss (Tom) * Prevent non-superuser from increasing most recent vacuum info (Tom) * Handle pre-1970 date values in newer versions of glibc (Tom) * Fix possible hang during server shutdown * Prevent spinlock hangs on SMP PPC machines (Tomoyuki Niijima) * Fix pg_dump to properly dump FULL JOIN USING (Tom) __________________________________________________________________ Release 7.2.2 Release date: 2002-08-23 This release contains a variety of fixes for version 7.2.1. __________________________________________________________________ Migration to Version 7.2.2 A dump/restore is *not* required for those running version 7.2.*. __________________________________________________________________ Changes * Allow EXECUTE of "CREATE TABLE AS ... SELECT" in PL/pgSQL (Tom) * Fix for compressed transaction log id wraparound (Tom) * Fix PQescapeBytea/PQunescapeBytea so that they handle bytes > 0x7f (Tatsuo) * Fix for psql and pg_dump crashing when invoked with non-existent long options (Tatsuo) * Fix crash when invoking geometric operators (Tom) * Allow OPEN cursor(args) (Tom) * Fix for rtree_gist index build (Teodor) * Fix for dumping user-defined aggregates (Tom) * contrib/intarray fixes (Oleg) * Fix for complex UNION/EXCEPT/INTERSECT queries using parens (Tom) * Fix to pg_convert (Tatsuo) * Fix for crash with long DATA strings (Thomas, Neil) * Fix for repeat(), lpad(), rpad() and long strings (Neil) __________________________________________________________________ Release 7.2.1 Release date: 2002-03-21 This release contains a variety of fixes for version 7.2. __________________________________________________________________ Migration to Version 7.2.1 A dump/restore is *not* required for those running version 7.2. __________________________________________________________________ Changes * Ensure that sequence counters do not go backwards after a crash (Tom) * Fix pgaccess kanji-conversion key binding (Tatsuo) * Optimizer improvements (Tom) * Cash I/O improvements (Tom) * New Russian FAQ * Compile fix for missing AuthBlockSig (Heiko) * Additional time zones and time zone fixes (Thomas) * Allow psql \connect to handle mixed case database and user names (Tom) * Return proper OID on command completion even with ON INSERT rules (Tom) * Allow COPY FROM to use 8-bit DELIMITERS (Tatsuo) * Fix bug in extract/date_part for milliseconds/microseconds (Tatsuo) * Improve handling of multiple UNIONs with different lengths (Tom) * contrib/btree_gist improvements (Teodor Sigaev) * contrib/tsearch dictionary improvements, see README.tsearch for an additional installation step (Thomas T. Thai, Teodor Sigaev) * Fix for array subscripts handling (Tom) * Allow EXECUTE of "CREATE TABLE AS ... SELECT" in PL/pgSQL (Tom) __________________________________________________________________ Release 7.2 Release date: 2002-02-04 __________________________________________________________________ Overview This release improves PostgreSQL for use in high-volume applications. Major changes in this release: VACUUM Vacuuming no longer locks tables, thus allowing normal user access during the vacuum. A new "VACUUM FULL" command does old-style vacuum by locking the table and shrinking the on-disk copy of the table. Transactions There is no longer a problem with installations that exceed four billion transactions. OIDs OIDs are now optional. Users can now create tables without OIDs for cases where OID usage is excessive. Optimizer The system now computes histogram column statistics during "ANALYZE", allowing much better optimizer choices. Security A new MD5 encryption option allows more secure storage and transfer of passwords. A new Unix-domain socket authentication option is available on Linux and BSD systems. Statistics Administrators can use the new table access statistics module to get fine-grained information about table and index usage. Internationalization Program and library messages can now be displayed in several languages. __________________________________________________________________ Migration to Version 7.2 A dump/restore using "pg_dump" is required for those wishing to migrate data from any previous release. Observe the following incompatibilities: * The semantics of the "VACUUM" command have changed in this release. You might wish to update your maintenance procedures accordingly. * In this release, comparisons using = NULL will always return false (or NULL, more precisely). Previous releases automatically transformed this syntax to IS NULL. The old behavior can be re-enabled using a "postgresql.conf" parameter. * The "pg_hba.conf" and "pg_ident.conf" configuration is now only reloaded after receiving a SIGHUP signal, not with each connection. * The function "octet_length()" now returns the uncompressed data length. * The date/time value 'current' is no longer available. You will need to rewrite your applications. * The timestamp(), time(), and interval() functions are no longer available. Instead of timestamp(), use timestamp 'string' or CAST. The SELECT ... LIMIT #,# syntax will be removed in the next release. You should change your queries to use separate LIMIT and OFFSET clauses, e.g. LIMIT 10 OFFSET 20. __________________________________________________________________ Changes Server Operation * Create temporary files in a separate directory (Bruce) * Delete orphaned temporary files on postmaster startup (Bruce) * Added unique indexes to some system tables (Tom) * System table operator reorganization (Oleg Bartunov, Teodor Sigaev, Tom) * Renamed pg_log to pg_clog (Tom) * Enable SIGTERM, SIGQUIT to kill backends (Jan) * Removed compile-time limit on number of backends (Tom) * Better cleanup for semaphore resource failure (Tatsuo, Tom) * Allow safe transaction ID wraparound (Tom) * Removed OIDs from some system tables (Tom) * Removed "triggered data change violation" error check (Tom) * SPI portal creation of prepared/saved plans (Jan) * Allow SPI column functions to work for system columns (Tom) * Long value compression improvement (Tom) * Statistics collector for table, index access (Jan) * Truncate extra-long sequence names to a reasonable value (Tom) * Measure transaction times in milliseconds (Thomas) * Fix TID sequential scans (Hiroshi) * Superuser ID now fixed at 1 (Peter E) * New pg_ctl "reload" option (Tom) __________________________________________________________________ Performance * Optimizer improvements (Tom) * New histogram column statistics for optimizer (Tom) * Reuse write-ahead log files rather than discarding them (Tom) * Cache improvements (Tom) * IS NULL, IS NOT NULL optimizer improvement (Tom) * Improve lock manager to reduce lock contention (Tom) * Keep relcache entries for index access support functions (Tom) * Allow better selectivity with NaN and infinities in NUMERIC (Tom) * R-tree performance improvements (Kenneth Been) * B-tree splits more efficient (Tom) __________________________________________________________________ Privileges * Change UPDATE, DELETE privileges to be distinct (Peter E) * New REFERENCES, TRIGGER privileges (Peter E) * Allow GRANT/REVOKE to/from more than one user at a time (Peter E) * New has_table_privilege() function (Joe Conway) * Allow non-superuser to vacuum database (Tom) * New SET SESSION AUTHORIZATION command (Peter E) * Fix bug in privilege modifications on newly created tables (Tom) * Disallow access to pg_statistic for non-superuser, add user-accessible views (Tom) __________________________________________________________________ Client Authentication * Fork postmaster before doing authentication to prevent hangs (Peter E) * Add ident authentication over Unix domain sockets on Linux, *BSD (Helge Bahmann, Oliver Elphick, Teodor Sigaev, Bruce) * Add a password authentication method that uses MD5 encryption (Bruce) * Allow encryption of stored passwords using MD5 (Bruce) * PAM authentication (Dominic J. Eidson) * Load pg_hba.conf and pg_ident.conf only on startup and SIGHUP (Bruce) __________________________________________________________________ Server Configuration * Interpretation of some time zone abbreviations as Australian rather than North American now settable at run time (Bruce) * New parameter to set default transaction isolation level (Peter E) * New parameter to enable conversion of "expr = NULL" into "expr IS NULL", off by default (Peter E) * New parameter to control memory usage by VACUUM (Tom) * New parameter to set client authentication timeout (Tom) * New parameter to set maximum number of open files (Tom) __________________________________________________________________ Queries * Statements added by INSERT rules now execute after the INSERT (Jan) * Prevent unadorned relation names in target list (Bruce) * NULLs now sort after all normal values in ORDER BY (Tom) * New IS UNKNOWN, IS NOT UNKNOWN Boolean tests (Tom) * New SHARE UPDATE EXCLUSIVE lock mode (Tom) * New EXPLAIN ANALYZE command that shows run times and row counts (Martijn van Oosterhout) * Fix problem with LIMIT and subqueries (Tom) * Fix for LIMIT, DISTINCT ON pushed into subqueries (Tom) * Fix nested EXCEPT/INTERSECT (Tom) __________________________________________________________________ Schema Manipulation * Fix SERIAL in temporary tables (Bruce) * Allow temporary sequences (Bruce) * Sequences now use int8 internally (Tom) * New SERIAL8 creates int8 columns with sequences, default still SERIAL4 (Tom) * Make OIDs optional using WITHOUT OIDS (Tom) * Add %TYPE syntax to CREATE TYPE (Ian Lance Taylor) * Add ALTER TABLE / DROP CONSTRAINT for CHECK constraints (Christopher Kings-Lynne) * New CREATE OR REPLACE FUNCTION to alter existing function (preserving the function OID) (Gavin Sherry) * Add ALTER TABLE / ADD [ UNIQUE | PRIMARY ] (Christopher Kings-Lynne) * Allow column renaming in views * Make ALTER TABLE / RENAME COLUMN update column names of indexes (Brent Verner) * Fix for ALTER TABLE / ADD CONSTRAINT ... CHECK with inherited tables (Stephan Szabo) * ALTER TABLE RENAME update foreign-key trigger arguments correctly (Brent Verner) * DROP AGGREGATE and COMMENT ON AGGREGATE now accept an aggtype (Tom) * Add automatic return type data casting for SQL functions (Tom) * Allow GiST indexes to handle NULLs and multikey indexes (Oleg Bartunov, Teodor Sigaev, Tom) * Enable partial indexes (Martijn van Oosterhout) __________________________________________________________________ Utility Commands * Add RESET ALL, SHOW ALL (Marko Kreen) * CREATE/ALTER USER/GROUP now allow options in any order (Vince) * Add LOCK A, B, C functionality (Neil Padgett) * New ENCRYPTED/UNENCRYPTED option to CREATE/ALTER USER (Bruce) * New light-weight VACUUM does not lock table; old semantics are available as VACUUM FULL (Tom) * Disable COPY TO/FROM on views (Bruce) * COPY DELIMITERS string must be exactly one character (Tom) * VACUUM warning about index tuples fewer than heap now only appears when appropriate (Martijn van Oosterhout) * Fix privilege checks for CREATE INDEX (Tom) * Disallow inappropriate use of CREATE/DROP INDEX/TRIGGER/VIEW (Tom) __________________________________________________________________ Data Types and Functions * SUM(), AVG(), COUNT() now uses int8 internally for speed (Tom) * Add convert(), convert2() (Tatsuo) * New function bit_length() (Peter E) * Make the "n" in CHAR(n)/VARCHAR(n) represents letters, not bytes (Tatsuo) * CHAR(), VARCHAR() now reject strings that are too long (Peter E) * BIT VARYING now rejects bit strings that are too long (Peter E) * BIT now rejects bit strings that do not match declared size (Peter E) * INET, CIDR text conversion functions (Alex Pilosov) * INET, CIDR operators << and <<= indexable (Alex Pilosov) * Bytea \### now requires valid three digit octal number * Bytea comparison improvements, now supports =, <>, >, >=, <, and <= * Bytea now supports B-tree indexes * Bytea now supports LIKE, LIKE...ESCAPE, NOT LIKE, NOT LIKE...ESCAPE * Bytea now supports concatenation * New bytea functions: position, substring, trim, btrim, and length * New encode() function mode, "escaped", converts minimally escaped bytea to/from text * Add pg_database_encoding_max_length() (Tatsuo) * Add pg_client_encoding() function (Tatsuo) * now() returns time with millisecond precision (Thomas) * New TIMESTAMP WITHOUT TIMEZONE data type (Thomas) * Add ISO date/time specification with "T", yyyy-mm-ddThh:mm:ss (Thomas) * New xid/int comparison functions (Hiroshi) * Add precision to TIME, TIMESTAMP, and INTERVAL data types (Thomas) * Modify type coercion logic to attempt binary-compatible functions first (Tom) * New encode() function installed by default (Marko Kreen) * Improved to_*() conversion functions (Karel Zak) * Optimize LIKE/ILIKE when using single-byte encodings (Tatsuo) * New functions in contrib/pgcrypto: crypt(), hmac(), encrypt(), gen_salt() (Marko Kreen) * Correct description of translate() function (Bruce) * Add INTERVAL argument for SET TIME ZONE (Thomas) * Add INTERVAL YEAR TO MONTH (etc.) syntax (Thomas) * Optimize length functions when using single-byte encodings (Tatsuo) * Fix path_inter, path_distance, path_length, dist_ppath to handle closed paths (Curtis Barrett, Tom) * octet_length(text) now returns non-compressed length (Tatsuo, Bruce) * Handle "July" full name in date/time literals (Greg Sabino Mullane) * Some datatype() function calls now evaluated differently * Add support for Julian and ISO time specifications (Thomas) __________________________________________________________________ Internationalization * National language support in psql, pg_dump, libpq, and server (Peter E) * Message translations in Chinese (simplified, traditional), Czech, French, German, Hungarian, Russian, Swedish (Peter E, Serguei A. Mokhov, Karel Zak, Weiping He, Zhenbang Wei, Kovacs Zoltan) * Make trim, ltrim, rtrim, btrim, lpad, rpad, translate multibyte aware (Tatsuo) * Add LATIN5,6,7,8,9,10 support (Tatsuo) * Add ISO 8859-5,6,7,8 support (Tatsuo) * Correct LATIN5 to mean ISO-8859-9, not ISO-8859-5 (Tatsuo) * Make mic2ascii() non-ASCII aware (Tatsuo) * Reject invalid multibyte character sequences (Tatsuo) __________________________________________________________________ PL/pgSQL * Now uses portals for SELECT loops, allowing huge result sets (Jan) * CURSOR and REFCURSOR support (Jan) * Can now return open cursors (Jan) * Add ELSEIF (Klaus Reger) * Improve PL/pgSQL error reporting, including location of error (Tom) * Allow IS or FOR key words in cursor declaration, for compatibility (Bruce) * Fix for SELECT ... FOR UPDATE (Tom) * Fix for PERFORM returning multiple rows (Tom) * Make PL/pgSQL use the server's type coercion code (Tom) * Memory leak fix (Jan, Tom) * Make trailing semicolon optional (Tom) __________________________________________________________________ PL/Perl * New untrusted PL/Perl (Alex Pilosov) * PL/Perl is now built on some platforms even if libperl is not shared (Peter E) __________________________________________________________________ PL/Tcl * Now reports errorInfo (Vsevolod Lobko) * Add spi_lastoid function (bob@redivi.com) __________________________________________________________________ PL/Python * ...is new (Andrew Bosma) __________________________________________________________________ psql * \d displays indexes in unique, primary groupings (Christopher Kings-Lynne) * Allow trailing semicolons in backslash commands (Greg Sabino Mullane) * Read password from /dev/tty if possible * Force new password prompt when changing user and database (Tatsuo, Tom) * Format the correct number of columns for Unicode (Patrice) __________________________________________________________________ libpq * New function PQescapeString() to escape quotes in command strings (Florian Weimer) * New function PQescapeBytea() escapes binary strings for use as SQL string literals __________________________________________________________________ JDBC * Return OID of INSERT (Ken K) * Handle more data types (Ken K) * Handle single quotes and newlines in strings (Ken K) * Handle NULL variables (Ken K) * Fix for time zone handling (Barry Lind) * Improved Druid support * Allow eight-bit characters with non-multibyte server (Barry Lind) * Support BIT, BINARY types (Ned Wolpert) * Reduce memory usage (Michael Stephens, Dave Cramer) * Update DatabaseMetaData (Peter E) * Add DatabaseMetaData.getCatalogs() (Peter E) * Encoding fixes (Anders Bengtsson) * Get/setCatalog methods (Jason Davies) * DatabaseMetaData.getColumns() now returns column defaults (Jason Davies) * DatabaseMetaData.getColumns() performance improvement (Jeroen van Vianen) * Some JDBC1 and JDBC2 merging (Anders Bengtsson) * Transaction performance improvements (Barry Lind) * Array fixes (Greg Zoller) * Serialize addition * Fix batch processing (Rene Pijlman) * ExecSQL method reorganization (Anders Bengtsson) * GetColumn() fixes (Jeroen van Vianen) * Fix isWriteable() function (Rene Pijlman) * Improved passage of JDBC2 conformance tests (Rene Pijlman) * Add bytea type capability (Barry Lind) * Add isNullable() (Rene Pijlman) * JDBC date/time test suite fixes (Liam Stewart) * Fix for SELECT 'id' AS xxx FROM table (Dave Cramer) * Fix DatabaseMetaData to show precision properly (Mark Lillywhite) * New getImported/getExported keys (Jason Davies) * MD5 password encryption support (Jeremy Wohl) * Fix to actually use type cache (Ned Wolpert) __________________________________________________________________ ODBC * Remove query size limit (Hiroshi) * Remove text field size limit (Hiroshi) * Fix for SQLPrimaryKeys in multibyte mode (Hiroshi) * Allow ODBC procedure calls (Hiroshi) * Improve boolean handing (Aidan Mountford) * Most configuration options now settable via DSN (Hiroshi) * Multibyte, performance fixes (Hiroshi) * Allow driver to be used with iODBC or unixODBC (Peter E) * MD5 password encryption support (Bruce) * Add more compatibility functions to odbc.sql (Peter E) __________________________________________________________________ ECPG * EXECUTE ... INTO implemented (Christof Petig) * Multiple row descriptor support (e.g. CARDINALITY) (Christof Petig) * Fix for GRANT parameters (Lee Kindness) * Fix INITIALLY DEFERRED bug * Various bug fixes (Michael, Christof Petig) * Auto allocation for indicator variable arrays (int *ind_p=NULL) * Auto allocation for string arrays (char **foo_pp=NULL) * ECPGfree_auto_mem fixed * All function names with external linkage are now prefixed by ECPG * Fixes for arrays of structures (Michael) __________________________________________________________________ Misc. Interfaces * Python fix fetchone() (Gerhard Haring) * Use UTF, Unicode in Tcl where appropriate (Vsevolod Lobko, Reinhard Max) * Add Tcl COPY TO/FROM (ljb) * Prevent output of default index op class in pg_dump (Tom) * Fix libpgeasy memory leak (Bruce) __________________________________________________________________ Build and Install * Configure, dynamic loader, and shared library fixes (Peter E) * Fixes in QNX 4 port (Bernd Tegge) * Fixes in Cygwin and Windows ports (Jason Tishler, Gerhard Haring, Dmitry Yurtaev, Darko Prenosil, Mikhail Terekhov) * Fix for Windows socket communication failures (Magnus, Mikhail Terekhov) * Hurd compile fix (Oliver Elphick) * BeOS fixes (Cyril Velter) * Remove configure --enable-unicode-conversion, now enabled by multibyte (Tatsuo) * AIX fixes (Tatsuo, Andreas) * Fix parallel make (Peter E) * Install SQL language manual pages into OS-specific directories (Peter E) * Rename config.h to pg_config.h (Peter E) * Reorganize installation layout of header files (Peter E) __________________________________________________________________ Source Code * Remove SEP_CHAR (Bruce) * New GUC hooks (Tom) * Merge GUC and command line handling (Marko Kreen) * Remove EXTEND INDEX (Martijn van Oosterhout, Tom) * New pgjindent utility to indent java code (Bruce) * Remove define of true/false when compiling under C++ (Leandro Fanzone, Tom) * pgindent fixes (Bruce, Tom) * Replace strcasecmp() with strcmp() where appropriate (Peter E) * Dynahash portability improvements (Tom) * Add 'volatile' usage in spinlock structures * Improve signal handling logic (Tom) __________________________________________________________________ Contrib * New contrib/rtree_gist (Oleg Bartunov, Teodor Sigaev) * New contrib/tsearch full-text indexing (Oleg, Teodor Sigaev) * Add contrib/dblink for remote database access (Joe Conway) * contrib/ora2pg Oracle conversion utility (Gilles Darold) * contrib/xml XML conversion utility (John Gray) * contrib/fulltextindex fixes (Christopher Kings-Lynne) * New contrib/fuzzystrmatch with levenshtein and metaphone, soundex merged (Joe Conway) * Add contrib/intarray boolean queries, binary search, fixes (Oleg Bartunov) * New pg_upgrade utility (Bruce) * Add new pg_resetxlog options (Bruce, Tom) __________________________________________________________________ Release 7.1.3 Release date: 2001-08-15 __________________________________________________________________ Migration to Version 7.1.3 A dump/restore is *not* required for those running 7.1.X. __________________________________________________________________ Changes Remove unused WAL segments of large transactions (Tom) Multiaction rule fix (Tom) PL/pgSQL memory allocation fix (Jan) VACUUM buffer fix (Tom) Regression test fixes (Tom) pg_dump fixes for GRANT/REVOKE/comments on views, user-defined types (Tom) Fix subselects with DISTINCT ON or LIMIT (Tom) BeOS fix Disable COPY TO/FROM a view (Tom) Cygwin build (Jason Tishler) __________________________________________________________________ Release 7.1.2 Release date: 2001-05-11 This has one fix from 7.1.1. __________________________________________________________________ Migration to Version 7.1.2 A dump/restore is *not* required for those running 7.1.X. __________________________________________________________________ Changes Fix PL/pgSQL SELECTs when returning no rows Fix for psql backslash core dump Referential integrity privilege fix Optimizer fixes pg_dump cleanups __________________________________________________________________ Release 7.1.1 Release date: 2001-05-05 This has a variety of fixes from 7.1. __________________________________________________________________ Migration to Version 7.1.1 A dump/restore is *not* required for those running 7.1. __________________________________________________________________ Changes Fix for numeric MODULO operator (Tom) pg_dump fixes (Philip) pg_dump can dump 7.0 databases (Philip) readline 4.2 fixes (Peter E) JOIN fixes (Tom) AIX, MSWIN, VAX, N32K fixes (Tom) Multibytes fixes (Tom) Unicode fixes (Tatsuo) Optimizer improvements (Tom) Fix for whole rows in functions (Tom) Fix for pg_ctl and option strings with spaces (Peter E) ODBC fixes (Hiroshi) EXTRACT can now take string argument (Thomas) Python fixes (Darcy) __________________________________________________________________ Release 7.1 Release date: 2001-04-13 This release focuses on removing limitations that have existed in the PostgreSQL code for many years. Major changes in this release: Write-ahead Log (WAL) To maintain database consistency in case of an operating system crash, previous releases of PostgreSQL have forced all data modifications to disk before each transaction commit. With WAL, only one log file must be flushed to disk, greatly improving performance. If you have been using -F in previous releases to disable disk flushes, you might want to consider discontinuing its use. TOAST TOAST - Previous releases had a compiled-in row length limit, typically 8k - 32k. This limit made storage of long text fields difficult. With TOAST, long rows of any length can be stored with good performance. Outer Joins We now support outer joins. The UNION/NOT IN workaround for outer joins is no longer required. We use the SQL92 outer join syntax. Function Manager The previous C function manager did not handle null values properly, nor did it support 64-bit CPU's (Alpha). The new function manager does. You can continue using your old custom functions, but you might want to rewrite them in the future to use the new function manager call interface. Complex Queries A large number of complex queries that were unsupported in previous releases now work. Many combinations of views, aggregates, UNION, LIMIT, cursors, subqueries, and inherited tables now work properly. Inherited tables are now accessed by default. Subqueries in FROM are now supported. __________________________________________________________________ Migration to Version 7.1 A dump/restore using pg_dump is required for those wishing to migrate data from any previous release. __________________________________________________________________ Changes Bug Fixes --------- Many multibyte/Unicode/locale fixes (Tatsuo and others) More reliable ALTER TABLE RENAME (Tom) Kerberos V fixes (David Wragg) Fix for INSERT INTO...SELECT where targetlist has subqueries (Tom) Prompt username/password on standard error (Bruce) Large objects inv_read/inv_write fixes (Tom) Fixes for to_char(), to_date(), to_ascii(), and to_timestamp() (Karel, Daniel Baldoni) Prevent query expressions from leaking memory (Tom) Allow UPDATE of arrays elements (Tom) Wake up lock waiters during cancel (Hiroshi) Fix rare cursor crash when using hash join (Tom) Fix for DROP TABLE/INDEX in rolled-back transaction (Hiroshi) Fix psql crash from \l+ if MULTIBYTE enabled (Peter E) Fix truncation of rule names during CREATE VIEW (Ross Reedstrom) Fix PL/perl (Alex Kapranoff) Disallow LOCK on views (Mark Hollomon) Disallow INSERT/UPDATE/DELETE on views (Mark Hollomon) Disallow DROP RULE, CREATE INDEX, TRUNCATE on views (Mark Hollomon) Allow PL/pgSQL accept non-ASCII identifiers (Tatsuo) Allow views to proper handle GROUP BY, aggregates, DISTINCT (Tom) Fix rare failure with TRUNCATE command (Tom) Allow UNION/INTERSECT/EXCEPT to be used with ALL, subqueries, views, DISTINCT, ORDER BY, SELECT...INTO (Tom) Fix parser failures during aborted transactions (Tom) Allow temporary relations to properly clean up indexes (Bruce) Fix VACUUM problem with moving rows in same page (Tom) Modify pg_dump to better handle user-defined items in template1 (Philip) Allow LIMIT in VIEW (Tom) Require cursor FETCH to honor LIMIT (Tom) Allow PRIMARY/FOREIGN Key definitions on inherited columns (Stephan) Allow ORDER BY, LIMIT in subqueries (Tom) Allow UNION in CREATE RULE (Tom) Make ALTER/DROP TABLE rollback-able (Vadim, Tom) Store initdb collation in pg_control so collation cannot be changed (Tom) Fix INSERT...SELECT with rules (Tom) Fix FOR UPDATE inside views and subselects (Tom) Fix OVERLAPS operators conform to SQL92 spec regarding NULLs (Tom) Fix lpad() and rpad() to handle length less than input string (Tom) Fix use of NOTIFY in some rules (Tom) Overhaul btree code (Tom) Fix NOT NULL use in Pl/pgSQL variables (Tom) Overhaul GIST code (Oleg) Fix CLUSTER to preserve constraints and column default (Tom) Improved deadlock detection handling (Tom) Allow multiple SERIAL columns in a table (Tom) Prevent occasional index corruption (Vadim) Enhancements ------------ Add OUTER JOINs (Tom) Function manager overhaul (Tom) Allow ALTER TABLE RENAME on indexes (Tom) Improve CLUSTER (Tom) Improve ps status display for more platforms (Peter E, Marc) Improve CREATE FUNCTION failure message (Ross) JDBC improvements (Peter, Travis Bauer, Christopher Cain, William Webber, Gunnar) Grand Unified Configuration scheme/GUC. Many options can now be set in data/postgresql.conf, postmaster/postgres flags, or SET commands (Peter E) Improved handling of file descriptor cache (Tom) New warning code about auto-created table alias entries (Bruce) Overhaul initdb process (Tom, Peter E) Overhaul of inherited tables; inherited tables now accessed by default; new ONLY key word prevents it (Chris Bitmead, Tom) ODBC cleanups/improvements (Nick Gorham, Stephan Szabo, Zoltan Kovacs, Michael Fork) Allow renaming of temp tables (Tom) Overhaul memory manager contexts (Tom) pg_dumpall uses CREATE USER or CREATE GROUP rather using COPY (Peter E) Overhaul pg_dump (Philip Warner) Allow pg_hba.conf secondary password file to specify only username (Peter E) Allow TEMPORARY or TEMP key word when creating temporary tables (Bruce) New memory leak checker (Karel) New SET SESSION CHARACTERISTICS (Thomas) Allow nested block comments (Thomas) Add WITHOUT TIME ZONE type qualifier (Thomas) New ALTER TABLE ADD CONSTRAINT (Stephan) Use NUMERIC accumulators for INTEGER aggregates (Tom) Overhaul aggregate code (Tom) New VARIANCE and STDDEV() aggregates Improve dependency ordering of pg_dump (Philip) New pg_restore command (Philip) New pg_dump tar output option (Philip) New pg_dump of large objects (Philip) New ESCAPE option to LIKE (Thomas) New case-insensitive LIKE - ILIKE (Thomas) Allow functional indexes to use binary-compatible type (Tom) Allow SQL functions to be used in more contexts (Tom) New pg_config utility (Peter E) New PL/pgSQL EXECUTE command which allows dynamic SQL and utility statements (Jan) New PL/pgSQL GET DIAGNOSTICS statement for SPI value access (Jan) New quote_identifiers() and quote_literal() functions (Jan) New ALTER TABLE table OWNER TO user command (Mark Hollomon) Allow subselects in FROM, i.e. FROM (SELECT ...) [AS] alias (Tom) Update PyGreSQL to version 3.1 (D'Arcy) Store tables as files named by OID (Vadim) New SQL function setval(seq,val,bool) for use in pg_dump (Philip) Require DROP VIEW to remove views, no DROP TABLE (Mark) Allow DROP VIEW view1, view2 (Mark) Allow multiple objects in DROP INDEX, DROP RULE, and DROP TYPE (Tom) Allow automatic conversion to/from Unicode (Tatsuo, Eiji) New /contrib/pgcrypto hashing functions (Marko Kreen) New pg_dumpall --globals-only option (Peter E) New CHECKPOINT command for WAL which creates new WAL log file (Vadim) New AT TIME ZONE syntax (Thomas) Allow location of Unix domain socket to be configurable (David J. MacKenzie) Allow postmaster to listen on a specific IP address (David J. MacKenzie) Allow socket path name to be specified in hostname by using leading slash (David J. MacKenzie) Allow CREATE DATABASE to specify template database (Tom) New utility to convert MySQL schema dumps to SQL92 and PostgreSQL (Thomas) New /contrib/rserv replication toolkit (Vadim) New file format for COPY BINARY (Tom) New /contrib/oid2name to map numeric files to table names (B Palmer) New "idle in transaction" ps status message (Marc) Update to pgaccess 0.98.7 (Constantin Teodorescu) pg_ctl now defaults to -w (wait) on shutdown, new -l (log) option Add rudimentary dependency checking to pg_dump (Philip) Types ----- Fix INET/CIDR type ordering and add new functions (Tom) Make OID behave as an unsigned type (Tom) Allow BIGINT as synonym for INT8 (Peter E) New int2 and int8 comparison operators (Tom) New BIT and BIT VARYING types (Adriaan Joubert, Tom, Peter E) CHAR() no longer faster than VARCHAR() because of TOAST (Tom) New GIST seg/cube examples (Gene Selkov) Improved round(numeric) handling (Tom) Fix CIDR output formatting (Tom) New CIDR abbrev() function (Tom) Performance ----------- Write-Ahead Log (WAL) to provide crash recovery with less performance overhead (Vadim) ANALYZE stage of VACUUM no longer exclusively locks table (Bruce) Reduced file seeks (Denis Perchine) Improve BTREE code for duplicate keys (Tom) Store all large objects in a single table (Denis Perchine, Tom) Improve memory allocation performance (Karel, Tom) Source Code ----------- New function manager call conventions (Tom) SGI portability fixes (David Kaelbling) New configure --enable-syslog option (Peter E) New BSDI README (Bruce) configure script moved to top level, not /src (Peter E) Makefile/configuration/compilation overhaul (Peter E) New configure --with-python option (Peter E) Solaris cleanups (Peter E) Overhaul /contrib Makefiles (Karel) New OpenSSL configuration option (Magnus, Peter E) AIX fixes (Andreas) QNX fixes (Maurizio) New heap_open(), heap_openr() API (Tom) Remove colon and semi-colon operators (Thomas) New pg_class.relkind value for views (Mark Hollomon) Rename ichar() to chr() (Karel) New documentation for btrim(), ascii(), chr(), repeat() (Karel) Fixes for NT/Cygwin (Pete Forman) AIX port fixes (Andreas) New BeOS port (David Reid, Cyril Velter) Add proofreader's changes to docs (Addison-Wesley, Bruce) New Alpha spinlock code (Adriaan Joubert, Compaq) UnixWare port overhaul (Peter E) New Darwin/MacOS X port (Peter Bierman, Bruce Hartzler) New FreeBSD Alpha port (Alfred) Overhaul shared memory segments (Tom) Add IBM S/390 support (Neale Ferguson) Moved macmanuf to /contrib (Larry Rosenman) Syslog improvements (Larry Rosenman) New template0 database that contains no user additions (Tom) New /contrib/cube and /contrib/seg GIST sample code (Gene Selkov) Allow NetBSD's libedit instead of readline (Peter) Improved assembly language source code format (Bruce) New contrib/pg_logger New --template option to createdb New contrib/pg_control utility (Oliver) New FreeBSD tools ipc_check, start-scripts/freebsd __________________________________________________________________ Release 7.0.3 Release date: 2000-11-11 This has a variety of fixes from 7.0.2. __________________________________________________________________ Migration to Version 7.0.3 A dump/restore is *not* required for those running 7.0.*. __________________________________________________________________ Changes Jdbc fixes (Peter) Large object fix (Tom) Fix lean in COPY WITH OIDS leak (Tom) Fix backwards-index-scan (Tom) Fix SELECT ... FOR UPDATE so it checks for duplicate keys (Hiroshi) Add --enable-syslog to configure (Marc) Fix abort transaction at backend exit in rare cases (Tom) Fix for psql \l+ when multibyte enabled (Tatsuo) Allow PL/pgSQL to accept non ascii identifiers (Tatsuo) Make vacuum always flush buffers (Tom) Fix to allow cancel while waiting for a lock (Hiroshi) Fix for memory allocation problem in user authentication code (Tom) Remove bogus use of int4out() (Tom) Fixes for multiple subqueries in COALESCE or BETWEEN (Tom) Fix for failure of triggers on heap open in certain cases (Jeroen van Vianen) Fix for erroneous selectivity of not-equals (Tom) Fix for erroneous use of strcmp() (Tom) Fix for bug where storage manager accesses items beyond end of file (Tom) Fix to include kernel errno message in all smgr elog messages (Tom) Fix for '.' not in PATH at build time (SL Baur) Fix for out-of-file-descriptors error (Tom) Fix to make pg_dump dump 'iscachable' flag for functions (Tom) Fix for subselect in targetlist of Append node (Tom) Fix for mergejoin plans (Tom) Fix TRUNCATE failure on relations with indexes (Tom) Avoid database-wide restart on write error (Hiroshi) Fix nodeMaterial to honor chgParam by recomputing its output (Tom) Fix VACUUM problem with moving chain of update row versions when source and destination of a row version lie on the same page (Tom) Fix user.c CommandCounterIncrement (Tom) Fix for AM/PM boundary problem in to_char() (Karel Zak) Fix TIME aggregate handling (Tom) Fix to_char() to avoid coredump on NULL input (Tom) Buffer fix (Tom) Fix for inserting/copying longer multibyte strings into char() data types (Tatsuo) Fix for crash of backend, on abort (Tom) __________________________________________________________________ Release 7.0.2 Release date: 2000-06-05 This is a repackaging of 7.0.1 with added documentation. __________________________________________________________________ Migration to Version 7.0.2 A dump/restore is *not* required for those running 7.*. __________________________________________________________________ Changes Added documentation to tarball. __________________________________________________________________ Release 7.0.1 Release date: 2000-06-01 This is a cleanup release for 7.0. __________________________________________________________________ Migration to Version 7.0.1 A dump/restore is *not* required for those running 7.0. __________________________________________________________________ Changes Fix many CLUSTER failures (Tom) Allow ALTER TABLE RENAME works on indexes (Tom) Fix plpgsql to handle datetime->timestamp and timespan->interval (Bruce) New configure --with-setproctitle switch to use setproctitle() (Marc, Bruce) Fix the off by one errors in ResultSet from 6.5.3, and more. jdbc ResultSet fixes (Joseph Shraibman) optimizer tunings (Tom) Fix create user for pgaccess Fix for UNLISTEN failure IRIX fixes (David Kaelbling) QNX fixes (Andreas Kardos) Reduce COPY IN lock level (Tom) Change libpqeasy to use PQconnectdb() style parameters (Bruce) Fix pg_dump to handle OID indexes (Tom) Fix small memory leak (Tom) Solaris fix for createdb/dropdb (Tatsuo) Fix for non-blocking connections (Alfred Perlstein) Fix improper recovery after RENAME TABLE failures (Tom) Copy pg_ident.conf.sample into /lib directory in install (Bruce) Add SJIS UDC (NEC selection IBM kanji) support (Eiji Tokuya) Fix too long syslog message (Tatsuo) Fix problem with quoted indexes that are too long (Tom) JDBC ResultSet.getTimestamp() fix (Gregory Krasnow & Floyd Marinescu) ecpg changes (Michael) __________________________________________________________________ Release 7.0 Release date: 2000-05-08 This release contains improvements in many areas, demonstrating the continued growth of PostgreSQL. There are more improvements and fixes in 7.0 than in any previous release. The developers have confidence that this is the best release yet; we do our best to put out only solid releases, and this one is no exception. Major changes in this release: Foreign Keys Foreign keys are now implemented, with the exception of PARTIAL MATCH foreign keys. Many users have been asking for this feature, and we are pleased to offer it. Optimizer Overhaul Continuing on work started a year ago, the optimizer has been improved, allowing better query plan selection and faster performance with less memory usage. Updated psql psql, our interactive terminal monitor, has been updated with a variety of new features. See the psql manual page for details. Join Syntax SQL92 join syntax is now supported, though only as INNER JOIN for this release. JOIN, NATURAL JOIN, JOIN/USING, and JOIN/ON are available, as are column correlation names. __________________________________________________________________ Migration to Version 7.0 A dump/restore using pg_dump is required for those wishing to migrate data from any previous release of PostgreSQL. For those upgrading from 6.5.*, you can instead use pg_upgrade to upgrade to this release; however, a full dump/reload installation is always the most robust method for upgrades. Interface and compatibility issues to consider for the new release include: * The date/time types datetime and timespan have been superseded by the SQL92-defined types timestamp and interval. Although there has been some effort to ease the transition by allowing PostgreSQL to recognize the deprecated type names and translate them to the new type names, this mechanism cannot be completely transparent to your existing application. * The optimizer has been substantially improved in the area of query cost estimation. In some cases, this will result in decreased query times as the optimizer makes a better choice for the preferred plan. However, in a small number of cases, usually involving pathological distributions of data, your query times might go up. If you are dealing with large amounts of data, you might want to check your queries to verify performance. * The JDBC and ODBC interfaces have been upgraded and extended. * The string function CHAR_LENGTH is now a native function. Previous versions translated this into a call to LENGTH, which could result in ambiguity with other types implementing LENGTH such as the geometric types. __________________________________________________________________ Changes Bug Fixes --------- Prevent function calls exceeding maximum number of arguments (Tom) Improve CASE construct (Tom) Fix SELECT coalesce(f1,0) FROM int4_tbl GROUP BY f1 (Tom) Fix SELECT sentence.words[0] FROM sentence GROUP BY sentence.words[0] (Tom) Fix GROUP BY scan bug (Tom) Improvements in SQL grammar processing (Tom) Fix for views involved in INSERT ... SELECT ... (Tom) Fix for SELECT a/2, a/2 FROM test_missing_target GROUP BY a/2 (Tom) Fix for subselects in INSERT ... SELECT (Tom) Prevent INSERT ... SELECT ... ORDER BY (Tom) Fixes for relations greater than 2GB, including vacuum Improve propagating system table changes to other backends (Tom) Improve propagating user table changes to other backends (Tom) Fix handling of temp tables in complex situations (Bruce, Tom) Allow table locking at table open, improving concurrent reliability (Tom) Properly quote sequence names in pg_dump (Ross J. Reedstrom) Prevent DROP DATABASE while others accessing Prevent any rows from being returned by GROUP BY if no rows processed (Tom) Fix SELECT COUNT(1) FROM table WHERE ...' if no rows matching WHERE (Tom) Fix pg_upgrade so it works for MVCC (Tom) Fix for SELECT ... WHERE x IN (SELECT ... HAVING SUM(x) > 1) (Tom) Fix for "f1 datetime DEFAULT 'now'" (Tom) Fix problems with CURRENT_DATE used in DEFAULT (Tom) Allow comment-only lines, and ;;; lines too. (Tom) Improve recovery after failed disk writes, disk full (Hiroshi) Fix cases where table is mentioned in FROM but not joined (Tom) Allow HAVING clause without aggregate functions (Tom) Fix for "--" comment and no trailing newline, as seen in perl interface Improve pg_dump failure error reports (Bruce) Allow sorts and hashes to exceed 2GB file sizes (Tom) Fix for pg_dump dumping of inherited rules (Tom) Fix for NULL handling comparisons (Tom) Fix inconsistent state caused by failed CREATE/DROP commands (Hiroshi) Fix for dbname with dash Prevent DROP INDEX from interfering with other backends (Tom) Fix file descriptor leak in verify_password() Fix for "Unable to identify an operator =$" problem Fix ODBC so no segfault if CommLog and Debug enabled (Dirk Niggemann) Fix for recursive exit call (Massimo) Fix for extra-long timezones (Jeroen van Vianen) Make pg_dump preserve primary key information (Peter E) Prevent databases with single quotes (Peter E) Prevent DROP DATABASE inside transaction (Peter E) ecpg memory leak fixes (Stephen Birch) Fix for SELECT null::text, SELECT int4fac(null) and SELECT 2 + (null) (Tom) Y2K timestamp fix (Massimo) Fix for VACUUM 'HEAP_MOVED_IN was not expected' errors (Tom) Fix for views with tables/columns containing spaces (Tom) Prevent privileges on indexes (Peter E) Fix for spinlock stuck problem when error is generated (Hiroshi) Fix ipcclean on Linux Fix handling of NULL constraint conditions (Tom) Fix memory leak in odbc driver (Nick Gorham) Fix for privilege check on UNION tables (Tom) Fix to allow SELECT 'a' LIKE 'a' (Tom) Fix for SELECT 1 + NULL (Tom) Fixes to CHAR Fix log() on numeric type (Tom) Deprecate ':' and ';' operators Allow vacuum of temporary tables Disallow inherited columns with the same name as new columns Recover or force failure when disk space is exhausted (Hiroshi) Fix INSERT INTO ... SELECT with AS columns matching result columns Fix INSERT ... SELECT ... GROUP BY groups by target columns not source columns ( Tom) Fix CREATE TABLE test (a char(5) DEFAULT text '', b int4) with INSERT (Tom) Fix UNION with LIMIT Fix CREATE TABLE x AS SELECT 1 UNION SELECT 2 Fix CREATE TABLE test(col char(2) DEFAULT user) Fix mismatched types in CREATE TABLE ... DEFAULT Fix SELECT * FROM pg_class where oid in (0,-1) Fix SELECT COUNT('asdf') FROM pg_class WHERE oid=12 Prevent user who can create databases can modifying pg_database table (Peter E) Fix btree to give a useful elog when key > 1/2 (page - overhead) (Tom) Fix INSERT of 0.0 into DECIMAL(4,4) field (Tom) Enhancements ------------ New CLI interface include file sqlcli.h, based on SQL3/SQL98 Remove all limits on query length, row length limit still exists (Tom) Update jdbc protocol to 2.0 (Jens Glaser ) Add TRUNCATE command to quickly truncate relation (Mike Mascari) Fix to give super user and createdb user proper update catalog rights (Peter E) Allow ecpg bool variables to have NULL values (Christof) Issue ecpg error if NULL value for variable with no NULL indicator (Christof) Allow ^C to cancel COPY command (Massimo) Add SET FSYNC and SHOW PG_OPTIONS commands(Massimo) Function name overloading for dynamically-loaded C functions (Frankpitt) Add CmdTuples() to libpq++(Vince) New CREATE CONSTRAINT TRIGGER and SET CONSTRAINTS commands(Jan) Allow CREATE FUNCTION/WITH clause to be used for all language types configure --enable-debug adds -g (Peter E) configure --disable-debug removes -g (Peter E) Allow more complex default expressions (Tom) First real FOREIGN KEY constraint trigger functionality (Jan) Add FOREIGN KEY ... MATCH FULL ... ON DELETE CASCADE (Jan) Add FOREIGN KEY ... MATCH referential actions (Don Baccus) Allow WHERE restriction on ctid (physical heap location) (Hiroshi) Move pginterface from contrib to interface directory, rename to pgeasy (Bruce) Change pgeasy connectdb() parameter ordering (Bruce) Require SELECT DISTINCT target list to have all ORDER BY columns (Tom) Add Oracle's COMMENT ON command (Mike Mascari ) libpq's PQsetNoticeProcessor function now returns previous hook(Peter E) Prevent PQsetNoticeProcessor from being set to NULL (Peter E) Make USING in COPY optional (Bruce) Allow subselects in the target list (Tom) Allow subselects on the left side of comparison operators (Tom) New parallel regression test (Jan) Change backend-side COPY to write files with permissions 644 not 666 (Tom) Force permissions on PGDATA directory to be secure, even if it exists (Tom) Added psql LASTOID variable to return last inserted oid (Peter E) Allow concurrent vacuum and remove pg_vlock vacuum lock file (Tom) Add privilege check for vacuum (Peter E) New libpq functions to allow asynchronous connections: PQconnectStart(), PQconnectPoll(), PQresetStart(), PQresetPoll(), PQsetenvStart(), PQsetenvPoll(), PQsetenvAbort (Ewan Mellor) New libpq PQsetenv() function (Ewan Mellor) create/alter user extension (Peter E) New postmaster.pid and postmaster.opts under $PGDATA (Tatsuo) New scripts for create/drop user/db (Peter E) Major psql overhaul (Peter E) Add const to libpq interface (Peter E) New libpq function PQoidValue (Peter E) Show specific non-aggregate causing problem with GROUP BY (Tom) Make changes to pg_shadow recreate pg_pwd file (Peter E) Add aggregate(DISTINCT ...) (Tom) Allow flag to control COPY input/output of NULLs (Peter E) Make postgres user have a password by default (Peter E) Add CREATE/ALTER/DROP GROUP (Peter E) All administration scripts now support --long options (Peter E, Karel) Vacuumdb script now supports --all option (Peter E) ecpg new portable FETCH syntax Add ecpg EXEC SQL IFDEF, EXEC SQL IFNDEF, EXEC SQL ELSE, EXEC SQL ELIF and EXEC SQL ENDIF directives Add pg_ctl script to control backend start-up (Tatsuo) Add postmaster.opts.default file to store start-up flags (Tatsuo) Allow --with-mb=SQL_ASCII Increase maximum number of index keys to 16 (Bruce) Increase maximum number of function arguments to 16 (Bruce) Allow configuration of maximum number of index keys and arguments (Bruce) Allow unprivileged users to change their passwords (Peter E) Password authentication enabled; required for new users (Peter E) Disallow dropping a user who owns a database (Peter E) Change initdb option --with-mb to --enable-multibyte Add option for initdb to prompts for superuser password (Peter E) Allow complex type casts like col::numeric(9,2) and col::int2::float8 (Tom) Updated user interfaces on initdb, initlocation, pg_dump, ipcclean (Peter E) New pg_char_to_encoding() and pg_encoding_to_char() functions (Tatsuo) libpq non-blocking mode (Alfred Perlstein) Improve conversion of types in casts that don't specify a length New plperl internal programming language (Mark Hollomon) Allow COPY IN to read file that do not end with a newline (Tom) Indicate when long identifiers are truncated (Tom) Allow aggregates to use type equivalency (Peter E) Add Oracle's to_char(), to_date(), to_datetime(), to_timestamp(), to_number() conversion functions (Karel Zak ) Add SELECT DISTINCT ON (expr [, expr ...]) targetlist ... (Tom) Check to be sure ORDER BY is compatible with the DISTINCT operation (Tom) Add NUMERIC and int8 types to ODBC Improve EXPLAIN results for Append, Group, Agg, Unique (Tom) Add ALTER TABLE ... ADD FOREIGN KEY (Stephan Szabo) Allow SELECT .. FOR UPDATE in PL/pgSQL (Hiroshi) Enable backward sequential scan even after reaching EOF (Hiroshi) Add btree indexing of boolean values, >= and <= (Don Baccus) Print current line number when COPY FROM fails (Massimo) Recognize POSIX time zone e.g. "PST+8" and "GMT-8" (Thomas) Add DEC as synonym for DECIMAL (Thomas) Add SESSION_USER as SQL92 key word, same as CURRENT_USER (Thomas) Implement SQL92 column aliases (aka correlation names) (Thomas) Implement SQL92 join syntax (Thomas) Make INTERVAL reserved word allowed as a column identifier (Thomas) Implement REINDEX command (Hiroshi) Accept ALL in aggregate function SUM(ALL col) (Tom) Prevent GROUP BY from using column aliases (Tom) New psql \encoding option (Tatsuo) Allow PQrequestCancel() to terminate when in waiting-for-lock state (Hiroshi) Allow negation of a negative number in all cases Add ecpg descriptors (Christof, Michael) Allow CREATE VIEW v AS SELECT f1::char(8) FROM tbl Allow casts with length, like foo::char(8) New libpq functions PQsetClientEncoding(), PQclientEncoding() (Tatsuo) Add support for SJIS user defined characters (Tatsuo) Larger views/rules supported Make libpq's PQconndefaults() thread-safe (Tom) Disable // as comment to be ANSI conforming, should use -- (Tom) Allow column aliases on views CREATE VIEW name (collist) Fixes for views with subqueries (Tom) Allow UPDATE table SET fld = (SELECT ...) (Tom) SET command options no longer require quotes Update pgaccess to 0.98.6 New SET SEED command New pg_options.sample file New SET FSYNC command (Massimo) Allow pg_descriptions when creating tables Allow pg_descriptions when creating types, columns, and functions Allow psql \copy to allow delimiters (Peter E) Allow psql to print nulls as distinct from "" [null] (Peter E) Types ----- Many array fixes (Tom) Allow bare column names to be subscripted as arrays (Tom) Improve type casting of int and float constants (Tom) Cleanups for int8 inputs, range checking, and type conversion (Tom) Fix for SELECT timespan('21:11:26'::time) (Tom) netmask('x.x.x.x/0') is 255.255.255.255 instead of 0.0.0.0 (Oleg Sharoiko) Add btree index on NUMERIC (Jan) Perl fix for large objects containing NUL characters (Douglas Thomson) ODBC fix for large objects (free) Fix indexing of cidr data type Fix for Ethernet MAC addresses (macaddr type) comparisons Fix for date/time types when overflows happened in computations (Tom) Allow array on int8 (Peter E) Fix for rounding/overflow of NUMERIC type, like NUMERIC(4,4) (Tom) Allow NUMERIC arrays Fix bugs in NUMERIC ceil() and floor() functions (Tom) Make char_length()/octet_length including trailing blanks (Tom) Made abstime/reltime use int4 instead of time_t (Peter E) New lztext data type for compressed text fields Revise code to handle coercion of int and float constants (Tom) Start at new code to implement a BIT and BIT VARYING type (Adriaan Joubert) NUMERIC now accepts scientific notation (Tom) NUMERIC to int4 rounds (Tom) Convert float4/8 to NUMERIC properly (Tom) Allow type conversion with NUMERIC (Thomas) Make ISO date style (2000-02-16 09:33) the default (Thomas) Add NATIONAL CHAR [ VARYING ] (Thomas) Allow NUMERIC round and trunc to accept negative scales (Tom) New TIME WITH TIME ZONE type (Thomas) Add MAX()/MIN() on time type (Thomas) Add abs(), mod(), fac() for int8 (Thomas) Rename functions to round(), sqrt(), cbrt(), pow() for float8 (Thomas) Add transcendental math functions (e.g. sin(), acos()) for float8 (Thomas) Add exp() and ln() for NUMERIC type Rename NUMERIC power() to pow() (Thomas) Improved TRANSLATE() function (Edwin Ramirez, Tom) Allow X=-Y operators (Tom) Allow SELECT float8(COUNT(*))/(SELECT COUNT(*) FROM t) FROM t GROUP BY f1; (Tom) Allow LOCALE to use indexes in regular expression searches (Tom) Allow creation of functional indexes to use default types Performance ----------- Prevent exponential space consumption with many AND's and OR's (Tom) Collect attribute selectivity values for system columns (Tom) Reduce memory usage of aggregates (Tom) Fix for LIKE optimization to use indexes with multibyte encodings (Tom) Fix r-tree index optimizer selectivity (Thomas) Improve optimizer selectivity computations and functions (Tom) Optimize btree searching for cases where many equal keys exist (Tom) Enable fast LIKE index processing only if index present (Tom) Re-use free space on index pages with duplicates (Tom) Improve hash join processing (Tom) Prevent descending sort if result is already sorted(Hiroshi) Allow commuting of index scan query qualifications (Tom) Prefer index scans in cases where ORDER BY/GROUP BY is required (Tom) Allocate large memory requests in fix-sized chunks for performance (Tom) Fix vacuum's performance by reducing memory allocation requests (Tom) Implement constant-expression simplification (Bernard Frankpitt, Tom) Use secondary columns to be used to determine start of index scan (Hiroshi) Prevent quadruple use of disk space when doing internal sorting (Tom) Faster sorting by calling fewer functions (Tom) Create system indexes to match all system caches (Bruce, Hiroshi) Make system caches use system indexes (Bruce) Make all system indexes unique (Bruce) Improve pg_statistics management for VACUUM speed improvement (Tom) Flush backend cache less frequently (Tom, Hiroshi) COPY now reuses previous memory allocation, improving performance (Tom) Improve optimization cost estimation (Tom) Improve optimizer estimate of range queries x > lowbound AND x < highbound (Tom) Use DNF instead of CNF where appropriate (Tom, Taral) Further cleanup for OR-of-AND WHERE-clauses (Tom) Make use of index in OR clauses (x = 1 AND y = 2) OR (x = 2 AND y = 4) (Tom) Smarter optimizer computations for random index page access (Tom) New SET variable to control optimizer costs (Tom) Optimizer queries based on LIMIT, OFFSET, and EXISTS qualifications (Tom) Reduce optimizer internal housekeeping of join paths for speedup (Tom) Major subquery speedup (Tom) Fewer fsync writes when fsync is not disabled (Tom) Improved LIKE optimizer estimates (Tom) Prevent fsync in SELECT-only queries (Vadim) Make index creation use psort code, because it is now faster (Tom) Allow creation of sort temp tables > 1 Gig Source Tree Changes ------------------- Fix for linux PPC compile New generic expression-tree-walker subroutine (Tom) Change form() to varargform() to prevent portability problems Improved range checking for large integers on Alphas Clean up #include in /include directory (Bruce) Add scripts for checking includes (Bruce) Remove un-needed #include's from *.c files (Bruce) Change #include's to use <> and "" as appropriate (Bruce) Enable Windows compilation of libpq Alpha spinlock fix from Uncle George Overhaul of optimizer data structures (Tom) Fix to cygipc library (Yutaka Tanida) Allow pgsql to work on newer Cygwin snapshots (Dan) New catalog version number (Tom) Add Linux ARM Rename heap_replace to heap_update Update for QNX (Dr. Andreas Kardos) New platform-specific regression handling (Tom) Rename oid8 -> oidvector and int28 -> int2vector (Bruce) Included all yacc and lex files into the distribution (Peter E.) Remove lextest, no longer needed (Peter E) Fix for libpq and psql on Windows (Magnus) Internally change datetime and timespan into timestamp and interval (Thomas) Fix for plpgsql on BSD/OS Add SQL_ASCII test case to the regression test (Tatsuo) configure --with-mb now deprecated (Tatsuo) NT fixes NetBSD fixes (Johnny C. Lam ) Fixes for Alpha compiles New multibyte encodings __________________________________________________________________ Release 6.5.3 Release date: 1999-10-13 This is basically a cleanup release for 6.5.2. We have added a new PgAccess that was missing in 6.5.2, and installed an NT-specific fix. __________________________________________________________________ Migration to Version 6.5.3 A dump/restore is *not* required for those running 6.5.*. __________________________________________________________________ Changes Updated version of pgaccess 0.98 NT-specific patch Fix dumping rules on inherited tables __________________________________________________________________ Release 6.5.2 Release date: 1999-09-15 This is basically a cleanup release for 6.5.1. We have fixed a variety of problems reported by 6.5.1 users. __________________________________________________________________ Migration to Version 6.5.2 A dump/restore is *not* required for those running 6.5.*. __________________________________________________________________ Changes subselect+CASE fixes(Tom) Add SHLIB_LINK setting for solaris_i386 and solaris_sparc ports(Daren Sefcik) Fixes for CASE in WHERE join clauses(Tom) Fix BTScan abort(Tom) Repair the check for redundant UNIQUE and PRIMARY KEY indexes(Thomas) Improve it so that it checks for multicolumn constraints(Thomas) Fix for Windows making problem with MB enabled(Hiroki Kataoka) Allow BSD yacc and bison to compile pl code(Bruce) Fix SET NAMES working int8 fixes(Thomas) Fix vacuum's memory consumption(Hiroshi,Tatsuo) Reduce the total memory consumption of vacuum(Tom) Fix for timestamp(datetime) Rule deparsing bugfixes(Tom) Fix quoting problems in mkMakefile.tcldefs.sh.in and mkMakefile.tkdefs.sh.in(Tom ) This is to re-use space on index pages freed by vacuum(Vadim) document -x for pg_dump(Bruce) Fix for unary operators in rule deparser(Tom) Comment out FileUnlink of excess segments during mdtruncate()(Tom) IRIX linking fix from Yu Cao >yucao@falcon.kla-tencor.com< Repair logic error in LIKE: should not return LIKE_ABORT when reach end of pattern before end of text(Tom) Repair incorrect cleanup of heap memory allocation during transaction abort(Tom) Updated version of pgaccess 0.98 __________________________________________________________________ Release 6.5.1 Release date: 1999-07-15 This is basically a cleanup release for 6.5. We have fixed a variety of problems reported by 6.5 users. __________________________________________________________________ Migration to Version 6.5.1 A dump/restore is *not* required for those running 6.5. __________________________________________________________________ Changes Add NT README file Portability fixes for linux_ppc, IRIX, linux_alpha, OpenBSD, alpha Remove QUERY_LIMIT, use SELECT...LIMIT Fix for EXPLAIN on inheritance(Tom) Patch to allow vacuum on multisegment tables(Hiroshi) R-Tree optimizer selectivity fix(Tom) ACL file descriptor leak fix(Atsushi Ogawa) New expression subtree code(Tom) Avoid disk writes for read-only transactions(Vadim) Fix for removal of temp tables if last transaction was aborted(Bruce) Fix to prevent too large row from being created(Bruce) plpgsql fixes Allow port numbers 32k - 64k(Bruce) Add ^ precedence(Bruce) Rename sort files called pg_temp to pg_sorttemp(Bruce) Fix for microseconds in time values(Tom) Tutorial source cleanup New linux_m68k port Fix for sorting of NULL's in some cases(Tom) Shared library dependencies fixed (Tom) Fixed glitches affecting GROUP BY in subselects(Tom) Fix some compiler warnings (Tomoaki Nishiyama) Add Win1250 (Czech) support (Pavel Behal) __________________________________________________________________ Release 6.5 Release date: 1999-06-09 This release marks a major step in the development team's mastery of the source code we inherited from Berkeley. You will see we are now easily adding major features, thanks to the increasing size and experience of our world-wide development team. Here is a brief summary of the more notable changes: Multiversion concurrency control(MVCC) This removes our old table-level locking, and replaces it with a locking system that is superior to most commercial database systems. In a traditional system, each row that is modified is locked until committed, preventing reads by other users. MVCC uses the natural multiversion nature of PostgreSQL to allow readers to continue reading consistent data during writer activity. Writers continue to use the compact pg_log transaction system. This is all performed without having to allocate a lock for every row like traditional database systems. So, basically, we no longer are restricted by simple table-level locking; we have something better than row-level locking. Hot backups from pg_dump pg_dump takes advantage of the new MVCC features to give a consistent database dump/backup while the database stays online and available for queries. Numeric data type We now have a true numeric data type, with user-specified precision. Temporary tables Temporary tables are guaranteed to have unique names within a database session, and are destroyed on session exit. New SQL features We now have CASE, INTERSECT, and EXCEPT statement support. We have new LIMIT/OFFSET, SET TRANSACTION ISOLATION LEVEL, SELECT ... FOR UPDATE, and an improved LOCK TABLE command. Speedups We continue to speed up PostgreSQL, thanks to the variety of talents within our team. We have sped up memory allocation, optimization, table joins, and row transfer routines. Ports We continue to expand our port list, this time including Windows NT/ix86 and NetBSD/arm32. Interfaces Most interfaces have new versions, and existing functionality has been improved. Documentation New and updated material is present throughout the documentation. New FAQs have been contributed for SGI and AIX platforms. The Tutorial has introductory information on SQL from Stefan Simkovics. For the User's Guide, there are reference pages covering the postmaster and more utility programs, and a new appendix contains details on date/time behavior. The Administrator's Guide has a new chapter on troubleshooting from Tom Lane. And the Programmer's Guide has a description of query processing, also from Stefan, and details on obtaining the PostgreSQL source tree via anonymous CVS and CVSup. __________________________________________________________________ Migration to Version 6.5 A dump/restore using pg_dump is required for those wishing to migrate data from any previous release of PostgreSQL. pg_upgrade can *not* be used to upgrade to this release because the on-disk structure of the tables has changed compared to previous releases. The new Multiversion Concurrency Control (MVCC) features can give somewhat different behaviors in multiuser environments. *Read and understand the following section to ensure that your existing applications will give you the behavior you need.* __________________________________________________________________ Multiversion Concurrency Control Because readers in 6.5 don't lock data, regardless of transaction isolation level, data read by one transaction can be overwritten by another. In other words, if a row is returned by "SELECT" it doesn't mean that this row really exists at the time it is returned (i.e. sometime after the statement or transaction began) nor that the row is protected from being deleted or updated by concurrent transactions before the current transaction does a commit or rollback. To ensure the actual existence of a row and protect it against concurrent updates one must use "SELECT FOR UPDATE" or an appropriate "LOCK TABLE" statement. This should be taken into account when porting applications from previous releases of PostgreSQL and other environments. Keep the above in mind if you are using "contrib/refint.*" triggers for referential integrity. Additional techniques are required now. One way is to use "LOCK parent_table IN SHARE ROW EXCLUSIVE MODE" command if a transaction is going to update/delete a primary key and use "LOCK parent_table IN SHARE MODE" command if a transaction is going to update/insert a foreign key. Note: Note that if you run a transaction in SERIALIZABLE mode then you must execute the "LOCK" commands above before execution of any DML statement ("SELECT/INSERT/DELETE/UPDATE/FETCH/COPY_TO") in the transaction. These inconveniences will disappear in the future when the ability to read dirty (uncommitted) data (regardless of isolation level) and true referential integrity will be implemented. __________________________________________________________________ Changes Bug Fixes --------- Fix text<->float8 and text<->float4 conversion functions(Thomas) Fix for creating tables with mixed-case constraints(Billy) Change exp()/pow() behavior to generate error on underflow/overflow(Jan) Fix bug in pg_dump -z Memory overrun cleanups(Tatsuo) Fix for lo_import crash(Tatsuo) Adjust handling of data type names to suppress double quotes(Thomas) Use type coercion for matching columns and DEFAULT(Thomas) Fix deadlock so it only checks once after one second of sleep(Bruce) Fixes for aggregates and PL/pgsql(Hiroshi) Fix for subquery crash(Vadim) Fix for libpq function PQfnumber and case-insensitive names(Bahman Rafatjoo) Fix for large object write-in-middle, no extra block, memory consumption(Tatsuo) Fix for pg_dump -d or -D and quote special characters in INSERT Repair serious problems with dynahash(Tom) Fix INET/CIDR portability problems Fix problem with selectivity error in ALTER TABLE ADD COLUMN(Bruce) Fix executor so mergejoin of different column types works(Tom) Fix for Alpha OR selectivity bug Fix OR index selectivity problem(Bruce) Fix so \d shows proper length for char()/varchar()(Ryan) Fix tutorial code(Clark) Improve destroyuser checking(Oliver) Fix for Kerberos(Rodney McDuff) Fix for dropping database while dirty buffers(Bruce) Fix so sequence nextval() can be case-sensitive(Bruce) Fix !!= operator Drop buffers before destroying database files(Bruce) Fix case where executor evaluates functions twice(Tatsuo) Allow sequence nextval actions to be case-sensitive(Bruce) Fix optimizer indexing not working for negative numbers(Bruce) Fix for memory leak in executor with fjIsNull Fix for aggregate memory leaks(Erik Riedel) Allow user name containing a dash to grant privileges Cleanup of NULL in inet types Clean up system table bugs(Tom) Fix problems of PAGER and \? command(Masaaki Sakaida) Reduce default multisegment file size limit to 1GB(Peter) Fix for dumping of CREATE OPERATOR(Tom) Fix for backward scanning of cursors(Hiroshi Inoue) Fix for COPY FROM STDIN when using \i(Tom) Fix for subselect is compared inside an expression(Jan) Fix handling of error reporting while returning rows(Tom) Fix problems with reference to array types(Tom,Jan) Prevent UPDATE SET oid(Jan) Fix pg_dump so -t option can handle case-sensitive tablenames Fixes for GROUP BY in special cases(Tom, Jan) Fix for memory leak in failed queries(Tom) DEFAULT now supports mixed-case identifiers(Tom) Fix for multisegment uses of DROP/RENAME table, indexes(Ole Gjerde) Disable use of pg_dump with both -o and -d options(Bruce) Allow pg_dump to properly dump group privileges(Bruce) Fix GROUP BY in INSERT INTO table SELECT * FROM table2(Jan) Fix for computations in views(Jan) Fix for aggregates on array indexes(Tom) Fix for DEFAULT handles single quotes in value requiring too many quotes Fix security problem with non-super users importing/exporting large objects(Tom) Rollback of transaction that creates table cleaned up properly(Tom) Fix to allow long table and column names to generate proper serial names(Tom) Enhancements ------------ Add "vacuumdb" utility Speed up libpq by allocating memory better(Tom) EXPLAIN all indexes used(Tom) Implement CASE, COALESCE, NULLIF expression(Thomas) New pg_dump table output format(Constantin) Add string min()/max() functions(Thomas) Extend new type coercion techniques to aggregates(Thomas) New moddatetime contrib(Terry) Update to pgaccess 0.96(Constantin) Add routines for single-byte "char" type(Thomas) Improved substr() function(Thomas) Improved multibyte handling(Tatsuo) Multiversion concurrency control/MVCC(Vadim) New Serialized mode(Vadim) Fix for tables over 2gigs(Peter) New SET TRANSACTION ISOLATION LEVEL(Vadim) New LOCK TABLE IN ... MODE(Vadim) Update ODBC driver(Byron) New NUMERIC data type(Jan) New SELECT FOR UPDATE(Vadim) Handle "NaN" and "Infinity" for input values(Jan) Improved date/year handling(Thomas) Improved handling of backend connections(Magnus) New options ELOG_TIMESTAMPS and USE_SYSLOG options for log files(Massimo) New TCL_ARRAYS option(Massimo) New INTERSECT and EXCEPT(Stefan) New pg_index.indisprimary for primary key tracking(D'Arcy) New pg_dump option to allow dropping of tables before creation(Brook) Speedup of row output routines(Tom) New READ COMMITTED isolation level(Vadim) New TEMP tables/indexes(Bruce) Prevent sorting if result is already sorted(Jan) New memory allocation optimization(Jan) Allow psql to do \p\g(Bruce) Allow multiple rule actions(Jan) Added LIMIT/OFFSET functionality(Jan) Improve optimizer when joining a large number of tables(Bruce) New intro to SQL from S. Simkovics' Master's Thesis (Stefan, Thomas) New intro to backend processing from S. Simkovics' Master's Thesis (Stefan) Improved int8 support(Ryan Bradetich, Thomas, Tom) New routines to convert between int8 and text/varchar types(Thomas) New bushy plans, where meta-tables are joined(Bruce) Enable right-hand queries by default(Bruce) Allow reliable maximum number of backends to be set at configure time (--with-maxbackends and postmaster switch (-N backends))(Tom) GEQO default now 10 tables because of optimizer speedups(Tom) Allow NULL=Var for MS-SQL portability(Michael, Bruce) Modify contrib check_primary_key() so either "automatic" or "dependent"(Anand) Allow psql \d on a view show query(Ryan) Speedup for LIKE(Bruce) Ecpg fixes/features, see src/interfaces/ecpg/ChangeLog file(Michael) JDBC fixes/features, see src/interfaces/jdbc/CHANGELOG(Peter) Make % operator have precedence like /(Bruce) Add new postgres -O option to allow system table structure changes(Bruce) Update contrib/pginterface/findoidjoins script(Tom) Major speedup in vacuum of deleted rows with indexes(Vadim) Allow non-SQL functions to run different versions based on arguments(Tom) Add -E option that shows actual queries sent by \dt and friends(Masaaki Sakaida) Add version number in start-up banners for psql(Masaaki Sakaida) New contrib/vacuumlo removes large objects not referenced(Peter) New initialization for table sizes so non-vacuumed tables perform better(Tom) Improve error messages when a connection is rejected(Tom) Support for arrays of char() and varchar() fields(Massimo) Overhaul of hash code to increase reliability and performance(Tom) Update to PyGreSQL 2.4(D'Arcy) Changed debug options so -d4 and -d5 produce different node displays(Jan) New pg_options: pretty_plan, pretty_parse, pretty_rewritten(Jan) Better optimization statistics for system table access(Tom) Better handling of non-default block sizes(Massimo) Improve GEQO optimizer memory consumption(Tom) UNION now supports ORDER BY of columns not in target list(Jan) Major libpq++ improvements(Vince Vielhaber) pg_dump now uses -z(ACL's) as default(Bruce) backend cache, memory speedups(Tom) have pg_dump do everything in one snapshot transaction(Vadim) fix for large object memory leakage, fix for pg_dumping(Tom) INET type now respects netmask for comparisons Make VACUUM ANALYZE only use a readlock(Vadim) Allow VIEWs on UNIONS(Jan) pg_dump now can generate consistent snapshots on active databases(Vadim) Source Tree Changes ------------------- Improve port matching(Tom) Portability fixes for SunOS Add Windows NT backend port and enable dynamic loading(Magnus and Daniel Horak) New port to Cobalt Qube(Mips) running Linux(Tatsuo) Port to NetBSD/m68k(Mr. Mutsuki Nakajima) Port to NetBSD/sun3(Mr. Mutsuki Nakajima) Port to NetBSD/macppc(Toshimi Aoki) Fix for tcl/tk configuration(Vince) Removed CURRENT key word for rule queries(Jan) NT dynamic loading now works(Daniel Horak) Add ARM32 support(Andrew McMurry) Better support for HP-UX 11 and UnixWare Improve file handling to be more uniform, prevent file descriptor leak(Tom) New install commands for plpgsql(Jan) __________________________________________________________________ Release 6.4.2 Release date: 1998-12-20 The 6.4.1 release was improperly packaged. This also has one additional bug fix. __________________________________________________________________ Migration to Version 6.4.2 A dump/restore is *not* required for those running 6.4.*. __________________________________________________________________ Changes Fix for datetime constant problem on some platforms(Thomas) __________________________________________________________________ Release 6.4.1 Release date: 1998-12-18 This is basically a cleanup release for 6.4. We have fixed a variety of problems reported by 6.4 users. __________________________________________________________________ Migration to Version 6.4.1 A dump/restore is *not* required for those running 6.4. __________________________________________________________________ Changes Add pg_dump -N flag to force double quotes around identifiers. This is the default(Thomas) Fix for NOT in where clause causing crash(Bruce) EXPLAIN VERBOSE coredump fix(Vadim) Fix shared-library problems on Linux Fix test for table existence to allow mixed-case and whitespace in the table name(Thomas) Fix a couple of pg_dump bugs Configure matches template/.similar entries better(Tom) Change builtin function names from SPI_* to spi_* OR WHERE clause fix(Vadim) Fixes for mixed-case table names(Billy) contrib/linux/postgres.init.csh/sh fix(Thomas) libpq memory overrun fix SunOS fixes(Tom) Change exp() behavior to generate error on underflow(Thomas) pg_dump fixes for memory leak, inheritance constraints, layout change update pgaccess to 0.93 Fix prototype for 64-bit platforms Multibyte fixes(Tatsuo) New ecpg man page Fix memory overruns(Tatsuo) Fix for lo_import() crash(Bruce) Better search for install program(Tom) Timezone fixes(Tom) HP-UX fixes(Tom) Use implicit type coercion for matching DEFAULT values(Thomas) Add routines to help with single-byte (internal) character type(Thomas) Compilation of libpq for Windows fixes(Magnus) Upgrade to PyGreSQL 2.2(D'Arcy) __________________________________________________________________ Release 6.4 Release date: 1998-10-30 There are *many* new features and improvements in this release. Thanks to our developers and maintainers, nearly every aspect of the system has received some attention since the previous release. Here is a brief, incomplete summary: * Views and rules are now functional thanks to extensive new code in the rewrite rules system from Jan Wieck. He also wrote a chapter on it for the Programmer's Guide. * Jan also contributed a second procedural language, PL/pgSQL, to go with the original PL/pgTCL procedural language he contributed last release. * We have optional multiple-byte character set support from Tatsuo Ishii to complement our existing locale support. * Client/server communications has been cleaned up, with better support for asynchronous messages and interrupts thanks to Tom Lane. * The parser will now perform automatic type coercion to match arguments to available operators and functions, and to match columns and expressions with target columns. This uses a generic mechanism which supports the type extensibility features of PostgreSQL. There is a new chapter in the User's Guide which covers this topic. * Three new data types have been added. Two types, inet and cidr, support various forms of IP network, subnet, and machine addressing. There is now an 8-byte integer type available on some platforms. See the chapter on data types in the User's Guide for details. A fourth type, serial, is now supported by the parser as an amalgam of the int4 type, a sequence, and a unique index. * Several more SQL92-compatible syntax features have been added, including "INSERT DEFAULT VALUES" * The automatic configuration and installation system has received some attention, and should be more robust for more platforms than it has ever been. __________________________________________________________________ Migration to Version 6.4 A dump/restore using pg_dump or pg_dumpall is required for those wishing to migrate data from any previous release of PostgreSQL. __________________________________________________________________ Changes Bug Fixes --------- Fix for a tiny memory leak in PQsetdb/PQfinish(Bryan) Remove char2-16 data types, use char/varchar(Darren) Pqfn not handles a NOTICE message(Anders) Reduced busywaiting overhead for spinlocks with many backends (dg) Stuck spinlock detection (dg) Fix up "ISO-style" timespan decoding and encoding(Thomas) Fix problem with table drop after rollback of transaction(Vadim) Change error message and remove non-functional update message(Vadim) Fix for COPY array checking Fix for SELECT 1 UNION SELECT NULL Fix for buffer leaks in large object calls(Pascal) Change owner from oid to int4 type(Bruce) Fix a bug in the oracle compatibility functions btrim() ltrim() and rtrim() Fix for shared invalidation cache overflow(Massimo) Prevent file descriptor leaks in failed COPY's(Bruce) Fix memory leak in libpgtcl's pg_select(Constantin) Fix problems with username/passwords over 8 characters(Tom) Fix problems with handling of asynchronous NOTIFY in backend(Tom) Fix of many bad system table entries(Tom) Enhancements ------------ Upgrade ecpg and ecpglib,see src/interfaces/ecpc/ChangeLog(Michael) Show the index used in an EXPLAIN(Zeugswetter) EXPLAIN invokes rule system and shows plan(s) for rewritten queries(Jan) Multibyte awareness of many data types and functions, via configure(Tatsuo) New configure --with-mb option(Tatsuo) New initdb --pgencoding option(Tatsuo) New createdb -E multibyte option(Tatsuo) Select version(); now returns PostgreSQL version(Jeroen) libpq now allows asynchronous clients(Tom) Allow cancel from client of backend query(Tom) psql now cancels query with Control-C(Tom) libpq users need not issue dummy queries to get NOTIFY messages(Tom) NOTIFY now sends sender's PID, so you can tell whether it was your own(Tom) PGresult struct now includes associated error message, if any(Tom) Define "tz_hour" and "tz_minute" arguments to date_part()(Thomas) Add routines to convert between varchar and bpchar(Thomas) Add routines to allow sizing of varchar and bpchar into target columns(Thomas) Add bit flags to support timezonehour and minute in data retrieval(Thomas) Allow more variations on valid floating point numbers (e.g. ".1", "1e6")(Thomas) Fixes for unary minus parsing with leading spaces(Thomas) Implement TIMEZONE_HOUR, TIMEZONE_MINUTE per SQL92 specs(Thomas) Check for and properly ignore FOREIGN KEY column constraints(Thomas) Define USER as synonym for CURRENT_USER per SQL92 specs(Thomas) Enable HAVING clause but no fixes elsewhere yet. Make "char" type a synonym for "char(1)" (actually implemented as bpchar)(Thomas ) Save string type if specified for DEFAULT clause handling(Thomas) Coerce operations involving different data types(Thomas) Allow some index use for columns of different types(Thomas) Add capabilities for automatic type conversion(Thomas) Cleanups for large objects, so file is truncated on open(Peter) Readline cleanups(Tom) Allow psql \f \ to make spaces as delimiter(Bruce) Pass pg_attribute.atttypmod to the frontend for column field lengths(Tom,Bruce) Msql compatibility library in /contrib(Aldrin) Remove the requirement that ORDER/GROUP BY clause identifiers be included in the target list(David) Convert columns to match columns in UNION clauses(Thomas) Remove fork()/exec() and only do fork()(Bruce) Jdbc cleanups(Peter) Show backend status on ps command line(only works on some platforms)(Bruce) Pg_hba.conf now has a sameuser option in the database field Make lo_unlink take oid param, not int4 New DISABLE_COMPLEX_MACRO for compilers that cannot handle our macros(Bruce) Libpgtcl now handles NOTIFY as a Tcl event, need not send dummy queries(Tom) libpgtcl cleanups(Tom) Add -error option to libpgtcl's pg_result command(Tom) New locale patch, see docs/README/locale(Oleg) Fix for pg_dump so CONSTRAINT and CHECK syntax is correct(ccb) New contrib/lo code for large object orphan removal(Peter) New psql command "SET CLIENT_ENCODING TO 'encoding'" for multibytes feature, see /doc/README.mb(Tatsuo) contrib/noupdate code to revoke update permission on a column libpq can now be compiled on Windows(Magnus) Add PQsetdbLogin() in libpq New 8-byte integer type, checked by configure for OS support(Thomas) Better support for quoted table/column names(Thomas) Surround table and column names with double-quotes in pg_dump(Thomas) PQreset() now works with passwords(Tom) Handle case of GROUP BY target list column number out of range(David) Allow UNION in subselects Add auto-size to screen to \d? commands(Bruce) Use UNION to show all \d? results in one query(Bruce) Add \d? field search feature(Bruce) Pg_dump issues fewer \connect requests(Tom) Make pg_dump -z flag work better, document it in manual page(Tom) Add HAVING clause with full support for subselects and unions(Stephan) Full text indexing routines in contrib/fulltextindex(Maarten) Transaction ids now stored in shared memory(Vadim) New PGCLIENTENCODING when issuing COPY command(Tatsuo) Support for SQL92 syntax "SET NAMES"(Tatsuo) Support for LATIN2-5(Tatsuo) Add UNICODE regression test case(Tatsuo) Lock manager cleanup, new locking modes for LLL(Vadim) Allow index use with OR clauses(Bruce) Allows "SELECT NULL ORDER BY 1;" Explain VERBOSE prints the plan, and now pretty-prints the plan to the postmaster log file(Bruce) Add indexes display to \d command(Bruce) Allow GROUP BY on functions(David) New pg_class.relkind for large objects(Bruce) New way to send libpq NOTICE messages to a different location(Tom) New \w write command to psql(Bruce) New /contrib/findoidjoins scans oid columns to find join relationships(Bruce) Allow binary-compatible indexes to be considered when checking for valid Indexes for restriction clauses containing a constant(Thomas) New ISBN/ISSN code in /contrib/isbn_issn Allow NOT LIKE, IN, NOT IN, BETWEEN, and NOT BETWEEN constraint(Thomas) New rewrite system fixes many problems with rules and views(Jan) * Rules on relations work * Event qualifications on insert/update/delete work * New OLD variable to reference CURRENT, CURRENT will be remove in future * Update rules can reference NEW and OLD in rule qualifications/actions * Insert/update/delete rules on views work * Multiple rule actions are now supported, surrounded by parentheses * Regular users can create views/rules on tables they have RULE permits * Rules and views inherit the privileges of the creator * No rules at the column level * No UPDATE NEW/OLD rules * New pg_tables, pg_indexes, pg_rules and pg_views system views * Only a single action on SELECT rules * Total rewrite overhaul, perhaps for 6.5 * handle subselects * handle aggregates on views * handle insert into select from view works System indexes are now multikey(Bruce) Oidint2, oidint4, and oidname types are removed(Bruce) Use system cache for more system table lookups(Bruce) New backend programming language PL/pgSQL in backend/pl(Jan) New SERIAL data type, auto-creates sequence/index(Thomas) Enable assert checking without a recompile(Massimo) User lock enhancements(Massimo) New setval() command to set sequence value(Massimo) Auto-remove unix socket file on start-up if no postmaster running(Massimo) Conditional trace package(Massimo) New UNLISTEN command(Massimo) psql and libpq now compile under Windows using win32.mak(Magnus) Lo_read no longer stores trailing NULL(Bruce) Identifiers are now truncated to 31 characters internally(Bruce) Createuser options now available on the command line Code for 64-bit integer supported added, configure tested, int8 type(Thomas) Prevent file descriptor leaf from failed COPY(Bruce) New pg_upgrade command(Bruce) Updated /contrib directories(Massimo) New CREATE TABLE DEFAULT VALUES statement available(Thomas) New INSERT INTO TABLE DEFAULT VALUES statement available(Thomas) New DECLARE and FETCH feature(Thomas) libpq's internal structures now not exported(Tom) Allow up to 8 key indexes(Bruce) Remove ARCHIVE key word, that is no longer used(Thomas) pg_dump -n flag to suppress quotes around indentifiers disable system columns for views(Jan) new INET and CIDR types for network addresses(TomH, Paul) no more double quotes in psql output pg_dump now dumps views(Terry) new SET QUERY_LIMIT(Tatsuo,Jan) Source Tree Changes ------------------- /contrib cleanup(Jun) Inline some small functions called for every row(Bruce) Alpha/linux fixes HP-UX cleanups(Tom) Multibyte regression tests(Soonmyung.) Remove --disabled options from configure Define PGDOC to use POSTGRESDIR by default Make regression optional Remove extra braces code to pgindent(Bruce) Add bsdi shared library support(Bruce) New --without-CXX support configure option(Brook) New FAQ_CVS Update backend flowchart in tools/backend(Bruce) Change atttypmod from int16 to int32(Bruce, Tom) Getrusage() fix for platforms that do not have it(Tom) Add PQconnectdb, PGUSER, PGPASSWORD to libpq man page NS32K platform fixes(Phil Nelson, John Buller) SCO 7/UnixWare 2.x fixes(Billy,others) Sparc/Solaris 2.5 fixes(Ryan) Pgbuiltin.3 is obsolete, move to doc files(Thomas) Even more documentation(Thomas) Nextstep support(Jacek) Aix support(David) pginterface manual page(Bruce) shared libraries all have version numbers merged all OS-specific shared library defines into one file smarter TCL/TK configuration checking(Billy) smarter perl configuration(Brook) configure uses supplied install-sh if no install script found(Tom) new Makefile.shlib for shared library configuration(Tom) __________________________________________________________________ Release 6.3.2 Release date: 1998-04-07 This is a bug-fix release for 6.3.x. Refer to the release notes for version 6.3 for a more complete summary of new features. Summary: * Repairs automatic configuration support for some platforms, including Linux, from breakage inadvertently introduced in version 6.3.1. * Correctly handles function calls on the left side of BETWEEN and LIKE clauses. A dump/restore is NOT required for those running 6.3 or 6.3.1. A make distclean, make, and make install is all that is required. This last step should be performed while the postmaster is not running. You should re-link any custom applications that use PostgreSQL libraries. For upgrades from pre-6.3 installations, refer to the installation and migration instructions for version 6.3. __________________________________________________________________ Changes Configure detection improvements for tcl/tk(Brook Milligan, Alvin) Manual page improvements(Bruce) BETWEEN and LIKE fix(Thomas) fix for psql \connect used by pg_dump(Oliver Elphick) New odbc driver pgaccess, version 0.86 qsort removed, now uses libc version, cleanups(Jeroen) fix for buffer over-runs detected(Maurice Gittens) fix for buffer overrun in libpgtcl(Randy Kunkee) fix for UNION with DISTINCT or ORDER BY(Bruce) gettimeofday configure check(Doug Winterburn) Fix "indexes not used" bug(Vadim) docs additions(Thomas) Fix for backend memory leak(Bruce) libreadline cleanup(Erwan MAS) Remove DISTDIR(Bruce) Makefile dependency cleanup(Jeroen van Vianen) ASSERT fixes(Bruce) __________________________________________________________________ Release 6.3.1 Release date: 1998-03-23 Summary: * Additional support for multibyte character sets. * Repair byte ordering for mixed-endian clients and servers. * Minor updates to allowed SQL syntax. * Improvements to the configuration autodetection for installation. A dump/restore is NOT required for those running 6.3. A make distclean, make, and make install is all that is required. This last step should be performed while the postmaster is not running. You should re-link any custom applications that use PostgreSQL libraries. For upgrades from pre-6.3 installations, refer to the installation and migration instructions for version 6.3. __________________________________________________________________ Changes ecpg cleanup/fixes, now version 1.1(Michael Meskes) pg_user cleanup(Bruce) large object fix for pg_dump and tclsh (alvin) LIKE fix for multiple adjacent underscores fix for redefining builtin functions(Thomas) ultrix4 cleanup upgrade to pg_access 0.83 updated CLUSTER manual page multibyte character set support, see doc/README.mb(Tatsuo) configure --with-pgport fix pg_ident fix big-endian fix for backend communications(Kataoka) SUBSTR() and substring() fix(Jan) several jdbc fixes(Peter) libpgtcl improvements, see libptcl/README(Randy Kunkee) Fix for "Datasize = 0" error(Vadim) Prevent \do from wrapping(Bruce) Remove duplicate Russian character set entries Sunos4 cleanup Allow optional TABLE key word in LOCK and SELECT INTO(Thomas) CREATE SEQUENCE options to allow a negative integer(Thomas) Add "PASSWORD" as an allowed column identifier(Thomas) Add checks for UNION target fields(Bruce) Fix Alpha port(Dwayne Bailey) Fix for text arrays containing quotes(Doug Gibson) Solaris compile fix(Albert Chin-A-Young) Better identify tcl and tk libs and includes(Bruce) __________________________________________________________________ Release 6.3 Release date: 1998-03-01 There are *many* new features and improvements in this release. Here is a brief, incomplete summary: * Many new SQL features, including full SQL92 subselect capability (everything is here but target-list subselects). * Support for client-side environment variables to specify time zone and date style. * Socket interface for client/server connection. This is the default now so you might need to start postmaster with the "-i" flag. * Better password authorization mechanisms. Default table privileges have changed. * Old-style time travel has been removed. Performance has been improved. Note: Bruce Momjian wrote the following notes to introduce the new release. There are some general 6.3 issues that I want to mention. These are only the big items that cannot be described in one sentence. A review of the detailed changes list is still needed. First, we now have subselects. Now that we have them, I would like to mention that without subselects, SQL is a very limited language. Subselects are a major feature, and you should review your code for places where subselects provide a better solution for your queries. I think you will find that there are more uses for subselects than you might think. Vadim has put us on the big SQL map with subselects, and fully functional ones too. The only thing you cannot do with subselects is to use them in the target list. Second, 6.3 uses Unix domain sockets rather than TCP/IP by default. To enable connections from other machines, you have to use the new postmaster -i option, and of course edit "pg_hba.conf". Also, for this reason, the format of "pg_hba.conf" has changed. Third, char() fields will now allow faster access than varchar() or text. Specifically, the text and varchar() have a penalty for access to any columns after the first column of this type. char() used to also have this access penalty, but it no longer does. This might suggest that you redesign some of your tables, especially if you have short character columns that you have defined as varchar() or text. This and other changes make 6.3 even faster than earlier releases. We now have passwords definable independent of any Unix file. There are new SQL USER commands. See the Administrator's Guide for more information. There is a new table, pg_shadow, which is used to store user information and user passwords, and it by default only SELECT-able by the postgres super-user. pg_user is now a view of pg_shadow, and is SELECT-able by PUBLIC. You should keep using pg_user in your application without changes. User-created tables now no longer have SELECT privilege to PUBLIC by default. This was done because the ANSI standard requires it. You can of course GRANT any privileges you want after the table is created. System tables continue to be SELECT-able by PUBLIC. We also have real deadlock detection code. No more sixty-second timeouts. And the new locking code implements a FIFO better, so there should be less resource starvation during heavy use. Many complaints have been made about inadequate documentation in previous releases. Thomas has put much effort into many new manuals for this release. Check out the doc/ directory. For performance reasons, time travel is gone, but can be implemented using triggers (see "pgsql/contrib/spi/README"). Please check out the new \d command for types, operators, etc. Also, views have their own privileges now, not based on the underlying tables, so privileges on them have to be set separately. Check "/pgsql/interfaces" for some new ways to talk to PostgreSQL. This is the first release that really required an explanation for existing users. In many ways, this was necessary because the new release removes many limitations, and the work-arounds people were using are no longer needed. __________________________________________________________________ Migration to Version 6.3 A dump/restore using pg_dump or pg_dumpall is required for those wishing to migrate data from any previous release of PostgreSQL. __________________________________________________________________ Changes Bug Fixes --------- Fix binary cursors broken by MOVE implementation(Vadim) Fix for tcl library crash(Jan) Fix for array handling, from Gerhard Hintermayer Fix acl error, and remove duplicate pqtrace(Bruce) Fix psql \e for empty file(Bruce) Fix for textcat on varchar() fields(Bruce) Fix for DBT Sendproc (Zeugswetter Andres) Fix vacuum analyze syntax problem(Bruce) Fix for international identifiers(Tatsuo) Fix aggregates on inherited tables(Bruce) Fix substr() for out-of-bounds data Fix for select 1=1 or 2=2, select 1=1 and 2=2, and select sum(2+2)(Bruce) Fix notty output to show status result. -q option still turns it off(Bruce) Fix for count(*), aggs with views and multiple tables and sum(3)(Bruce) Fix cluster(Bruce) Fix for PQtrace start/stop several times(Bruce) Fix a variety of locking problems like newer lock waiters getting lock before older waiters, and having readlock people not share locks if a writer is waiting for a lock, and waiting writers not getting priority over waiting readers(Bruce) Fix crashes in psql when executing queries from external files(James) Fix problem with multiple order by columns, with the first one having NULL values(Jeroen) Use correct hash table support functions for float8 and int4(Thomas) Re-enable JOIN= option in CREATE OPERATOR statement (Thomas) Change precedence for boolean operators to match expected behavior(Thomas) Generate elog(ERROR) on over-large integer(Bruce) Allow multiple-argument functions in constraint clauses(Thomas) Check boolean input literals for 'true','false','yes','no','1','0' and throw elog(ERROR) if unrecognized(Thomas) Major large objects fix Fix for GROUP BY showing duplicates(Vadim) Fix for index scans in MergeJoin(Vadim) Enhancements ------------ Subselects with EXISTS, IN, ALL, ANY key words (Vadim, Bruce, Thomas) New User Manual(Thomas, others) Speedup by inlining some frequently-called functions Real deadlock detection, no more timeouts(Bruce) Add SQL92 "constants" CURRENT_DATE, CURRENT_TIME, CURRENT_TIMESTAMP, CURRENT_USER(Thomas) Modify constraint syntax to be SQL92-compliant(Thomas) Implement SQL92 PRIMARY KEY and UNIQUE clauses using indexes(Thomas) Recognize SQL92 syntax for FOREIGN KEY. Throw elog notice(Thomas) Allow NOT NULL UNIQUE constraint clause (each allowed separately before)(Thomas) Allow PostgreSQL-style casting ("::") of non-constants(Thomas) Add support for SQL3 TRUE and FALSE boolean constants(Thomas) Support SQL92 syntax for IS TRUE/IS FALSE/IS NOT TRUE/IS NOT FALSE(Thomas) Allow shorter strings for boolean literals (e.g. "t", "tr", "tru")(Thomas) Allow SQL92 delimited identifiers(Thomas) Implement SQL92 binary and hexadecimal string decoding (b'10' and x'1F')(Thomas) Support SQL92 syntax for type coercion of literal strings (e.g. "DATETIME 'now'")(Thomas) Add conversions for int2, int4, and OID types to and from text(Thomas) Use shared lock when building indexes(Vadim) Free memory allocated for an user query inside transaction block after this query is done, was turned off in <= 6.2.1(Vadim) New SQL statement CREATE PROCEDURAL LANGUAGE(Jan) New PostgreSQL Procedural Language (PL) backend interface(Jan) Rename pg_dump -H option to -h(Bruce) Add Java support for passwords, European dates(Peter) Use indexes for LIKE and ~, !~ operations(Bruce) Add hash functions for datetime and timespan(Thomas) Time Travel removed(Vadim, Bruce) Add paging for \d and \z, and fix \i(Bruce) Add Unix domain socket support to backend and to frontend library(Goran) Implement CREATE DATABASE/WITH LOCATION and initlocation utility(Thomas) Allow more SQL92 and/or PostgreSQL reserved words as column identifiers(Thomas) Augment support for SQL92 SET TIME ZONE...(Thomas) SET/SHOW/RESET TIME ZONE uses TZ backend environment variable(Thomas) Implement SET keyword = DEFAULT and SET TIME ZONE DEFAULT(Thomas) Enable SET TIME ZONE using TZ environment variable(Thomas) Add PGDATESTYLE environment variable to frontend and backend initialization(Thom as) Add PGTZ, PGCOSTHEAP, PGCOSTINDEX, PGRPLANS, PGGEQO frontend library initialization environment variables(Thomas) Regression tests time zone automatically set with "setenv PGTZ PST8PDT"(Thomas) Add pg_description table for info on tables, columns, operators, types, and aggregates(Bruce) Increase 16 char limit on system table/index names to 32 characters(Bruce) Rename system indexes(Bruce) Add 'GERMAN' option to SET DATESTYLE(Thomas) Define an "ISO-style" timespan output format with "hh:mm:ss" fields(Thomas) Allow fractional values for delta times (e.g. '2.5 days')(Thomas) Validate numeric input more carefully for delta times(Thomas) Implement day of year as possible input to date_part()(Thomas) Define timespan_finite() and text_timespan() functions(Thomas) Remove archive stuff(Bruce) Allow for a pg_password authentication database that is separate from the system password file(Todd) Dump ACLs, GRANT, REVOKE privileges(Matt) Define text, varchar, and bpchar string length functions(Thomas) Fix Query handling for inheritance, and cost computations(Bruce) Implement CREATE TABLE/AS SELECT (alternative to SELECT/INTO)(Thomas) Allow NOT, IS NULL, IS NOT NULL in constraints(Thomas) Implement UNIONs for SELECT(Bruce) Add UNION, GROUP, DISTINCT to INSERT(Bruce) varchar() stores only necessary bytes on disk(Bruce) Fix for BLOBs(Peter) Mega-Patch for JDBC...see README_6.3 for list of changes(Peter) Remove unused "option" from PQconnectdb() New LOCK command and lock manual page describing deadlocks(Bruce) Add new psql \da, \dd, \df, \do, \dS, and \dT commands(Bruce) Enhance psql \z to show sequences(Bruce) Show NOT NULL and DEFAULT in psql \d table(Bruce) New psql .psqlrc file start-up(Andrew) Modify sample start-up script in contrib/linux to show syslog(Thomas) New types for IP and MAC addresses in contrib/ip_and_mac(TomH) Unix system time conversions with date/time types in contrib/unixdate(Thomas) Update of contrib stuff(Massimo) Add Unix socket support to DBD::Pg(Goran) New python interface (PyGreSQL 2.0)(D'Arcy) New frontend/backend protocol has a version number, network byte order(Phil) Security features in pg_hba.conf enhanced and documented, many cleanups(Phil) CHAR() now faster access than VARCHAR() or TEXT ecpg embedded SQL preprocessor Reduce system column overhead(Vadmin) Remove pg_time table(Vadim) Add pg_type attribute to identify types that need length (bpchar, varchar) Add report of offending line when COPY command fails Allow VIEW privileges to be set separately from the underlying tables. For security, use GRANT/REVOKE on views as appropriate(Jan) Tables now have no default GRANT SELECT TO PUBLIC. You must explicitly grant such privileges. Clean up tutorial examples(Darren) Source Tree Changes ------------------- Add new html development tools, and flow chart in /tools/backend Fix for SCO compiles Stratus computer port Robert Gillies Added support for shlib for BSD44_derived & i386_solaris Make configure more automated(Brook) Add script to check regression test results Break parser functions into smaller files, group together(Bruce) Rename heap_create to heap_create_and_catalog, rename heap_creatr to heap_create()(Bruce) Sparc/Linux patch for locking(TomS) Remove PORTNAME and reorganize port-specific stuff(Marc) Add optimizer README file(Bruce) Remove some recursion in optimizer and clean up some code there(Bruce) Fix for NetBSD locking(Henry) Fix for libptcl make(Tatsuo) AIX patch(Darren) Change IS TRUE, IS FALSE, ... to expressions using "=" rather than function calls to istrue() or isfalse() to allow optimization(Thomas) Various fixes NetBSD/Sparc related(TomH) Alpha linux locking(Travis,Ryan) Change elog(WARN) to elog(ERROR)(Bruce) FAQ for FreeBSD(Marc) Bring in the PostODBC source tree as part of our standard distribution(Marc) A minor patch for HP/UX 10 vs 9(Stan) New pg_attribute.atttypmod for type-specific info like varchar length(Bruce) UnixWare patches(Billy) New i386 'lock' for spinlock asm(Billy) Support for multiplexed backends is removed Start an OpenBSD port Start an AUX port Start a Cygnus port Add string functions to regression suite(Thomas) Expand a few function names formerly truncated to 16 characters(Thomas) Remove un-needed malloc() calls and replace with palloc()(Bruce) __________________________________________________________________ Release 6.2.1 Release date: 1997-10-17 6.2.1 is a bug-fix and usability release on 6.2. Summary: * Allow strings to span lines, per SQL92. * Include example trigger function for inserting user names on table updates. This is a minor bug-fix release on 6.2. For upgrades from pre-6.2 systems, a full dump/reload is required. Refer to the 6.2 release notes for instructions. __________________________________________________________________ Migration from version 6.2 to version 6.2.1 This is a minor bug-fix release. A dump/reload is not required from version 6.2, but is required from any release prior to 6.2. In upgrading from version 6.2, if you choose to dump/reload you will find that avg(money) is now calculated correctly. All other bug fixes take effect upon updating the executables. Another way to avoid dump/reload is to use the following SQL command from "psql" to update the existing system table: update pg_aggregate set aggfinalfn = 'cash_div_flt8' where aggname = 'avg' and aggbasetype = 790; This will need to be done to every existing database, including template1. __________________________________________________________________ Changes Allow TIME and TYPE column names(Thomas) Allow larger range of true/false as boolean values(Thomas) Support output of "now" and "current"(Thomas) Handle DEFAULT with INSERT of NULL properly(Vadim) Fix for relation reference counts problem in buffer manager(Vadim) Allow strings to span lines, like ANSI(Thomas) Fix for backward cursor with ORDER BY(Vadim) Fix avg(cash) computation(Thomas) Fix for specifying a column twice in ORDER/GROUP BY(Vadim) Documented new libpq function to return affected rows, PQcmdTuples(Bruce) Trigger function for inserting user names for INSERT/UPDATE(Brook Milligan) __________________________________________________________________ Release 6.2 Release date: 1997-10-02 A dump/restore is required for those wishing to migrate data from previous releases of PostgreSQL. __________________________________________________________________ Migration from version 6.1 to version 6.2 This migration requires a complete dump of the 6.1 database and a restore of the database in 6.2. Note that the "pg_dump" and "pg_dumpall" utility from 6.2 should be used to dump the 6.1 database. __________________________________________________________________ Migration from version 1.x to version 6.2 Those migrating from earlier 1.* releases should first upgrade to 1.09 because the COPY output format was improved from the 1.02 release. __________________________________________________________________ Changes Bug Fixes --------- Fix problems with pg_dump for inheritance, sequences, archive tables(Bruce) Fix compile errors on overflow due to shifts, unsigned, and bad prototypes from Solaris(Diab Jerius) Fix bugs in geometric line arithmetic (bad intersection calculations)(Thomas) Check for geometric intersections at endpoints to avoid rounding ugliness(Thomas ) Catch non-functional delete attempts(Vadim) Change time function names to be more consistent(Michael Reifenberg) Check for zero divides(Michael Reifenberg) Fix very old bug which made rows changed/inserted by a command visible to the command itself (so we had multiple update of updated rows, etc.)(Vadim) Fix for SELECT null, 'fail' FROM pg_am (Patrick) SELECT NULL as EMPTY_FIELD now allowed(Patrick) Remove un-needed signal stuff from contrib/pginterface Fix OR (where x != 1 or x isnull didn't return rows with x NULL) (Vadim) Fix time_cmp function (Vadim) Fix handling of functions with non-attribute first argument in WHERE clauses (Vadim) Fix GROUP BY when order of entries is different from order in target list (Vadim) Fix pg_dump for aggregates without sfunc1 (Vadim) Enhancements ------------ Default genetic optimizer GEQO parameter is now 8(Bruce) Allow use parameters in target list having aggregates in functions(Vadim) Added JDBC driver as an interface(Adrian & Peter) pg_password utility Return number of rows inserted/affected by INSERT/UPDATE/DELETE etc.(Vadim) Triggers implemented with CREATE TRIGGER (SQL3)(Vadim) SPI (Server Programming Interface) allows execution of queries inside C-functions (Vadim) NOT NULL implemented (SQL92)(Robson Paniago de Miranda) Include reserved words for string handling, outer joins, and unions(Thomas) Implement extended comments ("/* ... */") using exclusive states(Thomas) Add "//" single-line comments(Bruce) Remove some restrictions on characters in operator names(Thomas) DEFAULT and CONSTRAINT for tables implemented (SQL92)(Vadim & Thomas) Add text concatenation operator and function (SQL92)(Thomas) Support WITH TIME ZONE syntax (SQL92)(Thomas) Support INTERVAL unit TO unit syntax (SQL92)(Thomas) Define types DOUBLE PRECISION, INTERVAL, CHARACTER, and CHARACTER VARYING (SQL92)(Thomas) Define type FLOAT(p) and rudimentary DECIMAL(p,s), NUMERIC(p,s) (SQL92)(Thomas) Define EXTRACT(), POSITION(), SUBSTRING(), and TRIM() (SQL92)(Thomas) Define CURRENT_DATE, CURRENT_TIME, CURRENT_TIMESTAMP (SQL92)(Thomas) Add syntax and warnings for UNION, HAVING, INNER and OUTER JOIN (SQL92)(Thomas) Add more reserved words, mostly for SQL92 compliance(Thomas) Allow hh:mm:ss time entry for timespan/reltime types(Thomas) Add center() routines for lseg, path, polygon(Thomas) Add distance() routines for circle-polygon, polygon-polygon(Thomas) Check explicitly for points and polygons contained within polygons using an axis-crossing algorithm(Thomas) Add routine to convert circle-box(Thomas) Merge conflicting operators for different geometric data types(Thomas) Replace distance operator "<===>" with "<->"(Thomas) Replace "above" operator "!^" with ">^" and "below" operator "!|" with "<^"(Thom as) Add routines for text trimming on both ends, substring, and string position(Thom as) Added conversion routines circle(box) and poly(circle)(Thomas) Allow internal sorts to be stored in memory rather than in files(Bruce & Vadim) Allow functions and operators on internally-identical types to succeed(Bruce) Speed up backend start-up after profiling analysis(Bruce) Inline frequently called functions for performance(Bruce) Reduce open() calls(Bruce) psql: Add PAGER for \h and \?,\C fix Fix for psql pager when no tty(Bruce) New entab utility(Bruce) General trigger functions for referential integrity (Vadim) General trigger functions for time travel (Vadim) General trigger functions for AUTOINCREMENT/IDENTITY feature (Vadim) MOVE implementation (Vadim) Source Tree Changes ------------------- HP-UX 10 patches (Vladimir Turin) Added SCO support, (Daniel Harris) MkLinux patches (Tatsuo Ishii) Change geometric box terminology from "length" to "width"(Thomas) Deprecate temporary unstored slope fields in geometric code(Thomas) Remove restart instructions from INSTALL(Bruce) Look in /usr/ucb first for install(Bruce) Fix c++ copy example code(Thomas) Add -o to psql manual page(Bruce) Prevent relname unallocated string length from being copied into database(Bruce) Cleanup for NAMEDATALEN use(Bruce) Fix pg_proc names over 15 chars in output(Bruce) Add strNcpy() function(Bruce) remove some (void) casts that are unnecessary(Bruce) new interfaces directory(Marc) Replace fopen() calls with calls to fd.c functions(Bruce) Make functions static where possible(Bruce) enclose unused functions in #ifdef NOT_USED(Bruce) Remove call to difftime() in timestamp support to fix SunOS(Bruce & Thomas) Changes for Digital Unix Portability fix for pg_dumpall(Bruce) Rename pg_attribute.attnvals to attdispersion(Bruce) "intro/unix" manual page now "pgintro"(Bruce) "built-in" manual page now "pgbuiltin"(Bruce) "drop" manual page now "drop_table"(Bruce) Add "create_trigger", "drop_trigger" manual pages(Thomas) Add constraints regression test(Vadim & Thomas) Add comments syntax regression test(Thomas) Add PGINDENT and support program(Bruce) Massive commit to run PGINDENT on all *.c and *.h files(Bruce) Files moved to /src/tools directory(Bruce) SPI and Trigger programming guides (Vadim & D'Arcy) __________________________________________________________________ Release 6.1.1 Release date: 1997-07-22 __________________________________________________________________ Migration from version 6.1 to version 6.1.1 This is a minor bug-fix release. A dump/reload is not required from version 6.1, but is required from any release prior to 6.1. Refer to the release notes for 6.1 for more details. __________________________________________________________________ Changes fix for SET with options (Thomas) allow pg_dump/pg_dumpall to preserve ownership of all tables/objects(Bruce) new psql \connect option allows changing usernames without changing databases fix for initdb --debug option(Yoshihiko Ichikawa)) lextest cleanup(Bruce) hash fixes(Vadim) fix date/time month boundary arithmetic(Thomas) fix timezone daylight handling for some ports(Thomas, Bruce, Tatsuo) timestamp overhauled to use standard functions(Thomas) other code cleanup in date/time routines(Thomas) psql's \d now case-insensitive(Bruce) psql's backslash commands can now have trailing semicolon(Bruce) fix memory leak in psql when using \g(Bruce) major fix for endian handling of communication to server(Thomas, Tatsuo) Fix for Solaris assembler and include files(Yoshihiko Ichikawa) allow underscores in usernames(Bruce) pg_dumpall now returns proper status, portability fix(Bruce) __________________________________________________________________ Release 6.1 Release date: 1997-06-08 The regression tests have been adapted and extensively modified for the 6.1 release of PostgreSQL. Three new data types (datetime, timespan, and circle) have been added to the native set of PostgreSQL types. Points, boxes, paths, and polygons have had their output formats made consistent across the data types. The polygon output in misc.out has only been spot-checked for correctness relative to the original regression output. PostgreSQL 6.1 introduces a new, alternate optimizer which uses genetic algorithms. These algorithms introduce a random behavior in the ordering of query results when the query contains multiple qualifiers or multiple tables (giving the optimizer a choice on order of evaluation). Several regression tests have been modified to explicitly order the results, and hence are insensitive to optimizer choices. A few regression tests are for data types which are inherently unordered (e.g. points and time intervals) and tests involving those types are explicitly bracketed with "set geqo to 'off'" and "reset geqo". The interpretation of array specifiers (the curly braces around atomic values) appears to have changed sometime after the original regression tests were generated. The current "./expected/*.out" files reflect this new interpretation, which might not be correct! The float8 regression test fails on at least some platforms. This is due to differences in implementations of pow() and exp() and the signaling mechanisms used for overflow and underflow conditions. The "random" results in the random test should cause the "random" test to be "failed", since the regression tests are evaluated using a simple diff. However, "random" does not seem to produce random results on my test machine (Linux/gcc/i686). __________________________________________________________________ Migration to Version 6.1 This migration requires a complete dump of the 6.0 database and a restore of the database in 6.1. Those migrating from earlier 1.* releases should first upgrade to 1.09 because the COPY output format was improved from the 1.02 release. __________________________________________________________________ Changes Bug Fixes --------- packet length checking in library routines lock manager priority patch check for under/over flow of float8(Bruce) multitable join fix(Vadim) SIGPIPE crash fix(Darren) large object fixes(Sven) allow btree indexes to handle NULLs(Vadim) timezone fixes(D'Arcy) select SUM(x) can return NULL on no rows(Thomas) internal optimizer, executor bug fixes(Vadim) fix problem where inner loop in < or <= has no rows(Vadim) prevent re-commuting join index clauses(Vadim) fix join clauses for multiple tables(Vadim) fix hash, hashjoin for arrays(Vadim) fix btree for abstime type(Vadim) large object fixes(Raymond) fix buffer leak in hash indexes (Vadim) fix rtree for use in inner scan (Vadim) fix gist for use in inner scan, cleanups (Vadim, Andrea) avoid unnecessary local buffers allocation (Vadim, Massimo) fix local buffers leak in transaction aborts (Vadim) fix file manager memmory leaks, cleanups (Vadim, Massimo) fix storage manager memmory leaks (Vadim) fix btree duplicates handling (Vadim) fix deleted rows reincarnation caused by vacuum (Vadim) fix SELECT varchar()/char() INTO TABLE made zero-length fields(Bruce) many psql, pg_dump, and libpq memory leaks fixed using Purify (Igor) Enhancements ------------ attribute optimization statistics(Bruce) much faster new btree bulk load code(Paul) BTREE UNIQUE added to bulk load code(Vadim) new lock debug code(Massimo) massive changes to libpg++(Leo) new GEQO optimizer speeds table multitable optimization(Martin) new WARN message for non-unique insert into unique key(Marc) update x=-3, no spaces, now valid(Bruce) remove case-sensitive identifier handling(Bruce,Thomas,Dan) debug backend now pretty-prints tree(Darren) new Oracle character functions(Edmund) new plaintext password functions(Dan) no such class or insufficient privilege changed to distinct messages(Dan) new ANSI timestamp function(Dan) new ANSI Time and Date types (Thomas) move large chunks of data in backend(Martin) multicolumn btree indexes(Vadim) new SET var TO value command(Martin) update transaction status on reads(Dan) new locale settings for character types(Oleg) new SEQUENCE serial number generator(Vadim) GROUP BY function now possible(Vadim) re-organize regression test(Thomas,Marc) new optimizer operation weights(Vadim) new psql \z grant/permit option(Marc) new MONEY data type(D'Arcy,Thomas) tcp socket communication speed improved(Vadim) new VACUUM option for attribute statistics, and for certain columns (Vadim) many geometric type improvements(Thomas,Keith) additional regression tests(Thomas) new datestyle variable(Thomas,Vadim,Martin) more comparison operators for sorting types(Thomas) new conversion functions(Thomas) new more compact btree format(Vadim) allow pg_dumpall to preserve database ownership(Bruce) new SET GEQO=# and R_PLANS variable(Vadim) old (!GEQO) optimizer can use right-sided plans (Vadim) typechecking improvement in SQL parser(Bruce) new SET, SHOW, RESET commands(Thomas,Vadim) new \connect database USER option new destroydb -i option (Igor) new \dt and \di psql commands (Darren) SELECT "\n" now escapes newline (A. Duursma) new geometry conversion functions from old format (Thomas) Source tree changes ------------------- new configuration script(Marc) readline configuration option added(Marc) OS-specific configuration options removed(Marc) new OS-specific template files(Marc) no more need to edit Makefile.global(Marc) re-arrange include files(Marc) nextstep patches (Gregor Hoffleit) removed Windows-specific code(Bruce) removed postmaster -e option, now only postgres -e option (Bruce) merge duplicate library code in front/backends(Martin) now works with eBones, international Kerberos(Jun) more shared library support c++ include file cleanup(Bruce) warn about buggy flex(Bruce) DG/UX, Ultrix, IRIX, AIX portability fixes __________________________________________________________________ Release 6.0 Release date: 1997-01-29 A dump/restore is required for those wishing to migrate data from previous releases of PostgreSQL. __________________________________________________________________ Migration from version 1.09 to version 6.0 This migration requires a complete dump of the 1.09 database and a restore of the database in 6.0. __________________________________________________________________ Migration from pre-1.09 to version 6.0 Those migrating from earlier 1.* releases should first upgrade to 1.09 because the COPY output format was improved from the 1.02 release. __________________________________________________________________ Changes Bug Fixes --------- ALTER TABLE bug - running postgres process needs to re-read table definition Allow vacuum to be run on one table or entire database(Bruce) Array fixes Fix array over-runs of memory writes(Kurt) Fix elusive btree range/non-range bug(Dan) Fix for hash indexes on some types like time and date Fix for pg_log size explosion Fix permissions on lo_export()(Bruce) Fix uninitialized reads of memory(Kurt) Fixed ALTER TABLE ... char(3) bug(Bruce) Fixed a few small memory leaks Fixed EXPLAIN handling of options and changed full_path option name Fixed output of group acl privileges Memory leaks (hunt and destroy with tools like Purify(Kurt) Minor improvements to rules system NOTIFY fixes New asserts for run-checking Overhauled parser/analyze code to properly report errors and increase speed Pg_dump -d now handles NULL's properly(Bruce) Prevent SELECT NULL from crashing server (Bruce) Properly report errors when INSERT ... SELECT columns did not match Properly report errors when insert column names were not correct psql \g filename now works(Bruce) psql fixed problem with multiple statements on one line with multiple outputs Removed duplicate system OIDs SELECT * INTO TABLE . GROUP/ORDER BY gives unlink error if table exists(Bruce) Several fixes for queries that crashed the backend Starting quote in insert string errors(Bruce) Submitting an empty query now returns empty status, not just " " query(Bruce) Enhancements ------------ Add EXPLAIN manual page(Bruce) Add UNIQUE index capability(Dan) Add hostname/user level access control rather than just hostname and user Add synonym of != for <>(Bruce) Allow "select oid,* from table" Allow BY,ORDER BY to specify columns by number, or by non-alias table.column(Bru ce) Allow COPY from the frontend(Bryan) Allow GROUP BY to use alias column name(Bruce) Allow actual compression, not just reuse on the same page(Vadim) Allow installation-configuration option to auto-add all local users(Bryan) Allow libpq to distinguish between text value '' and null(Bruce) Allow non-postgres users with createdb privs to destroydb's Allow restriction on who can create C functions(Bryan) Allow restriction on who can do backend COPY(Bryan) Can shrink tables, pg_time and pg_log(Vadim & Erich) Change debug level 2 to print queries only, changed debug heading layout(Bruce) Change default decimal constant representation from float4 to float8(Bruce) European date format now set when postmaster is started Execute lowercase function names if not found with exact case Fixes for aggregate/GROUP processing, allow 'select sum(func(x),sum(x+y) from z' Gist now included in the distribution(Marc) Idend authentication of local users(Bryan) Implement BETWEEN qualifier(Bruce) Implement IN qualifier(Bruce) libpq has PQgetisnull()(Bruce) libpq++ improvements New options to initdb(Bryan) Pg_dump allow dump of OIDs(Bruce) Pg_dump create indexes after tables are loaded for speed(Bruce) Pg_dumpall dumps all databases, and the user table Pginterface additions for NULL values(Bruce) Prevent postmaster from being run as root psql \h and \? is now readable(Bruce) psql allow backslashed, semicolons anywhere on the line(Bruce) psql changed command prompt for lines in query or in quotes(Bruce) psql char(3) now displays as (bp)char in \d output(Bruce) psql return code now more accurate(Bryan?) psql updated help syntax(Bruce) Re-visit and fix vacuum(Vadim) Reduce size of regression diffs, remove timezone name difference(Bruce) Remove compile-time parameters to enable binary distributions(Bryan) Reverse meaning of HBA masks(Bryan) Secure Authentication of local users(Bryan) Speed up vacuum(Vadim) Vacuum now had VERBOSE option(Bruce) Source tree changes ------------------- All functions now have prototypes that are compared against the calls Allow asserts to be disabled easily from Makefile.global(Bruce) Change oid constants used in code to #define names Decoupled sparc and solaris defines(Kurt) Gcc -Wall compiles cleanly with warnings only from unfixable constructs Major include file reorganization/reduction(Marc) Make now stops on compile failure(Bryan) Makefile restructuring(Bryan, Marc) Merge bsdi_2_1 to bsdi(Bruce) Monitor program removed Name change from Postgres95 to PostgreSQL New config.h file(Marc, Bryan) PG_VERSION now set to 6.0 and used by postmaster Portability additions, including Ultrix, DG/UX, AIX, and Solaris Reduced the number of #define's, centralized #define's Remove duplicate OIDS in system tables(Dan) Remove duplicate system catalog info or report mismatches(Dan) Removed many os-specific #define's Restructured object file generation/location(Bryan, Marc) Restructured port-specific file locations(Bryan, Marc) Unused/uninitialized variables corrected __________________________________________________________________ Release 1.09 Release date: 1996-11-04 Sorry, we didn't keep track of changes from 1.02 to 1.09. Some of the changes listed in 6.0 were actually included in the 1.02.1 to 1.09 releases. __________________________________________________________________ Release 1.02 Release date: 1996-08-01 __________________________________________________________________ Migration from version 1.02 to version 1.02.1 Here is a new migration file for 1.02.1. It includes the 'copy' change and a script to convert old ASCII files. Note: The following notes are for the benefit of users who want to migrate databases from Postgres95 1.01 and 1.02 to Postgres95 1.02.1. If you are starting afresh with Postgres95 1.02.1 and do not need to migrate old databases, you do not need to read any further. In order to upgrade older Postgres95 version 1.01 or 1.02 databases to version 1.02.1, the following steps are required: 1. Start up a new 1.02.1 postmaster 2. Add the new built-in functions and operators of 1.02.1 to 1.01 or 1.02 databases. This is done by running the new 1.02.1 server against your own 1.01 or 1.02 database and applying the queries attached at the end of the file. This can be done easily through "psql". If your 1.01 or 1.02 database is named testdb and you have cut the commands from the end of this file and saved them in "addfunc.sql": % psql testdb -f addfunc.sql Those upgrading 1.02 databases will get a warning when executing the last two statements in the file because they are already present in 1.02. This is not a cause for concern. __________________________________________________________________ Dump/Reload Procedure If you are trying to reload a pg_dump or text-mode, copy tablename to stdout generated with a previous version, you will need to run the attached "sed" script on the ASCII file before loading it into the database. The old format used '.' as end-of-data, while '\.' is now the end-of-data marker. Also, empty strings are now loaded in as '' rather than NULL. See the copy manual page for full details. sed 's/^\.$/\\./g' out_file If you are loading an older binary copy or non-stdout copy, there is no end-of-data character, and hence no conversion necessary. -- following lines added by agc to reflect the case-insensitive -- regexp searching for varchar (in 1.02), and bpchar (in 1.02.1) create operator ~* (leftarg = bpchar, rightarg = text, procedure = texticregexeq ); create operator !~* (leftarg = bpchar, rightarg = text, procedure = texticregexn e); create operator ~* (leftarg = varchar, rightarg = text, procedure = texticregexe q); create operator !~* (leftarg = varchar, rightarg = text, procedure = texticregex ne); __________________________________________________________________ Changes Source code maintenance and development * worldwide team of volunteers * the source tree now in CVS at ftp.ki.net Enhancements * psql (and underlying libpq library) now has many more options for formatting output, including HTML * pg_dump now output the schema and/or the data, with many fixes to enhance completeness. * psql used in place of monitor in administration shell scripts. monitor to be deprecated in next release. * date/time functions enhanced * NULL insert/update/comparison fixed/enhanced * TCL/TK lib and shell fixed to work with both tck7.4/tk4.0 and tcl7.5/tk4.1 Bug Fixes (almost too numerous to mention) * indexes * storage management * check for NULL pointer before dereferencing * Makefile fixes New Ports * added SolarisX86 port * added BSD/OS 2.1 port * added DG/UX port __________________________________________________________________ Release 1.01 Release date: 1996-02-23 __________________________________________________________________ Migration from version 1.0 to version 1.01 The following notes are for the benefit of users who want to migrate databases from Postgres95 1.0 to Postgres95 1.01. If you are starting afresh with Postgres95 1.01 and do not need to migrate old databases, you do not need to read any further. In order to Postgres95 version 1.01 with databases created with Postgres95 version 1.0, the following steps are required: 1. Set the definition of NAMEDATALEN in "src/Makefile.global" to 16 and OIDNAMELEN to 20. 2. Decide whether you want to use Host based authentication. a. If you do, you must create a file name pg_hba in your top-level data directory (typically the value of your $PGDATA). "src/libpq/pg_hba" shows an example syntax. b. If you do not want host-based authentication, you can comment out the line: HBA = 1 in "src/Makefile.global" Note that host-based authentication is turned on by default, and if you do not take steps A or B above, the out-of-the-box 1.01 will not allow you to connect to 1.0 databases. 3. Compile and install 1.01, but DO NOT do the "initdb" step. 4. Before doing anything else, terminate your 1.0 postmaster, and backup your existing $PGDATA directory. 5. Set your PGDATA environment variable to your 1.0 databases, but set up path up so that 1.01 binaries are being used. 6. Modify the file "$PGDATA/PG_VERSION" from 5.0 to 5.1 7. Start up a new 1.01 postmaster 8. Add the new built-in functions and operators of 1.01 to 1.0 databases. This is done by running the new 1.01 server against your own 1.0 database and applying the queries attached and saving in the file 1.0_to_1.01.sql. This can be done easily through "psql". If your 1.0 database is name testdb: % psql testdb -f 1.0_to_1.01.sql and then execute the following commands (cut and paste from here): -- add builtin functions that are new to 1.01 create function int4eqoid (int4, oid) returns bool as 'foo' language 'internal'; create function oideqint4 (oid, int4) returns bool as 'foo' language 'internal'; create function char2icregexeq (char2, text) returns bool as 'foo' language 'internal'; create function char2icregexne (char2, text) returns bool as 'foo' language 'internal'; create function char4icregexeq (char4, text) returns bool as 'foo' language 'internal'; create function char4icregexne (char4, text) returns bool as 'foo' language 'internal'; create function char8icregexeq (char8, text) returns bool as 'foo' language 'internal'; create function char8icregexne (char8, text) returns bool as 'foo' language 'internal'; create function char16icregexeq (char16, text) returns bool as 'foo' language 'internal'; create function char16icregexne (char16, text) returns bool as 'foo' language 'internal'; create function texticregexeq (text, text) returns bool as 'foo' language 'internal'; create function texticregexne (text, text) returns bool as 'foo' language 'internal'; -- add builtin functions that are new to 1.01 create operator = (leftarg = int4, rightarg = oid, procedure = int4eqoid); create operator = (leftarg = oid, rightarg = int4, procedure = oideqint4); create operator ~* (leftarg = char2, rightarg = text, procedure = char2icregexeq ); create operator !~* (leftarg = char2, rightarg = text, procedure = char2icregexn e); create operator ~* (leftarg = char4, rightarg = text, procedure = char4icregexeq ); create operator !~* (leftarg = char4, rightarg = text, procedure = char4icregexn e); create operator ~* (leftarg = char8, rightarg = text, procedure = char8icregexeq ); create operator !~* (leftarg = char8, rightarg = text, procedure = char8icregexn e); create operator ~* (leftarg = char16, rightarg = text, procedure = char16icregex eq); create operator !~* (leftarg = char16, rightarg = text, procedure = char16icrege xne); create operator ~* (leftarg = text, rightarg = text, procedure = texticregexeq); create operator !~* (leftarg = text, rightarg = text, procedure = texticregexne) ; __________________________________________________________________ Changes Incompatibilities: * 1.01 is backwards compatible with 1.0 database provided the user follow the steps outlined in the MIGRATION_from_1.0_to_1.01 file. If those steps are not taken, 1.01 is not compatible with 1.0 database. Enhancements: * added PQdisplayTuples() to libpq and changed monitor and psql to use it * added NeXT port (requires SysVIPC implementation) * added CAST .. AS ... syntax * added ASC and DESC key words * added 'internal' as a possible language for CREATE FUNCTION internal functions are C functions which have been statically linked into the postgres backend. * a new type "name" has been added for system identifiers (table names, attribute names, etc.) This replaces the old char16 type. The of name is set by the NAMEDATALEN #define in src/Makefile.global * a readable reference manual that describes the query language. * added host-based access control. A configuration file ($PGDATA/pg_hba) is used to hold the configuration data. If host-based access control is not desired, comment out HBA=1 in src/Makefile.global. * changed regex handling to be uniform use of Henry Spencer's regex code regardless of platform. The regex code is included in the distribution * added functions and operators for case-insensitive regular expressions. The operators are ~* and !~*. * pg_dump uses COPY instead of SELECT loop for better performance Bug fixes: * fixed an optimizer bug that was causing core dumps when functions calls were used in comparisons in the WHERE clause * changed all uses of getuid to geteuid so that effective uids are used * psql now returns non-zero status on errors when using -c * applied public patches 1-14 __________________________________________________________________ Release 1.0 Release date: 1995-09-05 __________________________________________________________________ Changes Copyright change: * The copyright of Postgres 1.0 has been loosened to be freely modifiable and modifiable for any purpose. Please read the COPYRIGHT file. Thanks to Professor Michael Stonebraker for making this possible. Incompatibilities: * date formats have to be MM-DD-YYYY (or DD-MM-YYYY if you're using EUROPEAN STYLE). This follows SQL-92 specs. * "delimiters" is now a key word Enhancements: * sql LIKE syntax has been added * copy command now takes an optional USING DELIMITER specification. delimiters can be any single-character string. * IRIX 5.3 port has been added. Thanks to Paul Walmsley and others. * updated pg_dump to work with new libpq * \d has been added psql Thanks to Keith Parks * regexp performance for architectures that use POSIX regex has been improved due to caching of precompiled patterns. Thanks to Alistair Crooks * a new version of libpq++ Thanks to William Wanders Bug fixes: * arbitrary userids can be specified in the createuser script * \c to connect to other databases in psql now works. * bad pg_proc entry for float4inc() is fixed * users with usecreatedb field set can now create databases without having to be usesuper * remove access control entries when the entry no longer has any privileges * fixed non-portable datetimes implementation * added kerberos flags to the src/backend/Makefile * libpq now works with kerberos * typographic errors in the user manual have been corrected. * btrees with multiple index never worked, now we tell you they don't work when you try to use them __________________________________________________________________ Postgres95 Release 0.03 Release date: 1995-07-21 __________________________________________________________________ Changes Incompatible changes: * BETA-0.3 IS INCOMPATIBLE WITH DATABASES CREATED WITH PREVIOUS VERSIONS (due to system catalog changes and indexing structure changes). * double-quote (") is deprecated as a quoting character for string literals; you need to convert them to single quotes ('). * name of aggregates (eg. int4sum) are renamed in accordance with the SQL standard (eg. sum). * CHANGE ACL syntax is replaced by GRANT/REVOKE syntax. * float literals (eg. 3.14) are now of type float4 (instead of float8 in previous releases); you might have to do typecasting if you depend on it being of type float8. If you neglect to do the typecasting and you assign a float literal to a field of type float8, you might get incorrect values stored! * LIBPQ has been totally revamped so that frontend applications can connect to multiple backends * the usesysid field in pg_user has been changed from int2 to int4 to allow wider range of Unix user ids. * the netbsd/freebsd/bsd o/s ports have been consolidated into a single BSD44_derived port. (thanks to Alistair Crooks) SQL standard-compliance (the following details changes that makes postgres95 more compliant to the SQL-92 standard): * the following SQL types are now built-in: smallint, int(eger), float, real, char(N), varchar(N), date and time. The following are aliases to existing postgres types: smallint -> int2 integer, int -> int4 float, real -> float4 char(N) and varchar(N) are implemented as truncated text types. In addition, char(N) does blank-padding. * single-quote (') is used for quoting string literals; '' (in addition to \') is supported as means of inserting a single quote in a string * SQL standard aggregate names (MAX, MIN, AVG, SUM, COUNT) are used (Also, aggregates can now be overloaded, i.e. you can define your own MAX aggregate to take in a user-defined type.) * CHANGE ACL removed. GRANT/REVOKE syntax added. - Privileges can be given to a group using the "GROUP" key word. For example: GRANT SELECT ON foobar TO GROUP my_group; The key word 'PUBLIC' is also supported to mean all users. Privileges can only be granted or revoked to one user or group at a time. "WITH GRANT OPTION" is not supported. Only class owners can change access control - The default access control is to grant users readonly access. You must explicitly grant insert/update access to users. To change this, modify the line in src/backend/utils/acl.h that defines ACL_WORLD_DEFAULT Bug fixes: * the bug where aggregates of empty tables were not run has been fixed. Now, aggregates run on empty tables will return the initial conditions of the aggregates. Thus, COUNT of an empty table will now properly return 0. MAX/MIN of an empty table will return a row of value NULL. * allow the use of \; inside the monitor * the LISTEN/NOTIFY asynchronous notification mechanism now work * NOTIFY in rule action bodies now work * hash indexes work, and access methods in general should perform better. creation of large btree indexes should be much faster. (thanks to Paul Aoki) Other changes and enhancements: * addition of an EXPLAIN statement used for explaining the query execution plan (eg. "EXPLAIN SELECT * FROM EMP" prints out the execution plan for the query). * WARN and NOTICE messages no longer have timestamps on them. To turn on timestamps of error messages, uncomment the line in src/backend/utils/elog.h: /* define ELOG_TIMESTAMPS */ * On an access control violation, the message "Either no such class or insufficient privilege" will be given. This is the same message that is returned when a class is not found. This dissuades non-privileged users from guessing the existence of privileged classes. * some additional system catalog changes have been made that are not visible to the user. libpgtcl changes: * The -oid option has been added to the "pg_result" tcl command. pg_result -oid returns oid of the last row inserted. If the last command was not an INSERT, then pg_result -oid returns "". * the large object interface is available as pg_lo* tcl commands: pg_lo_open, pg_lo_close, pg_lo_creat, etc. Portability enhancements and New Ports: * flex/lex problems have been cleared up. Now, you should be able to use flex instead of lex on any platforms. We no longer make assumptions of what lexer you use based on the platform you use. * The Linux-ELF port is now supported. Various configuration have been tested: The following configuration is known to work: kernel 1.2.10, gcc 2.6.3, libc 4.7.2, flex 2.5.2, bison 1.24 with everything in ELF format, New utilities: * ipcclean added to the distribution ipcclean usually does not need to be run, but if your backend crashes and leaves shared memory segments hanging around, ipcclean will clean them up for you. New documentation: * the user manual has been revised and libpq documentation added. __________________________________________________________________ Postgres95 Release 0.02 Release date: 1995-05-25 __________________________________________________________________ Changes Incompatible changes: * The SQL statement for creating a database is 'CREATE DATABASE' instead of 'CREATEDB'. Similarly, dropping a database is 'DROP DATABASE' instead of 'DESTROYDB'. However, the names of the executables 'createdb' and 'destroydb' remain the same. New tools: * pgperl - a Perl (4.036) interface to Postgres95 * pg_dump - a utility for dumping out a postgres database into a script file containing query commands. The script files are in a ASCII format and can be used to reconstruct the database, even on other machines and other architectures. (Also good for converting a Postgres 4.2 database to Postgres95 database.) The following ports have been incorporated into postgres95-beta-0.02: * the NetBSD port by Alistair Crooks * the AIX port by Mike Tung * the Windows NT port by Jon Forrest (more stuff but not done yet) * the Linux ELF port by Brian Gallew The following bugs have been fixed in postgres95-beta-0.02: * new lines not escaped in COPY OUT and problem with COPY OUT when first attribute is a '.' * cannot type return to use the default user id in createuser * SELECT DISTINCT on big tables crashes * Linux installation problems * monitor doesn't allow use of 'localhost' as PGHOST * psql core dumps when doing \c or \l * the "pgtclsh" target missing from src/bin/pgtclsh/Makefile * libpgtcl has a hard-wired default port number * SELECT DISTINCT INTO TABLE hangs * CREATE TYPE doesn't accept 'variable' as the internallength * wrong result using more than 1 aggregate in a SELECT __________________________________________________________________ Postgres95 Release 0.01 Release date: 1995-05-01 Initial release.