E.225. Release 8.2.4
Release date: 2007-04-23
This release contains a variety of fixes from 8.2.3, including a security fix. For information about new features in the 8.2 major release, see Section E.229 .
E.225.1. Migration to Version 8.2.4
A dump/restore is not required for those running 8.2.X.
E.225.2. Changes
-
Support explicit placement of the temporary-table schema within
search_path
, and disable searching it for functions and operators (Tom)This is needed to allow a security-definer function to set a truly secure value of
search_path
. Without it, an unprivileged SQL user can use temporary objects to execute code with the privileges of the security-definer function (CVE-2007-2138). SeeCREATE FUNCTION
for more information. -
Fix
shared_preload_libraries
for Windows by forcing reload in each backend (Korry Douglas) -
Fix
to_char()
so it properly upper/lower cases localized day or month names (Pavel Stehule) -
/contrib/tsearch2
crash fixes (Teodor) -
Require
COMMIT PREPARED
to be executed in the same database as the transaction was prepared in (Heikki) -
Allow
pg_dump
to do binary backups larger than two gigabytes on Windows (Magnus) -
New traditional (Taiwan) Chinese FAQ (Zhou Daojing)
-
Prevent the statistics collector from writing to disk too frequently (Tom)
-
Fix potential-data-corruption bug in how
VACUUM FULL
handlesUPDATE
chains (Tom, Pavan Deolasee) -
Fix bug in domains that use array types (Tom)
-
Fix
pg_dump
so it can dump a serial column's sequence using-t
when not also dumping the owning table (Tom) -
Planner fixes, including improving outer join and bitmap scan selection logic (Tom)
-
Fix possible wrong answers or crash when a PL/pgSQL function tries to
RETURN
from within anEXCEPTION
block (Tom) -
Fix PANIC during enlargement of a hash index (Tom)
-
Fix POSIX-style timezone specs to follow new USA DST rules (Tom)