Navigation :

E.1. Release 14.17

E.1. Release 14.17
Prev Up Appendix E. Release Notes Home Next
E.1.1. Migration to Version 14.17
E.1.2. Changes

Release date: 2025-02-20

This release contains a few fixes from 14.16. For information about new features in major release 14, see Section E.18 .

E.1.1. Migration to Version 14.17

A dump/restore is not required for those running 14.X.

However, if you are upgrading from a version earlier than 14.14, see Section E.4 .

E.1.2. Changes

  • Improve behavior of libpq 's quoting functions (Andres Freund, Tom Lane) § § §

    The changes made for CVE-2025-1094 had one serious oversight: PQescapeLiteral() and PQescapeIdentifier() failed to honor their string length parameter, instead always reading to the input string's trailing null. This resulted in including unwanted text in the output, if the caller intended to truncate the string via the length parameter. With very bad luck it could cause a crash due to reading off the end of memory.

    In addition, modify all these quoting functions so that when invalid encoding is detected, an invalid sequence is substituted for just the first byte of the presumed character, not all of it. This reduces the risk of problems if a calling application performs additional processing on the quoted string.

  • Fix crash involving triggers on partitioned tables that make use of transition tables (Kyotaro Horiguchi) §

    If there are both AFTER UPDATE and AFTER DELETE triggers, the need for transition tables was determined incorrectly, leading to a crash during cross-partition updates.

Prev Up Next
Appendix E. Release Notes Home E.2. Release 14.16