| Server IP : 104.21.25.180 / Your IP : 162.159.115.42 Web Server : Apache/2.4.37 System : Linux almalinux.duckdns.org 4.18.0-553.111.1.el8_10.x86_64 #1 SMP Sun Mar 8 20:06:07 EDT 2026 x86_64 User : ricodeal ( 1046) PHP Version : 7.4.33 Disable Function : NONE MySQL : OFF | cURL : ON | WGET : ON | Perl : ON | Python : ON | Sudo : ON | Pkexec : ON Directory : /usr/share/doc/postgresql-docs/html/ |
Upload File : |
<?xml version="1.0" encoding="UTF-8" standalone="no"?>
<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd"><html xmlns="http://www.w3.org/1999/xhtml"><head><meta http-equiv="Content-Type" content="text/html; charset=UTF-8" /><title>E.5. Release 10.19</title><link rel="stylesheet" type="text/css" href="stylesheet.css" /><link rev="made" href="[email protected]" /><meta name="generator" content="DocBook XSL Stylesheets Vsnapshot" /><link rel="prev" href="release-10-20.html" title="E.4. Release 10.20" /><link rel="next" href="release-10-18.html" title="E.6. Release 10.18" /></head><body><div xmlns="http://www.w3.org/TR/xhtml1/transitional" class="navheader"><table width="100%" summary="Navigation header"><tr><th colspan="5" align="center">E.5. Release 10.19</th></tr><tr><td width="10%" align="left"><a accesskey="p" href="release-10-20.html" title="E.4. Release 10.20">Prev</a> </td><td width="10%" align="left"><a accesskey="u" href="release.html" title="Appendix E. Release Notes">Up</a></td><th width="60%" align="center">Appendix E. Release Notes</th><td width="10%" align="right"><a accesskey="h" href="index.html" title="PostgreSQL 10.23 Documentation">Home</a></td><td width="10%" align="right"> <a accesskey="n" href="release-10-18.html" title="E.6. Release 10.18">Next</a></td></tr></table><hr></hr></div><div class="sect1" id="RELEASE-10-19"><div class="titlepage"><div><div><h2 class="title" style="clear: both">E.5. Release 10.19</h2></div></div></div><div class="toc"><dl class="toc"><dt><span class="sect2"><a href="release-10-19.html#id-1.11.6.9.4">E.5.1. Migration to Version 10.19</a></span></dt><dt><span class="sect2"><a href="release-10-19.html#id-1.11.6.9.5">E.5.2. Changes</a></span></dt></dl></div><p><strong>Release date: </strong>2021-11-11</p><p> This release contains a variety of fixes from 10.18.
For information about new features in major release 10, see
<a class="xref" href="release-10.html" title="E.24. Release 10">Section E.24</a>.
</p><div class="sect2" id="id-1.11.6.9.4"><div class="titlepage"><div><div><h3 class="title">E.5.1. Migration to Version 10.19</h3></div></div></div><p> A dump/restore is not required for those running 10.X.
</p><p> However, note that installations using physical replication should
update standby servers before the primary server, as explained in
the third changelog entry below.
</p><p> Also, several bugs have been found that may have resulted in corrupted
indexes, as explained in the next several changelog entries. If any
of those cases apply to you, it's recommended to reindex
possibly-affected indexes after updating.
</p><p> Also, if you are upgrading from a version earlier than 10.16,
see <a class="xref" href="release-10-16.html" title="E.8. Release 10.16">Section E.8</a>.
</p></div><div class="sect2" id="id-1.11.6.9.5"><div class="titlepage"><div><div><h3 class="title">E.5.2. Changes</h3></div></div></div><div class="itemizedlist"><ul class="itemizedlist" style="list-style-type: disc; "><li class="listitem"><p> Make the server reject extraneous data after an SSL or GSS
encryption handshake (Tom Lane)
</p><p> A man-in-the-middle with the ability to inject data into the TCP
connection could stuff some cleartext data into the start of a
supposedly encryption-protected database session.
This could be abused to send faked SQL commands to the server,
although that would only work if the server did not demand any
authentication data. (However, a server relying on SSL certificate
authentication might well not do so.)
</p><p> The <span class="productname">PostgreSQL</span> Project thanks
Jacob Champion for reporting this problem.
(CVE-2021-23214)
</p></li><li class="listitem"><p> Make <span class="application">libpq</span> reject extraneous data after
an SSL or GSS encryption handshake (Tom Lane)
</p><p> A man-in-the-middle with the ability to inject data into the TCP
connection could stuff some cleartext data into the start of a
supposedly encryption-protected database session.
This could probably be abused to inject faked responses to the
client's first few queries, although other details of libpq's
behavior make that harder than it sounds. A different line of
attack is to exfiltrate the client's password, or other sensitive
data that might be sent early in the session. That has been shown
to be possible with a server vulnerable to CVE-2021-23214.
</p><p> The <span class="productname">PostgreSQL</span> Project thanks
Jacob Champion for reporting this problem.
(CVE-2021-23222)
</p></li><li class="listitem"><p> Fix physical replication for cases where the primary crashes
after shipping a WAL segment that ends with a partial WAL record
(Álvaro Herrera)
</p><p> If the primary did not survive long enough to finish writing the
rest of the incomplete WAL record, then the previous crash-recovery
logic had it back up and overwrite WAL starting from the beginning
of the incomplete WAL record. This is problematic since standby
servers may already have copies of that WAL segment. They will then
see an inconsistent next segment, and will not be able to recover
without manual intervention. To fix, do not back up over a WAL
segment boundary when restarting after a crash. Instead write a new
type of WAL record at the start of the next WAL segment, informing
readers that the incomplete WAL record will never be finished and
must be disregarded.
</p><p> When applying this update, it's best to update standby servers
before the primary, so that they will be ready to handle this new
WAL record type if the primary happens to crash.
</p></li><li class="listitem"><p> Fix <code class="command">CREATE INDEX CONCURRENTLY</code> to wait for
the latest prepared transactions (Andrey Borodin)
</p><p> Rows inserted by just-prepared transactions might be omitted from
the new index, causing queries relying on the index to miss such
rows. The previous fix for this type of problem failed to account
for <code class="command">PREPARE TRANSACTION</code> commands that were still
in progress when <code class="command">CREATE INDEX CONCURRENTLY</code>
checked for them. As before, in installations that have enabled
prepared transactions (<code class="varname">max_prepared_transactions</code>
> 0), it's recommended to reindex any concurrently-built indexes
in case this problem occurred when they were built.
</p></li><li class="listitem"><p> Avoid race condition that can cause backends to fail to add entries
for new rows to an index being built concurrently (Noah Misch,
Andrey Borodin)
</p><p> While it's apparently rare in the field, this case could potentially
affect any index built or reindexed with
the <code class="literal">CONCURRENTLY</code> option. It is recommended to
reindex any such indexes to make sure they are correct.
</p></li><li class="listitem"><p> Fix <code class="type">float4</code> and <code class="type">float8</code> hash functions to
produce uniform results for NaNs (Tom Lane)
</p><p> Since <span class="productname">PostgreSQL</span>'s floating-point types
deem all NaNs to be equal, it's important for the hash functions to
produce the same hash code for all bit-patterns that are NaNs
according to the IEEE 754 standard. This failed to happen before,
meaning that hash indexes and hash-based query plans might produce
incorrect results for non-canonical NaN values.
(<code class="literal">'-NaN'::float8</code> is one way to produce such a
value on most machines.) It is advisable to reindex hash indexes
on floating-point columns, if there is any possibility that they
might contain such values.
</p></li><li class="listitem"><p> Prevent data loss during crash recovery of <code class="command">CREATE
TABLESPACE</code>, when <code class="varname">wal_level</code>
= <code class="literal">minimal</code> (Noah Misch)
</p><p> If the server crashed between <code class="command">CREATE TABLESPACE</code>
and the next checkpoint, replay would fully remove the contents of
the new tablespace's directory, relying on subsequent WAL replay
to restore everything within that directory. This interacts badly
with optimizations that skip writing WAL (one example
is <code class="command">COPY</code> into a just-created table). Such
optimizations are applied only when <code class="varname">wal_level</code>
is <code class="literal">minimal</code>, which is not the default in v10 and
later.
</p></li><li class="listitem"><p> Ensure that the relation cache is invalidated for a table being
attached to or detached from a partitioned table (Amit Langote,
Álvaro Herrera)
</p><p> This oversight could allow misbehavior of subsequent inserts/updates
addressed directly to the partition, but only in currently-existing
sessions.
</p></li><li class="listitem"><p> Ensure that the relation cache is invalidated when creating or
dropping a <code class="literal">FOR ALL TABLES</code> publication
(Hou Zhijie, Vignesh C)
</p><p> This oversight could lead to improper replication behavior until all
currently-existing sessions have exited.
</p></li><li class="listitem"><p> Don't discard a cast to the same type with unspecified type modifier
(Tom Lane)
</p><p> For example, if column <code class="literal">f1</code> is of
type <code class="literal">numeric(18,3)</code>, the parser used to simply
discard a cast like <code class="literal">f1::numeric</code>, on the grounds
that it would have no run-time effect. That's true, but the exposed
type of the expression should still be considered to be
plain <code class="literal">numeric</code>,
not <code class="literal">numeric(18,3)</code>. This is important for
correctly resolving the type of larger constructs, such
as recursive <code class="literal">UNION</code>s.
</p></li><li class="listitem"><p> Disallow creating an ICU collation if the current database's
encoding won't support it (Tom Lane)
</p><p> Previously this was allowed, but then the collation could not be
referenced because of the way collation lookup works; you could not
use the collation, nor even drop it.
</p></li><li class="listitem"><p> Fix corner-case loss of precision in
numeric <code class="function">power()</code> (Dean Rasheed)
</p><p> The result could be inaccurate when the first argument is very close
to 1.
</p></li><li class="listitem"><p> Avoid regular expression errors with capturing parentheses
inside <code class="literal">{0}</code> (Tom Lane)
</p><p> Regular expressions like <code class="literal">(.){0}...\1</code> drew
<span class="quote">“<span class="quote">invalid backreference number</span>”</span>. Other regexp engines
such as Perl don't complain, though, and for that matter ours
doesn't either in some closely related cases. Worse, it could throw
an assertion failure instead. Fix it so that no error is thrown and
instead the back-reference is silently deemed to never match.
</p></li><li class="listitem"><p> Prevent regular expression back-references from sometimes matching
when they shouldn't (Tom Lane)
</p><p> The regexp engine was careless about clearing match data
for capturing parentheses after rejecting a partial match. This
could allow a later back-reference to match in places where it
should fail for lack of a defined referent.
</p></li><li class="listitem"><p> Fix regular expression performance bug with back-references inside
iteration nodes (Tom Lane)
</p><p> Incorrect back-tracking logic could result in exponential time spent
looking for a match. Fortunately the problem is masked in most
cases by other optimizations.
</p></li><li class="listitem"><p> Fix incorrect results from <code class="literal">AT TIME ZONE</code> applied
to a <code class="type">time with time zone</code> value (Tom Lane)
</p><p> The results were incorrect if the target time zone was specified by
a dynamic timezone abbreviation (that is, one that is defined as
equivalent to a full time zone name, rather than a fixed UTC offset).
</p></li><li class="listitem"><p> Avoid using MCV-only statistics to estimate the range of a column
(Tom Lane)
</p><p> There are corner cases in which <code class="command">ANALYZE</code> will
build a most-common-values (MCV) list but not a histogram, even
though the MCV list does not account for all the observed values.
In such cases, keep the planner from using the MCV list alone to
estimate the range of column values.
</p></li><li class="listitem"><p> Clean up correctly if a transaction fails after exporting its
snapshot (Dilip Kumar)
</p><p> This oversight would only cause a problem if the same session
attempted to export a snapshot again. The most likely scenario for
that is creation of a replication slot (followed by rollback)
and then creation of another replication slot.
</p></li><li class="listitem"><p> Prevent wraparound of overflowed-subtransaction tracking on standby
servers (Kyotaro Horiguchi, Alexander Korotkov)
</p><p> This oversight could cause significant performance degradation
(manifesting as excessive SubtransSLRU traffic) on standby servers.
</p></li><li class="listitem"><p> Ensure that prepared transactions are properly accounted for during
promotion of a standby server (Michael Paquier, Andres Freund)
</p><p> There was a narrow window where a prepared transaction could be
omitted from a snapshot taken by a concurrently-running session.
If that session then used the snapshot to perform data updates,
erroneous results or data corruption could occur.
</p></li><li class="listitem"><p> Fix detection of a relation that has grown to the maximum allowed
length (Tom Lane)
</p><p> An attempt to extend a table or index past the limit of 2^32-1
blocks was rejected, but not soon enough to prevent inconsistent
internal state from being created.
</p></li><li class="listitem"><p> Correctly track the presence of data-modifying CTEs when expanding
a <code class="literal">DO INSTEAD</code> rule (Greg Nancarrow, Tom Lane)
</p><p> The previous failure to do this could lead to problems such as
unsafely choosing a parallel plan.
</p></li><li class="listitem"><p> Fix incorrect reporting of permissions failures on extended
statistics objects (Tomas Vondra)
</p><p> The code typically produced <span class="quote">“<span class="quote">cache lookup error</span>”</span> rather
than the intended message.
</p></li><li class="listitem"><p> Fix incorrect snapshot handling in parallel workers (Greg Nancarrow)
</p><p> This oversight could lead to misbehavior in parallel queries if the
transaction isolation level is less than <code class="literal">REPEATABLE
READ</code>.
</p></li><li class="listitem"><p> Ensure that walreceiver processes create all required archive
notification files before exiting (Fujii Masao)
</p><p> If a walreceiver exited exactly at a WAL segment boundary, it failed
to make a notification file for the last-received segment, thus
delaying archiving of that segment on the standby.
</p></li><li class="listitem"><p> Avoid trying to lock the <code class="literal">OLD</code>
and <code class="literal">NEW</code> pseudo-relations in a rule
that uses <code class="literal">SELECT FOR UPDATE</code>
(Masahiko Sawada, Tom Lane)
</p></li><li class="listitem"><p> Fix parser's processing of aggregate <code class="literal">FILTER</code>
clauses (Tom Lane)
</p><p> If the <code class="literal">FILTER</code> expression is a plain boolean column,
the semantic level of the aggregate could be mis-determined, leading
to not-per-spec behavior. If the <code class="literal">FILTER</code>
expression is itself a boolean-returning aggregate, an error should
be thrown but was not, likely resulting in a crash at execution.
</p></li><li class="listitem"><p> Avoid null-pointer-dereference crash when dropping a role that owns
objects being dropped concurrently (Álvaro Herrera)
</p></li><li class="listitem"><p> Prevent <span class="quote">“<span class="quote">snapshot reference leak</span>”</span> warning
when <code class="function">lo_export()</code> or a related function fails
(Heikki Linnakangas)
</p></li><li class="listitem"><p> Ensure that scans of SP-GiST indexes are counted in the statistics
views (Tom Lane)
</p><p> Incrementing the number-of-index-scans counter was overlooked in the
SP-GiST code, although per-tuple counters were advanced correctly.
</p></li><li class="listitem"><p> Recalculate relevant wait intervals
if <code class="varname">recovery_min_apply_delay</code> is changed during
recovery (Soumyadeep Chakraborty, Ashwin Agrawal)
</p></li><li class="listitem"><p> Fix infinite loop if a <code class="filename">simplehash.h</code> hash table
reaches 2^32 elements (Yura Sokolov)
</p><p> It seems unlikely that this bug has been hit in practice, as it
would require <code class="varname">work_mem</code> settings of hundreds of
gigabytes for existing uses of <code class="filename">simplehash.h</code>.
</p></li><li class="listitem"><p> Reduce memory consumption during calculation of extended statistics
(Justin Pryzby, Tomas Vondra)
</p></li><li class="listitem"><p> Fix <span class="application">ecpg</span> to recover correctly
after <code class="function">malloc()</code> failure while establishing a
connection (Michael Paquier)
</p></li><li class="listitem"><p> Allow <code class="literal">EXIT</code> out of the outermost block in a
PL/pgSQL routine (Tom Lane)
</p><p> If the routine does not require an explicit <code class="literal">RETURN</code>,
this usage should be valid, but it was rejected.
</p></li><li class="listitem"><p> Remove <span class="application">pg_ctl</span>'s hard-coded limits on the
total length of generated commands (Phil Krylov)
</p><p> For example, this removes a restriction on how many command-line
options can be passed through to the postmaster. Individual path
names that <span class="application">pg_ctl</span> deals with, such as the
postmaster executable's name or the data directory name, are still
limited to <code class="literal">MAXPGPATH</code> bytes in most cases.
</p></li><li class="listitem"><p> Fix <span class="application">pg_dump</span> to dump non-global default
privileges correctly (Neil Chen, Masahiko Sawada)
</p><p> If a global (unrestricted) <code class="command">ALTER DEFAULT
PRIVILEGES</code> command revoked some present-by-default
privilege, for example <code class="literal">EXECUTE</code> for functions, and
then a restricted <code class="command">ALTER DEFAULT PRIVILEGES</code>
command granted that privilege again for a selected role or
schema, <span class="application">pg_dump</span> failed to dump the
restricted privilege grant correctly.
</p></li><li class="listitem"><p> Make <span class="application">pg_dump</span> acquire shared lock on
partitioned tables that are to be dumped (Tom Lane)
</p><p> This oversight was usually pretty harmless, since
once <span class="application">pg_dump</span> has locked any of the leaf
partitions, that would suffice to prevent significant DDL on the
partitioned table itself. However problems could ensue when dumping
a childless partitioned table, since no relevant lock would be held.
</p></li><li class="listitem"><p> Improve <span class="application">pg_dump</span>'s performance by avoiding
making per-table queries for RLS policies, and by avoiding repetitive
calls to <code class="function">format_type()</code> (Tom Lane)
</p><p> These changes provide only marginal improvement when dumping from a
local server, but a dump from a remote server can benefit
substantially due to fewer network round-trips.
</p></li><li class="listitem"><p> Fix incorrect filename in <span class="application">pg_restore</span>'s
error message about an invalid large object TOC file (Daniel
Gustafsson)
</p></li><li class="listitem"><p> Fix failure of <code class="filename">contrib/btree_gin</code> indexes
on <code class="type">"char"</code>
(not <code class="type">char(<em class="replaceable"><code>n</code></em>)</code>) columns,
when an indexscan using the <code class="literal"><</code>
or <code class="literal"><=</code> operator is performed (Tom Lane)
</p><p> Such an indexscan failed to return all the entries it should.
</p></li><li class="listitem"><p> Change <code class="filename">contrib/pg_stat_statements</code> to read
its <span class="quote">“<span class="quote">query texts</span>”</span> file in units of at most 1GB
(Tom Lane)
</p><p> Such large query text files are very unusual, but if they do occur,
the previous coding would fail on Windows 64 (which rejects
individual read requests of more than 2GB).
</p></li><li class="listitem"><p> Fix null-pointer crash
when <code class="filename">contrib/postgres_fdw</code> tries to report a
data conversion error (Tom Lane)
</p></li><li class="listitem"><p> Add spinlock support for the RISC-V architecture (Marek Szuba)
</p><p> This is essential for reasonable performance on that platform.
</p></li><li class="listitem"><p> Support OpenSSL 3.0.0
(Peter Eisentraut, Daniel Gustafsson, Michael Paquier)
</p></li><li class="listitem"><p> Set correct type identifier on OpenSSL BIO (I/O abstraction)
objects created by <span class="productname">PostgreSQL</span>
(Itamar Gafni)
</p><p> This oversight probably only matters for code that is doing
tasks like auditing the OpenSSL installation. But it's
nominally a violation of the OpenSSL API, so fix it.
</p></li><li class="listitem"><p> Make <code class="function">pg_regexec()</code> robust against an
out-of-range <em class="replaceable"><code>search_start</code></em> parameter
(Tom Lane)
</p><p> Return <code class="literal">REG_NOMATCH</code>, instead of possibly crashing,
when <em class="replaceable"><code>search_start</code></em> is past the end of the
string. This case is probably unreachable within
core <span class="productname">PostgreSQL</span>, but extensions might be
more careless about the parameter value.
</p></li><li class="listitem"><p> Ensure that <code class="function">GetSharedSecurityLabel()</code> can be
used in a newly-started session that has not yet built its critical
relation cache entries (Jeff Davis)
</p></li><li class="listitem"><p> Use the CLDR project's data to map Windows time zone names to IANA
time zones (Tom Lane)
</p><p> When running on Windows, <span class="application">initdb</span> attempts
to set the new cluster's <code class="varname">timezone</code> parameter to
the IANA time zone matching the system's prevailing time zone.
We were using a mapping table that we'd generated years ago and
updated only fitfully; unsurprisingly, it contained a number of
errors as well as omissions of recently-added zones. It turns out
that CLDR has been tracking the most appropriate mappings, so start
using their data. This change will not affect any existing
installation, only newly-initialized clusters.
</p></li><li class="listitem"><p> Update time zone data files to <span class="application">tzdata</span>
release 2021e for DST law changes in Fiji, Jordan, Palestine, and
Samoa, plus historical corrections for Barbados, Cook Islands,
Guyana, Niue, Portugal, and Tonga.
</p><p> Also, the Pacific/Enderbury zone has been renamed to Pacific/Kanton.
Also, the following zones have been merged into nearby, more-populous
zones whose clocks have agreed with them since 1970: Africa/Accra,
America/Atikokan, America/Blanc-Sablon, America/Creston,
America/Curacao, America/Nassau, America/Port_of_Spain,
Antarctica/DumontDUrville, and Antarctica/Syowa.
In all these cases, the previous zone name remains as an alias.
</p></li></ul></div></div></div><div xmlns="http://www.w3.org/TR/xhtml1/transitional" class="navfooter"><hr></hr><table width="100%" summary="Navigation footer"><tr><td width="40%" align="left"><a accesskey="p" href="release-10-20.html" title="E.4. Release 10.20">Prev</a> </td><td width="20%" align="center"><a accesskey="u" href="release.html" title="Appendix E. Release Notes">Up</a></td><td width="40%" align="right"> <a accesskey="n" href="release-10-18.html" title="E.6. Release 10.18">Next</a></td></tr><tr><td width="40%" align="left" valign="top">E.4. Release 10.20 </td><td width="20%" align="center"><a accesskey="h" href="index.html" title="PostgreSQL 10.23 Documentation">Home</a></td><td width="40%" align="right" valign="top"> E.6. Release 10.18</td></tr></table></div></body></html>