PostgreSQL 2009-03-16 Security Update

Posted on 2009-03-17

The PostgreSQL Project today released minor versions updating all active branches of the PostgreSQL object-relational database system, including versions 8.3.7, 8.2.13, 8.1.17, 8.0.21 and 7.4.25. This release fixes a denial of service issue with encoding conversion, and all users should update their installations at the next reasonable opportunity.

There are 12 other minor fixes contained in these update releases, including fixes for xpath() functions in version 8.3. See the release notes for full details.

As with other minor releases, users are not required to dump and reload their database in order to apply this update release; you may simply shut down PostgreSQL and update its binaries. Users skipping more than one update may need to check the release notes for extra, post-update steps.

Note: As previously announced, only versions 8.2.13 and 8.3.7 of the Windows binaries are being released, as we no longer support 8.0 and 8.1 on Windows.

This post has been migrated from a previous version of the PostgreSQL website. We apologise for any formatting issues caused by the migration.