Release Date: 2007-02-05
This release contains a variety of fixes from 8.1.6, including a security fix. For information about new features in the 8.1 major release, see Section E.140.
A dump/restore is not required for those running 8.1.X. However, if you are upgrading from a version earlier than 8.1.2, see Section E.138.
Remove security vulnerabilities that allowed connected users to read backend memory (Tom)
The vulnerabilities involve suppressing the normal check that a SQL function returns the data type it's declared to, and changing the data type of a table column (CVE-2007-0555, CVE-2007-0556). These errors can easily be exploited to cause a backend crash, and in principle might be used to read database content that the user should not be able to access.
Fix rare bug wherein btree index page splits could fail due to choosing an infeasible split point (Heikki Linnakangas)
Improve VACUUM performance for databases with many tables (Tom)
Fix autovacuum to avoid leaving non-permanent transaction IDs in non-connectable databases (Alvaro)
This bug affects the 8.1 branch only.
Fix for rare Assert() crash triggered by UNION (Tom)
Tighten security of multi-byte character processing for UTF8 sequences over three bytes long (Tom)
Fix bogus "permission denied" failures occurring on Windows due to attempts to fsync already-deleted files (Magnus, Tom)
Fix possible crashes when an already-in-use PL/pgSQL function is updated (Tom)
Please use this form to add your own comments regarding your experience with particular features of PostgreSQL, clarifications of the documentation, or hints for other users. Please note, this is not a support forum, and your IP address will be logged. If you have a question or need help, please see the faq, try a mailing list, or join us on IRC. Note that submissions containing URLs or other keywords commonly found in 'spam' comments may be silently discarded. Please contact the webmaster if you think this is happening to you in error.
Proceed to the comment form.