This page in other versions: 9.0 / 9.1 / 9.2 / 9.3  |  Development versions: devel / 9.4  |  Unsupported versions: 7.4 / 8.0 / 8.1 / 8.2 / 8.3 / 8.4

E.188. Release 7.4.16

Release Date: 2007-02-05

This release contains a variety of fixes from 7.4.15, including a security fix. For information about new features in the 7.4 major release, see Section E.204.

E.188.1. Migration to Version 7.4.16

A dump/restore is not required for those running 7.4.X. However, if you are upgrading from a version earlier than 7.4.11, see Section E.193.

E.188.2. Changes

  • Remove security vulnerability that allowed connected users to read backend memory (Tom)

    The vulnerability involves suppressing the normal check that a SQL function returns the data type it's declared to, or changing the data type of a table column used in a SQL function (CVE-2007-0555). This error can easily be exploited to cause a backend crash, and in principle might be used to read database content that the user should not be able to access.

  • Fix rare bug wherein btree index page splits could fail due to choosing an infeasible split point (Heikki Linnakangas)

  • Fix for rare Assert() crash triggered by UNION (Tom)

  • Tighten security of multi-byte character processing for UTF8 sequences over three bytes long (Tom)

Privacy Policy | About PostgreSQL
Copyright © 1996-2014 The PostgreSQL Global Development Group