Release date: 2010-05-17
This release contains a variety of fixes from 8.2.16. For information about new features in the 8.2 major release, see Section E.212.
A dump/restore is not required for those running 8.2.X. However, if you are upgrading from a version earlier than 8.2.14, see Section E.198.
Enforce restrictions in plperl
using an opmask applied to the whole interpreter, instead of using
Safe.pm
(Tim Bunce, Andrew
Dunstan)
Recent developments have convinced us that Safe.pm
is too insecure to rely on for making
plperl
trustable. This change removes
use of Safe.pm
altogether, in favor
of using a separate interpreter with an opcode mask that is always
applied. Pleasant side effects of the change include that it is now
possible to use Perl's strict
pragma
in a natural way in plperl
, and that
Perl's $a
and $b
variables work as expected in sort routines,
and that function compilation is significantly faster.
(CVE-2010-1169)
Prevent PL/Tcl from executing untrustworthy code from
pltcl_modules
(Tom)
PL/Tcl's feature for autoloading Tcl code from a database table
could be exploited for trojan-horse attacks, because there was no
restriction on who could create or insert into that table. This
change disables the feature unless pltcl_modules
is owned by a superuser.
(However, the permissions on the table are not checked, so
installations that really need a less-than-secure modules table can
still grant suitable privileges to trusted non-superusers.) Also,
prevent loading code into the unrestricted “normal” Tcl interpreter
unless we are really going to execute a pltclu
function. (CVE-2010-1170)
Fix possible crash if a cache reset message is received during rebuild of a relcache entry (Heikki)
This error was introduced in 8.2.16 while fixing a related failure.
Do not allow an unprivileged user to reset superuser-only parameter settings (Alvaro)
Previously, if an unprivileged user ran ALTER USER ... RESET ALL
for himself, or
ALTER DATABASE ... RESET ALL
for a
database he owns, this would remove all special parameter settings
for the user or database, even ones that are only supposed to be
changeable by a superuser. Now, the ALTER
will only remove the parameters that the
user has permission to change.
Avoid possible crash during backend shutdown if shutdown occurs
when a CONTEXT
addition would be made
to log entries (Tom)
In some cases the context-printing function would fail because the current transaction had already been rolled back when it came time to print a log message.
Update PL/Perl's ppport.h
for
modern Perl versions (Andrew)
Fix assorted memory leaks in PL/Python (Andreas Freund, Tom)
Prevent infinite recursion in psql when expanding a variable that refers to itself (Tom)
Fix psql's \copy
to not add spaces around a dot within
\copy (select ...)
(Tom)
Addition of spaces around the decimal point in a numeric literal would result in a syntax error.
Ensure that contrib/pgstattuple
functions respond to cancel interrupts promptly (Tatsuhito
Kasahara)
Make server startup deal properly with the case that
shmget()
returns EINVAL
for an existing shared memory segment
(Tom)
This behavior has been observed on BSD-derived kernels including macOS. It resulted in an entirely-misleading startup failure complaining that the shared memory request size was too large.
Avoid possible crashes in syslogger process on Windows (Heikki)
Deal more robustly with incomplete time zone information in the Windows registry (Magnus)
Update the set of known Windows time zone names (Magnus)
Update time zone data files to tzdata release 2010j for DST law changes in Argentina, Australian Antarctic, Bangladesh, Mexico, Morocco, Pakistan, Palestine, Russia, Syria, Tunisia; also historical corrections for Taiwan.
Also, add PKST
(Pakistan Summer
Time) to the default set of timezone abbreviations.
If you see anything in the documentation that is not correct, does not match your experience with the particular feature or requires further clarification, please use this form to report a documentation issue.