This page in other versions: 9.1 / 9.2 / 9.3 / 9.4 / 9.5 / current (9.6)  |  Development versions: devel  |  Unsupported versions: 8.0 / 8.1 / 8.2 / 8.3 / 8.4 / 9.0

E.178. Release 8.0.11

Release Date: 2007-02-05

This release contains a variety of fixes from 8.0.10, including a security fix. For information about new features in the 8.0 major release, see Section E.189.

E.178.1. Migration to Version 8.0.11

A dump/restore is not required for those running 8.0.X. However, if you are upgrading from a version earlier than 8.0.6, see Section E.183.

E.178.2. Changes

  • Remove security vulnerabilities that allowed connected users to read backend memory (Tom)

    The vulnerabilities involve suppressing the normal check that a SQL function returns the data type it's declared to, and changing the data type of a table column (CVE-2007-0555, CVE-2007-0556). These errors can easily be exploited to cause a backend crash, and in principle might be used to read database content that the user should not be able to access.

  • Fix rare bug wherein btree index page splits could fail due to choosing an infeasible split point (Heikki Linnakangas)

  • Fix for rare Assert() crash triggered by UNION (Tom)

  • Tighten security of multi-byte character processing for UTF8 sequences over three bytes long (Tom)

Submit correction

If you see anything in the documentation that is not correct, does not match your experience with the particular feature or requires further clarification, please use this form to report a documentation issue.

Privacy Policy | About PostgreSQL
Copyright © 1996-2016 The PostgreSQL Global Development Group