Skip to content
Snippets Groups Projects
release-9.2.sgml 310 KiB
Newer Older

    <listitem>
     <para>
      Fix possible deadlock during parallel restore of a schema-only dump
      (Robert Haas, Tom Lane)
     </para>
    </listitem>

    <listitem>
     <para>
      Fix core dump in <literal>pg_dump --binary-upgrade</> on zero-column
      composite type (Rushabh Lathia)
     </para>
    </listitem>

    <listitem>
     <para>
      Prevent WAL files created by <literal>pg_basebackup -x/-X</> from
      being archived again when the standby is promoted (Andres Freund)
     </para>
    </listitem>

    <listitem>
     <para>
      Fix failure of <filename>contrib/auto_explain</> to print per-node
      timing information when doing <command>EXPLAIN ANALYZE</> (Tom Lane)
     </para>
    </listitem>

    <listitem>
     <para>
      Fix upgrade-from-unpackaged script for <filename>contrib/citext</>
      (Tom Lane)
     </para>
    </listitem>

    <listitem>
     <para>
      Fix block number checking
      in <filename>contrib/pageinspect</>'s <function>get_raw_page()</>
      (Tom Lane)
     </para>

     <para>
      The incorrect checking logic could prevent access to some pages in
      non-main relation forks.
     </para>
    </listitem>

    <listitem>
     <para>
      Fix <filename>contrib/pgcrypto</>'s <function>pgp_sym_decrypt()</>
      to not fail on messages whose length is 6 less than a power of 2
      (Marko Tiikkaja)
     </para>
    </listitem>

    <listitem>
     <para>
      Fix file descriptor leak in <filename>contrib/pg_test_fsync</>
      (Jeff Janes)
     </para>

     <para>
      This could cause failure to remove temporary files on Windows.
     </para>
    </listitem>

    <listitem>
     <para>
      Handle unexpected query results, especially NULLs, safely in
      <filename>contrib/tablefunc</>'s <function>connectby()</>
      (Michael Paquier)
     </para>

     <para>
      <function>connectby()</> previously crashed if it encountered a NULL
      key value.  It now prints that row but doesn't recurse further.
     </para>
    </listitem>

    <listitem>
     <para>
      Avoid a possible crash in <filename>contrib/xml2</>'s
      <function>xslt_process()</> (Mark Simonetti)
     </para>

     <para>
      <application>libxslt</> seems to have an undocumented dependency on
      the order in which resources are freed; reorder our calls to avoid a
      crash.
     </para>
    </listitem>

    <listitem>
     <para>
      Mark some <filename>contrib</> I/O functions with correct volatility
      properties (Tom Lane)
     </para>

     <para>
      The previous over-conservative marking was immaterial in normal use,
      but could cause optimization problems or rejection of valid index
      expression definitions.  Since the consequences are not large, we've
      just adjusted the function definitions in the extension modules'
      scripts, without changing version numbers.
     </para>
    </listitem>

    <listitem>
     <para>
      Numerous cleanups of warnings from Coverity static code analyzer
      (Andres Freund, Tatsuo Ishii, Marko Kreen, Tom Lane, Michael Paquier)
     </para>

     <para>
      These changes are mostly cosmetic but in some cases fix corner-case
      bugs, for example a crash rather than a proper error report after an
      out-of-memory failure.  None are believed to represent security
      issues.
     </para>
    </listitem>

    <listitem>
     <para>
      Detect incompatible OpenLDAP versions during build (Noah Misch)
     </para>

     <para>
      With OpenLDAP versions 2.4.24 through 2.4.31,
      inclusive, <productname>PostgreSQL</> backends can crash at exit.
      Raise a warning during <application>configure</> based on the
      compile-time OpenLDAP version number, and test the crashing scenario
      in the <filename>contrib/dblink</> regression test.
     </para>
    </listitem>

    <listitem>
     <para>
      In non-MSVC Windows builds, ensure <filename>libpq.dll</> is installed
      with execute permissions (Noah Misch)
     </para>
    </listitem>

    <listitem>
     <para>
      Make <application>pg_regress</> remove any temporary installation it
      created upon successful exit (Tom Lane)
     </para>

     <para>
      This results in a very substantial reduction in disk space usage
      during <literal>make check-world</>, since that sequence involves
      creation of numerous temporary installations.
     </para>
    </listitem>

    <listitem>
     <para>
      Support time zone abbreviations that change UTC offset from time to
      time (Tom Lane)
     </para>

     <para>
      Previously, <productname>PostgreSQL</> assumed that the UTC offset
      associated with a time zone abbreviation (such as <literal>EST</>)
      never changes in the usage of any particular locale.  However this
      assumption fails in the real world, so introduce the ability for a
      zone abbreviation to represent a UTC offset that sometimes changes.
      Update the zone abbreviation definition files to make use of this
      feature in timezone locales that have changed the UTC offset of their
      abbreviations since 1970 (according to the IANA timezone database).
      In such timezones, <productname>PostgreSQL</> will now associate the
      correct UTC offset with the abbreviation depending on the given date.
     </para>
    </listitem>

    <listitem>
     <para>
      Update time zone abbreviations lists (Tom Lane)
     </para>

     <para>
      Add CST (China Standard Time) to our lists.
      Remove references to ADT as <quote>Arabia Daylight Time</>, an
      abbreviation that's been out of use since 2007; therefore, claiming
      there is a conflict with <quote>Atlantic Daylight Time</> doesn't seem
      especially helpful.
      Fix entirely incorrect GMT offsets for CKT (Cook Islands), FJT, and FJST
      (Fiji); we didn't even have them on the proper side of the date line.
     </para>
    </listitem>

    <listitem>
     <para>
      Update time zone data files to <application>tzdata</> release 2015a.
     </para>

     <para>
      The IANA timezone database has adopted abbreviations of the form
      <literal>A<replaceable>x</>ST</literal>/<literal>A<replaceable>x</>DT</literal>
      for all Australian time zones, reflecting what they believe to be
      current majority practice Down Under.  These names do not conflict
      with usage elsewhere (other than ACST for Acre Summer Time, which has
      been in disuse since 1994).  Accordingly, adopt these names into
      our <quote>Default</> timezone abbreviation set.
      The <quote>Australia</> abbreviation set now contains only CST, EAST,
      EST, SAST, SAT, and WST, all of which are thought to be mostly
      historical usage.  Note that SAST has also been changed to be South
      Africa Standard Time in the <quote>Default</> abbreviation set.
     </para>

     <para>
      Also, add zone abbreviations SRET (Asia/Srednekolymsk) and XJT
      (Asia/Urumqi), and use WSST/WSDT for western Samoa.  Also, there were
      DST law changes in Chile, Mexico, the Turks &amp; Caicos Islands
      (America/Grand_Turk), and Fiji.  There is a new zone
      Pacific/Bougainville for portions of Papua New Guinea.  Also, numerous
      corrections for historical (pre-1970) time zone data.
     </para>
    </listitem>

   </itemizedlist>

  </sect2>
 </sect1>

4228 4229 4230 4231 4232 4233 4234 4235 4236 4237 4238 4239 4240 4241 4242 4243 4244 4245 4246 4247 4248 4249 4250 4251 4252 4253 4254 4255 4256 4257 4258 4259 4260 4261 4262 4263 4264 4265 4266 4267 4268 4269 4270 4271 4272 4273 4274 4275 4276 4277 4278 4279 4280 4281 4282 4283 4284 4285 4286 4287 4288 4289 4290 4291 4292 4293 4294 4295 4296 4297 4298 4299 4300 4301 4302 4303 4304 4305 4306 4307 4308 4309 4310 4311 4312 4313 4314 4315 4316 4317 4318 4319 4320 4321 4322 4323 4324 4325 4326 4327 4328 4329 4330 4331 4332 4333 4334 4335 4336 4337 4338 4339 4340 4341 4342 4343 4344 4345 4346 4347 4348 4349 4350 4351 4352 4353 4354 4355 4356 4357 4358 4359 4360 4361 4362 4363 4364 4365 4366 4367 4368 4369 4370 4371 4372 4373 4374 4375 4376 4377 4378 4379 4380 4381 4382 4383 4384 4385 4386 4387 4388 4389 4390 4391 4392 4393 4394 4395 4396 4397 4398 4399 4400 4401 4402 4403 4404 4405 4406 4407 4408 4409 4410 4411 4412 4413 4414 4415 4416 4417 4418 4419 4420 4421 4422 4423 4424 4425 4426 4427 4428 4429 4430 4431 4432 4433 4434 4435 4436 4437 4438 4439 4440 4441 4442 4443 4444 4445 4446 4447 4448 4449 4450 4451 4452 4453 4454 4455 4456 4457 4458 4459 4460 4461 4462 4463 4464 4465 4466 4467 4468 4469 4470 4471 4472 4473 4474 4475 4476 4477 4478 4479 4480 4481 4482 4483 4484 4485 4486 4487 4488 4489 4490 4491 4492 4493 4494 4495 4496 4497 4498 4499 4500 4501 4502 4503 4504 4505 4506 4507 4508 4509 4510 4511 4512 4513 4514 4515 4516 4517 4518 4519 4520 4521 4522 4523 4524 4525 4526 4527 4528 4529 4530 4531 4532 4533 4534 4535 4536 4537 4538 4539 4540 4541 4542 4543 4544 4545 4546 4547 4548 4549 4550 4551 4552 4553 4554 4555 4556 4557 4558 4559 4560 4561 4562 4563 4564 4565 4566 4567 4568 4569 4570 4571 4572 4573 4574 4575 4576 4577 4578 4579
 <sect1 id="release-9-2-9">
  <title>Release 9.2.9</title>

  <note>
  <title>Release Date</title>
  <simpara>2014-07-24</simpara>
  </note>

  <para>
   This release contains a variety of fixes from 9.2.8.
   For information about new features in the 9.2 major release, see
   <xref linkend="release-9-2">.
  </para>

  <sect2>
   <title>Migration to Version 9.2.9</title>

   <para>
    A dump/restore is not required for those running 9.2.X.
   </para>

   <para>
    However, this release corrects an index corruption problem in some GiST
    indexes.  See the first changelog entry below to find out whether your
    installation has been affected and what steps you should take if so.
   </para>

   <para>
    Also, if you are upgrading from a version earlier than 9.2.6,
    see <xref linkend="release-9-2-6">.
   </para>

  </sect2>

  <sect2>
   <title>Changes</title>

   <itemizedlist>

    <listitem>
     <para>
      Correctly initialize padding bytes in <filename>contrib/btree_gist</>
      indexes on <type>bit</> columns (Heikki Linnakangas)
     </para>

     <para>
      This error could result in incorrect query results due to values that
      should compare equal not being seen as equal.
      Users with GiST indexes on <type>bit</> or <type>bit varying</>
      columns should <command>REINDEX</> those indexes after installing this
      update.
     </para>
    </listitem>

    <listitem>
     <para>
      Protect against torn pages when deleting GIN list pages (Heikki
      Linnakangas)
     </para>

     <para>
      This fix prevents possible index corruption if a system crash occurs
      while the page update is being written to disk.
     </para>
    </listitem>

    <listitem>
     <para>
      Don't clear the right-link of a GiST index page while replaying
      updates from WAL (Heikki Linnakangas)
     </para>

     <para>
      This error could lead to transiently wrong answers from GiST index
      scans performed in Hot Standby.
     </para>
    </listitem>

    <listitem>
     <para>
      Fix corner-case infinite loop during insertion into an SP-GiST text
      index (Tom Lane)
     </para>
    </listitem>

    <listitem>
     <para>
      Fix feedback status when <xref linkend="guc-hot-standby-feedback"> is
      turned off on-the-fly (Simon Riggs)
     </para>
    </listitem>

    <listitem>
     <para>
      Fix possibly-incorrect cache invalidation during nested calls
      to <function>ReceiveSharedInvalidMessages</> (Andres Freund)
     </para>
    </listitem>

    <listitem>
     <para>
      Fix planner's mishandling of nested PlaceHolderVars generated in
      nested-nestloop plans (Tom Lane)
     </para>

     <para>
      This oversight could result in <quote>variable not found in subplan
      target lists</> errors, or in silently wrong query results.
     </para>
    </listitem>

    <listitem>
     <para>
      Fix <quote>could not find pathkey item to sort</> planner failures
      with <literal>UNION ALL</> over subqueries reading from tables with
      inheritance children (Tom Lane)
     </para>
    </listitem>

    <listitem>
     <para>
      Don't assume a subquery's output is unique if there's a set-returning
      function in its targetlist (David Rowley)
     </para>

     <para>
      This oversight could lead to misoptimization of constructs
      like <literal>WHERE x IN (SELECT y, generate_series(1,10) FROM t GROUP
      BY y)</literal>.
     </para>
    </listitem>

    <listitem>
     <para>
      Improve planner to drop constant-NULL inputs
      of <literal>AND</>/<literal>OR</> when possible (Tom Lane)
     </para>

     <para>
      This change fixes some cases where the more aggressive parameter
      substitution done by 9.2 and later can lead to a worse plan than
      older versions produced.
     </para>
    </listitem>

    <listitem>
     <para>
      Fix identification of input type category in <function>to_json()</>
      and friends (Tom Lane)
     </para>

     <para>
      This is known to have led to inadequate quoting of <type>money</>
      fields in the <type>JSON</> result, and there may have been wrong
      results for other data types as well.
     </para>
    </listitem>

    <listitem>
     <para>
      Fix failure to detoast fields in composite elements of structured
      types (Tom Lane)
     </para>

     <para>
      This corrects cases where TOAST pointers could be copied into other
      tables without being dereferenced.  If the original data is later
      deleted, it would lead to errors like <quote>missing chunk number 0
      for toast value ...</> when the now-dangling pointer is used.
     </para>
    </listitem>

    <listitem>
     <para>
      Fix <quote>record type has not been registered</> failures with
      whole-row references to the output of Append plan nodes (Tom Lane)
     </para>
    </listitem>

    <listitem>
     <para>
      Fix possible crash when invoking a user-defined function while
      rewinding a cursor (Tom Lane)
     </para>
    </listitem>

    <listitem>
     <para>
      Fix query-lifespan memory leak while evaluating the arguments for a
      function in <literal>FROM</> (Tom Lane)
     </para>
    </listitem>

    <listitem>
     <para>
      Fix session-lifespan memory leaks in regular-expression processing
      (Tom Lane, Arthur O'Dwyer, Greg Stark)
     </para>
    </listitem>

    <listitem>
     <para>
      Fix data encoding error in <filename>hungarian.stop</> (Tom Lane)
     </para>
    </listitem>

    <listitem>
     <para>
      Prevent foreign tables from being created with OIDS
      when <xref linkend="guc-default-with-oids"> is true
      (Etsuro Fujita)
     </para>
    </listitem>

    <listitem>
     <para>
      Fix liveness checks for rows that were inserted in the current
      transaction and then deleted by a now-rolled-back subtransaction
      (Andres Freund)
     </para>

     <para>
      This could cause problems (at least spurious warnings, and at worst an
      infinite loop) if <command>CREATE INDEX</> or <command>CLUSTER</> were
      done later in the same transaction.
     </para>
    </listitem>

    <listitem>
     <para>
      Clear <structname>pg_stat_activity</>.<structfield>xact_start</>
      during <command>PREPARE TRANSACTION</> (Andres Freund)
     </para>

     <para>
      After the <command>PREPARE</>, the originating session is no longer in
      a transaction, so it should not continue to display a transaction
      start time.
     </para>
    </listitem>

    <listitem>
     <para>
      Fix <command>REASSIGN OWNED</> to not fail for text search objects
      (&Aacute;lvaro Herrera)
     </para>
    </listitem>

    <listitem>
     <para>
      Block signals during postmaster startup (Tom Lane)
     </para>

     <para>
      This ensures that the postmaster will properly clean up after itself
      if, for example, it receives <systemitem>SIGINT</> while still
      starting up.
     </para>
    </listitem>

    <listitem>
     <para>
      Fix client host name lookup when processing <filename>pg_hba.conf</>
      entries that specify host names instead of IP addresses (Tom Lane)
     </para>

     <para>
      Ensure that reverse-DNS lookup failures are reported, instead of just
      silently not matching such entries.  Also ensure that we make only
      one reverse-DNS lookup attempt per connection, not one per host name
      entry, which is what previously happened if the lookup attempts failed.
     </para>
    </listitem>

    <listitem>
     <para>
      Allow the root user to use <literal>postgres -C variable</> and
      <literal>postgres --describe-config</> (MauMau)
     </para>

     <para>
      The prohibition on starting the server as root does not need to extend
      to these operations, and relaxing it prevents failure
      of <application>pg_ctl</> in some scenarios.
     </para>
    </listitem>

    <listitem>
     <para>
      Secure Unix-domain sockets of temporary postmasters started during
      <literal>make check</> (Noah Misch)
     </para>

     <para>
      Any local user able to access the socket file could connect as the
      server's bootstrap superuser, then proceed to execute arbitrary code as
      the operating-system user running the test, as we previously noted in
      CVE-2014-0067.  This change defends against that risk by placing the
      server's socket in a temporary, mode 0700 subdirectory
      of <filename>/tmp</>.  The hazard remains however on platforms where
      Unix sockets are not supported, notably Windows, because then the
      temporary postmaster must accept local TCP connections.
     </para>

     <para>
      A useful side effect of this change is to simplify
      <literal>make check</> testing in builds that
      override <literal>DEFAULT_PGSOCKET_DIR</>.  Popular non-default values
      like <filename>/var/run/postgresql</> are often not writable by the
      build user, requiring workarounds that will no longer be necessary.
     </para>
    </listitem>

    <listitem>
     <para>
      Fix tablespace creation WAL replay to work on Windows (MauMau)
     </para>
    </listitem>

    <listitem>
     <para>
      Fix detection of socket creation failures on Windows (Bruce Momjian)
     </para>
    </listitem>

    <listitem>
     <para>
      On Windows, allow new sessions to absorb values of PGC_BACKEND
      parameters (such as <xref linkend="guc-log-connections">) from the
      configuration file (Amit Kapila)
     </para>

     <para>
      Previously, if such a parameter were changed in the file post-startup,
      the change would have no effect.
     </para>
    </listitem>

    <listitem>
     <para>
      Properly quote executable path names on Windows (Nikhil Deshpande)
     </para>

     <para>
      This oversight could cause <application>initdb</>
      and <application>pg_upgrade</> to fail on Windows, if the installation
      path contained both spaces and <literal>@</> signs.
     </para>
    </listitem>

    <listitem>
     <para>
      Fix linking of <application>libpython</> on macOS (Tom Lane)
     </para>

     <para>
      The method we previously used can fail with the Python library
      supplied by Xcode 5.0 and later.
     </para>
    </listitem>

    <listitem>
     <para>
      Avoid buffer bloat in <application>libpq</> when the server
      consistently sends data faster than the client can absorb it
      (Shin-ichi Morita, Tom Lane)
     </para>

     <para>
      <application>libpq</> could be coerced into enlarging its input buffer
      until it runs out of memory (which would be reported misleadingly
      as <quote>lost synchronization with server</>).  Under ordinary
      circumstances it's quite far-fetched that data could be continuously
      transmitted more quickly than the <function>recv()</> loop can
      absorb it, but this has been observed when the client is artificially
      slowed by scheduler constraints.
     </para>
    </listitem>

    <listitem>
     <para>
      Ensure that LDAP lookup attempts in <application>libpq</> time out as
      intended (Laurenz Albe)
     </para>
    </listitem>

    <listitem>
     <para>
      Fix <application>ecpg</> to do the right thing when an array
      of <type>char *</> is the target for a FETCH statement returning more
      than one row, as well as some other array-handling fixes
      (Ashutosh Bapat)
     </para>
    </listitem>

    <listitem>
     <para>
      Fix <application>pg_restore</>'s processing of old-style large object
      comments (Tom Lane)
     </para>

     <para>
      A direct-to-database restore from an archive file generated by a
      pre-9.0 version of <application>pg_dump</> would usually fail if the
      archive contained more than a few comments for large objects.
     </para>
    </listitem>

    <listitem>
     <para>
      Fix <application>pg_upgrade</> for cases where the new server creates
      a TOAST table but the old version did not (Bruce Momjian)
     </para>

     <para>
      This rare situation would manifest as <quote>relation OID mismatch</>
      errors.
     </para>
    </listitem>

    <listitem>
     <para>
      Prevent <filename>contrib/auto_explain</> from changing the output of
      a user's <command>EXPLAIN</> (Tom Lane)
     </para>

     <para>
      If <filename>auto_explain</> is active, it could cause
      an <literal>EXPLAIN (ANALYZE, TIMING OFF)</> command to nonetheless
      print timing information.
     </para>
    </listitem>

    <listitem>
     <para>
      Fix query-lifespan memory leak in <filename>contrib/dblink</>
      (MauMau, Joe Conway)
     </para>
    </listitem>

    <listitem>
     <para>
      In <filename>contrib/pgcrypto</> functions, ensure sensitive
      information is cleared from stack variables before returning
      (Marko Kreen)
     </para>
    </listitem>

    <listitem>
     <para>
      Prevent use of already-freed memory in
      <filename>contrib/pgstattuple</>'s <function>pgstat_heap()</>
      (Noah Misch)
     </para>
    </listitem>

    <listitem>
     <para>
      In <filename>contrib/uuid-ossp</>, cache the state of the OSSP UUID
      library across calls (Tom Lane)
     </para>

     <para>
      This improves the efficiency of UUID generation and reduces the amount
      of entropy drawn from <filename>/dev/urandom</>, on platforms that
      have that.
     </para>
    </listitem>

    <listitem>
     <para>
      Update time zone data files to <application>tzdata</> release 2014e
      for DST law changes in Crimea, Egypt, and Morocco.
     </para>
    </listitem>

   </itemizedlist>

  </sect2>
 </sect1>

 <sect1 id="release-9-2-8">
  <title>Release 9.2.8</title>

  <note>
  <title>Release Date</title>
  <simpara>2014-03-20</simpara>
  </note>

  <para>
   This release contains a variety of fixes from 9.2.7.
   For information about new features in the 9.2 major release, see
   <xref linkend="release-9-2">.
  </para>

  <sect2>
   <title>Migration to Version 9.2.8</title>

   <para>
    A dump/restore is not required for those running 9.2.X.
   </para>

   <para>
    However, if you are upgrading from a version earlier than 9.2.6,
    see <xref linkend="release-9-2-6">.
   </para>

  </sect2>

  <sect2>
   <title>Changes</title>

   <itemizedlist>

    <listitem>
     <para>
      Restore GIN metapages unconditionally to avoid torn-page risk
      (Heikki Linnakangas)
     </para>

     <para>
      Although this oversight could theoretically result in a corrupted
      index, it is unlikely to have caused any problems in practice, since
      the active part of a GIN metapage is smaller than a standard 512-byte
      disk sector.
     </para>
    </listitem>

    <listitem>
     <para>
      Avoid race condition in checking transaction commit status during
      receipt of a <command>NOTIFY</> message (Marko Tiikkaja)
     </para>

     <para>
      This prevents a scenario wherein a sufficiently fast client might
      respond to a notification before database updates made by the
      notifier have become visible to the recipient.
     </para>
    </listitem>

    <listitem>
     <para>
      Allow regular-expression operators to be terminated early by query
      cancel requests (Tom Lane)
     </para>

     <para>
      This prevents scenarios wherein a pathological regular expression
      could lock up a server process uninterruptably for a long time.
     </para>
    </listitem>

    <listitem>
     <para>
      Remove incorrect code that tried to allow <literal>OVERLAPS</> with
      single-element row arguments (Joshua Yanovski)
     </para>

     <para>
      This code never worked correctly, and since the case is neither
      specified by the SQL standard nor documented, it seemed better to
      remove it than fix it.
     </para>
    </listitem>

    <listitem>
     <para>
      Avoid getting more than <literal>AccessShareLock</> when de-parsing a
      rule or view (Dean Rasheed)
     </para>

     <para>
      This oversight resulted in <application>pg_dump</> unexpectedly
      acquiring <literal>RowExclusiveLock</> locks on tables mentioned as
      the targets of <literal>INSERT</>/<literal>UPDATE</>/<literal>DELETE</>
      commands in rules.  While usually harmless, that could interfere with
      concurrent transactions that tried to acquire, for example,
      <literal>ShareLock</> on those tables.
     </para>
    </listitem>

    <listitem>
     <para>
      Improve performance of index endpoint probes during planning (Tom Lane)
     </para>

     <para>
      This change fixes a significant performance problem that occurred
      when there were many not-yet-committed rows at the end of the index,
      which is a common situation for indexes on sequentially-assigned
      values such as timestamps or sequence-generated identifiers.
     </para>
    </listitem>

    <listitem>
     <para>
      Fix <application>walsender</>'s failure to shut down cleanly when client
      is <application>pg_receivexlog</> (Fujii Masao)
     </para>
    </listitem>

    <listitem>
     <para>
      Check WAL level and hot standby parameters correctly when doing crash
      recovery that will be followed by archive recovery (Heikki Linnakangas)
     </para>
    </listitem>

    <listitem>
     <para>
      Fix test to see if hot standby connections can be allowed immediately
      after a crash (Heikki Linnakangas)
     </para>
    </listitem>

    <listitem>
     <para>
      Prevent interrupts while reporting non-<literal>ERROR</> messages
      (Tom Lane)
     </para>

     <para>
      This guards against rare server-process freezeups due to recursive
      entry to <function>syslog()</>, and perhaps other related problems.
     </para>
    </listitem>

    <listitem>
     <para>
      Fix memory leak in PL/Perl when returning a composite result, including
      multiple-OUT-parameter cases (Alex Hunsaker)
     </para>
    </listitem>

    <listitem>
     <para>
      Fix tracking of <application>psql</> script line numbers
      during <literal>\copy</> from out-of-line data
      (Kumar Rajeev Rastogi, Amit Khandekar)
     </para>

     <para>
      <literal>\copy ... from</> incremented the script file line number
      for each data line, even if the data was not coming from the script
      file.  This mistake resulted in wrong line numbers being reported for
      any errors occurring later in the same script file.
     </para>
    </listitem>

    <listitem>
     <para>
      Prevent intermittent <quote>could not reserve shared memory region</>
      failures on recent Windows versions (MauMau)
     </para>
    </listitem>

    <listitem>
     <para>
      Update time zone data files to <application>tzdata</> release 2014a
      for DST law changes in Fiji and Turkey, plus historical changes in
      Israel and Ukraine.
     </para>
    </listitem>

   </itemizedlist>

  </sect2>
 </sect1>

 <sect1 id="release-9-2-7">
  <title>Release 9.2.7</title>

  <note>
  <title>Release Date</title>
  <simpara>2014-02-20</simpara>
  </note>

  <para>
   This release contains a variety of fixes from 9.2.6.
   For information about new features in the 9.2 major release, see
   <xref linkend="release-9-2">.
  </para>

  <sect2>
   <title>Migration to Version 9.2.7</title>

   <para>
    A dump/restore is not required for those running 9.2.X.
   </para>

   <para>
    However, if you are upgrading from a version earlier than 9.2.6,
    see <xref linkend="release-9-2-6">.
   </para>

  </sect2>

  <sect2>
   <title>Changes</title>

   <itemizedlist>

    <listitem>
     <para>
      Shore up <literal>GRANT ... WITH ADMIN OPTION</> restrictions
      (Noah Misch)
     </para>

     <para>
      Granting a role without <literal>ADMIN OPTION</> is supposed to
      prevent the grantee from adding or removing members from the granted
      role, but this restriction was easily bypassed by doing <literal>SET
      ROLE</> first.  The security impact is mostly that a role member can
      revoke the access of others, contrary to the wishes of his grantor.
      Unapproved role member additions are a lesser concern, since an
      uncooperative role member could provide most of his rights to others
      anyway by creating views or <literal>SECURITY DEFINER</> functions.
      (CVE-2014-0060)
     </para>
    </listitem>

    <listitem>
     <para>
      Prevent privilege escalation via manual calls to PL validator
      functions (Andres Freund)
     </para>

     <para>
      The primary role of PL validator functions is to be called implicitly
      during <command>CREATE FUNCTION</>, but they are also normal SQL
      functions that a user can call explicitly.  Calling a validator on
      a function actually written in some other language was not checked
      for and could be exploited for privilege-escalation purposes.
      The fix involves adding a call to a privilege-checking function in
      each validator function.  Non-core procedural languages will also
      need to make this change to their own validator functions, if any.
      (CVE-2014-0061)
     </para>
    </listitem>

    <listitem>
     <para>
      Avoid multiple name lookups during table and index DDL
      (Robert Haas, Andres Freund)
     </para>

     <para>
      If the name lookups come to different conclusions due to concurrent
      activity, we might perform some parts of the DDL on a different table
      than other parts.  At least in the case of <command>CREATE INDEX</>,
      this can be used to cause the permissions checks to be performed
      against a different table than the index creation, allowing for a
      privilege escalation attack.
      (CVE-2014-0062)
     </para>
    </listitem>

    <listitem>
     <para>
      Prevent buffer overrun with long datetime strings (Noah Misch)
     </para>

     <para>
      The <literal>MAXDATELEN</> constant was too small for the longest
      possible value of type <type>interval</>, allowing a buffer overrun
      in <function>interval_out()</>.  Although the datetime input
      functions were more careful about avoiding buffer overrun, the limit
      was short enough to cause them to reject some valid inputs, such as
      input containing a very long timezone name.  The <application>ecpg</>
      library contained these vulnerabilities along with some of its own.
      (CVE-2014-0063)
     </para>