improve 8.3 doc limitations paragraph.

non-contrib command-line tools (no longer in a single table display).

Alvaro

Stefan Kaltenbrunner

now used for other things than just ident authentication.

Noted by Stephen Frost

Fujii Masao

This allows the index to reference the pg_notify() subsection specifically,
rather than Notes section of the NOTIFY reference page more generally.

Fujii Masao

This avoids a formatting problem in the PDF output.  In the HTML output this
isn't necessary, but we've done similar things elsewhere in the documentation
so I think it's OK to do it here, too.  I've refrained from breaking a longish
error message which also causes problems for the PDF output, because that would
make the HTML output look wrong.

Erik Rijkers

Erik Rijkers

interactions with filtering switches, such as -n and -t.  Per a complaint
from Russell Smith.

EDB must maintain their own patch set for this.

Security: CVE-2010-1169, CVE-2010-1170

"supplementary storage table".

that is a regular table or view owned by a superuser.  This prevents a
trojan horse attack whereby any unprivileged SQL user could create such a
table and insert code into it that would then get executed in other users'
sessions whenever they call pltcl functions.

Worse yet, because the code was automatically loaded into both the "normal"
and "safe" interpreters at first use, the attacker could execute unrestricted
Tcl code in the "normal" interpreter without there being any pltclu functions
anywhere, or indeed anyone else using pltcl at all: installing pltcl is
sufficient to open the hole.  Change the initialization logic so that the
"unknown" code is only loaded into an interpreter when the interpreter is
first really used.  (That doesn't add any additional security in this
particular context, but it seems a prudent change, and anyway the former
behavior violated the principle of least astonishment.)

Security: CVE-2010-1170

fundamentally insecure. Instead apply an opmask to the whole interpreter that
imposes restrictions on unsafe operations. These restrictions are much harder
to subvert than is Safe.pm, since there is no container to be broken out of.
Backported to release 7.4.

In releases 7.4, 8.0 and 8.1 this also includes the necessary backporting of
the two interpreters model for plperl and plperlu adopted in release 8.2.

In versions 8.0 and up, the use of Perl's POSIX module to undo its locale
mangling on Windows has become insecure with these changes, so it is
replaced by our own routine, which is also faster.

Nice side effects of the changes include that it is now possible to use perl's
"strict" pragma in a natural way in plperl, and that perl's $a and
$b variables now work as expected in sort routines, and that function
compilation is significantly faster.

Tim Bunce and Andrew Dunstan, with reviews from Alex Hunsaker and
Alexey Klyukin.

Security: CVE-2010-1169

Thom Brown

(pg_upgrade_support).

7.4.29.

Add documentation.

Supports migration from PG 8.3 and 8.4.

As suggested by Andy Lester.

Noted by KOIZUMI Satoru.

form a hierarchy. Per Simon's suggestion.

what "eventually consistent" means.

the PITR documentation to mention that you need to set wal_level to
'archive' or 'hot_standby', to enable WAL archiving. Per Simon's request.

for all other parameters where the default is expressed in a different unit.

MaxStandbyDelay.  Use the GUC units mechanism for the value, and choose more
appropriate timestamp functions for performing tests with it.  Make the
ps_activity manipulation in ResolveRecoveryConflictWithVirtualXIDs have
behavior similar to ps_activity code elsewhere, notably not updating the
display when update_process_title is off and not truncating the display
contents at an arbitrarily-chosen length.  Improve the docs to be explicit
about what MaxStandbyDelay actually measures, viz the difference between
primary and standby servers' clocks, and the possible hazards if their clocks
aren't in sync.