supported versions of our database system, including 9.6.5, 9.5.9,
9.4.14, 9.3.19, and 9.2.23.
This release includes fixes that prevent a crash in pg_restore when
using parallel mode. It also patches over a few other bugs reported
since the last releases in August.
Additionally, in 9.4.14 only, there is a fix to an issue with walsenders
preventing primary-server shutdown unless immediate shutdown mode is used.
Users should plan to update at the next convenient downtime.
Bug Fixes and Improvements
This update also fixes a number of bugs reported in the last few weeks.
Some of these issues affect only version 9.6, but many affect all
supported versions:
* Show foreign tables in information_schema.table_privileges view.
This fix applies to new databases, see the release notes for the
procedure to apply the fix to an existing database.
* Correctly identify columns that are of a range type or domain type
over a composite type or domain type being searched for
* Prevent crash when passing fixed-length pass-by-reference data types
to parallel worker processes
* Change ecpg’s parser to allow RETURNING clauses without attached C
variables
* Change ecpg’s parser to recognize backslash continuation of C
preprocessor command lines
* Improve selection of compiler flags for PL/Perl on Windows
Two security issues have been fixed in this release which affect users
of specific PostgreSQL features:
CVE-2015-5289: json or jsonb input values constructed from arbitrary
user input can crash the PostgreSQL server and cause a denial of
service.
CVE-2015-5288: The crypt( function included with the optional pgCrypto
extension could be exploited to read a few additional bytes of memory.
No working exploit for this issue has been developed.
This update will also disable SSL renegotiation by default;
previously, it was enabled by default. SSL renegotiation will be
removed entirely in PostgreSQL versions 9.5 and later.
URL: http://www.postgresql.org/about/news/1615/
Security: CVE-2015-5288 CVE-2015-5289
release of PostgreSQL 9.4, the latest version of the world's leading
open source database, is available today. This beta contains previews
of all of the features which will be available in version 9.4, and is
ready for testing by the worldwide PostgreSQL community. Please
download, test, and report what you find.
Major Features
--------------
The new major features available for testing in this beta include:
* JSONB: 9.4 includes the new JSONB "binary JSON" type. This new
storage format for document data is higher-performance, and comes with
indexing, functions and operators for manipulating JSON data.
* Replication: The new Data Change Streaming API allows decoding and
transformation of the replication stream. This lays the foundation
for new replication tools that support high-speed and more flexible
replication and scale-out solutions.
* Materialized Views with "Refresh Concurrently", which permit
fast-response background summary reports for complex data.
* ALTER SYSTEM SET, which enables modifications to postgresql.conf
from the SQL command line and from remote clients, easing
administration tasks.
