diff --git a/doc/src/sgml/release.sgml b/doc/src/sgml/release.sgml index 1421fdfa5b8759d30236b1862079bc760dee8bb7..a183bfaa0f0ad70c5fccd3e76c4652832f1d6cf8 100644 --- a/doc/src/sgml/release.sgml +++ b/doc/src/sgml/release.sgml @@ -1,10 +1,77 @@ Release Notes + + Release 8.0.1 + + + Release date + 2005-01-31 + + + + This release contains a variety of fixes from 8.0.0, including several + security-related issues. + + + + Migration to version 8.0.1 + + + A dump/restore is not required for those running 8.0.0. + + + + + Changes + + +Disallow LOAD to non-superusers + +On platforms that will automatically execute initialization functions of a +shared library (this includes at least Windows and ELF-based Unixen), +LOAD can be used to make the server execute arbitrary code. +Thanks to NGS Software for reporting this. +Check that creator of an aggregate function has the right to +execute the specified transition functions + +This oversight made it possible to bypass denial of EXECUTE +permission on a function. +Fix security and 64-bit issues in +contrib/intagg +Add needed STRICT marking to some contrib functions (Kris +Jurka) +Avoid buffer overrun when plpgsql cursor declaration has too +many parameters (Neil) +Make ALTER TABLE ADD COLUMN enforce domain +constraints in all cases +Fix planning error for FULL and RIGHT outer joins + +The result of the join was mistakenly supposed to be sorted the same as the +left input. This could not only deliver mis-sorted output to the user, but +in case of nested merge joins could give outright wrong answers. + +Improve planning of grouped aggregate queries +ROLLBACK TO savepoint +closes cursors created since the savepoint +Fix inadequate backend stack size on Windows +Avoid SHGetSpecialFolderPath() on Windows +(Magnus) +Fix some problems in running pg_autovacuum as a Windows +service (Dave Page) +Multiple minor bug fixes in +pg_dump/pg_restore +Fix ecpg segfault with named structs used in +typedefs (Michael) + + + + + Release 8.0 @@ -2339,6 +2406,64 @@ $PostgreSQL: pgsql/doc/src/sgml/release.sgml,v 1.324 2005/01/23 00:30:18 momjian + + + + + Release 7.4.7 + + + Release date + 2005-01-31 + + + + This release contains a variety of fixes from 7.4.6, including several + security-related issues. + + + + Migration to version 7.4.7 + + + A dump/restore is not required for those running 7.4.X. + + + + + Changes + + +Disallow LOAD to non-superusers + +On platforms that will automatically execute initialization functions of a +shared library (this includes at least Windows and ELF-based Unixen), +LOAD can be used to make the server execute arbitrary code. +Thanks to NGS Software for reporting this. +Check that creator of an aggregate function has the right to +execute the specified transition functions + +This oversight made it possible to bypass denial of EXECUTE +permission on a function. +Fix security and 64-bit issues in +contrib/intagg +Add needed STRICT marking to some contrib functions (Kris +Jurka) +Avoid buffer overrun when plpgsql cursor declaration has too +many parameters (Neil) +Fix planning error for FULL and RIGHT outer joins + +The result of the join was mistakenly supposed to be sorted the same as the +left input. This could not only deliver mis-sorted output to the user, but +in case of nested merge joins could give outright wrong answers. + +Fix plperl for quote marks in tuple fields +Fix display of negative intervals in SQL and GERMAN +datestyles +Make age(timestamptz) do calculation in local timezone not +GMT + + @@ -4665,6 +4790,62 @@ DROP SCHEMA information_schema CASCADE; + + Release 7.3.9 + + + Release date + 2005-01-31 + + + + This release contains a variety of fixes from 7.3.8, including several + security-related issues. + + + + Migration to version 7.3.9 + + + A dump/restore is not required for those running 7.3.X. + + + + + Changes + + +Disallow LOAD to non-superusers + +On platforms that will automatically execute initialization functions of a +shared library (this includes at least Windows and ELF-based Unixen), +LOAD can be used to make the server execute arbitrary code. +Thanks to NGS Software for reporting this. +Check that creator of an aggregate function has the right to +execute the specified transition functions + +This oversight made it possible to bypass denial of EXECUTE +permission on a function. +Fix security and 64-bit issues in +contrib/intagg +Add needed STRICT marking to some contrib functions (Kris +Jurka) +Avoid buffer overrun when plpgsql cursor declaration has too +many parameters (Neil) +Fix planning error for FULL and RIGHT outer joins + +The result of the join was mistakenly supposed to be sorted the same as the +left input. This could not only deliver mis-sorted output to the user, but +in case of nested merge joins could give outright wrong answers. + +Fix plperl for quote marks in tuple fields +Fix display of negative intervals in SQL and GERMAN +datestyles + + + + + Release 7.3.8 @@ -5770,6 +5951,54 @@ operations on bytea columns (Joe) + + Release 7.2.7 + + + Release date + 2005-01-31 + + + + This release contains a variety of fixes from 7.2.6, including several + security-related issues. + + + + Migration to version 7.2.7 + + + A dump/restore is not required for those running 7.2.X. + + + + + Changes + + +Disallow LOAD to non-superusers + +On platforms that will automatically execute initialization functions of a +shared library (this includes at least Windows and ELF-based Unixen), +LOAD can be used to make the server execute arbitrary code. +Thanks to NGS Software for reporting this. +Add needed STRICT marking to some contrib functions (Kris +Jurka) +Avoid buffer overrun when plpgsql cursor declaration has too +many parameters (Neil) +Fix planning error for FULL and RIGHT outer joins + +The result of the join was mistakenly supposed to be sorted the same as the +left input. This could not only deliver mis-sorted output to the user, but +in case of nested merge joins could give outright wrong answers. + +Fix display of negative intervals in SQL and GERMAN +datestyles + + + + + Release 7.2.6