E.206. Release 8.0.13

[Note]

Release Date

2007-04-23

This release contains a variety of fixes from 8.0.12, including a security fix. For information about new features in the 8.0 major release, see Section E.219, « Release 8.0 ».

E.206.1. Migration to Version 8.0.13

A dump/restore is not required for those running 8.0.X. However, if you are upgrading from a version earlier than 8.0.6, see Section E.213, « Release 8.0.6 ».

E.206.2. Changes

  • Support explicit placement of the temporary-table schema within search_path, and disable searching it for functions and operators (Tom)

    This is needed to allow a security-definer function to set a truly secure value of search_path. Without it, an unprivileged SQL user can use temporary objects to execute code with the privileges of the security-definer function (CVE-2007-2138). See CREATE FUNCTION for more information.

  • /contrib/tsearch2 crash fixes (Teodor)

  • Fix potential-data-corruption bug in how VACUUM FULL handles UPDATE chains (Tom, Pavan Deolasee)

  • Fix PANIC during enlargement of a hash index (bug introduced in 8.0.10) (Tom)

  • Fix POSIX-style timezone specs to follow new USA DST rules (Tom)