E.166. Release 8.2.2

[Note]

Release Date

2007-02-05

This release contains a variety of fixes from 8.2.1, including a security fix. For information about new features in the 8.2 major release, see Section E.168, « Release 8.2 ».

E.166.1. Migration to Version 8.2.2

A dump/restore is not required for those running 8.2.X.

E.166.2. Changes

  • Remove security vulnerabilities that allowed connected users to read backend memory (Tom)

    The vulnerabilities involve suppressing the normal check that a SQL function returns the data type it's declared to, and changing the data type of a table column (CVE-2007-0555, CVE-2007-0556). These errors can easily be exploited to cause a backend crash, and in principle might be used to read database content that the user should not be able to access.

  • Fix not-so-rare-anymore bug wherein btree index page splits could fail due to choosing an infeasible split point (Heikki Linnakangas)

  • Fix Borland C compile scripts (L Bayuk)

  • Properly handle to_char('CC') for years ending in 00 (Tom)

    Year 2000 is in the twentieth century, not the twenty-first.

  • /contrib/tsearch2 localization improvements (Tatsuo, Teodor)

  • Fix incorrect permission check in information_schema.key_column_usage view (Tom)

    The symptom is « relation with OID nnnnn does not exist » errors. To get this fix without using initdb, use CREATE OR REPLACE VIEW to install the corrected definition found in share/information_schema.sql. Note you will need to do this in each database.

  • Improve VACUUM performance for databases with many tables (Tom)

  • Fix for rare Assert() crash triggered by UNION (Tom)

  • Fix potentially incorrect results from index searches using ROW inequality conditions (Tom)

  • Tighten security of multi-byte character processing for UTF8 sequences over three bytes long (Tom)

  • Fix bogus « permission denied » failures occurring on Windows due to attempts to fsync already-deleted files (Magnus, Tom)

  • Fix bug that could cause the statistics collector to hang on Windows (Magnus)

    This would in turn lead to autovacuum not working.

  • Fix possible crashes when an already-in-use PL/pgSQL function is updated (Tom)

  • Improve PL/pgSQL handling of domain types (Sergiy Vyshnevetskiy, Tom)

  • Fix possible errors in processing PL/pgSQL exception blocks (Tom)