Linuxeden开源社区
PostgreSQL 10.3, 9.6.8, 9.5.12, 9.4.17 和 9.3.22 全系列更新发布。本次更新主要是解决 CVE-2018-1058 漏洞,对该漏洞的描述为,用户可在不同的 schema 中创建 like-named 对象,而这些 schema 会改变其他用户查询的行为并导致意外或恶意的行为发生,即我们常说的木马攻击。
其他 Bug 修复和改进:
- Prevent logical replication from trying to replicate changes for unpublishable relations, such as materialized views and the “information_schema” tables
- Fix for a common table expression (WITH clause) returning correct results when being referenced in a subplan where there are concurrent-update rechecks
- Fix for an unexpected query planner error in certain cases where there are overlapping merge join clauses in an OUTER JOIN.
- Fix for potential data corruption with materialized views after running pg_upgrade. If receiving errors such as “could not access status of transaction” or “found xmin from before relfrozenxid” on materialized views, please use “REFRESH MATERIALIZED VIEW” without “CONCURRENTLY” to fix.
- Several fix for pg_dump, including a fix to help with the future work of cross-table statistics
- Fix for reporting a PL/Python stack trace relative to inner PL/Python functions
- Allow contrib/auto_explain to range up to INT_MAX, which is about 24 days
- Mark assorted configuration variables as PGDLLIMPORT, to ease porting extension modules to Windows
官方新闻:https://www.postgresql.org/about/news/1834/
下载地址:https://www.postgresql.org/download/
转自 http://www.oschina.net/news/93820/postgresql-10-3-and-9-6-8-released